1// Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT.
2
3package iam
4
5import (
6	"fmt"
7	"time"
8
9	"github.com/aws/aws-sdk-go/aws"
10	"github.com/aws/aws-sdk-go/aws/awsutil"
11	"github.com/aws/aws-sdk-go/aws/request"
12	"github.com/aws/aws-sdk-go/private/protocol"
13	"github.com/aws/aws-sdk-go/private/protocol/query"
14)
15
16const opAddClientIDToOpenIDConnectProvider = "AddClientIDToOpenIDConnectProvider"
17
18// AddClientIDToOpenIDConnectProviderRequest generates a "aws/request.Request" representing the
19// client's request for the AddClientIDToOpenIDConnectProvider operation. The "output" return
20// value will be populated with the request's response once the request completes
21// successfully.
22//
23// Use "Send" method on the returned Request to send the API call to the service.
24// the "output" return value is not valid until after Send returns without error.
25//
26// See AddClientIDToOpenIDConnectProvider for more information on using the AddClientIDToOpenIDConnectProvider
27// API call, and error handling.
28//
29// This method is useful when you want to inject custom logic or configuration
30// into the SDK's request lifecycle. Such as custom headers, or retry logic.
31//
32//
33//    // Example sending a request using the AddClientIDToOpenIDConnectProviderRequest method.
34//    req, resp := client.AddClientIDToOpenIDConnectProviderRequest(params)
35//
36//    err := req.Send()
37//    if err == nil { // resp is now filled
38//        fmt.Println(resp)
39//    }
40//
41// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/AddClientIDToOpenIDConnectProvider
42func (c *IAM) AddClientIDToOpenIDConnectProviderRequest(input *AddClientIDToOpenIDConnectProviderInput) (req *request.Request, output *AddClientIDToOpenIDConnectProviderOutput) {
43	op := &request.Operation{
44		Name:       opAddClientIDToOpenIDConnectProvider,
45		HTTPMethod: "POST",
46		HTTPPath:   "/",
47	}
48
49	if input == nil {
50		input = &AddClientIDToOpenIDConnectProviderInput{}
51	}
52
53	output = &AddClientIDToOpenIDConnectProviderOutput{}
54	req = c.newRequest(op, input, output)
55	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
56	return
57}
58
59// AddClientIDToOpenIDConnectProvider API operation for AWS Identity and Access Management.
60//
61// Adds a new client ID (also known as audience) to the list of client IDs already
62// registered for the specified IAM OpenID Connect (OIDC) provider resource.
63//
64// This operation is idempotent; it does not fail or return an error if you
65// add an existing client ID to the provider.
66//
67// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
68// with awserr.Error's Code and Message methods to get detailed information about
69// the error.
70//
71// See the AWS API reference guide for AWS Identity and Access Management's
72// API operation AddClientIDToOpenIDConnectProvider for usage and error information.
73//
74// Returned Error Codes:
75//   * ErrCodeInvalidInputException "InvalidInput"
76//   The request was rejected because an invalid or out-of-range value was supplied
77//   for an input parameter.
78//
79//   * ErrCodeNoSuchEntityException "NoSuchEntity"
80//   The request was rejected because it referenced a resource entity that does
81//   not exist. The error message describes the resource.
82//
83//   * ErrCodeLimitExceededException "LimitExceeded"
84//   The request was rejected because it attempted to create resources beyond
85//   the current AWS account limits. The error message describes the limit exceeded.
86//
87//   * ErrCodeServiceFailureException "ServiceFailure"
88//   The request processing has failed because of an unknown error, exception
89//   or failure.
90//
91// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/AddClientIDToOpenIDConnectProvider
92func (c *IAM) AddClientIDToOpenIDConnectProvider(input *AddClientIDToOpenIDConnectProviderInput) (*AddClientIDToOpenIDConnectProviderOutput, error) {
93	req, out := c.AddClientIDToOpenIDConnectProviderRequest(input)
94	return out, req.Send()
95}
96
97// AddClientIDToOpenIDConnectProviderWithContext is the same as AddClientIDToOpenIDConnectProvider with the addition of
98// the ability to pass a context and additional request options.
99//
100// See AddClientIDToOpenIDConnectProvider for details on how to use this API operation.
101//
102// The context must be non-nil and will be used for request cancellation. If
103// the context is nil a panic will occur. In the future the SDK may create
104// sub-contexts for http.Requests. See https://golang.org/pkg/context/
105// for more information on using Contexts.
106func (c *IAM) AddClientIDToOpenIDConnectProviderWithContext(ctx aws.Context, input *AddClientIDToOpenIDConnectProviderInput, opts ...request.Option) (*AddClientIDToOpenIDConnectProviderOutput, error) {
107	req, out := c.AddClientIDToOpenIDConnectProviderRequest(input)
108	req.SetContext(ctx)
109	req.ApplyOptions(opts...)
110	return out, req.Send()
111}
112
113const opAddRoleToInstanceProfile = "AddRoleToInstanceProfile"
114
115// AddRoleToInstanceProfileRequest generates a "aws/request.Request" representing the
116// client's request for the AddRoleToInstanceProfile operation. The "output" return
117// value will be populated with the request's response once the request completes
118// successfully.
119//
120// Use "Send" method on the returned Request to send the API call to the service.
121// the "output" return value is not valid until after Send returns without error.
122//
123// See AddRoleToInstanceProfile for more information on using the AddRoleToInstanceProfile
124// API call, and error handling.
125//
126// This method is useful when you want to inject custom logic or configuration
127// into the SDK's request lifecycle. Such as custom headers, or retry logic.
128//
129//
130//    // Example sending a request using the AddRoleToInstanceProfileRequest method.
131//    req, resp := client.AddRoleToInstanceProfileRequest(params)
132//
133//    err := req.Send()
134//    if err == nil { // resp is now filled
135//        fmt.Println(resp)
136//    }
137//
138// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/AddRoleToInstanceProfile
139func (c *IAM) AddRoleToInstanceProfileRequest(input *AddRoleToInstanceProfileInput) (req *request.Request, output *AddRoleToInstanceProfileOutput) {
140	op := &request.Operation{
141		Name:       opAddRoleToInstanceProfile,
142		HTTPMethod: "POST",
143		HTTPPath:   "/",
144	}
145
146	if input == nil {
147		input = &AddRoleToInstanceProfileInput{}
148	}
149
150	output = &AddRoleToInstanceProfileOutput{}
151	req = c.newRequest(op, input, output)
152	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
153	return
154}
155
156// AddRoleToInstanceProfile API operation for AWS Identity and Access Management.
157//
158// Adds the specified IAM role to the specified instance profile. An instance
159// profile can contain only one role, and this quota cannot be increased. You
160// can remove the existing role and then add a different role to an instance
161// profile. You must then wait for the change to appear across all of AWS because
162// of eventual consistency (https://en.wikipedia.org/wiki/Eventual_consistency).
163// To force the change, you must disassociate the instance profile (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DisassociateIamInstanceProfile.html)
164// and then associate the instance profile (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AssociateIamInstanceProfile.html),
165// or you can stop your instance and then restart it.
166//
167// The caller of this operation must be granted the PassRole permission on the
168// IAM role by a permissions policy.
169//
170// For more information about roles, see Working with roles (https://docs.aws.amazon.com/IAM/latest/UserGuide/WorkingWithRoles.html).
171// For more information about instance profiles, see About instance profiles
172// (https://docs.aws.amazon.com/IAM/latest/UserGuide/AboutInstanceProfiles.html).
173//
174// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
175// with awserr.Error's Code and Message methods to get detailed information about
176// the error.
177//
178// See the AWS API reference guide for AWS Identity and Access Management's
179// API operation AddRoleToInstanceProfile for usage and error information.
180//
181// Returned Error Codes:
182//   * ErrCodeNoSuchEntityException "NoSuchEntity"
183//   The request was rejected because it referenced a resource entity that does
184//   not exist. The error message describes the resource.
185//
186//   * ErrCodeEntityAlreadyExistsException "EntityAlreadyExists"
187//   The request was rejected because it attempted to create a resource that already
188//   exists.
189//
190//   * ErrCodeLimitExceededException "LimitExceeded"
191//   The request was rejected because it attempted to create resources beyond
192//   the current AWS account limits. The error message describes the limit exceeded.
193//
194//   * ErrCodeUnmodifiableEntityException "UnmodifiableEntity"
195//   The request was rejected because only the service that depends on the service-linked
196//   role can modify or delete the role on your behalf. The error message includes
197//   the name of the service that depends on this service-linked role. You must
198//   request the change through that service.
199//
200//   * ErrCodeServiceFailureException "ServiceFailure"
201//   The request processing has failed because of an unknown error, exception
202//   or failure.
203//
204// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/AddRoleToInstanceProfile
205func (c *IAM) AddRoleToInstanceProfile(input *AddRoleToInstanceProfileInput) (*AddRoleToInstanceProfileOutput, error) {
206	req, out := c.AddRoleToInstanceProfileRequest(input)
207	return out, req.Send()
208}
209
210// AddRoleToInstanceProfileWithContext is the same as AddRoleToInstanceProfile with the addition of
211// the ability to pass a context and additional request options.
212//
213// See AddRoleToInstanceProfile for details on how to use this API operation.
214//
215// The context must be non-nil and will be used for request cancellation. If
216// the context is nil a panic will occur. In the future the SDK may create
217// sub-contexts for http.Requests. See https://golang.org/pkg/context/
218// for more information on using Contexts.
219func (c *IAM) AddRoleToInstanceProfileWithContext(ctx aws.Context, input *AddRoleToInstanceProfileInput, opts ...request.Option) (*AddRoleToInstanceProfileOutput, error) {
220	req, out := c.AddRoleToInstanceProfileRequest(input)
221	req.SetContext(ctx)
222	req.ApplyOptions(opts...)
223	return out, req.Send()
224}
225
226const opAddUserToGroup = "AddUserToGroup"
227
228// AddUserToGroupRequest generates a "aws/request.Request" representing the
229// client's request for the AddUserToGroup operation. The "output" return
230// value will be populated with the request's response once the request completes
231// successfully.
232//
233// Use "Send" method on the returned Request to send the API call to the service.
234// the "output" return value is not valid until after Send returns without error.
235//
236// See AddUserToGroup for more information on using the AddUserToGroup
237// API call, and error handling.
238//
239// This method is useful when you want to inject custom logic or configuration
240// into the SDK's request lifecycle. Such as custom headers, or retry logic.
241//
242//
243//    // Example sending a request using the AddUserToGroupRequest method.
244//    req, resp := client.AddUserToGroupRequest(params)
245//
246//    err := req.Send()
247//    if err == nil { // resp is now filled
248//        fmt.Println(resp)
249//    }
250//
251// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/AddUserToGroup
252func (c *IAM) AddUserToGroupRequest(input *AddUserToGroupInput) (req *request.Request, output *AddUserToGroupOutput) {
253	op := &request.Operation{
254		Name:       opAddUserToGroup,
255		HTTPMethod: "POST",
256		HTTPPath:   "/",
257	}
258
259	if input == nil {
260		input = &AddUserToGroupInput{}
261	}
262
263	output = &AddUserToGroupOutput{}
264	req = c.newRequest(op, input, output)
265	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
266	return
267}
268
269// AddUserToGroup API operation for AWS Identity and Access Management.
270//
271// Adds the specified user to the specified group.
272//
273// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
274// with awserr.Error's Code and Message methods to get detailed information about
275// the error.
276//
277// See the AWS API reference guide for AWS Identity and Access Management's
278// API operation AddUserToGroup for usage and error information.
279//
280// Returned Error Codes:
281//   * ErrCodeNoSuchEntityException "NoSuchEntity"
282//   The request was rejected because it referenced a resource entity that does
283//   not exist. The error message describes the resource.
284//
285//   * ErrCodeLimitExceededException "LimitExceeded"
286//   The request was rejected because it attempted to create resources beyond
287//   the current AWS account limits. The error message describes the limit exceeded.
288//
289//   * ErrCodeServiceFailureException "ServiceFailure"
290//   The request processing has failed because of an unknown error, exception
291//   or failure.
292//
293// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/AddUserToGroup
294func (c *IAM) AddUserToGroup(input *AddUserToGroupInput) (*AddUserToGroupOutput, error) {
295	req, out := c.AddUserToGroupRequest(input)
296	return out, req.Send()
297}
298
299// AddUserToGroupWithContext is the same as AddUserToGroup with the addition of
300// the ability to pass a context and additional request options.
301//
302// See AddUserToGroup for details on how to use this API operation.
303//
304// The context must be non-nil and will be used for request cancellation. If
305// the context is nil a panic will occur. In the future the SDK may create
306// sub-contexts for http.Requests. See https://golang.org/pkg/context/
307// for more information on using Contexts.
308func (c *IAM) AddUserToGroupWithContext(ctx aws.Context, input *AddUserToGroupInput, opts ...request.Option) (*AddUserToGroupOutput, error) {
309	req, out := c.AddUserToGroupRequest(input)
310	req.SetContext(ctx)
311	req.ApplyOptions(opts...)
312	return out, req.Send()
313}
314
315const opAttachGroupPolicy = "AttachGroupPolicy"
316
317// AttachGroupPolicyRequest generates a "aws/request.Request" representing the
318// client's request for the AttachGroupPolicy operation. The "output" return
319// value will be populated with the request's response once the request completes
320// successfully.
321//
322// Use "Send" method on the returned Request to send the API call to the service.
323// the "output" return value is not valid until after Send returns without error.
324//
325// See AttachGroupPolicy for more information on using the AttachGroupPolicy
326// API call, and error handling.
327//
328// This method is useful when you want to inject custom logic or configuration
329// into the SDK's request lifecycle. Such as custom headers, or retry logic.
330//
331//
332//    // Example sending a request using the AttachGroupPolicyRequest method.
333//    req, resp := client.AttachGroupPolicyRequest(params)
334//
335//    err := req.Send()
336//    if err == nil { // resp is now filled
337//        fmt.Println(resp)
338//    }
339//
340// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/AttachGroupPolicy
341func (c *IAM) AttachGroupPolicyRequest(input *AttachGroupPolicyInput) (req *request.Request, output *AttachGroupPolicyOutput) {
342	op := &request.Operation{
343		Name:       opAttachGroupPolicy,
344		HTTPMethod: "POST",
345		HTTPPath:   "/",
346	}
347
348	if input == nil {
349		input = &AttachGroupPolicyInput{}
350	}
351
352	output = &AttachGroupPolicyOutput{}
353	req = c.newRequest(op, input, output)
354	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
355	return
356}
357
358// AttachGroupPolicy API operation for AWS Identity and Access Management.
359//
360// Attaches the specified managed policy to the specified IAM group.
361//
362// You use this operation to attach a managed policy to a group. To embed an
363// inline policy in a group, use PutGroupPolicy.
364//
365// As a best practice, you can validate your IAM policies. To learn more, see
366// Validating IAM policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_policy-validator.html)
367// in the IAM User Guide.
368//
369// For more information about policies, see Managed policies and inline policies
370// (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
371// in the IAM User Guide.
372//
373// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
374// with awserr.Error's Code and Message methods to get detailed information about
375// the error.
376//
377// See the AWS API reference guide for AWS Identity and Access Management's
378// API operation AttachGroupPolicy for usage and error information.
379//
380// Returned Error Codes:
381//   * ErrCodeNoSuchEntityException "NoSuchEntity"
382//   The request was rejected because it referenced a resource entity that does
383//   not exist. The error message describes the resource.
384//
385//   * ErrCodeLimitExceededException "LimitExceeded"
386//   The request was rejected because it attempted to create resources beyond
387//   the current AWS account limits. The error message describes the limit exceeded.
388//
389//   * ErrCodeInvalidInputException "InvalidInput"
390//   The request was rejected because an invalid or out-of-range value was supplied
391//   for an input parameter.
392//
393//   * ErrCodePolicyNotAttachableException "PolicyNotAttachable"
394//   The request failed because AWS service role policies can only be attached
395//   to the service-linked role for that service.
396//
397//   * ErrCodeServiceFailureException "ServiceFailure"
398//   The request processing has failed because of an unknown error, exception
399//   or failure.
400//
401// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/AttachGroupPolicy
402func (c *IAM) AttachGroupPolicy(input *AttachGroupPolicyInput) (*AttachGroupPolicyOutput, error) {
403	req, out := c.AttachGroupPolicyRequest(input)
404	return out, req.Send()
405}
406
407// AttachGroupPolicyWithContext is the same as AttachGroupPolicy with the addition of
408// the ability to pass a context and additional request options.
409//
410// See AttachGroupPolicy for details on how to use this API operation.
411//
412// The context must be non-nil and will be used for request cancellation. If
413// the context is nil a panic will occur. In the future the SDK may create
414// sub-contexts for http.Requests. See https://golang.org/pkg/context/
415// for more information on using Contexts.
416func (c *IAM) AttachGroupPolicyWithContext(ctx aws.Context, input *AttachGroupPolicyInput, opts ...request.Option) (*AttachGroupPolicyOutput, error) {
417	req, out := c.AttachGroupPolicyRequest(input)
418	req.SetContext(ctx)
419	req.ApplyOptions(opts...)
420	return out, req.Send()
421}
422
423const opAttachRolePolicy = "AttachRolePolicy"
424
425// AttachRolePolicyRequest generates a "aws/request.Request" representing the
426// client's request for the AttachRolePolicy operation. The "output" return
427// value will be populated with the request's response once the request completes
428// successfully.
429//
430// Use "Send" method on the returned Request to send the API call to the service.
431// the "output" return value is not valid until after Send returns without error.
432//
433// See AttachRolePolicy for more information on using the AttachRolePolicy
434// API call, and error handling.
435//
436// This method is useful when you want to inject custom logic or configuration
437// into the SDK's request lifecycle. Such as custom headers, or retry logic.
438//
439//
440//    // Example sending a request using the AttachRolePolicyRequest method.
441//    req, resp := client.AttachRolePolicyRequest(params)
442//
443//    err := req.Send()
444//    if err == nil { // resp is now filled
445//        fmt.Println(resp)
446//    }
447//
448// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/AttachRolePolicy
449func (c *IAM) AttachRolePolicyRequest(input *AttachRolePolicyInput) (req *request.Request, output *AttachRolePolicyOutput) {
450	op := &request.Operation{
451		Name:       opAttachRolePolicy,
452		HTTPMethod: "POST",
453		HTTPPath:   "/",
454	}
455
456	if input == nil {
457		input = &AttachRolePolicyInput{}
458	}
459
460	output = &AttachRolePolicyOutput{}
461	req = c.newRequest(op, input, output)
462	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
463	return
464}
465
466// AttachRolePolicy API operation for AWS Identity and Access Management.
467//
468// Attaches the specified managed policy to the specified IAM role. When you
469// attach a managed policy to a role, the managed policy becomes part of the
470// role's permission (access) policy.
471//
472// You cannot use a managed policy as the role's trust policy. The role's trust
473// policy is created at the same time as the role, using CreateRole. You can
474// update a role's trust policy using UpdateAssumeRolePolicy.
475//
476// Use this operation to attach a managed policy to a role. To embed an inline
477// policy in a role, use PutRolePolicy. For more information about policies,
478// see Managed policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
479// in the IAM User Guide.
480//
481// As a best practice, you can validate your IAM policies. To learn more, see
482// Validating IAM policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_policy-validator.html)
483// in the IAM User Guide.
484//
485// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
486// with awserr.Error's Code and Message methods to get detailed information about
487// the error.
488//
489// See the AWS API reference guide for AWS Identity and Access Management's
490// API operation AttachRolePolicy for usage and error information.
491//
492// Returned Error Codes:
493//   * ErrCodeNoSuchEntityException "NoSuchEntity"
494//   The request was rejected because it referenced a resource entity that does
495//   not exist. The error message describes the resource.
496//
497//   * ErrCodeLimitExceededException "LimitExceeded"
498//   The request was rejected because it attempted to create resources beyond
499//   the current AWS account limits. The error message describes the limit exceeded.
500//
501//   * ErrCodeInvalidInputException "InvalidInput"
502//   The request was rejected because an invalid or out-of-range value was supplied
503//   for an input parameter.
504//
505//   * ErrCodeUnmodifiableEntityException "UnmodifiableEntity"
506//   The request was rejected because only the service that depends on the service-linked
507//   role can modify or delete the role on your behalf. The error message includes
508//   the name of the service that depends on this service-linked role. You must
509//   request the change through that service.
510//
511//   * ErrCodePolicyNotAttachableException "PolicyNotAttachable"
512//   The request failed because AWS service role policies can only be attached
513//   to the service-linked role for that service.
514//
515//   * ErrCodeServiceFailureException "ServiceFailure"
516//   The request processing has failed because of an unknown error, exception
517//   or failure.
518//
519// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/AttachRolePolicy
520func (c *IAM) AttachRolePolicy(input *AttachRolePolicyInput) (*AttachRolePolicyOutput, error) {
521	req, out := c.AttachRolePolicyRequest(input)
522	return out, req.Send()
523}
524
525// AttachRolePolicyWithContext is the same as AttachRolePolicy with the addition of
526// the ability to pass a context and additional request options.
527//
528// See AttachRolePolicy for details on how to use this API operation.
529//
530// The context must be non-nil and will be used for request cancellation. If
531// the context is nil a panic will occur. In the future the SDK may create
532// sub-contexts for http.Requests. See https://golang.org/pkg/context/
533// for more information on using Contexts.
534func (c *IAM) AttachRolePolicyWithContext(ctx aws.Context, input *AttachRolePolicyInput, opts ...request.Option) (*AttachRolePolicyOutput, error) {
535	req, out := c.AttachRolePolicyRequest(input)
536	req.SetContext(ctx)
537	req.ApplyOptions(opts...)
538	return out, req.Send()
539}
540
541const opAttachUserPolicy = "AttachUserPolicy"
542
543// AttachUserPolicyRequest generates a "aws/request.Request" representing the
544// client's request for the AttachUserPolicy operation. The "output" return
545// value will be populated with the request's response once the request completes
546// successfully.
547//
548// Use "Send" method on the returned Request to send the API call to the service.
549// the "output" return value is not valid until after Send returns without error.
550//
551// See AttachUserPolicy for more information on using the AttachUserPolicy
552// API call, and error handling.
553//
554// This method is useful when you want to inject custom logic or configuration
555// into the SDK's request lifecycle. Such as custom headers, or retry logic.
556//
557//
558//    // Example sending a request using the AttachUserPolicyRequest method.
559//    req, resp := client.AttachUserPolicyRequest(params)
560//
561//    err := req.Send()
562//    if err == nil { // resp is now filled
563//        fmt.Println(resp)
564//    }
565//
566// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/AttachUserPolicy
567func (c *IAM) AttachUserPolicyRequest(input *AttachUserPolicyInput) (req *request.Request, output *AttachUserPolicyOutput) {
568	op := &request.Operation{
569		Name:       opAttachUserPolicy,
570		HTTPMethod: "POST",
571		HTTPPath:   "/",
572	}
573
574	if input == nil {
575		input = &AttachUserPolicyInput{}
576	}
577
578	output = &AttachUserPolicyOutput{}
579	req = c.newRequest(op, input, output)
580	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
581	return
582}
583
584// AttachUserPolicy API operation for AWS Identity and Access Management.
585//
586// Attaches the specified managed policy to the specified user.
587//
588// You use this operation to attach a managed policy to a user. To embed an
589// inline policy in a user, use PutUserPolicy.
590//
591// As a best practice, you can validate your IAM policies. To learn more, see
592// Validating IAM policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_policy-validator.html)
593// in the IAM User Guide.
594//
595// For more information about policies, see Managed policies and inline policies
596// (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
597// in the IAM User Guide.
598//
599// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
600// with awserr.Error's Code and Message methods to get detailed information about
601// the error.
602//
603// See the AWS API reference guide for AWS Identity and Access Management's
604// API operation AttachUserPolicy for usage and error information.
605//
606// Returned Error Codes:
607//   * ErrCodeNoSuchEntityException "NoSuchEntity"
608//   The request was rejected because it referenced a resource entity that does
609//   not exist. The error message describes the resource.
610//
611//   * ErrCodeLimitExceededException "LimitExceeded"
612//   The request was rejected because it attempted to create resources beyond
613//   the current AWS account limits. The error message describes the limit exceeded.
614//
615//   * ErrCodeInvalidInputException "InvalidInput"
616//   The request was rejected because an invalid or out-of-range value was supplied
617//   for an input parameter.
618//
619//   * ErrCodePolicyNotAttachableException "PolicyNotAttachable"
620//   The request failed because AWS service role policies can only be attached
621//   to the service-linked role for that service.
622//
623//   * ErrCodeServiceFailureException "ServiceFailure"
624//   The request processing has failed because of an unknown error, exception
625//   or failure.
626//
627// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/AttachUserPolicy
628func (c *IAM) AttachUserPolicy(input *AttachUserPolicyInput) (*AttachUserPolicyOutput, error) {
629	req, out := c.AttachUserPolicyRequest(input)
630	return out, req.Send()
631}
632
633// AttachUserPolicyWithContext is the same as AttachUserPolicy with the addition of
634// the ability to pass a context and additional request options.
635//
636// See AttachUserPolicy for details on how to use this API operation.
637//
638// The context must be non-nil and will be used for request cancellation. If
639// the context is nil a panic will occur. In the future the SDK may create
640// sub-contexts for http.Requests. See https://golang.org/pkg/context/
641// for more information on using Contexts.
642func (c *IAM) AttachUserPolicyWithContext(ctx aws.Context, input *AttachUserPolicyInput, opts ...request.Option) (*AttachUserPolicyOutput, error) {
643	req, out := c.AttachUserPolicyRequest(input)
644	req.SetContext(ctx)
645	req.ApplyOptions(opts...)
646	return out, req.Send()
647}
648
649const opChangePassword = "ChangePassword"
650
651// ChangePasswordRequest generates a "aws/request.Request" representing the
652// client's request for the ChangePassword operation. The "output" return
653// value will be populated with the request's response once the request completes
654// successfully.
655//
656// Use "Send" method on the returned Request to send the API call to the service.
657// the "output" return value is not valid until after Send returns without error.
658//
659// See ChangePassword for more information on using the ChangePassword
660// API call, and error handling.
661//
662// This method is useful when you want to inject custom logic or configuration
663// into the SDK's request lifecycle. Such as custom headers, or retry logic.
664//
665//
666//    // Example sending a request using the ChangePasswordRequest method.
667//    req, resp := client.ChangePasswordRequest(params)
668//
669//    err := req.Send()
670//    if err == nil { // resp is now filled
671//        fmt.Println(resp)
672//    }
673//
674// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ChangePassword
675func (c *IAM) ChangePasswordRequest(input *ChangePasswordInput) (req *request.Request, output *ChangePasswordOutput) {
676	op := &request.Operation{
677		Name:       opChangePassword,
678		HTTPMethod: "POST",
679		HTTPPath:   "/",
680	}
681
682	if input == nil {
683		input = &ChangePasswordInput{}
684	}
685
686	output = &ChangePasswordOutput{}
687	req = c.newRequest(op, input, output)
688	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
689	return
690}
691
692// ChangePassword API operation for AWS Identity and Access Management.
693//
694// Changes the password of the IAM user who is calling this operation. This
695// operation can be performed using the AWS CLI, the AWS API, or the My Security
696// Credentials page in the AWS Management Console. The AWS account root user
697// password is not affected by this operation.
698//
699// Use UpdateLoginProfile to use the AWS CLI, the AWS API, or the Users page
700// in the IAM console to change the password for any IAM user. For more information
701// about modifying passwords, see Managing passwords (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_ManagingLogins.html)
702// in the IAM User Guide.
703//
704// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
705// with awserr.Error's Code and Message methods to get detailed information about
706// the error.
707//
708// See the AWS API reference guide for AWS Identity and Access Management's
709// API operation ChangePassword for usage and error information.
710//
711// Returned Error Codes:
712//   * ErrCodeNoSuchEntityException "NoSuchEntity"
713//   The request was rejected because it referenced a resource entity that does
714//   not exist. The error message describes the resource.
715//
716//   * ErrCodeInvalidUserTypeException "InvalidUserType"
717//   The request was rejected because the type of user for the transaction was
718//   incorrect.
719//
720//   * ErrCodeLimitExceededException "LimitExceeded"
721//   The request was rejected because it attempted to create resources beyond
722//   the current AWS account limits. The error message describes the limit exceeded.
723//
724//   * ErrCodeEntityTemporarilyUnmodifiableException "EntityTemporarilyUnmodifiable"
725//   The request was rejected because it referenced an entity that is temporarily
726//   unmodifiable, such as a user name that was deleted and then recreated. The
727//   error indicates that the request is likely to succeed if you try again after
728//   waiting several minutes. The error message describes the entity.
729//
730//   * ErrCodePasswordPolicyViolationException "PasswordPolicyViolation"
731//   The request was rejected because the provided password did not meet the requirements
732//   imposed by the account password policy.
733//
734//   * ErrCodeServiceFailureException "ServiceFailure"
735//   The request processing has failed because of an unknown error, exception
736//   or failure.
737//
738// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ChangePassword
739func (c *IAM) ChangePassword(input *ChangePasswordInput) (*ChangePasswordOutput, error) {
740	req, out := c.ChangePasswordRequest(input)
741	return out, req.Send()
742}
743
744// ChangePasswordWithContext is the same as ChangePassword with the addition of
745// the ability to pass a context and additional request options.
746//
747// See ChangePassword for details on how to use this API operation.
748//
749// The context must be non-nil and will be used for request cancellation. If
750// the context is nil a panic will occur. In the future the SDK may create
751// sub-contexts for http.Requests. See https://golang.org/pkg/context/
752// for more information on using Contexts.
753func (c *IAM) ChangePasswordWithContext(ctx aws.Context, input *ChangePasswordInput, opts ...request.Option) (*ChangePasswordOutput, error) {
754	req, out := c.ChangePasswordRequest(input)
755	req.SetContext(ctx)
756	req.ApplyOptions(opts...)
757	return out, req.Send()
758}
759
760const opCreateAccessKey = "CreateAccessKey"
761
762// CreateAccessKeyRequest generates a "aws/request.Request" representing the
763// client's request for the CreateAccessKey operation. The "output" return
764// value will be populated with the request's response once the request completes
765// successfully.
766//
767// Use "Send" method on the returned Request to send the API call to the service.
768// the "output" return value is not valid until after Send returns without error.
769//
770// See CreateAccessKey for more information on using the CreateAccessKey
771// API call, and error handling.
772//
773// This method is useful when you want to inject custom logic or configuration
774// into the SDK's request lifecycle. Such as custom headers, or retry logic.
775//
776//
777//    // Example sending a request using the CreateAccessKeyRequest method.
778//    req, resp := client.CreateAccessKeyRequest(params)
779//
780//    err := req.Send()
781//    if err == nil { // resp is now filled
782//        fmt.Println(resp)
783//    }
784//
785// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateAccessKey
786func (c *IAM) CreateAccessKeyRequest(input *CreateAccessKeyInput) (req *request.Request, output *CreateAccessKeyOutput) {
787	op := &request.Operation{
788		Name:       opCreateAccessKey,
789		HTTPMethod: "POST",
790		HTTPPath:   "/",
791	}
792
793	if input == nil {
794		input = &CreateAccessKeyInput{}
795	}
796
797	output = &CreateAccessKeyOutput{}
798	req = c.newRequest(op, input, output)
799	return
800}
801
802// CreateAccessKey API operation for AWS Identity and Access Management.
803//
804// Creates a new AWS secret access key and corresponding AWS access key ID for
805// the specified user. The default status for new keys is Active.
806//
807// If you do not specify a user name, IAM determines the user name implicitly
808// based on the AWS access key ID signing the request. This operation works
809// for access keys under the AWS account. Consequently, you can use this operation
810// to manage AWS account root user credentials. This is true even if the AWS
811// account has no associated users.
812//
813// For information about quotas on the number of keys you can create, see IAM
814// and STS quotas (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html)
815// in the IAM User Guide.
816//
817// To ensure the security of your AWS account, the secret access key is accessible
818// only during key and user creation. You must save the key (for example, in
819// a text file) if you want to be able to access it again. If a secret key is
820// lost, you can delete the access keys for the associated user and then create
821// new keys.
822//
823// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
824// with awserr.Error's Code and Message methods to get detailed information about
825// the error.
826//
827// See the AWS API reference guide for AWS Identity and Access Management's
828// API operation CreateAccessKey for usage and error information.
829//
830// Returned Error Codes:
831//   * ErrCodeNoSuchEntityException "NoSuchEntity"
832//   The request was rejected because it referenced a resource entity that does
833//   not exist. The error message describes the resource.
834//
835//   * ErrCodeLimitExceededException "LimitExceeded"
836//   The request was rejected because it attempted to create resources beyond
837//   the current AWS account limits. The error message describes the limit exceeded.
838//
839//   * ErrCodeServiceFailureException "ServiceFailure"
840//   The request processing has failed because of an unknown error, exception
841//   or failure.
842//
843// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateAccessKey
844func (c *IAM) CreateAccessKey(input *CreateAccessKeyInput) (*CreateAccessKeyOutput, error) {
845	req, out := c.CreateAccessKeyRequest(input)
846	return out, req.Send()
847}
848
849// CreateAccessKeyWithContext is the same as CreateAccessKey with the addition of
850// the ability to pass a context and additional request options.
851//
852// See CreateAccessKey for details on how to use this API operation.
853//
854// The context must be non-nil and will be used for request cancellation. If
855// the context is nil a panic will occur. In the future the SDK may create
856// sub-contexts for http.Requests. See https://golang.org/pkg/context/
857// for more information on using Contexts.
858func (c *IAM) CreateAccessKeyWithContext(ctx aws.Context, input *CreateAccessKeyInput, opts ...request.Option) (*CreateAccessKeyOutput, error) {
859	req, out := c.CreateAccessKeyRequest(input)
860	req.SetContext(ctx)
861	req.ApplyOptions(opts...)
862	return out, req.Send()
863}
864
865const opCreateAccountAlias = "CreateAccountAlias"
866
867// CreateAccountAliasRequest generates a "aws/request.Request" representing the
868// client's request for the CreateAccountAlias operation. The "output" return
869// value will be populated with the request's response once the request completes
870// successfully.
871//
872// Use "Send" method on the returned Request to send the API call to the service.
873// the "output" return value is not valid until after Send returns without error.
874//
875// See CreateAccountAlias for more information on using the CreateAccountAlias
876// API call, and error handling.
877//
878// This method is useful when you want to inject custom logic or configuration
879// into the SDK's request lifecycle. Such as custom headers, or retry logic.
880//
881//
882//    // Example sending a request using the CreateAccountAliasRequest method.
883//    req, resp := client.CreateAccountAliasRequest(params)
884//
885//    err := req.Send()
886//    if err == nil { // resp is now filled
887//        fmt.Println(resp)
888//    }
889//
890// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateAccountAlias
891func (c *IAM) CreateAccountAliasRequest(input *CreateAccountAliasInput) (req *request.Request, output *CreateAccountAliasOutput) {
892	op := &request.Operation{
893		Name:       opCreateAccountAlias,
894		HTTPMethod: "POST",
895		HTTPPath:   "/",
896	}
897
898	if input == nil {
899		input = &CreateAccountAliasInput{}
900	}
901
902	output = &CreateAccountAliasOutput{}
903	req = c.newRequest(op, input, output)
904	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
905	return
906}
907
908// CreateAccountAlias API operation for AWS Identity and Access Management.
909//
910// Creates an alias for your AWS account. For information about using an AWS
911// account alias, see Using an alias for your AWS account ID (https://docs.aws.amazon.com/IAM/latest/UserGuide/AccountAlias.html)
912// in the IAM User Guide.
913//
914// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
915// with awserr.Error's Code and Message methods to get detailed information about
916// the error.
917//
918// See the AWS API reference guide for AWS Identity and Access Management's
919// API operation CreateAccountAlias for usage and error information.
920//
921// Returned Error Codes:
922//   * ErrCodeEntityAlreadyExistsException "EntityAlreadyExists"
923//   The request was rejected because it attempted to create a resource that already
924//   exists.
925//
926//   * ErrCodeLimitExceededException "LimitExceeded"
927//   The request was rejected because it attempted to create resources beyond
928//   the current AWS account limits. The error message describes the limit exceeded.
929//
930//   * ErrCodeServiceFailureException "ServiceFailure"
931//   The request processing has failed because of an unknown error, exception
932//   or failure.
933//
934// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateAccountAlias
935func (c *IAM) CreateAccountAlias(input *CreateAccountAliasInput) (*CreateAccountAliasOutput, error) {
936	req, out := c.CreateAccountAliasRequest(input)
937	return out, req.Send()
938}
939
940// CreateAccountAliasWithContext is the same as CreateAccountAlias with the addition of
941// the ability to pass a context and additional request options.
942//
943// See CreateAccountAlias for details on how to use this API operation.
944//
945// The context must be non-nil and will be used for request cancellation. If
946// the context is nil a panic will occur. In the future the SDK may create
947// sub-contexts for http.Requests. See https://golang.org/pkg/context/
948// for more information on using Contexts.
949func (c *IAM) CreateAccountAliasWithContext(ctx aws.Context, input *CreateAccountAliasInput, opts ...request.Option) (*CreateAccountAliasOutput, error) {
950	req, out := c.CreateAccountAliasRequest(input)
951	req.SetContext(ctx)
952	req.ApplyOptions(opts...)
953	return out, req.Send()
954}
955
956const opCreateGroup = "CreateGroup"
957
958// CreateGroupRequest generates a "aws/request.Request" representing the
959// client's request for the CreateGroup operation. The "output" return
960// value will be populated with the request's response once the request completes
961// successfully.
962//
963// Use "Send" method on the returned Request to send the API call to the service.
964// the "output" return value is not valid until after Send returns without error.
965//
966// See CreateGroup for more information on using the CreateGroup
967// API call, and error handling.
968//
969// This method is useful when you want to inject custom logic or configuration
970// into the SDK's request lifecycle. Such as custom headers, or retry logic.
971//
972//
973//    // Example sending a request using the CreateGroupRequest method.
974//    req, resp := client.CreateGroupRequest(params)
975//
976//    err := req.Send()
977//    if err == nil { // resp is now filled
978//        fmt.Println(resp)
979//    }
980//
981// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateGroup
982func (c *IAM) CreateGroupRequest(input *CreateGroupInput) (req *request.Request, output *CreateGroupOutput) {
983	op := &request.Operation{
984		Name:       opCreateGroup,
985		HTTPMethod: "POST",
986		HTTPPath:   "/",
987	}
988
989	if input == nil {
990		input = &CreateGroupInput{}
991	}
992
993	output = &CreateGroupOutput{}
994	req = c.newRequest(op, input, output)
995	return
996}
997
998// CreateGroup API operation for AWS Identity and Access Management.
999//
1000// Creates a new group.
1001//
1002// For information about the number of groups you can create, see IAM and STS
1003// quotas (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html)
1004// in the IAM User Guide.
1005//
1006// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
1007// with awserr.Error's Code and Message methods to get detailed information about
1008// the error.
1009//
1010// See the AWS API reference guide for AWS Identity and Access Management's
1011// API operation CreateGroup for usage and error information.
1012//
1013// Returned Error Codes:
1014//   * ErrCodeLimitExceededException "LimitExceeded"
1015//   The request was rejected because it attempted to create resources beyond
1016//   the current AWS account limits. The error message describes the limit exceeded.
1017//
1018//   * ErrCodeEntityAlreadyExistsException "EntityAlreadyExists"
1019//   The request was rejected because it attempted to create a resource that already
1020//   exists.
1021//
1022//   * ErrCodeNoSuchEntityException "NoSuchEntity"
1023//   The request was rejected because it referenced a resource entity that does
1024//   not exist. The error message describes the resource.
1025//
1026//   * ErrCodeServiceFailureException "ServiceFailure"
1027//   The request processing has failed because of an unknown error, exception
1028//   or failure.
1029//
1030// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateGroup
1031func (c *IAM) CreateGroup(input *CreateGroupInput) (*CreateGroupOutput, error) {
1032	req, out := c.CreateGroupRequest(input)
1033	return out, req.Send()
1034}
1035
1036// CreateGroupWithContext is the same as CreateGroup with the addition of
1037// the ability to pass a context and additional request options.
1038//
1039// See CreateGroup for details on how to use this API operation.
1040//
1041// The context must be non-nil and will be used for request cancellation. If
1042// the context is nil a panic will occur. In the future the SDK may create
1043// sub-contexts for http.Requests. See https://golang.org/pkg/context/
1044// for more information on using Contexts.
1045func (c *IAM) CreateGroupWithContext(ctx aws.Context, input *CreateGroupInput, opts ...request.Option) (*CreateGroupOutput, error) {
1046	req, out := c.CreateGroupRequest(input)
1047	req.SetContext(ctx)
1048	req.ApplyOptions(opts...)
1049	return out, req.Send()
1050}
1051
1052const opCreateInstanceProfile = "CreateInstanceProfile"
1053
1054// CreateInstanceProfileRequest generates a "aws/request.Request" representing the
1055// client's request for the CreateInstanceProfile operation. The "output" return
1056// value will be populated with the request's response once the request completes
1057// successfully.
1058//
1059// Use "Send" method on the returned Request to send the API call to the service.
1060// the "output" return value is not valid until after Send returns without error.
1061//
1062// See CreateInstanceProfile for more information on using the CreateInstanceProfile
1063// API call, and error handling.
1064//
1065// This method is useful when you want to inject custom logic or configuration
1066// into the SDK's request lifecycle. Such as custom headers, or retry logic.
1067//
1068//
1069//    // Example sending a request using the CreateInstanceProfileRequest method.
1070//    req, resp := client.CreateInstanceProfileRequest(params)
1071//
1072//    err := req.Send()
1073//    if err == nil { // resp is now filled
1074//        fmt.Println(resp)
1075//    }
1076//
1077// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateInstanceProfile
1078func (c *IAM) CreateInstanceProfileRequest(input *CreateInstanceProfileInput) (req *request.Request, output *CreateInstanceProfileOutput) {
1079	op := &request.Operation{
1080		Name:       opCreateInstanceProfile,
1081		HTTPMethod: "POST",
1082		HTTPPath:   "/",
1083	}
1084
1085	if input == nil {
1086		input = &CreateInstanceProfileInput{}
1087	}
1088
1089	output = &CreateInstanceProfileOutput{}
1090	req = c.newRequest(op, input, output)
1091	return
1092}
1093
1094// CreateInstanceProfile API operation for AWS Identity and Access Management.
1095//
1096// Creates a new instance profile. For information about instance profiles,
1097// see Using roles for applications on Amazon EC2 (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use_switch-role-ec2.html)
1098// in the IAM User Guide, and Instance profiles (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/iam-roles-for-amazon-ec2.html#ec2-instance-profile)
1099// in the Amazon EC2 User Guide.
1100//
1101// For information about the number of instance profiles you can create, see
1102// IAM object quotas (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html)
1103// in the IAM User Guide.
1104//
1105// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
1106// with awserr.Error's Code and Message methods to get detailed information about
1107// the error.
1108//
1109// See the AWS API reference guide for AWS Identity and Access Management's
1110// API operation CreateInstanceProfile for usage and error information.
1111//
1112// Returned Error Codes:
1113//   * ErrCodeEntityAlreadyExistsException "EntityAlreadyExists"
1114//   The request was rejected because it attempted to create a resource that already
1115//   exists.
1116//
1117//   * ErrCodeInvalidInputException "InvalidInput"
1118//   The request was rejected because an invalid or out-of-range value was supplied
1119//   for an input parameter.
1120//
1121//   * ErrCodeLimitExceededException "LimitExceeded"
1122//   The request was rejected because it attempted to create resources beyond
1123//   the current AWS account limits. The error message describes the limit exceeded.
1124//
1125//   * ErrCodeConcurrentModificationException "ConcurrentModification"
1126//   The request was rejected because multiple requests to change this object
1127//   were submitted simultaneously. Wait a few minutes and submit your request
1128//   again.
1129//
1130//   * ErrCodeServiceFailureException "ServiceFailure"
1131//   The request processing has failed because of an unknown error, exception
1132//   or failure.
1133//
1134// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateInstanceProfile
1135func (c *IAM) CreateInstanceProfile(input *CreateInstanceProfileInput) (*CreateInstanceProfileOutput, error) {
1136	req, out := c.CreateInstanceProfileRequest(input)
1137	return out, req.Send()
1138}
1139
1140// CreateInstanceProfileWithContext is the same as CreateInstanceProfile with the addition of
1141// the ability to pass a context and additional request options.
1142//
1143// See CreateInstanceProfile for details on how to use this API operation.
1144//
1145// The context must be non-nil and will be used for request cancellation. If
1146// the context is nil a panic will occur. In the future the SDK may create
1147// sub-contexts for http.Requests. See https://golang.org/pkg/context/
1148// for more information on using Contexts.
1149func (c *IAM) CreateInstanceProfileWithContext(ctx aws.Context, input *CreateInstanceProfileInput, opts ...request.Option) (*CreateInstanceProfileOutput, error) {
1150	req, out := c.CreateInstanceProfileRequest(input)
1151	req.SetContext(ctx)
1152	req.ApplyOptions(opts...)
1153	return out, req.Send()
1154}
1155
1156const opCreateLoginProfile = "CreateLoginProfile"
1157
1158// CreateLoginProfileRequest generates a "aws/request.Request" representing the
1159// client's request for the CreateLoginProfile operation. The "output" return
1160// value will be populated with the request's response once the request completes
1161// successfully.
1162//
1163// Use "Send" method on the returned Request to send the API call to the service.
1164// the "output" return value is not valid until after Send returns without error.
1165//
1166// See CreateLoginProfile for more information on using the CreateLoginProfile
1167// API call, and error handling.
1168//
1169// This method is useful when you want to inject custom logic or configuration
1170// into the SDK's request lifecycle. Such as custom headers, or retry logic.
1171//
1172//
1173//    // Example sending a request using the CreateLoginProfileRequest method.
1174//    req, resp := client.CreateLoginProfileRequest(params)
1175//
1176//    err := req.Send()
1177//    if err == nil { // resp is now filled
1178//        fmt.Println(resp)
1179//    }
1180//
1181// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateLoginProfile
1182func (c *IAM) CreateLoginProfileRequest(input *CreateLoginProfileInput) (req *request.Request, output *CreateLoginProfileOutput) {
1183	op := &request.Operation{
1184		Name:       opCreateLoginProfile,
1185		HTTPMethod: "POST",
1186		HTTPPath:   "/",
1187	}
1188
1189	if input == nil {
1190		input = &CreateLoginProfileInput{}
1191	}
1192
1193	output = &CreateLoginProfileOutput{}
1194	req = c.newRequest(op, input, output)
1195	return
1196}
1197
1198// CreateLoginProfile API operation for AWS Identity and Access Management.
1199//
1200// Creates a password for the specified IAM user. A password allows an IAM user
1201// to access AWS services through the AWS Management Console.
1202//
1203// You can use the AWS CLI, the AWS API, or the Users page in the IAM console
1204// to create a password for any IAM user. Use ChangePassword to update your
1205// own existing password in the My Security Credentials page in the AWS Management
1206// Console.
1207//
1208// For more information about managing passwords, see Managing passwords (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_ManagingLogins.html)
1209// in the IAM User Guide.
1210//
1211// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
1212// with awserr.Error's Code and Message methods to get detailed information about
1213// the error.
1214//
1215// See the AWS API reference guide for AWS Identity and Access Management's
1216// API operation CreateLoginProfile for usage and error information.
1217//
1218// Returned Error Codes:
1219//   * ErrCodeEntityAlreadyExistsException "EntityAlreadyExists"
1220//   The request was rejected because it attempted to create a resource that already
1221//   exists.
1222//
1223//   * ErrCodeNoSuchEntityException "NoSuchEntity"
1224//   The request was rejected because it referenced a resource entity that does
1225//   not exist. The error message describes the resource.
1226//
1227//   * ErrCodePasswordPolicyViolationException "PasswordPolicyViolation"
1228//   The request was rejected because the provided password did not meet the requirements
1229//   imposed by the account password policy.
1230//
1231//   * ErrCodeLimitExceededException "LimitExceeded"
1232//   The request was rejected because it attempted to create resources beyond
1233//   the current AWS account limits. The error message describes the limit exceeded.
1234//
1235//   * ErrCodeServiceFailureException "ServiceFailure"
1236//   The request processing has failed because of an unknown error, exception
1237//   or failure.
1238//
1239// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateLoginProfile
1240func (c *IAM) CreateLoginProfile(input *CreateLoginProfileInput) (*CreateLoginProfileOutput, error) {
1241	req, out := c.CreateLoginProfileRequest(input)
1242	return out, req.Send()
1243}
1244
1245// CreateLoginProfileWithContext is the same as CreateLoginProfile with the addition of
1246// the ability to pass a context and additional request options.
1247//
1248// See CreateLoginProfile for details on how to use this API operation.
1249//
1250// The context must be non-nil and will be used for request cancellation. If
1251// the context is nil a panic will occur. In the future the SDK may create
1252// sub-contexts for http.Requests. See https://golang.org/pkg/context/
1253// for more information on using Contexts.
1254func (c *IAM) CreateLoginProfileWithContext(ctx aws.Context, input *CreateLoginProfileInput, opts ...request.Option) (*CreateLoginProfileOutput, error) {
1255	req, out := c.CreateLoginProfileRequest(input)
1256	req.SetContext(ctx)
1257	req.ApplyOptions(opts...)
1258	return out, req.Send()
1259}
1260
1261const opCreateOpenIDConnectProvider = "CreateOpenIDConnectProvider"
1262
1263// CreateOpenIDConnectProviderRequest generates a "aws/request.Request" representing the
1264// client's request for the CreateOpenIDConnectProvider operation. The "output" return
1265// value will be populated with the request's response once the request completes
1266// successfully.
1267//
1268// Use "Send" method on the returned Request to send the API call to the service.
1269// the "output" return value is not valid until after Send returns without error.
1270//
1271// See CreateOpenIDConnectProvider for more information on using the CreateOpenIDConnectProvider
1272// API call, and error handling.
1273//
1274// This method is useful when you want to inject custom logic or configuration
1275// into the SDK's request lifecycle. Such as custom headers, or retry logic.
1276//
1277//
1278//    // Example sending a request using the CreateOpenIDConnectProviderRequest method.
1279//    req, resp := client.CreateOpenIDConnectProviderRequest(params)
1280//
1281//    err := req.Send()
1282//    if err == nil { // resp is now filled
1283//        fmt.Println(resp)
1284//    }
1285//
1286// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateOpenIDConnectProvider
1287func (c *IAM) CreateOpenIDConnectProviderRequest(input *CreateOpenIDConnectProviderInput) (req *request.Request, output *CreateOpenIDConnectProviderOutput) {
1288	op := &request.Operation{
1289		Name:       opCreateOpenIDConnectProvider,
1290		HTTPMethod: "POST",
1291		HTTPPath:   "/",
1292	}
1293
1294	if input == nil {
1295		input = &CreateOpenIDConnectProviderInput{}
1296	}
1297
1298	output = &CreateOpenIDConnectProviderOutput{}
1299	req = c.newRequest(op, input, output)
1300	return
1301}
1302
1303// CreateOpenIDConnectProvider API operation for AWS Identity and Access Management.
1304//
1305// Creates an IAM entity to describe an identity provider (IdP) that supports
1306// OpenID Connect (OIDC) (http://openid.net/connect/).
1307//
1308// The OIDC provider that you create with this operation can be used as a principal
1309// in a role's trust policy. Such a policy establishes a trust relationship
1310// between AWS and the OIDC provider.
1311//
1312// When you create the IAM OIDC provider, you specify the following:
1313//
1314//    * The URL of the OIDC identity provider (IdP) to trust
1315//
1316//    * A list of client IDs (also known as audiences) that identify the application
1317//    or applications that are allowed to authenticate using the OIDC provider
1318//
1319//    * A list of thumbprints of one or more server certificates that the IdP
1320//    uses
1321//
1322// You get all of this information from the OIDC IdP that you want to use to
1323// access AWS.
1324//
1325// The trust for the OIDC provider is derived from the IAM provider that this
1326// operation creates. Therefore, it is best to limit access to the CreateOpenIDConnectProvider
1327// operation to highly privileged users.
1328//
1329// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
1330// with awserr.Error's Code and Message methods to get detailed information about
1331// the error.
1332//
1333// See the AWS API reference guide for AWS Identity and Access Management's
1334// API operation CreateOpenIDConnectProvider for usage and error information.
1335//
1336// Returned Error Codes:
1337//   * ErrCodeInvalidInputException "InvalidInput"
1338//   The request was rejected because an invalid or out-of-range value was supplied
1339//   for an input parameter.
1340//
1341//   * ErrCodeEntityAlreadyExistsException "EntityAlreadyExists"
1342//   The request was rejected because it attempted to create a resource that already
1343//   exists.
1344//
1345//   * ErrCodeLimitExceededException "LimitExceeded"
1346//   The request was rejected because it attempted to create resources beyond
1347//   the current AWS account limits. The error message describes the limit exceeded.
1348//
1349//   * ErrCodeConcurrentModificationException "ConcurrentModification"
1350//   The request was rejected because multiple requests to change this object
1351//   were submitted simultaneously. Wait a few minutes and submit your request
1352//   again.
1353//
1354//   * ErrCodeServiceFailureException "ServiceFailure"
1355//   The request processing has failed because of an unknown error, exception
1356//   or failure.
1357//
1358// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateOpenIDConnectProvider
1359func (c *IAM) CreateOpenIDConnectProvider(input *CreateOpenIDConnectProviderInput) (*CreateOpenIDConnectProviderOutput, error) {
1360	req, out := c.CreateOpenIDConnectProviderRequest(input)
1361	return out, req.Send()
1362}
1363
1364// CreateOpenIDConnectProviderWithContext is the same as CreateOpenIDConnectProvider with the addition of
1365// the ability to pass a context and additional request options.
1366//
1367// See CreateOpenIDConnectProvider for details on how to use this API operation.
1368//
1369// The context must be non-nil and will be used for request cancellation. If
1370// the context is nil a panic will occur. In the future the SDK may create
1371// sub-contexts for http.Requests. See https://golang.org/pkg/context/
1372// for more information on using Contexts.
1373func (c *IAM) CreateOpenIDConnectProviderWithContext(ctx aws.Context, input *CreateOpenIDConnectProviderInput, opts ...request.Option) (*CreateOpenIDConnectProviderOutput, error) {
1374	req, out := c.CreateOpenIDConnectProviderRequest(input)
1375	req.SetContext(ctx)
1376	req.ApplyOptions(opts...)
1377	return out, req.Send()
1378}
1379
1380const opCreatePolicy = "CreatePolicy"
1381
1382// CreatePolicyRequest generates a "aws/request.Request" representing the
1383// client's request for the CreatePolicy operation. The "output" return
1384// value will be populated with the request's response once the request completes
1385// successfully.
1386//
1387// Use "Send" method on the returned Request to send the API call to the service.
1388// the "output" return value is not valid until after Send returns without error.
1389//
1390// See CreatePolicy for more information on using the CreatePolicy
1391// API call, and error handling.
1392//
1393// This method is useful when you want to inject custom logic or configuration
1394// into the SDK's request lifecycle. Such as custom headers, or retry logic.
1395//
1396//
1397//    // Example sending a request using the CreatePolicyRequest method.
1398//    req, resp := client.CreatePolicyRequest(params)
1399//
1400//    err := req.Send()
1401//    if err == nil { // resp is now filled
1402//        fmt.Println(resp)
1403//    }
1404//
1405// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreatePolicy
1406func (c *IAM) CreatePolicyRequest(input *CreatePolicyInput) (req *request.Request, output *CreatePolicyOutput) {
1407	op := &request.Operation{
1408		Name:       opCreatePolicy,
1409		HTTPMethod: "POST",
1410		HTTPPath:   "/",
1411	}
1412
1413	if input == nil {
1414		input = &CreatePolicyInput{}
1415	}
1416
1417	output = &CreatePolicyOutput{}
1418	req = c.newRequest(op, input, output)
1419	return
1420}
1421
1422// CreatePolicy API operation for AWS Identity and Access Management.
1423//
1424// Creates a new managed policy for your AWS account.
1425//
1426// This operation creates a policy version with a version identifier of v1 and
1427// sets v1 as the policy's default version. For more information about policy
1428// versions, see Versioning for managed policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-versions.html)
1429// in the IAM User Guide.
1430//
1431// As a best practice, you can validate your IAM policies. To learn more, see
1432// Validating IAM policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_policy-validator.html)
1433// in the IAM User Guide.
1434//
1435// For more information about managed policies in general, see Managed policies
1436// and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
1437// in the IAM User Guide.
1438//
1439// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
1440// with awserr.Error's Code and Message methods to get detailed information about
1441// the error.
1442//
1443// See the AWS API reference guide for AWS Identity and Access Management's
1444// API operation CreatePolicy for usage and error information.
1445//
1446// Returned Error Codes:
1447//   * ErrCodeInvalidInputException "InvalidInput"
1448//   The request was rejected because an invalid or out-of-range value was supplied
1449//   for an input parameter.
1450//
1451//   * ErrCodeLimitExceededException "LimitExceeded"
1452//   The request was rejected because it attempted to create resources beyond
1453//   the current AWS account limits. The error message describes the limit exceeded.
1454//
1455//   * ErrCodeEntityAlreadyExistsException "EntityAlreadyExists"
1456//   The request was rejected because it attempted to create a resource that already
1457//   exists.
1458//
1459//   * ErrCodeMalformedPolicyDocumentException "MalformedPolicyDocument"
1460//   The request was rejected because the policy document was malformed. The error
1461//   message describes the specific error.
1462//
1463//   * ErrCodeConcurrentModificationException "ConcurrentModification"
1464//   The request was rejected because multiple requests to change this object
1465//   were submitted simultaneously. Wait a few minutes and submit your request
1466//   again.
1467//
1468//   * ErrCodeServiceFailureException "ServiceFailure"
1469//   The request processing has failed because of an unknown error, exception
1470//   or failure.
1471//
1472// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreatePolicy
1473func (c *IAM) CreatePolicy(input *CreatePolicyInput) (*CreatePolicyOutput, error) {
1474	req, out := c.CreatePolicyRequest(input)
1475	return out, req.Send()
1476}
1477
1478// CreatePolicyWithContext is the same as CreatePolicy with the addition of
1479// the ability to pass a context and additional request options.
1480//
1481// See CreatePolicy for details on how to use this API operation.
1482//
1483// The context must be non-nil and will be used for request cancellation. If
1484// the context is nil a panic will occur. In the future the SDK may create
1485// sub-contexts for http.Requests. See https://golang.org/pkg/context/
1486// for more information on using Contexts.
1487func (c *IAM) CreatePolicyWithContext(ctx aws.Context, input *CreatePolicyInput, opts ...request.Option) (*CreatePolicyOutput, error) {
1488	req, out := c.CreatePolicyRequest(input)
1489	req.SetContext(ctx)
1490	req.ApplyOptions(opts...)
1491	return out, req.Send()
1492}
1493
1494const opCreatePolicyVersion = "CreatePolicyVersion"
1495
1496// CreatePolicyVersionRequest generates a "aws/request.Request" representing the
1497// client's request for the CreatePolicyVersion operation. The "output" return
1498// value will be populated with the request's response once the request completes
1499// successfully.
1500//
1501// Use "Send" method on the returned Request to send the API call to the service.
1502// the "output" return value is not valid until after Send returns without error.
1503//
1504// See CreatePolicyVersion for more information on using the CreatePolicyVersion
1505// API call, and error handling.
1506//
1507// This method is useful when you want to inject custom logic or configuration
1508// into the SDK's request lifecycle. Such as custom headers, or retry logic.
1509//
1510//
1511//    // Example sending a request using the CreatePolicyVersionRequest method.
1512//    req, resp := client.CreatePolicyVersionRequest(params)
1513//
1514//    err := req.Send()
1515//    if err == nil { // resp is now filled
1516//        fmt.Println(resp)
1517//    }
1518//
1519// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreatePolicyVersion
1520func (c *IAM) CreatePolicyVersionRequest(input *CreatePolicyVersionInput) (req *request.Request, output *CreatePolicyVersionOutput) {
1521	op := &request.Operation{
1522		Name:       opCreatePolicyVersion,
1523		HTTPMethod: "POST",
1524		HTTPPath:   "/",
1525	}
1526
1527	if input == nil {
1528		input = &CreatePolicyVersionInput{}
1529	}
1530
1531	output = &CreatePolicyVersionOutput{}
1532	req = c.newRequest(op, input, output)
1533	return
1534}
1535
1536// CreatePolicyVersion API operation for AWS Identity and Access Management.
1537//
1538// Creates a new version of the specified managed policy. To update a managed
1539// policy, you create a new policy version. A managed policy can have up to
1540// five versions. If the policy has five versions, you must delete an existing
1541// version using DeletePolicyVersion before you create a new version.
1542//
1543// Optionally, you can set the new version as the policy's default version.
1544// The default version is the version that is in effect for the IAM users, groups,
1545// and roles to which the policy is attached.
1546//
1547// For more information about managed policy versions, see Versioning for managed
1548// policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-versions.html)
1549// in the IAM User Guide.
1550//
1551// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
1552// with awserr.Error's Code and Message methods to get detailed information about
1553// the error.
1554//
1555// See the AWS API reference guide for AWS Identity and Access Management's
1556// API operation CreatePolicyVersion for usage and error information.
1557//
1558// Returned Error Codes:
1559//   * ErrCodeNoSuchEntityException "NoSuchEntity"
1560//   The request was rejected because it referenced a resource entity that does
1561//   not exist. The error message describes the resource.
1562//
1563//   * ErrCodeMalformedPolicyDocumentException "MalformedPolicyDocument"
1564//   The request was rejected because the policy document was malformed. The error
1565//   message describes the specific error.
1566//
1567//   * ErrCodeInvalidInputException "InvalidInput"
1568//   The request was rejected because an invalid or out-of-range value was supplied
1569//   for an input parameter.
1570//
1571//   * ErrCodeLimitExceededException "LimitExceeded"
1572//   The request was rejected because it attempted to create resources beyond
1573//   the current AWS account limits. The error message describes the limit exceeded.
1574//
1575//   * ErrCodeServiceFailureException "ServiceFailure"
1576//   The request processing has failed because of an unknown error, exception
1577//   or failure.
1578//
1579// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreatePolicyVersion
1580func (c *IAM) CreatePolicyVersion(input *CreatePolicyVersionInput) (*CreatePolicyVersionOutput, error) {
1581	req, out := c.CreatePolicyVersionRequest(input)
1582	return out, req.Send()
1583}
1584
1585// CreatePolicyVersionWithContext is the same as CreatePolicyVersion with the addition of
1586// the ability to pass a context and additional request options.
1587//
1588// See CreatePolicyVersion for details on how to use this API operation.
1589//
1590// The context must be non-nil and will be used for request cancellation. If
1591// the context is nil a panic will occur. In the future the SDK may create
1592// sub-contexts for http.Requests. See https://golang.org/pkg/context/
1593// for more information on using Contexts.
1594func (c *IAM) CreatePolicyVersionWithContext(ctx aws.Context, input *CreatePolicyVersionInput, opts ...request.Option) (*CreatePolicyVersionOutput, error) {
1595	req, out := c.CreatePolicyVersionRequest(input)
1596	req.SetContext(ctx)
1597	req.ApplyOptions(opts...)
1598	return out, req.Send()
1599}
1600
1601const opCreateRole = "CreateRole"
1602
1603// CreateRoleRequest generates a "aws/request.Request" representing the
1604// client's request for the CreateRole operation. The "output" return
1605// value will be populated with the request's response once the request completes
1606// successfully.
1607//
1608// Use "Send" method on the returned Request to send the API call to the service.
1609// the "output" return value is not valid until after Send returns without error.
1610//
1611// See CreateRole for more information on using the CreateRole
1612// API call, and error handling.
1613//
1614// This method is useful when you want to inject custom logic or configuration
1615// into the SDK's request lifecycle. Such as custom headers, or retry logic.
1616//
1617//
1618//    // Example sending a request using the CreateRoleRequest method.
1619//    req, resp := client.CreateRoleRequest(params)
1620//
1621//    err := req.Send()
1622//    if err == nil { // resp is now filled
1623//        fmt.Println(resp)
1624//    }
1625//
1626// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateRole
1627func (c *IAM) CreateRoleRequest(input *CreateRoleInput) (req *request.Request, output *CreateRoleOutput) {
1628	op := &request.Operation{
1629		Name:       opCreateRole,
1630		HTTPMethod: "POST",
1631		HTTPPath:   "/",
1632	}
1633
1634	if input == nil {
1635		input = &CreateRoleInput{}
1636	}
1637
1638	output = &CreateRoleOutput{}
1639	req = c.newRequest(op, input, output)
1640	return
1641}
1642
1643// CreateRole API operation for AWS Identity and Access Management.
1644//
1645// Creates a new role for your AWS account. For more information about roles,
1646// see IAM roles (https://docs.aws.amazon.com/IAM/latest/UserGuide/WorkingWithRoles.html).
1647// For information about quotas for role names and the number of roles you can
1648// create, see IAM and STS quotas (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html)
1649// in the IAM User Guide.
1650//
1651// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
1652// with awserr.Error's Code and Message methods to get detailed information about
1653// the error.
1654//
1655// See the AWS API reference guide for AWS Identity and Access Management's
1656// API operation CreateRole for usage and error information.
1657//
1658// Returned Error Codes:
1659//   * ErrCodeLimitExceededException "LimitExceeded"
1660//   The request was rejected because it attempted to create resources beyond
1661//   the current AWS account limits. The error message describes the limit exceeded.
1662//
1663//   * ErrCodeInvalidInputException "InvalidInput"
1664//   The request was rejected because an invalid or out-of-range value was supplied
1665//   for an input parameter.
1666//
1667//   * ErrCodeEntityAlreadyExistsException "EntityAlreadyExists"
1668//   The request was rejected because it attempted to create a resource that already
1669//   exists.
1670//
1671//   * ErrCodeMalformedPolicyDocumentException "MalformedPolicyDocument"
1672//   The request was rejected because the policy document was malformed. The error
1673//   message describes the specific error.
1674//
1675//   * ErrCodeConcurrentModificationException "ConcurrentModification"
1676//   The request was rejected because multiple requests to change this object
1677//   were submitted simultaneously. Wait a few minutes and submit your request
1678//   again.
1679//
1680//   * ErrCodeServiceFailureException "ServiceFailure"
1681//   The request processing has failed because of an unknown error, exception
1682//   or failure.
1683//
1684// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateRole
1685func (c *IAM) CreateRole(input *CreateRoleInput) (*CreateRoleOutput, error) {
1686	req, out := c.CreateRoleRequest(input)
1687	return out, req.Send()
1688}
1689
1690// CreateRoleWithContext is the same as CreateRole with the addition of
1691// the ability to pass a context and additional request options.
1692//
1693// See CreateRole for details on how to use this API operation.
1694//
1695// The context must be non-nil and will be used for request cancellation. If
1696// the context is nil a panic will occur. In the future the SDK may create
1697// sub-contexts for http.Requests. See https://golang.org/pkg/context/
1698// for more information on using Contexts.
1699func (c *IAM) CreateRoleWithContext(ctx aws.Context, input *CreateRoleInput, opts ...request.Option) (*CreateRoleOutput, error) {
1700	req, out := c.CreateRoleRequest(input)
1701	req.SetContext(ctx)
1702	req.ApplyOptions(opts...)
1703	return out, req.Send()
1704}
1705
1706const opCreateSAMLProvider = "CreateSAMLProvider"
1707
1708// CreateSAMLProviderRequest generates a "aws/request.Request" representing the
1709// client's request for the CreateSAMLProvider operation. The "output" return
1710// value will be populated with the request's response once the request completes
1711// successfully.
1712//
1713// Use "Send" method on the returned Request to send the API call to the service.
1714// the "output" return value is not valid until after Send returns without error.
1715//
1716// See CreateSAMLProvider for more information on using the CreateSAMLProvider
1717// API call, and error handling.
1718//
1719// This method is useful when you want to inject custom logic or configuration
1720// into the SDK's request lifecycle. Such as custom headers, or retry logic.
1721//
1722//
1723//    // Example sending a request using the CreateSAMLProviderRequest method.
1724//    req, resp := client.CreateSAMLProviderRequest(params)
1725//
1726//    err := req.Send()
1727//    if err == nil { // resp is now filled
1728//        fmt.Println(resp)
1729//    }
1730//
1731// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateSAMLProvider
1732func (c *IAM) CreateSAMLProviderRequest(input *CreateSAMLProviderInput) (req *request.Request, output *CreateSAMLProviderOutput) {
1733	op := &request.Operation{
1734		Name:       opCreateSAMLProvider,
1735		HTTPMethod: "POST",
1736		HTTPPath:   "/",
1737	}
1738
1739	if input == nil {
1740		input = &CreateSAMLProviderInput{}
1741	}
1742
1743	output = &CreateSAMLProviderOutput{}
1744	req = c.newRequest(op, input, output)
1745	return
1746}
1747
1748// CreateSAMLProvider API operation for AWS Identity and Access Management.
1749//
1750// Creates an IAM resource that describes an identity provider (IdP) that supports
1751// SAML 2.0.
1752//
1753// The SAML provider resource that you create with this operation can be used
1754// as a principal in an IAM role's trust policy. Such a policy can enable federated
1755// users who sign in using the SAML IdP to assume the role. You can create an
1756// IAM role that supports Web-based single sign-on (SSO) to the AWS Management
1757// Console or one that supports API access to AWS.
1758//
1759// When you create the SAML provider resource, you upload a SAML metadata document
1760// that you get from your IdP. That document includes the issuer's name, expiration
1761// information, and keys that can be used to validate the SAML authentication
1762// response (assertions) that the IdP sends. You must generate the metadata
1763// document using the identity management software that is used as your organization's
1764// IdP.
1765//
1766// This operation requires Signature Version 4 (https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html).
1767//
1768// For more information, see Enabling SAML 2.0 federated users to access the
1769// AWS Management Console (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_enable-console-saml.html)
1770// and About SAML 2.0-based federation (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_saml.html)
1771// in the IAM User Guide.
1772//
1773// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
1774// with awserr.Error's Code and Message methods to get detailed information about
1775// the error.
1776//
1777// See the AWS API reference guide for AWS Identity and Access Management's
1778// API operation CreateSAMLProvider for usage and error information.
1779//
1780// Returned Error Codes:
1781//   * ErrCodeInvalidInputException "InvalidInput"
1782//   The request was rejected because an invalid or out-of-range value was supplied
1783//   for an input parameter.
1784//
1785//   * ErrCodeEntityAlreadyExistsException "EntityAlreadyExists"
1786//   The request was rejected because it attempted to create a resource that already
1787//   exists.
1788//
1789//   * ErrCodeLimitExceededException "LimitExceeded"
1790//   The request was rejected because it attempted to create resources beyond
1791//   the current AWS account limits. The error message describes the limit exceeded.
1792//
1793//   * ErrCodeConcurrentModificationException "ConcurrentModification"
1794//   The request was rejected because multiple requests to change this object
1795//   were submitted simultaneously. Wait a few minutes and submit your request
1796//   again.
1797//
1798//   * ErrCodeServiceFailureException "ServiceFailure"
1799//   The request processing has failed because of an unknown error, exception
1800//   or failure.
1801//
1802// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateSAMLProvider
1803func (c *IAM) CreateSAMLProvider(input *CreateSAMLProviderInput) (*CreateSAMLProviderOutput, error) {
1804	req, out := c.CreateSAMLProviderRequest(input)
1805	return out, req.Send()
1806}
1807
1808// CreateSAMLProviderWithContext is the same as CreateSAMLProvider with the addition of
1809// the ability to pass a context and additional request options.
1810//
1811// See CreateSAMLProvider for details on how to use this API operation.
1812//
1813// The context must be non-nil and will be used for request cancellation. If
1814// the context is nil a panic will occur. In the future the SDK may create
1815// sub-contexts for http.Requests. See https://golang.org/pkg/context/
1816// for more information on using Contexts.
1817func (c *IAM) CreateSAMLProviderWithContext(ctx aws.Context, input *CreateSAMLProviderInput, opts ...request.Option) (*CreateSAMLProviderOutput, error) {
1818	req, out := c.CreateSAMLProviderRequest(input)
1819	req.SetContext(ctx)
1820	req.ApplyOptions(opts...)
1821	return out, req.Send()
1822}
1823
1824const opCreateServiceLinkedRole = "CreateServiceLinkedRole"
1825
1826// CreateServiceLinkedRoleRequest generates a "aws/request.Request" representing the
1827// client's request for the CreateServiceLinkedRole operation. The "output" return
1828// value will be populated with the request's response once the request completes
1829// successfully.
1830//
1831// Use "Send" method on the returned Request to send the API call to the service.
1832// the "output" return value is not valid until after Send returns without error.
1833//
1834// See CreateServiceLinkedRole for more information on using the CreateServiceLinkedRole
1835// API call, and error handling.
1836//
1837// This method is useful when you want to inject custom logic or configuration
1838// into the SDK's request lifecycle. Such as custom headers, or retry logic.
1839//
1840//
1841//    // Example sending a request using the CreateServiceLinkedRoleRequest method.
1842//    req, resp := client.CreateServiceLinkedRoleRequest(params)
1843//
1844//    err := req.Send()
1845//    if err == nil { // resp is now filled
1846//        fmt.Println(resp)
1847//    }
1848//
1849// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateServiceLinkedRole
1850func (c *IAM) CreateServiceLinkedRoleRequest(input *CreateServiceLinkedRoleInput) (req *request.Request, output *CreateServiceLinkedRoleOutput) {
1851	op := &request.Operation{
1852		Name:       opCreateServiceLinkedRole,
1853		HTTPMethod: "POST",
1854		HTTPPath:   "/",
1855	}
1856
1857	if input == nil {
1858		input = &CreateServiceLinkedRoleInput{}
1859	}
1860
1861	output = &CreateServiceLinkedRoleOutput{}
1862	req = c.newRequest(op, input, output)
1863	return
1864}
1865
1866// CreateServiceLinkedRole API operation for AWS Identity and Access Management.
1867//
1868// Creates an IAM role that is linked to a specific AWS service. The service
1869// controls the attached policies and when the role can be deleted. This helps
1870// ensure that the service is not broken by an unexpectedly changed or deleted
1871// role, which could put your AWS resources into an unknown state. Allowing
1872// the service to control the role helps improve service stability and proper
1873// cleanup when a service and its role are no longer needed. For more information,
1874// see Using service-linked roles (https://docs.aws.amazon.com/IAM/latest/UserGuide/using-service-linked-roles.html)
1875// in the IAM User Guide.
1876//
1877// To attach a policy to this service-linked role, you must make the request
1878// using the AWS service that depends on this role.
1879//
1880// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
1881// with awserr.Error's Code and Message methods to get detailed information about
1882// the error.
1883//
1884// See the AWS API reference guide for AWS Identity and Access Management's
1885// API operation CreateServiceLinkedRole for usage and error information.
1886//
1887// Returned Error Codes:
1888//   * ErrCodeInvalidInputException "InvalidInput"
1889//   The request was rejected because an invalid or out-of-range value was supplied
1890//   for an input parameter.
1891//
1892//   * ErrCodeLimitExceededException "LimitExceeded"
1893//   The request was rejected because it attempted to create resources beyond
1894//   the current AWS account limits. The error message describes the limit exceeded.
1895//
1896//   * ErrCodeNoSuchEntityException "NoSuchEntity"
1897//   The request was rejected because it referenced a resource entity that does
1898//   not exist. The error message describes the resource.
1899//
1900//   * ErrCodeServiceFailureException "ServiceFailure"
1901//   The request processing has failed because of an unknown error, exception
1902//   or failure.
1903//
1904// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateServiceLinkedRole
1905func (c *IAM) CreateServiceLinkedRole(input *CreateServiceLinkedRoleInput) (*CreateServiceLinkedRoleOutput, error) {
1906	req, out := c.CreateServiceLinkedRoleRequest(input)
1907	return out, req.Send()
1908}
1909
1910// CreateServiceLinkedRoleWithContext is the same as CreateServiceLinkedRole with the addition of
1911// the ability to pass a context and additional request options.
1912//
1913// See CreateServiceLinkedRole for details on how to use this API operation.
1914//
1915// The context must be non-nil and will be used for request cancellation. If
1916// the context is nil a panic will occur. In the future the SDK may create
1917// sub-contexts for http.Requests. See https://golang.org/pkg/context/
1918// for more information on using Contexts.
1919func (c *IAM) CreateServiceLinkedRoleWithContext(ctx aws.Context, input *CreateServiceLinkedRoleInput, opts ...request.Option) (*CreateServiceLinkedRoleOutput, error) {
1920	req, out := c.CreateServiceLinkedRoleRequest(input)
1921	req.SetContext(ctx)
1922	req.ApplyOptions(opts...)
1923	return out, req.Send()
1924}
1925
1926const opCreateServiceSpecificCredential = "CreateServiceSpecificCredential"
1927
1928// CreateServiceSpecificCredentialRequest generates a "aws/request.Request" representing the
1929// client's request for the CreateServiceSpecificCredential operation. The "output" return
1930// value will be populated with the request's response once the request completes
1931// successfully.
1932//
1933// Use "Send" method on the returned Request to send the API call to the service.
1934// the "output" return value is not valid until after Send returns without error.
1935//
1936// See CreateServiceSpecificCredential for more information on using the CreateServiceSpecificCredential
1937// API call, and error handling.
1938//
1939// This method is useful when you want to inject custom logic or configuration
1940// into the SDK's request lifecycle. Such as custom headers, or retry logic.
1941//
1942//
1943//    // Example sending a request using the CreateServiceSpecificCredentialRequest method.
1944//    req, resp := client.CreateServiceSpecificCredentialRequest(params)
1945//
1946//    err := req.Send()
1947//    if err == nil { // resp is now filled
1948//        fmt.Println(resp)
1949//    }
1950//
1951// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateServiceSpecificCredential
1952func (c *IAM) CreateServiceSpecificCredentialRequest(input *CreateServiceSpecificCredentialInput) (req *request.Request, output *CreateServiceSpecificCredentialOutput) {
1953	op := &request.Operation{
1954		Name:       opCreateServiceSpecificCredential,
1955		HTTPMethod: "POST",
1956		HTTPPath:   "/",
1957	}
1958
1959	if input == nil {
1960		input = &CreateServiceSpecificCredentialInput{}
1961	}
1962
1963	output = &CreateServiceSpecificCredentialOutput{}
1964	req = c.newRequest(op, input, output)
1965	return
1966}
1967
1968// CreateServiceSpecificCredential API operation for AWS Identity and Access Management.
1969//
1970// Generates a set of credentials consisting of a user name and password that
1971// can be used to access the service specified in the request. These credentials
1972// are generated by IAM, and can be used only for the specified service.
1973//
1974// You can have a maximum of two sets of service-specific credentials for each
1975// supported service per user.
1976//
1977// You can create service-specific credentials for AWS CodeCommit and Amazon
1978// Keyspaces (for Apache Cassandra).
1979//
1980// You can reset the password to a new service-generated value by calling ResetServiceSpecificCredential.
1981//
1982// For more information about service-specific credentials, see Using IAM with
1983// AWS CodeCommit: Git credentials, SSH keys, and AWS access keys (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_ssh-keys.html)
1984// in the IAM User Guide.
1985//
1986// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
1987// with awserr.Error's Code and Message methods to get detailed information about
1988// the error.
1989//
1990// See the AWS API reference guide for AWS Identity and Access Management's
1991// API operation CreateServiceSpecificCredential for usage and error information.
1992//
1993// Returned Error Codes:
1994//   * ErrCodeLimitExceededException "LimitExceeded"
1995//   The request was rejected because it attempted to create resources beyond
1996//   the current AWS account limits. The error message describes the limit exceeded.
1997//
1998//   * ErrCodeNoSuchEntityException "NoSuchEntity"
1999//   The request was rejected because it referenced a resource entity that does
2000//   not exist. The error message describes the resource.
2001//
2002//   * ErrCodeServiceNotSupportedException "NotSupportedService"
2003//   The specified service does not support service-specific credentials.
2004//
2005// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateServiceSpecificCredential
2006func (c *IAM) CreateServiceSpecificCredential(input *CreateServiceSpecificCredentialInput) (*CreateServiceSpecificCredentialOutput, error) {
2007	req, out := c.CreateServiceSpecificCredentialRequest(input)
2008	return out, req.Send()
2009}
2010
2011// CreateServiceSpecificCredentialWithContext is the same as CreateServiceSpecificCredential with the addition of
2012// the ability to pass a context and additional request options.
2013//
2014// See CreateServiceSpecificCredential for details on how to use this API operation.
2015//
2016// The context must be non-nil and will be used for request cancellation. If
2017// the context is nil a panic will occur. In the future the SDK may create
2018// sub-contexts for http.Requests. See https://golang.org/pkg/context/
2019// for more information on using Contexts.
2020func (c *IAM) CreateServiceSpecificCredentialWithContext(ctx aws.Context, input *CreateServiceSpecificCredentialInput, opts ...request.Option) (*CreateServiceSpecificCredentialOutput, error) {
2021	req, out := c.CreateServiceSpecificCredentialRequest(input)
2022	req.SetContext(ctx)
2023	req.ApplyOptions(opts...)
2024	return out, req.Send()
2025}
2026
2027const opCreateUser = "CreateUser"
2028
2029// CreateUserRequest generates a "aws/request.Request" representing the
2030// client's request for the CreateUser operation. The "output" return
2031// value will be populated with the request's response once the request completes
2032// successfully.
2033//
2034// Use "Send" method on the returned Request to send the API call to the service.
2035// the "output" return value is not valid until after Send returns without error.
2036//
2037// See CreateUser for more information on using the CreateUser
2038// API call, and error handling.
2039//
2040// This method is useful when you want to inject custom logic or configuration
2041// into the SDK's request lifecycle. Such as custom headers, or retry logic.
2042//
2043//
2044//    // Example sending a request using the CreateUserRequest method.
2045//    req, resp := client.CreateUserRequest(params)
2046//
2047//    err := req.Send()
2048//    if err == nil { // resp is now filled
2049//        fmt.Println(resp)
2050//    }
2051//
2052// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateUser
2053func (c *IAM) CreateUserRequest(input *CreateUserInput) (req *request.Request, output *CreateUserOutput) {
2054	op := &request.Operation{
2055		Name:       opCreateUser,
2056		HTTPMethod: "POST",
2057		HTTPPath:   "/",
2058	}
2059
2060	if input == nil {
2061		input = &CreateUserInput{}
2062	}
2063
2064	output = &CreateUserOutput{}
2065	req = c.newRequest(op, input, output)
2066	return
2067}
2068
2069// CreateUser API operation for AWS Identity and Access Management.
2070//
2071// Creates a new IAM user for your AWS account.
2072//
2073// For information about quotas for the number of IAM users you can create,
2074// see IAM and STS quotas (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html)
2075// in the IAM User Guide.
2076//
2077// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
2078// with awserr.Error's Code and Message methods to get detailed information about
2079// the error.
2080//
2081// See the AWS API reference guide for AWS Identity and Access Management's
2082// API operation CreateUser for usage and error information.
2083//
2084// Returned Error Codes:
2085//   * ErrCodeLimitExceededException "LimitExceeded"
2086//   The request was rejected because it attempted to create resources beyond
2087//   the current AWS account limits. The error message describes the limit exceeded.
2088//
2089//   * ErrCodeEntityAlreadyExistsException "EntityAlreadyExists"
2090//   The request was rejected because it attempted to create a resource that already
2091//   exists.
2092//
2093//   * ErrCodeNoSuchEntityException "NoSuchEntity"
2094//   The request was rejected because it referenced a resource entity that does
2095//   not exist. The error message describes the resource.
2096//
2097//   * ErrCodeInvalidInputException "InvalidInput"
2098//   The request was rejected because an invalid or out-of-range value was supplied
2099//   for an input parameter.
2100//
2101//   * ErrCodeConcurrentModificationException "ConcurrentModification"
2102//   The request was rejected because multiple requests to change this object
2103//   were submitted simultaneously. Wait a few minutes and submit your request
2104//   again.
2105//
2106//   * ErrCodeServiceFailureException "ServiceFailure"
2107//   The request processing has failed because of an unknown error, exception
2108//   or failure.
2109//
2110// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateUser
2111func (c *IAM) CreateUser(input *CreateUserInput) (*CreateUserOutput, error) {
2112	req, out := c.CreateUserRequest(input)
2113	return out, req.Send()
2114}
2115
2116// CreateUserWithContext is the same as CreateUser with the addition of
2117// the ability to pass a context and additional request options.
2118//
2119// See CreateUser for details on how to use this API operation.
2120//
2121// The context must be non-nil and will be used for request cancellation. If
2122// the context is nil a panic will occur. In the future the SDK may create
2123// sub-contexts for http.Requests. See https://golang.org/pkg/context/
2124// for more information on using Contexts.
2125func (c *IAM) CreateUserWithContext(ctx aws.Context, input *CreateUserInput, opts ...request.Option) (*CreateUserOutput, error) {
2126	req, out := c.CreateUserRequest(input)
2127	req.SetContext(ctx)
2128	req.ApplyOptions(opts...)
2129	return out, req.Send()
2130}
2131
2132const opCreateVirtualMFADevice = "CreateVirtualMFADevice"
2133
2134// CreateVirtualMFADeviceRequest generates a "aws/request.Request" representing the
2135// client's request for the CreateVirtualMFADevice operation. The "output" return
2136// value will be populated with the request's response once the request completes
2137// successfully.
2138//
2139// Use "Send" method on the returned Request to send the API call to the service.
2140// the "output" return value is not valid until after Send returns without error.
2141//
2142// See CreateVirtualMFADevice for more information on using the CreateVirtualMFADevice
2143// API call, and error handling.
2144//
2145// This method is useful when you want to inject custom logic or configuration
2146// into the SDK's request lifecycle. Such as custom headers, or retry logic.
2147//
2148//
2149//    // Example sending a request using the CreateVirtualMFADeviceRequest method.
2150//    req, resp := client.CreateVirtualMFADeviceRequest(params)
2151//
2152//    err := req.Send()
2153//    if err == nil { // resp is now filled
2154//        fmt.Println(resp)
2155//    }
2156//
2157// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateVirtualMFADevice
2158func (c *IAM) CreateVirtualMFADeviceRequest(input *CreateVirtualMFADeviceInput) (req *request.Request, output *CreateVirtualMFADeviceOutput) {
2159	op := &request.Operation{
2160		Name:       opCreateVirtualMFADevice,
2161		HTTPMethod: "POST",
2162		HTTPPath:   "/",
2163	}
2164
2165	if input == nil {
2166		input = &CreateVirtualMFADeviceInput{}
2167	}
2168
2169	output = &CreateVirtualMFADeviceOutput{}
2170	req = c.newRequest(op, input, output)
2171	return
2172}
2173
2174// CreateVirtualMFADevice API operation for AWS Identity and Access Management.
2175//
2176// Creates a new virtual MFA device for the AWS account. After creating the
2177// virtual MFA, use EnableMFADevice to attach the MFA device to an IAM user.
2178// For more information about creating and working with virtual MFA devices,
2179// see Using a virtual MFA device (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_VirtualMFA.html)
2180// in the IAM User Guide.
2181//
2182// For information about the maximum number of MFA devices you can create, see
2183// IAM and STS quotas (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html)
2184// in the IAM User Guide.
2185//
2186// The seed information contained in the QR code and the Base32 string should
2187// be treated like any other secret access information. In other words, protect
2188// the seed information as you would your AWS access keys or your passwords.
2189// After you provision your virtual device, you should ensure that the information
2190// is destroyed following secure procedures.
2191//
2192// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
2193// with awserr.Error's Code and Message methods to get detailed information about
2194// the error.
2195//
2196// See the AWS API reference guide for AWS Identity and Access Management's
2197// API operation CreateVirtualMFADevice for usage and error information.
2198//
2199// Returned Error Codes:
2200//   * ErrCodeLimitExceededException "LimitExceeded"
2201//   The request was rejected because it attempted to create resources beyond
2202//   the current AWS account limits. The error message describes the limit exceeded.
2203//
2204//   * ErrCodeInvalidInputException "InvalidInput"
2205//   The request was rejected because an invalid or out-of-range value was supplied
2206//   for an input parameter.
2207//
2208//   * ErrCodeEntityAlreadyExistsException "EntityAlreadyExists"
2209//   The request was rejected because it attempted to create a resource that already
2210//   exists.
2211//
2212//   * ErrCodeConcurrentModificationException "ConcurrentModification"
2213//   The request was rejected because multiple requests to change this object
2214//   were submitted simultaneously. Wait a few minutes and submit your request
2215//   again.
2216//
2217//   * ErrCodeServiceFailureException "ServiceFailure"
2218//   The request processing has failed because of an unknown error, exception
2219//   or failure.
2220//
2221// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateVirtualMFADevice
2222func (c *IAM) CreateVirtualMFADevice(input *CreateVirtualMFADeviceInput) (*CreateVirtualMFADeviceOutput, error) {
2223	req, out := c.CreateVirtualMFADeviceRequest(input)
2224	return out, req.Send()
2225}
2226
2227// CreateVirtualMFADeviceWithContext is the same as CreateVirtualMFADevice with the addition of
2228// the ability to pass a context and additional request options.
2229//
2230// See CreateVirtualMFADevice for details on how to use this API operation.
2231//
2232// The context must be non-nil and will be used for request cancellation. If
2233// the context is nil a panic will occur. In the future the SDK may create
2234// sub-contexts for http.Requests. See https://golang.org/pkg/context/
2235// for more information on using Contexts.
2236func (c *IAM) CreateVirtualMFADeviceWithContext(ctx aws.Context, input *CreateVirtualMFADeviceInput, opts ...request.Option) (*CreateVirtualMFADeviceOutput, error) {
2237	req, out := c.CreateVirtualMFADeviceRequest(input)
2238	req.SetContext(ctx)
2239	req.ApplyOptions(opts...)
2240	return out, req.Send()
2241}
2242
2243const opDeactivateMFADevice = "DeactivateMFADevice"
2244
2245// DeactivateMFADeviceRequest generates a "aws/request.Request" representing the
2246// client's request for the DeactivateMFADevice operation. The "output" return
2247// value will be populated with the request's response once the request completes
2248// successfully.
2249//
2250// Use "Send" method on the returned Request to send the API call to the service.
2251// the "output" return value is not valid until after Send returns without error.
2252//
2253// See DeactivateMFADevice for more information on using the DeactivateMFADevice
2254// API call, and error handling.
2255//
2256// This method is useful when you want to inject custom logic or configuration
2257// into the SDK's request lifecycle. Such as custom headers, or retry logic.
2258//
2259//
2260//    // Example sending a request using the DeactivateMFADeviceRequest method.
2261//    req, resp := client.DeactivateMFADeviceRequest(params)
2262//
2263//    err := req.Send()
2264//    if err == nil { // resp is now filled
2265//        fmt.Println(resp)
2266//    }
2267//
2268// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeactivateMFADevice
2269func (c *IAM) DeactivateMFADeviceRequest(input *DeactivateMFADeviceInput) (req *request.Request, output *DeactivateMFADeviceOutput) {
2270	op := &request.Operation{
2271		Name:       opDeactivateMFADevice,
2272		HTTPMethod: "POST",
2273		HTTPPath:   "/",
2274	}
2275
2276	if input == nil {
2277		input = &DeactivateMFADeviceInput{}
2278	}
2279
2280	output = &DeactivateMFADeviceOutput{}
2281	req = c.newRequest(op, input, output)
2282	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
2283	return
2284}
2285
2286// DeactivateMFADevice API operation for AWS Identity and Access Management.
2287//
2288// Deactivates the specified MFA device and removes it from association with
2289// the user name for which it was originally enabled.
2290//
2291// For more information about creating and working with virtual MFA devices,
2292// see Enabling a virtual multi-factor authentication (MFA) device (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_VirtualMFA.html)
2293// in the IAM User Guide.
2294//
2295// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
2296// with awserr.Error's Code and Message methods to get detailed information about
2297// the error.
2298//
2299// See the AWS API reference guide for AWS Identity and Access Management's
2300// API operation DeactivateMFADevice for usage and error information.
2301//
2302// Returned Error Codes:
2303//   * ErrCodeEntityTemporarilyUnmodifiableException "EntityTemporarilyUnmodifiable"
2304//   The request was rejected because it referenced an entity that is temporarily
2305//   unmodifiable, such as a user name that was deleted and then recreated. The
2306//   error indicates that the request is likely to succeed if you try again after
2307//   waiting several minutes. The error message describes the entity.
2308//
2309//   * ErrCodeNoSuchEntityException "NoSuchEntity"
2310//   The request was rejected because it referenced a resource entity that does
2311//   not exist. The error message describes the resource.
2312//
2313//   * ErrCodeLimitExceededException "LimitExceeded"
2314//   The request was rejected because it attempted to create resources beyond
2315//   the current AWS account limits. The error message describes the limit exceeded.
2316//
2317//   * ErrCodeServiceFailureException "ServiceFailure"
2318//   The request processing has failed because of an unknown error, exception
2319//   or failure.
2320//
2321// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeactivateMFADevice
2322func (c *IAM) DeactivateMFADevice(input *DeactivateMFADeviceInput) (*DeactivateMFADeviceOutput, error) {
2323	req, out := c.DeactivateMFADeviceRequest(input)
2324	return out, req.Send()
2325}
2326
2327// DeactivateMFADeviceWithContext is the same as DeactivateMFADevice with the addition of
2328// the ability to pass a context and additional request options.
2329//
2330// See DeactivateMFADevice for details on how to use this API operation.
2331//
2332// The context must be non-nil and will be used for request cancellation. If
2333// the context is nil a panic will occur. In the future the SDK may create
2334// sub-contexts for http.Requests. See https://golang.org/pkg/context/
2335// for more information on using Contexts.
2336func (c *IAM) DeactivateMFADeviceWithContext(ctx aws.Context, input *DeactivateMFADeviceInput, opts ...request.Option) (*DeactivateMFADeviceOutput, error) {
2337	req, out := c.DeactivateMFADeviceRequest(input)
2338	req.SetContext(ctx)
2339	req.ApplyOptions(opts...)
2340	return out, req.Send()
2341}
2342
2343const opDeleteAccessKey = "DeleteAccessKey"
2344
2345// DeleteAccessKeyRequest generates a "aws/request.Request" representing the
2346// client's request for the DeleteAccessKey operation. The "output" return
2347// value will be populated with the request's response once the request completes
2348// successfully.
2349//
2350// Use "Send" method on the returned Request to send the API call to the service.
2351// the "output" return value is not valid until after Send returns without error.
2352//
2353// See DeleteAccessKey for more information on using the DeleteAccessKey
2354// API call, and error handling.
2355//
2356// This method is useful when you want to inject custom logic or configuration
2357// into the SDK's request lifecycle. Such as custom headers, or retry logic.
2358//
2359//
2360//    // Example sending a request using the DeleteAccessKeyRequest method.
2361//    req, resp := client.DeleteAccessKeyRequest(params)
2362//
2363//    err := req.Send()
2364//    if err == nil { // resp is now filled
2365//        fmt.Println(resp)
2366//    }
2367//
2368// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteAccessKey
2369func (c *IAM) DeleteAccessKeyRequest(input *DeleteAccessKeyInput) (req *request.Request, output *DeleteAccessKeyOutput) {
2370	op := &request.Operation{
2371		Name:       opDeleteAccessKey,
2372		HTTPMethod: "POST",
2373		HTTPPath:   "/",
2374	}
2375
2376	if input == nil {
2377		input = &DeleteAccessKeyInput{}
2378	}
2379
2380	output = &DeleteAccessKeyOutput{}
2381	req = c.newRequest(op, input, output)
2382	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
2383	return
2384}
2385
2386// DeleteAccessKey API operation for AWS Identity and Access Management.
2387//
2388// Deletes the access key pair associated with the specified IAM user.
2389//
2390// If you do not specify a user name, IAM determines the user name implicitly
2391// based on the AWS access key ID signing the request. This operation works
2392// for access keys under the AWS account. Consequently, you can use this operation
2393// to manage AWS account root user credentials even if the AWS account has no
2394// associated users.
2395//
2396// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
2397// with awserr.Error's Code and Message methods to get detailed information about
2398// the error.
2399//
2400// See the AWS API reference guide for AWS Identity and Access Management's
2401// API operation DeleteAccessKey for usage and error information.
2402//
2403// Returned Error Codes:
2404//   * ErrCodeNoSuchEntityException "NoSuchEntity"
2405//   The request was rejected because it referenced a resource entity that does
2406//   not exist. The error message describes the resource.
2407//
2408//   * ErrCodeLimitExceededException "LimitExceeded"
2409//   The request was rejected because it attempted to create resources beyond
2410//   the current AWS account limits. The error message describes the limit exceeded.
2411//
2412//   * ErrCodeServiceFailureException "ServiceFailure"
2413//   The request processing has failed because of an unknown error, exception
2414//   or failure.
2415//
2416// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteAccessKey
2417func (c *IAM) DeleteAccessKey(input *DeleteAccessKeyInput) (*DeleteAccessKeyOutput, error) {
2418	req, out := c.DeleteAccessKeyRequest(input)
2419	return out, req.Send()
2420}
2421
2422// DeleteAccessKeyWithContext is the same as DeleteAccessKey with the addition of
2423// the ability to pass a context and additional request options.
2424//
2425// See DeleteAccessKey for details on how to use this API operation.
2426//
2427// The context must be non-nil and will be used for request cancellation. If
2428// the context is nil a panic will occur. In the future the SDK may create
2429// sub-contexts for http.Requests. See https://golang.org/pkg/context/
2430// for more information on using Contexts.
2431func (c *IAM) DeleteAccessKeyWithContext(ctx aws.Context, input *DeleteAccessKeyInput, opts ...request.Option) (*DeleteAccessKeyOutput, error) {
2432	req, out := c.DeleteAccessKeyRequest(input)
2433	req.SetContext(ctx)
2434	req.ApplyOptions(opts...)
2435	return out, req.Send()
2436}
2437
2438const opDeleteAccountAlias = "DeleteAccountAlias"
2439
2440// DeleteAccountAliasRequest generates a "aws/request.Request" representing the
2441// client's request for the DeleteAccountAlias operation. The "output" return
2442// value will be populated with the request's response once the request completes
2443// successfully.
2444//
2445// Use "Send" method on the returned Request to send the API call to the service.
2446// the "output" return value is not valid until after Send returns without error.
2447//
2448// See DeleteAccountAlias for more information on using the DeleteAccountAlias
2449// API call, and error handling.
2450//
2451// This method is useful when you want to inject custom logic or configuration
2452// into the SDK's request lifecycle. Such as custom headers, or retry logic.
2453//
2454//
2455//    // Example sending a request using the DeleteAccountAliasRequest method.
2456//    req, resp := client.DeleteAccountAliasRequest(params)
2457//
2458//    err := req.Send()
2459//    if err == nil { // resp is now filled
2460//        fmt.Println(resp)
2461//    }
2462//
2463// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteAccountAlias
2464func (c *IAM) DeleteAccountAliasRequest(input *DeleteAccountAliasInput) (req *request.Request, output *DeleteAccountAliasOutput) {
2465	op := &request.Operation{
2466		Name:       opDeleteAccountAlias,
2467		HTTPMethod: "POST",
2468		HTTPPath:   "/",
2469	}
2470
2471	if input == nil {
2472		input = &DeleteAccountAliasInput{}
2473	}
2474
2475	output = &DeleteAccountAliasOutput{}
2476	req = c.newRequest(op, input, output)
2477	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
2478	return
2479}
2480
2481// DeleteAccountAlias API operation for AWS Identity and Access Management.
2482//
2483// Deletes the specified AWS account alias. For information about using an AWS
2484// account alias, see Using an alias for your AWS account ID (https://docs.aws.amazon.com/IAM/latest/UserGuide/AccountAlias.html)
2485// in the IAM User Guide.
2486//
2487// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
2488// with awserr.Error's Code and Message methods to get detailed information about
2489// the error.
2490//
2491// See the AWS API reference guide for AWS Identity and Access Management's
2492// API operation DeleteAccountAlias for usage and error information.
2493//
2494// Returned Error Codes:
2495//   * ErrCodeNoSuchEntityException "NoSuchEntity"
2496//   The request was rejected because it referenced a resource entity that does
2497//   not exist. The error message describes the resource.
2498//
2499//   * ErrCodeLimitExceededException "LimitExceeded"
2500//   The request was rejected because it attempted to create resources beyond
2501//   the current AWS account limits. The error message describes the limit exceeded.
2502//
2503//   * ErrCodeServiceFailureException "ServiceFailure"
2504//   The request processing has failed because of an unknown error, exception
2505//   or failure.
2506//
2507// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteAccountAlias
2508func (c *IAM) DeleteAccountAlias(input *DeleteAccountAliasInput) (*DeleteAccountAliasOutput, error) {
2509	req, out := c.DeleteAccountAliasRequest(input)
2510	return out, req.Send()
2511}
2512
2513// DeleteAccountAliasWithContext is the same as DeleteAccountAlias with the addition of
2514// the ability to pass a context and additional request options.
2515//
2516// See DeleteAccountAlias for details on how to use this API operation.
2517//
2518// The context must be non-nil and will be used for request cancellation. If
2519// the context is nil a panic will occur. In the future the SDK may create
2520// sub-contexts for http.Requests. See https://golang.org/pkg/context/
2521// for more information on using Contexts.
2522func (c *IAM) DeleteAccountAliasWithContext(ctx aws.Context, input *DeleteAccountAliasInput, opts ...request.Option) (*DeleteAccountAliasOutput, error) {
2523	req, out := c.DeleteAccountAliasRequest(input)
2524	req.SetContext(ctx)
2525	req.ApplyOptions(opts...)
2526	return out, req.Send()
2527}
2528
2529const opDeleteAccountPasswordPolicy = "DeleteAccountPasswordPolicy"
2530
2531// DeleteAccountPasswordPolicyRequest generates a "aws/request.Request" representing the
2532// client's request for the DeleteAccountPasswordPolicy operation. The "output" return
2533// value will be populated with the request's response once the request completes
2534// successfully.
2535//
2536// Use "Send" method on the returned Request to send the API call to the service.
2537// the "output" return value is not valid until after Send returns without error.
2538//
2539// See DeleteAccountPasswordPolicy for more information on using the DeleteAccountPasswordPolicy
2540// API call, and error handling.
2541//
2542// This method is useful when you want to inject custom logic or configuration
2543// into the SDK's request lifecycle. Such as custom headers, or retry logic.
2544//
2545//
2546//    // Example sending a request using the DeleteAccountPasswordPolicyRequest method.
2547//    req, resp := client.DeleteAccountPasswordPolicyRequest(params)
2548//
2549//    err := req.Send()
2550//    if err == nil { // resp is now filled
2551//        fmt.Println(resp)
2552//    }
2553//
2554// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteAccountPasswordPolicy
2555func (c *IAM) DeleteAccountPasswordPolicyRequest(input *DeleteAccountPasswordPolicyInput) (req *request.Request, output *DeleteAccountPasswordPolicyOutput) {
2556	op := &request.Operation{
2557		Name:       opDeleteAccountPasswordPolicy,
2558		HTTPMethod: "POST",
2559		HTTPPath:   "/",
2560	}
2561
2562	if input == nil {
2563		input = &DeleteAccountPasswordPolicyInput{}
2564	}
2565
2566	output = &DeleteAccountPasswordPolicyOutput{}
2567	req = c.newRequest(op, input, output)
2568	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
2569	return
2570}
2571
2572// DeleteAccountPasswordPolicy API operation for AWS Identity and Access Management.
2573//
2574// Deletes the password policy for the AWS account. There are no parameters.
2575//
2576// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
2577// with awserr.Error's Code and Message methods to get detailed information about
2578// the error.
2579//
2580// See the AWS API reference guide for AWS Identity and Access Management's
2581// API operation DeleteAccountPasswordPolicy for usage and error information.
2582//
2583// Returned Error Codes:
2584//   * ErrCodeNoSuchEntityException "NoSuchEntity"
2585//   The request was rejected because it referenced a resource entity that does
2586//   not exist. The error message describes the resource.
2587//
2588//   * ErrCodeLimitExceededException "LimitExceeded"
2589//   The request was rejected because it attempted to create resources beyond
2590//   the current AWS account limits. The error message describes the limit exceeded.
2591//
2592//   * ErrCodeServiceFailureException "ServiceFailure"
2593//   The request processing has failed because of an unknown error, exception
2594//   or failure.
2595//
2596// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteAccountPasswordPolicy
2597func (c *IAM) DeleteAccountPasswordPolicy(input *DeleteAccountPasswordPolicyInput) (*DeleteAccountPasswordPolicyOutput, error) {
2598	req, out := c.DeleteAccountPasswordPolicyRequest(input)
2599	return out, req.Send()
2600}
2601
2602// DeleteAccountPasswordPolicyWithContext is the same as DeleteAccountPasswordPolicy with the addition of
2603// the ability to pass a context and additional request options.
2604//
2605// See DeleteAccountPasswordPolicy for details on how to use this API operation.
2606//
2607// The context must be non-nil and will be used for request cancellation. If
2608// the context is nil a panic will occur. In the future the SDK may create
2609// sub-contexts for http.Requests. See https://golang.org/pkg/context/
2610// for more information on using Contexts.
2611func (c *IAM) DeleteAccountPasswordPolicyWithContext(ctx aws.Context, input *DeleteAccountPasswordPolicyInput, opts ...request.Option) (*DeleteAccountPasswordPolicyOutput, error) {
2612	req, out := c.DeleteAccountPasswordPolicyRequest(input)
2613	req.SetContext(ctx)
2614	req.ApplyOptions(opts...)
2615	return out, req.Send()
2616}
2617
2618const opDeleteGroup = "DeleteGroup"
2619
2620// DeleteGroupRequest generates a "aws/request.Request" representing the
2621// client's request for the DeleteGroup operation. The "output" return
2622// value will be populated with the request's response once the request completes
2623// successfully.
2624//
2625// Use "Send" method on the returned Request to send the API call to the service.
2626// the "output" return value is not valid until after Send returns without error.
2627//
2628// See DeleteGroup for more information on using the DeleteGroup
2629// API call, and error handling.
2630//
2631// This method is useful when you want to inject custom logic or configuration
2632// into the SDK's request lifecycle. Such as custom headers, or retry logic.
2633//
2634//
2635//    // Example sending a request using the DeleteGroupRequest method.
2636//    req, resp := client.DeleteGroupRequest(params)
2637//
2638//    err := req.Send()
2639//    if err == nil { // resp is now filled
2640//        fmt.Println(resp)
2641//    }
2642//
2643// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteGroup
2644func (c *IAM) DeleteGroupRequest(input *DeleteGroupInput) (req *request.Request, output *DeleteGroupOutput) {
2645	op := &request.Operation{
2646		Name:       opDeleteGroup,
2647		HTTPMethod: "POST",
2648		HTTPPath:   "/",
2649	}
2650
2651	if input == nil {
2652		input = &DeleteGroupInput{}
2653	}
2654
2655	output = &DeleteGroupOutput{}
2656	req = c.newRequest(op, input, output)
2657	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
2658	return
2659}
2660
2661// DeleteGroup API operation for AWS Identity and Access Management.
2662//
2663// Deletes the specified IAM group. The group must not contain any users or
2664// have any attached policies.
2665//
2666// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
2667// with awserr.Error's Code and Message methods to get detailed information about
2668// the error.
2669//
2670// See the AWS API reference guide for AWS Identity and Access Management's
2671// API operation DeleteGroup for usage and error information.
2672//
2673// Returned Error Codes:
2674//   * ErrCodeNoSuchEntityException "NoSuchEntity"
2675//   The request was rejected because it referenced a resource entity that does
2676//   not exist. The error message describes the resource.
2677//
2678//   * ErrCodeDeleteConflictException "DeleteConflict"
2679//   The request was rejected because it attempted to delete a resource that has
2680//   attached subordinate entities. The error message describes these entities.
2681//
2682//   * ErrCodeLimitExceededException "LimitExceeded"
2683//   The request was rejected because it attempted to create resources beyond
2684//   the current AWS account limits. The error message describes the limit exceeded.
2685//
2686//   * ErrCodeServiceFailureException "ServiceFailure"
2687//   The request processing has failed because of an unknown error, exception
2688//   or failure.
2689//
2690// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteGroup
2691func (c *IAM) DeleteGroup(input *DeleteGroupInput) (*DeleteGroupOutput, error) {
2692	req, out := c.DeleteGroupRequest(input)
2693	return out, req.Send()
2694}
2695
2696// DeleteGroupWithContext is the same as DeleteGroup with the addition of
2697// the ability to pass a context and additional request options.
2698//
2699// See DeleteGroup for details on how to use this API operation.
2700//
2701// The context must be non-nil and will be used for request cancellation. If
2702// the context is nil a panic will occur. In the future the SDK may create
2703// sub-contexts for http.Requests. See https://golang.org/pkg/context/
2704// for more information on using Contexts.
2705func (c *IAM) DeleteGroupWithContext(ctx aws.Context, input *DeleteGroupInput, opts ...request.Option) (*DeleteGroupOutput, error) {
2706	req, out := c.DeleteGroupRequest(input)
2707	req.SetContext(ctx)
2708	req.ApplyOptions(opts...)
2709	return out, req.Send()
2710}
2711
2712const opDeleteGroupPolicy = "DeleteGroupPolicy"
2713
2714// DeleteGroupPolicyRequest generates a "aws/request.Request" representing the
2715// client's request for the DeleteGroupPolicy operation. The "output" return
2716// value will be populated with the request's response once the request completes
2717// successfully.
2718//
2719// Use "Send" method on the returned Request to send the API call to the service.
2720// the "output" return value is not valid until after Send returns without error.
2721//
2722// See DeleteGroupPolicy for more information on using the DeleteGroupPolicy
2723// API call, and error handling.
2724//
2725// This method is useful when you want to inject custom logic or configuration
2726// into the SDK's request lifecycle. Such as custom headers, or retry logic.
2727//
2728//
2729//    // Example sending a request using the DeleteGroupPolicyRequest method.
2730//    req, resp := client.DeleteGroupPolicyRequest(params)
2731//
2732//    err := req.Send()
2733//    if err == nil { // resp is now filled
2734//        fmt.Println(resp)
2735//    }
2736//
2737// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteGroupPolicy
2738func (c *IAM) DeleteGroupPolicyRequest(input *DeleteGroupPolicyInput) (req *request.Request, output *DeleteGroupPolicyOutput) {
2739	op := &request.Operation{
2740		Name:       opDeleteGroupPolicy,
2741		HTTPMethod: "POST",
2742		HTTPPath:   "/",
2743	}
2744
2745	if input == nil {
2746		input = &DeleteGroupPolicyInput{}
2747	}
2748
2749	output = &DeleteGroupPolicyOutput{}
2750	req = c.newRequest(op, input, output)
2751	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
2752	return
2753}
2754
2755// DeleteGroupPolicy API operation for AWS Identity and Access Management.
2756//
2757// Deletes the specified inline policy that is embedded in the specified IAM
2758// group.
2759//
2760// A group can also have managed policies attached to it. To detach a managed
2761// policy from a group, use DetachGroupPolicy. For more information about policies,
2762// refer to Managed policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
2763// in the IAM User Guide.
2764//
2765// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
2766// with awserr.Error's Code and Message methods to get detailed information about
2767// the error.
2768//
2769// See the AWS API reference guide for AWS Identity and Access Management's
2770// API operation DeleteGroupPolicy for usage and error information.
2771//
2772// Returned Error Codes:
2773//   * ErrCodeNoSuchEntityException "NoSuchEntity"
2774//   The request was rejected because it referenced a resource entity that does
2775//   not exist. The error message describes the resource.
2776//
2777//   * ErrCodeLimitExceededException "LimitExceeded"
2778//   The request was rejected because it attempted to create resources beyond
2779//   the current AWS account limits. The error message describes the limit exceeded.
2780//
2781//   * ErrCodeServiceFailureException "ServiceFailure"
2782//   The request processing has failed because of an unknown error, exception
2783//   or failure.
2784//
2785// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteGroupPolicy
2786func (c *IAM) DeleteGroupPolicy(input *DeleteGroupPolicyInput) (*DeleteGroupPolicyOutput, error) {
2787	req, out := c.DeleteGroupPolicyRequest(input)
2788	return out, req.Send()
2789}
2790
2791// DeleteGroupPolicyWithContext is the same as DeleteGroupPolicy with the addition of
2792// the ability to pass a context and additional request options.
2793//
2794// See DeleteGroupPolicy for details on how to use this API operation.
2795//
2796// The context must be non-nil and will be used for request cancellation. If
2797// the context is nil a panic will occur. In the future the SDK may create
2798// sub-contexts for http.Requests. See https://golang.org/pkg/context/
2799// for more information on using Contexts.
2800func (c *IAM) DeleteGroupPolicyWithContext(ctx aws.Context, input *DeleteGroupPolicyInput, opts ...request.Option) (*DeleteGroupPolicyOutput, error) {
2801	req, out := c.DeleteGroupPolicyRequest(input)
2802	req.SetContext(ctx)
2803	req.ApplyOptions(opts...)
2804	return out, req.Send()
2805}
2806
2807const opDeleteInstanceProfile = "DeleteInstanceProfile"
2808
2809// DeleteInstanceProfileRequest generates a "aws/request.Request" representing the
2810// client's request for the DeleteInstanceProfile operation. The "output" return
2811// value will be populated with the request's response once the request completes
2812// successfully.
2813//
2814// Use "Send" method on the returned Request to send the API call to the service.
2815// the "output" return value is not valid until after Send returns without error.
2816//
2817// See DeleteInstanceProfile for more information on using the DeleteInstanceProfile
2818// API call, and error handling.
2819//
2820// This method is useful when you want to inject custom logic or configuration
2821// into the SDK's request lifecycle. Such as custom headers, or retry logic.
2822//
2823//
2824//    // Example sending a request using the DeleteInstanceProfileRequest method.
2825//    req, resp := client.DeleteInstanceProfileRequest(params)
2826//
2827//    err := req.Send()
2828//    if err == nil { // resp is now filled
2829//        fmt.Println(resp)
2830//    }
2831//
2832// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteInstanceProfile
2833func (c *IAM) DeleteInstanceProfileRequest(input *DeleteInstanceProfileInput) (req *request.Request, output *DeleteInstanceProfileOutput) {
2834	op := &request.Operation{
2835		Name:       opDeleteInstanceProfile,
2836		HTTPMethod: "POST",
2837		HTTPPath:   "/",
2838	}
2839
2840	if input == nil {
2841		input = &DeleteInstanceProfileInput{}
2842	}
2843
2844	output = &DeleteInstanceProfileOutput{}
2845	req = c.newRequest(op, input, output)
2846	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
2847	return
2848}
2849
2850// DeleteInstanceProfile API operation for AWS Identity and Access Management.
2851//
2852// Deletes the specified instance profile. The instance profile must not have
2853// an associated role.
2854//
2855// Make sure that you do not have any Amazon EC2 instances running with the
2856// instance profile you are about to delete. Deleting a role or instance profile
2857// that is associated with a running instance will break any applications running
2858// on the instance.
2859//
2860// For more information about instance profiles, see About instance profiles
2861// (https://docs.aws.amazon.com/IAM/latest/UserGuide/AboutInstanceProfiles.html).
2862//
2863// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
2864// with awserr.Error's Code and Message methods to get detailed information about
2865// the error.
2866//
2867// See the AWS API reference guide for AWS Identity and Access Management's
2868// API operation DeleteInstanceProfile for usage and error information.
2869//
2870// Returned Error Codes:
2871//   * ErrCodeNoSuchEntityException "NoSuchEntity"
2872//   The request was rejected because it referenced a resource entity that does
2873//   not exist. The error message describes the resource.
2874//
2875//   * ErrCodeDeleteConflictException "DeleteConflict"
2876//   The request was rejected because it attempted to delete a resource that has
2877//   attached subordinate entities. The error message describes these entities.
2878//
2879//   * ErrCodeLimitExceededException "LimitExceeded"
2880//   The request was rejected because it attempted to create resources beyond
2881//   the current AWS account limits. The error message describes the limit exceeded.
2882//
2883//   * ErrCodeServiceFailureException "ServiceFailure"
2884//   The request processing has failed because of an unknown error, exception
2885//   or failure.
2886//
2887// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteInstanceProfile
2888func (c *IAM) DeleteInstanceProfile(input *DeleteInstanceProfileInput) (*DeleteInstanceProfileOutput, error) {
2889	req, out := c.DeleteInstanceProfileRequest(input)
2890	return out, req.Send()
2891}
2892
2893// DeleteInstanceProfileWithContext is the same as DeleteInstanceProfile with the addition of
2894// the ability to pass a context and additional request options.
2895//
2896// See DeleteInstanceProfile for details on how to use this API operation.
2897//
2898// The context must be non-nil and will be used for request cancellation. If
2899// the context is nil a panic will occur. In the future the SDK may create
2900// sub-contexts for http.Requests. See https://golang.org/pkg/context/
2901// for more information on using Contexts.
2902func (c *IAM) DeleteInstanceProfileWithContext(ctx aws.Context, input *DeleteInstanceProfileInput, opts ...request.Option) (*DeleteInstanceProfileOutput, error) {
2903	req, out := c.DeleteInstanceProfileRequest(input)
2904	req.SetContext(ctx)
2905	req.ApplyOptions(opts...)
2906	return out, req.Send()
2907}
2908
2909const opDeleteLoginProfile = "DeleteLoginProfile"
2910
2911// DeleteLoginProfileRequest generates a "aws/request.Request" representing the
2912// client's request for the DeleteLoginProfile operation. The "output" return
2913// value will be populated with the request's response once the request completes
2914// successfully.
2915//
2916// Use "Send" method on the returned Request to send the API call to the service.
2917// the "output" return value is not valid until after Send returns without error.
2918//
2919// See DeleteLoginProfile for more information on using the DeleteLoginProfile
2920// API call, and error handling.
2921//
2922// This method is useful when you want to inject custom logic or configuration
2923// into the SDK's request lifecycle. Such as custom headers, or retry logic.
2924//
2925//
2926//    // Example sending a request using the DeleteLoginProfileRequest method.
2927//    req, resp := client.DeleteLoginProfileRequest(params)
2928//
2929//    err := req.Send()
2930//    if err == nil { // resp is now filled
2931//        fmt.Println(resp)
2932//    }
2933//
2934// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteLoginProfile
2935func (c *IAM) DeleteLoginProfileRequest(input *DeleteLoginProfileInput) (req *request.Request, output *DeleteLoginProfileOutput) {
2936	op := &request.Operation{
2937		Name:       opDeleteLoginProfile,
2938		HTTPMethod: "POST",
2939		HTTPPath:   "/",
2940	}
2941
2942	if input == nil {
2943		input = &DeleteLoginProfileInput{}
2944	}
2945
2946	output = &DeleteLoginProfileOutput{}
2947	req = c.newRequest(op, input, output)
2948	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
2949	return
2950}
2951
2952// DeleteLoginProfile API operation for AWS Identity and Access Management.
2953//
2954// Deletes the password for the specified IAM user, which terminates the user's
2955// ability to access AWS services through the AWS Management Console.
2956//
2957// You can use the AWS CLI, the AWS API, or the Users page in the IAM console
2958// to delete a password for any IAM user. You can use ChangePassword to update,
2959// but not delete, your own password in the My Security Credentials page in
2960// the AWS Management Console.
2961//
2962// Deleting a user's password does not prevent a user from accessing AWS through
2963// the command line interface or the API. To prevent all user access, you must
2964// also either make any access keys inactive or delete them. For more information
2965// about making keys inactive or deleting them, see UpdateAccessKey and DeleteAccessKey.
2966//
2967// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
2968// with awserr.Error's Code and Message methods to get detailed information about
2969// the error.
2970//
2971// See the AWS API reference guide for AWS Identity and Access Management's
2972// API operation DeleteLoginProfile for usage and error information.
2973//
2974// Returned Error Codes:
2975//   * ErrCodeEntityTemporarilyUnmodifiableException "EntityTemporarilyUnmodifiable"
2976//   The request was rejected because it referenced an entity that is temporarily
2977//   unmodifiable, such as a user name that was deleted and then recreated. The
2978//   error indicates that the request is likely to succeed if you try again after
2979//   waiting several minutes. The error message describes the entity.
2980//
2981//   * ErrCodeNoSuchEntityException "NoSuchEntity"
2982//   The request was rejected because it referenced a resource entity that does
2983//   not exist. The error message describes the resource.
2984//
2985//   * ErrCodeLimitExceededException "LimitExceeded"
2986//   The request was rejected because it attempted to create resources beyond
2987//   the current AWS account limits. The error message describes the limit exceeded.
2988//
2989//   * ErrCodeServiceFailureException "ServiceFailure"
2990//   The request processing has failed because of an unknown error, exception
2991//   or failure.
2992//
2993// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteLoginProfile
2994func (c *IAM) DeleteLoginProfile(input *DeleteLoginProfileInput) (*DeleteLoginProfileOutput, error) {
2995	req, out := c.DeleteLoginProfileRequest(input)
2996	return out, req.Send()
2997}
2998
2999// DeleteLoginProfileWithContext is the same as DeleteLoginProfile with the addition of
3000// the ability to pass a context and additional request options.
3001//
3002// See DeleteLoginProfile for details on how to use this API operation.
3003//
3004// The context must be non-nil and will be used for request cancellation. If
3005// the context is nil a panic will occur. In the future the SDK may create
3006// sub-contexts for http.Requests. See https://golang.org/pkg/context/
3007// for more information on using Contexts.
3008func (c *IAM) DeleteLoginProfileWithContext(ctx aws.Context, input *DeleteLoginProfileInput, opts ...request.Option) (*DeleteLoginProfileOutput, error) {
3009	req, out := c.DeleteLoginProfileRequest(input)
3010	req.SetContext(ctx)
3011	req.ApplyOptions(opts...)
3012	return out, req.Send()
3013}
3014
3015const opDeleteOpenIDConnectProvider = "DeleteOpenIDConnectProvider"
3016
3017// DeleteOpenIDConnectProviderRequest generates a "aws/request.Request" representing the
3018// client's request for the DeleteOpenIDConnectProvider operation. The "output" return
3019// value will be populated with the request's response once the request completes
3020// successfully.
3021//
3022// Use "Send" method on the returned Request to send the API call to the service.
3023// the "output" return value is not valid until after Send returns without error.
3024//
3025// See DeleteOpenIDConnectProvider for more information on using the DeleteOpenIDConnectProvider
3026// API call, and error handling.
3027//
3028// This method is useful when you want to inject custom logic or configuration
3029// into the SDK's request lifecycle. Such as custom headers, or retry logic.
3030//
3031//
3032//    // Example sending a request using the DeleteOpenIDConnectProviderRequest method.
3033//    req, resp := client.DeleteOpenIDConnectProviderRequest(params)
3034//
3035//    err := req.Send()
3036//    if err == nil { // resp is now filled
3037//        fmt.Println(resp)
3038//    }
3039//
3040// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteOpenIDConnectProvider
3041func (c *IAM) DeleteOpenIDConnectProviderRequest(input *DeleteOpenIDConnectProviderInput) (req *request.Request, output *DeleteOpenIDConnectProviderOutput) {
3042	op := &request.Operation{
3043		Name:       opDeleteOpenIDConnectProvider,
3044		HTTPMethod: "POST",
3045		HTTPPath:   "/",
3046	}
3047
3048	if input == nil {
3049		input = &DeleteOpenIDConnectProviderInput{}
3050	}
3051
3052	output = &DeleteOpenIDConnectProviderOutput{}
3053	req = c.newRequest(op, input, output)
3054	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
3055	return
3056}
3057
3058// DeleteOpenIDConnectProvider API operation for AWS Identity and Access Management.
3059//
3060// Deletes an OpenID Connect identity provider (IdP) resource object in IAM.
3061//
3062// Deleting an IAM OIDC provider resource does not update any roles that reference
3063// the provider as a principal in their trust policies. Any attempt to assume
3064// a role that references a deleted provider fails.
3065//
3066// This operation is idempotent; it does not fail or return an error if you
3067// call the operation for a provider that does not exist.
3068//
3069// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
3070// with awserr.Error's Code and Message methods to get detailed information about
3071// the error.
3072//
3073// See the AWS API reference guide for AWS Identity and Access Management's
3074// API operation DeleteOpenIDConnectProvider for usage and error information.
3075//
3076// Returned Error Codes:
3077//   * ErrCodeInvalidInputException "InvalidInput"
3078//   The request was rejected because an invalid or out-of-range value was supplied
3079//   for an input parameter.
3080//
3081//   * ErrCodeNoSuchEntityException "NoSuchEntity"
3082//   The request was rejected because it referenced a resource entity that does
3083//   not exist. The error message describes the resource.
3084//
3085//   * ErrCodeServiceFailureException "ServiceFailure"
3086//   The request processing has failed because of an unknown error, exception
3087//   or failure.
3088//
3089// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteOpenIDConnectProvider
3090func (c *IAM) DeleteOpenIDConnectProvider(input *DeleteOpenIDConnectProviderInput) (*DeleteOpenIDConnectProviderOutput, error) {
3091	req, out := c.DeleteOpenIDConnectProviderRequest(input)
3092	return out, req.Send()
3093}
3094
3095// DeleteOpenIDConnectProviderWithContext is the same as DeleteOpenIDConnectProvider with the addition of
3096// the ability to pass a context and additional request options.
3097//
3098// See DeleteOpenIDConnectProvider for details on how to use this API operation.
3099//
3100// The context must be non-nil and will be used for request cancellation. If
3101// the context is nil a panic will occur. In the future the SDK may create
3102// sub-contexts for http.Requests. See https://golang.org/pkg/context/
3103// for more information on using Contexts.
3104func (c *IAM) DeleteOpenIDConnectProviderWithContext(ctx aws.Context, input *DeleteOpenIDConnectProviderInput, opts ...request.Option) (*DeleteOpenIDConnectProviderOutput, error) {
3105	req, out := c.DeleteOpenIDConnectProviderRequest(input)
3106	req.SetContext(ctx)
3107	req.ApplyOptions(opts...)
3108	return out, req.Send()
3109}
3110
3111const opDeletePolicy = "DeletePolicy"
3112
3113// DeletePolicyRequest generates a "aws/request.Request" representing the
3114// client's request for the DeletePolicy operation. The "output" return
3115// value will be populated with the request's response once the request completes
3116// successfully.
3117//
3118// Use "Send" method on the returned Request to send the API call to the service.
3119// the "output" return value is not valid until after Send returns without error.
3120//
3121// See DeletePolicy for more information on using the DeletePolicy
3122// API call, and error handling.
3123//
3124// This method is useful when you want to inject custom logic or configuration
3125// into the SDK's request lifecycle. Such as custom headers, or retry logic.
3126//
3127//
3128//    // Example sending a request using the DeletePolicyRequest method.
3129//    req, resp := client.DeletePolicyRequest(params)
3130//
3131//    err := req.Send()
3132//    if err == nil { // resp is now filled
3133//        fmt.Println(resp)
3134//    }
3135//
3136// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeletePolicy
3137func (c *IAM) DeletePolicyRequest(input *DeletePolicyInput) (req *request.Request, output *DeletePolicyOutput) {
3138	op := &request.Operation{
3139		Name:       opDeletePolicy,
3140		HTTPMethod: "POST",
3141		HTTPPath:   "/",
3142	}
3143
3144	if input == nil {
3145		input = &DeletePolicyInput{}
3146	}
3147
3148	output = &DeletePolicyOutput{}
3149	req = c.newRequest(op, input, output)
3150	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
3151	return
3152}
3153
3154// DeletePolicy API operation for AWS Identity and Access Management.
3155//
3156// Deletes the specified managed policy.
3157//
3158// Before you can delete a managed policy, you must first detach the policy
3159// from all users, groups, and roles that it is attached to. In addition, you
3160// must delete all the policy's versions. The following steps describe the process
3161// for deleting a managed policy:
3162//
3163//    * Detach the policy from all users, groups, and roles that the policy
3164//    is attached to, using DetachUserPolicy, DetachGroupPolicy, or DetachRolePolicy.
3165//    To list all the users, groups, and roles that a policy is attached to,
3166//    use ListEntitiesForPolicy.
3167//
3168//    * Delete all versions of the policy using DeletePolicyVersion. To list
3169//    the policy's versions, use ListPolicyVersions. You cannot use DeletePolicyVersion
3170//    to delete the version that is marked as the default version. You delete
3171//    the policy's default version in the next step of the process.
3172//
3173//    * Delete the policy (this automatically deletes the policy's default version)
3174//    using this operation.
3175//
3176// For information about managed policies, see Managed policies and inline policies
3177// (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
3178// in the IAM User Guide.
3179//
3180// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
3181// with awserr.Error's Code and Message methods to get detailed information about
3182// the error.
3183//
3184// See the AWS API reference guide for AWS Identity and Access Management's
3185// API operation DeletePolicy for usage and error information.
3186//
3187// Returned Error Codes:
3188//   * ErrCodeNoSuchEntityException "NoSuchEntity"
3189//   The request was rejected because it referenced a resource entity that does
3190//   not exist. The error message describes the resource.
3191//
3192//   * ErrCodeLimitExceededException "LimitExceeded"
3193//   The request was rejected because it attempted to create resources beyond
3194//   the current AWS account limits. The error message describes the limit exceeded.
3195//
3196//   * ErrCodeInvalidInputException "InvalidInput"
3197//   The request was rejected because an invalid or out-of-range value was supplied
3198//   for an input parameter.
3199//
3200//   * ErrCodeDeleteConflictException "DeleteConflict"
3201//   The request was rejected because it attempted to delete a resource that has
3202//   attached subordinate entities. The error message describes these entities.
3203//
3204//   * ErrCodeServiceFailureException "ServiceFailure"
3205//   The request processing has failed because of an unknown error, exception
3206//   or failure.
3207//
3208// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeletePolicy
3209func (c *IAM) DeletePolicy(input *DeletePolicyInput) (*DeletePolicyOutput, error) {
3210	req, out := c.DeletePolicyRequest(input)
3211	return out, req.Send()
3212}
3213
3214// DeletePolicyWithContext is the same as DeletePolicy with the addition of
3215// the ability to pass a context and additional request options.
3216//
3217// See DeletePolicy for details on how to use this API operation.
3218//
3219// The context must be non-nil and will be used for request cancellation. If
3220// the context is nil a panic will occur. In the future the SDK may create
3221// sub-contexts for http.Requests. See https://golang.org/pkg/context/
3222// for more information on using Contexts.
3223func (c *IAM) DeletePolicyWithContext(ctx aws.Context, input *DeletePolicyInput, opts ...request.Option) (*DeletePolicyOutput, error) {
3224	req, out := c.DeletePolicyRequest(input)
3225	req.SetContext(ctx)
3226	req.ApplyOptions(opts...)
3227	return out, req.Send()
3228}
3229
3230const opDeletePolicyVersion = "DeletePolicyVersion"
3231
3232// DeletePolicyVersionRequest generates a "aws/request.Request" representing the
3233// client's request for the DeletePolicyVersion operation. The "output" return
3234// value will be populated with the request's response once the request completes
3235// successfully.
3236//
3237// Use "Send" method on the returned Request to send the API call to the service.
3238// the "output" return value is not valid until after Send returns without error.
3239//
3240// See DeletePolicyVersion for more information on using the DeletePolicyVersion
3241// API call, and error handling.
3242//
3243// This method is useful when you want to inject custom logic or configuration
3244// into the SDK's request lifecycle. Such as custom headers, or retry logic.
3245//
3246//
3247//    // Example sending a request using the DeletePolicyVersionRequest method.
3248//    req, resp := client.DeletePolicyVersionRequest(params)
3249//
3250//    err := req.Send()
3251//    if err == nil { // resp is now filled
3252//        fmt.Println(resp)
3253//    }
3254//
3255// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeletePolicyVersion
3256func (c *IAM) DeletePolicyVersionRequest(input *DeletePolicyVersionInput) (req *request.Request, output *DeletePolicyVersionOutput) {
3257	op := &request.Operation{
3258		Name:       opDeletePolicyVersion,
3259		HTTPMethod: "POST",
3260		HTTPPath:   "/",
3261	}
3262
3263	if input == nil {
3264		input = &DeletePolicyVersionInput{}
3265	}
3266
3267	output = &DeletePolicyVersionOutput{}
3268	req = c.newRequest(op, input, output)
3269	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
3270	return
3271}
3272
3273// DeletePolicyVersion API operation for AWS Identity and Access Management.
3274//
3275// Deletes the specified version from the specified managed policy.
3276//
3277// You cannot delete the default version from a policy using this operation.
3278// To delete the default version from a policy, use DeletePolicy. To find out
3279// which version of a policy is marked as the default version, use ListPolicyVersions.
3280//
3281// For information about versions for managed policies, see Versioning for managed
3282// policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-versions.html)
3283// in the IAM User Guide.
3284//
3285// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
3286// with awserr.Error's Code and Message methods to get detailed information about
3287// the error.
3288//
3289// See the AWS API reference guide for AWS Identity and Access Management's
3290// API operation DeletePolicyVersion for usage and error information.
3291//
3292// Returned Error Codes:
3293//   * ErrCodeNoSuchEntityException "NoSuchEntity"
3294//   The request was rejected because it referenced a resource entity that does
3295//   not exist. The error message describes the resource.
3296//
3297//   * ErrCodeLimitExceededException "LimitExceeded"
3298//   The request was rejected because it attempted to create resources beyond
3299//   the current AWS account limits. The error message describes the limit exceeded.
3300//
3301//   * ErrCodeInvalidInputException "InvalidInput"
3302//   The request was rejected because an invalid or out-of-range value was supplied
3303//   for an input parameter.
3304//
3305//   * ErrCodeDeleteConflictException "DeleteConflict"
3306//   The request was rejected because it attempted to delete a resource that has
3307//   attached subordinate entities. The error message describes these entities.
3308//
3309//   * ErrCodeServiceFailureException "ServiceFailure"
3310//   The request processing has failed because of an unknown error, exception
3311//   or failure.
3312//
3313// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeletePolicyVersion
3314func (c *IAM) DeletePolicyVersion(input *DeletePolicyVersionInput) (*DeletePolicyVersionOutput, error) {
3315	req, out := c.DeletePolicyVersionRequest(input)
3316	return out, req.Send()
3317}
3318
3319// DeletePolicyVersionWithContext is the same as DeletePolicyVersion with the addition of
3320// the ability to pass a context and additional request options.
3321//
3322// See DeletePolicyVersion for details on how to use this API operation.
3323//
3324// The context must be non-nil and will be used for request cancellation. If
3325// the context is nil a panic will occur. In the future the SDK may create
3326// sub-contexts for http.Requests. See https://golang.org/pkg/context/
3327// for more information on using Contexts.
3328func (c *IAM) DeletePolicyVersionWithContext(ctx aws.Context, input *DeletePolicyVersionInput, opts ...request.Option) (*DeletePolicyVersionOutput, error) {
3329	req, out := c.DeletePolicyVersionRequest(input)
3330	req.SetContext(ctx)
3331	req.ApplyOptions(opts...)
3332	return out, req.Send()
3333}
3334
3335const opDeleteRole = "DeleteRole"
3336
3337// DeleteRoleRequest generates a "aws/request.Request" representing the
3338// client's request for the DeleteRole operation. The "output" return
3339// value will be populated with the request's response once the request completes
3340// successfully.
3341//
3342// Use "Send" method on the returned Request to send the API call to the service.
3343// the "output" return value is not valid until after Send returns without error.
3344//
3345// See DeleteRole for more information on using the DeleteRole
3346// API call, and error handling.
3347//
3348// This method is useful when you want to inject custom logic or configuration
3349// into the SDK's request lifecycle. Such as custom headers, or retry logic.
3350//
3351//
3352//    // Example sending a request using the DeleteRoleRequest method.
3353//    req, resp := client.DeleteRoleRequest(params)
3354//
3355//    err := req.Send()
3356//    if err == nil { // resp is now filled
3357//        fmt.Println(resp)
3358//    }
3359//
3360// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteRole
3361func (c *IAM) DeleteRoleRequest(input *DeleteRoleInput) (req *request.Request, output *DeleteRoleOutput) {
3362	op := &request.Operation{
3363		Name:       opDeleteRole,
3364		HTTPMethod: "POST",
3365		HTTPPath:   "/",
3366	}
3367
3368	if input == nil {
3369		input = &DeleteRoleInput{}
3370	}
3371
3372	output = &DeleteRoleOutput{}
3373	req = c.newRequest(op, input, output)
3374	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
3375	return
3376}
3377
3378// DeleteRole API operation for AWS Identity and Access Management.
3379//
3380// Deletes the specified role. The role must not have any policies attached.
3381// For more information about roles, see Working with roles (https://docs.aws.amazon.com/IAM/latest/UserGuide/WorkingWithRoles.html).
3382//
3383// Make sure that you do not have any Amazon EC2 instances running with the
3384// role you are about to delete. Deleting a role or instance profile that is
3385// associated with a running instance will break any applications running on
3386// the instance.
3387//
3388// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
3389// with awserr.Error's Code and Message methods to get detailed information about
3390// the error.
3391//
3392// See the AWS API reference guide for AWS Identity and Access Management's
3393// API operation DeleteRole for usage and error information.
3394//
3395// Returned Error Codes:
3396//   * ErrCodeNoSuchEntityException "NoSuchEntity"
3397//   The request was rejected because it referenced a resource entity that does
3398//   not exist. The error message describes the resource.
3399//
3400//   * ErrCodeDeleteConflictException "DeleteConflict"
3401//   The request was rejected because it attempted to delete a resource that has
3402//   attached subordinate entities. The error message describes these entities.
3403//
3404//   * ErrCodeLimitExceededException "LimitExceeded"
3405//   The request was rejected because it attempted to create resources beyond
3406//   the current AWS account limits. The error message describes the limit exceeded.
3407//
3408//   * ErrCodeUnmodifiableEntityException "UnmodifiableEntity"
3409//   The request was rejected because only the service that depends on the service-linked
3410//   role can modify or delete the role on your behalf. The error message includes
3411//   the name of the service that depends on this service-linked role. You must
3412//   request the change through that service.
3413//
3414//   * ErrCodeConcurrentModificationException "ConcurrentModification"
3415//   The request was rejected because multiple requests to change this object
3416//   were submitted simultaneously. Wait a few minutes and submit your request
3417//   again.
3418//
3419//   * ErrCodeServiceFailureException "ServiceFailure"
3420//   The request processing has failed because of an unknown error, exception
3421//   or failure.
3422//
3423// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteRole
3424func (c *IAM) DeleteRole(input *DeleteRoleInput) (*DeleteRoleOutput, error) {
3425	req, out := c.DeleteRoleRequest(input)
3426	return out, req.Send()
3427}
3428
3429// DeleteRoleWithContext is the same as DeleteRole with the addition of
3430// the ability to pass a context and additional request options.
3431//
3432// See DeleteRole for details on how to use this API operation.
3433//
3434// The context must be non-nil and will be used for request cancellation. If
3435// the context is nil a panic will occur. In the future the SDK may create
3436// sub-contexts for http.Requests. See https://golang.org/pkg/context/
3437// for more information on using Contexts.
3438func (c *IAM) DeleteRoleWithContext(ctx aws.Context, input *DeleteRoleInput, opts ...request.Option) (*DeleteRoleOutput, error) {
3439	req, out := c.DeleteRoleRequest(input)
3440	req.SetContext(ctx)
3441	req.ApplyOptions(opts...)
3442	return out, req.Send()
3443}
3444
3445const opDeleteRolePermissionsBoundary = "DeleteRolePermissionsBoundary"
3446
3447// DeleteRolePermissionsBoundaryRequest generates a "aws/request.Request" representing the
3448// client's request for the DeleteRolePermissionsBoundary operation. The "output" return
3449// value will be populated with the request's response once the request completes
3450// successfully.
3451//
3452// Use "Send" method on the returned Request to send the API call to the service.
3453// the "output" return value is not valid until after Send returns without error.
3454//
3455// See DeleteRolePermissionsBoundary for more information on using the DeleteRolePermissionsBoundary
3456// API call, and error handling.
3457//
3458// This method is useful when you want to inject custom logic or configuration
3459// into the SDK's request lifecycle. Such as custom headers, or retry logic.
3460//
3461//
3462//    // Example sending a request using the DeleteRolePermissionsBoundaryRequest method.
3463//    req, resp := client.DeleteRolePermissionsBoundaryRequest(params)
3464//
3465//    err := req.Send()
3466//    if err == nil { // resp is now filled
3467//        fmt.Println(resp)
3468//    }
3469//
3470// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteRolePermissionsBoundary
3471func (c *IAM) DeleteRolePermissionsBoundaryRequest(input *DeleteRolePermissionsBoundaryInput) (req *request.Request, output *DeleteRolePermissionsBoundaryOutput) {
3472	op := &request.Operation{
3473		Name:       opDeleteRolePermissionsBoundary,
3474		HTTPMethod: "POST",
3475		HTTPPath:   "/",
3476	}
3477
3478	if input == nil {
3479		input = &DeleteRolePermissionsBoundaryInput{}
3480	}
3481
3482	output = &DeleteRolePermissionsBoundaryOutput{}
3483	req = c.newRequest(op, input, output)
3484	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
3485	return
3486}
3487
3488// DeleteRolePermissionsBoundary API operation for AWS Identity and Access Management.
3489//
3490// Deletes the permissions boundary for the specified IAM role.
3491//
3492// Deleting the permissions boundary for a role might increase its permissions.
3493// For example, it might allow anyone who assumes the role to perform all the
3494// actions granted in its permissions policies.
3495//
3496// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
3497// with awserr.Error's Code and Message methods to get detailed information about
3498// the error.
3499//
3500// See the AWS API reference guide for AWS Identity and Access Management's
3501// API operation DeleteRolePermissionsBoundary for usage and error information.
3502//
3503// Returned Error Codes:
3504//   * ErrCodeNoSuchEntityException "NoSuchEntity"
3505//   The request was rejected because it referenced a resource entity that does
3506//   not exist. The error message describes the resource.
3507//
3508//   * ErrCodeUnmodifiableEntityException "UnmodifiableEntity"
3509//   The request was rejected because only the service that depends on the service-linked
3510//   role can modify or delete the role on your behalf. The error message includes
3511//   the name of the service that depends on this service-linked role. You must
3512//   request the change through that service.
3513//
3514//   * ErrCodeServiceFailureException "ServiceFailure"
3515//   The request processing has failed because of an unknown error, exception
3516//   or failure.
3517//
3518// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteRolePermissionsBoundary
3519func (c *IAM) DeleteRolePermissionsBoundary(input *DeleteRolePermissionsBoundaryInput) (*DeleteRolePermissionsBoundaryOutput, error) {
3520	req, out := c.DeleteRolePermissionsBoundaryRequest(input)
3521	return out, req.Send()
3522}
3523
3524// DeleteRolePermissionsBoundaryWithContext is the same as DeleteRolePermissionsBoundary with the addition of
3525// the ability to pass a context and additional request options.
3526//
3527// See DeleteRolePermissionsBoundary for details on how to use this API operation.
3528//
3529// The context must be non-nil and will be used for request cancellation. If
3530// the context is nil a panic will occur. In the future the SDK may create
3531// sub-contexts for http.Requests. See https://golang.org/pkg/context/
3532// for more information on using Contexts.
3533func (c *IAM) DeleteRolePermissionsBoundaryWithContext(ctx aws.Context, input *DeleteRolePermissionsBoundaryInput, opts ...request.Option) (*DeleteRolePermissionsBoundaryOutput, error) {
3534	req, out := c.DeleteRolePermissionsBoundaryRequest(input)
3535	req.SetContext(ctx)
3536	req.ApplyOptions(opts...)
3537	return out, req.Send()
3538}
3539
3540const opDeleteRolePolicy = "DeleteRolePolicy"
3541
3542// DeleteRolePolicyRequest generates a "aws/request.Request" representing the
3543// client's request for the DeleteRolePolicy operation. The "output" return
3544// value will be populated with the request's response once the request completes
3545// successfully.
3546//
3547// Use "Send" method on the returned Request to send the API call to the service.
3548// the "output" return value is not valid until after Send returns without error.
3549//
3550// See DeleteRolePolicy for more information on using the DeleteRolePolicy
3551// API call, and error handling.
3552//
3553// This method is useful when you want to inject custom logic or configuration
3554// into the SDK's request lifecycle. Such as custom headers, or retry logic.
3555//
3556//
3557//    // Example sending a request using the DeleteRolePolicyRequest method.
3558//    req, resp := client.DeleteRolePolicyRequest(params)
3559//
3560//    err := req.Send()
3561//    if err == nil { // resp is now filled
3562//        fmt.Println(resp)
3563//    }
3564//
3565// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteRolePolicy
3566func (c *IAM) DeleteRolePolicyRequest(input *DeleteRolePolicyInput) (req *request.Request, output *DeleteRolePolicyOutput) {
3567	op := &request.Operation{
3568		Name:       opDeleteRolePolicy,
3569		HTTPMethod: "POST",
3570		HTTPPath:   "/",
3571	}
3572
3573	if input == nil {
3574		input = &DeleteRolePolicyInput{}
3575	}
3576
3577	output = &DeleteRolePolicyOutput{}
3578	req = c.newRequest(op, input, output)
3579	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
3580	return
3581}
3582
3583// DeleteRolePolicy API operation for AWS Identity and Access Management.
3584//
3585// Deletes the specified inline policy that is embedded in the specified IAM
3586// role.
3587//
3588// A role can also have managed policies attached to it. To detach a managed
3589// policy from a role, use DetachRolePolicy. For more information about policies,
3590// refer to Managed policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
3591// in the IAM User Guide.
3592//
3593// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
3594// with awserr.Error's Code and Message methods to get detailed information about
3595// the error.
3596//
3597// See the AWS API reference guide for AWS Identity and Access Management's
3598// API operation DeleteRolePolicy for usage and error information.
3599//
3600// Returned Error Codes:
3601//   * ErrCodeNoSuchEntityException "NoSuchEntity"
3602//   The request was rejected because it referenced a resource entity that does
3603//   not exist. The error message describes the resource.
3604//
3605//   * ErrCodeLimitExceededException "LimitExceeded"
3606//   The request was rejected because it attempted to create resources beyond
3607//   the current AWS account limits. The error message describes the limit exceeded.
3608//
3609//   * ErrCodeUnmodifiableEntityException "UnmodifiableEntity"
3610//   The request was rejected because only the service that depends on the service-linked
3611//   role can modify or delete the role on your behalf. The error message includes
3612//   the name of the service that depends on this service-linked role. You must
3613//   request the change through that service.
3614//
3615//   * ErrCodeServiceFailureException "ServiceFailure"
3616//   The request processing has failed because of an unknown error, exception
3617//   or failure.
3618//
3619// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteRolePolicy
3620func (c *IAM) DeleteRolePolicy(input *DeleteRolePolicyInput) (*DeleteRolePolicyOutput, error) {
3621	req, out := c.DeleteRolePolicyRequest(input)
3622	return out, req.Send()
3623}
3624
3625// DeleteRolePolicyWithContext is the same as DeleteRolePolicy with the addition of
3626// the ability to pass a context and additional request options.
3627//
3628// See DeleteRolePolicy for details on how to use this API operation.
3629//
3630// The context must be non-nil and will be used for request cancellation. If
3631// the context is nil a panic will occur. In the future the SDK may create
3632// sub-contexts for http.Requests. See https://golang.org/pkg/context/
3633// for more information on using Contexts.
3634func (c *IAM) DeleteRolePolicyWithContext(ctx aws.Context, input *DeleteRolePolicyInput, opts ...request.Option) (*DeleteRolePolicyOutput, error) {
3635	req, out := c.DeleteRolePolicyRequest(input)
3636	req.SetContext(ctx)
3637	req.ApplyOptions(opts...)
3638	return out, req.Send()
3639}
3640
3641const opDeleteSAMLProvider = "DeleteSAMLProvider"
3642
3643// DeleteSAMLProviderRequest generates a "aws/request.Request" representing the
3644// client's request for the DeleteSAMLProvider operation. The "output" return
3645// value will be populated with the request's response once the request completes
3646// successfully.
3647//
3648// Use "Send" method on the returned Request to send the API call to the service.
3649// the "output" return value is not valid until after Send returns without error.
3650//
3651// See DeleteSAMLProvider for more information on using the DeleteSAMLProvider
3652// API call, and error handling.
3653//
3654// This method is useful when you want to inject custom logic or configuration
3655// into the SDK's request lifecycle. Such as custom headers, or retry logic.
3656//
3657//
3658//    // Example sending a request using the DeleteSAMLProviderRequest method.
3659//    req, resp := client.DeleteSAMLProviderRequest(params)
3660//
3661//    err := req.Send()
3662//    if err == nil { // resp is now filled
3663//        fmt.Println(resp)
3664//    }
3665//
3666// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteSAMLProvider
3667func (c *IAM) DeleteSAMLProviderRequest(input *DeleteSAMLProviderInput) (req *request.Request, output *DeleteSAMLProviderOutput) {
3668	op := &request.Operation{
3669		Name:       opDeleteSAMLProvider,
3670		HTTPMethod: "POST",
3671		HTTPPath:   "/",
3672	}
3673
3674	if input == nil {
3675		input = &DeleteSAMLProviderInput{}
3676	}
3677
3678	output = &DeleteSAMLProviderOutput{}
3679	req = c.newRequest(op, input, output)
3680	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
3681	return
3682}
3683
3684// DeleteSAMLProvider API operation for AWS Identity and Access Management.
3685//
3686// Deletes a SAML provider resource in IAM.
3687//
3688// Deleting the provider resource from IAM does not update any roles that reference
3689// the SAML provider resource's ARN as a principal in their trust policies.
3690// Any attempt to assume a role that references a non-existent provider resource
3691// ARN fails.
3692//
3693// This operation requires Signature Version 4 (https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html).
3694//
3695// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
3696// with awserr.Error's Code and Message methods to get detailed information about
3697// the error.
3698//
3699// See the AWS API reference guide for AWS Identity and Access Management's
3700// API operation DeleteSAMLProvider for usage and error information.
3701//
3702// Returned Error Codes:
3703//   * ErrCodeInvalidInputException "InvalidInput"
3704//   The request was rejected because an invalid or out-of-range value was supplied
3705//   for an input parameter.
3706//
3707//   * ErrCodeLimitExceededException "LimitExceeded"
3708//   The request was rejected because it attempted to create resources beyond
3709//   the current AWS account limits. The error message describes the limit exceeded.
3710//
3711//   * ErrCodeNoSuchEntityException "NoSuchEntity"
3712//   The request was rejected because it referenced a resource entity that does
3713//   not exist. The error message describes the resource.
3714//
3715//   * ErrCodeServiceFailureException "ServiceFailure"
3716//   The request processing has failed because of an unknown error, exception
3717//   or failure.
3718//
3719// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteSAMLProvider
3720func (c *IAM) DeleteSAMLProvider(input *DeleteSAMLProviderInput) (*DeleteSAMLProviderOutput, error) {
3721	req, out := c.DeleteSAMLProviderRequest(input)
3722	return out, req.Send()
3723}
3724
3725// DeleteSAMLProviderWithContext is the same as DeleteSAMLProvider with the addition of
3726// the ability to pass a context and additional request options.
3727//
3728// See DeleteSAMLProvider for details on how to use this API operation.
3729//
3730// The context must be non-nil and will be used for request cancellation. If
3731// the context is nil a panic will occur. In the future the SDK may create
3732// sub-contexts for http.Requests. See https://golang.org/pkg/context/
3733// for more information on using Contexts.
3734func (c *IAM) DeleteSAMLProviderWithContext(ctx aws.Context, input *DeleteSAMLProviderInput, opts ...request.Option) (*DeleteSAMLProviderOutput, error) {
3735	req, out := c.DeleteSAMLProviderRequest(input)
3736	req.SetContext(ctx)
3737	req.ApplyOptions(opts...)
3738	return out, req.Send()
3739}
3740
3741const opDeleteSSHPublicKey = "DeleteSSHPublicKey"
3742
3743// DeleteSSHPublicKeyRequest generates a "aws/request.Request" representing the
3744// client's request for the DeleteSSHPublicKey operation. The "output" return
3745// value will be populated with the request's response once the request completes
3746// successfully.
3747//
3748// Use "Send" method on the returned Request to send the API call to the service.
3749// the "output" return value is not valid until after Send returns without error.
3750//
3751// See DeleteSSHPublicKey for more information on using the DeleteSSHPublicKey
3752// API call, and error handling.
3753//
3754// This method is useful when you want to inject custom logic or configuration
3755// into the SDK's request lifecycle. Such as custom headers, or retry logic.
3756//
3757//
3758//    // Example sending a request using the DeleteSSHPublicKeyRequest method.
3759//    req, resp := client.DeleteSSHPublicKeyRequest(params)
3760//
3761//    err := req.Send()
3762//    if err == nil { // resp is now filled
3763//        fmt.Println(resp)
3764//    }
3765//
3766// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteSSHPublicKey
3767func (c *IAM) DeleteSSHPublicKeyRequest(input *DeleteSSHPublicKeyInput) (req *request.Request, output *DeleteSSHPublicKeyOutput) {
3768	op := &request.Operation{
3769		Name:       opDeleteSSHPublicKey,
3770		HTTPMethod: "POST",
3771		HTTPPath:   "/",
3772	}
3773
3774	if input == nil {
3775		input = &DeleteSSHPublicKeyInput{}
3776	}
3777
3778	output = &DeleteSSHPublicKeyOutput{}
3779	req = c.newRequest(op, input, output)
3780	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
3781	return
3782}
3783
3784// DeleteSSHPublicKey API operation for AWS Identity and Access Management.
3785//
3786// Deletes the specified SSH public key.
3787//
3788// The SSH public key deleted by this operation is used only for authenticating
3789// the associated IAM user to an AWS CodeCommit repository. For more information
3790// about using SSH keys to authenticate to an AWS CodeCommit repository, see
3791// Set up AWS CodeCommit for SSH connections (https://docs.aws.amazon.com/codecommit/latest/userguide/setting-up-credentials-ssh.html)
3792// in the AWS CodeCommit User Guide.
3793//
3794// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
3795// with awserr.Error's Code and Message methods to get detailed information about
3796// the error.
3797//
3798// See the AWS API reference guide for AWS Identity and Access Management's
3799// API operation DeleteSSHPublicKey for usage and error information.
3800//
3801// Returned Error Codes:
3802//   * ErrCodeNoSuchEntityException "NoSuchEntity"
3803//   The request was rejected because it referenced a resource entity that does
3804//   not exist. The error message describes the resource.
3805//
3806// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteSSHPublicKey
3807func (c *IAM) DeleteSSHPublicKey(input *DeleteSSHPublicKeyInput) (*DeleteSSHPublicKeyOutput, error) {
3808	req, out := c.DeleteSSHPublicKeyRequest(input)
3809	return out, req.Send()
3810}
3811
3812// DeleteSSHPublicKeyWithContext is the same as DeleteSSHPublicKey with the addition of
3813// the ability to pass a context and additional request options.
3814//
3815// See DeleteSSHPublicKey for details on how to use this API operation.
3816//
3817// The context must be non-nil and will be used for request cancellation. If
3818// the context is nil a panic will occur. In the future the SDK may create
3819// sub-contexts for http.Requests. See https://golang.org/pkg/context/
3820// for more information on using Contexts.
3821func (c *IAM) DeleteSSHPublicKeyWithContext(ctx aws.Context, input *DeleteSSHPublicKeyInput, opts ...request.Option) (*DeleteSSHPublicKeyOutput, error) {
3822	req, out := c.DeleteSSHPublicKeyRequest(input)
3823	req.SetContext(ctx)
3824	req.ApplyOptions(opts...)
3825	return out, req.Send()
3826}
3827
3828const opDeleteServerCertificate = "DeleteServerCertificate"
3829
3830// DeleteServerCertificateRequest generates a "aws/request.Request" representing the
3831// client's request for the DeleteServerCertificate operation. The "output" return
3832// value will be populated with the request's response once the request completes
3833// successfully.
3834//
3835// Use "Send" method on the returned Request to send the API call to the service.
3836// the "output" return value is not valid until after Send returns without error.
3837//
3838// See DeleteServerCertificate for more information on using the DeleteServerCertificate
3839// API call, and error handling.
3840//
3841// This method is useful when you want to inject custom logic or configuration
3842// into the SDK's request lifecycle. Such as custom headers, or retry logic.
3843//
3844//
3845//    // Example sending a request using the DeleteServerCertificateRequest method.
3846//    req, resp := client.DeleteServerCertificateRequest(params)
3847//
3848//    err := req.Send()
3849//    if err == nil { // resp is now filled
3850//        fmt.Println(resp)
3851//    }
3852//
3853// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteServerCertificate
3854func (c *IAM) DeleteServerCertificateRequest(input *DeleteServerCertificateInput) (req *request.Request, output *DeleteServerCertificateOutput) {
3855	op := &request.Operation{
3856		Name:       opDeleteServerCertificate,
3857		HTTPMethod: "POST",
3858		HTTPPath:   "/",
3859	}
3860
3861	if input == nil {
3862		input = &DeleteServerCertificateInput{}
3863	}
3864
3865	output = &DeleteServerCertificateOutput{}
3866	req = c.newRequest(op, input, output)
3867	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
3868	return
3869}
3870
3871// DeleteServerCertificate API operation for AWS Identity and Access Management.
3872//
3873// Deletes the specified server certificate.
3874//
3875// For more information about working with server certificates, see Working
3876// with server certificates (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_server-certs.html)
3877// in the IAM User Guide. This topic also includes a list of AWS services that
3878// can use the server certificates that you manage with IAM.
3879//
3880// If you are using a server certificate with Elastic Load Balancing, deleting
3881// the certificate could have implications for your application. If Elastic
3882// Load Balancing doesn't detect the deletion of bound certificates, it may
3883// continue to use the certificates. This could cause Elastic Load Balancing
3884// to stop accepting traffic. We recommend that you remove the reference to
3885// the certificate from Elastic Load Balancing before using this command to
3886// delete the certificate. For more information, see DeleteLoadBalancerListeners
3887// (https://docs.aws.amazon.com/ElasticLoadBalancing/latest/APIReference/API_DeleteLoadBalancerListeners.html)
3888// in the Elastic Load Balancing API Reference.
3889//
3890// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
3891// with awserr.Error's Code and Message methods to get detailed information about
3892// the error.
3893//
3894// See the AWS API reference guide for AWS Identity and Access Management's
3895// API operation DeleteServerCertificate for usage and error information.
3896//
3897// Returned Error Codes:
3898//   * ErrCodeNoSuchEntityException "NoSuchEntity"
3899//   The request was rejected because it referenced a resource entity that does
3900//   not exist. The error message describes the resource.
3901//
3902//   * ErrCodeDeleteConflictException "DeleteConflict"
3903//   The request was rejected because it attempted to delete a resource that has
3904//   attached subordinate entities. The error message describes these entities.
3905//
3906//   * ErrCodeLimitExceededException "LimitExceeded"
3907//   The request was rejected because it attempted to create resources beyond
3908//   the current AWS account limits. The error message describes the limit exceeded.
3909//
3910//   * ErrCodeServiceFailureException "ServiceFailure"
3911//   The request processing has failed because of an unknown error, exception
3912//   or failure.
3913//
3914// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteServerCertificate
3915func (c *IAM) DeleteServerCertificate(input *DeleteServerCertificateInput) (*DeleteServerCertificateOutput, error) {
3916	req, out := c.DeleteServerCertificateRequest(input)
3917	return out, req.Send()
3918}
3919
3920// DeleteServerCertificateWithContext is the same as DeleteServerCertificate with the addition of
3921// the ability to pass a context and additional request options.
3922//
3923// See DeleteServerCertificate for details on how to use this API operation.
3924//
3925// The context must be non-nil and will be used for request cancellation. If
3926// the context is nil a panic will occur. In the future the SDK may create
3927// sub-contexts for http.Requests. See https://golang.org/pkg/context/
3928// for more information on using Contexts.
3929func (c *IAM) DeleteServerCertificateWithContext(ctx aws.Context, input *DeleteServerCertificateInput, opts ...request.Option) (*DeleteServerCertificateOutput, error) {
3930	req, out := c.DeleteServerCertificateRequest(input)
3931	req.SetContext(ctx)
3932	req.ApplyOptions(opts...)
3933	return out, req.Send()
3934}
3935
3936const opDeleteServiceLinkedRole = "DeleteServiceLinkedRole"
3937
3938// DeleteServiceLinkedRoleRequest generates a "aws/request.Request" representing the
3939// client's request for the DeleteServiceLinkedRole operation. The "output" return
3940// value will be populated with the request's response once the request completes
3941// successfully.
3942//
3943// Use "Send" method on the returned Request to send the API call to the service.
3944// the "output" return value is not valid until after Send returns without error.
3945//
3946// See DeleteServiceLinkedRole for more information on using the DeleteServiceLinkedRole
3947// API call, and error handling.
3948//
3949// This method is useful when you want to inject custom logic or configuration
3950// into the SDK's request lifecycle. Such as custom headers, or retry logic.
3951//
3952//
3953//    // Example sending a request using the DeleteServiceLinkedRoleRequest method.
3954//    req, resp := client.DeleteServiceLinkedRoleRequest(params)
3955//
3956//    err := req.Send()
3957//    if err == nil { // resp is now filled
3958//        fmt.Println(resp)
3959//    }
3960//
3961// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteServiceLinkedRole
3962func (c *IAM) DeleteServiceLinkedRoleRequest(input *DeleteServiceLinkedRoleInput) (req *request.Request, output *DeleteServiceLinkedRoleOutput) {
3963	op := &request.Operation{
3964		Name:       opDeleteServiceLinkedRole,
3965		HTTPMethod: "POST",
3966		HTTPPath:   "/",
3967	}
3968
3969	if input == nil {
3970		input = &DeleteServiceLinkedRoleInput{}
3971	}
3972
3973	output = &DeleteServiceLinkedRoleOutput{}
3974	req = c.newRequest(op, input, output)
3975	return
3976}
3977
3978// DeleteServiceLinkedRole API operation for AWS Identity and Access Management.
3979//
3980// Submits a service-linked role deletion request and returns a DeletionTaskId,
3981// which you can use to check the status of the deletion. Before you call this
3982// operation, confirm that the role has no active sessions and that any resources
3983// used by the role in the linked service are deleted. If you call this operation
3984// more than once for the same service-linked role and an earlier deletion task
3985// is not complete, then the DeletionTaskId of the earlier request is returned.
3986//
3987// If you submit a deletion request for a service-linked role whose linked service
3988// is still accessing a resource, then the deletion task fails. If it fails,
3989// the GetServiceLinkedRoleDeletionStatus operation returns the reason for the
3990// failure, usually including the resources that must be deleted. To delete
3991// the service-linked role, you must first remove those resources from the linked
3992// service and then submit the deletion request again. Resources are specific
3993// to the service that is linked to the role. For more information about removing
3994// resources from a service, see the AWS documentation (http://docs.aws.amazon.com/)
3995// for your service.
3996//
3997// For more information about service-linked roles, see Roles terms and concepts:
3998// AWS service-linked role (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_terms-and-concepts.html#iam-term-service-linked-role)
3999// in the IAM User Guide.
4000//
4001// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
4002// with awserr.Error's Code and Message methods to get detailed information about
4003// the error.
4004//
4005// See the AWS API reference guide for AWS Identity and Access Management's
4006// API operation DeleteServiceLinkedRole for usage and error information.
4007//
4008// Returned Error Codes:
4009//   * ErrCodeNoSuchEntityException "NoSuchEntity"
4010//   The request was rejected because it referenced a resource entity that does
4011//   not exist. The error message describes the resource.
4012//
4013//   * ErrCodeLimitExceededException "LimitExceeded"
4014//   The request was rejected because it attempted to create resources beyond
4015//   the current AWS account limits. The error message describes the limit exceeded.
4016//
4017//   * ErrCodeServiceFailureException "ServiceFailure"
4018//   The request processing has failed because of an unknown error, exception
4019//   or failure.
4020//
4021// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteServiceLinkedRole
4022func (c *IAM) DeleteServiceLinkedRole(input *DeleteServiceLinkedRoleInput) (*DeleteServiceLinkedRoleOutput, error) {
4023	req, out := c.DeleteServiceLinkedRoleRequest(input)
4024	return out, req.Send()
4025}
4026
4027// DeleteServiceLinkedRoleWithContext is the same as DeleteServiceLinkedRole with the addition of
4028// the ability to pass a context and additional request options.
4029//
4030// See DeleteServiceLinkedRole for details on how to use this API operation.
4031//
4032// The context must be non-nil and will be used for request cancellation. If
4033// the context is nil a panic will occur. In the future the SDK may create
4034// sub-contexts for http.Requests. See https://golang.org/pkg/context/
4035// for more information on using Contexts.
4036func (c *IAM) DeleteServiceLinkedRoleWithContext(ctx aws.Context, input *DeleteServiceLinkedRoleInput, opts ...request.Option) (*DeleteServiceLinkedRoleOutput, error) {
4037	req, out := c.DeleteServiceLinkedRoleRequest(input)
4038	req.SetContext(ctx)
4039	req.ApplyOptions(opts...)
4040	return out, req.Send()
4041}
4042
4043const opDeleteServiceSpecificCredential = "DeleteServiceSpecificCredential"
4044
4045// DeleteServiceSpecificCredentialRequest generates a "aws/request.Request" representing the
4046// client's request for the DeleteServiceSpecificCredential operation. The "output" return
4047// value will be populated with the request's response once the request completes
4048// successfully.
4049//
4050// Use "Send" method on the returned Request to send the API call to the service.
4051// the "output" return value is not valid until after Send returns without error.
4052//
4053// See DeleteServiceSpecificCredential for more information on using the DeleteServiceSpecificCredential
4054// API call, and error handling.
4055//
4056// This method is useful when you want to inject custom logic or configuration
4057// into the SDK's request lifecycle. Such as custom headers, or retry logic.
4058//
4059//
4060//    // Example sending a request using the DeleteServiceSpecificCredentialRequest method.
4061//    req, resp := client.DeleteServiceSpecificCredentialRequest(params)
4062//
4063//    err := req.Send()
4064//    if err == nil { // resp is now filled
4065//        fmt.Println(resp)
4066//    }
4067//
4068// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteServiceSpecificCredential
4069func (c *IAM) DeleteServiceSpecificCredentialRequest(input *DeleteServiceSpecificCredentialInput) (req *request.Request, output *DeleteServiceSpecificCredentialOutput) {
4070	op := &request.Operation{
4071		Name:       opDeleteServiceSpecificCredential,
4072		HTTPMethod: "POST",
4073		HTTPPath:   "/",
4074	}
4075
4076	if input == nil {
4077		input = &DeleteServiceSpecificCredentialInput{}
4078	}
4079
4080	output = &DeleteServiceSpecificCredentialOutput{}
4081	req = c.newRequest(op, input, output)
4082	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
4083	return
4084}
4085
4086// DeleteServiceSpecificCredential API operation for AWS Identity and Access Management.
4087//
4088// Deletes the specified service-specific credential.
4089//
4090// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
4091// with awserr.Error's Code and Message methods to get detailed information about
4092// the error.
4093//
4094// See the AWS API reference guide for AWS Identity and Access Management's
4095// API operation DeleteServiceSpecificCredential for usage and error information.
4096//
4097// Returned Error Codes:
4098//   * ErrCodeNoSuchEntityException "NoSuchEntity"
4099//   The request was rejected because it referenced a resource entity that does
4100//   not exist. The error message describes the resource.
4101//
4102// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteServiceSpecificCredential
4103func (c *IAM) DeleteServiceSpecificCredential(input *DeleteServiceSpecificCredentialInput) (*DeleteServiceSpecificCredentialOutput, error) {
4104	req, out := c.DeleteServiceSpecificCredentialRequest(input)
4105	return out, req.Send()
4106}
4107
4108// DeleteServiceSpecificCredentialWithContext is the same as DeleteServiceSpecificCredential with the addition of
4109// the ability to pass a context and additional request options.
4110//
4111// See DeleteServiceSpecificCredential for details on how to use this API operation.
4112//
4113// The context must be non-nil and will be used for request cancellation. If
4114// the context is nil a panic will occur. In the future the SDK may create
4115// sub-contexts for http.Requests. See https://golang.org/pkg/context/
4116// for more information on using Contexts.
4117func (c *IAM) DeleteServiceSpecificCredentialWithContext(ctx aws.Context, input *DeleteServiceSpecificCredentialInput, opts ...request.Option) (*DeleteServiceSpecificCredentialOutput, error) {
4118	req, out := c.DeleteServiceSpecificCredentialRequest(input)
4119	req.SetContext(ctx)
4120	req.ApplyOptions(opts...)
4121	return out, req.Send()
4122}
4123
4124const opDeleteSigningCertificate = "DeleteSigningCertificate"
4125
4126// DeleteSigningCertificateRequest generates a "aws/request.Request" representing the
4127// client's request for the DeleteSigningCertificate operation. The "output" return
4128// value will be populated with the request's response once the request completes
4129// successfully.
4130//
4131// Use "Send" method on the returned Request to send the API call to the service.
4132// the "output" return value is not valid until after Send returns without error.
4133//
4134// See DeleteSigningCertificate for more information on using the DeleteSigningCertificate
4135// API call, and error handling.
4136//
4137// This method is useful when you want to inject custom logic or configuration
4138// into the SDK's request lifecycle. Such as custom headers, or retry logic.
4139//
4140//
4141//    // Example sending a request using the DeleteSigningCertificateRequest method.
4142//    req, resp := client.DeleteSigningCertificateRequest(params)
4143//
4144//    err := req.Send()
4145//    if err == nil { // resp is now filled
4146//        fmt.Println(resp)
4147//    }
4148//
4149// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteSigningCertificate
4150func (c *IAM) DeleteSigningCertificateRequest(input *DeleteSigningCertificateInput) (req *request.Request, output *DeleteSigningCertificateOutput) {
4151	op := &request.Operation{
4152		Name:       opDeleteSigningCertificate,
4153		HTTPMethod: "POST",
4154		HTTPPath:   "/",
4155	}
4156
4157	if input == nil {
4158		input = &DeleteSigningCertificateInput{}
4159	}
4160
4161	output = &DeleteSigningCertificateOutput{}
4162	req = c.newRequest(op, input, output)
4163	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
4164	return
4165}
4166
4167// DeleteSigningCertificate API operation for AWS Identity and Access Management.
4168//
4169// Deletes a signing certificate associated with the specified IAM user.
4170//
4171// If you do not specify a user name, IAM determines the user name implicitly
4172// based on the AWS access key ID signing the request. This operation works
4173// for access keys under the AWS account. Consequently, you can use this operation
4174// to manage AWS account root user credentials even if the AWS account has no
4175// associated IAM users.
4176//
4177// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
4178// with awserr.Error's Code and Message methods to get detailed information about
4179// the error.
4180//
4181// See the AWS API reference guide for AWS Identity and Access Management's
4182// API operation DeleteSigningCertificate for usage and error information.
4183//
4184// Returned Error Codes:
4185//   * ErrCodeNoSuchEntityException "NoSuchEntity"
4186//   The request was rejected because it referenced a resource entity that does
4187//   not exist. The error message describes the resource.
4188//
4189//   * ErrCodeLimitExceededException "LimitExceeded"
4190//   The request was rejected because it attempted to create resources beyond
4191//   the current AWS account limits. The error message describes the limit exceeded.
4192//
4193//   * ErrCodeServiceFailureException "ServiceFailure"
4194//   The request processing has failed because of an unknown error, exception
4195//   or failure.
4196//
4197// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteSigningCertificate
4198func (c *IAM) DeleteSigningCertificate(input *DeleteSigningCertificateInput) (*DeleteSigningCertificateOutput, error) {
4199	req, out := c.DeleteSigningCertificateRequest(input)
4200	return out, req.Send()
4201}
4202
4203// DeleteSigningCertificateWithContext is the same as DeleteSigningCertificate with the addition of
4204// the ability to pass a context and additional request options.
4205//
4206// See DeleteSigningCertificate for details on how to use this API operation.
4207//
4208// The context must be non-nil and will be used for request cancellation. If
4209// the context is nil a panic will occur. In the future the SDK may create
4210// sub-contexts for http.Requests. See https://golang.org/pkg/context/
4211// for more information on using Contexts.
4212func (c *IAM) DeleteSigningCertificateWithContext(ctx aws.Context, input *DeleteSigningCertificateInput, opts ...request.Option) (*DeleteSigningCertificateOutput, error) {
4213	req, out := c.DeleteSigningCertificateRequest(input)
4214	req.SetContext(ctx)
4215	req.ApplyOptions(opts...)
4216	return out, req.Send()
4217}
4218
4219const opDeleteUser = "DeleteUser"
4220
4221// DeleteUserRequest generates a "aws/request.Request" representing the
4222// client's request for the DeleteUser operation. The "output" return
4223// value will be populated with the request's response once the request completes
4224// successfully.
4225//
4226// Use "Send" method on the returned Request to send the API call to the service.
4227// the "output" return value is not valid until after Send returns without error.
4228//
4229// See DeleteUser for more information on using the DeleteUser
4230// API call, and error handling.
4231//
4232// This method is useful when you want to inject custom logic or configuration
4233// into the SDK's request lifecycle. Such as custom headers, or retry logic.
4234//
4235//
4236//    // Example sending a request using the DeleteUserRequest method.
4237//    req, resp := client.DeleteUserRequest(params)
4238//
4239//    err := req.Send()
4240//    if err == nil { // resp is now filled
4241//        fmt.Println(resp)
4242//    }
4243//
4244// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteUser
4245func (c *IAM) DeleteUserRequest(input *DeleteUserInput) (req *request.Request, output *DeleteUserOutput) {
4246	op := &request.Operation{
4247		Name:       opDeleteUser,
4248		HTTPMethod: "POST",
4249		HTTPPath:   "/",
4250	}
4251
4252	if input == nil {
4253		input = &DeleteUserInput{}
4254	}
4255
4256	output = &DeleteUserOutput{}
4257	req = c.newRequest(op, input, output)
4258	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
4259	return
4260}
4261
4262// DeleteUser API operation for AWS Identity and Access Management.
4263//
4264// Deletes the specified IAM user. Unlike the AWS Management Console, when you
4265// delete a user programmatically, you must delete the items attached to the
4266// user manually, or the deletion fails. For more information, see Deleting
4267// an IAM user (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_users_manage.html#id_users_deleting_cli).
4268// Before attempting to delete a user, remove the following items:
4269//
4270//    * Password (DeleteLoginProfile)
4271//
4272//    * Access keys (DeleteAccessKey)
4273//
4274//    * Signing certificate (DeleteSigningCertificate)
4275//
4276//    * SSH public key (DeleteSSHPublicKey)
4277//
4278//    * Git credentials (DeleteServiceSpecificCredential)
4279//
4280//    * Multi-factor authentication (MFA) device (DeactivateMFADevice, DeleteVirtualMFADevice)
4281//
4282//    * Inline policies (DeleteUserPolicy)
4283//
4284//    * Attached managed policies (DetachUserPolicy)
4285//
4286//    * Group memberships (RemoveUserFromGroup)
4287//
4288// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
4289// with awserr.Error's Code and Message methods to get detailed information about
4290// the error.
4291//
4292// See the AWS API reference guide for AWS Identity and Access Management's
4293// API operation DeleteUser for usage and error information.
4294//
4295// Returned Error Codes:
4296//   * ErrCodeLimitExceededException "LimitExceeded"
4297//   The request was rejected because it attempted to create resources beyond
4298//   the current AWS account limits. The error message describes the limit exceeded.
4299//
4300//   * ErrCodeNoSuchEntityException "NoSuchEntity"
4301//   The request was rejected because it referenced a resource entity that does
4302//   not exist. The error message describes the resource.
4303//
4304//   * ErrCodeDeleteConflictException "DeleteConflict"
4305//   The request was rejected because it attempted to delete a resource that has
4306//   attached subordinate entities. The error message describes these entities.
4307//
4308//   * ErrCodeConcurrentModificationException "ConcurrentModification"
4309//   The request was rejected because multiple requests to change this object
4310//   were submitted simultaneously. Wait a few minutes and submit your request
4311//   again.
4312//
4313//   * ErrCodeServiceFailureException "ServiceFailure"
4314//   The request processing has failed because of an unknown error, exception
4315//   or failure.
4316//
4317// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteUser
4318func (c *IAM) DeleteUser(input *DeleteUserInput) (*DeleteUserOutput, error) {
4319	req, out := c.DeleteUserRequest(input)
4320	return out, req.Send()
4321}
4322
4323// DeleteUserWithContext is the same as DeleteUser with the addition of
4324// the ability to pass a context and additional request options.
4325//
4326// See DeleteUser for details on how to use this API operation.
4327//
4328// The context must be non-nil and will be used for request cancellation. If
4329// the context is nil a panic will occur. In the future the SDK may create
4330// sub-contexts for http.Requests. See https://golang.org/pkg/context/
4331// for more information on using Contexts.
4332func (c *IAM) DeleteUserWithContext(ctx aws.Context, input *DeleteUserInput, opts ...request.Option) (*DeleteUserOutput, error) {
4333	req, out := c.DeleteUserRequest(input)
4334	req.SetContext(ctx)
4335	req.ApplyOptions(opts...)
4336	return out, req.Send()
4337}
4338
4339const opDeleteUserPermissionsBoundary = "DeleteUserPermissionsBoundary"
4340
4341// DeleteUserPermissionsBoundaryRequest generates a "aws/request.Request" representing the
4342// client's request for the DeleteUserPermissionsBoundary operation. The "output" return
4343// value will be populated with the request's response once the request completes
4344// successfully.
4345//
4346// Use "Send" method on the returned Request to send the API call to the service.
4347// the "output" return value is not valid until after Send returns without error.
4348//
4349// See DeleteUserPermissionsBoundary for more information on using the DeleteUserPermissionsBoundary
4350// API call, and error handling.
4351//
4352// This method is useful when you want to inject custom logic or configuration
4353// into the SDK's request lifecycle. Such as custom headers, or retry logic.
4354//
4355//
4356//    // Example sending a request using the DeleteUserPermissionsBoundaryRequest method.
4357//    req, resp := client.DeleteUserPermissionsBoundaryRequest(params)
4358//
4359//    err := req.Send()
4360//    if err == nil { // resp is now filled
4361//        fmt.Println(resp)
4362//    }
4363//
4364// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteUserPermissionsBoundary
4365func (c *IAM) DeleteUserPermissionsBoundaryRequest(input *DeleteUserPermissionsBoundaryInput) (req *request.Request, output *DeleteUserPermissionsBoundaryOutput) {
4366	op := &request.Operation{
4367		Name:       opDeleteUserPermissionsBoundary,
4368		HTTPMethod: "POST",
4369		HTTPPath:   "/",
4370	}
4371
4372	if input == nil {
4373		input = &DeleteUserPermissionsBoundaryInput{}
4374	}
4375
4376	output = &DeleteUserPermissionsBoundaryOutput{}
4377	req = c.newRequest(op, input, output)
4378	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
4379	return
4380}
4381
4382// DeleteUserPermissionsBoundary API operation for AWS Identity and Access Management.
4383//
4384// Deletes the permissions boundary for the specified IAM user.
4385//
4386// Deleting the permissions boundary for a user might increase its permissions
4387// by allowing the user to perform all the actions granted in its permissions
4388// policies.
4389//
4390// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
4391// with awserr.Error's Code and Message methods to get detailed information about
4392// the error.
4393//
4394// See the AWS API reference guide for AWS Identity and Access Management's
4395// API operation DeleteUserPermissionsBoundary for usage and error information.
4396//
4397// Returned Error Codes:
4398//   * ErrCodeNoSuchEntityException "NoSuchEntity"
4399//   The request was rejected because it referenced a resource entity that does
4400//   not exist. The error message describes the resource.
4401//
4402//   * ErrCodeServiceFailureException "ServiceFailure"
4403//   The request processing has failed because of an unknown error, exception
4404//   or failure.
4405//
4406// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteUserPermissionsBoundary
4407func (c *IAM) DeleteUserPermissionsBoundary(input *DeleteUserPermissionsBoundaryInput) (*DeleteUserPermissionsBoundaryOutput, error) {
4408	req, out := c.DeleteUserPermissionsBoundaryRequest(input)
4409	return out, req.Send()
4410}
4411
4412// DeleteUserPermissionsBoundaryWithContext is the same as DeleteUserPermissionsBoundary with the addition of
4413// the ability to pass a context and additional request options.
4414//
4415// See DeleteUserPermissionsBoundary for details on how to use this API operation.
4416//
4417// The context must be non-nil and will be used for request cancellation. If
4418// the context is nil a panic will occur. In the future the SDK may create
4419// sub-contexts for http.Requests. See https://golang.org/pkg/context/
4420// for more information on using Contexts.
4421func (c *IAM) DeleteUserPermissionsBoundaryWithContext(ctx aws.Context, input *DeleteUserPermissionsBoundaryInput, opts ...request.Option) (*DeleteUserPermissionsBoundaryOutput, error) {
4422	req, out := c.DeleteUserPermissionsBoundaryRequest(input)
4423	req.SetContext(ctx)
4424	req.ApplyOptions(opts...)
4425	return out, req.Send()
4426}
4427
4428const opDeleteUserPolicy = "DeleteUserPolicy"
4429
4430// DeleteUserPolicyRequest generates a "aws/request.Request" representing the
4431// client's request for the DeleteUserPolicy operation. The "output" return
4432// value will be populated with the request's response once the request completes
4433// successfully.
4434//
4435// Use "Send" method on the returned Request to send the API call to the service.
4436// the "output" return value is not valid until after Send returns without error.
4437//
4438// See DeleteUserPolicy for more information on using the DeleteUserPolicy
4439// API call, and error handling.
4440//
4441// This method is useful when you want to inject custom logic or configuration
4442// into the SDK's request lifecycle. Such as custom headers, or retry logic.
4443//
4444//
4445//    // Example sending a request using the DeleteUserPolicyRequest method.
4446//    req, resp := client.DeleteUserPolicyRequest(params)
4447//
4448//    err := req.Send()
4449//    if err == nil { // resp is now filled
4450//        fmt.Println(resp)
4451//    }
4452//
4453// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteUserPolicy
4454func (c *IAM) DeleteUserPolicyRequest(input *DeleteUserPolicyInput) (req *request.Request, output *DeleteUserPolicyOutput) {
4455	op := &request.Operation{
4456		Name:       opDeleteUserPolicy,
4457		HTTPMethod: "POST",
4458		HTTPPath:   "/",
4459	}
4460
4461	if input == nil {
4462		input = &DeleteUserPolicyInput{}
4463	}
4464
4465	output = &DeleteUserPolicyOutput{}
4466	req = c.newRequest(op, input, output)
4467	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
4468	return
4469}
4470
4471// DeleteUserPolicy API operation for AWS Identity and Access Management.
4472//
4473// Deletes the specified inline policy that is embedded in the specified IAM
4474// user.
4475//
4476// A user can also have managed policies attached to it. To detach a managed
4477// policy from a user, use DetachUserPolicy. For more information about policies,
4478// refer to Managed policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
4479// in the IAM User Guide.
4480//
4481// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
4482// with awserr.Error's Code and Message methods to get detailed information about
4483// the error.
4484//
4485// See the AWS API reference guide for AWS Identity and Access Management's
4486// API operation DeleteUserPolicy for usage and error information.
4487//
4488// Returned Error Codes:
4489//   * ErrCodeNoSuchEntityException "NoSuchEntity"
4490//   The request was rejected because it referenced a resource entity that does
4491//   not exist. The error message describes the resource.
4492//
4493//   * ErrCodeLimitExceededException "LimitExceeded"
4494//   The request was rejected because it attempted to create resources beyond
4495//   the current AWS account limits. The error message describes the limit exceeded.
4496//
4497//   * ErrCodeServiceFailureException "ServiceFailure"
4498//   The request processing has failed because of an unknown error, exception
4499//   or failure.
4500//
4501// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteUserPolicy
4502func (c *IAM) DeleteUserPolicy(input *DeleteUserPolicyInput) (*DeleteUserPolicyOutput, error) {
4503	req, out := c.DeleteUserPolicyRequest(input)
4504	return out, req.Send()
4505}
4506
4507// DeleteUserPolicyWithContext is the same as DeleteUserPolicy with the addition of
4508// the ability to pass a context and additional request options.
4509//
4510// See DeleteUserPolicy for details on how to use this API operation.
4511//
4512// The context must be non-nil and will be used for request cancellation. If
4513// the context is nil a panic will occur. In the future the SDK may create
4514// sub-contexts for http.Requests. See https://golang.org/pkg/context/
4515// for more information on using Contexts.
4516func (c *IAM) DeleteUserPolicyWithContext(ctx aws.Context, input *DeleteUserPolicyInput, opts ...request.Option) (*DeleteUserPolicyOutput, error) {
4517	req, out := c.DeleteUserPolicyRequest(input)
4518	req.SetContext(ctx)
4519	req.ApplyOptions(opts...)
4520	return out, req.Send()
4521}
4522
4523const opDeleteVirtualMFADevice = "DeleteVirtualMFADevice"
4524
4525// DeleteVirtualMFADeviceRequest generates a "aws/request.Request" representing the
4526// client's request for the DeleteVirtualMFADevice operation. The "output" return
4527// value will be populated with the request's response once the request completes
4528// successfully.
4529//
4530// Use "Send" method on the returned Request to send the API call to the service.
4531// the "output" return value is not valid until after Send returns without error.
4532//
4533// See DeleteVirtualMFADevice for more information on using the DeleteVirtualMFADevice
4534// API call, and error handling.
4535//
4536// This method is useful when you want to inject custom logic or configuration
4537// into the SDK's request lifecycle. Such as custom headers, or retry logic.
4538//
4539//
4540//    // Example sending a request using the DeleteVirtualMFADeviceRequest method.
4541//    req, resp := client.DeleteVirtualMFADeviceRequest(params)
4542//
4543//    err := req.Send()
4544//    if err == nil { // resp is now filled
4545//        fmt.Println(resp)
4546//    }
4547//
4548// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteVirtualMFADevice
4549func (c *IAM) DeleteVirtualMFADeviceRequest(input *DeleteVirtualMFADeviceInput) (req *request.Request, output *DeleteVirtualMFADeviceOutput) {
4550	op := &request.Operation{
4551		Name:       opDeleteVirtualMFADevice,
4552		HTTPMethod: "POST",
4553		HTTPPath:   "/",
4554	}
4555
4556	if input == nil {
4557		input = &DeleteVirtualMFADeviceInput{}
4558	}
4559
4560	output = &DeleteVirtualMFADeviceOutput{}
4561	req = c.newRequest(op, input, output)
4562	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
4563	return
4564}
4565
4566// DeleteVirtualMFADevice API operation for AWS Identity and Access Management.
4567//
4568// Deletes a virtual MFA device.
4569//
4570// You must deactivate a user's virtual MFA device before you can delete it.
4571// For information about deactivating MFA devices, see DeactivateMFADevice.
4572//
4573// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
4574// with awserr.Error's Code and Message methods to get detailed information about
4575// the error.
4576//
4577// See the AWS API reference guide for AWS Identity and Access Management's
4578// API operation DeleteVirtualMFADevice for usage and error information.
4579//
4580// Returned Error Codes:
4581//   * ErrCodeNoSuchEntityException "NoSuchEntity"
4582//   The request was rejected because it referenced a resource entity that does
4583//   not exist. The error message describes the resource.
4584//
4585//   * ErrCodeDeleteConflictException "DeleteConflict"
4586//   The request was rejected because it attempted to delete a resource that has
4587//   attached subordinate entities. The error message describes these entities.
4588//
4589//   * ErrCodeLimitExceededException "LimitExceeded"
4590//   The request was rejected because it attempted to create resources beyond
4591//   the current AWS account limits. The error message describes the limit exceeded.
4592//
4593//   * ErrCodeServiceFailureException "ServiceFailure"
4594//   The request processing has failed because of an unknown error, exception
4595//   or failure.
4596//
4597// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteVirtualMFADevice
4598func (c *IAM) DeleteVirtualMFADevice(input *DeleteVirtualMFADeviceInput) (*DeleteVirtualMFADeviceOutput, error) {
4599	req, out := c.DeleteVirtualMFADeviceRequest(input)
4600	return out, req.Send()
4601}
4602
4603// DeleteVirtualMFADeviceWithContext is the same as DeleteVirtualMFADevice with the addition of
4604// the ability to pass a context and additional request options.
4605//
4606// See DeleteVirtualMFADevice for details on how to use this API operation.
4607//
4608// The context must be non-nil and will be used for request cancellation. If
4609// the context is nil a panic will occur. In the future the SDK may create
4610// sub-contexts for http.Requests. See https://golang.org/pkg/context/
4611// for more information on using Contexts.
4612func (c *IAM) DeleteVirtualMFADeviceWithContext(ctx aws.Context, input *DeleteVirtualMFADeviceInput, opts ...request.Option) (*DeleteVirtualMFADeviceOutput, error) {
4613	req, out := c.DeleteVirtualMFADeviceRequest(input)
4614	req.SetContext(ctx)
4615	req.ApplyOptions(opts...)
4616	return out, req.Send()
4617}
4618
4619const opDetachGroupPolicy = "DetachGroupPolicy"
4620
4621// DetachGroupPolicyRequest generates a "aws/request.Request" representing the
4622// client's request for the DetachGroupPolicy operation. The "output" return
4623// value will be populated with the request's response once the request completes
4624// successfully.
4625//
4626// Use "Send" method on the returned Request to send the API call to the service.
4627// the "output" return value is not valid until after Send returns without error.
4628//
4629// See DetachGroupPolicy for more information on using the DetachGroupPolicy
4630// API call, and error handling.
4631//
4632// This method is useful when you want to inject custom logic or configuration
4633// into the SDK's request lifecycle. Such as custom headers, or retry logic.
4634//
4635//
4636//    // Example sending a request using the DetachGroupPolicyRequest method.
4637//    req, resp := client.DetachGroupPolicyRequest(params)
4638//
4639//    err := req.Send()
4640//    if err == nil { // resp is now filled
4641//        fmt.Println(resp)
4642//    }
4643//
4644// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DetachGroupPolicy
4645func (c *IAM) DetachGroupPolicyRequest(input *DetachGroupPolicyInput) (req *request.Request, output *DetachGroupPolicyOutput) {
4646	op := &request.Operation{
4647		Name:       opDetachGroupPolicy,
4648		HTTPMethod: "POST",
4649		HTTPPath:   "/",
4650	}
4651
4652	if input == nil {
4653		input = &DetachGroupPolicyInput{}
4654	}
4655
4656	output = &DetachGroupPolicyOutput{}
4657	req = c.newRequest(op, input, output)
4658	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
4659	return
4660}
4661
4662// DetachGroupPolicy API operation for AWS Identity and Access Management.
4663//
4664// Removes the specified managed policy from the specified IAM group.
4665//
4666// A group can also have inline policies embedded with it. To delete an inline
4667// policy, use DeleteGroupPolicy. For information about policies, see Managed
4668// policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
4669// in the IAM User Guide.
4670//
4671// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
4672// with awserr.Error's Code and Message methods to get detailed information about
4673// the error.
4674//
4675// See the AWS API reference guide for AWS Identity and Access Management's
4676// API operation DetachGroupPolicy for usage and error information.
4677//
4678// Returned Error Codes:
4679//   * ErrCodeNoSuchEntityException "NoSuchEntity"
4680//   The request was rejected because it referenced a resource entity that does
4681//   not exist. The error message describes the resource.
4682//
4683//   * ErrCodeLimitExceededException "LimitExceeded"
4684//   The request was rejected because it attempted to create resources beyond
4685//   the current AWS account limits. The error message describes the limit exceeded.
4686//
4687//   * ErrCodeInvalidInputException "InvalidInput"
4688//   The request was rejected because an invalid or out-of-range value was supplied
4689//   for an input parameter.
4690//
4691//   * ErrCodeServiceFailureException "ServiceFailure"
4692//   The request processing has failed because of an unknown error, exception
4693//   or failure.
4694//
4695// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DetachGroupPolicy
4696func (c *IAM) DetachGroupPolicy(input *DetachGroupPolicyInput) (*DetachGroupPolicyOutput, error) {
4697	req, out := c.DetachGroupPolicyRequest(input)
4698	return out, req.Send()
4699}
4700
4701// DetachGroupPolicyWithContext is the same as DetachGroupPolicy with the addition of
4702// the ability to pass a context and additional request options.
4703//
4704// See DetachGroupPolicy for details on how to use this API operation.
4705//
4706// The context must be non-nil and will be used for request cancellation. If
4707// the context is nil a panic will occur. In the future the SDK may create
4708// sub-contexts for http.Requests. See https://golang.org/pkg/context/
4709// for more information on using Contexts.
4710func (c *IAM) DetachGroupPolicyWithContext(ctx aws.Context, input *DetachGroupPolicyInput, opts ...request.Option) (*DetachGroupPolicyOutput, error) {
4711	req, out := c.DetachGroupPolicyRequest(input)
4712	req.SetContext(ctx)
4713	req.ApplyOptions(opts...)
4714	return out, req.Send()
4715}
4716
4717const opDetachRolePolicy = "DetachRolePolicy"
4718
4719// DetachRolePolicyRequest generates a "aws/request.Request" representing the
4720// client's request for the DetachRolePolicy operation. The "output" return
4721// value will be populated with the request's response once the request completes
4722// successfully.
4723//
4724// Use "Send" method on the returned Request to send the API call to the service.
4725// the "output" return value is not valid until after Send returns without error.
4726//
4727// See DetachRolePolicy for more information on using the DetachRolePolicy
4728// API call, and error handling.
4729//
4730// This method is useful when you want to inject custom logic or configuration
4731// into the SDK's request lifecycle. Such as custom headers, or retry logic.
4732//
4733//
4734//    // Example sending a request using the DetachRolePolicyRequest method.
4735//    req, resp := client.DetachRolePolicyRequest(params)
4736//
4737//    err := req.Send()
4738//    if err == nil { // resp is now filled
4739//        fmt.Println(resp)
4740//    }
4741//
4742// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DetachRolePolicy
4743func (c *IAM) DetachRolePolicyRequest(input *DetachRolePolicyInput) (req *request.Request, output *DetachRolePolicyOutput) {
4744	op := &request.Operation{
4745		Name:       opDetachRolePolicy,
4746		HTTPMethod: "POST",
4747		HTTPPath:   "/",
4748	}
4749
4750	if input == nil {
4751		input = &DetachRolePolicyInput{}
4752	}
4753
4754	output = &DetachRolePolicyOutput{}
4755	req = c.newRequest(op, input, output)
4756	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
4757	return
4758}
4759
4760// DetachRolePolicy API operation for AWS Identity and Access Management.
4761//
4762// Removes the specified managed policy from the specified role.
4763//
4764// A role can also have inline policies embedded with it. To delete an inline
4765// policy, use DeleteRolePolicy. For information about policies, see Managed
4766// policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
4767// in the IAM User Guide.
4768//
4769// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
4770// with awserr.Error's Code and Message methods to get detailed information about
4771// the error.
4772//
4773// See the AWS API reference guide for AWS Identity and Access Management's
4774// API operation DetachRolePolicy for usage and error information.
4775//
4776// Returned Error Codes:
4777//   * ErrCodeNoSuchEntityException "NoSuchEntity"
4778//   The request was rejected because it referenced a resource entity that does
4779//   not exist. The error message describes the resource.
4780//
4781//   * ErrCodeLimitExceededException "LimitExceeded"
4782//   The request was rejected because it attempted to create resources beyond
4783//   the current AWS account limits. The error message describes the limit exceeded.
4784//
4785//   * ErrCodeInvalidInputException "InvalidInput"
4786//   The request was rejected because an invalid or out-of-range value was supplied
4787//   for an input parameter.
4788//
4789//   * ErrCodeUnmodifiableEntityException "UnmodifiableEntity"
4790//   The request was rejected because only the service that depends on the service-linked
4791//   role can modify or delete the role on your behalf. The error message includes
4792//   the name of the service that depends on this service-linked role. You must
4793//   request the change through that service.
4794//
4795//   * ErrCodeServiceFailureException "ServiceFailure"
4796//   The request processing has failed because of an unknown error, exception
4797//   or failure.
4798//
4799// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DetachRolePolicy
4800func (c *IAM) DetachRolePolicy(input *DetachRolePolicyInput) (*DetachRolePolicyOutput, error) {
4801	req, out := c.DetachRolePolicyRequest(input)
4802	return out, req.Send()
4803}
4804
4805// DetachRolePolicyWithContext is the same as DetachRolePolicy with the addition of
4806// the ability to pass a context and additional request options.
4807//
4808// See DetachRolePolicy for details on how to use this API operation.
4809//
4810// The context must be non-nil and will be used for request cancellation. If
4811// the context is nil a panic will occur. In the future the SDK may create
4812// sub-contexts for http.Requests. See https://golang.org/pkg/context/
4813// for more information on using Contexts.
4814func (c *IAM) DetachRolePolicyWithContext(ctx aws.Context, input *DetachRolePolicyInput, opts ...request.Option) (*DetachRolePolicyOutput, error) {
4815	req, out := c.DetachRolePolicyRequest(input)
4816	req.SetContext(ctx)
4817	req.ApplyOptions(opts...)
4818	return out, req.Send()
4819}
4820
4821const opDetachUserPolicy = "DetachUserPolicy"
4822
4823// DetachUserPolicyRequest generates a "aws/request.Request" representing the
4824// client's request for the DetachUserPolicy operation. The "output" return
4825// value will be populated with the request's response once the request completes
4826// successfully.
4827//
4828// Use "Send" method on the returned Request to send the API call to the service.
4829// the "output" return value is not valid until after Send returns without error.
4830//
4831// See DetachUserPolicy for more information on using the DetachUserPolicy
4832// API call, and error handling.
4833//
4834// This method is useful when you want to inject custom logic or configuration
4835// into the SDK's request lifecycle. Such as custom headers, or retry logic.
4836//
4837//
4838//    // Example sending a request using the DetachUserPolicyRequest method.
4839//    req, resp := client.DetachUserPolicyRequest(params)
4840//
4841//    err := req.Send()
4842//    if err == nil { // resp is now filled
4843//        fmt.Println(resp)
4844//    }
4845//
4846// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DetachUserPolicy
4847func (c *IAM) DetachUserPolicyRequest(input *DetachUserPolicyInput) (req *request.Request, output *DetachUserPolicyOutput) {
4848	op := &request.Operation{
4849		Name:       opDetachUserPolicy,
4850		HTTPMethod: "POST",
4851		HTTPPath:   "/",
4852	}
4853
4854	if input == nil {
4855		input = &DetachUserPolicyInput{}
4856	}
4857
4858	output = &DetachUserPolicyOutput{}
4859	req = c.newRequest(op, input, output)
4860	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
4861	return
4862}
4863
4864// DetachUserPolicy API operation for AWS Identity and Access Management.
4865//
4866// Removes the specified managed policy from the specified user.
4867//
4868// A user can also have inline policies embedded with it. To delete an inline
4869// policy, use DeleteUserPolicy. For information about policies, see Managed
4870// policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
4871// in the IAM User Guide.
4872//
4873// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
4874// with awserr.Error's Code and Message methods to get detailed information about
4875// the error.
4876//
4877// See the AWS API reference guide for AWS Identity and Access Management's
4878// API operation DetachUserPolicy for usage and error information.
4879//
4880// Returned Error Codes:
4881//   * ErrCodeNoSuchEntityException "NoSuchEntity"
4882//   The request was rejected because it referenced a resource entity that does
4883//   not exist. The error message describes the resource.
4884//
4885//   * ErrCodeLimitExceededException "LimitExceeded"
4886//   The request was rejected because it attempted to create resources beyond
4887//   the current AWS account limits. The error message describes the limit exceeded.
4888//
4889//   * ErrCodeInvalidInputException "InvalidInput"
4890//   The request was rejected because an invalid or out-of-range value was supplied
4891//   for an input parameter.
4892//
4893//   * ErrCodeServiceFailureException "ServiceFailure"
4894//   The request processing has failed because of an unknown error, exception
4895//   or failure.
4896//
4897// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DetachUserPolicy
4898func (c *IAM) DetachUserPolicy(input *DetachUserPolicyInput) (*DetachUserPolicyOutput, error) {
4899	req, out := c.DetachUserPolicyRequest(input)
4900	return out, req.Send()
4901}
4902
4903// DetachUserPolicyWithContext is the same as DetachUserPolicy with the addition of
4904// the ability to pass a context and additional request options.
4905//
4906// See DetachUserPolicy for details on how to use this API operation.
4907//
4908// The context must be non-nil and will be used for request cancellation. If
4909// the context is nil a panic will occur. In the future the SDK may create
4910// sub-contexts for http.Requests. See https://golang.org/pkg/context/
4911// for more information on using Contexts.
4912func (c *IAM) DetachUserPolicyWithContext(ctx aws.Context, input *DetachUserPolicyInput, opts ...request.Option) (*DetachUserPolicyOutput, error) {
4913	req, out := c.DetachUserPolicyRequest(input)
4914	req.SetContext(ctx)
4915	req.ApplyOptions(opts...)
4916	return out, req.Send()
4917}
4918
4919const opEnableMFADevice = "EnableMFADevice"
4920
4921// EnableMFADeviceRequest generates a "aws/request.Request" representing the
4922// client's request for the EnableMFADevice operation. The "output" return
4923// value will be populated with the request's response once the request completes
4924// successfully.
4925//
4926// Use "Send" method on the returned Request to send the API call to the service.
4927// the "output" return value is not valid until after Send returns without error.
4928//
4929// See EnableMFADevice for more information on using the EnableMFADevice
4930// API call, and error handling.
4931//
4932// This method is useful when you want to inject custom logic or configuration
4933// into the SDK's request lifecycle. Such as custom headers, or retry logic.
4934//
4935//
4936//    // Example sending a request using the EnableMFADeviceRequest method.
4937//    req, resp := client.EnableMFADeviceRequest(params)
4938//
4939//    err := req.Send()
4940//    if err == nil { // resp is now filled
4941//        fmt.Println(resp)
4942//    }
4943//
4944// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/EnableMFADevice
4945func (c *IAM) EnableMFADeviceRequest(input *EnableMFADeviceInput) (req *request.Request, output *EnableMFADeviceOutput) {
4946	op := &request.Operation{
4947		Name:       opEnableMFADevice,
4948		HTTPMethod: "POST",
4949		HTTPPath:   "/",
4950	}
4951
4952	if input == nil {
4953		input = &EnableMFADeviceInput{}
4954	}
4955
4956	output = &EnableMFADeviceOutput{}
4957	req = c.newRequest(op, input, output)
4958	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
4959	return
4960}
4961
4962// EnableMFADevice API operation for AWS Identity and Access Management.
4963//
4964// Enables the specified MFA device and associates it with the specified IAM
4965// user. When enabled, the MFA device is required for every subsequent login
4966// by the IAM user associated with the device.
4967//
4968// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
4969// with awserr.Error's Code and Message methods to get detailed information about
4970// the error.
4971//
4972// See the AWS API reference guide for AWS Identity and Access Management's
4973// API operation EnableMFADevice for usage and error information.
4974//
4975// Returned Error Codes:
4976//   * ErrCodeEntityAlreadyExistsException "EntityAlreadyExists"
4977//   The request was rejected because it attempted to create a resource that already
4978//   exists.
4979//
4980//   * ErrCodeEntityTemporarilyUnmodifiableException "EntityTemporarilyUnmodifiable"
4981//   The request was rejected because it referenced an entity that is temporarily
4982//   unmodifiable, such as a user name that was deleted and then recreated. The
4983//   error indicates that the request is likely to succeed if you try again after
4984//   waiting several minutes. The error message describes the entity.
4985//
4986//   * ErrCodeInvalidAuthenticationCodeException "InvalidAuthenticationCode"
4987//   The request was rejected because the authentication code was not recognized.
4988//   The error message describes the specific error.
4989//
4990//   * ErrCodeLimitExceededException "LimitExceeded"
4991//   The request was rejected because it attempted to create resources beyond
4992//   the current AWS account limits. The error message describes the limit exceeded.
4993//
4994//   * ErrCodeNoSuchEntityException "NoSuchEntity"
4995//   The request was rejected because it referenced a resource entity that does
4996//   not exist. The error message describes the resource.
4997//
4998//   * ErrCodeServiceFailureException "ServiceFailure"
4999//   The request processing has failed because of an unknown error, exception
5000//   or failure.
5001//
5002// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/EnableMFADevice
5003func (c *IAM) EnableMFADevice(input *EnableMFADeviceInput) (*EnableMFADeviceOutput, error) {
5004	req, out := c.EnableMFADeviceRequest(input)
5005	return out, req.Send()
5006}
5007
5008// EnableMFADeviceWithContext is the same as EnableMFADevice with the addition of
5009// the ability to pass a context and additional request options.
5010//
5011// See EnableMFADevice for details on how to use this API operation.
5012//
5013// The context must be non-nil and will be used for request cancellation. If
5014// the context is nil a panic will occur. In the future the SDK may create
5015// sub-contexts for http.Requests. See https://golang.org/pkg/context/
5016// for more information on using Contexts.
5017func (c *IAM) EnableMFADeviceWithContext(ctx aws.Context, input *EnableMFADeviceInput, opts ...request.Option) (*EnableMFADeviceOutput, error) {
5018	req, out := c.EnableMFADeviceRequest(input)
5019	req.SetContext(ctx)
5020	req.ApplyOptions(opts...)
5021	return out, req.Send()
5022}
5023
5024const opGenerateCredentialReport = "GenerateCredentialReport"
5025
5026// GenerateCredentialReportRequest generates a "aws/request.Request" representing the
5027// client's request for the GenerateCredentialReport operation. The "output" return
5028// value will be populated with the request's response once the request completes
5029// successfully.
5030//
5031// Use "Send" method on the returned Request to send the API call to the service.
5032// the "output" return value is not valid until after Send returns without error.
5033//
5034// See GenerateCredentialReport for more information on using the GenerateCredentialReport
5035// API call, and error handling.
5036//
5037// This method is useful when you want to inject custom logic or configuration
5038// into the SDK's request lifecycle. Such as custom headers, or retry logic.
5039//
5040//
5041//    // Example sending a request using the GenerateCredentialReportRequest method.
5042//    req, resp := client.GenerateCredentialReportRequest(params)
5043//
5044//    err := req.Send()
5045//    if err == nil { // resp is now filled
5046//        fmt.Println(resp)
5047//    }
5048//
5049// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GenerateCredentialReport
5050func (c *IAM) GenerateCredentialReportRequest(input *GenerateCredentialReportInput) (req *request.Request, output *GenerateCredentialReportOutput) {
5051	op := &request.Operation{
5052		Name:       opGenerateCredentialReport,
5053		HTTPMethod: "POST",
5054		HTTPPath:   "/",
5055	}
5056
5057	if input == nil {
5058		input = &GenerateCredentialReportInput{}
5059	}
5060
5061	output = &GenerateCredentialReportOutput{}
5062	req = c.newRequest(op, input, output)
5063	return
5064}
5065
5066// GenerateCredentialReport API operation for AWS Identity and Access Management.
5067//
5068// Generates a credential report for the AWS account. For more information about
5069// the credential report, see Getting credential reports (https://docs.aws.amazon.com/IAM/latest/UserGuide/credential-reports.html)
5070// in the IAM User Guide.
5071//
5072// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
5073// with awserr.Error's Code and Message methods to get detailed information about
5074// the error.
5075//
5076// See the AWS API reference guide for AWS Identity and Access Management's
5077// API operation GenerateCredentialReport for usage and error information.
5078//
5079// Returned Error Codes:
5080//   * ErrCodeLimitExceededException "LimitExceeded"
5081//   The request was rejected because it attempted to create resources beyond
5082//   the current AWS account limits. The error message describes the limit exceeded.
5083//
5084//   * ErrCodeServiceFailureException "ServiceFailure"
5085//   The request processing has failed because of an unknown error, exception
5086//   or failure.
5087//
5088// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GenerateCredentialReport
5089func (c *IAM) GenerateCredentialReport(input *GenerateCredentialReportInput) (*GenerateCredentialReportOutput, error) {
5090	req, out := c.GenerateCredentialReportRequest(input)
5091	return out, req.Send()
5092}
5093
5094// GenerateCredentialReportWithContext is the same as GenerateCredentialReport with the addition of
5095// the ability to pass a context and additional request options.
5096//
5097// See GenerateCredentialReport for details on how to use this API operation.
5098//
5099// The context must be non-nil and will be used for request cancellation. If
5100// the context is nil a panic will occur. In the future the SDK may create
5101// sub-contexts for http.Requests. See https://golang.org/pkg/context/
5102// for more information on using Contexts.
5103func (c *IAM) GenerateCredentialReportWithContext(ctx aws.Context, input *GenerateCredentialReportInput, opts ...request.Option) (*GenerateCredentialReportOutput, error) {
5104	req, out := c.GenerateCredentialReportRequest(input)
5105	req.SetContext(ctx)
5106	req.ApplyOptions(opts...)
5107	return out, req.Send()
5108}
5109
5110const opGenerateOrganizationsAccessReport = "GenerateOrganizationsAccessReport"
5111
5112// GenerateOrganizationsAccessReportRequest generates a "aws/request.Request" representing the
5113// client's request for the GenerateOrganizationsAccessReport operation. The "output" return
5114// value will be populated with the request's response once the request completes
5115// successfully.
5116//
5117// Use "Send" method on the returned Request to send the API call to the service.
5118// the "output" return value is not valid until after Send returns without error.
5119//
5120// See GenerateOrganizationsAccessReport for more information on using the GenerateOrganizationsAccessReport
5121// API call, and error handling.
5122//
5123// This method is useful when you want to inject custom logic or configuration
5124// into the SDK's request lifecycle. Such as custom headers, or retry logic.
5125//
5126//
5127//    // Example sending a request using the GenerateOrganizationsAccessReportRequest method.
5128//    req, resp := client.GenerateOrganizationsAccessReportRequest(params)
5129//
5130//    err := req.Send()
5131//    if err == nil { // resp is now filled
5132//        fmt.Println(resp)
5133//    }
5134//
5135// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GenerateOrganizationsAccessReport
5136func (c *IAM) GenerateOrganizationsAccessReportRequest(input *GenerateOrganizationsAccessReportInput) (req *request.Request, output *GenerateOrganizationsAccessReportOutput) {
5137	op := &request.Operation{
5138		Name:       opGenerateOrganizationsAccessReport,
5139		HTTPMethod: "POST",
5140		HTTPPath:   "/",
5141	}
5142
5143	if input == nil {
5144		input = &GenerateOrganizationsAccessReportInput{}
5145	}
5146
5147	output = &GenerateOrganizationsAccessReportOutput{}
5148	req = c.newRequest(op, input, output)
5149	return
5150}
5151
5152// GenerateOrganizationsAccessReport API operation for AWS Identity and Access Management.
5153//
5154// Generates a report for service last accessed data for AWS Organizations.
5155// You can generate a report for any entities (organization root, organizational
5156// unit, or account) or policies in your organization.
5157//
5158// To call this operation, you must be signed in using your AWS Organizations
5159// management account credentials. You can use your long-term IAM user or root
5160// user credentials, or temporary credentials from assuming an IAM role. SCPs
5161// must be enabled for your organization root. You must have the required IAM
5162// and AWS Organizations permissions. For more information, see Refining permissions
5163// using service last accessed data (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html)
5164// in the IAM User Guide.
5165//
5166// You can generate a service last accessed data report for entities by specifying
5167// only the entity's path. This data includes a list of services that are allowed
5168// by any service control policies (SCPs) that apply to the entity.
5169//
5170// You can generate a service last accessed data report for a policy by specifying
5171// an entity's path and an optional AWS Organizations policy ID. This data includes
5172// a list of services that are allowed by the specified SCP.
5173//
5174// For each service in both report types, the data includes the most recent
5175// account activity that the policy allows to account principals in the entity
5176// or the entity's children. For important information about the data, reporting
5177// period, permissions required, troubleshooting, and supported Regions see
5178// Reducing permissions using service last accessed data (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html)
5179// in the IAM User Guide.
5180//
5181// The data includes all attempts to access AWS, not just the successful ones.
5182// This includes all attempts that were made using the AWS Management Console,
5183// the AWS API through any of the SDKs, or any of the command line tools. An
5184// unexpected entry in the service last accessed data does not mean that an
5185// account has been compromised, because the request might have been denied.
5186// Refer to your CloudTrail logs as the authoritative source for information
5187// about all API calls and whether they were successful or denied access. For
5188// more information, see Logging IAM events with CloudTrail (https://docs.aws.amazon.com/IAM/latest/UserGuide/cloudtrail-integration.html)
5189// in the IAM User Guide.
5190//
5191// This operation returns a JobId. Use this parameter in the GetOrganizationsAccessReport
5192// operation to check the status of the report generation. To check the status
5193// of this request, use the JobId parameter in the GetOrganizationsAccessReport
5194// operation and test the JobStatus response parameter. When the job is complete,
5195// you can retrieve the report.
5196//
5197// To generate a service last accessed data report for entities, specify an
5198// entity path without specifying the optional AWS Organizations policy ID.
5199// The type of entity that you specify determines the data returned in the report.
5200//
5201//    * Root – When you specify the organizations root as the entity, the
5202//    resulting report lists all of the services allowed by SCPs that are attached
5203//    to your root. For each service, the report includes data for all accounts
5204//    in your organization except the management account, because the management
5205//    account is not limited by SCPs.
5206//
5207//    * OU – When you specify an organizational unit (OU) as the entity, the
5208//    resulting report lists all of the services allowed by SCPs that are attached
5209//    to the OU and its parents. For each service, the report includes data
5210//    for all accounts in the OU or its children. This data excludes the management
5211//    account, because the management account is not limited by SCPs.
5212//
5213//    * management account – When you specify the management account, the
5214//    resulting report lists all AWS services, because the management account
5215//    is not limited by SCPs. For each service, the report includes data for
5216//    only the management account.
5217//
5218//    * Account – When you specify another account as the entity, the resulting
5219//    report lists all of the services allowed by SCPs that are attached to
5220//    the account and its parents. For each service, the report includes data
5221//    for only the specified account.
5222//
5223// To generate a service last accessed data report for policies, specify an
5224// entity path and the optional AWS Organizations policy ID. The type of entity
5225// that you specify determines the data returned for each service.
5226//
5227//    * Root – When you specify the root entity and a policy ID, the resulting
5228//    report lists all of the services that are allowed by the specified SCP.
5229//    For each service, the report includes data for all accounts in your organization
5230//    to which the SCP applies. This data excludes the management account, because
5231//    the management account is not limited by SCPs. If the SCP is not attached
5232//    to any entities in the organization, then the report will return a list
5233//    of services with no data.
5234//
5235//    * OU – When you specify an OU entity and a policy ID, the resulting
5236//    report lists all of the services that are allowed by the specified SCP.
5237//    For each service, the report includes data for all accounts in the OU
5238//    or its children to which the SCP applies. This means that other accounts
5239//    outside the OU that are affected by the SCP might not be included in the
5240//    data. This data excludes the management account, because the management
5241//    account is not limited by SCPs. If the SCP is not attached to the OU or
5242//    one of its children, the report will return a list of services with no
5243//    data.
5244//
5245//    * management account – When you specify the management account, the
5246//    resulting report lists all AWS services, because the management account
5247//    is not limited by SCPs. If you specify a policy ID in the CLI or API,
5248//    the policy is ignored. For each service, the report includes data for
5249//    only the management account.
5250//
5251//    * Account – When you specify another account entity and a policy ID,
5252//    the resulting report lists all of the services that are allowed by the
5253//    specified SCP. For each service, the report includes data for only the
5254//    specified account. This means that other accounts in the organization
5255//    that are affected by the SCP might not be included in the data. If the
5256//    SCP is not attached to the account, the report will return a list of services
5257//    with no data.
5258//
5259// Service last accessed data does not use other policy types when determining
5260// whether a principal could access a service. These other policy types include
5261// identity-based policies, resource-based policies, access control lists, IAM
5262// permissions boundaries, and STS assume role policies. It only applies SCP
5263// logic. For more about the evaluation of policy types, see Evaluating policies
5264// (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluation-logic.html#policy-eval-basics)
5265// in the IAM User Guide.
5266//
5267// For more information about service last accessed data, see Reducing policy
5268// scope by viewing user activity (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html)
5269// in the IAM User Guide.
5270//
5271// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
5272// with awserr.Error's Code and Message methods to get detailed information about
5273// the error.
5274//
5275// See the AWS API reference guide for AWS Identity and Access Management's
5276// API operation GenerateOrganizationsAccessReport for usage and error information.
5277//
5278// Returned Error Codes:
5279//   * ErrCodeReportGenerationLimitExceededException "ReportGenerationLimitExceeded"
5280//   The request failed because the maximum number of concurrent requests for
5281//   this account are already running.
5282//
5283// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GenerateOrganizationsAccessReport
5284func (c *IAM) GenerateOrganizationsAccessReport(input *GenerateOrganizationsAccessReportInput) (*GenerateOrganizationsAccessReportOutput, error) {
5285	req, out := c.GenerateOrganizationsAccessReportRequest(input)
5286	return out, req.Send()
5287}
5288
5289// GenerateOrganizationsAccessReportWithContext is the same as GenerateOrganizationsAccessReport with the addition of
5290// the ability to pass a context and additional request options.
5291//
5292// See GenerateOrganizationsAccessReport for details on how to use this API operation.
5293//
5294// The context must be non-nil and will be used for request cancellation. If
5295// the context is nil a panic will occur. In the future the SDK may create
5296// sub-contexts for http.Requests. See https://golang.org/pkg/context/
5297// for more information on using Contexts.
5298func (c *IAM) GenerateOrganizationsAccessReportWithContext(ctx aws.Context, input *GenerateOrganizationsAccessReportInput, opts ...request.Option) (*GenerateOrganizationsAccessReportOutput, error) {
5299	req, out := c.GenerateOrganizationsAccessReportRequest(input)
5300	req.SetContext(ctx)
5301	req.ApplyOptions(opts...)
5302	return out, req.Send()
5303}
5304
5305const opGenerateServiceLastAccessedDetails = "GenerateServiceLastAccessedDetails"
5306
5307// GenerateServiceLastAccessedDetailsRequest generates a "aws/request.Request" representing the
5308// client's request for the GenerateServiceLastAccessedDetails operation. The "output" return
5309// value will be populated with the request's response once the request completes
5310// successfully.
5311//
5312// Use "Send" method on the returned Request to send the API call to the service.
5313// the "output" return value is not valid until after Send returns without error.
5314//
5315// See GenerateServiceLastAccessedDetails for more information on using the GenerateServiceLastAccessedDetails
5316// API call, and error handling.
5317//
5318// This method is useful when you want to inject custom logic or configuration
5319// into the SDK's request lifecycle. Such as custom headers, or retry logic.
5320//
5321//
5322//    // Example sending a request using the GenerateServiceLastAccessedDetailsRequest method.
5323//    req, resp := client.GenerateServiceLastAccessedDetailsRequest(params)
5324//
5325//    err := req.Send()
5326//    if err == nil { // resp is now filled
5327//        fmt.Println(resp)
5328//    }
5329//
5330// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GenerateServiceLastAccessedDetails
5331func (c *IAM) GenerateServiceLastAccessedDetailsRequest(input *GenerateServiceLastAccessedDetailsInput) (req *request.Request, output *GenerateServiceLastAccessedDetailsOutput) {
5332	op := &request.Operation{
5333		Name:       opGenerateServiceLastAccessedDetails,
5334		HTTPMethod: "POST",
5335		HTTPPath:   "/",
5336	}
5337
5338	if input == nil {
5339		input = &GenerateServiceLastAccessedDetailsInput{}
5340	}
5341
5342	output = &GenerateServiceLastAccessedDetailsOutput{}
5343	req = c.newRequest(op, input, output)
5344	return
5345}
5346
5347// GenerateServiceLastAccessedDetails API operation for AWS Identity and Access Management.
5348//
5349// Generates a report that includes details about when an IAM resource (user,
5350// group, role, or policy) was last used in an attempt to access AWS services.
5351// Recent activity usually appears within four hours. IAM reports activity for
5352// the last 365 days, or less if your Region began supporting this feature within
5353// the last year. For more information, see Regions where data is tracked (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#access-advisor_tracking-period).
5354//
5355// The service last accessed data includes all attempts to access an AWS API,
5356// not just the successful ones. This includes all attempts that were made using
5357// the AWS Management Console, the AWS API through any of the SDKs, or any of
5358// the command line tools. An unexpected entry in the service last accessed
5359// data does not mean that your account has been compromised, because the request
5360// might have been denied. Refer to your CloudTrail logs as the authoritative
5361// source for information about all API calls and whether they were successful
5362// or denied access. For more information, see Logging IAM events with CloudTrail
5363// (https://docs.aws.amazon.com/IAM/latest/UserGuide/cloudtrail-integration.html)
5364// in the IAM User Guide.
5365//
5366// The GenerateServiceLastAccessedDetails operation returns a JobId. Use this
5367// parameter in the following operations to retrieve the following details from
5368// your report:
5369//
5370//    * GetServiceLastAccessedDetails – Use this operation for users, groups,
5371//    roles, or policies to list every AWS service that the resource could access
5372//    using permissions policies. For each service, the response includes information
5373//    about the most recent access attempt. The JobId returned by GenerateServiceLastAccessedDetail
5374//    must be used by the same role within a session, or by the same user when
5375//    used to call GetServiceLastAccessedDetail.
5376//
5377//    * GetServiceLastAccessedDetailsWithEntities – Use this operation for
5378//    groups and policies to list information about the associated entities
5379//    (users or roles) that attempted to access a specific AWS service.
5380//
5381// To check the status of the GenerateServiceLastAccessedDetails request, use
5382// the JobId parameter in the same operations and test the JobStatus response
5383// parameter.
5384//
5385// For additional information about the permissions policies that allow an identity
5386// (user, group, or role) to access specific services, use the ListPoliciesGrantingServiceAccess
5387// operation.
5388//
5389// Service last accessed data does not use other policy types when determining
5390// whether a resource could access a service. These other policy types include
5391// resource-based policies, access control lists, AWS Organizations policies,
5392// IAM permissions boundaries, and AWS STS assume role policies. It only applies
5393// permissions policy logic. For more about the evaluation of policy types,
5394// see Evaluating policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluation-logic.html#policy-eval-basics)
5395// in the IAM User Guide.
5396//
5397// For more information about service and action last accessed data, see Reducing
5398// permissions using service last accessed data (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html)
5399// in the IAM User Guide.
5400//
5401// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
5402// with awserr.Error's Code and Message methods to get detailed information about
5403// the error.
5404//
5405// See the AWS API reference guide for AWS Identity and Access Management's
5406// API operation GenerateServiceLastAccessedDetails for usage and error information.
5407//
5408// Returned Error Codes:
5409//   * ErrCodeNoSuchEntityException "NoSuchEntity"
5410//   The request was rejected because it referenced a resource entity that does
5411//   not exist. The error message describes the resource.
5412//
5413//   * ErrCodeInvalidInputException "InvalidInput"
5414//   The request was rejected because an invalid or out-of-range value was supplied
5415//   for an input parameter.
5416//
5417// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GenerateServiceLastAccessedDetails
5418func (c *IAM) GenerateServiceLastAccessedDetails(input *GenerateServiceLastAccessedDetailsInput) (*GenerateServiceLastAccessedDetailsOutput, error) {
5419	req, out := c.GenerateServiceLastAccessedDetailsRequest(input)
5420	return out, req.Send()
5421}
5422
5423// GenerateServiceLastAccessedDetailsWithContext is the same as GenerateServiceLastAccessedDetails with the addition of
5424// the ability to pass a context and additional request options.
5425//
5426// See GenerateServiceLastAccessedDetails for details on how to use this API operation.
5427//
5428// The context must be non-nil and will be used for request cancellation. If
5429// the context is nil a panic will occur. In the future the SDK may create
5430// sub-contexts for http.Requests. See https://golang.org/pkg/context/
5431// for more information on using Contexts.
5432func (c *IAM) GenerateServiceLastAccessedDetailsWithContext(ctx aws.Context, input *GenerateServiceLastAccessedDetailsInput, opts ...request.Option) (*GenerateServiceLastAccessedDetailsOutput, error) {
5433	req, out := c.GenerateServiceLastAccessedDetailsRequest(input)
5434	req.SetContext(ctx)
5435	req.ApplyOptions(opts...)
5436	return out, req.Send()
5437}
5438
5439const opGetAccessKeyLastUsed = "GetAccessKeyLastUsed"
5440
5441// GetAccessKeyLastUsedRequest generates a "aws/request.Request" representing the
5442// client's request for the GetAccessKeyLastUsed operation. The "output" return
5443// value will be populated with the request's response once the request completes
5444// successfully.
5445//
5446// Use "Send" method on the returned Request to send the API call to the service.
5447// the "output" return value is not valid until after Send returns without error.
5448//
5449// See GetAccessKeyLastUsed for more information on using the GetAccessKeyLastUsed
5450// API call, and error handling.
5451//
5452// This method is useful when you want to inject custom logic or configuration
5453// into the SDK's request lifecycle. Such as custom headers, or retry logic.
5454//
5455//
5456//    // Example sending a request using the GetAccessKeyLastUsedRequest method.
5457//    req, resp := client.GetAccessKeyLastUsedRequest(params)
5458//
5459//    err := req.Send()
5460//    if err == nil { // resp is now filled
5461//        fmt.Println(resp)
5462//    }
5463//
5464// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetAccessKeyLastUsed
5465func (c *IAM) GetAccessKeyLastUsedRequest(input *GetAccessKeyLastUsedInput) (req *request.Request, output *GetAccessKeyLastUsedOutput) {
5466	op := &request.Operation{
5467		Name:       opGetAccessKeyLastUsed,
5468		HTTPMethod: "POST",
5469		HTTPPath:   "/",
5470	}
5471
5472	if input == nil {
5473		input = &GetAccessKeyLastUsedInput{}
5474	}
5475
5476	output = &GetAccessKeyLastUsedOutput{}
5477	req = c.newRequest(op, input, output)
5478	return
5479}
5480
5481// GetAccessKeyLastUsed API operation for AWS Identity and Access Management.
5482//
5483// Retrieves information about when the specified access key was last used.
5484// The information includes the date and time of last use, along with the AWS
5485// service and Region that were specified in the last request made with that
5486// key.
5487//
5488// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
5489// with awserr.Error's Code and Message methods to get detailed information about
5490// the error.
5491//
5492// See the AWS API reference guide for AWS Identity and Access Management's
5493// API operation GetAccessKeyLastUsed for usage and error information.
5494//
5495// Returned Error Codes:
5496//   * ErrCodeNoSuchEntityException "NoSuchEntity"
5497//   The request was rejected because it referenced a resource entity that does
5498//   not exist. The error message describes the resource.
5499//
5500// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetAccessKeyLastUsed
5501func (c *IAM) GetAccessKeyLastUsed(input *GetAccessKeyLastUsedInput) (*GetAccessKeyLastUsedOutput, error) {
5502	req, out := c.GetAccessKeyLastUsedRequest(input)
5503	return out, req.Send()
5504}
5505
5506// GetAccessKeyLastUsedWithContext is the same as GetAccessKeyLastUsed with the addition of
5507// the ability to pass a context and additional request options.
5508//
5509// See GetAccessKeyLastUsed for details on how to use this API operation.
5510//
5511// The context must be non-nil and will be used for request cancellation. If
5512// the context is nil a panic will occur. In the future the SDK may create
5513// sub-contexts for http.Requests. See https://golang.org/pkg/context/
5514// for more information on using Contexts.
5515func (c *IAM) GetAccessKeyLastUsedWithContext(ctx aws.Context, input *GetAccessKeyLastUsedInput, opts ...request.Option) (*GetAccessKeyLastUsedOutput, error) {
5516	req, out := c.GetAccessKeyLastUsedRequest(input)
5517	req.SetContext(ctx)
5518	req.ApplyOptions(opts...)
5519	return out, req.Send()
5520}
5521
5522const opGetAccountAuthorizationDetails = "GetAccountAuthorizationDetails"
5523
5524// GetAccountAuthorizationDetailsRequest generates a "aws/request.Request" representing the
5525// client's request for the GetAccountAuthorizationDetails operation. The "output" return
5526// value will be populated with the request's response once the request completes
5527// successfully.
5528//
5529// Use "Send" method on the returned Request to send the API call to the service.
5530// the "output" return value is not valid until after Send returns without error.
5531//
5532// See GetAccountAuthorizationDetails for more information on using the GetAccountAuthorizationDetails
5533// API call, and error handling.
5534//
5535// This method is useful when you want to inject custom logic or configuration
5536// into the SDK's request lifecycle. Such as custom headers, or retry logic.
5537//
5538//
5539//    // Example sending a request using the GetAccountAuthorizationDetailsRequest method.
5540//    req, resp := client.GetAccountAuthorizationDetailsRequest(params)
5541//
5542//    err := req.Send()
5543//    if err == nil { // resp is now filled
5544//        fmt.Println(resp)
5545//    }
5546//
5547// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetAccountAuthorizationDetails
5548func (c *IAM) GetAccountAuthorizationDetailsRequest(input *GetAccountAuthorizationDetailsInput) (req *request.Request, output *GetAccountAuthorizationDetailsOutput) {
5549	op := &request.Operation{
5550		Name:       opGetAccountAuthorizationDetails,
5551		HTTPMethod: "POST",
5552		HTTPPath:   "/",
5553		Paginator: &request.Paginator{
5554			InputTokens:     []string{"Marker"},
5555			OutputTokens:    []string{"Marker"},
5556			LimitToken:      "MaxItems",
5557			TruncationToken: "IsTruncated",
5558		},
5559	}
5560
5561	if input == nil {
5562		input = &GetAccountAuthorizationDetailsInput{}
5563	}
5564
5565	output = &GetAccountAuthorizationDetailsOutput{}
5566	req = c.newRequest(op, input, output)
5567	return
5568}
5569
5570// GetAccountAuthorizationDetails API operation for AWS Identity and Access Management.
5571//
5572// Retrieves information about all IAM users, groups, roles, and policies in
5573// your AWS account, including their relationships to one another. Use this
5574// operation to obtain a snapshot of the configuration of IAM permissions (users,
5575// groups, roles, and policies) in your account.
5576//
5577// Policies returned by this operation are URL-encoded compliant with RFC 3986
5578// (https://tools.ietf.org/html/rfc3986). You can use a URL decoding method
5579// to convert the policy back to plain JSON text. For example, if you use Java,
5580// you can use the decode method of the java.net.URLDecoder utility class in
5581// the Java SDK. Other languages and SDKs provide similar functionality.
5582//
5583// You can optionally filter the results using the Filter parameter. You can
5584// paginate the results using the MaxItems and Marker parameters.
5585//
5586// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
5587// with awserr.Error's Code and Message methods to get detailed information about
5588// the error.
5589//
5590// See the AWS API reference guide for AWS Identity and Access Management's
5591// API operation GetAccountAuthorizationDetails for usage and error information.
5592//
5593// Returned Error Codes:
5594//   * ErrCodeServiceFailureException "ServiceFailure"
5595//   The request processing has failed because of an unknown error, exception
5596//   or failure.
5597//
5598// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetAccountAuthorizationDetails
5599func (c *IAM) GetAccountAuthorizationDetails(input *GetAccountAuthorizationDetailsInput) (*GetAccountAuthorizationDetailsOutput, error) {
5600	req, out := c.GetAccountAuthorizationDetailsRequest(input)
5601	return out, req.Send()
5602}
5603
5604// GetAccountAuthorizationDetailsWithContext is the same as GetAccountAuthorizationDetails with the addition of
5605// the ability to pass a context and additional request options.
5606//
5607// See GetAccountAuthorizationDetails for details on how to use this API operation.
5608//
5609// The context must be non-nil and will be used for request cancellation. If
5610// the context is nil a panic will occur. In the future the SDK may create
5611// sub-contexts for http.Requests. See https://golang.org/pkg/context/
5612// for more information on using Contexts.
5613func (c *IAM) GetAccountAuthorizationDetailsWithContext(ctx aws.Context, input *GetAccountAuthorizationDetailsInput, opts ...request.Option) (*GetAccountAuthorizationDetailsOutput, error) {
5614	req, out := c.GetAccountAuthorizationDetailsRequest(input)
5615	req.SetContext(ctx)
5616	req.ApplyOptions(opts...)
5617	return out, req.Send()
5618}
5619
5620// GetAccountAuthorizationDetailsPages iterates over the pages of a GetAccountAuthorizationDetails operation,
5621// calling the "fn" function with the response data for each page. To stop
5622// iterating, return false from the fn function.
5623//
5624// See GetAccountAuthorizationDetails method for more information on how to use this operation.
5625//
5626// Note: This operation can generate multiple requests to a service.
5627//
5628//    // Example iterating over at most 3 pages of a GetAccountAuthorizationDetails operation.
5629//    pageNum := 0
5630//    err := client.GetAccountAuthorizationDetailsPages(params,
5631//        func(page *iam.GetAccountAuthorizationDetailsOutput, lastPage bool) bool {
5632//            pageNum++
5633//            fmt.Println(page)
5634//            return pageNum <= 3
5635//        })
5636//
5637func (c *IAM) GetAccountAuthorizationDetailsPages(input *GetAccountAuthorizationDetailsInput, fn func(*GetAccountAuthorizationDetailsOutput, bool) bool) error {
5638	return c.GetAccountAuthorizationDetailsPagesWithContext(aws.BackgroundContext(), input, fn)
5639}
5640
5641// GetAccountAuthorizationDetailsPagesWithContext same as GetAccountAuthorizationDetailsPages except
5642// it takes a Context and allows setting request options on the pages.
5643//
5644// The context must be non-nil and will be used for request cancellation. If
5645// the context is nil a panic will occur. In the future the SDK may create
5646// sub-contexts for http.Requests. See https://golang.org/pkg/context/
5647// for more information on using Contexts.
5648func (c *IAM) GetAccountAuthorizationDetailsPagesWithContext(ctx aws.Context, input *GetAccountAuthorizationDetailsInput, fn func(*GetAccountAuthorizationDetailsOutput, bool) bool, opts ...request.Option) error {
5649	p := request.Pagination{
5650		NewRequest: func() (*request.Request, error) {
5651			var inCpy *GetAccountAuthorizationDetailsInput
5652			if input != nil {
5653				tmp := *input
5654				inCpy = &tmp
5655			}
5656			req, _ := c.GetAccountAuthorizationDetailsRequest(inCpy)
5657			req.SetContext(ctx)
5658			req.ApplyOptions(opts...)
5659			return req, nil
5660		},
5661	}
5662
5663	for p.Next() {
5664		if !fn(p.Page().(*GetAccountAuthorizationDetailsOutput), !p.HasNextPage()) {
5665			break
5666		}
5667	}
5668
5669	return p.Err()
5670}
5671
5672const opGetAccountPasswordPolicy = "GetAccountPasswordPolicy"
5673
5674// GetAccountPasswordPolicyRequest generates a "aws/request.Request" representing the
5675// client's request for the GetAccountPasswordPolicy operation. The "output" return
5676// value will be populated with the request's response once the request completes
5677// successfully.
5678//
5679// Use "Send" method on the returned Request to send the API call to the service.
5680// the "output" return value is not valid until after Send returns without error.
5681//
5682// See GetAccountPasswordPolicy for more information on using the GetAccountPasswordPolicy
5683// API call, and error handling.
5684//
5685// This method is useful when you want to inject custom logic or configuration
5686// into the SDK's request lifecycle. Such as custom headers, or retry logic.
5687//
5688//
5689//    // Example sending a request using the GetAccountPasswordPolicyRequest method.
5690//    req, resp := client.GetAccountPasswordPolicyRequest(params)
5691//
5692//    err := req.Send()
5693//    if err == nil { // resp is now filled
5694//        fmt.Println(resp)
5695//    }
5696//
5697// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetAccountPasswordPolicy
5698func (c *IAM) GetAccountPasswordPolicyRequest(input *GetAccountPasswordPolicyInput) (req *request.Request, output *GetAccountPasswordPolicyOutput) {
5699	op := &request.Operation{
5700		Name:       opGetAccountPasswordPolicy,
5701		HTTPMethod: "POST",
5702		HTTPPath:   "/",
5703	}
5704
5705	if input == nil {
5706		input = &GetAccountPasswordPolicyInput{}
5707	}
5708
5709	output = &GetAccountPasswordPolicyOutput{}
5710	req = c.newRequest(op, input, output)
5711	return
5712}
5713
5714// GetAccountPasswordPolicy API operation for AWS Identity and Access Management.
5715//
5716// Retrieves the password policy for the AWS account. This tells you the complexity
5717// requirements and mandatory rotation periods for the IAM user passwords in
5718// your account. For more information about using a password policy, see Managing
5719// an IAM password policy (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_ManagingPasswordPolicies.html).
5720//
5721// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
5722// with awserr.Error's Code and Message methods to get detailed information about
5723// the error.
5724//
5725// See the AWS API reference guide for AWS Identity and Access Management's
5726// API operation GetAccountPasswordPolicy for usage and error information.
5727//
5728// Returned Error Codes:
5729//   * ErrCodeNoSuchEntityException "NoSuchEntity"
5730//   The request was rejected because it referenced a resource entity that does
5731//   not exist. The error message describes the resource.
5732//
5733//   * ErrCodeServiceFailureException "ServiceFailure"
5734//   The request processing has failed because of an unknown error, exception
5735//   or failure.
5736//
5737// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetAccountPasswordPolicy
5738func (c *IAM) GetAccountPasswordPolicy(input *GetAccountPasswordPolicyInput) (*GetAccountPasswordPolicyOutput, error) {
5739	req, out := c.GetAccountPasswordPolicyRequest(input)
5740	return out, req.Send()
5741}
5742
5743// GetAccountPasswordPolicyWithContext is the same as GetAccountPasswordPolicy with the addition of
5744// the ability to pass a context and additional request options.
5745//
5746// See GetAccountPasswordPolicy for details on how to use this API operation.
5747//
5748// The context must be non-nil and will be used for request cancellation. If
5749// the context is nil a panic will occur. In the future the SDK may create
5750// sub-contexts for http.Requests. See https://golang.org/pkg/context/
5751// for more information on using Contexts.
5752func (c *IAM) GetAccountPasswordPolicyWithContext(ctx aws.Context, input *GetAccountPasswordPolicyInput, opts ...request.Option) (*GetAccountPasswordPolicyOutput, error) {
5753	req, out := c.GetAccountPasswordPolicyRequest(input)
5754	req.SetContext(ctx)
5755	req.ApplyOptions(opts...)
5756	return out, req.Send()
5757}
5758
5759const opGetAccountSummary = "GetAccountSummary"
5760
5761// GetAccountSummaryRequest generates a "aws/request.Request" representing the
5762// client's request for the GetAccountSummary operation. The "output" return
5763// value will be populated with the request's response once the request completes
5764// successfully.
5765//
5766// Use "Send" method on the returned Request to send the API call to the service.
5767// the "output" return value is not valid until after Send returns without error.
5768//
5769// See GetAccountSummary for more information on using the GetAccountSummary
5770// API call, and error handling.
5771//
5772// This method is useful when you want to inject custom logic or configuration
5773// into the SDK's request lifecycle. Such as custom headers, or retry logic.
5774//
5775//
5776//    // Example sending a request using the GetAccountSummaryRequest method.
5777//    req, resp := client.GetAccountSummaryRequest(params)
5778//
5779//    err := req.Send()
5780//    if err == nil { // resp is now filled
5781//        fmt.Println(resp)
5782//    }
5783//
5784// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetAccountSummary
5785func (c *IAM) GetAccountSummaryRequest(input *GetAccountSummaryInput) (req *request.Request, output *GetAccountSummaryOutput) {
5786	op := &request.Operation{
5787		Name:       opGetAccountSummary,
5788		HTTPMethod: "POST",
5789		HTTPPath:   "/",
5790	}
5791
5792	if input == nil {
5793		input = &GetAccountSummaryInput{}
5794	}
5795
5796	output = &GetAccountSummaryOutput{}
5797	req = c.newRequest(op, input, output)
5798	return
5799}
5800
5801// GetAccountSummary API operation for AWS Identity and Access Management.
5802//
5803// Retrieves information about IAM entity usage and IAM quotas in the AWS account.
5804//
5805// For information about IAM quotas, see IAM and STS quotas (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html)
5806// in the IAM User Guide.
5807//
5808// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
5809// with awserr.Error's Code and Message methods to get detailed information about
5810// the error.
5811//
5812// See the AWS API reference guide for AWS Identity and Access Management's
5813// API operation GetAccountSummary for usage and error information.
5814//
5815// Returned Error Codes:
5816//   * ErrCodeServiceFailureException "ServiceFailure"
5817//   The request processing has failed because of an unknown error, exception
5818//   or failure.
5819//
5820// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetAccountSummary
5821func (c *IAM) GetAccountSummary(input *GetAccountSummaryInput) (*GetAccountSummaryOutput, error) {
5822	req, out := c.GetAccountSummaryRequest(input)
5823	return out, req.Send()
5824}
5825
5826// GetAccountSummaryWithContext is the same as GetAccountSummary with the addition of
5827// the ability to pass a context and additional request options.
5828//
5829// See GetAccountSummary for details on how to use this API operation.
5830//
5831// The context must be non-nil and will be used for request cancellation. If
5832// the context is nil a panic will occur. In the future the SDK may create
5833// sub-contexts for http.Requests. See https://golang.org/pkg/context/
5834// for more information on using Contexts.
5835func (c *IAM) GetAccountSummaryWithContext(ctx aws.Context, input *GetAccountSummaryInput, opts ...request.Option) (*GetAccountSummaryOutput, error) {
5836	req, out := c.GetAccountSummaryRequest(input)
5837	req.SetContext(ctx)
5838	req.ApplyOptions(opts...)
5839	return out, req.Send()
5840}
5841
5842const opGetContextKeysForCustomPolicy = "GetContextKeysForCustomPolicy"
5843
5844// GetContextKeysForCustomPolicyRequest generates a "aws/request.Request" representing the
5845// client's request for the GetContextKeysForCustomPolicy operation. The "output" return
5846// value will be populated with the request's response once the request completes
5847// successfully.
5848//
5849// Use "Send" method on the returned Request to send the API call to the service.
5850// the "output" return value is not valid until after Send returns without error.
5851//
5852// See GetContextKeysForCustomPolicy for more information on using the GetContextKeysForCustomPolicy
5853// API call, and error handling.
5854//
5855// This method is useful when you want to inject custom logic or configuration
5856// into the SDK's request lifecycle. Such as custom headers, or retry logic.
5857//
5858//
5859//    // Example sending a request using the GetContextKeysForCustomPolicyRequest method.
5860//    req, resp := client.GetContextKeysForCustomPolicyRequest(params)
5861//
5862//    err := req.Send()
5863//    if err == nil { // resp is now filled
5864//        fmt.Println(resp)
5865//    }
5866//
5867// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetContextKeysForCustomPolicy
5868func (c *IAM) GetContextKeysForCustomPolicyRequest(input *GetContextKeysForCustomPolicyInput) (req *request.Request, output *GetContextKeysForPolicyResponse) {
5869	op := &request.Operation{
5870		Name:       opGetContextKeysForCustomPolicy,
5871		HTTPMethod: "POST",
5872		HTTPPath:   "/",
5873	}
5874
5875	if input == nil {
5876		input = &GetContextKeysForCustomPolicyInput{}
5877	}
5878
5879	output = &GetContextKeysForPolicyResponse{}
5880	req = c.newRequest(op, input, output)
5881	return
5882}
5883
5884// GetContextKeysForCustomPolicy API operation for AWS Identity and Access Management.
5885//
5886// Gets a list of all of the context keys referenced in the input policies.
5887// The policies are supplied as a list of one or more strings. To get the context
5888// keys from policies associated with an IAM user, group, or role, use GetContextKeysForPrincipalPolicy.
5889//
5890// Context keys are variables maintained by AWS and its services that provide
5891// details about the context of an API query request. Context keys can be evaluated
5892// by testing against a value specified in an IAM policy. Use GetContextKeysForCustomPolicy
5893// to understand what key names and values you must supply when you call SimulateCustomPolicy.
5894// Note that all parameters are shown in unencoded form here for clarity but
5895// must be URL encoded to be included as a part of a real HTML request.
5896//
5897// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
5898// with awserr.Error's Code and Message methods to get detailed information about
5899// the error.
5900//
5901// See the AWS API reference guide for AWS Identity and Access Management's
5902// API operation GetContextKeysForCustomPolicy for usage and error information.
5903//
5904// Returned Error Codes:
5905//   * ErrCodeInvalidInputException "InvalidInput"
5906//   The request was rejected because an invalid or out-of-range value was supplied
5907//   for an input parameter.
5908//
5909// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetContextKeysForCustomPolicy
5910func (c *IAM) GetContextKeysForCustomPolicy(input *GetContextKeysForCustomPolicyInput) (*GetContextKeysForPolicyResponse, error) {
5911	req, out := c.GetContextKeysForCustomPolicyRequest(input)
5912	return out, req.Send()
5913}
5914
5915// GetContextKeysForCustomPolicyWithContext is the same as GetContextKeysForCustomPolicy with the addition of
5916// the ability to pass a context and additional request options.
5917//
5918// See GetContextKeysForCustomPolicy for details on how to use this API operation.
5919//
5920// The context must be non-nil and will be used for request cancellation. If
5921// the context is nil a panic will occur. In the future the SDK may create
5922// sub-contexts for http.Requests. See https://golang.org/pkg/context/
5923// for more information on using Contexts.
5924func (c *IAM) GetContextKeysForCustomPolicyWithContext(ctx aws.Context, input *GetContextKeysForCustomPolicyInput, opts ...request.Option) (*GetContextKeysForPolicyResponse, error) {
5925	req, out := c.GetContextKeysForCustomPolicyRequest(input)
5926	req.SetContext(ctx)
5927	req.ApplyOptions(opts...)
5928	return out, req.Send()
5929}
5930
5931const opGetContextKeysForPrincipalPolicy = "GetContextKeysForPrincipalPolicy"
5932
5933// GetContextKeysForPrincipalPolicyRequest generates a "aws/request.Request" representing the
5934// client's request for the GetContextKeysForPrincipalPolicy operation. The "output" return
5935// value will be populated with the request's response once the request completes
5936// successfully.
5937//
5938// Use "Send" method on the returned Request to send the API call to the service.
5939// the "output" return value is not valid until after Send returns without error.
5940//
5941// See GetContextKeysForPrincipalPolicy for more information on using the GetContextKeysForPrincipalPolicy
5942// API call, and error handling.
5943//
5944// This method is useful when you want to inject custom logic or configuration
5945// into the SDK's request lifecycle. Such as custom headers, or retry logic.
5946//
5947//
5948//    // Example sending a request using the GetContextKeysForPrincipalPolicyRequest method.
5949//    req, resp := client.GetContextKeysForPrincipalPolicyRequest(params)
5950//
5951//    err := req.Send()
5952//    if err == nil { // resp is now filled
5953//        fmt.Println(resp)
5954//    }
5955//
5956// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetContextKeysForPrincipalPolicy
5957func (c *IAM) GetContextKeysForPrincipalPolicyRequest(input *GetContextKeysForPrincipalPolicyInput) (req *request.Request, output *GetContextKeysForPolicyResponse) {
5958	op := &request.Operation{
5959		Name:       opGetContextKeysForPrincipalPolicy,
5960		HTTPMethod: "POST",
5961		HTTPPath:   "/",
5962	}
5963
5964	if input == nil {
5965		input = &GetContextKeysForPrincipalPolicyInput{}
5966	}
5967
5968	output = &GetContextKeysForPolicyResponse{}
5969	req = c.newRequest(op, input, output)
5970	return
5971}
5972
5973// GetContextKeysForPrincipalPolicy API operation for AWS Identity and Access Management.
5974//
5975// Gets a list of all of the context keys referenced in all the IAM policies
5976// that are attached to the specified IAM entity. The entity can be an IAM user,
5977// group, or role. If you specify a user, then the request also includes all
5978// of the policies attached to groups that the user is a member of.
5979//
5980// You can optionally include a list of one or more additional policies, specified
5981// as strings. If you want to include only a list of policies by string, use
5982// GetContextKeysForCustomPolicy instead.
5983//
5984// Note: This operation discloses information about the permissions granted
5985// to other users. If you do not want users to see other user's permissions,
5986// then consider allowing them to use GetContextKeysForCustomPolicy instead.
5987//
5988// Context keys are variables maintained by AWS and its services that provide
5989// details about the context of an API query request. Context keys can be evaluated
5990// by testing against a value in an IAM policy. Use GetContextKeysForPrincipalPolicy
5991// to understand what key names and values you must supply when you call SimulatePrincipalPolicy.
5992//
5993// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
5994// with awserr.Error's Code and Message methods to get detailed information about
5995// the error.
5996//
5997// See the AWS API reference guide for AWS Identity and Access Management's
5998// API operation GetContextKeysForPrincipalPolicy for usage and error information.
5999//
6000// Returned Error Codes:
6001//   * ErrCodeNoSuchEntityException "NoSuchEntity"
6002//   The request was rejected because it referenced a resource entity that does
6003//   not exist. The error message describes the resource.
6004//
6005//   * ErrCodeInvalidInputException "InvalidInput"
6006//   The request was rejected because an invalid or out-of-range value was supplied
6007//   for an input parameter.
6008//
6009// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetContextKeysForPrincipalPolicy
6010func (c *IAM) GetContextKeysForPrincipalPolicy(input *GetContextKeysForPrincipalPolicyInput) (*GetContextKeysForPolicyResponse, error) {
6011	req, out := c.GetContextKeysForPrincipalPolicyRequest(input)
6012	return out, req.Send()
6013}
6014
6015// GetContextKeysForPrincipalPolicyWithContext is the same as GetContextKeysForPrincipalPolicy with the addition of
6016// the ability to pass a context and additional request options.
6017//
6018// See GetContextKeysForPrincipalPolicy for details on how to use this API operation.
6019//
6020// The context must be non-nil and will be used for request cancellation. If
6021// the context is nil a panic will occur. In the future the SDK may create
6022// sub-contexts for http.Requests. See https://golang.org/pkg/context/
6023// for more information on using Contexts.
6024func (c *IAM) GetContextKeysForPrincipalPolicyWithContext(ctx aws.Context, input *GetContextKeysForPrincipalPolicyInput, opts ...request.Option) (*GetContextKeysForPolicyResponse, error) {
6025	req, out := c.GetContextKeysForPrincipalPolicyRequest(input)
6026	req.SetContext(ctx)
6027	req.ApplyOptions(opts...)
6028	return out, req.Send()
6029}
6030
6031const opGetCredentialReport = "GetCredentialReport"
6032
6033// GetCredentialReportRequest generates a "aws/request.Request" representing the
6034// client's request for the GetCredentialReport operation. The "output" return
6035// value will be populated with the request's response once the request completes
6036// successfully.
6037//
6038// Use "Send" method on the returned Request to send the API call to the service.
6039// the "output" return value is not valid until after Send returns without error.
6040//
6041// See GetCredentialReport for more information on using the GetCredentialReport
6042// API call, and error handling.
6043//
6044// This method is useful when you want to inject custom logic or configuration
6045// into the SDK's request lifecycle. Such as custom headers, or retry logic.
6046//
6047//
6048//    // Example sending a request using the GetCredentialReportRequest method.
6049//    req, resp := client.GetCredentialReportRequest(params)
6050//
6051//    err := req.Send()
6052//    if err == nil { // resp is now filled
6053//        fmt.Println(resp)
6054//    }
6055//
6056// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetCredentialReport
6057func (c *IAM) GetCredentialReportRequest(input *GetCredentialReportInput) (req *request.Request, output *GetCredentialReportOutput) {
6058	op := &request.Operation{
6059		Name:       opGetCredentialReport,
6060		HTTPMethod: "POST",
6061		HTTPPath:   "/",
6062	}
6063
6064	if input == nil {
6065		input = &GetCredentialReportInput{}
6066	}
6067
6068	output = &GetCredentialReportOutput{}
6069	req = c.newRequest(op, input, output)
6070	return
6071}
6072
6073// GetCredentialReport API operation for AWS Identity and Access Management.
6074//
6075// Retrieves a credential report for the AWS account. For more information about
6076// the credential report, see Getting credential reports (https://docs.aws.amazon.com/IAM/latest/UserGuide/credential-reports.html)
6077// in the IAM User Guide.
6078//
6079// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
6080// with awserr.Error's Code and Message methods to get detailed information about
6081// the error.
6082//
6083// See the AWS API reference guide for AWS Identity and Access Management's
6084// API operation GetCredentialReport for usage and error information.
6085//
6086// Returned Error Codes:
6087//   * ErrCodeCredentialReportNotPresentException "ReportNotPresent"
6088//   The request was rejected because the credential report does not exist. To
6089//   generate a credential report, use GenerateCredentialReport.
6090//
6091//   * ErrCodeCredentialReportExpiredException "ReportExpired"
6092//   The request was rejected because the most recent credential report has expired.
6093//   To generate a new credential report, use GenerateCredentialReport. For more
6094//   information about credential report expiration, see Getting credential reports
6095//   (https://docs.aws.amazon.com/IAM/latest/UserGuide/credential-reports.html)
6096//   in the IAM User Guide.
6097//
6098//   * ErrCodeCredentialReportNotReadyException "ReportInProgress"
6099//   The request was rejected because the credential report is still being generated.
6100//
6101//   * ErrCodeServiceFailureException "ServiceFailure"
6102//   The request processing has failed because of an unknown error, exception
6103//   or failure.
6104//
6105// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetCredentialReport
6106func (c *IAM) GetCredentialReport(input *GetCredentialReportInput) (*GetCredentialReportOutput, error) {
6107	req, out := c.GetCredentialReportRequest(input)
6108	return out, req.Send()
6109}
6110
6111// GetCredentialReportWithContext is the same as GetCredentialReport with the addition of
6112// the ability to pass a context and additional request options.
6113//
6114// See GetCredentialReport for details on how to use this API operation.
6115//
6116// The context must be non-nil and will be used for request cancellation. If
6117// the context is nil a panic will occur. In the future the SDK may create
6118// sub-contexts for http.Requests. See https://golang.org/pkg/context/
6119// for more information on using Contexts.
6120func (c *IAM) GetCredentialReportWithContext(ctx aws.Context, input *GetCredentialReportInput, opts ...request.Option) (*GetCredentialReportOutput, error) {
6121	req, out := c.GetCredentialReportRequest(input)
6122	req.SetContext(ctx)
6123	req.ApplyOptions(opts...)
6124	return out, req.Send()
6125}
6126
6127const opGetGroup = "GetGroup"
6128
6129// GetGroupRequest generates a "aws/request.Request" representing the
6130// client's request for the GetGroup operation. The "output" return
6131// value will be populated with the request's response once the request completes
6132// successfully.
6133//
6134// Use "Send" method on the returned Request to send the API call to the service.
6135// the "output" return value is not valid until after Send returns without error.
6136//
6137// See GetGroup for more information on using the GetGroup
6138// API call, and error handling.
6139//
6140// This method is useful when you want to inject custom logic or configuration
6141// into the SDK's request lifecycle. Such as custom headers, or retry logic.
6142//
6143//
6144//    // Example sending a request using the GetGroupRequest method.
6145//    req, resp := client.GetGroupRequest(params)
6146//
6147//    err := req.Send()
6148//    if err == nil { // resp is now filled
6149//        fmt.Println(resp)
6150//    }
6151//
6152// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetGroup
6153func (c *IAM) GetGroupRequest(input *GetGroupInput) (req *request.Request, output *GetGroupOutput) {
6154	op := &request.Operation{
6155		Name:       opGetGroup,
6156		HTTPMethod: "POST",
6157		HTTPPath:   "/",
6158		Paginator: &request.Paginator{
6159			InputTokens:     []string{"Marker"},
6160			OutputTokens:    []string{"Marker"},
6161			LimitToken:      "MaxItems",
6162			TruncationToken: "IsTruncated",
6163		},
6164	}
6165
6166	if input == nil {
6167		input = &GetGroupInput{}
6168	}
6169
6170	output = &GetGroupOutput{}
6171	req = c.newRequest(op, input, output)
6172	return
6173}
6174
6175// GetGroup API operation for AWS Identity and Access Management.
6176//
6177// Returns a list of IAM users that are in the specified IAM group. You can
6178// paginate the results using the MaxItems and Marker parameters.
6179//
6180// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
6181// with awserr.Error's Code and Message methods to get detailed information about
6182// the error.
6183//
6184// See the AWS API reference guide for AWS Identity and Access Management's
6185// API operation GetGroup for usage and error information.
6186//
6187// Returned Error Codes:
6188//   * ErrCodeNoSuchEntityException "NoSuchEntity"
6189//   The request was rejected because it referenced a resource entity that does
6190//   not exist. The error message describes the resource.
6191//
6192//   * ErrCodeServiceFailureException "ServiceFailure"
6193//   The request processing has failed because of an unknown error, exception
6194//   or failure.
6195//
6196// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetGroup
6197func (c *IAM) GetGroup(input *GetGroupInput) (*GetGroupOutput, error) {
6198	req, out := c.GetGroupRequest(input)
6199	return out, req.Send()
6200}
6201
6202// GetGroupWithContext is the same as GetGroup with the addition of
6203// the ability to pass a context and additional request options.
6204//
6205// See GetGroup for details on how to use this API operation.
6206//
6207// The context must be non-nil and will be used for request cancellation. If
6208// the context is nil a panic will occur. In the future the SDK may create
6209// sub-contexts for http.Requests. See https://golang.org/pkg/context/
6210// for more information on using Contexts.
6211func (c *IAM) GetGroupWithContext(ctx aws.Context, input *GetGroupInput, opts ...request.Option) (*GetGroupOutput, error) {
6212	req, out := c.GetGroupRequest(input)
6213	req.SetContext(ctx)
6214	req.ApplyOptions(opts...)
6215	return out, req.Send()
6216}
6217
6218// GetGroupPages iterates over the pages of a GetGroup operation,
6219// calling the "fn" function with the response data for each page. To stop
6220// iterating, return false from the fn function.
6221//
6222// See GetGroup method for more information on how to use this operation.
6223//
6224// Note: This operation can generate multiple requests to a service.
6225//
6226//    // Example iterating over at most 3 pages of a GetGroup operation.
6227//    pageNum := 0
6228//    err := client.GetGroupPages(params,
6229//        func(page *iam.GetGroupOutput, lastPage bool) bool {
6230//            pageNum++
6231//            fmt.Println(page)
6232//            return pageNum <= 3
6233//        })
6234//
6235func (c *IAM) GetGroupPages(input *GetGroupInput, fn func(*GetGroupOutput, bool) bool) error {
6236	return c.GetGroupPagesWithContext(aws.BackgroundContext(), input, fn)
6237}
6238
6239// GetGroupPagesWithContext same as GetGroupPages except
6240// it takes a Context and allows setting request options on the pages.
6241//
6242// The context must be non-nil and will be used for request cancellation. If
6243// the context is nil a panic will occur. In the future the SDK may create
6244// sub-contexts for http.Requests. See https://golang.org/pkg/context/
6245// for more information on using Contexts.
6246func (c *IAM) GetGroupPagesWithContext(ctx aws.Context, input *GetGroupInput, fn func(*GetGroupOutput, bool) bool, opts ...request.Option) error {
6247	p := request.Pagination{
6248		NewRequest: func() (*request.Request, error) {
6249			var inCpy *GetGroupInput
6250			if input != nil {
6251				tmp := *input
6252				inCpy = &tmp
6253			}
6254			req, _ := c.GetGroupRequest(inCpy)
6255			req.SetContext(ctx)
6256			req.ApplyOptions(opts...)
6257			return req, nil
6258		},
6259	}
6260
6261	for p.Next() {
6262		if !fn(p.Page().(*GetGroupOutput), !p.HasNextPage()) {
6263			break
6264		}
6265	}
6266
6267	return p.Err()
6268}
6269
6270const opGetGroupPolicy = "GetGroupPolicy"
6271
6272// GetGroupPolicyRequest generates a "aws/request.Request" representing the
6273// client's request for the GetGroupPolicy operation. The "output" return
6274// value will be populated with the request's response once the request completes
6275// successfully.
6276//
6277// Use "Send" method on the returned Request to send the API call to the service.
6278// the "output" return value is not valid until after Send returns without error.
6279//
6280// See GetGroupPolicy for more information on using the GetGroupPolicy
6281// API call, and error handling.
6282//
6283// This method is useful when you want to inject custom logic or configuration
6284// into the SDK's request lifecycle. Such as custom headers, or retry logic.
6285//
6286//
6287//    // Example sending a request using the GetGroupPolicyRequest method.
6288//    req, resp := client.GetGroupPolicyRequest(params)
6289//
6290//    err := req.Send()
6291//    if err == nil { // resp is now filled
6292//        fmt.Println(resp)
6293//    }
6294//
6295// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetGroupPolicy
6296func (c *IAM) GetGroupPolicyRequest(input *GetGroupPolicyInput) (req *request.Request, output *GetGroupPolicyOutput) {
6297	op := &request.Operation{
6298		Name:       opGetGroupPolicy,
6299		HTTPMethod: "POST",
6300		HTTPPath:   "/",
6301	}
6302
6303	if input == nil {
6304		input = &GetGroupPolicyInput{}
6305	}
6306
6307	output = &GetGroupPolicyOutput{}
6308	req = c.newRequest(op, input, output)
6309	return
6310}
6311
6312// GetGroupPolicy API operation for AWS Identity and Access Management.
6313//
6314// Retrieves the specified inline policy document that is embedded in the specified
6315// IAM group.
6316//
6317// Policies returned by this operation are URL-encoded compliant with RFC 3986
6318// (https://tools.ietf.org/html/rfc3986). You can use a URL decoding method
6319// to convert the policy back to plain JSON text. For example, if you use Java,
6320// you can use the decode method of the java.net.URLDecoder utility class in
6321// the Java SDK. Other languages and SDKs provide similar functionality.
6322//
6323// An IAM group can also have managed policies attached to it. To retrieve a
6324// managed policy document that is attached to a group, use GetPolicy to determine
6325// the policy's default version, then use GetPolicyVersion to retrieve the policy
6326// document.
6327//
6328// For more information about policies, see Managed policies and inline policies
6329// (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
6330// in the IAM User Guide.
6331//
6332// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
6333// with awserr.Error's Code and Message methods to get detailed information about
6334// the error.
6335//
6336// See the AWS API reference guide for AWS Identity and Access Management's
6337// API operation GetGroupPolicy for usage and error information.
6338//
6339// Returned Error Codes:
6340//   * ErrCodeNoSuchEntityException "NoSuchEntity"
6341//   The request was rejected because it referenced a resource entity that does
6342//   not exist. The error message describes the resource.
6343//
6344//   * ErrCodeServiceFailureException "ServiceFailure"
6345//   The request processing has failed because of an unknown error, exception
6346//   or failure.
6347//
6348// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetGroupPolicy
6349func (c *IAM) GetGroupPolicy(input *GetGroupPolicyInput) (*GetGroupPolicyOutput, error) {
6350	req, out := c.GetGroupPolicyRequest(input)
6351	return out, req.Send()
6352}
6353
6354// GetGroupPolicyWithContext is the same as GetGroupPolicy with the addition of
6355// the ability to pass a context and additional request options.
6356//
6357// See GetGroupPolicy for details on how to use this API operation.
6358//
6359// The context must be non-nil and will be used for request cancellation. If
6360// the context is nil a panic will occur. In the future the SDK may create
6361// sub-contexts for http.Requests. See https://golang.org/pkg/context/
6362// for more information on using Contexts.
6363func (c *IAM) GetGroupPolicyWithContext(ctx aws.Context, input *GetGroupPolicyInput, opts ...request.Option) (*GetGroupPolicyOutput, error) {
6364	req, out := c.GetGroupPolicyRequest(input)
6365	req.SetContext(ctx)
6366	req.ApplyOptions(opts...)
6367	return out, req.Send()
6368}
6369
6370const opGetInstanceProfile = "GetInstanceProfile"
6371
6372// GetInstanceProfileRequest generates a "aws/request.Request" representing the
6373// client's request for the GetInstanceProfile operation. The "output" return
6374// value will be populated with the request's response once the request completes
6375// successfully.
6376//
6377// Use "Send" method on the returned Request to send the API call to the service.
6378// the "output" return value is not valid until after Send returns without error.
6379//
6380// See GetInstanceProfile for more information on using the GetInstanceProfile
6381// API call, and error handling.
6382//
6383// This method is useful when you want to inject custom logic or configuration
6384// into the SDK's request lifecycle. Such as custom headers, or retry logic.
6385//
6386//
6387//    // Example sending a request using the GetInstanceProfileRequest method.
6388//    req, resp := client.GetInstanceProfileRequest(params)
6389//
6390//    err := req.Send()
6391//    if err == nil { // resp is now filled
6392//        fmt.Println(resp)
6393//    }
6394//
6395// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetInstanceProfile
6396func (c *IAM) GetInstanceProfileRequest(input *GetInstanceProfileInput) (req *request.Request, output *GetInstanceProfileOutput) {
6397	op := &request.Operation{
6398		Name:       opGetInstanceProfile,
6399		HTTPMethod: "POST",
6400		HTTPPath:   "/",
6401	}
6402
6403	if input == nil {
6404		input = &GetInstanceProfileInput{}
6405	}
6406
6407	output = &GetInstanceProfileOutput{}
6408	req = c.newRequest(op, input, output)
6409	return
6410}
6411
6412// GetInstanceProfile API operation for AWS Identity and Access Management.
6413//
6414// Retrieves information about the specified instance profile, including the
6415// instance profile's path, GUID, ARN, and role. For more information about
6416// instance profiles, see About instance profiles (https://docs.aws.amazon.com/IAM/latest/UserGuide/AboutInstanceProfiles.html)
6417// in the IAM User Guide.
6418//
6419// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
6420// with awserr.Error's Code and Message methods to get detailed information about
6421// the error.
6422//
6423// See the AWS API reference guide for AWS Identity and Access Management's
6424// API operation GetInstanceProfile for usage and error information.
6425//
6426// Returned Error Codes:
6427//   * ErrCodeNoSuchEntityException "NoSuchEntity"
6428//   The request was rejected because it referenced a resource entity that does
6429//   not exist. The error message describes the resource.
6430//
6431//   * ErrCodeServiceFailureException "ServiceFailure"
6432//   The request processing has failed because of an unknown error, exception
6433//   or failure.
6434//
6435// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetInstanceProfile
6436func (c *IAM) GetInstanceProfile(input *GetInstanceProfileInput) (*GetInstanceProfileOutput, error) {
6437	req, out := c.GetInstanceProfileRequest(input)
6438	return out, req.Send()
6439}
6440
6441// GetInstanceProfileWithContext is the same as GetInstanceProfile with the addition of
6442// the ability to pass a context and additional request options.
6443//
6444// See GetInstanceProfile for details on how to use this API operation.
6445//
6446// The context must be non-nil and will be used for request cancellation. If
6447// the context is nil a panic will occur. In the future the SDK may create
6448// sub-contexts for http.Requests. See https://golang.org/pkg/context/
6449// for more information on using Contexts.
6450func (c *IAM) GetInstanceProfileWithContext(ctx aws.Context, input *GetInstanceProfileInput, opts ...request.Option) (*GetInstanceProfileOutput, error) {
6451	req, out := c.GetInstanceProfileRequest(input)
6452	req.SetContext(ctx)
6453	req.ApplyOptions(opts...)
6454	return out, req.Send()
6455}
6456
6457const opGetLoginProfile = "GetLoginProfile"
6458
6459// GetLoginProfileRequest generates a "aws/request.Request" representing the
6460// client's request for the GetLoginProfile operation. The "output" return
6461// value will be populated with the request's response once the request completes
6462// successfully.
6463//
6464// Use "Send" method on the returned Request to send the API call to the service.
6465// the "output" return value is not valid until after Send returns without error.
6466//
6467// See GetLoginProfile for more information on using the GetLoginProfile
6468// API call, and error handling.
6469//
6470// This method is useful when you want to inject custom logic or configuration
6471// into the SDK's request lifecycle. Such as custom headers, or retry logic.
6472//
6473//
6474//    // Example sending a request using the GetLoginProfileRequest method.
6475//    req, resp := client.GetLoginProfileRequest(params)
6476//
6477//    err := req.Send()
6478//    if err == nil { // resp is now filled
6479//        fmt.Println(resp)
6480//    }
6481//
6482// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetLoginProfile
6483func (c *IAM) GetLoginProfileRequest(input *GetLoginProfileInput) (req *request.Request, output *GetLoginProfileOutput) {
6484	op := &request.Operation{
6485		Name:       opGetLoginProfile,
6486		HTTPMethod: "POST",
6487		HTTPPath:   "/",
6488	}
6489
6490	if input == nil {
6491		input = &GetLoginProfileInput{}
6492	}
6493
6494	output = &GetLoginProfileOutput{}
6495	req = c.newRequest(op, input, output)
6496	return
6497}
6498
6499// GetLoginProfile API operation for AWS Identity and Access Management.
6500//
6501// Retrieves the user name and password creation date for the specified IAM
6502// user. If the user has not been assigned a password, the operation returns
6503// a 404 (NoSuchEntity) error.
6504//
6505// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
6506// with awserr.Error's Code and Message methods to get detailed information about
6507// the error.
6508//
6509// See the AWS API reference guide for AWS Identity and Access Management's
6510// API operation GetLoginProfile for usage and error information.
6511//
6512// Returned Error Codes:
6513//   * ErrCodeNoSuchEntityException "NoSuchEntity"
6514//   The request was rejected because it referenced a resource entity that does
6515//   not exist. The error message describes the resource.
6516//
6517//   * ErrCodeServiceFailureException "ServiceFailure"
6518//   The request processing has failed because of an unknown error, exception
6519//   or failure.
6520//
6521// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetLoginProfile
6522func (c *IAM) GetLoginProfile(input *GetLoginProfileInput) (*GetLoginProfileOutput, error) {
6523	req, out := c.GetLoginProfileRequest(input)
6524	return out, req.Send()
6525}
6526
6527// GetLoginProfileWithContext is the same as GetLoginProfile with the addition of
6528// the ability to pass a context and additional request options.
6529//
6530// See GetLoginProfile for details on how to use this API operation.
6531//
6532// The context must be non-nil and will be used for request cancellation. If
6533// the context is nil a panic will occur. In the future the SDK may create
6534// sub-contexts for http.Requests. See https://golang.org/pkg/context/
6535// for more information on using Contexts.
6536func (c *IAM) GetLoginProfileWithContext(ctx aws.Context, input *GetLoginProfileInput, opts ...request.Option) (*GetLoginProfileOutput, error) {
6537	req, out := c.GetLoginProfileRequest(input)
6538	req.SetContext(ctx)
6539	req.ApplyOptions(opts...)
6540	return out, req.Send()
6541}
6542
6543const opGetOpenIDConnectProvider = "GetOpenIDConnectProvider"
6544
6545// GetOpenIDConnectProviderRequest generates a "aws/request.Request" representing the
6546// client's request for the GetOpenIDConnectProvider operation. The "output" return
6547// value will be populated with the request's response once the request completes
6548// successfully.
6549//
6550// Use "Send" method on the returned Request to send the API call to the service.
6551// the "output" return value is not valid until after Send returns without error.
6552//
6553// See GetOpenIDConnectProvider for more information on using the GetOpenIDConnectProvider
6554// API call, and error handling.
6555//
6556// This method is useful when you want to inject custom logic or configuration
6557// into the SDK's request lifecycle. Such as custom headers, or retry logic.
6558//
6559//
6560//    // Example sending a request using the GetOpenIDConnectProviderRequest method.
6561//    req, resp := client.GetOpenIDConnectProviderRequest(params)
6562//
6563//    err := req.Send()
6564//    if err == nil { // resp is now filled
6565//        fmt.Println(resp)
6566//    }
6567//
6568// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetOpenIDConnectProvider
6569func (c *IAM) GetOpenIDConnectProviderRequest(input *GetOpenIDConnectProviderInput) (req *request.Request, output *GetOpenIDConnectProviderOutput) {
6570	op := &request.Operation{
6571		Name:       opGetOpenIDConnectProvider,
6572		HTTPMethod: "POST",
6573		HTTPPath:   "/",
6574	}
6575
6576	if input == nil {
6577		input = &GetOpenIDConnectProviderInput{}
6578	}
6579
6580	output = &GetOpenIDConnectProviderOutput{}
6581	req = c.newRequest(op, input, output)
6582	return
6583}
6584
6585// GetOpenIDConnectProvider API operation for AWS Identity and Access Management.
6586//
6587// Returns information about the specified OpenID Connect (OIDC) provider resource
6588// object in IAM.
6589//
6590// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
6591// with awserr.Error's Code and Message methods to get detailed information about
6592// the error.
6593//
6594// See the AWS API reference guide for AWS Identity and Access Management's
6595// API operation GetOpenIDConnectProvider for usage and error information.
6596//
6597// Returned Error Codes:
6598//   * ErrCodeInvalidInputException "InvalidInput"
6599//   The request was rejected because an invalid or out-of-range value was supplied
6600//   for an input parameter.
6601//
6602//   * ErrCodeNoSuchEntityException "NoSuchEntity"
6603//   The request was rejected because it referenced a resource entity that does
6604//   not exist. The error message describes the resource.
6605//
6606//   * ErrCodeServiceFailureException "ServiceFailure"
6607//   The request processing has failed because of an unknown error, exception
6608//   or failure.
6609//
6610// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetOpenIDConnectProvider
6611func (c *IAM) GetOpenIDConnectProvider(input *GetOpenIDConnectProviderInput) (*GetOpenIDConnectProviderOutput, error) {
6612	req, out := c.GetOpenIDConnectProviderRequest(input)
6613	return out, req.Send()
6614}
6615
6616// GetOpenIDConnectProviderWithContext is the same as GetOpenIDConnectProvider with the addition of
6617// the ability to pass a context and additional request options.
6618//
6619// See GetOpenIDConnectProvider for details on how to use this API operation.
6620//
6621// The context must be non-nil and will be used for request cancellation. If
6622// the context is nil a panic will occur. In the future the SDK may create
6623// sub-contexts for http.Requests. See https://golang.org/pkg/context/
6624// for more information on using Contexts.
6625func (c *IAM) GetOpenIDConnectProviderWithContext(ctx aws.Context, input *GetOpenIDConnectProviderInput, opts ...request.Option) (*GetOpenIDConnectProviderOutput, error) {
6626	req, out := c.GetOpenIDConnectProviderRequest(input)
6627	req.SetContext(ctx)
6628	req.ApplyOptions(opts...)
6629	return out, req.Send()
6630}
6631
6632const opGetOrganizationsAccessReport = "GetOrganizationsAccessReport"
6633
6634// GetOrganizationsAccessReportRequest generates a "aws/request.Request" representing the
6635// client's request for the GetOrganizationsAccessReport operation. The "output" return
6636// value will be populated with the request's response once the request completes
6637// successfully.
6638//
6639// Use "Send" method on the returned Request to send the API call to the service.
6640// the "output" return value is not valid until after Send returns without error.
6641//
6642// See GetOrganizationsAccessReport for more information on using the GetOrganizationsAccessReport
6643// API call, and error handling.
6644//
6645// This method is useful when you want to inject custom logic or configuration
6646// into the SDK's request lifecycle. Such as custom headers, or retry logic.
6647//
6648//
6649//    // Example sending a request using the GetOrganizationsAccessReportRequest method.
6650//    req, resp := client.GetOrganizationsAccessReportRequest(params)
6651//
6652//    err := req.Send()
6653//    if err == nil { // resp is now filled
6654//        fmt.Println(resp)
6655//    }
6656//
6657// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetOrganizationsAccessReport
6658func (c *IAM) GetOrganizationsAccessReportRequest(input *GetOrganizationsAccessReportInput) (req *request.Request, output *GetOrganizationsAccessReportOutput) {
6659	op := &request.Operation{
6660		Name:       opGetOrganizationsAccessReport,
6661		HTTPMethod: "POST",
6662		HTTPPath:   "/",
6663	}
6664
6665	if input == nil {
6666		input = &GetOrganizationsAccessReportInput{}
6667	}
6668
6669	output = &GetOrganizationsAccessReportOutput{}
6670	req = c.newRequest(op, input, output)
6671	return
6672}
6673
6674// GetOrganizationsAccessReport API operation for AWS Identity and Access Management.
6675//
6676// Retrieves the service last accessed data report for AWS Organizations that
6677// was previously generated using the GenerateOrganizationsAccessReport operation.
6678// This operation retrieves the status of your report job and the report contents.
6679//
6680// Depending on the parameters that you passed when you generated the report,
6681// the data returned could include different information. For details, see GenerateOrganizationsAccessReport.
6682//
6683// To call this operation, you must be signed in to the management account in
6684// your organization. SCPs must be enabled for your organization root. You must
6685// have permissions to perform this operation. For more information, see Refining
6686// permissions using service last accessed data (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html)
6687// in the IAM User Guide.
6688//
6689// For each service that principals in an account (root users, IAM users, or
6690// IAM roles) could access using SCPs, the operation returns details about the
6691// most recent access attempt. If there was no attempt, the service is listed
6692// without details about the most recent attempt to access the service. If the
6693// operation fails, it returns the reason that it failed.
6694//
6695// By default, the list is sorted by service namespace.
6696//
6697// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
6698// with awserr.Error's Code and Message methods to get detailed information about
6699// the error.
6700//
6701// See the AWS API reference guide for AWS Identity and Access Management's
6702// API operation GetOrganizationsAccessReport for usage and error information.
6703//
6704// Returned Error Codes:
6705//   * ErrCodeNoSuchEntityException "NoSuchEntity"
6706//   The request was rejected because it referenced a resource entity that does
6707//   not exist. The error message describes the resource.
6708//
6709// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetOrganizationsAccessReport
6710func (c *IAM) GetOrganizationsAccessReport(input *GetOrganizationsAccessReportInput) (*GetOrganizationsAccessReportOutput, error) {
6711	req, out := c.GetOrganizationsAccessReportRequest(input)
6712	return out, req.Send()
6713}
6714
6715// GetOrganizationsAccessReportWithContext is the same as GetOrganizationsAccessReport with the addition of
6716// the ability to pass a context and additional request options.
6717//
6718// See GetOrganizationsAccessReport for details on how to use this API operation.
6719//
6720// The context must be non-nil and will be used for request cancellation. If
6721// the context is nil a panic will occur. In the future the SDK may create
6722// sub-contexts for http.Requests. See https://golang.org/pkg/context/
6723// for more information on using Contexts.
6724func (c *IAM) GetOrganizationsAccessReportWithContext(ctx aws.Context, input *GetOrganizationsAccessReportInput, opts ...request.Option) (*GetOrganizationsAccessReportOutput, error) {
6725	req, out := c.GetOrganizationsAccessReportRequest(input)
6726	req.SetContext(ctx)
6727	req.ApplyOptions(opts...)
6728	return out, req.Send()
6729}
6730
6731const opGetPolicy = "GetPolicy"
6732
6733// GetPolicyRequest generates a "aws/request.Request" representing the
6734// client's request for the GetPolicy operation. The "output" return
6735// value will be populated with the request's response once the request completes
6736// successfully.
6737//
6738// Use "Send" method on the returned Request to send the API call to the service.
6739// the "output" return value is not valid until after Send returns without error.
6740//
6741// See GetPolicy for more information on using the GetPolicy
6742// API call, and error handling.
6743//
6744// This method is useful when you want to inject custom logic or configuration
6745// into the SDK's request lifecycle. Such as custom headers, or retry logic.
6746//
6747//
6748//    // Example sending a request using the GetPolicyRequest method.
6749//    req, resp := client.GetPolicyRequest(params)
6750//
6751//    err := req.Send()
6752//    if err == nil { // resp is now filled
6753//        fmt.Println(resp)
6754//    }
6755//
6756// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetPolicy
6757func (c *IAM) GetPolicyRequest(input *GetPolicyInput) (req *request.Request, output *GetPolicyOutput) {
6758	op := &request.Operation{
6759		Name:       opGetPolicy,
6760		HTTPMethod: "POST",
6761		HTTPPath:   "/",
6762	}
6763
6764	if input == nil {
6765		input = &GetPolicyInput{}
6766	}
6767
6768	output = &GetPolicyOutput{}
6769	req = c.newRequest(op, input, output)
6770	return
6771}
6772
6773// GetPolicy API operation for AWS Identity and Access Management.
6774//
6775// Retrieves information about the specified managed policy, including the policy's
6776// default version and the total number of IAM users, groups, and roles to which
6777// the policy is attached. To retrieve the list of the specific users, groups,
6778// and roles that the policy is attached to, use ListEntitiesForPolicy. This
6779// operation returns metadata about the policy. To retrieve the actual policy
6780// document for a specific version of the policy, use GetPolicyVersion.
6781//
6782// This operation retrieves information about managed policies. To retrieve
6783// information about an inline policy that is embedded with an IAM user, group,
6784// or role, use GetUserPolicy, GetGroupPolicy, or GetRolePolicy.
6785//
6786// For more information about policies, see Managed policies and inline policies
6787// (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
6788// in the IAM User Guide.
6789//
6790// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
6791// with awserr.Error's Code and Message methods to get detailed information about
6792// the error.
6793//
6794// See the AWS API reference guide for AWS Identity and Access Management's
6795// API operation GetPolicy for usage and error information.
6796//
6797// Returned Error Codes:
6798//   * ErrCodeNoSuchEntityException "NoSuchEntity"
6799//   The request was rejected because it referenced a resource entity that does
6800//   not exist. The error message describes the resource.
6801//
6802//   * ErrCodeInvalidInputException "InvalidInput"
6803//   The request was rejected because an invalid or out-of-range value was supplied
6804//   for an input parameter.
6805//
6806//   * ErrCodeServiceFailureException "ServiceFailure"
6807//   The request processing has failed because of an unknown error, exception
6808//   or failure.
6809//
6810// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetPolicy
6811func (c *IAM) GetPolicy(input *GetPolicyInput) (*GetPolicyOutput, error) {
6812	req, out := c.GetPolicyRequest(input)
6813	return out, req.Send()
6814}
6815
6816// GetPolicyWithContext is the same as GetPolicy with the addition of
6817// the ability to pass a context and additional request options.
6818//
6819// See GetPolicy for details on how to use this API operation.
6820//
6821// The context must be non-nil and will be used for request cancellation. If
6822// the context is nil a panic will occur. In the future the SDK may create
6823// sub-contexts for http.Requests. See https://golang.org/pkg/context/
6824// for more information on using Contexts.
6825func (c *IAM) GetPolicyWithContext(ctx aws.Context, input *GetPolicyInput, opts ...request.Option) (*GetPolicyOutput, error) {
6826	req, out := c.GetPolicyRequest(input)
6827	req.SetContext(ctx)
6828	req.ApplyOptions(opts...)
6829	return out, req.Send()
6830}
6831
6832const opGetPolicyVersion = "GetPolicyVersion"
6833
6834// GetPolicyVersionRequest generates a "aws/request.Request" representing the
6835// client's request for the GetPolicyVersion operation. The "output" return
6836// value will be populated with the request's response once the request completes
6837// successfully.
6838//
6839// Use "Send" method on the returned Request to send the API call to the service.
6840// the "output" return value is not valid until after Send returns without error.
6841//
6842// See GetPolicyVersion for more information on using the GetPolicyVersion
6843// API call, and error handling.
6844//
6845// This method is useful when you want to inject custom logic or configuration
6846// into the SDK's request lifecycle. Such as custom headers, or retry logic.
6847//
6848//
6849//    // Example sending a request using the GetPolicyVersionRequest method.
6850//    req, resp := client.GetPolicyVersionRequest(params)
6851//
6852//    err := req.Send()
6853//    if err == nil { // resp is now filled
6854//        fmt.Println(resp)
6855//    }
6856//
6857// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetPolicyVersion
6858func (c *IAM) GetPolicyVersionRequest(input *GetPolicyVersionInput) (req *request.Request, output *GetPolicyVersionOutput) {
6859	op := &request.Operation{
6860		Name:       opGetPolicyVersion,
6861		HTTPMethod: "POST",
6862		HTTPPath:   "/",
6863	}
6864
6865	if input == nil {
6866		input = &GetPolicyVersionInput{}
6867	}
6868
6869	output = &GetPolicyVersionOutput{}
6870	req = c.newRequest(op, input, output)
6871	return
6872}
6873
6874// GetPolicyVersion API operation for AWS Identity and Access Management.
6875//
6876// Retrieves information about the specified version of the specified managed
6877// policy, including the policy document.
6878//
6879// Policies returned by this operation are URL-encoded compliant with RFC 3986
6880// (https://tools.ietf.org/html/rfc3986). You can use a URL decoding method
6881// to convert the policy back to plain JSON text. For example, if you use Java,
6882// you can use the decode method of the java.net.URLDecoder utility class in
6883// the Java SDK. Other languages and SDKs provide similar functionality.
6884//
6885// To list the available versions for a policy, use ListPolicyVersions.
6886//
6887// This operation retrieves information about managed policies. To retrieve
6888// information about an inline policy that is embedded in a user, group, or
6889// role, use GetUserPolicy, GetGroupPolicy, or GetRolePolicy.
6890//
6891// For more information about the types of policies, see Managed policies and
6892// inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
6893// in the IAM User Guide.
6894//
6895// For more information about managed policy versions, see Versioning for managed
6896// policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-versions.html)
6897// in the IAM User Guide.
6898//
6899// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
6900// with awserr.Error's Code and Message methods to get detailed information about
6901// the error.
6902//
6903// See the AWS API reference guide for AWS Identity and Access Management's
6904// API operation GetPolicyVersion for usage and error information.
6905//
6906// Returned Error Codes:
6907//   * ErrCodeNoSuchEntityException "NoSuchEntity"
6908//   The request was rejected because it referenced a resource entity that does
6909//   not exist. The error message describes the resource.
6910//
6911//   * ErrCodeInvalidInputException "InvalidInput"
6912//   The request was rejected because an invalid or out-of-range value was supplied
6913//   for an input parameter.
6914//
6915//   * ErrCodeServiceFailureException "ServiceFailure"
6916//   The request processing has failed because of an unknown error, exception
6917//   or failure.
6918//
6919// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetPolicyVersion
6920func (c *IAM) GetPolicyVersion(input *GetPolicyVersionInput) (*GetPolicyVersionOutput, error) {
6921	req, out := c.GetPolicyVersionRequest(input)
6922	return out, req.Send()
6923}
6924
6925// GetPolicyVersionWithContext is the same as GetPolicyVersion with the addition of
6926// the ability to pass a context and additional request options.
6927//
6928// See GetPolicyVersion for details on how to use this API operation.
6929//
6930// The context must be non-nil and will be used for request cancellation. If
6931// the context is nil a panic will occur. In the future the SDK may create
6932// sub-contexts for http.Requests. See https://golang.org/pkg/context/
6933// for more information on using Contexts.
6934func (c *IAM) GetPolicyVersionWithContext(ctx aws.Context, input *GetPolicyVersionInput, opts ...request.Option) (*GetPolicyVersionOutput, error) {
6935	req, out := c.GetPolicyVersionRequest(input)
6936	req.SetContext(ctx)
6937	req.ApplyOptions(opts...)
6938	return out, req.Send()
6939}
6940
6941const opGetRole = "GetRole"
6942
6943// GetRoleRequest generates a "aws/request.Request" representing the
6944// client's request for the GetRole operation. The "output" return
6945// value will be populated with the request's response once the request completes
6946// successfully.
6947//
6948// Use "Send" method on the returned Request to send the API call to the service.
6949// the "output" return value is not valid until after Send returns without error.
6950//
6951// See GetRole for more information on using the GetRole
6952// API call, and error handling.
6953//
6954// This method is useful when you want to inject custom logic or configuration
6955// into the SDK's request lifecycle. Such as custom headers, or retry logic.
6956//
6957//
6958//    // Example sending a request using the GetRoleRequest method.
6959//    req, resp := client.GetRoleRequest(params)
6960//
6961//    err := req.Send()
6962//    if err == nil { // resp is now filled
6963//        fmt.Println(resp)
6964//    }
6965//
6966// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetRole
6967func (c *IAM) GetRoleRequest(input *GetRoleInput) (req *request.Request, output *GetRoleOutput) {
6968	op := &request.Operation{
6969		Name:       opGetRole,
6970		HTTPMethod: "POST",
6971		HTTPPath:   "/",
6972	}
6973
6974	if input == nil {
6975		input = &GetRoleInput{}
6976	}
6977
6978	output = &GetRoleOutput{}
6979	req = c.newRequest(op, input, output)
6980	return
6981}
6982
6983// GetRole API operation for AWS Identity and Access Management.
6984//
6985// Retrieves information about the specified role, including the role's path,
6986// GUID, ARN, and the role's trust policy that grants permission to assume the
6987// role. For more information about roles, see Working with roles (https://docs.aws.amazon.com/IAM/latest/UserGuide/WorkingWithRoles.html).
6988//
6989// Policies returned by this operation are URL-encoded compliant with RFC 3986
6990// (https://tools.ietf.org/html/rfc3986). You can use a URL decoding method
6991// to convert the policy back to plain JSON text. For example, if you use Java,
6992// you can use the decode method of the java.net.URLDecoder utility class in
6993// the Java SDK. Other languages and SDKs provide similar functionality.
6994//
6995// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
6996// with awserr.Error's Code and Message methods to get detailed information about
6997// the error.
6998//
6999// See the AWS API reference guide for AWS Identity and Access Management's
7000// API operation GetRole for usage and error information.
7001//
7002// Returned Error Codes:
7003//   * ErrCodeNoSuchEntityException "NoSuchEntity"
7004//   The request was rejected because it referenced a resource entity that does
7005//   not exist. The error message describes the resource.
7006//
7007//   * ErrCodeServiceFailureException "ServiceFailure"
7008//   The request processing has failed because of an unknown error, exception
7009//   or failure.
7010//
7011// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetRole
7012func (c *IAM) GetRole(input *GetRoleInput) (*GetRoleOutput, error) {
7013	req, out := c.GetRoleRequest(input)
7014	return out, req.Send()
7015}
7016
7017// GetRoleWithContext is the same as GetRole with the addition of
7018// the ability to pass a context and additional request options.
7019//
7020// See GetRole for details on how to use this API operation.
7021//
7022// The context must be non-nil and will be used for request cancellation. If
7023// the context is nil a panic will occur. In the future the SDK may create
7024// sub-contexts for http.Requests. See https://golang.org/pkg/context/
7025// for more information on using Contexts.
7026func (c *IAM) GetRoleWithContext(ctx aws.Context, input *GetRoleInput, opts ...request.Option) (*GetRoleOutput, error) {
7027	req, out := c.GetRoleRequest(input)
7028	req.SetContext(ctx)
7029	req.ApplyOptions(opts...)
7030	return out, req.Send()
7031}
7032
7033const opGetRolePolicy = "GetRolePolicy"
7034
7035// GetRolePolicyRequest generates a "aws/request.Request" representing the
7036// client's request for the GetRolePolicy operation. The "output" return
7037// value will be populated with the request's response once the request completes
7038// successfully.
7039//
7040// Use "Send" method on the returned Request to send the API call to the service.
7041// the "output" return value is not valid until after Send returns without error.
7042//
7043// See GetRolePolicy for more information on using the GetRolePolicy
7044// API call, and error handling.
7045//
7046// This method is useful when you want to inject custom logic or configuration
7047// into the SDK's request lifecycle. Such as custom headers, or retry logic.
7048//
7049//
7050//    // Example sending a request using the GetRolePolicyRequest method.
7051//    req, resp := client.GetRolePolicyRequest(params)
7052//
7053//    err := req.Send()
7054//    if err == nil { // resp is now filled
7055//        fmt.Println(resp)
7056//    }
7057//
7058// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetRolePolicy
7059func (c *IAM) GetRolePolicyRequest(input *GetRolePolicyInput) (req *request.Request, output *GetRolePolicyOutput) {
7060	op := &request.Operation{
7061		Name:       opGetRolePolicy,
7062		HTTPMethod: "POST",
7063		HTTPPath:   "/",
7064	}
7065
7066	if input == nil {
7067		input = &GetRolePolicyInput{}
7068	}
7069
7070	output = &GetRolePolicyOutput{}
7071	req = c.newRequest(op, input, output)
7072	return
7073}
7074
7075// GetRolePolicy API operation for AWS Identity and Access Management.
7076//
7077// Retrieves the specified inline policy document that is embedded with the
7078// specified IAM role.
7079//
7080// Policies returned by this operation are URL-encoded compliant with RFC 3986
7081// (https://tools.ietf.org/html/rfc3986). You can use a URL decoding method
7082// to convert the policy back to plain JSON text. For example, if you use Java,
7083// you can use the decode method of the java.net.URLDecoder utility class in
7084// the Java SDK. Other languages and SDKs provide similar functionality.
7085//
7086// An IAM role can also have managed policies attached to it. To retrieve a
7087// managed policy document that is attached to a role, use GetPolicy to determine
7088// the policy's default version, then use GetPolicyVersion to retrieve the policy
7089// document.
7090//
7091// For more information about policies, see Managed policies and inline policies
7092// (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
7093// in the IAM User Guide.
7094//
7095// For more information about roles, see Using roles to delegate permissions
7096// and federate identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/roles-toplevel.html).
7097//
7098// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
7099// with awserr.Error's Code and Message methods to get detailed information about
7100// the error.
7101//
7102// See the AWS API reference guide for AWS Identity and Access Management's
7103// API operation GetRolePolicy for usage and error information.
7104//
7105// Returned Error Codes:
7106//   * ErrCodeNoSuchEntityException "NoSuchEntity"
7107//   The request was rejected because it referenced a resource entity that does
7108//   not exist. The error message describes the resource.
7109//
7110//   * ErrCodeServiceFailureException "ServiceFailure"
7111//   The request processing has failed because of an unknown error, exception
7112//   or failure.
7113//
7114// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetRolePolicy
7115func (c *IAM) GetRolePolicy(input *GetRolePolicyInput) (*GetRolePolicyOutput, error) {
7116	req, out := c.GetRolePolicyRequest(input)
7117	return out, req.Send()
7118}
7119
7120// GetRolePolicyWithContext is the same as GetRolePolicy with the addition of
7121// the ability to pass a context and additional request options.
7122//
7123// See GetRolePolicy for details on how to use this API operation.
7124//
7125// The context must be non-nil and will be used for request cancellation. If
7126// the context is nil a panic will occur. In the future the SDK may create
7127// sub-contexts for http.Requests. See https://golang.org/pkg/context/
7128// for more information on using Contexts.
7129func (c *IAM) GetRolePolicyWithContext(ctx aws.Context, input *GetRolePolicyInput, opts ...request.Option) (*GetRolePolicyOutput, error) {
7130	req, out := c.GetRolePolicyRequest(input)
7131	req.SetContext(ctx)
7132	req.ApplyOptions(opts...)
7133	return out, req.Send()
7134}
7135
7136const opGetSAMLProvider = "GetSAMLProvider"
7137
7138// GetSAMLProviderRequest generates a "aws/request.Request" representing the
7139// client's request for the GetSAMLProvider operation. The "output" return
7140// value will be populated with the request's response once the request completes
7141// successfully.
7142//
7143// Use "Send" method on the returned Request to send the API call to the service.
7144// the "output" return value is not valid until after Send returns without error.
7145//
7146// See GetSAMLProvider for more information on using the GetSAMLProvider
7147// API call, and error handling.
7148//
7149// This method is useful when you want to inject custom logic or configuration
7150// into the SDK's request lifecycle. Such as custom headers, or retry logic.
7151//
7152//
7153//    // Example sending a request using the GetSAMLProviderRequest method.
7154//    req, resp := client.GetSAMLProviderRequest(params)
7155//
7156//    err := req.Send()
7157//    if err == nil { // resp is now filled
7158//        fmt.Println(resp)
7159//    }
7160//
7161// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetSAMLProvider
7162func (c *IAM) GetSAMLProviderRequest(input *GetSAMLProviderInput) (req *request.Request, output *GetSAMLProviderOutput) {
7163	op := &request.Operation{
7164		Name:       opGetSAMLProvider,
7165		HTTPMethod: "POST",
7166		HTTPPath:   "/",
7167	}
7168
7169	if input == nil {
7170		input = &GetSAMLProviderInput{}
7171	}
7172
7173	output = &GetSAMLProviderOutput{}
7174	req = c.newRequest(op, input, output)
7175	return
7176}
7177
7178// GetSAMLProvider API operation for AWS Identity and Access Management.
7179//
7180// Returns the SAML provider metadocument that was uploaded when the IAM SAML
7181// provider resource object was created or updated.
7182//
7183// This operation requires Signature Version 4 (https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html).
7184//
7185// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
7186// with awserr.Error's Code and Message methods to get detailed information about
7187// the error.
7188//
7189// See the AWS API reference guide for AWS Identity and Access Management's
7190// API operation GetSAMLProvider for usage and error information.
7191//
7192// Returned Error Codes:
7193//   * ErrCodeNoSuchEntityException "NoSuchEntity"
7194//   The request was rejected because it referenced a resource entity that does
7195//   not exist. The error message describes the resource.
7196//
7197//   * ErrCodeInvalidInputException "InvalidInput"
7198//   The request was rejected because an invalid or out-of-range value was supplied
7199//   for an input parameter.
7200//
7201//   * ErrCodeServiceFailureException "ServiceFailure"
7202//   The request processing has failed because of an unknown error, exception
7203//   or failure.
7204//
7205// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetSAMLProvider
7206func (c *IAM) GetSAMLProvider(input *GetSAMLProviderInput) (*GetSAMLProviderOutput, error) {
7207	req, out := c.GetSAMLProviderRequest(input)
7208	return out, req.Send()
7209}
7210
7211// GetSAMLProviderWithContext is the same as GetSAMLProvider with the addition of
7212// the ability to pass a context and additional request options.
7213//
7214// See GetSAMLProvider for details on how to use this API operation.
7215//
7216// The context must be non-nil and will be used for request cancellation. If
7217// the context is nil a panic will occur. In the future the SDK may create
7218// sub-contexts for http.Requests. See https://golang.org/pkg/context/
7219// for more information on using Contexts.
7220func (c *IAM) GetSAMLProviderWithContext(ctx aws.Context, input *GetSAMLProviderInput, opts ...request.Option) (*GetSAMLProviderOutput, error) {
7221	req, out := c.GetSAMLProviderRequest(input)
7222	req.SetContext(ctx)
7223	req.ApplyOptions(opts...)
7224	return out, req.Send()
7225}
7226
7227const opGetSSHPublicKey = "GetSSHPublicKey"
7228
7229// GetSSHPublicKeyRequest generates a "aws/request.Request" representing the
7230// client's request for the GetSSHPublicKey operation. The "output" return
7231// value will be populated with the request's response once the request completes
7232// successfully.
7233//
7234// Use "Send" method on the returned Request to send the API call to the service.
7235// the "output" return value is not valid until after Send returns without error.
7236//
7237// See GetSSHPublicKey for more information on using the GetSSHPublicKey
7238// API call, and error handling.
7239//
7240// This method is useful when you want to inject custom logic or configuration
7241// into the SDK's request lifecycle. Such as custom headers, or retry logic.
7242//
7243//
7244//    // Example sending a request using the GetSSHPublicKeyRequest method.
7245//    req, resp := client.GetSSHPublicKeyRequest(params)
7246//
7247//    err := req.Send()
7248//    if err == nil { // resp is now filled
7249//        fmt.Println(resp)
7250//    }
7251//
7252// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetSSHPublicKey
7253func (c *IAM) GetSSHPublicKeyRequest(input *GetSSHPublicKeyInput) (req *request.Request, output *GetSSHPublicKeyOutput) {
7254	op := &request.Operation{
7255		Name:       opGetSSHPublicKey,
7256		HTTPMethod: "POST",
7257		HTTPPath:   "/",
7258	}
7259
7260	if input == nil {
7261		input = &GetSSHPublicKeyInput{}
7262	}
7263
7264	output = &GetSSHPublicKeyOutput{}
7265	req = c.newRequest(op, input, output)
7266	return
7267}
7268
7269// GetSSHPublicKey API operation for AWS Identity and Access Management.
7270//
7271// Retrieves the specified SSH public key, including metadata about the key.
7272//
7273// The SSH public key retrieved by this operation is used only for authenticating
7274// the associated IAM user to an AWS CodeCommit repository. For more information
7275// about using SSH keys to authenticate to an AWS CodeCommit repository, see
7276// Set up AWS CodeCommit for SSH connections (https://docs.aws.amazon.com/codecommit/latest/userguide/setting-up-credentials-ssh.html)
7277// in the AWS CodeCommit User Guide.
7278//
7279// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
7280// with awserr.Error's Code and Message methods to get detailed information about
7281// the error.
7282//
7283// See the AWS API reference guide for AWS Identity and Access Management's
7284// API operation GetSSHPublicKey for usage and error information.
7285//
7286// Returned Error Codes:
7287//   * ErrCodeNoSuchEntityException "NoSuchEntity"
7288//   The request was rejected because it referenced a resource entity that does
7289//   not exist. The error message describes the resource.
7290//
7291//   * ErrCodeUnrecognizedPublicKeyEncodingException "UnrecognizedPublicKeyEncoding"
7292//   The request was rejected because the public key encoding format is unsupported
7293//   or unrecognized.
7294//
7295// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetSSHPublicKey
7296func (c *IAM) GetSSHPublicKey(input *GetSSHPublicKeyInput) (*GetSSHPublicKeyOutput, error) {
7297	req, out := c.GetSSHPublicKeyRequest(input)
7298	return out, req.Send()
7299}
7300
7301// GetSSHPublicKeyWithContext is the same as GetSSHPublicKey with the addition of
7302// the ability to pass a context and additional request options.
7303//
7304// See GetSSHPublicKey for details on how to use this API operation.
7305//
7306// The context must be non-nil and will be used for request cancellation. If
7307// the context is nil a panic will occur. In the future the SDK may create
7308// sub-contexts for http.Requests. See https://golang.org/pkg/context/
7309// for more information on using Contexts.
7310func (c *IAM) GetSSHPublicKeyWithContext(ctx aws.Context, input *GetSSHPublicKeyInput, opts ...request.Option) (*GetSSHPublicKeyOutput, error) {
7311	req, out := c.GetSSHPublicKeyRequest(input)
7312	req.SetContext(ctx)
7313	req.ApplyOptions(opts...)
7314	return out, req.Send()
7315}
7316
7317const opGetServerCertificate = "GetServerCertificate"
7318
7319// GetServerCertificateRequest generates a "aws/request.Request" representing the
7320// client's request for the GetServerCertificate operation. The "output" return
7321// value will be populated with the request's response once the request completes
7322// successfully.
7323//
7324// Use "Send" method on the returned Request to send the API call to the service.
7325// the "output" return value is not valid until after Send returns without error.
7326//
7327// See GetServerCertificate for more information on using the GetServerCertificate
7328// API call, and error handling.
7329//
7330// This method is useful when you want to inject custom logic or configuration
7331// into the SDK's request lifecycle. Such as custom headers, or retry logic.
7332//
7333//
7334//    // Example sending a request using the GetServerCertificateRequest method.
7335//    req, resp := client.GetServerCertificateRequest(params)
7336//
7337//    err := req.Send()
7338//    if err == nil { // resp is now filled
7339//        fmt.Println(resp)
7340//    }
7341//
7342// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetServerCertificate
7343func (c *IAM) GetServerCertificateRequest(input *GetServerCertificateInput) (req *request.Request, output *GetServerCertificateOutput) {
7344	op := &request.Operation{
7345		Name:       opGetServerCertificate,
7346		HTTPMethod: "POST",
7347		HTTPPath:   "/",
7348	}
7349
7350	if input == nil {
7351		input = &GetServerCertificateInput{}
7352	}
7353
7354	output = &GetServerCertificateOutput{}
7355	req = c.newRequest(op, input, output)
7356	return
7357}
7358
7359// GetServerCertificate API operation for AWS Identity and Access Management.
7360//
7361// Retrieves information about the specified server certificate stored in IAM.
7362//
7363// For more information about working with server certificates, see Working
7364// with server certificates (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_server-certs.html)
7365// in the IAM User Guide. This topic includes a list of AWS services that can
7366// use the server certificates that you manage with IAM.
7367//
7368// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
7369// with awserr.Error's Code and Message methods to get detailed information about
7370// the error.
7371//
7372// See the AWS API reference guide for AWS Identity and Access Management's
7373// API operation GetServerCertificate for usage and error information.
7374//
7375// Returned Error Codes:
7376//   * ErrCodeNoSuchEntityException "NoSuchEntity"
7377//   The request was rejected because it referenced a resource entity that does
7378//   not exist. The error message describes the resource.
7379//
7380//   * ErrCodeServiceFailureException "ServiceFailure"
7381//   The request processing has failed because of an unknown error, exception
7382//   or failure.
7383//
7384// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetServerCertificate
7385func (c *IAM) GetServerCertificate(input *GetServerCertificateInput) (*GetServerCertificateOutput, error) {
7386	req, out := c.GetServerCertificateRequest(input)
7387	return out, req.Send()
7388}
7389
7390// GetServerCertificateWithContext is the same as GetServerCertificate with the addition of
7391// the ability to pass a context and additional request options.
7392//
7393// See GetServerCertificate for details on how to use this API operation.
7394//
7395// The context must be non-nil and will be used for request cancellation. If
7396// the context is nil a panic will occur. In the future the SDK may create
7397// sub-contexts for http.Requests. See https://golang.org/pkg/context/
7398// for more information on using Contexts.
7399func (c *IAM) GetServerCertificateWithContext(ctx aws.Context, input *GetServerCertificateInput, opts ...request.Option) (*GetServerCertificateOutput, error) {
7400	req, out := c.GetServerCertificateRequest(input)
7401	req.SetContext(ctx)
7402	req.ApplyOptions(opts...)
7403	return out, req.Send()
7404}
7405
7406const opGetServiceLastAccessedDetails = "GetServiceLastAccessedDetails"
7407
7408// GetServiceLastAccessedDetailsRequest generates a "aws/request.Request" representing the
7409// client's request for the GetServiceLastAccessedDetails operation. The "output" return
7410// value will be populated with the request's response once the request completes
7411// successfully.
7412//
7413// Use "Send" method on the returned Request to send the API call to the service.
7414// the "output" return value is not valid until after Send returns without error.
7415//
7416// See GetServiceLastAccessedDetails for more information on using the GetServiceLastAccessedDetails
7417// API call, and error handling.
7418//
7419// This method is useful when you want to inject custom logic or configuration
7420// into the SDK's request lifecycle. Such as custom headers, or retry logic.
7421//
7422//
7423//    // Example sending a request using the GetServiceLastAccessedDetailsRequest method.
7424//    req, resp := client.GetServiceLastAccessedDetailsRequest(params)
7425//
7426//    err := req.Send()
7427//    if err == nil { // resp is now filled
7428//        fmt.Println(resp)
7429//    }
7430//
7431// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetServiceLastAccessedDetails
7432func (c *IAM) GetServiceLastAccessedDetailsRequest(input *GetServiceLastAccessedDetailsInput) (req *request.Request, output *GetServiceLastAccessedDetailsOutput) {
7433	op := &request.Operation{
7434		Name:       opGetServiceLastAccessedDetails,
7435		HTTPMethod: "POST",
7436		HTTPPath:   "/",
7437	}
7438
7439	if input == nil {
7440		input = &GetServiceLastAccessedDetailsInput{}
7441	}
7442
7443	output = &GetServiceLastAccessedDetailsOutput{}
7444	req = c.newRequest(op, input, output)
7445	return
7446}
7447
7448// GetServiceLastAccessedDetails API operation for AWS Identity and Access Management.
7449//
7450// Retrieves a service last accessed report that was created using the GenerateServiceLastAccessedDetails
7451// operation. You can use the JobId parameter in GetServiceLastAccessedDetails
7452// to retrieve the status of your report job. When the report is complete, you
7453// can retrieve the generated report. The report includes a list of AWS services
7454// that the resource (user, group, role, or managed policy) can access.
7455//
7456// Service last accessed data does not use other policy types when determining
7457// whether a resource could access a service. These other policy types include
7458// resource-based policies, access control lists, AWS Organizations policies,
7459// IAM permissions boundaries, and AWS STS assume role policies. It only applies
7460// permissions policy logic. For more about the evaluation of policy types,
7461// see Evaluating policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluation-logic.html#policy-eval-basics)
7462// in the IAM User Guide.
7463//
7464// For each service that the resource could access using permissions policies,
7465// the operation returns details about the most recent access attempt. If there
7466// was no attempt, the service is listed without details about the most recent
7467// attempt to access the service. If the operation fails, the GetServiceLastAccessedDetails
7468// operation returns the reason that it failed.
7469//
7470// The GetServiceLastAccessedDetails operation returns a list of services. This
7471// list includes the number of entities that have attempted to access the service
7472// and the date and time of the last attempt. It also returns the ARN of the
7473// following entity, depending on the resource ARN that you used to generate
7474// the report:
7475//
7476//    * User – Returns the user ARN that you used to generate the report
7477//
7478//    * Group – Returns the ARN of the group member (user) that last attempted
7479//    to access the service
7480//
7481//    * Role – Returns the role ARN that you used to generate the report
7482//
7483//    * Policy – Returns the ARN of the user or role that last used the policy
7484//    to attempt to access the service
7485//
7486// By default, the list is sorted by service namespace.
7487//
7488// If you specified ACTION_LEVEL granularity when you generated the report,
7489// this operation returns service and action last accessed data. This includes
7490// the most recent access attempt for each tracked action within a service.
7491// Otherwise, this operation returns only service data.
7492//
7493// For more information about service and action last accessed data, see Reducing
7494// permissions using service last accessed data (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html)
7495// in the IAM User Guide.
7496//
7497// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
7498// with awserr.Error's Code and Message methods to get detailed information about
7499// the error.
7500//
7501// See the AWS API reference guide for AWS Identity and Access Management's
7502// API operation GetServiceLastAccessedDetails for usage and error information.
7503//
7504// Returned Error Codes:
7505//   * ErrCodeNoSuchEntityException "NoSuchEntity"
7506//   The request was rejected because it referenced a resource entity that does
7507//   not exist. The error message describes the resource.
7508//
7509//   * ErrCodeInvalidInputException "InvalidInput"
7510//   The request was rejected because an invalid or out-of-range value was supplied
7511//   for an input parameter.
7512//
7513// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetServiceLastAccessedDetails
7514func (c *IAM) GetServiceLastAccessedDetails(input *GetServiceLastAccessedDetailsInput) (*GetServiceLastAccessedDetailsOutput, error) {
7515	req, out := c.GetServiceLastAccessedDetailsRequest(input)
7516	return out, req.Send()
7517}
7518
7519// GetServiceLastAccessedDetailsWithContext is the same as GetServiceLastAccessedDetails with the addition of
7520// the ability to pass a context and additional request options.
7521//
7522// See GetServiceLastAccessedDetails for details on how to use this API operation.
7523//
7524// The context must be non-nil and will be used for request cancellation. If
7525// the context is nil a panic will occur. In the future the SDK may create
7526// sub-contexts for http.Requests. See https://golang.org/pkg/context/
7527// for more information on using Contexts.
7528func (c *IAM) GetServiceLastAccessedDetailsWithContext(ctx aws.Context, input *GetServiceLastAccessedDetailsInput, opts ...request.Option) (*GetServiceLastAccessedDetailsOutput, error) {
7529	req, out := c.GetServiceLastAccessedDetailsRequest(input)
7530	req.SetContext(ctx)
7531	req.ApplyOptions(opts...)
7532	return out, req.Send()
7533}
7534
7535const opGetServiceLastAccessedDetailsWithEntities = "GetServiceLastAccessedDetailsWithEntities"
7536
7537// GetServiceLastAccessedDetailsWithEntitiesRequest generates a "aws/request.Request" representing the
7538// client's request for the GetServiceLastAccessedDetailsWithEntities operation. The "output" return
7539// value will be populated with the request's response once the request completes
7540// successfully.
7541//
7542// Use "Send" method on the returned Request to send the API call to the service.
7543// the "output" return value is not valid until after Send returns without error.
7544//
7545// See GetServiceLastAccessedDetailsWithEntities for more information on using the GetServiceLastAccessedDetailsWithEntities
7546// API call, and error handling.
7547//
7548// This method is useful when you want to inject custom logic or configuration
7549// into the SDK's request lifecycle. Such as custom headers, or retry logic.
7550//
7551//
7552//    // Example sending a request using the GetServiceLastAccessedDetailsWithEntitiesRequest method.
7553//    req, resp := client.GetServiceLastAccessedDetailsWithEntitiesRequest(params)
7554//
7555//    err := req.Send()
7556//    if err == nil { // resp is now filled
7557//        fmt.Println(resp)
7558//    }
7559//
7560// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetServiceLastAccessedDetailsWithEntities
7561func (c *IAM) GetServiceLastAccessedDetailsWithEntitiesRequest(input *GetServiceLastAccessedDetailsWithEntitiesInput) (req *request.Request, output *GetServiceLastAccessedDetailsWithEntitiesOutput) {
7562	op := &request.Operation{
7563		Name:       opGetServiceLastAccessedDetailsWithEntities,
7564		HTTPMethod: "POST",
7565		HTTPPath:   "/",
7566	}
7567
7568	if input == nil {
7569		input = &GetServiceLastAccessedDetailsWithEntitiesInput{}
7570	}
7571
7572	output = &GetServiceLastAccessedDetailsWithEntitiesOutput{}
7573	req = c.newRequest(op, input, output)
7574	return
7575}
7576
7577// GetServiceLastAccessedDetailsWithEntities API operation for AWS Identity and Access Management.
7578//
7579// After you generate a group or policy report using the GenerateServiceLastAccessedDetails
7580// operation, you can use the JobId parameter in GetServiceLastAccessedDetailsWithEntities.
7581// This operation retrieves the status of your report job and a list of entities
7582// that could have used group or policy permissions to access the specified
7583// service.
7584//
7585//    * Group – For a group report, this operation returns a list of users
7586//    in the group that could have used the group’s policies in an attempt
7587//    to access the service.
7588//
7589//    * Policy – For a policy report, this operation returns a list of entities
7590//    (users or roles) that could have used the policy in an attempt to access
7591//    the service.
7592//
7593// You can also use this operation for user or role reports to retrieve details
7594// about those entities.
7595//
7596// If the operation fails, the GetServiceLastAccessedDetailsWithEntities operation
7597// returns the reason that it failed.
7598//
7599// By default, the list of associated entities is sorted by date, with the most
7600// recent access listed first.
7601//
7602// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
7603// with awserr.Error's Code and Message methods to get detailed information about
7604// the error.
7605//
7606// See the AWS API reference guide for AWS Identity and Access Management's
7607// API operation GetServiceLastAccessedDetailsWithEntities for usage and error information.
7608//
7609// Returned Error Codes:
7610//   * ErrCodeNoSuchEntityException "NoSuchEntity"
7611//   The request was rejected because it referenced a resource entity that does
7612//   not exist. The error message describes the resource.
7613//
7614//   * ErrCodeInvalidInputException "InvalidInput"
7615//   The request was rejected because an invalid or out-of-range value was supplied
7616//   for an input parameter.
7617//
7618// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetServiceLastAccessedDetailsWithEntities
7619func (c *IAM) GetServiceLastAccessedDetailsWithEntities(input *GetServiceLastAccessedDetailsWithEntitiesInput) (*GetServiceLastAccessedDetailsWithEntitiesOutput, error) {
7620	req, out := c.GetServiceLastAccessedDetailsWithEntitiesRequest(input)
7621	return out, req.Send()
7622}
7623
7624// GetServiceLastAccessedDetailsWithEntitiesWithContext is the same as GetServiceLastAccessedDetailsWithEntities with the addition of
7625// the ability to pass a context and additional request options.
7626//
7627// See GetServiceLastAccessedDetailsWithEntities for details on how to use this API operation.
7628//
7629// The context must be non-nil and will be used for request cancellation. If
7630// the context is nil a panic will occur. In the future the SDK may create
7631// sub-contexts for http.Requests. See https://golang.org/pkg/context/
7632// for more information on using Contexts.
7633func (c *IAM) GetServiceLastAccessedDetailsWithEntitiesWithContext(ctx aws.Context, input *GetServiceLastAccessedDetailsWithEntitiesInput, opts ...request.Option) (*GetServiceLastAccessedDetailsWithEntitiesOutput, error) {
7634	req, out := c.GetServiceLastAccessedDetailsWithEntitiesRequest(input)
7635	req.SetContext(ctx)
7636	req.ApplyOptions(opts...)
7637	return out, req.Send()
7638}
7639
7640const opGetServiceLinkedRoleDeletionStatus = "GetServiceLinkedRoleDeletionStatus"
7641
7642// GetServiceLinkedRoleDeletionStatusRequest generates a "aws/request.Request" representing the
7643// client's request for the GetServiceLinkedRoleDeletionStatus operation. The "output" return
7644// value will be populated with the request's response once the request completes
7645// successfully.
7646//
7647// Use "Send" method on the returned Request to send the API call to the service.
7648// the "output" return value is not valid until after Send returns without error.
7649//
7650// See GetServiceLinkedRoleDeletionStatus for more information on using the GetServiceLinkedRoleDeletionStatus
7651// API call, and error handling.
7652//
7653// This method is useful when you want to inject custom logic or configuration
7654// into the SDK's request lifecycle. Such as custom headers, or retry logic.
7655//
7656//
7657//    // Example sending a request using the GetServiceLinkedRoleDeletionStatusRequest method.
7658//    req, resp := client.GetServiceLinkedRoleDeletionStatusRequest(params)
7659//
7660//    err := req.Send()
7661//    if err == nil { // resp is now filled
7662//        fmt.Println(resp)
7663//    }
7664//
7665// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetServiceLinkedRoleDeletionStatus
7666func (c *IAM) GetServiceLinkedRoleDeletionStatusRequest(input *GetServiceLinkedRoleDeletionStatusInput) (req *request.Request, output *GetServiceLinkedRoleDeletionStatusOutput) {
7667	op := &request.Operation{
7668		Name:       opGetServiceLinkedRoleDeletionStatus,
7669		HTTPMethod: "POST",
7670		HTTPPath:   "/",
7671	}
7672
7673	if input == nil {
7674		input = &GetServiceLinkedRoleDeletionStatusInput{}
7675	}
7676
7677	output = &GetServiceLinkedRoleDeletionStatusOutput{}
7678	req = c.newRequest(op, input, output)
7679	return
7680}
7681
7682// GetServiceLinkedRoleDeletionStatus API operation for AWS Identity and Access Management.
7683//
7684// Retrieves the status of your service-linked role deletion. After you use
7685// DeleteServiceLinkedRole to submit a service-linked role for deletion, you
7686// can use the DeletionTaskId parameter in GetServiceLinkedRoleDeletionStatus
7687// to check the status of the deletion. If the deletion fails, this operation
7688// returns the reason that it failed, if that information is returned by the
7689// service.
7690//
7691// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
7692// with awserr.Error's Code and Message methods to get detailed information about
7693// the error.
7694//
7695// See the AWS API reference guide for AWS Identity and Access Management's
7696// API operation GetServiceLinkedRoleDeletionStatus for usage and error information.
7697//
7698// Returned Error Codes:
7699//   * ErrCodeNoSuchEntityException "NoSuchEntity"
7700//   The request was rejected because it referenced a resource entity that does
7701//   not exist. The error message describes the resource.
7702//
7703//   * ErrCodeInvalidInputException "InvalidInput"
7704//   The request was rejected because an invalid or out-of-range value was supplied
7705//   for an input parameter.
7706//
7707//   * ErrCodeServiceFailureException "ServiceFailure"
7708//   The request processing has failed because of an unknown error, exception
7709//   or failure.
7710//
7711// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetServiceLinkedRoleDeletionStatus
7712func (c *IAM) GetServiceLinkedRoleDeletionStatus(input *GetServiceLinkedRoleDeletionStatusInput) (*GetServiceLinkedRoleDeletionStatusOutput, error) {
7713	req, out := c.GetServiceLinkedRoleDeletionStatusRequest(input)
7714	return out, req.Send()
7715}
7716
7717// GetServiceLinkedRoleDeletionStatusWithContext is the same as GetServiceLinkedRoleDeletionStatus with the addition of
7718// the ability to pass a context and additional request options.
7719//
7720// See GetServiceLinkedRoleDeletionStatus for details on how to use this API operation.
7721//
7722// The context must be non-nil and will be used for request cancellation. If
7723// the context is nil a panic will occur. In the future the SDK may create
7724// sub-contexts for http.Requests. See https://golang.org/pkg/context/
7725// for more information on using Contexts.
7726func (c *IAM) GetServiceLinkedRoleDeletionStatusWithContext(ctx aws.Context, input *GetServiceLinkedRoleDeletionStatusInput, opts ...request.Option) (*GetServiceLinkedRoleDeletionStatusOutput, error) {
7727	req, out := c.GetServiceLinkedRoleDeletionStatusRequest(input)
7728	req.SetContext(ctx)
7729	req.ApplyOptions(opts...)
7730	return out, req.Send()
7731}
7732
7733const opGetUser = "GetUser"
7734
7735// GetUserRequest generates a "aws/request.Request" representing the
7736// client's request for the GetUser operation. The "output" return
7737// value will be populated with the request's response once the request completes
7738// successfully.
7739//
7740// Use "Send" method on the returned Request to send the API call to the service.
7741// the "output" return value is not valid until after Send returns without error.
7742//
7743// See GetUser for more information on using the GetUser
7744// API call, and error handling.
7745//
7746// This method is useful when you want to inject custom logic or configuration
7747// into the SDK's request lifecycle. Such as custom headers, or retry logic.
7748//
7749//
7750//    // Example sending a request using the GetUserRequest method.
7751//    req, resp := client.GetUserRequest(params)
7752//
7753//    err := req.Send()
7754//    if err == nil { // resp is now filled
7755//        fmt.Println(resp)
7756//    }
7757//
7758// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetUser
7759func (c *IAM) GetUserRequest(input *GetUserInput) (req *request.Request, output *GetUserOutput) {
7760	op := &request.Operation{
7761		Name:       opGetUser,
7762		HTTPMethod: "POST",
7763		HTTPPath:   "/",
7764	}
7765
7766	if input == nil {
7767		input = &GetUserInput{}
7768	}
7769
7770	output = &GetUserOutput{}
7771	req = c.newRequest(op, input, output)
7772	return
7773}
7774
7775// GetUser API operation for AWS Identity and Access Management.
7776//
7777// Retrieves information about the specified IAM user, including the user's
7778// creation date, path, unique ID, and ARN.
7779//
7780// If you do not specify a user name, IAM determines the user name implicitly
7781// based on the AWS access key ID used to sign the request to this operation.
7782//
7783// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
7784// with awserr.Error's Code and Message methods to get detailed information about
7785// the error.
7786//
7787// See the AWS API reference guide for AWS Identity and Access Management's
7788// API operation GetUser for usage and error information.
7789//
7790// Returned Error Codes:
7791//   * ErrCodeNoSuchEntityException "NoSuchEntity"
7792//   The request was rejected because it referenced a resource entity that does
7793//   not exist. The error message describes the resource.
7794//
7795//   * ErrCodeServiceFailureException "ServiceFailure"
7796//   The request processing has failed because of an unknown error, exception
7797//   or failure.
7798//
7799// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetUser
7800func (c *IAM) GetUser(input *GetUserInput) (*GetUserOutput, error) {
7801	req, out := c.GetUserRequest(input)
7802	return out, req.Send()
7803}
7804
7805// GetUserWithContext is the same as GetUser with the addition of
7806// the ability to pass a context and additional request options.
7807//
7808// See GetUser for details on how to use this API operation.
7809//
7810// The context must be non-nil and will be used for request cancellation. If
7811// the context is nil a panic will occur. In the future the SDK may create
7812// sub-contexts for http.Requests. See https://golang.org/pkg/context/
7813// for more information on using Contexts.
7814func (c *IAM) GetUserWithContext(ctx aws.Context, input *GetUserInput, opts ...request.Option) (*GetUserOutput, error) {
7815	req, out := c.GetUserRequest(input)
7816	req.SetContext(ctx)
7817	req.ApplyOptions(opts...)
7818	return out, req.Send()
7819}
7820
7821const opGetUserPolicy = "GetUserPolicy"
7822
7823// GetUserPolicyRequest generates a "aws/request.Request" representing the
7824// client's request for the GetUserPolicy operation. The "output" return
7825// value will be populated with the request's response once the request completes
7826// successfully.
7827//
7828// Use "Send" method on the returned Request to send the API call to the service.
7829// the "output" return value is not valid until after Send returns without error.
7830//
7831// See GetUserPolicy for more information on using the GetUserPolicy
7832// API call, and error handling.
7833//
7834// This method is useful when you want to inject custom logic or configuration
7835// into the SDK's request lifecycle. Such as custom headers, or retry logic.
7836//
7837//
7838//    // Example sending a request using the GetUserPolicyRequest method.
7839//    req, resp := client.GetUserPolicyRequest(params)
7840//
7841//    err := req.Send()
7842//    if err == nil { // resp is now filled
7843//        fmt.Println(resp)
7844//    }
7845//
7846// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetUserPolicy
7847func (c *IAM) GetUserPolicyRequest(input *GetUserPolicyInput) (req *request.Request, output *GetUserPolicyOutput) {
7848	op := &request.Operation{
7849		Name:       opGetUserPolicy,
7850		HTTPMethod: "POST",
7851		HTTPPath:   "/",
7852	}
7853
7854	if input == nil {
7855		input = &GetUserPolicyInput{}
7856	}
7857
7858	output = &GetUserPolicyOutput{}
7859	req = c.newRequest(op, input, output)
7860	return
7861}
7862
7863// GetUserPolicy API operation for AWS Identity and Access Management.
7864//
7865// Retrieves the specified inline policy document that is embedded in the specified
7866// IAM user.
7867//
7868// Policies returned by this operation are URL-encoded compliant with RFC 3986
7869// (https://tools.ietf.org/html/rfc3986). You can use a URL decoding method
7870// to convert the policy back to plain JSON text. For example, if you use Java,
7871// you can use the decode method of the java.net.URLDecoder utility class in
7872// the Java SDK. Other languages and SDKs provide similar functionality.
7873//
7874// An IAM user can also have managed policies attached to it. To retrieve a
7875// managed policy document that is attached to a user, use GetPolicy to determine
7876// the policy's default version. Then use GetPolicyVersion to retrieve the policy
7877// document.
7878//
7879// For more information about policies, see Managed policies and inline policies
7880// (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
7881// in the IAM User Guide.
7882//
7883// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
7884// with awserr.Error's Code and Message methods to get detailed information about
7885// the error.
7886//
7887// See the AWS API reference guide for AWS Identity and Access Management's
7888// API operation GetUserPolicy for usage and error information.
7889//
7890// Returned Error Codes:
7891//   * ErrCodeNoSuchEntityException "NoSuchEntity"
7892//   The request was rejected because it referenced a resource entity that does
7893//   not exist. The error message describes the resource.
7894//
7895//   * ErrCodeServiceFailureException "ServiceFailure"
7896//   The request processing has failed because of an unknown error, exception
7897//   or failure.
7898//
7899// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetUserPolicy
7900func (c *IAM) GetUserPolicy(input *GetUserPolicyInput) (*GetUserPolicyOutput, error) {
7901	req, out := c.GetUserPolicyRequest(input)
7902	return out, req.Send()
7903}
7904
7905// GetUserPolicyWithContext is the same as GetUserPolicy with the addition of
7906// the ability to pass a context and additional request options.
7907//
7908// See GetUserPolicy for details on how to use this API operation.
7909//
7910// The context must be non-nil and will be used for request cancellation. If
7911// the context is nil a panic will occur. In the future the SDK may create
7912// sub-contexts for http.Requests. See https://golang.org/pkg/context/
7913// for more information on using Contexts.
7914func (c *IAM) GetUserPolicyWithContext(ctx aws.Context, input *GetUserPolicyInput, opts ...request.Option) (*GetUserPolicyOutput, error) {
7915	req, out := c.GetUserPolicyRequest(input)
7916	req.SetContext(ctx)
7917	req.ApplyOptions(opts...)
7918	return out, req.Send()
7919}
7920
7921const opListAccessKeys = "ListAccessKeys"
7922
7923// ListAccessKeysRequest generates a "aws/request.Request" representing the
7924// client's request for the ListAccessKeys operation. The "output" return
7925// value will be populated with the request's response once the request completes
7926// successfully.
7927//
7928// Use "Send" method on the returned Request to send the API call to the service.
7929// the "output" return value is not valid until after Send returns without error.
7930//
7931// See ListAccessKeys for more information on using the ListAccessKeys
7932// API call, and error handling.
7933//
7934// This method is useful when you want to inject custom logic or configuration
7935// into the SDK's request lifecycle. Such as custom headers, or retry logic.
7936//
7937//
7938//    // Example sending a request using the ListAccessKeysRequest method.
7939//    req, resp := client.ListAccessKeysRequest(params)
7940//
7941//    err := req.Send()
7942//    if err == nil { // resp is now filled
7943//        fmt.Println(resp)
7944//    }
7945//
7946// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListAccessKeys
7947func (c *IAM) ListAccessKeysRequest(input *ListAccessKeysInput) (req *request.Request, output *ListAccessKeysOutput) {
7948	op := &request.Operation{
7949		Name:       opListAccessKeys,
7950		HTTPMethod: "POST",
7951		HTTPPath:   "/",
7952		Paginator: &request.Paginator{
7953			InputTokens:     []string{"Marker"},
7954			OutputTokens:    []string{"Marker"},
7955			LimitToken:      "MaxItems",
7956			TruncationToken: "IsTruncated",
7957		},
7958	}
7959
7960	if input == nil {
7961		input = &ListAccessKeysInput{}
7962	}
7963
7964	output = &ListAccessKeysOutput{}
7965	req = c.newRequest(op, input, output)
7966	return
7967}
7968
7969// ListAccessKeys API operation for AWS Identity and Access Management.
7970//
7971// Returns information about the access key IDs associated with the specified
7972// IAM user. If there is none, the operation returns an empty list.
7973//
7974// Although each user is limited to a small number of keys, you can still paginate
7975// the results using the MaxItems and Marker parameters.
7976//
7977// If the UserName field is not specified, the user name is determined implicitly
7978// based on the AWS access key ID used to sign the request. This operation works
7979// for access keys under the AWS account. Consequently, you can use this operation
7980// to manage AWS account root user credentials even if the AWS account has no
7981// associated users.
7982//
7983// To ensure the security of your AWS account, the secret access key is accessible
7984// only during key and user creation.
7985//
7986// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
7987// with awserr.Error's Code and Message methods to get detailed information about
7988// the error.
7989//
7990// See the AWS API reference guide for AWS Identity and Access Management's
7991// API operation ListAccessKeys for usage and error information.
7992//
7993// Returned Error Codes:
7994//   * ErrCodeNoSuchEntityException "NoSuchEntity"
7995//   The request was rejected because it referenced a resource entity that does
7996//   not exist. The error message describes the resource.
7997//
7998//   * ErrCodeServiceFailureException "ServiceFailure"
7999//   The request processing has failed because of an unknown error, exception
8000//   or failure.
8001//
8002// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListAccessKeys
8003func (c *IAM) ListAccessKeys(input *ListAccessKeysInput) (*ListAccessKeysOutput, error) {
8004	req, out := c.ListAccessKeysRequest(input)
8005	return out, req.Send()
8006}
8007
8008// ListAccessKeysWithContext is the same as ListAccessKeys with the addition of
8009// the ability to pass a context and additional request options.
8010//
8011// See ListAccessKeys for details on how to use this API operation.
8012//
8013// The context must be non-nil and will be used for request cancellation. If
8014// the context is nil a panic will occur. In the future the SDK may create
8015// sub-contexts for http.Requests. See https://golang.org/pkg/context/
8016// for more information on using Contexts.
8017func (c *IAM) ListAccessKeysWithContext(ctx aws.Context, input *ListAccessKeysInput, opts ...request.Option) (*ListAccessKeysOutput, error) {
8018	req, out := c.ListAccessKeysRequest(input)
8019	req.SetContext(ctx)
8020	req.ApplyOptions(opts...)
8021	return out, req.Send()
8022}
8023
8024// ListAccessKeysPages iterates over the pages of a ListAccessKeys operation,
8025// calling the "fn" function with the response data for each page. To stop
8026// iterating, return false from the fn function.
8027//
8028// See ListAccessKeys method for more information on how to use this operation.
8029//
8030// Note: This operation can generate multiple requests to a service.
8031//
8032//    // Example iterating over at most 3 pages of a ListAccessKeys operation.
8033//    pageNum := 0
8034//    err := client.ListAccessKeysPages(params,
8035//        func(page *iam.ListAccessKeysOutput, lastPage bool) bool {
8036//            pageNum++
8037//            fmt.Println(page)
8038//            return pageNum <= 3
8039//        })
8040//
8041func (c *IAM) ListAccessKeysPages(input *ListAccessKeysInput, fn func(*ListAccessKeysOutput, bool) bool) error {
8042	return c.ListAccessKeysPagesWithContext(aws.BackgroundContext(), input, fn)
8043}
8044
8045// ListAccessKeysPagesWithContext same as ListAccessKeysPages except
8046// it takes a Context and allows setting request options on the pages.
8047//
8048// The context must be non-nil and will be used for request cancellation. If
8049// the context is nil a panic will occur. In the future the SDK may create
8050// sub-contexts for http.Requests. See https://golang.org/pkg/context/
8051// for more information on using Contexts.
8052func (c *IAM) ListAccessKeysPagesWithContext(ctx aws.Context, input *ListAccessKeysInput, fn func(*ListAccessKeysOutput, bool) bool, opts ...request.Option) error {
8053	p := request.Pagination{
8054		NewRequest: func() (*request.Request, error) {
8055			var inCpy *ListAccessKeysInput
8056			if input != nil {
8057				tmp := *input
8058				inCpy = &tmp
8059			}
8060			req, _ := c.ListAccessKeysRequest(inCpy)
8061			req.SetContext(ctx)
8062			req.ApplyOptions(opts...)
8063			return req, nil
8064		},
8065	}
8066
8067	for p.Next() {
8068		if !fn(p.Page().(*ListAccessKeysOutput), !p.HasNextPage()) {
8069			break
8070		}
8071	}
8072
8073	return p.Err()
8074}
8075
8076const opListAccountAliases = "ListAccountAliases"
8077
8078// ListAccountAliasesRequest generates a "aws/request.Request" representing the
8079// client's request for the ListAccountAliases operation. The "output" return
8080// value will be populated with the request's response once the request completes
8081// successfully.
8082//
8083// Use "Send" method on the returned Request to send the API call to the service.
8084// the "output" return value is not valid until after Send returns without error.
8085//
8086// See ListAccountAliases for more information on using the ListAccountAliases
8087// API call, and error handling.
8088//
8089// This method is useful when you want to inject custom logic or configuration
8090// into the SDK's request lifecycle. Such as custom headers, or retry logic.
8091//
8092//
8093//    // Example sending a request using the ListAccountAliasesRequest method.
8094//    req, resp := client.ListAccountAliasesRequest(params)
8095//
8096//    err := req.Send()
8097//    if err == nil { // resp is now filled
8098//        fmt.Println(resp)
8099//    }
8100//
8101// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListAccountAliases
8102func (c *IAM) ListAccountAliasesRequest(input *ListAccountAliasesInput) (req *request.Request, output *ListAccountAliasesOutput) {
8103	op := &request.Operation{
8104		Name:       opListAccountAliases,
8105		HTTPMethod: "POST",
8106		HTTPPath:   "/",
8107		Paginator: &request.Paginator{
8108			InputTokens:     []string{"Marker"},
8109			OutputTokens:    []string{"Marker"},
8110			LimitToken:      "MaxItems",
8111			TruncationToken: "IsTruncated",
8112		},
8113	}
8114
8115	if input == nil {
8116		input = &ListAccountAliasesInput{}
8117	}
8118
8119	output = &ListAccountAliasesOutput{}
8120	req = c.newRequest(op, input, output)
8121	return
8122}
8123
8124// ListAccountAliases API operation for AWS Identity and Access Management.
8125//
8126// Lists the account alias associated with the AWS account (Note: you can have
8127// only one). For information about using an AWS account alias, see Using an
8128// alias for your AWS account ID (https://docs.aws.amazon.com/IAM/latest/UserGuide/AccountAlias.html)
8129// in the IAM User Guide.
8130//
8131// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
8132// with awserr.Error's Code and Message methods to get detailed information about
8133// the error.
8134//
8135// See the AWS API reference guide for AWS Identity and Access Management's
8136// API operation ListAccountAliases for usage and error information.
8137//
8138// Returned Error Codes:
8139//   * ErrCodeServiceFailureException "ServiceFailure"
8140//   The request processing has failed because of an unknown error, exception
8141//   or failure.
8142//
8143// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListAccountAliases
8144func (c *IAM) ListAccountAliases(input *ListAccountAliasesInput) (*ListAccountAliasesOutput, error) {
8145	req, out := c.ListAccountAliasesRequest(input)
8146	return out, req.Send()
8147}
8148
8149// ListAccountAliasesWithContext is the same as ListAccountAliases with the addition of
8150// the ability to pass a context and additional request options.
8151//
8152// See ListAccountAliases for details on how to use this API operation.
8153//
8154// The context must be non-nil and will be used for request cancellation. If
8155// the context is nil a panic will occur. In the future the SDK may create
8156// sub-contexts for http.Requests. See https://golang.org/pkg/context/
8157// for more information on using Contexts.
8158func (c *IAM) ListAccountAliasesWithContext(ctx aws.Context, input *ListAccountAliasesInput, opts ...request.Option) (*ListAccountAliasesOutput, error) {
8159	req, out := c.ListAccountAliasesRequest(input)
8160	req.SetContext(ctx)
8161	req.ApplyOptions(opts...)
8162	return out, req.Send()
8163}
8164
8165// ListAccountAliasesPages iterates over the pages of a ListAccountAliases operation,
8166// calling the "fn" function with the response data for each page. To stop
8167// iterating, return false from the fn function.
8168//
8169// See ListAccountAliases method for more information on how to use this operation.
8170//
8171// Note: This operation can generate multiple requests to a service.
8172//
8173//    // Example iterating over at most 3 pages of a ListAccountAliases operation.
8174//    pageNum := 0
8175//    err := client.ListAccountAliasesPages(params,
8176//        func(page *iam.ListAccountAliasesOutput, lastPage bool) bool {
8177//            pageNum++
8178//            fmt.Println(page)
8179//            return pageNum <= 3
8180//        })
8181//
8182func (c *IAM) ListAccountAliasesPages(input *ListAccountAliasesInput, fn func(*ListAccountAliasesOutput, bool) bool) error {
8183	return c.ListAccountAliasesPagesWithContext(aws.BackgroundContext(), input, fn)
8184}
8185
8186// ListAccountAliasesPagesWithContext same as ListAccountAliasesPages except
8187// it takes a Context and allows setting request options on the pages.
8188//
8189// The context must be non-nil and will be used for request cancellation. If
8190// the context is nil a panic will occur. In the future the SDK may create
8191// sub-contexts for http.Requests. See https://golang.org/pkg/context/
8192// for more information on using Contexts.
8193func (c *IAM) ListAccountAliasesPagesWithContext(ctx aws.Context, input *ListAccountAliasesInput, fn func(*ListAccountAliasesOutput, bool) bool, opts ...request.Option) error {
8194	p := request.Pagination{
8195		NewRequest: func() (*request.Request, error) {
8196			var inCpy *ListAccountAliasesInput
8197			if input != nil {
8198				tmp := *input
8199				inCpy = &tmp
8200			}
8201			req, _ := c.ListAccountAliasesRequest(inCpy)
8202			req.SetContext(ctx)
8203			req.ApplyOptions(opts...)
8204			return req, nil
8205		},
8206	}
8207
8208	for p.Next() {
8209		if !fn(p.Page().(*ListAccountAliasesOutput), !p.HasNextPage()) {
8210			break
8211		}
8212	}
8213
8214	return p.Err()
8215}
8216
8217const opListAttachedGroupPolicies = "ListAttachedGroupPolicies"
8218
8219// ListAttachedGroupPoliciesRequest generates a "aws/request.Request" representing the
8220// client's request for the ListAttachedGroupPolicies operation. The "output" return
8221// value will be populated with the request's response once the request completes
8222// successfully.
8223//
8224// Use "Send" method on the returned Request to send the API call to the service.
8225// the "output" return value is not valid until after Send returns without error.
8226//
8227// See ListAttachedGroupPolicies for more information on using the ListAttachedGroupPolicies
8228// API call, and error handling.
8229//
8230// This method is useful when you want to inject custom logic or configuration
8231// into the SDK's request lifecycle. Such as custom headers, or retry logic.
8232//
8233//
8234//    // Example sending a request using the ListAttachedGroupPoliciesRequest method.
8235//    req, resp := client.ListAttachedGroupPoliciesRequest(params)
8236//
8237//    err := req.Send()
8238//    if err == nil { // resp is now filled
8239//        fmt.Println(resp)
8240//    }
8241//
8242// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListAttachedGroupPolicies
8243func (c *IAM) ListAttachedGroupPoliciesRequest(input *ListAttachedGroupPoliciesInput) (req *request.Request, output *ListAttachedGroupPoliciesOutput) {
8244	op := &request.Operation{
8245		Name:       opListAttachedGroupPolicies,
8246		HTTPMethod: "POST",
8247		HTTPPath:   "/",
8248		Paginator: &request.Paginator{
8249			InputTokens:     []string{"Marker"},
8250			OutputTokens:    []string{"Marker"},
8251			LimitToken:      "MaxItems",
8252			TruncationToken: "IsTruncated",
8253		},
8254	}
8255
8256	if input == nil {
8257		input = &ListAttachedGroupPoliciesInput{}
8258	}
8259
8260	output = &ListAttachedGroupPoliciesOutput{}
8261	req = c.newRequest(op, input, output)
8262	return
8263}
8264
8265// ListAttachedGroupPolicies API operation for AWS Identity and Access Management.
8266//
8267// Lists all managed policies that are attached to the specified IAM group.
8268//
8269// An IAM group can also have inline policies embedded with it. To list the
8270// inline policies for a group, use ListGroupPolicies. For information about
8271// policies, see Managed policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
8272// in the IAM User Guide.
8273//
8274// You can paginate the results using the MaxItems and Marker parameters. You
8275// can use the PathPrefix parameter to limit the list of policies to only those
8276// matching the specified path prefix. If there are no policies attached to
8277// the specified group (or none that match the specified path prefix), the operation
8278// returns an empty list.
8279//
8280// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
8281// with awserr.Error's Code and Message methods to get detailed information about
8282// the error.
8283//
8284// See the AWS API reference guide for AWS Identity and Access Management's
8285// API operation ListAttachedGroupPolicies for usage and error information.
8286//
8287// Returned Error Codes:
8288//   * ErrCodeNoSuchEntityException "NoSuchEntity"
8289//   The request was rejected because it referenced a resource entity that does
8290//   not exist. The error message describes the resource.
8291//
8292//   * ErrCodeInvalidInputException "InvalidInput"
8293//   The request was rejected because an invalid or out-of-range value was supplied
8294//   for an input parameter.
8295//
8296//   * ErrCodeServiceFailureException "ServiceFailure"
8297//   The request processing has failed because of an unknown error, exception
8298//   or failure.
8299//
8300// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListAttachedGroupPolicies
8301func (c *IAM) ListAttachedGroupPolicies(input *ListAttachedGroupPoliciesInput) (*ListAttachedGroupPoliciesOutput, error) {
8302	req, out := c.ListAttachedGroupPoliciesRequest(input)
8303	return out, req.Send()
8304}
8305
8306// ListAttachedGroupPoliciesWithContext is the same as ListAttachedGroupPolicies with the addition of
8307// the ability to pass a context and additional request options.
8308//
8309// See ListAttachedGroupPolicies for details on how to use this API operation.
8310//
8311// The context must be non-nil and will be used for request cancellation. If
8312// the context is nil a panic will occur. In the future the SDK may create
8313// sub-contexts for http.Requests. See https://golang.org/pkg/context/
8314// for more information on using Contexts.
8315func (c *IAM) ListAttachedGroupPoliciesWithContext(ctx aws.Context, input *ListAttachedGroupPoliciesInput, opts ...request.Option) (*ListAttachedGroupPoliciesOutput, error) {
8316	req, out := c.ListAttachedGroupPoliciesRequest(input)
8317	req.SetContext(ctx)
8318	req.ApplyOptions(opts...)
8319	return out, req.Send()
8320}
8321
8322// ListAttachedGroupPoliciesPages iterates over the pages of a ListAttachedGroupPolicies operation,
8323// calling the "fn" function with the response data for each page. To stop
8324// iterating, return false from the fn function.
8325//
8326// See ListAttachedGroupPolicies method for more information on how to use this operation.
8327//
8328// Note: This operation can generate multiple requests to a service.
8329//
8330//    // Example iterating over at most 3 pages of a ListAttachedGroupPolicies operation.
8331//    pageNum := 0
8332//    err := client.ListAttachedGroupPoliciesPages(params,
8333//        func(page *iam.ListAttachedGroupPoliciesOutput, lastPage bool) bool {
8334//            pageNum++
8335//            fmt.Println(page)
8336//            return pageNum <= 3
8337//        })
8338//
8339func (c *IAM) ListAttachedGroupPoliciesPages(input *ListAttachedGroupPoliciesInput, fn func(*ListAttachedGroupPoliciesOutput, bool) bool) error {
8340	return c.ListAttachedGroupPoliciesPagesWithContext(aws.BackgroundContext(), input, fn)
8341}
8342
8343// ListAttachedGroupPoliciesPagesWithContext same as ListAttachedGroupPoliciesPages except
8344// it takes a Context and allows setting request options on the pages.
8345//
8346// The context must be non-nil and will be used for request cancellation. If
8347// the context is nil a panic will occur. In the future the SDK may create
8348// sub-contexts for http.Requests. See https://golang.org/pkg/context/
8349// for more information on using Contexts.
8350func (c *IAM) ListAttachedGroupPoliciesPagesWithContext(ctx aws.Context, input *ListAttachedGroupPoliciesInput, fn func(*ListAttachedGroupPoliciesOutput, bool) bool, opts ...request.Option) error {
8351	p := request.Pagination{
8352		NewRequest: func() (*request.Request, error) {
8353			var inCpy *ListAttachedGroupPoliciesInput
8354			if input != nil {
8355				tmp := *input
8356				inCpy = &tmp
8357			}
8358			req, _ := c.ListAttachedGroupPoliciesRequest(inCpy)
8359			req.SetContext(ctx)
8360			req.ApplyOptions(opts...)
8361			return req, nil
8362		},
8363	}
8364
8365	for p.Next() {
8366		if !fn(p.Page().(*ListAttachedGroupPoliciesOutput), !p.HasNextPage()) {
8367			break
8368		}
8369	}
8370
8371	return p.Err()
8372}
8373
8374const opListAttachedRolePolicies = "ListAttachedRolePolicies"
8375
8376// ListAttachedRolePoliciesRequest generates a "aws/request.Request" representing the
8377// client's request for the ListAttachedRolePolicies operation. The "output" return
8378// value will be populated with the request's response once the request completes
8379// successfully.
8380//
8381// Use "Send" method on the returned Request to send the API call to the service.
8382// the "output" return value is not valid until after Send returns without error.
8383//
8384// See ListAttachedRolePolicies for more information on using the ListAttachedRolePolicies
8385// API call, and error handling.
8386//
8387// This method is useful when you want to inject custom logic or configuration
8388// into the SDK's request lifecycle. Such as custom headers, or retry logic.
8389//
8390//
8391//    // Example sending a request using the ListAttachedRolePoliciesRequest method.
8392//    req, resp := client.ListAttachedRolePoliciesRequest(params)
8393//
8394//    err := req.Send()
8395//    if err == nil { // resp is now filled
8396//        fmt.Println(resp)
8397//    }
8398//
8399// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListAttachedRolePolicies
8400func (c *IAM) ListAttachedRolePoliciesRequest(input *ListAttachedRolePoliciesInput) (req *request.Request, output *ListAttachedRolePoliciesOutput) {
8401	op := &request.Operation{
8402		Name:       opListAttachedRolePolicies,
8403		HTTPMethod: "POST",
8404		HTTPPath:   "/",
8405		Paginator: &request.Paginator{
8406			InputTokens:     []string{"Marker"},
8407			OutputTokens:    []string{"Marker"},
8408			LimitToken:      "MaxItems",
8409			TruncationToken: "IsTruncated",
8410		},
8411	}
8412
8413	if input == nil {
8414		input = &ListAttachedRolePoliciesInput{}
8415	}
8416
8417	output = &ListAttachedRolePoliciesOutput{}
8418	req = c.newRequest(op, input, output)
8419	return
8420}
8421
8422// ListAttachedRolePolicies API operation for AWS Identity and Access Management.
8423//
8424// Lists all managed policies that are attached to the specified IAM role.
8425//
8426// An IAM role can also have inline policies embedded with it. To list the inline
8427// policies for a role, use ListRolePolicies. For information about policies,
8428// see Managed policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
8429// in the IAM User Guide.
8430//
8431// You can paginate the results using the MaxItems and Marker parameters. You
8432// can use the PathPrefix parameter to limit the list of policies to only those
8433// matching the specified path prefix. If there are no policies attached to
8434// the specified role (or none that match the specified path prefix), the operation
8435// returns an empty list.
8436//
8437// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
8438// with awserr.Error's Code and Message methods to get detailed information about
8439// the error.
8440//
8441// See the AWS API reference guide for AWS Identity and Access Management's
8442// API operation ListAttachedRolePolicies for usage and error information.
8443//
8444// Returned Error Codes:
8445//   * ErrCodeNoSuchEntityException "NoSuchEntity"
8446//   The request was rejected because it referenced a resource entity that does
8447//   not exist. The error message describes the resource.
8448//
8449//   * ErrCodeInvalidInputException "InvalidInput"
8450//   The request was rejected because an invalid or out-of-range value was supplied
8451//   for an input parameter.
8452//
8453//   * ErrCodeServiceFailureException "ServiceFailure"
8454//   The request processing has failed because of an unknown error, exception
8455//   or failure.
8456//
8457// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListAttachedRolePolicies
8458func (c *IAM) ListAttachedRolePolicies(input *ListAttachedRolePoliciesInput) (*ListAttachedRolePoliciesOutput, error) {
8459	req, out := c.ListAttachedRolePoliciesRequest(input)
8460	return out, req.Send()
8461}
8462
8463// ListAttachedRolePoliciesWithContext is the same as ListAttachedRolePolicies with the addition of
8464// the ability to pass a context and additional request options.
8465//
8466// See ListAttachedRolePolicies for details on how to use this API operation.
8467//
8468// The context must be non-nil and will be used for request cancellation. If
8469// the context is nil a panic will occur. In the future the SDK may create
8470// sub-contexts for http.Requests. See https://golang.org/pkg/context/
8471// for more information on using Contexts.
8472func (c *IAM) ListAttachedRolePoliciesWithContext(ctx aws.Context, input *ListAttachedRolePoliciesInput, opts ...request.Option) (*ListAttachedRolePoliciesOutput, error) {
8473	req, out := c.ListAttachedRolePoliciesRequest(input)
8474	req.SetContext(ctx)
8475	req.ApplyOptions(opts...)
8476	return out, req.Send()
8477}
8478
8479// ListAttachedRolePoliciesPages iterates over the pages of a ListAttachedRolePolicies operation,
8480// calling the "fn" function with the response data for each page. To stop
8481// iterating, return false from the fn function.
8482//
8483// See ListAttachedRolePolicies method for more information on how to use this operation.
8484//
8485// Note: This operation can generate multiple requests to a service.
8486//
8487//    // Example iterating over at most 3 pages of a ListAttachedRolePolicies operation.
8488//    pageNum := 0
8489//    err := client.ListAttachedRolePoliciesPages(params,
8490//        func(page *iam.ListAttachedRolePoliciesOutput, lastPage bool) bool {
8491//            pageNum++
8492//            fmt.Println(page)
8493//            return pageNum <= 3
8494//        })
8495//
8496func (c *IAM) ListAttachedRolePoliciesPages(input *ListAttachedRolePoliciesInput, fn func(*ListAttachedRolePoliciesOutput, bool) bool) error {
8497	return c.ListAttachedRolePoliciesPagesWithContext(aws.BackgroundContext(), input, fn)
8498}
8499
8500// ListAttachedRolePoliciesPagesWithContext same as ListAttachedRolePoliciesPages except
8501// it takes a Context and allows setting request options on the pages.
8502//
8503// The context must be non-nil and will be used for request cancellation. If
8504// the context is nil a panic will occur. In the future the SDK may create
8505// sub-contexts for http.Requests. See https://golang.org/pkg/context/
8506// for more information on using Contexts.
8507func (c *IAM) ListAttachedRolePoliciesPagesWithContext(ctx aws.Context, input *ListAttachedRolePoliciesInput, fn func(*ListAttachedRolePoliciesOutput, bool) bool, opts ...request.Option) error {
8508	p := request.Pagination{
8509		NewRequest: func() (*request.Request, error) {
8510			var inCpy *ListAttachedRolePoliciesInput
8511			if input != nil {
8512				tmp := *input
8513				inCpy = &tmp
8514			}
8515			req, _ := c.ListAttachedRolePoliciesRequest(inCpy)
8516			req.SetContext(ctx)
8517			req.ApplyOptions(opts...)
8518			return req, nil
8519		},
8520	}
8521
8522	for p.Next() {
8523		if !fn(p.Page().(*ListAttachedRolePoliciesOutput), !p.HasNextPage()) {
8524			break
8525		}
8526	}
8527
8528	return p.Err()
8529}
8530
8531const opListAttachedUserPolicies = "ListAttachedUserPolicies"
8532
8533// ListAttachedUserPoliciesRequest generates a "aws/request.Request" representing the
8534// client's request for the ListAttachedUserPolicies operation. The "output" return
8535// value will be populated with the request's response once the request completes
8536// successfully.
8537//
8538// Use "Send" method on the returned Request to send the API call to the service.
8539// the "output" return value is not valid until after Send returns without error.
8540//
8541// See ListAttachedUserPolicies for more information on using the ListAttachedUserPolicies
8542// API call, and error handling.
8543//
8544// This method is useful when you want to inject custom logic or configuration
8545// into the SDK's request lifecycle. Such as custom headers, or retry logic.
8546//
8547//
8548//    // Example sending a request using the ListAttachedUserPoliciesRequest method.
8549//    req, resp := client.ListAttachedUserPoliciesRequest(params)
8550//
8551//    err := req.Send()
8552//    if err == nil { // resp is now filled
8553//        fmt.Println(resp)
8554//    }
8555//
8556// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListAttachedUserPolicies
8557func (c *IAM) ListAttachedUserPoliciesRequest(input *ListAttachedUserPoliciesInput) (req *request.Request, output *ListAttachedUserPoliciesOutput) {
8558	op := &request.Operation{
8559		Name:       opListAttachedUserPolicies,
8560		HTTPMethod: "POST",
8561		HTTPPath:   "/",
8562		Paginator: &request.Paginator{
8563			InputTokens:     []string{"Marker"},
8564			OutputTokens:    []string{"Marker"},
8565			LimitToken:      "MaxItems",
8566			TruncationToken: "IsTruncated",
8567		},
8568	}
8569
8570	if input == nil {
8571		input = &ListAttachedUserPoliciesInput{}
8572	}
8573
8574	output = &ListAttachedUserPoliciesOutput{}
8575	req = c.newRequest(op, input, output)
8576	return
8577}
8578
8579// ListAttachedUserPolicies API operation for AWS Identity and Access Management.
8580//
8581// Lists all managed policies that are attached to the specified IAM user.
8582//
8583// An IAM user can also have inline policies embedded with it. To list the inline
8584// policies for a user, use ListUserPolicies. For information about policies,
8585// see Managed policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
8586// in the IAM User Guide.
8587//
8588// You can paginate the results using the MaxItems and Marker parameters. You
8589// can use the PathPrefix parameter to limit the list of policies to only those
8590// matching the specified path prefix. If there are no policies attached to
8591// the specified group (or none that match the specified path prefix), the operation
8592// returns an empty list.
8593//
8594// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
8595// with awserr.Error's Code and Message methods to get detailed information about
8596// the error.
8597//
8598// See the AWS API reference guide for AWS Identity and Access Management's
8599// API operation ListAttachedUserPolicies for usage and error information.
8600//
8601// Returned Error Codes:
8602//   * ErrCodeNoSuchEntityException "NoSuchEntity"
8603//   The request was rejected because it referenced a resource entity that does
8604//   not exist. The error message describes the resource.
8605//
8606//   * ErrCodeInvalidInputException "InvalidInput"
8607//   The request was rejected because an invalid or out-of-range value was supplied
8608//   for an input parameter.
8609//
8610//   * ErrCodeServiceFailureException "ServiceFailure"
8611//   The request processing has failed because of an unknown error, exception
8612//   or failure.
8613//
8614// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListAttachedUserPolicies
8615func (c *IAM) ListAttachedUserPolicies(input *ListAttachedUserPoliciesInput) (*ListAttachedUserPoliciesOutput, error) {
8616	req, out := c.ListAttachedUserPoliciesRequest(input)
8617	return out, req.Send()
8618}
8619
8620// ListAttachedUserPoliciesWithContext is the same as ListAttachedUserPolicies with the addition of
8621// the ability to pass a context and additional request options.
8622//
8623// See ListAttachedUserPolicies for details on how to use this API operation.
8624//
8625// The context must be non-nil and will be used for request cancellation. If
8626// the context is nil a panic will occur. In the future the SDK may create
8627// sub-contexts for http.Requests. See https://golang.org/pkg/context/
8628// for more information on using Contexts.
8629func (c *IAM) ListAttachedUserPoliciesWithContext(ctx aws.Context, input *ListAttachedUserPoliciesInput, opts ...request.Option) (*ListAttachedUserPoliciesOutput, error) {
8630	req, out := c.ListAttachedUserPoliciesRequest(input)
8631	req.SetContext(ctx)
8632	req.ApplyOptions(opts...)
8633	return out, req.Send()
8634}
8635
8636// ListAttachedUserPoliciesPages iterates over the pages of a ListAttachedUserPolicies operation,
8637// calling the "fn" function with the response data for each page. To stop
8638// iterating, return false from the fn function.
8639//
8640// See ListAttachedUserPolicies method for more information on how to use this operation.
8641//
8642// Note: This operation can generate multiple requests to a service.
8643//
8644//    // Example iterating over at most 3 pages of a ListAttachedUserPolicies operation.
8645//    pageNum := 0
8646//    err := client.ListAttachedUserPoliciesPages(params,
8647//        func(page *iam.ListAttachedUserPoliciesOutput, lastPage bool) bool {
8648//            pageNum++
8649//            fmt.Println(page)
8650//            return pageNum <= 3
8651//        })
8652//
8653func (c *IAM) ListAttachedUserPoliciesPages(input *ListAttachedUserPoliciesInput, fn func(*ListAttachedUserPoliciesOutput, bool) bool) error {
8654	return c.ListAttachedUserPoliciesPagesWithContext(aws.BackgroundContext(), input, fn)
8655}
8656
8657// ListAttachedUserPoliciesPagesWithContext same as ListAttachedUserPoliciesPages except
8658// it takes a Context and allows setting request options on the pages.
8659//
8660// The context must be non-nil and will be used for request cancellation. If
8661// the context is nil a panic will occur. In the future the SDK may create
8662// sub-contexts for http.Requests. See https://golang.org/pkg/context/
8663// for more information on using Contexts.
8664func (c *IAM) ListAttachedUserPoliciesPagesWithContext(ctx aws.Context, input *ListAttachedUserPoliciesInput, fn func(*ListAttachedUserPoliciesOutput, bool) bool, opts ...request.Option) error {
8665	p := request.Pagination{
8666		NewRequest: func() (*request.Request, error) {
8667			var inCpy *ListAttachedUserPoliciesInput
8668			if input != nil {
8669				tmp := *input
8670				inCpy = &tmp
8671			}
8672			req, _ := c.ListAttachedUserPoliciesRequest(inCpy)
8673			req.SetContext(ctx)
8674			req.ApplyOptions(opts...)
8675			return req, nil
8676		},
8677	}
8678
8679	for p.Next() {
8680		if !fn(p.Page().(*ListAttachedUserPoliciesOutput), !p.HasNextPage()) {
8681			break
8682		}
8683	}
8684
8685	return p.Err()
8686}
8687
8688const opListEntitiesForPolicy = "ListEntitiesForPolicy"
8689
8690// ListEntitiesForPolicyRequest generates a "aws/request.Request" representing the
8691// client's request for the ListEntitiesForPolicy operation. The "output" return
8692// value will be populated with the request's response once the request completes
8693// successfully.
8694//
8695// Use "Send" method on the returned Request to send the API call to the service.
8696// the "output" return value is not valid until after Send returns without error.
8697//
8698// See ListEntitiesForPolicy for more information on using the ListEntitiesForPolicy
8699// API call, and error handling.
8700//
8701// This method is useful when you want to inject custom logic or configuration
8702// into the SDK's request lifecycle. Such as custom headers, or retry logic.
8703//
8704//
8705//    // Example sending a request using the ListEntitiesForPolicyRequest method.
8706//    req, resp := client.ListEntitiesForPolicyRequest(params)
8707//
8708//    err := req.Send()
8709//    if err == nil { // resp is now filled
8710//        fmt.Println(resp)
8711//    }
8712//
8713// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListEntitiesForPolicy
8714func (c *IAM) ListEntitiesForPolicyRequest(input *ListEntitiesForPolicyInput) (req *request.Request, output *ListEntitiesForPolicyOutput) {
8715	op := &request.Operation{
8716		Name:       opListEntitiesForPolicy,
8717		HTTPMethod: "POST",
8718		HTTPPath:   "/",
8719		Paginator: &request.Paginator{
8720			InputTokens:     []string{"Marker"},
8721			OutputTokens:    []string{"Marker"},
8722			LimitToken:      "MaxItems",
8723			TruncationToken: "IsTruncated",
8724		},
8725	}
8726
8727	if input == nil {
8728		input = &ListEntitiesForPolicyInput{}
8729	}
8730
8731	output = &ListEntitiesForPolicyOutput{}
8732	req = c.newRequest(op, input, output)
8733	return
8734}
8735
8736// ListEntitiesForPolicy API operation for AWS Identity and Access Management.
8737//
8738// Lists all IAM users, groups, and roles that the specified managed policy
8739// is attached to.
8740//
8741// You can use the optional EntityFilter parameter to limit the results to a
8742// particular type of entity (users, groups, or roles). For example, to list
8743// only the roles that are attached to the specified policy, set EntityFilter
8744// to Role.
8745//
8746// You can paginate the results using the MaxItems and Marker parameters.
8747//
8748// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
8749// with awserr.Error's Code and Message methods to get detailed information about
8750// the error.
8751//
8752// See the AWS API reference guide for AWS Identity and Access Management's
8753// API operation ListEntitiesForPolicy for usage and error information.
8754//
8755// Returned Error Codes:
8756//   * ErrCodeNoSuchEntityException "NoSuchEntity"
8757//   The request was rejected because it referenced a resource entity that does
8758//   not exist. The error message describes the resource.
8759//
8760//   * ErrCodeInvalidInputException "InvalidInput"
8761//   The request was rejected because an invalid or out-of-range value was supplied
8762//   for an input parameter.
8763//
8764//   * ErrCodeServiceFailureException "ServiceFailure"
8765//   The request processing has failed because of an unknown error, exception
8766//   or failure.
8767//
8768// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListEntitiesForPolicy
8769func (c *IAM) ListEntitiesForPolicy(input *ListEntitiesForPolicyInput) (*ListEntitiesForPolicyOutput, error) {
8770	req, out := c.ListEntitiesForPolicyRequest(input)
8771	return out, req.Send()
8772}
8773
8774// ListEntitiesForPolicyWithContext is the same as ListEntitiesForPolicy with the addition of
8775// the ability to pass a context and additional request options.
8776//
8777// See ListEntitiesForPolicy for details on how to use this API operation.
8778//
8779// The context must be non-nil and will be used for request cancellation. If
8780// the context is nil a panic will occur. In the future the SDK may create
8781// sub-contexts for http.Requests. See https://golang.org/pkg/context/
8782// for more information on using Contexts.
8783func (c *IAM) ListEntitiesForPolicyWithContext(ctx aws.Context, input *ListEntitiesForPolicyInput, opts ...request.Option) (*ListEntitiesForPolicyOutput, error) {
8784	req, out := c.ListEntitiesForPolicyRequest(input)
8785	req.SetContext(ctx)
8786	req.ApplyOptions(opts...)
8787	return out, req.Send()
8788}
8789
8790// ListEntitiesForPolicyPages iterates over the pages of a ListEntitiesForPolicy operation,
8791// calling the "fn" function with the response data for each page. To stop
8792// iterating, return false from the fn function.
8793//
8794// See ListEntitiesForPolicy method for more information on how to use this operation.
8795//
8796// Note: This operation can generate multiple requests to a service.
8797//
8798//    // Example iterating over at most 3 pages of a ListEntitiesForPolicy operation.
8799//    pageNum := 0
8800//    err := client.ListEntitiesForPolicyPages(params,
8801//        func(page *iam.ListEntitiesForPolicyOutput, lastPage bool) bool {
8802//            pageNum++
8803//            fmt.Println(page)
8804//            return pageNum <= 3
8805//        })
8806//
8807func (c *IAM) ListEntitiesForPolicyPages(input *ListEntitiesForPolicyInput, fn func(*ListEntitiesForPolicyOutput, bool) bool) error {
8808	return c.ListEntitiesForPolicyPagesWithContext(aws.BackgroundContext(), input, fn)
8809}
8810
8811// ListEntitiesForPolicyPagesWithContext same as ListEntitiesForPolicyPages except
8812// it takes a Context and allows setting request options on the pages.
8813//
8814// The context must be non-nil and will be used for request cancellation. If
8815// the context is nil a panic will occur. In the future the SDK may create
8816// sub-contexts for http.Requests. See https://golang.org/pkg/context/
8817// for more information on using Contexts.
8818func (c *IAM) ListEntitiesForPolicyPagesWithContext(ctx aws.Context, input *ListEntitiesForPolicyInput, fn func(*ListEntitiesForPolicyOutput, bool) bool, opts ...request.Option) error {
8819	p := request.Pagination{
8820		NewRequest: func() (*request.Request, error) {
8821			var inCpy *ListEntitiesForPolicyInput
8822			if input != nil {
8823				tmp := *input
8824				inCpy = &tmp
8825			}
8826			req, _ := c.ListEntitiesForPolicyRequest(inCpy)
8827			req.SetContext(ctx)
8828			req.ApplyOptions(opts...)
8829			return req, nil
8830		},
8831	}
8832
8833	for p.Next() {
8834		if !fn(p.Page().(*ListEntitiesForPolicyOutput), !p.HasNextPage()) {
8835			break
8836		}
8837	}
8838
8839	return p.Err()
8840}
8841
8842const opListGroupPolicies = "ListGroupPolicies"
8843
8844// ListGroupPoliciesRequest generates a "aws/request.Request" representing the
8845// client's request for the ListGroupPolicies operation. The "output" return
8846// value will be populated with the request's response once the request completes
8847// successfully.
8848//
8849// Use "Send" method on the returned Request to send the API call to the service.
8850// the "output" return value is not valid until after Send returns without error.
8851//
8852// See ListGroupPolicies for more information on using the ListGroupPolicies
8853// API call, and error handling.
8854//
8855// This method is useful when you want to inject custom logic or configuration
8856// into the SDK's request lifecycle. Such as custom headers, or retry logic.
8857//
8858//
8859//    // Example sending a request using the ListGroupPoliciesRequest method.
8860//    req, resp := client.ListGroupPoliciesRequest(params)
8861//
8862//    err := req.Send()
8863//    if err == nil { // resp is now filled
8864//        fmt.Println(resp)
8865//    }
8866//
8867// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListGroupPolicies
8868func (c *IAM) ListGroupPoliciesRequest(input *ListGroupPoliciesInput) (req *request.Request, output *ListGroupPoliciesOutput) {
8869	op := &request.Operation{
8870		Name:       opListGroupPolicies,
8871		HTTPMethod: "POST",
8872		HTTPPath:   "/",
8873		Paginator: &request.Paginator{
8874			InputTokens:     []string{"Marker"},
8875			OutputTokens:    []string{"Marker"},
8876			LimitToken:      "MaxItems",
8877			TruncationToken: "IsTruncated",
8878		},
8879	}
8880
8881	if input == nil {
8882		input = &ListGroupPoliciesInput{}
8883	}
8884
8885	output = &ListGroupPoliciesOutput{}
8886	req = c.newRequest(op, input, output)
8887	return
8888}
8889
8890// ListGroupPolicies API operation for AWS Identity and Access Management.
8891//
8892// Lists the names of the inline policies that are embedded in the specified
8893// IAM group.
8894//
8895// An IAM group can also have managed policies attached to it. To list the managed
8896// policies that are attached to a group, use ListAttachedGroupPolicies. For
8897// more information about policies, see Managed policies and inline policies
8898// (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
8899// in the IAM User Guide.
8900//
8901// You can paginate the results using the MaxItems and Marker parameters. If
8902// there are no inline policies embedded with the specified group, the operation
8903// returns an empty list.
8904//
8905// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
8906// with awserr.Error's Code and Message methods to get detailed information about
8907// the error.
8908//
8909// See the AWS API reference guide for AWS Identity and Access Management's
8910// API operation ListGroupPolicies for usage and error information.
8911//
8912// Returned Error Codes:
8913//   * ErrCodeNoSuchEntityException "NoSuchEntity"
8914//   The request was rejected because it referenced a resource entity that does
8915//   not exist. The error message describes the resource.
8916//
8917//   * ErrCodeServiceFailureException "ServiceFailure"
8918//   The request processing has failed because of an unknown error, exception
8919//   or failure.
8920//
8921// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListGroupPolicies
8922func (c *IAM) ListGroupPolicies(input *ListGroupPoliciesInput) (*ListGroupPoliciesOutput, error) {
8923	req, out := c.ListGroupPoliciesRequest(input)
8924	return out, req.Send()
8925}
8926
8927// ListGroupPoliciesWithContext is the same as ListGroupPolicies with the addition of
8928// the ability to pass a context and additional request options.
8929//
8930// See ListGroupPolicies for details on how to use this API operation.
8931//
8932// The context must be non-nil and will be used for request cancellation. If
8933// the context is nil a panic will occur. In the future the SDK may create
8934// sub-contexts for http.Requests. See https://golang.org/pkg/context/
8935// for more information on using Contexts.
8936func (c *IAM) ListGroupPoliciesWithContext(ctx aws.Context, input *ListGroupPoliciesInput, opts ...request.Option) (*ListGroupPoliciesOutput, error) {
8937	req, out := c.ListGroupPoliciesRequest(input)
8938	req.SetContext(ctx)
8939	req.ApplyOptions(opts...)
8940	return out, req.Send()
8941}
8942
8943// ListGroupPoliciesPages iterates over the pages of a ListGroupPolicies operation,
8944// calling the "fn" function with the response data for each page. To stop
8945// iterating, return false from the fn function.
8946//
8947// See ListGroupPolicies method for more information on how to use this operation.
8948//
8949// Note: This operation can generate multiple requests to a service.
8950//
8951//    // Example iterating over at most 3 pages of a ListGroupPolicies operation.
8952//    pageNum := 0
8953//    err := client.ListGroupPoliciesPages(params,
8954//        func(page *iam.ListGroupPoliciesOutput, lastPage bool) bool {
8955//            pageNum++
8956//            fmt.Println(page)
8957//            return pageNum <= 3
8958//        })
8959//
8960func (c *IAM) ListGroupPoliciesPages(input *ListGroupPoliciesInput, fn func(*ListGroupPoliciesOutput, bool) bool) error {
8961	return c.ListGroupPoliciesPagesWithContext(aws.BackgroundContext(), input, fn)
8962}
8963
8964// ListGroupPoliciesPagesWithContext same as ListGroupPoliciesPages except
8965// it takes a Context and allows setting request options on the pages.
8966//
8967// The context must be non-nil and will be used for request cancellation. If
8968// the context is nil a panic will occur. In the future the SDK may create
8969// sub-contexts for http.Requests. See https://golang.org/pkg/context/
8970// for more information on using Contexts.
8971func (c *IAM) ListGroupPoliciesPagesWithContext(ctx aws.Context, input *ListGroupPoliciesInput, fn func(*ListGroupPoliciesOutput, bool) bool, opts ...request.Option) error {
8972	p := request.Pagination{
8973		NewRequest: func() (*request.Request, error) {
8974			var inCpy *ListGroupPoliciesInput
8975			if input != nil {
8976				tmp := *input
8977				inCpy = &tmp
8978			}
8979			req, _ := c.ListGroupPoliciesRequest(inCpy)
8980			req.SetContext(ctx)
8981			req.ApplyOptions(opts...)
8982			return req, nil
8983		},
8984	}
8985
8986	for p.Next() {
8987		if !fn(p.Page().(*ListGroupPoliciesOutput), !p.HasNextPage()) {
8988			break
8989		}
8990	}
8991
8992	return p.Err()
8993}
8994
8995const opListGroups = "ListGroups"
8996
8997// ListGroupsRequest generates a "aws/request.Request" representing the
8998// client's request for the ListGroups operation. The "output" return
8999// value will be populated with the request's response once the request completes
9000// successfully.
9001//
9002// Use "Send" method on the returned Request to send the API call to the service.
9003// the "output" return value is not valid until after Send returns without error.
9004//
9005// See ListGroups for more information on using the ListGroups
9006// API call, and error handling.
9007//
9008// This method is useful when you want to inject custom logic or configuration
9009// into the SDK's request lifecycle. Such as custom headers, or retry logic.
9010//
9011//
9012//    // Example sending a request using the ListGroupsRequest method.
9013//    req, resp := client.ListGroupsRequest(params)
9014//
9015//    err := req.Send()
9016//    if err == nil { // resp is now filled
9017//        fmt.Println(resp)
9018//    }
9019//
9020// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListGroups
9021func (c *IAM) ListGroupsRequest(input *ListGroupsInput) (req *request.Request, output *ListGroupsOutput) {
9022	op := &request.Operation{
9023		Name:       opListGroups,
9024		HTTPMethod: "POST",
9025		HTTPPath:   "/",
9026		Paginator: &request.Paginator{
9027			InputTokens:     []string{"Marker"},
9028			OutputTokens:    []string{"Marker"},
9029			LimitToken:      "MaxItems",
9030			TruncationToken: "IsTruncated",
9031		},
9032	}
9033
9034	if input == nil {
9035		input = &ListGroupsInput{}
9036	}
9037
9038	output = &ListGroupsOutput{}
9039	req = c.newRequest(op, input, output)
9040	return
9041}
9042
9043// ListGroups API operation for AWS Identity and Access Management.
9044//
9045// Lists the IAM groups that have the specified path prefix.
9046//
9047// You can paginate the results using the MaxItems and Marker parameters.
9048//
9049// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
9050// with awserr.Error's Code and Message methods to get detailed information about
9051// the error.
9052//
9053// See the AWS API reference guide for AWS Identity and Access Management's
9054// API operation ListGroups for usage and error information.
9055//
9056// Returned Error Codes:
9057//   * ErrCodeServiceFailureException "ServiceFailure"
9058//   The request processing has failed because of an unknown error, exception
9059//   or failure.
9060//
9061// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListGroups
9062func (c *IAM) ListGroups(input *ListGroupsInput) (*ListGroupsOutput, error) {
9063	req, out := c.ListGroupsRequest(input)
9064	return out, req.Send()
9065}
9066
9067// ListGroupsWithContext is the same as ListGroups with the addition of
9068// the ability to pass a context and additional request options.
9069//
9070// See ListGroups for details on how to use this API operation.
9071//
9072// The context must be non-nil and will be used for request cancellation. If
9073// the context is nil a panic will occur. In the future the SDK may create
9074// sub-contexts for http.Requests. See https://golang.org/pkg/context/
9075// for more information on using Contexts.
9076func (c *IAM) ListGroupsWithContext(ctx aws.Context, input *ListGroupsInput, opts ...request.Option) (*ListGroupsOutput, error) {
9077	req, out := c.ListGroupsRequest(input)
9078	req.SetContext(ctx)
9079	req.ApplyOptions(opts...)
9080	return out, req.Send()
9081}
9082
9083// ListGroupsPages iterates over the pages of a ListGroups operation,
9084// calling the "fn" function with the response data for each page. To stop
9085// iterating, return false from the fn function.
9086//
9087// See ListGroups method for more information on how to use this operation.
9088//
9089// Note: This operation can generate multiple requests to a service.
9090//
9091//    // Example iterating over at most 3 pages of a ListGroups operation.
9092//    pageNum := 0
9093//    err := client.ListGroupsPages(params,
9094//        func(page *iam.ListGroupsOutput, lastPage bool) bool {
9095//            pageNum++
9096//            fmt.Println(page)
9097//            return pageNum <= 3
9098//        })
9099//
9100func (c *IAM) ListGroupsPages(input *ListGroupsInput, fn func(*ListGroupsOutput, bool) bool) error {
9101	return c.ListGroupsPagesWithContext(aws.BackgroundContext(), input, fn)
9102}
9103
9104// ListGroupsPagesWithContext same as ListGroupsPages except
9105// it takes a Context and allows setting request options on the pages.
9106//
9107// The context must be non-nil and will be used for request cancellation. If
9108// the context is nil a panic will occur. In the future the SDK may create
9109// sub-contexts for http.Requests. See https://golang.org/pkg/context/
9110// for more information on using Contexts.
9111func (c *IAM) ListGroupsPagesWithContext(ctx aws.Context, input *ListGroupsInput, fn func(*ListGroupsOutput, bool) bool, opts ...request.Option) error {
9112	p := request.Pagination{
9113		NewRequest: func() (*request.Request, error) {
9114			var inCpy *ListGroupsInput
9115			if input != nil {
9116				tmp := *input
9117				inCpy = &tmp
9118			}
9119			req, _ := c.ListGroupsRequest(inCpy)
9120			req.SetContext(ctx)
9121			req.ApplyOptions(opts...)
9122			return req, nil
9123		},
9124	}
9125
9126	for p.Next() {
9127		if !fn(p.Page().(*ListGroupsOutput), !p.HasNextPage()) {
9128			break
9129		}
9130	}
9131
9132	return p.Err()
9133}
9134
9135const opListGroupsForUser = "ListGroupsForUser"
9136
9137// ListGroupsForUserRequest generates a "aws/request.Request" representing the
9138// client's request for the ListGroupsForUser operation. The "output" return
9139// value will be populated with the request's response once the request completes
9140// successfully.
9141//
9142// Use "Send" method on the returned Request to send the API call to the service.
9143// the "output" return value is not valid until after Send returns without error.
9144//
9145// See ListGroupsForUser for more information on using the ListGroupsForUser
9146// API call, and error handling.
9147//
9148// This method is useful when you want to inject custom logic or configuration
9149// into the SDK's request lifecycle. Such as custom headers, or retry logic.
9150//
9151//
9152//    // Example sending a request using the ListGroupsForUserRequest method.
9153//    req, resp := client.ListGroupsForUserRequest(params)
9154//
9155//    err := req.Send()
9156//    if err == nil { // resp is now filled
9157//        fmt.Println(resp)
9158//    }
9159//
9160// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListGroupsForUser
9161func (c *IAM) ListGroupsForUserRequest(input *ListGroupsForUserInput) (req *request.Request, output *ListGroupsForUserOutput) {
9162	op := &request.Operation{
9163		Name:       opListGroupsForUser,
9164		HTTPMethod: "POST",
9165		HTTPPath:   "/",
9166		Paginator: &request.Paginator{
9167			InputTokens:     []string{"Marker"},
9168			OutputTokens:    []string{"Marker"},
9169			LimitToken:      "MaxItems",
9170			TruncationToken: "IsTruncated",
9171		},
9172	}
9173
9174	if input == nil {
9175		input = &ListGroupsForUserInput{}
9176	}
9177
9178	output = &ListGroupsForUserOutput{}
9179	req = c.newRequest(op, input, output)
9180	return
9181}
9182
9183// ListGroupsForUser API operation for AWS Identity and Access Management.
9184//
9185// Lists the IAM groups that the specified IAM user belongs to.
9186//
9187// You can paginate the results using the MaxItems and Marker parameters.
9188//
9189// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
9190// with awserr.Error's Code and Message methods to get detailed information about
9191// the error.
9192//
9193// See the AWS API reference guide for AWS Identity and Access Management's
9194// API operation ListGroupsForUser for usage and error information.
9195//
9196// Returned Error Codes:
9197//   * ErrCodeNoSuchEntityException "NoSuchEntity"
9198//   The request was rejected because it referenced a resource entity that does
9199//   not exist. The error message describes the resource.
9200//
9201//   * ErrCodeServiceFailureException "ServiceFailure"
9202//   The request processing has failed because of an unknown error, exception
9203//   or failure.
9204//
9205// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListGroupsForUser
9206func (c *IAM) ListGroupsForUser(input *ListGroupsForUserInput) (*ListGroupsForUserOutput, error) {
9207	req, out := c.ListGroupsForUserRequest(input)
9208	return out, req.Send()
9209}
9210
9211// ListGroupsForUserWithContext is the same as ListGroupsForUser with the addition of
9212// the ability to pass a context and additional request options.
9213//
9214// See ListGroupsForUser for details on how to use this API operation.
9215//
9216// The context must be non-nil and will be used for request cancellation. If
9217// the context is nil a panic will occur. In the future the SDK may create
9218// sub-contexts for http.Requests. See https://golang.org/pkg/context/
9219// for more information on using Contexts.
9220func (c *IAM) ListGroupsForUserWithContext(ctx aws.Context, input *ListGroupsForUserInput, opts ...request.Option) (*ListGroupsForUserOutput, error) {
9221	req, out := c.ListGroupsForUserRequest(input)
9222	req.SetContext(ctx)
9223	req.ApplyOptions(opts...)
9224	return out, req.Send()
9225}
9226
9227// ListGroupsForUserPages iterates over the pages of a ListGroupsForUser operation,
9228// calling the "fn" function with the response data for each page. To stop
9229// iterating, return false from the fn function.
9230//
9231// See ListGroupsForUser method for more information on how to use this operation.
9232//
9233// Note: This operation can generate multiple requests to a service.
9234//
9235//    // Example iterating over at most 3 pages of a ListGroupsForUser operation.
9236//    pageNum := 0
9237//    err := client.ListGroupsForUserPages(params,
9238//        func(page *iam.ListGroupsForUserOutput, lastPage bool) bool {
9239//            pageNum++
9240//            fmt.Println(page)
9241//            return pageNum <= 3
9242//        })
9243//
9244func (c *IAM) ListGroupsForUserPages(input *ListGroupsForUserInput, fn func(*ListGroupsForUserOutput, bool) bool) error {
9245	return c.ListGroupsForUserPagesWithContext(aws.BackgroundContext(), input, fn)
9246}
9247
9248// ListGroupsForUserPagesWithContext same as ListGroupsForUserPages except
9249// it takes a Context and allows setting request options on the pages.
9250//
9251// The context must be non-nil and will be used for request cancellation. If
9252// the context is nil a panic will occur. In the future the SDK may create
9253// sub-contexts for http.Requests. See https://golang.org/pkg/context/
9254// for more information on using Contexts.
9255func (c *IAM) ListGroupsForUserPagesWithContext(ctx aws.Context, input *ListGroupsForUserInput, fn func(*ListGroupsForUserOutput, bool) bool, opts ...request.Option) error {
9256	p := request.Pagination{
9257		NewRequest: func() (*request.Request, error) {
9258			var inCpy *ListGroupsForUserInput
9259			if input != nil {
9260				tmp := *input
9261				inCpy = &tmp
9262			}
9263			req, _ := c.ListGroupsForUserRequest(inCpy)
9264			req.SetContext(ctx)
9265			req.ApplyOptions(opts...)
9266			return req, nil
9267		},
9268	}
9269
9270	for p.Next() {
9271		if !fn(p.Page().(*ListGroupsForUserOutput), !p.HasNextPage()) {
9272			break
9273		}
9274	}
9275
9276	return p.Err()
9277}
9278
9279const opListInstanceProfileTags = "ListInstanceProfileTags"
9280
9281// ListInstanceProfileTagsRequest generates a "aws/request.Request" representing the
9282// client's request for the ListInstanceProfileTags operation. The "output" return
9283// value will be populated with the request's response once the request completes
9284// successfully.
9285//
9286// Use "Send" method on the returned Request to send the API call to the service.
9287// the "output" return value is not valid until after Send returns without error.
9288//
9289// See ListInstanceProfileTags for more information on using the ListInstanceProfileTags
9290// API call, and error handling.
9291//
9292// This method is useful when you want to inject custom logic or configuration
9293// into the SDK's request lifecycle. Such as custom headers, or retry logic.
9294//
9295//
9296//    // Example sending a request using the ListInstanceProfileTagsRequest method.
9297//    req, resp := client.ListInstanceProfileTagsRequest(params)
9298//
9299//    err := req.Send()
9300//    if err == nil { // resp is now filled
9301//        fmt.Println(resp)
9302//    }
9303//
9304// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListInstanceProfileTags
9305func (c *IAM) ListInstanceProfileTagsRequest(input *ListInstanceProfileTagsInput) (req *request.Request, output *ListInstanceProfileTagsOutput) {
9306	op := &request.Operation{
9307		Name:       opListInstanceProfileTags,
9308		HTTPMethod: "POST",
9309		HTTPPath:   "/",
9310	}
9311
9312	if input == nil {
9313		input = &ListInstanceProfileTagsInput{}
9314	}
9315
9316	output = &ListInstanceProfileTagsOutput{}
9317	req = c.newRequest(op, input, output)
9318	return
9319}
9320
9321// ListInstanceProfileTags API operation for AWS Identity and Access Management.
9322//
9323// Lists the tags that are attached to the specified IAM instance profile. The
9324// returned list of tags is sorted by tag key. For more information about tagging,
9325// see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
9326// in the IAM User Guide.
9327//
9328// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
9329// with awserr.Error's Code and Message methods to get detailed information about
9330// the error.
9331//
9332// See the AWS API reference guide for AWS Identity and Access Management's
9333// API operation ListInstanceProfileTags for usage and error information.
9334//
9335// Returned Error Codes:
9336//   * ErrCodeNoSuchEntityException "NoSuchEntity"
9337//   The request was rejected because it referenced a resource entity that does
9338//   not exist. The error message describes the resource.
9339//
9340//   * ErrCodeServiceFailureException "ServiceFailure"
9341//   The request processing has failed because of an unknown error, exception
9342//   or failure.
9343//
9344// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListInstanceProfileTags
9345func (c *IAM) ListInstanceProfileTags(input *ListInstanceProfileTagsInput) (*ListInstanceProfileTagsOutput, error) {
9346	req, out := c.ListInstanceProfileTagsRequest(input)
9347	return out, req.Send()
9348}
9349
9350// ListInstanceProfileTagsWithContext is the same as ListInstanceProfileTags with the addition of
9351// the ability to pass a context and additional request options.
9352//
9353// See ListInstanceProfileTags for details on how to use this API operation.
9354//
9355// The context must be non-nil and will be used for request cancellation. If
9356// the context is nil a panic will occur. In the future the SDK may create
9357// sub-contexts for http.Requests. See https://golang.org/pkg/context/
9358// for more information on using Contexts.
9359func (c *IAM) ListInstanceProfileTagsWithContext(ctx aws.Context, input *ListInstanceProfileTagsInput, opts ...request.Option) (*ListInstanceProfileTagsOutput, error) {
9360	req, out := c.ListInstanceProfileTagsRequest(input)
9361	req.SetContext(ctx)
9362	req.ApplyOptions(opts...)
9363	return out, req.Send()
9364}
9365
9366const opListInstanceProfiles = "ListInstanceProfiles"
9367
9368// ListInstanceProfilesRequest generates a "aws/request.Request" representing the
9369// client's request for the ListInstanceProfiles operation. The "output" return
9370// value will be populated with the request's response once the request completes
9371// successfully.
9372//
9373// Use "Send" method on the returned Request to send the API call to the service.
9374// the "output" return value is not valid until after Send returns without error.
9375//
9376// See ListInstanceProfiles for more information on using the ListInstanceProfiles
9377// API call, and error handling.
9378//
9379// This method is useful when you want to inject custom logic or configuration
9380// into the SDK's request lifecycle. Such as custom headers, or retry logic.
9381//
9382//
9383//    // Example sending a request using the ListInstanceProfilesRequest method.
9384//    req, resp := client.ListInstanceProfilesRequest(params)
9385//
9386//    err := req.Send()
9387//    if err == nil { // resp is now filled
9388//        fmt.Println(resp)
9389//    }
9390//
9391// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListInstanceProfiles
9392func (c *IAM) ListInstanceProfilesRequest(input *ListInstanceProfilesInput) (req *request.Request, output *ListInstanceProfilesOutput) {
9393	op := &request.Operation{
9394		Name:       opListInstanceProfiles,
9395		HTTPMethod: "POST",
9396		HTTPPath:   "/",
9397		Paginator: &request.Paginator{
9398			InputTokens:     []string{"Marker"},
9399			OutputTokens:    []string{"Marker"},
9400			LimitToken:      "MaxItems",
9401			TruncationToken: "IsTruncated",
9402		},
9403	}
9404
9405	if input == nil {
9406		input = &ListInstanceProfilesInput{}
9407	}
9408
9409	output = &ListInstanceProfilesOutput{}
9410	req = c.newRequest(op, input, output)
9411	return
9412}
9413
9414// ListInstanceProfiles API operation for AWS Identity and Access Management.
9415//
9416// Lists the instance profiles that have the specified path prefix. If there
9417// are none, the operation returns an empty list. For more information about
9418// instance profiles, see About instance profiles (https://docs.aws.amazon.com/IAM/latest/UserGuide/AboutInstanceProfiles.html).
9419//
9420// IAM resource-listing operations return a subset of the available attributes
9421// for the resource. For example, this operation does not return tags, even
9422// though they are an attribute of the returned object. To view all of the information
9423// for an instance profile, see GetInstanceProfile.
9424//
9425// You can paginate the results using the MaxItems and Marker parameters.
9426//
9427// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
9428// with awserr.Error's Code and Message methods to get detailed information about
9429// the error.
9430//
9431// See the AWS API reference guide for AWS Identity and Access Management's
9432// API operation ListInstanceProfiles for usage and error information.
9433//
9434// Returned Error Codes:
9435//   * ErrCodeServiceFailureException "ServiceFailure"
9436//   The request processing has failed because of an unknown error, exception
9437//   or failure.
9438//
9439// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListInstanceProfiles
9440func (c *IAM) ListInstanceProfiles(input *ListInstanceProfilesInput) (*ListInstanceProfilesOutput, error) {
9441	req, out := c.ListInstanceProfilesRequest(input)
9442	return out, req.Send()
9443}
9444
9445// ListInstanceProfilesWithContext is the same as ListInstanceProfiles with the addition of
9446// the ability to pass a context and additional request options.
9447//
9448// See ListInstanceProfiles for details on how to use this API operation.
9449//
9450// The context must be non-nil and will be used for request cancellation. If
9451// the context is nil a panic will occur. In the future the SDK may create
9452// sub-contexts for http.Requests. See https://golang.org/pkg/context/
9453// for more information on using Contexts.
9454func (c *IAM) ListInstanceProfilesWithContext(ctx aws.Context, input *ListInstanceProfilesInput, opts ...request.Option) (*ListInstanceProfilesOutput, error) {
9455	req, out := c.ListInstanceProfilesRequest(input)
9456	req.SetContext(ctx)
9457	req.ApplyOptions(opts...)
9458	return out, req.Send()
9459}
9460
9461// ListInstanceProfilesPages iterates over the pages of a ListInstanceProfiles operation,
9462// calling the "fn" function with the response data for each page. To stop
9463// iterating, return false from the fn function.
9464//
9465// See ListInstanceProfiles method for more information on how to use this operation.
9466//
9467// Note: This operation can generate multiple requests to a service.
9468//
9469//    // Example iterating over at most 3 pages of a ListInstanceProfiles operation.
9470//    pageNum := 0
9471//    err := client.ListInstanceProfilesPages(params,
9472//        func(page *iam.ListInstanceProfilesOutput, lastPage bool) bool {
9473//            pageNum++
9474//            fmt.Println(page)
9475//            return pageNum <= 3
9476//        })
9477//
9478func (c *IAM) ListInstanceProfilesPages(input *ListInstanceProfilesInput, fn func(*ListInstanceProfilesOutput, bool) bool) error {
9479	return c.ListInstanceProfilesPagesWithContext(aws.BackgroundContext(), input, fn)
9480}
9481
9482// ListInstanceProfilesPagesWithContext same as ListInstanceProfilesPages except
9483// it takes a Context and allows setting request options on the pages.
9484//
9485// The context must be non-nil and will be used for request cancellation. If
9486// the context is nil a panic will occur. In the future the SDK may create
9487// sub-contexts for http.Requests. See https://golang.org/pkg/context/
9488// for more information on using Contexts.
9489func (c *IAM) ListInstanceProfilesPagesWithContext(ctx aws.Context, input *ListInstanceProfilesInput, fn func(*ListInstanceProfilesOutput, bool) bool, opts ...request.Option) error {
9490	p := request.Pagination{
9491		NewRequest: func() (*request.Request, error) {
9492			var inCpy *ListInstanceProfilesInput
9493			if input != nil {
9494				tmp := *input
9495				inCpy = &tmp
9496			}
9497			req, _ := c.ListInstanceProfilesRequest(inCpy)
9498			req.SetContext(ctx)
9499			req.ApplyOptions(opts...)
9500			return req, nil
9501		},
9502	}
9503
9504	for p.Next() {
9505		if !fn(p.Page().(*ListInstanceProfilesOutput), !p.HasNextPage()) {
9506			break
9507		}
9508	}
9509
9510	return p.Err()
9511}
9512
9513const opListInstanceProfilesForRole = "ListInstanceProfilesForRole"
9514
9515// ListInstanceProfilesForRoleRequest generates a "aws/request.Request" representing the
9516// client's request for the ListInstanceProfilesForRole operation. The "output" return
9517// value will be populated with the request's response once the request completes
9518// successfully.
9519//
9520// Use "Send" method on the returned Request to send the API call to the service.
9521// the "output" return value is not valid until after Send returns without error.
9522//
9523// See ListInstanceProfilesForRole for more information on using the ListInstanceProfilesForRole
9524// API call, and error handling.
9525//
9526// This method is useful when you want to inject custom logic or configuration
9527// into the SDK's request lifecycle. Such as custom headers, or retry logic.
9528//
9529//
9530//    // Example sending a request using the ListInstanceProfilesForRoleRequest method.
9531//    req, resp := client.ListInstanceProfilesForRoleRequest(params)
9532//
9533//    err := req.Send()
9534//    if err == nil { // resp is now filled
9535//        fmt.Println(resp)
9536//    }
9537//
9538// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListInstanceProfilesForRole
9539func (c *IAM) ListInstanceProfilesForRoleRequest(input *ListInstanceProfilesForRoleInput) (req *request.Request, output *ListInstanceProfilesForRoleOutput) {
9540	op := &request.Operation{
9541		Name:       opListInstanceProfilesForRole,
9542		HTTPMethod: "POST",
9543		HTTPPath:   "/",
9544		Paginator: &request.Paginator{
9545			InputTokens:     []string{"Marker"},
9546			OutputTokens:    []string{"Marker"},
9547			LimitToken:      "MaxItems",
9548			TruncationToken: "IsTruncated",
9549		},
9550	}
9551
9552	if input == nil {
9553		input = &ListInstanceProfilesForRoleInput{}
9554	}
9555
9556	output = &ListInstanceProfilesForRoleOutput{}
9557	req = c.newRequest(op, input, output)
9558	return
9559}
9560
9561// ListInstanceProfilesForRole API operation for AWS Identity and Access Management.
9562//
9563// Lists the instance profiles that have the specified associated IAM role.
9564// If there are none, the operation returns an empty list. For more information
9565// about instance profiles, go to About instance profiles (https://docs.aws.amazon.com/IAM/latest/UserGuide/AboutInstanceProfiles.html).
9566//
9567// You can paginate the results using the MaxItems and Marker parameters.
9568//
9569// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
9570// with awserr.Error's Code and Message methods to get detailed information about
9571// the error.
9572//
9573// See the AWS API reference guide for AWS Identity and Access Management's
9574// API operation ListInstanceProfilesForRole for usage and error information.
9575//
9576// Returned Error Codes:
9577//   * ErrCodeNoSuchEntityException "NoSuchEntity"
9578//   The request was rejected because it referenced a resource entity that does
9579//   not exist. The error message describes the resource.
9580//
9581//   * ErrCodeServiceFailureException "ServiceFailure"
9582//   The request processing has failed because of an unknown error, exception
9583//   or failure.
9584//
9585// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListInstanceProfilesForRole
9586func (c *IAM) ListInstanceProfilesForRole(input *ListInstanceProfilesForRoleInput) (*ListInstanceProfilesForRoleOutput, error) {
9587	req, out := c.ListInstanceProfilesForRoleRequest(input)
9588	return out, req.Send()
9589}
9590
9591// ListInstanceProfilesForRoleWithContext is the same as ListInstanceProfilesForRole with the addition of
9592// the ability to pass a context and additional request options.
9593//
9594// See ListInstanceProfilesForRole for details on how to use this API operation.
9595//
9596// The context must be non-nil and will be used for request cancellation. If
9597// the context is nil a panic will occur. In the future the SDK may create
9598// sub-contexts for http.Requests. See https://golang.org/pkg/context/
9599// for more information on using Contexts.
9600func (c *IAM) ListInstanceProfilesForRoleWithContext(ctx aws.Context, input *ListInstanceProfilesForRoleInput, opts ...request.Option) (*ListInstanceProfilesForRoleOutput, error) {
9601	req, out := c.ListInstanceProfilesForRoleRequest(input)
9602	req.SetContext(ctx)
9603	req.ApplyOptions(opts...)
9604	return out, req.Send()
9605}
9606
9607// ListInstanceProfilesForRolePages iterates over the pages of a ListInstanceProfilesForRole operation,
9608// calling the "fn" function with the response data for each page. To stop
9609// iterating, return false from the fn function.
9610//
9611// See ListInstanceProfilesForRole method for more information on how to use this operation.
9612//
9613// Note: This operation can generate multiple requests to a service.
9614//
9615//    // Example iterating over at most 3 pages of a ListInstanceProfilesForRole operation.
9616//    pageNum := 0
9617//    err := client.ListInstanceProfilesForRolePages(params,
9618//        func(page *iam.ListInstanceProfilesForRoleOutput, lastPage bool) bool {
9619//            pageNum++
9620//            fmt.Println(page)
9621//            return pageNum <= 3
9622//        })
9623//
9624func (c *IAM) ListInstanceProfilesForRolePages(input *ListInstanceProfilesForRoleInput, fn func(*ListInstanceProfilesForRoleOutput, bool) bool) error {
9625	return c.ListInstanceProfilesForRolePagesWithContext(aws.BackgroundContext(), input, fn)
9626}
9627
9628// ListInstanceProfilesForRolePagesWithContext same as ListInstanceProfilesForRolePages except
9629// it takes a Context and allows setting request options on the pages.
9630//
9631// The context must be non-nil and will be used for request cancellation. If
9632// the context is nil a panic will occur. In the future the SDK may create
9633// sub-contexts for http.Requests. See https://golang.org/pkg/context/
9634// for more information on using Contexts.
9635func (c *IAM) ListInstanceProfilesForRolePagesWithContext(ctx aws.Context, input *ListInstanceProfilesForRoleInput, fn func(*ListInstanceProfilesForRoleOutput, bool) bool, opts ...request.Option) error {
9636	p := request.Pagination{
9637		NewRequest: func() (*request.Request, error) {
9638			var inCpy *ListInstanceProfilesForRoleInput
9639			if input != nil {
9640				tmp := *input
9641				inCpy = &tmp
9642			}
9643			req, _ := c.ListInstanceProfilesForRoleRequest(inCpy)
9644			req.SetContext(ctx)
9645			req.ApplyOptions(opts...)
9646			return req, nil
9647		},
9648	}
9649
9650	for p.Next() {
9651		if !fn(p.Page().(*ListInstanceProfilesForRoleOutput), !p.HasNextPage()) {
9652			break
9653		}
9654	}
9655
9656	return p.Err()
9657}
9658
9659const opListMFADeviceTags = "ListMFADeviceTags"
9660
9661// ListMFADeviceTagsRequest generates a "aws/request.Request" representing the
9662// client's request for the ListMFADeviceTags operation. The "output" return
9663// value will be populated with the request's response once the request completes
9664// successfully.
9665//
9666// Use "Send" method on the returned Request to send the API call to the service.
9667// the "output" return value is not valid until after Send returns without error.
9668//
9669// See ListMFADeviceTags for more information on using the ListMFADeviceTags
9670// API call, and error handling.
9671//
9672// This method is useful when you want to inject custom logic or configuration
9673// into the SDK's request lifecycle. Such as custom headers, or retry logic.
9674//
9675//
9676//    // Example sending a request using the ListMFADeviceTagsRequest method.
9677//    req, resp := client.ListMFADeviceTagsRequest(params)
9678//
9679//    err := req.Send()
9680//    if err == nil { // resp is now filled
9681//        fmt.Println(resp)
9682//    }
9683//
9684// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListMFADeviceTags
9685func (c *IAM) ListMFADeviceTagsRequest(input *ListMFADeviceTagsInput) (req *request.Request, output *ListMFADeviceTagsOutput) {
9686	op := &request.Operation{
9687		Name:       opListMFADeviceTags,
9688		HTTPMethod: "POST",
9689		HTTPPath:   "/",
9690	}
9691
9692	if input == nil {
9693		input = &ListMFADeviceTagsInput{}
9694	}
9695
9696	output = &ListMFADeviceTagsOutput{}
9697	req = c.newRequest(op, input, output)
9698	return
9699}
9700
9701// ListMFADeviceTags API operation for AWS Identity and Access Management.
9702//
9703// Lists the tags that are attached to the specified IAM virtual multi-factor
9704// authentication (MFA) device. The returned list of tags is sorted by tag key.
9705// For more information about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
9706// in the IAM User Guide.
9707//
9708// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
9709// with awserr.Error's Code and Message methods to get detailed information about
9710// the error.
9711//
9712// See the AWS API reference guide for AWS Identity and Access Management's
9713// API operation ListMFADeviceTags for usage and error information.
9714//
9715// Returned Error Codes:
9716//   * ErrCodeNoSuchEntityException "NoSuchEntity"
9717//   The request was rejected because it referenced a resource entity that does
9718//   not exist. The error message describes the resource.
9719//
9720//   * ErrCodeInvalidInputException "InvalidInput"
9721//   The request was rejected because an invalid or out-of-range value was supplied
9722//   for an input parameter.
9723//
9724//   * ErrCodeServiceFailureException "ServiceFailure"
9725//   The request processing has failed because of an unknown error, exception
9726//   or failure.
9727//
9728// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListMFADeviceTags
9729func (c *IAM) ListMFADeviceTags(input *ListMFADeviceTagsInput) (*ListMFADeviceTagsOutput, error) {
9730	req, out := c.ListMFADeviceTagsRequest(input)
9731	return out, req.Send()
9732}
9733
9734// ListMFADeviceTagsWithContext is the same as ListMFADeviceTags with the addition of
9735// the ability to pass a context and additional request options.
9736//
9737// See ListMFADeviceTags for details on how to use this API operation.
9738//
9739// The context must be non-nil and will be used for request cancellation. If
9740// the context is nil a panic will occur. In the future the SDK may create
9741// sub-contexts for http.Requests. See https://golang.org/pkg/context/
9742// for more information on using Contexts.
9743func (c *IAM) ListMFADeviceTagsWithContext(ctx aws.Context, input *ListMFADeviceTagsInput, opts ...request.Option) (*ListMFADeviceTagsOutput, error) {
9744	req, out := c.ListMFADeviceTagsRequest(input)
9745	req.SetContext(ctx)
9746	req.ApplyOptions(opts...)
9747	return out, req.Send()
9748}
9749
9750const opListMFADevices = "ListMFADevices"
9751
9752// ListMFADevicesRequest generates a "aws/request.Request" representing the
9753// client's request for the ListMFADevices operation. The "output" return
9754// value will be populated with the request's response once the request completes
9755// successfully.
9756//
9757// Use "Send" method on the returned Request to send the API call to the service.
9758// the "output" return value is not valid until after Send returns without error.
9759//
9760// See ListMFADevices for more information on using the ListMFADevices
9761// API call, and error handling.
9762//
9763// This method is useful when you want to inject custom logic or configuration
9764// into the SDK's request lifecycle. Such as custom headers, or retry logic.
9765//
9766//
9767//    // Example sending a request using the ListMFADevicesRequest method.
9768//    req, resp := client.ListMFADevicesRequest(params)
9769//
9770//    err := req.Send()
9771//    if err == nil { // resp is now filled
9772//        fmt.Println(resp)
9773//    }
9774//
9775// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListMFADevices
9776func (c *IAM) ListMFADevicesRequest(input *ListMFADevicesInput) (req *request.Request, output *ListMFADevicesOutput) {
9777	op := &request.Operation{
9778		Name:       opListMFADevices,
9779		HTTPMethod: "POST",
9780		HTTPPath:   "/",
9781		Paginator: &request.Paginator{
9782			InputTokens:     []string{"Marker"},
9783			OutputTokens:    []string{"Marker"},
9784			LimitToken:      "MaxItems",
9785			TruncationToken: "IsTruncated",
9786		},
9787	}
9788
9789	if input == nil {
9790		input = &ListMFADevicesInput{}
9791	}
9792
9793	output = &ListMFADevicesOutput{}
9794	req = c.newRequest(op, input, output)
9795	return
9796}
9797
9798// ListMFADevices API operation for AWS Identity and Access Management.
9799//
9800// Lists the MFA devices for an IAM user. If the request includes a IAM user
9801// name, then this operation lists all the MFA devices associated with the specified
9802// user. If you do not specify a user name, IAM determines the user name implicitly
9803// based on the AWS access key ID signing the request for this operation.
9804//
9805// You can paginate the results using the MaxItems and Marker parameters.
9806//
9807// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
9808// with awserr.Error's Code and Message methods to get detailed information about
9809// the error.
9810//
9811// See the AWS API reference guide for AWS Identity and Access Management's
9812// API operation ListMFADevices for usage and error information.
9813//
9814// Returned Error Codes:
9815//   * ErrCodeNoSuchEntityException "NoSuchEntity"
9816//   The request was rejected because it referenced a resource entity that does
9817//   not exist. The error message describes the resource.
9818//
9819//   * ErrCodeServiceFailureException "ServiceFailure"
9820//   The request processing has failed because of an unknown error, exception
9821//   or failure.
9822//
9823// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListMFADevices
9824func (c *IAM) ListMFADevices(input *ListMFADevicesInput) (*ListMFADevicesOutput, error) {
9825	req, out := c.ListMFADevicesRequest(input)
9826	return out, req.Send()
9827}
9828
9829// ListMFADevicesWithContext is the same as ListMFADevices with the addition of
9830// the ability to pass a context and additional request options.
9831//
9832// See ListMFADevices for details on how to use this API operation.
9833//
9834// The context must be non-nil and will be used for request cancellation. If
9835// the context is nil a panic will occur. In the future the SDK may create
9836// sub-contexts for http.Requests. See https://golang.org/pkg/context/
9837// for more information on using Contexts.
9838func (c *IAM) ListMFADevicesWithContext(ctx aws.Context, input *ListMFADevicesInput, opts ...request.Option) (*ListMFADevicesOutput, error) {
9839	req, out := c.ListMFADevicesRequest(input)
9840	req.SetContext(ctx)
9841	req.ApplyOptions(opts...)
9842	return out, req.Send()
9843}
9844
9845// ListMFADevicesPages iterates over the pages of a ListMFADevices operation,
9846// calling the "fn" function with the response data for each page. To stop
9847// iterating, return false from the fn function.
9848//
9849// See ListMFADevices method for more information on how to use this operation.
9850//
9851// Note: This operation can generate multiple requests to a service.
9852//
9853//    // Example iterating over at most 3 pages of a ListMFADevices operation.
9854//    pageNum := 0
9855//    err := client.ListMFADevicesPages(params,
9856//        func(page *iam.ListMFADevicesOutput, lastPage bool) bool {
9857//            pageNum++
9858//            fmt.Println(page)
9859//            return pageNum <= 3
9860//        })
9861//
9862func (c *IAM) ListMFADevicesPages(input *ListMFADevicesInput, fn func(*ListMFADevicesOutput, bool) bool) error {
9863	return c.ListMFADevicesPagesWithContext(aws.BackgroundContext(), input, fn)
9864}
9865
9866// ListMFADevicesPagesWithContext same as ListMFADevicesPages except
9867// it takes a Context and allows setting request options on the pages.
9868//
9869// The context must be non-nil and will be used for request cancellation. If
9870// the context is nil a panic will occur. In the future the SDK may create
9871// sub-contexts for http.Requests. See https://golang.org/pkg/context/
9872// for more information on using Contexts.
9873func (c *IAM) ListMFADevicesPagesWithContext(ctx aws.Context, input *ListMFADevicesInput, fn func(*ListMFADevicesOutput, bool) bool, opts ...request.Option) error {
9874	p := request.Pagination{
9875		NewRequest: func() (*request.Request, error) {
9876			var inCpy *ListMFADevicesInput
9877			if input != nil {
9878				tmp := *input
9879				inCpy = &tmp
9880			}
9881			req, _ := c.ListMFADevicesRequest(inCpy)
9882			req.SetContext(ctx)
9883			req.ApplyOptions(opts...)
9884			return req, nil
9885		},
9886	}
9887
9888	for p.Next() {
9889		if !fn(p.Page().(*ListMFADevicesOutput), !p.HasNextPage()) {
9890			break
9891		}
9892	}
9893
9894	return p.Err()
9895}
9896
9897const opListOpenIDConnectProviderTags = "ListOpenIDConnectProviderTags"
9898
9899// ListOpenIDConnectProviderTagsRequest generates a "aws/request.Request" representing the
9900// client's request for the ListOpenIDConnectProviderTags operation. The "output" return
9901// value will be populated with the request's response once the request completes
9902// successfully.
9903//
9904// Use "Send" method on the returned Request to send the API call to the service.
9905// the "output" return value is not valid until after Send returns without error.
9906//
9907// See ListOpenIDConnectProviderTags for more information on using the ListOpenIDConnectProviderTags
9908// API call, and error handling.
9909//
9910// This method is useful when you want to inject custom logic or configuration
9911// into the SDK's request lifecycle. Such as custom headers, or retry logic.
9912//
9913//
9914//    // Example sending a request using the ListOpenIDConnectProviderTagsRequest method.
9915//    req, resp := client.ListOpenIDConnectProviderTagsRequest(params)
9916//
9917//    err := req.Send()
9918//    if err == nil { // resp is now filled
9919//        fmt.Println(resp)
9920//    }
9921//
9922// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListOpenIDConnectProviderTags
9923func (c *IAM) ListOpenIDConnectProviderTagsRequest(input *ListOpenIDConnectProviderTagsInput) (req *request.Request, output *ListOpenIDConnectProviderTagsOutput) {
9924	op := &request.Operation{
9925		Name:       opListOpenIDConnectProviderTags,
9926		HTTPMethod: "POST",
9927		HTTPPath:   "/",
9928	}
9929
9930	if input == nil {
9931		input = &ListOpenIDConnectProviderTagsInput{}
9932	}
9933
9934	output = &ListOpenIDConnectProviderTagsOutput{}
9935	req = c.newRequest(op, input, output)
9936	return
9937}
9938
9939// ListOpenIDConnectProviderTags API operation for AWS Identity and Access Management.
9940//
9941// Lists the tags that are attached to the specified OpenID Connect (OIDC)-compatible
9942// identity provider. The returned list of tags is sorted by tag key. For more
9943// information, see About web identity federation (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_oidc.html).
9944//
9945// For more information about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
9946// in the IAM User Guide.
9947//
9948// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
9949// with awserr.Error's Code and Message methods to get detailed information about
9950// the error.
9951//
9952// See the AWS API reference guide for AWS Identity and Access Management's
9953// API operation ListOpenIDConnectProviderTags for usage and error information.
9954//
9955// Returned Error Codes:
9956//   * ErrCodeNoSuchEntityException "NoSuchEntity"
9957//   The request was rejected because it referenced a resource entity that does
9958//   not exist. The error message describes the resource.
9959//
9960//   * ErrCodeServiceFailureException "ServiceFailure"
9961//   The request processing has failed because of an unknown error, exception
9962//   or failure.
9963//
9964//   * ErrCodeInvalidInputException "InvalidInput"
9965//   The request was rejected because an invalid or out-of-range value was supplied
9966//   for an input parameter.
9967//
9968// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListOpenIDConnectProviderTags
9969func (c *IAM) ListOpenIDConnectProviderTags(input *ListOpenIDConnectProviderTagsInput) (*ListOpenIDConnectProviderTagsOutput, error) {
9970	req, out := c.ListOpenIDConnectProviderTagsRequest(input)
9971	return out, req.Send()
9972}
9973
9974// ListOpenIDConnectProviderTagsWithContext is the same as ListOpenIDConnectProviderTags with the addition of
9975// the ability to pass a context and additional request options.
9976//
9977// See ListOpenIDConnectProviderTags for details on how to use this API operation.
9978//
9979// The context must be non-nil and will be used for request cancellation. If
9980// the context is nil a panic will occur. In the future the SDK may create
9981// sub-contexts for http.Requests. See https://golang.org/pkg/context/
9982// for more information on using Contexts.
9983func (c *IAM) ListOpenIDConnectProviderTagsWithContext(ctx aws.Context, input *ListOpenIDConnectProviderTagsInput, opts ...request.Option) (*ListOpenIDConnectProviderTagsOutput, error) {
9984	req, out := c.ListOpenIDConnectProviderTagsRequest(input)
9985	req.SetContext(ctx)
9986	req.ApplyOptions(opts...)
9987	return out, req.Send()
9988}
9989
9990const opListOpenIDConnectProviders = "ListOpenIDConnectProviders"
9991
9992// ListOpenIDConnectProvidersRequest generates a "aws/request.Request" representing the
9993// client's request for the ListOpenIDConnectProviders operation. The "output" return
9994// value will be populated with the request's response once the request completes
9995// successfully.
9996//
9997// Use "Send" method on the returned Request to send the API call to the service.
9998// the "output" return value is not valid until after Send returns without error.
9999//
10000// See ListOpenIDConnectProviders for more information on using the ListOpenIDConnectProviders
10001// API call, and error handling.
10002//
10003// This method is useful when you want to inject custom logic or configuration
10004// into the SDK's request lifecycle. Such as custom headers, or retry logic.
10005//
10006//
10007//    // Example sending a request using the ListOpenIDConnectProvidersRequest method.
10008//    req, resp := client.ListOpenIDConnectProvidersRequest(params)
10009//
10010//    err := req.Send()
10011//    if err == nil { // resp is now filled
10012//        fmt.Println(resp)
10013//    }
10014//
10015// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListOpenIDConnectProviders
10016func (c *IAM) ListOpenIDConnectProvidersRequest(input *ListOpenIDConnectProvidersInput) (req *request.Request, output *ListOpenIDConnectProvidersOutput) {
10017	op := &request.Operation{
10018		Name:       opListOpenIDConnectProviders,
10019		HTTPMethod: "POST",
10020		HTTPPath:   "/",
10021	}
10022
10023	if input == nil {
10024		input = &ListOpenIDConnectProvidersInput{}
10025	}
10026
10027	output = &ListOpenIDConnectProvidersOutput{}
10028	req = c.newRequest(op, input, output)
10029	return
10030}
10031
10032// ListOpenIDConnectProviders API operation for AWS Identity and Access Management.
10033//
10034// Lists information about the IAM OpenID Connect (OIDC) provider resource objects
10035// defined in the AWS account.
10036//
10037// IAM resource-listing operations return a subset of the available attributes
10038// for the resource. For example, this operation does not return tags, even
10039// though they are an attribute of the returned object. To view all of the information
10040// for an OIDC provider, see GetOpenIDConnectProvider.
10041//
10042// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
10043// with awserr.Error's Code and Message methods to get detailed information about
10044// the error.
10045//
10046// See the AWS API reference guide for AWS Identity and Access Management's
10047// API operation ListOpenIDConnectProviders for usage and error information.
10048//
10049// Returned Error Codes:
10050//   * ErrCodeServiceFailureException "ServiceFailure"
10051//   The request processing has failed because of an unknown error, exception
10052//   or failure.
10053//
10054// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListOpenIDConnectProviders
10055func (c *IAM) ListOpenIDConnectProviders(input *ListOpenIDConnectProvidersInput) (*ListOpenIDConnectProvidersOutput, error) {
10056	req, out := c.ListOpenIDConnectProvidersRequest(input)
10057	return out, req.Send()
10058}
10059
10060// ListOpenIDConnectProvidersWithContext is the same as ListOpenIDConnectProviders with the addition of
10061// the ability to pass a context and additional request options.
10062//
10063// See ListOpenIDConnectProviders for details on how to use this API operation.
10064//
10065// The context must be non-nil and will be used for request cancellation. If
10066// the context is nil a panic will occur. In the future the SDK may create
10067// sub-contexts for http.Requests. See https://golang.org/pkg/context/
10068// for more information on using Contexts.
10069func (c *IAM) ListOpenIDConnectProvidersWithContext(ctx aws.Context, input *ListOpenIDConnectProvidersInput, opts ...request.Option) (*ListOpenIDConnectProvidersOutput, error) {
10070	req, out := c.ListOpenIDConnectProvidersRequest(input)
10071	req.SetContext(ctx)
10072	req.ApplyOptions(opts...)
10073	return out, req.Send()
10074}
10075
10076const opListPolicies = "ListPolicies"
10077
10078// ListPoliciesRequest generates a "aws/request.Request" representing the
10079// client's request for the ListPolicies operation. The "output" return
10080// value will be populated with the request's response once the request completes
10081// successfully.
10082//
10083// Use "Send" method on the returned Request to send the API call to the service.
10084// the "output" return value is not valid until after Send returns without error.
10085//
10086// See ListPolicies for more information on using the ListPolicies
10087// API call, and error handling.
10088//
10089// This method is useful when you want to inject custom logic or configuration
10090// into the SDK's request lifecycle. Such as custom headers, or retry logic.
10091//
10092//
10093//    // Example sending a request using the ListPoliciesRequest method.
10094//    req, resp := client.ListPoliciesRequest(params)
10095//
10096//    err := req.Send()
10097//    if err == nil { // resp is now filled
10098//        fmt.Println(resp)
10099//    }
10100//
10101// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListPolicies
10102func (c *IAM) ListPoliciesRequest(input *ListPoliciesInput) (req *request.Request, output *ListPoliciesOutput) {
10103	op := &request.Operation{
10104		Name:       opListPolicies,
10105		HTTPMethod: "POST",
10106		HTTPPath:   "/",
10107		Paginator: &request.Paginator{
10108			InputTokens:     []string{"Marker"},
10109			OutputTokens:    []string{"Marker"},
10110			LimitToken:      "MaxItems",
10111			TruncationToken: "IsTruncated",
10112		},
10113	}
10114
10115	if input == nil {
10116		input = &ListPoliciesInput{}
10117	}
10118
10119	output = &ListPoliciesOutput{}
10120	req = c.newRequest(op, input, output)
10121	return
10122}
10123
10124// ListPolicies API operation for AWS Identity and Access Management.
10125//
10126// Lists all the managed policies that are available in your AWS account, including
10127// your own customer-defined managed policies and all AWS managed policies.
10128//
10129// You can filter the list of policies that is returned using the optional OnlyAttached,
10130// Scope, and PathPrefix parameters. For example, to list only the customer
10131// managed policies in your AWS account, set Scope to Local. To list only AWS
10132// managed policies, set Scope to AWS.
10133//
10134// You can paginate the results using the MaxItems and Marker parameters.
10135//
10136// For more information about managed policies, see Managed policies and inline
10137// policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
10138// in the IAM User Guide.
10139//
10140// IAM resource-listing operations return a subset of the available attributes
10141// for the resource. For example, this operation does not return tags, even
10142// though they are an attribute of the returned object. To view all of the information
10143// for a customer manged policy, see GetPolicy.
10144//
10145// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
10146// with awserr.Error's Code and Message methods to get detailed information about
10147// the error.
10148//
10149// See the AWS API reference guide for AWS Identity and Access Management's
10150// API operation ListPolicies for usage and error information.
10151//
10152// Returned Error Codes:
10153//   * ErrCodeServiceFailureException "ServiceFailure"
10154//   The request processing has failed because of an unknown error, exception
10155//   or failure.
10156//
10157// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListPolicies
10158func (c *IAM) ListPolicies(input *ListPoliciesInput) (*ListPoliciesOutput, error) {
10159	req, out := c.ListPoliciesRequest(input)
10160	return out, req.Send()
10161}
10162
10163// ListPoliciesWithContext is the same as ListPolicies with the addition of
10164// the ability to pass a context and additional request options.
10165//
10166// See ListPolicies for details on how to use this API operation.
10167//
10168// The context must be non-nil and will be used for request cancellation. If
10169// the context is nil a panic will occur. In the future the SDK may create
10170// sub-contexts for http.Requests. See https://golang.org/pkg/context/
10171// for more information on using Contexts.
10172func (c *IAM) ListPoliciesWithContext(ctx aws.Context, input *ListPoliciesInput, opts ...request.Option) (*ListPoliciesOutput, error) {
10173	req, out := c.ListPoliciesRequest(input)
10174	req.SetContext(ctx)
10175	req.ApplyOptions(opts...)
10176	return out, req.Send()
10177}
10178
10179// ListPoliciesPages iterates over the pages of a ListPolicies operation,
10180// calling the "fn" function with the response data for each page. To stop
10181// iterating, return false from the fn function.
10182//
10183// See ListPolicies method for more information on how to use this operation.
10184//
10185// Note: This operation can generate multiple requests to a service.
10186//
10187//    // Example iterating over at most 3 pages of a ListPolicies operation.
10188//    pageNum := 0
10189//    err := client.ListPoliciesPages(params,
10190//        func(page *iam.ListPoliciesOutput, lastPage bool) bool {
10191//            pageNum++
10192//            fmt.Println(page)
10193//            return pageNum <= 3
10194//        })
10195//
10196func (c *IAM) ListPoliciesPages(input *ListPoliciesInput, fn func(*ListPoliciesOutput, bool) bool) error {
10197	return c.ListPoliciesPagesWithContext(aws.BackgroundContext(), input, fn)
10198}
10199
10200// ListPoliciesPagesWithContext same as ListPoliciesPages except
10201// it takes a Context and allows setting request options on the pages.
10202//
10203// The context must be non-nil and will be used for request cancellation. If
10204// the context is nil a panic will occur. In the future the SDK may create
10205// sub-contexts for http.Requests. See https://golang.org/pkg/context/
10206// for more information on using Contexts.
10207func (c *IAM) ListPoliciesPagesWithContext(ctx aws.Context, input *ListPoliciesInput, fn func(*ListPoliciesOutput, bool) bool, opts ...request.Option) error {
10208	p := request.Pagination{
10209		NewRequest: func() (*request.Request, error) {
10210			var inCpy *ListPoliciesInput
10211			if input != nil {
10212				tmp := *input
10213				inCpy = &tmp
10214			}
10215			req, _ := c.ListPoliciesRequest(inCpy)
10216			req.SetContext(ctx)
10217			req.ApplyOptions(opts...)
10218			return req, nil
10219		},
10220	}
10221
10222	for p.Next() {
10223		if !fn(p.Page().(*ListPoliciesOutput), !p.HasNextPage()) {
10224			break
10225		}
10226	}
10227
10228	return p.Err()
10229}
10230
10231const opListPoliciesGrantingServiceAccess = "ListPoliciesGrantingServiceAccess"
10232
10233// ListPoliciesGrantingServiceAccessRequest generates a "aws/request.Request" representing the
10234// client's request for the ListPoliciesGrantingServiceAccess operation. The "output" return
10235// value will be populated with the request's response once the request completes
10236// successfully.
10237//
10238// Use "Send" method on the returned Request to send the API call to the service.
10239// the "output" return value is not valid until after Send returns without error.
10240//
10241// See ListPoliciesGrantingServiceAccess for more information on using the ListPoliciesGrantingServiceAccess
10242// API call, and error handling.
10243//
10244// This method is useful when you want to inject custom logic or configuration
10245// into the SDK's request lifecycle. Such as custom headers, or retry logic.
10246//
10247//
10248//    // Example sending a request using the ListPoliciesGrantingServiceAccessRequest method.
10249//    req, resp := client.ListPoliciesGrantingServiceAccessRequest(params)
10250//
10251//    err := req.Send()
10252//    if err == nil { // resp is now filled
10253//        fmt.Println(resp)
10254//    }
10255//
10256// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListPoliciesGrantingServiceAccess
10257func (c *IAM) ListPoliciesGrantingServiceAccessRequest(input *ListPoliciesGrantingServiceAccessInput) (req *request.Request, output *ListPoliciesGrantingServiceAccessOutput) {
10258	op := &request.Operation{
10259		Name:       opListPoliciesGrantingServiceAccess,
10260		HTTPMethod: "POST",
10261		HTTPPath:   "/",
10262	}
10263
10264	if input == nil {
10265		input = &ListPoliciesGrantingServiceAccessInput{}
10266	}
10267
10268	output = &ListPoliciesGrantingServiceAccessOutput{}
10269	req = c.newRequest(op, input, output)
10270	return
10271}
10272
10273// ListPoliciesGrantingServiceAccess API operation for AWS Identity and Access Management.
10274//
10275// Retrieves a list of policies that the IAM identity (user, group, or role)
10276// can use to access each specified service.
10277//
10278// This operation does not use other policy types when determining whether a
10279// resource could access a service. These other policy types include resource-based
10280// policies, access control lists, AWS Organizations policies, IAM permissions
10281// boundaries, and AWS STS assume role policies. It only applies permissions
10282// policy logic. For more about the evaluation of policy types, see Evaluating
10283// policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluation-logic.html#policy-eval-basics)
10284// in the IAM User Guide.
10285//
10286// The list of policies returned by the operation depends on the ARN of the
10287// identity that you provide.
10288//
10289//    * User – The list of policies includes the managed and inline policies
10290//    that are attached to the user directly. The list also includes any additional
10291//    managed and inline policies that are attached to the group to which the
10292//    user belongs.
10293//
10294//    * Group – The list of policies includes only the managed and inline
10295//    policies that are attached to the group directly. Policies that are attached
10296//    to the group’s user are not included.
10297//
10298//    * Role – The list of policies includes only the managed and inline policies
10299//    that are attached to the role.
10300//
10301// For each managed policy, this operation returns the ARN and policy name.
10302// For each inline policy, it returns the policy name and the entity to which
10303// it is attached. Inline policies do not have an ARN. For more information
10304// about these policy types, see Managed policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_managed-vs-inline.html)
10305// in the IAM User Guide.
10306//
10307// Policies that are attached to users and roles as permissions boundaries are
10308// not returned. To view which managed policy is currently used to set the permissions
10309// boundary for a user or role, use the GetUser or GetRole operations.
10310//
10311// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
10312// with awserr.Error's Code and Message methods to get detailed information about
10313// the error.
10314//
10315// See the AWS API reference guide for AWS Identity and Access Management's
10316// API operation ListPoliciesGrantingServiceAccess for usage and error information.
10317//
10318// Returned Error Codes:
10319//   * ErrCodeNoSuchEntityException "NoSuchEntity"
10320//   The request was rejected because it referenced a resource entity that does
10321//   not exist. The error message describes the resource.
10322//
10323//   * ErrCodeInvalidInputException "InvalidInput"
10324//   The request was rejected because an invalid or out-of-range value was supplied
10325//   for an input parameter.
10326//
10327// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListPoliciesGrantingServiceAccess
10328func (c *IAM) ListPoliciesGrantingServiceAccess(input *ListPoliciesGrantingServiceAccessInput) (*ListPoliciesGrantingServiceAccessOutput, error) {
10329	req, out := c.ListPoliciesGrantingServiceAccessRequest(input)
10330	return out, req.Send()
10331}
10332
10333// ListPoliciesGrantingServiceAccessWithContext is the same as ListPoliciesGrantingServiceAccess with the addition of
10334// the ability to pass a context and additional request options.
10335//
10336// See ListPoliciesGrantingServiceAccess for details on how to use this API operation.
10337//
10338// The context must be non-nil and will be used for request cancellation. If
10339// the context is nil a panic will occur. In the future the SDK may create
10340// sub-contexts for http.Requests. See https://golang.org/pkg/context/
10341// for more information on using Contexts.
10342func (c *IAM) ListPoliciesGrantingServiceAccessWithContext(ctx aws.Context, input *ListPoliciesGrantingServiceAccessInput, opts ...request.Option) (*ListPoliciesGrantingServiceAccessOutput, error) {
10343	req, out := c.ListPoliciesGrantingServiceAccessRequest(input)
10344	req.SetContext(ctx)
10345	req.ApplyOptions(opts...)
10346	return out, req.Send()
10347}
10348
10349const opListPolicyTags = "ListPolicyTags"
10350
10351// ListPolicyTagsRequest generates a "aws/request.Request" representing the
10352// client's request for the ListPolicyTags operation. The "output" return
10353// value will be populated with the request's response once the request completes
10354// successfully.
10355//
10356// Use "Send" method on the returned Request to send the API call to the service.
10357// the "output" return value is not valid until after Send returns without error.
10358//
10359// See ListPolicyTags for more information on using the ListPolicyTags
10360// API call, and error handling.
10361//
10362// This method is useful when you want to inject custom logic or configuration
10363// into the SDK's request lifecycle. Such as custom headers, or retry logic.
10364//
10365//
10366//    // Example sending a request using the ListPolicyTagsRequest method.
10367//    req, resp := client.ListPolicyTagsRequest(params)
10368//
10369//    err := req.Send()
10370//    if err == nil { // resp is now filled
10371//        fmt.Println(resp)
10372//    }
10373//
10374// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListPolicyTags
10375func (c *IAM) ListPolicyTagsRequest(input *ListPolicyTagsInput) (req *request.Request, output *ListPolicyTagsOutput) {
10376	op := &request.Operation{
10377		Name:       opListPolicyTags,
10378		HTTPMethod: "POST",
10379		HTTPPath:   "/",
10380	}
10381
10382	if input == nil {
10383		input = &ListPolicyTagsInput{}
10384	}
10385
10386	output = &ListPolicyTagsOutput{}
10387	req = c.newRequest(op, input, output)
10388	return
10389}
10390
10391// ListPolicyTags API operation for AWS Identity and Access Management.
10392//
10393// Lists the tags that are attached to the specified IAM customer managed policy.
10394// The returned list of tags is sorted by tag key. For more information about
10395// tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
10396// in the IAM User Guide.
10397//
10398// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
10399// with awserr.Error's Code and Message methods to get detailed information about
10400// the error.
10401//
10402// See the AWS API reference guide for AWS Identity and Access Management's
10403// API operation ListPolicyTags for usage and error information.
10404//
10405// Returned Error Codes:
10406//   * ErrCodeNoSuchEntityException "NoSuchEntity"
10407//   The request was rejected because it referenced a resource entity that does
10408//   not exist. The error message describes the resource.
10409//
10410//   * ErrCodeServiceFailureException "ServiceFailure"
10411//   The request processing has failed because of an unknown error, exception
10412//   or failure.
10413//
10414//   * ErrCodeInvalidInputException "InvalidInput"
10415//   The request was rejected because an invalid or out-of-range value was supplied
10416//   for an input parameter.
10417//
10418// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListPolicyTags
10419func (c *IAM) ListPolicyTags(input *ListPolicyTagsInput) (*ListPolicyTagsOutput, error) {
10420	req, out := c.ListPolicyTagsRequest(input)
10421	return out, req.Send()
10422}
10423
10424// ListPolicyTagsWithContext is the same as ListPolicyTags with the addition of
10425// the ability to pass a context and additional request options.
10426//
10427// See ListPolicyTags for details on how to use this API operation.
10428//
10429// The context must be non-nil and will be used for request cancellation. If
10430// the context is nil a panic will occur. In the future the SDK may create
10431// sub-contexts for http.Requests. See https://golang.org/pkg/context/
10432// for more information on using Contexts.
10433func (c *IAM) ListPolicyTagsWithContext(ctx aws.Context, input *ListPolicyTagsInput, opts ...request.Option) (*ListPolicyTagsOutput, error) {
10434	req, out := c.ListPolicyTagsRequest(input)
10435	req.SetContext(ctx)
10436	req.ApplyOptions(opts...)
10437	return out, req.Send()
10438}
10439
10440const opListPolicyVersions = "ListPolicyVersions"
10441
10442// ListPolicyVersionsRequest generates a "aws/request.Request" representing the
10443// client's request for the ListPolicyVersions operation. The "output" return
10444// value will be populated with the request's response once the request completes
10445// successfully.
10446//
10447// Use "Send" method on the returned Request to send the API call to the service.
10448// the "output" return value is not valid until after Send returns without error.
10449//
10450// See ListPolicyVersions for more information on using the ListPolicyVersions
10451// API call, and error handling.
10452//
10453// This method is useful when you want to inject custom logic or configuration
10454// into the SDK's request lifecycle. Such as custom headers, or retry logic.
10455//
10456//
10457//    // Example sending a request using the ListPolicyVersionsRequest method.
10458//    req, resp := client.ListPolicyVersionsRequest(params)
10459//
10460//    err := req.Send()
10461//    if err == nil { // resp is now filled
10462//        fmt.Println(resp)
10463//    }
10464//
10465// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListPolicyVersions
10466func (c *IAM) ListPolicyVersionsRequest(input *ListPolicyVersionsInput) (req *request.Request, output *ListPolicyVersionsOutput) {
10467	op := &request.Operation{
10468		Name:       opListPolicyVersions,
10469		HTTPMethod: "POST",
10470		HTTPPath:   "/",
10471		Paginator: &request.Paginator{
10472			InputTokens:     []string{"Marker"},
10473			OutputTokens:    []string{"Marker"},
10474			LimitToken:      "MaxItems",
10475			TruncationToken: "IsTruncated",
10476		},
10477	}
10478
10479	if input == nil {
10480		input = &ListPolicyVersionsInput{}
10481	}
10482
10483	output = &ListPolicyVersionsOutput{}
10484	req = c.newRequest(op, input, output)
10485	return
10486}
10487
10488// ListPolicyVersions API operation for AWS Identity and Access Management.
10489//
10490// Lists information about the versions of the specified managed policy, including
10491// the version that is currently set as the policy's default version.
10492//
10493// For more information about managed policies, see Managed policies and inline
10494// policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
10495// in the IAM User Guide.
10496//
10497// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
10498// with awserr.Error's Code and Message methods to get detailed information about
10499// the error.
10500//
10501// See the AWS API reference guide for AWS Identity and Access Management's
10502// API operation ListPolicyVersions for usage and error information.
10503//
10504// Returned Error Codes:
10505//   * ErrCodeNoSuchEntityException "NoSuchEntity"
10506//   The request was rejected because it referenced a resource entity that does
10507//   not exist. The error message describes the resource.
10508//
10509//   * ErrCodeInvalidInputException "InvalidInput"
10510//   The request was rejected because an invalid or out-of-range value was supplied
10511//   for an input parameter.
10512//
10513//   * ErrCodeServiceFailureException "ServiceFailure"
10514//   The request processing has failed because of an unknown error, exception
10515//   or failure.
10516//
10517// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListPolicyVersions
10518func (c *IAM) ListPolicyVersions(input *ListPolicyVersionsInput) (*ListPolicyVersionsOutput, error) {
10519	req, out := c.ListPolicyVersionsRequest(input)
10520	return out, req.Send()
10521}
10522
10523// ListPolicyVersionsWithContext is the same as ListPolicyVersions with the addition of
10524// the ability to pass a context and additional request options.
10525//
10526// See ListPolicyVersions for details on how to use this API operation.
10527//
10528// The context must be non-nil and will be used for request cancellation. If
10529// the context is nil a panic will occur. In the future the SDK may create
10530// sub-contexts for http.Requests. See https://golang.org/pkg/context/
10531// for more information on using Contexts.
10532func (c *IAM) ListPolicyVersionsWithContext(ctx aws.Context, input *ListPolicyVersionsInput, opts ...request.Option) (*ListPolicyVersionsOutput, error) {
10533	req, out := c.ListPolicyVersionsRequest(input)
10534	req.SetContext(ctx)
10535	req.ApplyOptions(opts...)
10536	return out, req.Send()
10537}
10538
10539// ListPolicyVersionsPages iterates over the pages of a ListPolicyVersions operation,
10540// calling the "fn" function with the response data for each page. To stop
10541// iterating, return false from the fn function.
10542//
10543// See ListPolicyVersions method for more information on how to use this operation.
10544//
10545// Note: This operation can generate multiple requests to a service.
10546//
10547//    // Example iterating over at most 3 pages of a ListPolicyVersions operation.
10548//    pageNum := 0
10549//    err := client.ListPolicyVersionsPages(params,
10550//        func(page *iam.ListPolicyVersionsOutput, lastPage bool) bool {
10551//            pageNum++
10552//            fmt.Println(page)
10553//            return pageNum <= 3
10554//        })
10555//
10556func (c *IAM) ListPolicyVersionsPages(input *ListPolicyVersionsInput, fn func(*ListPolicyVersionsOutput, bool) bool) error {
10557	return c.ListPolicyVersionsPagesWithContext(aws.BackgroundContext(), input, fn)
10558}
10559
10560// ListPolicyVersionsPagesWithContext same as ListPolicyVersionsPages except
10561// it takes a Context and allows setting request options on the pages.
10562//
10563// The context must be non-nil and will be used for request cancellation. If
10564// the context is nil a panic will occur. In the future the SDK may create
10565// sub-contexts for http.Requests. See https://golang.org/pkg/context/
10566// for more information on using Contexts.
10567func (c *IAM) ListPolicyVersionsPagesWithContext(ctx aws.Context, input *ListPolicyVersionsInput, fn func(*ListPolicyVersionsOutput, bool) bool, opts ...request.Option) error {
10568	p := request.Pagination{
10569		NewRequest: func() (*request.Request, error) {
10570			var inCpy *ListPolicyVersionsInput
10571			if input != nil {
10572				tmp := *input
10573				inCpy = &tmp
10574			}
10575			req, _ := c.ListPolicyVersionsRequest(inCpy)
10576			req.SetContext(ctx)
10577			req.ApplyOptions(opts...)
10578			return req, nil
10579		},
10580	}
10581
10582	for p.Next() {
10583		if !fn(p.Page().(*ListPolicyVersionsOutput), !p.HasNextPage()) {
10584			break
10585		}
10586	}
10587
10588	return p.Err()
10589}
10590
10591const opListRolePolicies = "ListRolePolicies"
10592
10593// ListRolePoliciesRequest generates a "aws/request.Request" representing the
10594// client's request for the ListRolePolicies operation. The "output" return
10595// value will be populated with the request's response once the request completes
10596// successfully.
10597//
10598// Use "Send" method on the returned Request to send the API call to the service.
10599// the "output" return value is not valid until after Send returns without error.
10600//
10601// See ListRolePolicies for more information on using the ListRolePolicies
10602// API call, and error handling.
10603//
10604// This method is useful when you want to inject custom logic or configuration
10605// into the SDK's request lifecycle. Such as custom headers, or retry logic.
10606//
10607//
10608//    // Example sending a request using the ListRolePoliciesRequest method.
10609//    req, resp := client.ListRolePoliciesRequest(params)
10610//
10611//    err := req.Send()
10612//    if err == nil { // resp is now filled
10613//        fmt.Println(resp)
10614//    }
10615//
10616// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListRolePolicies
10617func (c *IAM) ListRolePoliciesRequest(input *ListRolePoliciesInput) (req *request.Request, output *ListRolePoliciesOutput) {
10618	op := &request.Operation{
10619		Name:       opListRolePolicies,
10620		HTTPMethod: "POST",
10621		HTTPPath:   "/",
10622		Paginator: &request.Paginator{
10623			InputTokens:     []string{"Marker"},
10624			OutputTokens:    []string{"Marker"},
10625			LimitToken:      "MaxItems",
10626			TruncationToken: "IsTruncated",
10627		},
10628	}
10629
10630	if input == nil {
10631		input = &ListRolePoliciesInput{}
10632	}
10633
10634	output = &ListRolePoliciesOutput{}
10635	req = c.newRequest(op, input, output)
10636	return
10637}
10638
10639// ListRolePolicies API operation for AWS Identity and Access Management.
10640//
10641// Lists the names of the inline policies that are embedded in the specified
10642// IAM role.
10643//
10644// An IAM role can also have managed policies attached to it. To list the managed
10645// policies that are attached to a role, use ListAttachedRolePolicies. For more
10646// information about policies, see Managed policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
10647// in the IAM User Guide.
10648//
10649// You can paginate the results using the MaxItems and Marker parameters. If
10650// there are no inline policies embedded with the specified role, the operation
10651// returns an empty list.
10652//
10653// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
10654// with awserr.Error's Code and Message methods to get detailed information about
10655// the error.
10656//
10657// See the AWS API reference guide for AWS Identity and Access Management's
10658// API operation ListRolePolicies for usage and error information.
10659//
10660// Returned Error Codes:
10661//   * ErrCodeNoSuchEntityException "NoSuchEntity"
10662//   The request was rejected because it referenced a resource entity that does
10663//   not exist. The error message describes the resource.
10664//
10665//   * ErrCodeServiceFailureException "ServiceFailure"
10666//   The request processing has failed because of an unknown error, exception
10667//   or failure.
10668//
10669// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListRolePolicies
10670func (c *IAM) ListRolePolicies(input *ListRolePoliciesInput) (*ListRolePoliciesOutput, error) {
10671	req, out := c.ListRolePoliciesRequest(input)
10672	return out, req.Send()
10673}
10674
10675// ListRolePoliciesWithContext is the same as ListRolePolicies with the addition of
10676// the ability to pass a context and additional request options.
10677//
10678// See ListRolePolicies for details on how to use this API operation.
10679//
10680// The context must be non-nil and will be used for request cancellation. If
10681// the context is nil a panic will occur. In the future the SDK may create
10682// sub-contexts for http.Requests. See https://golang.org/pkg/context/
10683// for more information on using Contexts.
10684func (c *IAM) ListRolePoliciesWithContext(ctx aws.Context, input *ListRolePoliciesInput, opts ...request.Option) (*ListRolePoliciesOutput, error) {
10685	req, out := c.ListRolePoliciesRequest(input)
10686	req.SetContext(ctx)
10687	req.ApplyOptions(opts...)
10688	return out, req.Send()
10689}
10690
10691// ListRolePoliciesPages iterates over the pages of a ListRolePolicies operation,
10692// calling the "fn" function with the response data for each page. To stop
10693// iterating, return false from the fn function.
10694//
10695// See ListRolePolicies method for more information on how to use this operation.
10696//
10697// Note: This operation can generate multiple requests to a service.
10698//
10699//    // Example iterating over at most 3 pages of a ListRolePolicies operation.
10700//    pageNum := 0
10701//    err := client.ListRolePoliciesPages(params,
10702//        func(page *iam.ListRolePoliciesOutput, lastPage bool) bool {
10703//            pageNum++
10704//            fmt.Println(page)
10705//            return pageNum <= 3
10706//        })
10707//
10708func (c *IAM) ListRolePoliciesPages(input *ListRolePoliciesInput, fn func(*ListRolePoliciesOutput, bool) bool) error {
10709	return c.ListRolePoliciesPagesWithContext(aws.BackgroundContext(), input, fn)
10710}
10711
10712// ListRolePoliciesPagesWithContext same as ListRolePoliciesPages except
10713// it takes a Context and allows setting request options on the pages.
10714//
10715// The context must be non-nil and will be used for request cancellation. If
10716// the context is nil a panic will occur. In the future the SDK may create
10717// sub-contexts for http.Requests. See https://golang.org/pkg/context/
10718// for more information on using Contexts.
10719func (c *IAM) ListRolePoliciesPagesWithContext(ctx aws.Context, input *ListRolePoliciesInput, fn func(*ListRolePoliciesOutput, bool) bool, opts ...request.Option) error {
10720	p := request.Pagination{
10721		NewRequest: func() (*request.Request, error) {
10722			var inCpy *ListRolePoliciesInput
10723			if input != nil {
10724				tmp := *input
10725				inCpy = &tmp
10726			}
10727			req, _ := c.ListRolePoliciesRequest(inCpy)
10728			req.SetContext(ctx)
10729			req.ApplyOptions(opts...)
10730			return req, nil
10731		},
10732	}
10733
10734	for p.Next() {
10735		if !fn(p.Page().(*ListRolePoliciesOutput), !p.HasNextPage()) {
10736			break
10737		}
10738	}
10739
10740	return p.Err()
10741}
10742
10743const opListRoleTags = "ListRoleTags"
10744
10745// ListRoleTagsRequest generates a "aws/request.Request" representing the
10746// client's request for the ListRoleTags operation. The "output" return
10747// value will be populated with the request's response once the request completes
10748// successfully.
10749//
10750// Use "Send" method on the returned Request to send the API call to the service.
10751// the "output" return value is not valid until after Send returns without error.
10752//
10753// See ListRoleTags for more information on using the ListRoleTags
10754// API call, and error handling.
10755//
10756// This method is useful when you want to inject custom logic or configuration
10757// into the SDK's request lifecycle. Such as custom headers, or retry logic.
10758//
10759//
10760//    // Example sending a request using the ListRoleTagsRequest method.
10761//    req, resp := client.ListRoleTagsRequest(params)
10762//
10763//    err := req.Send()
10764//    if err == nil { // resp is now filled
10765//        fmt.Println(resp)
10766//    }
10767//
10768// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListRoleTags
10769func (c *IAM) ListRoleTagsRequest(input *ListRoleTagsInput) (req *request.Request, output *ListRoleTagsOutput) {
10770	op := &request.Operation{
10771		Name:       opListRoleTags,
10772		HTTPMethod: "POST",
10773		HTTPPath:   "/",
10774	}
10775
10776	if input == nil {
10777		input = &ListRoleTagsInput{}
10778	}
10779
10780	output = &ListRoleTagsOutput{}
10781	req = c.newRequest(op, input, output)
10782	return
10783}
10784
10785// ListRoleTags API operation for AWS Identity and Access Management.
10786//
10787// Lists the tags that are attached to the specified role. The returned list
10788// of tags is sorted by tag key. For more information about tagging, see Tagging
10789// IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
10790// in the IAM User Guide.
10791//
10792// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
10793// with awserr.Error's Code and Message methods to get detailed information about
10794// the error.
10795//
10796// See the AWS API reference guide for AWS Identity and Access Management's
10797// API operation ListRoleTags for usage and error information.
10798//
10799// Returned Error Codes:
10800//   * ErrCodeNoSuchEntityException "NoSuchEntity"
10801//   The request was rejected because it referenced a resource entity that does
10802//   not exist. The error message describes the resource.
10803//
10804//   * ErrCodeServiceFailureException "ServiceFailure"
10805//   The request processing has failed because of an unknown error, exception
10806//   or failure.
10807//
10808// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListRoleTags
10809func (c *IAM) ListRoleTags(input *ListRoleTagsInput) (*ListRoleTagsOutput, error) {
10810	req, out := c.ListRoleTagsRequest(input)
10811	return out, req.Send()
10812}
10813
10814// ListRoleTagsWithContext is the same as ListRoleTags with the addition of
10815// the ability to pass a context and additional request options.
10816//
10817// See ListRoleTags for details on how to use this API operation.
10818//
10819// The context must be non-nil and will be used for request cancellation. If
10820// the context is nil a panic will occur. In the future the SDK may create
10821// sub-contexts for http.Requests. See https://golang.org/pkg/context/
10822// for more information on using Contexts.
10823func (c *IAM) ListRoleTagsWithContext(ctx aws.Context, input *ListRoleTagsInput, opts ...request.Option) (*ListRoleTagsOutput, error) {
10824	req, out := c.ListRoleTagsRequest(input)
10825	req.SetContext(ctx)
10826	req.ApplyOptions(opts...)
10827	return out, req.Send()
10828}
10829
10830const opListRoles = "ListRoles"
10831
10832// ListRolesRequest generates a "aws/request.Request" representing the
10833// client's request for the ListRoles operation. The "output" return
10834// value will be populated with the request's response once the request completes
10835// successfully.
10836//
10837// Use "Send" method on the returned Request to send the API call to the service.
10838// the "output" return value is not valid until after Send returns without error.
10839//
10840// See ListRoles for more information on using the ListRoles
10841// API call, and error handling.
10842//
10843// This method is useful when you want to inject custom logic or configuration
10844// into the SDK's request lifecycle. Such as custom headers, or retry logic.
10845//
10846//
10847//    // Example sending a request using the ListRolesRequest method.
10848//    req, resp := client.ListRolesRequest(params)
10849//
10850//    err := req.Send()
10851//    if err == nil { // resp is now filled
10852//        fmt.Println(resp)
10853//    }
10854//
10855// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListRoles
10856func (c *IAM) ListRolesRequest(input *ListRolesInput) (req *request.Request, output *ListRolesOutput) {
10857	op := &request.Operation{
10858		Name:       opListRoles,
10859		HTTPMethod: "POST",
10860		HTTPPath:   "/",
10861		Paginator: &request.Paginator{
10862			InputTokens:     []string{"Marker"},
10863			OutputTokens:    []string{"Marker"},
10864			LimitToken:      "MaxItems",
10865			TruncationToken: "IsTruncated",
10866		},
10867	}
10868
10869	if input == nil {
10870		input = &ListRolesInput{}
10871	}
10872
10873	output = &ListRolesOutput{}
10874	req = c.newRequest(op, input, output)
10875	return
10876}
10877
10878// ListRoles API operation for AWS Identity and Access Management.
10879//
10880// Lists the IAM roles that have the specified path prefix. If there are none,
10881// the operation returns an empty list. For more information about roles, see
10882// Working with roles (https://docs.aws.amazon.com/IAM/latest/UserGuide/WorkingWithRoles.html).
10883//
10884// IAM resource-listing operations return a subset of the available attributes
10885// for the resource. For example, this operation does not return tags, even
10886// though they are an attribute of the returned object. To view all of the information
10887// for a role, see GetRole.
10888//
10889// You can paginate the results using the MaxItems and Marker parameters.
10890//
10891// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
10892// with awserr.Error's Code and Message methods to get detailed information about
10893// the error.
10894//
10895// See the AWS API reference guide for AWS Identity and Access Management's
10896// API operation ListRoles for usage and error information.
10897//
10898// Returned Error Codes:
10899//   * ErrCodeServiceFailureException "ServiceFailure"
10900//   The request processing has failed because of an unknown error, exception
10901//   or failure.
10902//
10903// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListRoles
10904func (c *IAM) ListRoles(input *ListRolesInput) (*ListRolesOutput, error) {
10905	req, out := c.ListRolesRequest(input)
10906	return out, req.Send()
10907}
10908
10909// ListRolesWithContext is the same as ListRoles with the addition of
10910// the ability to pass a context and additional request options.
10911//
10912// See ListRoles for details on how to use this API operation.
10913//
10914// The context must be non-nil and will be used for request cancellation. If
10915// the context is nil a panic will occur. In the future the SDK may create
10916// sub-contexts for http.Requests. See https://golang.org/pkg/context/
10917// for more information on using Contexts.
10918func (c *IAM) ListRolesWithContext(ctx aws.Context, input *ListRolesInput, opts ...request.Option) (*ListRolesOutput, error) {
10919	req, out := c.ListRolesRequest(input)
10920	req.SetContext(ctx)
10921	req.ApplyOptions(opts...)
10922	return out, req.Send()
10923}
10924
10925// ListRolesPages iterates over the pages of a ListRoles operation,
10926// calling the "fn" function with the response data for each page. To stop
10927// iterating, return false from the fn function.
10928//
10929// See ListRoles method for more information on how to use this operation.
10930//
10931// Note: This operation can generate multiple requests to a service.
10932//
10933//    // Example iterating over at most 3 pages of a ListRoles operation.
10934//    pageNum := 0
10935//    err := client.ListRolesPages(params,
10936//        func(page *iam.ListRolesOutput, lastPage bool) bool {
10937//            pageNum++
10938//            fmt.Println(page)
10939//            return pageNum <= 3
10940//        })
10941//
10942func (c *IAM) ListRolesPages(input *ListRolesInput, fn func(*ListRolesOutput, bool) bool) error {
10943	return c.ListRolesPagesWithContext(aws.BackgroundContext(), input, fn)
10944}
10945
10946// ListRolesPagesWithContext same as ListRolesPages except
10947// it takes a Context and allows setting request options on the pages.
10948//
10949// The context must be non-nil and will be used for request cancellation. If
10950// the context is nil a panic will occur. In the future the SDK may create
10951// sub-contexts for http.Requests. See https://golang.org/pkg/context/
10952// for more information on using Contexts.
10953func (c *IAM) ListRolesPagesWithContext(ctx aws.Context, input *ListRolesInput, fn func(*ListRolesOutput, bool) bool, opts ...request.Option) error {
10954	p := request.Pagination{
10955		NewRequest: func() (*request.Request, error) {
10956			var inCpy *ListRolesInput
10957			if input != nil {
10958				tmp := *input
10959				inCpy = &tmp
10960			}
10961			req, _ := c.ListRolesRequest(inCpy)
10962			req.SetContext(ctx)
10963			req.ApplyOptions(opts...)
10964			return req, nil
10965		},
10966	}
10967
10968	for p.Next() {
10969		if !fn(p.Page().(*ListRolesOutput), !p.HasNextPage()) {
10970			break
10971		}
10972	}
10973
10974	return p.Err()
10975}
10976
10977const opListSAMLProviderTags = "ListSAMLProviderTags"
10978
10979// ListSAMLProviderTagsRequest generates a "aws/request.Request" representing the
10980// client's request for the ListSAMLProviderTags operation. The "output" return
10981// value will be populated with the request's response once the request completes
10982// successfully.
10983//
10984// Use "Send" method on the returned Request to send the API call to the service.
10985// the "output" return value is not valid until after Send returns without error.
10986//
10987// See ListSAMLProviderTags for more information on using the ListSAMLProviderTags
10988// API call, and error handling.
10989//
10990// This method is useful when you want to inject custom logic or configuration
10991// into the SDK's request lifecycle. Such as custom headers, or retry logic.
10992//
10993//
10994//    // Example sending a request using the ListSAMLProviderTagsRequest method.
10995//    req, resp := client.ListSAMLProviderTagsRequest(params)
10996//
10997//    err := req.Send()
10998//    if err == nil { // resp is now filled
10999//        fmt.Println(resp)
11000//    }
11001//
11002// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListSAMLProviderTags
11003func (c *IAM) ListSAMLProviderTagsRequest(input *ListSAMLProviderTagsInput) (req *request.Request, output *ListSAMLProviderTagsOutput) {
11004	op := &request.Operation{
11005		Name:       opListSAMLProviderTags,
11006		HTTPMethod: "POST",
11007		HTTPPath:   "/",
11008	}
11009
11010	if input == nil {
11011		input = &ListSAMLProviderTagsInput{}
11012	}
11013
11014	output = &ListSAMLProviderTagsOutput{}
11015	req = c.newRequest(op, input, output)
11016	return
11017}
11018
11019// ListSAMLProviderTags API operation for AWS Identity and Access Management.
11020//
11021// Lists the tags that are attached to the specified Security Assertion Markup
11022// Language (SAML) identity provider. The returned list of tags is sorted by
11023// tag key. For more information, see About SAML 2.0-based federation (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_saml.html).
11024//
11025// For more information about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
11026// in the IAM User Guide.
11027//
11028// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
11029// with awserr.Error's Code and Message methods to get detailed information about
11030// the error.
11031//
11032// See the AWS API reference guide for AWS Identity and Access Management's
11033// API operation ListSAMLProviderTags for usage and error information.
11034//
11035// Returned Error Codes:
11036//   * ErrCodeNoSuchEntityException "NoSuchEntity"
11037//   The request was rejected because it referenced a resource entity that does
11038//   not exist. The error message describes the resource.
11039//
11040//   * ErrCodeServiceFailureException "ServiceFailure"
11041//   The request processing has failed because of an unknown error, exception
11042//   or failure.
11043//
11044//   * ErrCodeInvalidInputException "InvalidInput"
11045//   The request was rejected because an invalid or out-of-range value was supplied
11046//   for an input parameter.
11047//
11048// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListSAMLProviderTags
11049func (c *IAM) ListSAMLProviderTags(input *ListSAMLProviderTagsInput) (*ListSAMLProviderTagsOutput, error) {
11050	req, out := c.ListSAMLProviderTagsRequest(input)
11051	return out, req.Send()
11052}
11053
11054// ListSAMLProviderTagsWithContext is the same as ListSAMLProviderTags with the addition of
11055// the ability to pass a context and additional request options.
11056//
11057// See ListSAMLProviderTags for details on how to use this API operation.
11058//
11059// The context must be non-nil and will be used for request cancellation. If
11060// the context is nil a panic will occur. In the future the SDK may create
11061// sub-contexts for http.Requests. See https://golang.org/pkg/context/
11062// for more information on using Contexts.
11063func (c *IAM) ListSAMLProviderTagsWithContext(ctx aws.Context, input *ListSAMLProviderTagsInput, opts ...request.Option) (*ListSAMLProviderTagsOutput, error) {
11064	req, out := c.ListSAMLProviderTagsRequest(input)
11065	req.SetContext(ctx)
11066	req.ApplyOptions(opts...)
11067	return out, req.Send()
11068}
11069
11070const opListSAMLProviders = "ListSAMLProviders"
11071
11072// ListSAMLProvidersRequest generates a "aws/request.Request" representing the
11073// client's request for the ListSAMLProviders operation. The "output" return
11074// value will be populated with the request's response once the request completes
11075// successfully.
11076//
11077// Use "Send" method on the returned Request to send the API call to the service.
11078// the "output" return value is not valid until after Send returns without error.
11079//
11080// See ListSAMLProviders for more information on using the ListSAMLProviders
11081// API call, and error handling.
11082//
11083// This method is useful when you want to inject custom logic or configuration
11084// into the SDK's request lifecycle. Such as custom headers, or retry logic.
11085//
11086//
11087//    // Example sending a request using the ListSAMLProvidersRequest method.
11088//    req, resp := client.ListSAMLProvidersRequest(params)
11089//
11090//    err := req.Send()
11091//    if err == nil { // resp is now filled
11092//        fmt.Println(resp)
11093//    }
11094//
11095// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListSAMLProviders
11096func (c *IAM) ListSAMLProvidersRequest(input *ListSAMLProvidersInput) (req *request.Request, output *ListSAMLProvidersOutput) {
11097	op := &request.Operation{
11098		Name:       opListSAMLProviders,
11099		HTTPMethod: "POST",
11100		HTTPPath:   "/",
11101	}
11102
11103	if input == nil {
11104		input = &ListSAMLProvidersInput{}
11105	}
11106
11107	output = &ListSAMLProvidersOutput{}
11108	req = c.newRequest(op, input, output)
11109	return
11110}
11111
11112// ListSAMLProviders API operation for AWS Identity and Access Management.
11113//
11114// Lists the SAML provider resource objects defined in IAM in the account. IAM
11115// resource-listing operations return a subset of the available attributes for
11116// the resource. For example, this operation does not return tags, even though
11117// they are an attribute of the returned object. To view all of the information
11118// for a SAML provider, see GetSAMLProvider.
11119//
11120// This operation requires Signature Version 4 (https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html).
11121//
11122// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
11123// with awserr.Error's Code and Message methods to get detailed information about
11124// the error.
11125//
11126// See the AWS API reference guide for AWS Identity and Access Management's
11127// API operation ListSAMLProviders for usage and error information.
11128//
11129// Returned Error Codes:
11130//   * ErrCodeServiceFailureException "ServiceFailure"
11131//   The request processing has failed because of an unknown error, exception
11132//   or failure.
11133//
11134// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListSAMLProviders
11135func (c *IAM) ListSAMLProviders(input *ListSAMLProvidersInput) (*ListSAMLProvidersOutput, error) {
11136	req, out := c.ListSAMLProvidersRequest(input)
11137	return out, req.Send()
11138}
11139
11140// ListSAMLProvidersWithContext is the same as ListSAMLProviders with the addition of
11141// the ability to pass a context and additional request options.
11142//
11143// See ListSAMLProviders for details on how to use this API operation.
11144//
11145// The context must be non-nil and will be used for request cancellation. If
11146// the context is nil a panic will occur. In the future the SDK may create
11147// sub-contexts for http.Requests. See https://golang.org/pkg/context/
11148// for more information on using Contexts.
11149func (c *IAM) ListSAMLProvidersWithContext(ctx aws.Context, input *ListSAMLProvidersInput, opts ...request.Option) (*ListSAMLProvidersOutput, error) {
11150	req, out := c.ListSAMLProvidersRequest(input)
11151	req.SetContext(ctx)
11152	req.ApplyOptions(opts...)
11153	return out, req.Send()
11154}
11155
11156const opListSSHPublicKeys = "ListSSHPublicKeys"
11157
11158// ListSSHPublicKeysRequest generates a "aws/request.Request" representing the
11159// client's request for the ListSSHPublicKeys operation. The "output" return
11160// value will be populated with the request's response once the request completes
11161// successfully.
11162//
11163// Use "Send" method on the returned Request to send the API call to the service.
11164// the "output" return value is not valid until after Send returns without error.
11165//
11166// See ListSSHPublicKeys for more information on using the ListSSHPublicKeys
11167// API call, and error handling.
11168//
11169// This method is useful when you want to inject custom logic or configuration
11170// into the SDK's request lifecycle. Such as custom headers, or retry logic.
11171//
11172//
11173//    // Example sending a request using the ListSSHPublicKeysRequest method.
11174//    req, resp := client.ListSSHPublicKeysRequest(params)
11175//
11176//    err := req.Send()
11177//    if err == nil { // resp is now filled
11178//        fmt.Println(resp)
11179//    }
11180//
11181// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListSSHPublicKeys
11182func (c *IAM) ListSSHPublicKeysRequest(input *ListSSHPublicKeysInput) (req *request.Request, output *ListSSHPublicKeysOutput) {
11183	op := &request.Operation{
11184		Name:       opListSSHPublicKeys,
11185		HTTPMethod: "POST",
11186		HTTPPath:   "/",
11187		Paginator: &request.Paginator{
11188			InputTokens:     []string{"Marker"},
11189			OutputTokens:    []string{"Marker"},
11190			LimitToken:      "MaxItems",
11191			TruncationToken: "IsTruncated",
11192		},
11193	}
11194
11195	if input == nil {
11196		input = &ListSSHPublicKeysInput{}
11197	}
11198
11199	output = &ListSSHPublicKeysOutput{}
11200	req = c.newRequest(op, input, output)
11201	return
11202}
11203
11204// ListSSHPublicKeys API operation for AWS Identity and Access Management.
11205//
11206// Returns information about the SSH public keys associated with the specified
11207// IAM user. If none exists, the operation returns an empty list.
11208//
11209// The SSH public keys returned by this operation are used only for authenticating
11210// the IAM user to an AWS CodeCommit repository. For more information about
11211// using SSH keys to authenticate to an AWS CodeCommit repository, see Set up
11212// AWS CodeCommit for SSH connections (https://docs.aws.amazon.com/codecommit/latest/userguide/setting-up-credentials-ssh.html)
11213// in the AWS CodeCommit User Guide.
11214//
11215// Although each user is limited to a small number of keys, you can still paginate
11216// the results using the MaxItems and Marker parameters.
11217//
11218// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
11219// with awserr.Error's Code and Message methods to get detailed information about
11220// the error.
11221//
11222// See the AWS API reference guide for AWS Identity and Access Management's
11223// API operation ListSSHPublicKeys for usage and error information.
11224//
11225// Returned Error Codes:
11226//   * ErrCodeNoSuchEntityException "NoSuchEntity"
11227//   The request was rejected because it referenced a resource entity that does
11228//   not exist. The error message describes the resource.
11229//
11230// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListSSHPublicKeys
11231func (c *IAM) ListSSHPublicKeys(input *ListSSHPublicKeysInput) (*ListSSHPublicKeysOutput, error) {
11232	req, out := c.ListSSHPublicKeysRequest(input)
11233	return out, req.Send()
11234}
11235
11236// ListSSHPublicKeysWithContext is the same as ListSSHPublicKeys with the addition of
11237// the ability to pass a context and additional request options.
11238//
11239// See ListSSHPublicKeys for details on how to use this API operation.
11240//
11241// The context must be non-nil and will be used for request cancellation. If
11242// the context is nil a panic will occur. In the future the SDK may create
11243// sub-contexts for http.Requests. See https://golang.org/pkg/context/
11244// for more information on using Contexts.
11245func (c *IAM) ListSSHPublicKeysWithContext(ctx aws.Context, input *ListSSHPublicKeysInput, opts ...request.Option) (*ListSSHPublicKeysOutput, error) {
11246	req, out := c.ListSSHPublicKeysRequest(input)
11247	req.SetContext(ctx)
11248	req.ApplyOptions(opts...)
11249	return out, req.Send()
11250}
11251
11252// ListSSHPublicKeysPages iterates over the pages of a ListSSHPublicKeys operation,
11253// calling the "fn" function with the response data for each page. To stop
11254// iterating, return false from the fn function.
11255//
11256// See ListSSHPublicKeys method for more information on how to use this operation.
11257//
11258// Note: This operation can generate multiple requests to a service.
11259//
11260//    // Example iterating over at most 3 pages of a ListSSHPublicKeys operation.
11261//    pageNum := 0
11262//    err := client.ListSSHPublicKeysPages(params,
11263//        func(page *iam.ListSSHPublicKeysOutput, lastPage bool) bool {
11264//            pageNum++
11265//            fmt.Println(page)
11266//            return pageNum <= 3
11267//        })
11268//
11269func (c *IAM) ListSSHPublicKeysPages(input *ListSSHPublicKeysInput, fn func(*ListSSHPublicKeysOutput, bool) bool) error {
11270	return c.ListSSHPublicKeysPagesWithContext(aws.BackgroundContext(), input, fn)
11271}
11272
11273// ListSSHPublicKeysPagesWithContext same as ListSSHPublicKeysPages except
11274// it takes a Context and allows setting request options on the pages.
11275//
11276// The context must be non-nil and will be used for request cancellation. If
11277// the context is nil a panic will occur. In the future the SDK may create
11278// sub-contexts for http.Requests. See https://golang.org/pkg/context/
11279// for more information on using Contexts.
11280func (c *IAM) ListSSHPublicKeysPagesWithContext(ctx aws.Context, input *ListSSHPublicKeysInput, fn func(*ListSSHPublicKeysOutput, bool) bool, opts ...request.Option) error {
11281	p := request.Pagination{
11282		NewRequest: func() (*request.Request, error) {
11283			var inCpy *ListSSHPublicKeysInput
11284			if input != nil {
11285				tmp := *input
11286				inCpy = &tmp
11287			}
11288			req, _ := c.ListSSHPublicKeysRequest(inCpy)
11289			req.SetContext(ctx)
11290			req.ApplyOptions(opts...)
11291			return req, nil
11292		},
11293	}
11294
11295	for p.Next() {
11296		if !fn(p.Page().(*ListSSHPublicKeysOutput), !p.HasNextPage()) {
11297			break
11298		}
11299	}
11300
11301	return p.Err()
11302}
11303
11304const opListServerCertificateTags = "ListServerCertificateTags"
11305
11306// ListServerCertificateTagsRequest generates a "aws/request.Request" representing the
11307// client's request for the ListServerCertificateTags operation. The "output" return
11308// value will be populated with the request's response once the request completes
11309// successfully.
11310//
11311// Use "Send" method on the returned Request to send the API call to the service.
11312// the "output" return value is not valid until after Send returns without error.
11313//
11314// See ListServerCertificateTags for more information on using the ListServerCertificateTags
11315// API call, and error handling.
11316//
11317// This method is useful when you want to inject custom logic or configuration
11318// into the SDK's request lifecycle. Such as custom headers, or retry logic.
11319//
11320//
11321//    // Example sending a request using the ListServerCertificateTagsRequest method.
11322//    req, resp := client.ListServerCertificateTagsRequest(params)
11323//
11324//    err := req.Send()
11325//    if err == nil { // resp is now filled
11326//        fmt.Println(resp)
11327//    }
11328//
11329// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListServerCertificateTags
11330func (c *IAM) ListServerCertificateTagsRequest(input *ListServerCertificateTagsInput) (req *request.Request, output *ListServerCertificateTagsOutput) {
11331	op := &request.Operation{
11332		Name:       opListServerCertificateTags,
11333		HTTPMethod: "POST",
11334		HTTPPath:   "/",
11335	}
11336
11337	if input == nil {
11338		input = &ListServerCertificateTagsInput{}
11339	}
11340
11341	output = &ListServerCertificateTagsOutput{}
11342	req = c.newRequest(op, input, output)
11343	return
11344}
11345
11346// ListServerCertificateTags API operation for AWS Identity and Access Management.
11347//
11348// Lists the tags that are attached to the specified IAM server certificate.
11349// The returned list of tags is sorted by tag key. For more information about
11350// tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
11351// in the IAM User Guide.
11352//
11353// For certificates in a Region supported by AWS Certificate Manager (ACM),
11354// we recommend that you don't use IAM server certificates. Instead, use ACM
11355// to provision, manage, and deploy your server certificates. For more information
11356// about IAM server certificates, Working with server certificates (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_server-certs.html)
11357// in the IAM User Guide.
11358//
11359// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
11360// with awserr.Error's Code and Message methods to get detailed information about
11361// the error.
11362//
11363// See the AWS API reference guide for AWS Identity and Access Management's
11364// API operation ListServerCertificateTags for usage and error information.
11365//
11366// Returned Error Codes:
11367//   * ErrCodeNoSuchEntityException "NoSuchEntity"
11368//   The request was rejected because it referenced a resource entity that does
11369//   not exist. The error message describes the resource.
11370//
11371//   * ErrCodeServiceFailureException "ServiceFailure"
11372//   The request processing has failed because of an unknown error, exception
11373//   or failure.
11374//
11375// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListServerCertificateTags
11376func (c *IAM) ListServerCertificateTags(input *ListServerCertificateTagsInput) (*ListServerCertificateTagsOutput, error) {
11377	req, out := c.ListServerCertificateTagsRequest(input)
11378	return out, req.Send()
11379}
11380
11381// ListServerCertificateTagsWithContext is the same as ListServerCertificateTags with the addition of
11382// the ability to pass a context and additional request options.
11383//
11384// See ListServerCertificateTags for details on how to use this API operation.
11385//
11386// The context must be non-nil and will be used for request cancellation. If
11387// the context is nil a panic will occur. In the future the SDK may create
11388// sub-contexts for http.Requests. See https://golang.org/pkg/context/
11389// for more information on using Contexts.
11390func (c *IAM) ListServerCertificateTagsWithContext(ctx aws.Context, input *ListServerCertificateTagsInput, opts ...request.Option) (*ListServerCertificateTagsOutput, error) {
11391	req, out := c.ListServerCertificateTagsRequest(input)
11392	req.SetContext(ctx)
11393	req.ApplyOptions(opts...)
11394	return out, req.Send()
11395}
11396
11397const opListServerCertificates = "ListServerCertificates"
11398
11399// ListServerCertificatesRequest generates a "aws/request.Request" representing the
11400// client's request for the ListServerCertificates operation. The "output" return
11401// value will be populated with the request's response once the request completes
11402// successfully.
11403//
11404// Use "Send" method on the returned Request to send the API call to the service.
11405// the "output" return value is not valid until after Send returns without error.
11406//
11407// See ListServerCertificates for more information on using the ListServerCertificates
11408// API call, and error handling.
11409//
11410// This method is useful when you want to inject custom logic or configuration
11411// into the SDK's request lifecycle. Such as custom headers, or retry logic.
11412//
11413//
11414//    // Example sending a request using the ListServerCertificatesRequest method.
11415//    req, resp := client.ListServerCertificatesRequest(params)
11416//
11417//    err := req.Send()
11418//    if err == nil { // resp is now filled
11419//        fmt.Println(resp)
11420//    }
11421//
11422// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListServerCertificates
11423func (c *IAM) ListServerCertificatesRequest(input *ListServerCertificatesInput) (req *request.Request, output *ListServerCertificatesOutput) {
11424	op := &request.Operation{
11425		Name:       opListServerCertificates,
11426		HTTPMethod: "POST",
11427		HTTPPath:   "/",
11428		Paginator: &request.Paginator{
11429			InputTokens:     []string{"Marker"},
11430			OutputTokens:    []string{"Marker"},
11431			LimitToken:      "MaxItems",
11432			TruncationToken: "IsTruncated",
11433		},
11434	}
11435
11436	if input == nil {
11437		input = &ListServerCertificatesInput{}
11438	}
11439
11440	output = &ListServerCertificatesOutput{}
11441	req = c.newRequest(op, input, output)
11442	return
11443}
11444
11445// ListServerCertificates API operation for AWS Identity and Access Management.
11446//
11447// Lists the server certificates stored in IAM that have the specified path
11448// prefix. If none exist, the operation returns an empty list.
11449//
11450// You can paginate the results using the MaxItems and Marker parameters.
11451//
11452// For more information about working with server certificates, see Working
11453// with server certificates (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_server-certs.html)
11454// in the IAM User Guide. This topic also includes a list of AWS services that
11455// can use the server certificates that you manage with IAM.
11456//
11457// IAM resource-listing operations return a subset of the available attributes
11458// for the resource. For example, this operation does not return tags, even
11459// though they are an attribute of the returned object. To view all of the information
11460// for a servercertificate, see GetServerCertificate.
11461//
11462// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
11463// with awserr.Error's Code and Message methods to get detailed information about
11464// the error.
11465//
11466// See the AWS API reference guide for AWS Identity and Access Management's
11467// API operation ListServerCertificates for usage and error information.
11468//
11469// Returned Error Codes:
11470//   * ErrCodeServiceFailureException "ServiceFailure"
11471//   The request processing has failed because of an unknown error, exception
11472//   or failure.
11473//
11474// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListServerCertificates
11475func (c *IAM) ListServerCertificates(input *ListServerCertificatesInput) (*ListServerCertificatesOutput, error) {
11476	req, out := c.ListServerCertificatesRequest(input)
11477	return out, req.Send()
11478}
11479
11480// ListServerCertificatesWithContext is the same as ListServerCertificates with the addition of
11481// the ability to pass a context and additional request options.
11482//
11483// See ListServerCertificates for details on how to use this API operation.
11484//
11485// The context must be non-nil and will be used for request cancellation. If
11486// the context is nil a panic will occur. In the future the SDK may create
11487// sub-contexts for http.Requests. See https://golang.org/pkg/context/
11488// for more information on using Contexts.
11489func (c *IAM) ListServerCertificatesWithContext(ctx aws.Context, input *ListServerCertificatesInput, opts ...request.Option) (*ListServerCertificatesOutput, error) {
11490	req, out := c.ListServerCertificatesRequest(input)
11491	req.SetContext(ctx)
11492	req.ApplyOptions(opts...)
11493	return out, req.Send()
11494}
11495
11496// ListServerCertificatesPages iterates over the pages of a ListServerCertificates operation,
11497// calling the "fn" function with the response data for each page. To stop
11498// iterating, return false from the fn function.
11499//
11500// See ListServerCertificates method for more information on how to use this operation.
11501//
11502// Note: This operation can generate multiple requests to a service.
11503//
11504//    // Example iterating over at most 3 pages of a ListServerCertificates operation.
11505//    pageNum := 0
11506//    err := client.ListServerCertificatesPages(params,
11507//        func(page *iam.ListServerCertificatesOutput, lastPage bool) bool {
11508//            pageNum++
11509//            fmt.Println(page)
11510//            return pageNum <= 3
11511//        })
11512//
11513func (c *IAM) ListServerCertificatesPages(input *ListServerCertificatesInput, fn func(*ListServerCertificatesOutput, bool) bool) error {
11514	return c.ListServerCertificatesPagesWithContext(aws.BackgroundContext(), input, fn)
11515}
11516
11517// ListServerCertificatesPagesWithContext same as ListServerCertificatesPages except
11518// it takes a Context and allows setting request options on the pages.
11519//
11520// The context must be non-nil and will be used for request cancellation. If
11521// the context is nil a panic will occur. In the future the SDK may create
11522// sub-contexts for http.Requests. See https://golang.org/pkg/context/
11523// for more information on using Contexts.
11524func (c *IAM) ListServerCertificatesPagesWithContext(ctx aws.Context, input *ListServerCertificatesInput, fn func(*ListServerCertificatesOutput, bool) bool, opts ...request.Option) error {
11525	p := request.Pagination{
11526		NewRequest: func() (*request.Request, error) {
11527			var inCpy *ListServerCertificatesInput
11528			if input != nil {
11529				tmp := *input
11530				inCpy = &tmp
11531			}
11532			req, _ := c.ListServerCertificatesRequest(inCpy)
11533			req.SetContext(ctx)
11534			req.ApplyOptions(opts...)
11535			return req, nil
11536		},
11537	}
11538
11539	for p.Next() {
11540		if !fn(p.Page().(*ListServerCertificatesOutput), !p.HasNextPage()) {
11541			break
11542		}
11543	}
11544
11545	return p.Err()
11546}
11547
11548const opListServiceSpecificCredentials = "ListServiceSpecificCredentials"
11549
11550// ListServiceSpecificCredentialsRequest generates a "aws/request.Request" representing the
11551// client's request for the ListServiceSpecificCredentials operation. The "output" return
11552// value will be populated with the request's response once the request completes
11553// successfully.
11554//
11555// Use "Send" method on the returned Request to send the API call to the service.
11556// the "output" return value is not valid until after Send returns without error.
11557//
11558// See ListServiceSpecificCredentials for more information on using the ListServiceSpecificCredentials
11559// API call, and error handling.
11560//
11561// This method is useful when you want to inject custom logic or configuration
11562// into the SDK's request lifecycle. Such as custom headers, or retry logic.
11563//
11564//
11565//    // Example sending a request using the ListServiceSpecificCredentialsRequest method.
11566//    req, resp := client.ListServiceSpecificCredentialsRequest(params)
11567//
11568//    err := req.Send()
11569//    if err == nil { // resp is now filled
11570//        fmt.Println(resp)
11571//    }
11572//
11573// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListServiceSpecificCredentials
11574func (c *IAM) ListServiceSpecificCredentialsRequest(input *ListServiceSpecificCredentialsInput) (req *request.Request, output *ListServiceSpecificCredentialsOutput) {
11575	op := &request.Operation{
11576		Name:       opListServiceSpecificCredentials,
11577		HTTPMethod: "POST",
11578		HTTPPath:   "/",
11579	}
11580
11581	if input == nil {
11582		input = &ListServiceSpecificCredentialsInput{}
11583	}
11584
11585	output = &ListServiceSpecificCredentialsOutput{}
11586	req = c.newRequest(op, input, output)
11587	return
11588}
11589
11590// ListServiceSpecificCredentials API operation for AWS Identity and Access Management.
11591//
11592// Returns information about the service-specific credentials associated with
11593// the specified IAM user. If none exists, the operation returns an empty list.
11594// The service-specific credentials returned by this operation are used only
11595// for authenticating the IAM user to a specific service. For more information
11596// about using service-specific credentials to authenticate to an AWS service,
11597// see Set up service-specific credentials (https://docs.aws.amazon.com/codecommit/latest/userguide/setting-up-gc.html)
11598// in the AWS CodeCommit User Guide.
11599//
11600// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
11601// with awserr.Error's Code and Message methods to get detailed information about
11602// the error.
11603//
11604// See the AWS API reference guide for AWS Identity and Access Management's
11605// API operation ListServiceSpecificCredentials for usage and error information.
11606//
11607// Returned Error Codes:
11608//   * ErrCodeNoSuchEntityException "NoSuchEntity"
11609//   The request was rejected because it referenced a resource entity that does
11610//   not exist. The error message describes the resource.
11611//
11612//   * ErrCodeServiceNotSupportedException "NotSupportedService"
11613//   The specified service does not support service-specific credentials.
11614//
11615// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListServiceSpecificCredentials
11616func (c *IAM) ListServiceSpecificCredentials(input *ListServiceSpecificCredentialsInput) (*ListServiceSpecificCredentialsOutput, error) {
11617	req, out := c.ListServiceSpecificCredentialsRequest(input)
11618	return out, req.Send()
11619}
11620
11621// ListServiceSpecificCredentialsWithContext is the same as ListServiceSpecificCredentials with the addition of
11622// the ability to pass a context and additional request options.
11623//
11624// See ListServiceSpecificCredentials for details on how to use this API operation.
11625//
11626// The context must be non-nil and will be used for request cancellation. If
11627// the context is nil a panic will occur. In the future the SDK may create
11628// sub-contexts for http.Requests. See https://golang.org/pkg/context/
11629// for more information on using Contexts.
11630func (c *IAM) ListServiceSpecificCredentialsWithContext(ctx aws.Context, input *ListServiceSpecificCredentialsInput, opts ...request.Option) (*ListServiceSpecificCredentialsOutput, error) {
11631	req, out := c.ListServiceSpecificCredentialsRequest(input)
11632	req.SetContext(ctx)
11633	req.ApplyOptions(opts...)
11634	return out, req.Send()
11635}
11636
11637const opListSigningCertificates = "ListSigningCertificates"
11638
11639// ListSigningCertificatesRequest generates a "aws/request.Request" representing the
11640// client's request for the ListSigningCertificates operation. The "output" return
11641// value will be populated with the request's response once the request completes
11642// successfully.
11643//
11644// Use "Send" method on the returned Request to send the API call to the service.
11645// the "output" return value is not valid until after Send returns without error.
11646//
11647// See ListSigningCertificates for more information on using the ListSigningCertificates
11648// API call, and error handling.
11649//
11650// This method is useful when you want to inject custom logic or configuration
11651// into the SDK's request lifecycle. Such as custom headers, or retry logic.
11652//
11653//
11654//    // Example sending a request using the ListSigningCertificatesRequest method.
11655//    req, resp := client.ListSigningCertificatesRequest(params)
11656//
11657//    err := req.Send()
11658//    if err == nil { // resp is now filled
11659//        fmt.Println(resp)
11660//    }
11661//
11662// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListSigningCertificates
11663func (c *IAM) ListSigningCertificatesRequest(input *ListSigningCertificatesInput) (req *request.Request, output *ListSigningCertificatesOutput) {
11664	op := &request.Operation{
11665		Name:       opListSigningCertificates,
11666		HTTPMethod: "POST",
11667		HTTPPath:   "/",
11668		Paginator: &request.Paginator{
11669			InputTokens:     []string{"Marker"},
11670			OutputTokens:    []string{"Marker"},
11671			LimitToken:      "MaxItems",
11672			TruncationToken: "IsTruncated",
11673		},
11674	}
11675
11676	if input == nil {
11677		input = &ListSigningCertificatesInput{}
11678	}
11679
11680	output = &ListSigningCertificatesOutput{}
11681	req = c.newRequest(op, input, output)
11682	return
11683}
11684
11685// ListSigningCertificates API operation for AWS Identity and Access Management.
11686//
11687// Returns information about the signing certificates associated with the specified
11688// IAM user. If none exists, the operation returns an empty list.
11689//
11690// Although each user is limited to a small number of signing certificates,
11691// you can still paginate the results using the MaxItems and Marker parameters.
11692//
11693// If the UserName field is not specified, the user name is determined implicitly
11694// based on the AWS access key ID used to sign the request for this operation.
11695// This operation works for access keys under the AWS account. Consequently,
11696// you can use this operation to manage AWS account root user credentials even
11697// if the AWS account has no associated users.
11698//
11699// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
11700// with awserr.Error's Code and Message methods to get detailed information about
11701// the error.
11702//
11703// See the AWS API reference guide for AWS Identity and Access Management's
11704// API operation ListSigningCertificates for usage and error information.
11705//
11706// Returned Error Codes:
11707//   * ErrCodeNoSuchEntityException "NoSuchEntity"
11708//   The request was rejected because it referenced a resource entity that does
11709//   not exist. The error message describes the resource.
11710//
11711//   * ErrCodeServiceFailureException "ServiceFailure"
11712//   The request processing has failed because of an unknown error, exception
11713//   or failure.
11714//
11715// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListSigningCertificates
11716func (c *IAM) ListSigningCertificates(input *ListSigningCertificatesInput) (*ListSigningCertificatesOutput, error) {
11717	req, out := c.ListSigningCertificatesRequest(input)
11718	return out, req.Send()
11719}
11720
11721// ListSigningCertificatesWithContext is the same as ListSigningCertificates with the addition of
11722// the ability to pass a context and additional request options.
11723//
11724// See ListSigningCertificates for details on how to use this API operation.
11725//
11726// The context must be non-nil and will be used for request cancellation. If
11727// the context is nil a panic will occur. In the future the SDK may create
11728// sub-contexts for http.Requests. See https://golang.org/pkg/context/
11729// for more information on using Contexts.
11730func (c *IAM) ListSigningCertificatesWithContext(ctx aws.Context, input *ListSigningCertificatesInput, opts ...request.Option) (*ListSigningCertificatesOutput, error) {
11731	req, out := c.ListSigningCertificatesRequest(input)
11732	req.SetContext(ctx)
11733	req.ApplyOptions(opts...)
11734	return out, req.Send()
11735}
11736
11737// ListSigningCertificatesPages iterates over the pages of a ListSigningCertificates operation,
11738// calling the "fn" function with the response data for each page. To stop
11739// iterating, return false from the fn function.
11740//
11741// See ListSigningCertificates method for more information on how to use this operation.
11742//
11743// Note: This operation can generate multiple requests to a service.
11744//
11745//    // Example iterating over at most 3 pages of a ListSigningCertificates operation.
11746//    pageNum := 0
11747//    err := client.ListSigningCertificatesPages(params,
11748//        func(page *iam.ListSigningCertificatesOutput, lastPage bool) bool {
11749//            pageNum++
11750//            fmt.Println(page)
11751//            return pageNum <= 3
11752//        })
11753//
11754func (c *IAM) ListSigningCertificatesPages(input *ListSigningCertificatesInput, fn func(*ListSigningCertificatesOutput, bool) bool) error {
11755	return c.ListSigningCertificatesPagesWithContext(aws.BackgroundContext(), input, fn)
11756}
11757
11758// ListSigningCertificatesPagesWithContext same as ListSigningCertificatesPages except
11759// it takes a Context and allows setting request options on the pages.
11760//
11761// The context must be non-nil and will be used for request cancellation. If
11762// the context is nil a panic will occur. In the future the SDK may create
11763// sub-contexts for http.Requests. See https://golang.org/pkg/context/
11764// for more information on using Contexts.
11765func (c *IAM) ListSigningCertificatesPagesWithContext(ctx aws.Context, input *ListSigningCertificatesInput, fn func(*ListSigningCertificatesOutput, bool) bool, opts ...request.Option) error {
11766	p := request.Pagination{
11767		NewRequest: func() (*request.Request, error) {
11768			var inCpy *ListSigningCertificatesInput
11769			if input != nil {
11770				tmp := *input
11771				inCpy = &tmp
11772			}
11773			req, _ := c.ListSigningCertificatesRequest(inCpy)
11774			req.SetContext(ctx)
11775			req.ApplyOptions(opts...)
11776			return req, nil
11777		},
11778	}
11779
11780	for p.Next() {
11781		if !fn(p.Page().(*ListSigningCertificatesOutput), !p.HasNextPage()) {
11782			break
11783		}
11784	}
11785
11786	return p.Err()
11787}
11788
11789const opListUserPolicies = "ListUserPolicies"
11790
11791// ListUserPoliciesRequest generates a "aws/request.Request" representing the
11792// client's request for the ListUserPolicies operation. The "output" return
11793// value will be populated with the request's response once the request completes
11794// successfully.
11795//
11796// Use "Send" method on the returned Request to send the API call to the service.
11797// the "output" return value is not valid until after Send returns without error.
11798//
11799// See ListUserPolicies for more information on using the ListUserPolicies
11800// API call, and error handling.
11801//
11802// This method is useful when you want to inject custom logic or configuration
11803// into the SDK's request lifecycle. Such as custom headers, or retry logic.
11804//
11805//
11806//    // Example sending a request using the ListUserPoliciesRequest method.
11807//    req, resp := client.ListUserPoliciesRequest(params)
11808//
11809//    err := req.Send()
11810//    if err == nil { // resp is now filled
11811//        fmt.Println(resp)
11812//    }
11813//
11814// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListUserPolicies
11815func (c *IAM) ListUserPoliciesRequest(input *ListUserPoliciesInput) (req *request.Request, output *ListUserPoliciesOutput) {
11816	op := &request.Operation{
11817		Name:       opListUserPolicies,
11818		HTTPMethod: "POST",
11819		HTTPPath:   "/",
11820		Paginator: &request.Paginator{
11821			InputTokens:     []string{"Marker"},
11822			OutputTokens:    []string{"Marker"},
11823			LimitToken:      "MaxItems",
11824			TruncationToken: "IsTruncated",
11825		},
11826	}
11827
11828	if input == nil {
11829		input = &ListUserPoliciesInput{}
11830	}
11831
11832	output = &ListUserPoliciesOutput{}
11833	req = c.newRequest(op, input, output)
11834	return
11835}
11836
11837// ListUserPolicies API operation for AWS Identity and Access Management.
11838//
11839// Lists the names of the inline policies embedded in the specified IAM user.
11840//
11841// An IAM user can also have managed policies attached to it. To list the managed
11842// policies that are attached to a user, use ListAttachedUserPolicies. For more
11843// information about policies, see Managed policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
11844// in the IAM User Guide.
11845//
11846// You can paginate the results using the MaxItems and Marker parameters. If
11847// there are no inline policies embedded with the specified user, the operation
11848// returns an empty list.
11849//
11850// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
11851// with awserr.Error's Code and Message methods to get detailed information about
11852// the error.
11853//
11854// See the AWS API reference guide for AWS Identity and Access Management's
11855// API operation ListUserPolicies for usage and error information.
11856//
11857// Returned Error Codes:
11858//   * ErrCodeNoSuchEntityException "NoSuchEntity"
11859//   The request was rejected because it referenced a resource entity that does
11860//   not exist. The error message describes the resource.
11861//
11862//   * ErrCodeServiceFailureException "ServiceFailure"
11863//   The request processing has failed because of an unknown error, exception
11864//   or failure.
11865//
11866// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListUserPolicies
11867func (c *IAM) ListUserPolicies(input *ListUserPoliciesInput) (*ListUserPoliciesOutput, error) {
11868	req, out := c.ListUserPoliciesRequest(input)
11869	return out, req.Send()
11870}
11871
11872// ListUserPoliciesWithContext is the same as ListUserPolicies with the addition of
11873// the ability to pass a context and additional request options.
11874//
11875// See ListUserPolicies for details on how to use this API operation.
11876//
11877// The context must be non-nil and will be used for request cancellation. If
11878// the context is nil a panic will occur. In the future the SDK may create
11879// sub-contexts for http.Requests. See https://golang.org/pkg/context/
11880// for more information on using Contexts.
11881func (c *IAM) ListUserPoliciesWithContext(ctx aws.Context, input *ListUserPoliciesInput, opts ...request.Option) (*ListUserPoliciesOutput, error) {
11882	req, out := c.ListUserPoliciesRequest(input)
11883	req.SetContext(ctx)
11884	req.ApplyOptions(opts...)
11885	return out, req.Send()
11886}
11887
11888// ListUserPoliciesPages iterates over the pages of a ListUserPolicies operation,
11889// calling the "fn" function with the response data for each page. To stop
11890// iterating, return false from the fn function.
11891//
11892// See ListUserPolicies method for more information on how to use this operation.
11893//
11894// Note: This operation can generate multiple requests to a service.
11895//
11896//    // Example iterating over at most 3 pages of a ListUserPolicies operation.
11897//    pageNum := 0
11898//    err := client.ListUserPoliciesPages(params,
11899//        func(page *iam.ListUserPoliciesOutput, lastPage bool) bool {
11900//            pageNum++
11901//            fmt.Println(page)
11902//            return pageNum <= 3
11903//        })
11904//
11905func (c *IAM) ListUserPoliciesPages(input *ListUserPoliciesInput, fn func(*ListUserPoliciesOutput, bool) bool) error {
11906	return c.ListUserPoliciesPagesWithContext(aws.BackgroundContext(), input, fn)
11907}
11908
11909// ListUserPoliciesPagesWithContext same as ListUserPoliciesPages except
11910// it takes a Context and allows setting request options on the pages.
11911//
11912// The context must be non-nil and will be used for request cancellation. If
11913// the context is nil a panic will occur. In the future the SDK may create
11914// sub-contexts for http.Requests. See https://golang.org/pkg/context/
11915// for more information on using Contexts.
11916func (c *IAM) ListUserPoliciesPagesWithContext(ctx aws.Context, input *ListUserPoliciesInput, fn func(*ListUserPoliciesOutput, bool) bool, opts ...request.Option) error {
11917	p := request.Pagination{
11918		NewRequest: func() (*request.Request, error) {
11919			var inCpy *ListUserPoliciesInput
11920			if input != nil {
11921				tmp := *input
11922				inCpy = &tmp
11923			}
11924			req, _ := c.ListUserPoliciesRequest(inCpy)
11925			req.SetContext(ctx)
11926			req.ApplyOptions(opts...)
11927			return req, nil
11928		},
11929	}
11930
11931	for p.Next() {
11932		if !fn(p.Page().(*ListUserPoliciesOutput), !p.HasNextPage()) {
11933			break
11934		}
11935	}
11936
11937	return p.Err()
11938}
11939
11940const opListUserTags = "ListUserTags"
11941
11942// ListUserTagsRequest generates a "aws/request.Request" representing the
11943// client's request for the ListUserTags operation. The "output" return
11944// value will be populated with the request's response once the request completes
11945// successfully.
11946//
11947// Use "Send" method on the returned Request to send the API call to the service.
11948// the "output" return value is not valid until after Send returns without error.
11949//
11950// See ListUserTags for more information on using the ListUserTags
11951// API call, and error handling.
11952//
11953// This method is useful when you want to inject custom logic or configuration
11954// into the SDK's request lifecycle. Such as custom headers, or retry logic.
11955//
11956//
11957//    // Example sending a request using the ListUserTagsRequest method.
11958//    req, resp := client.ListUserTagsRequest(params)
11959//
11960//    err := req.Send()
11961//    if err == nil { // resp is now filled
11962//        fmt.Println(resp)
11963//    }
11964//
11965// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListUserTags
11966func (c *IAM) ListUserTagsRequest(input *ListUserTagsInput) (req *request.Request, output *ListUserTagsOutput) {
11967	op := &request.Operation{
11968		Name:       opListUserTags,
11969		HTTPMethod: "POST",
11970		HTTPPath:   "/",
11971	}
11972
11973	if input == nil {
11974		input = &ListUserTagsInput{}
11975	}
11976
11977	output = &ListUserTagsOutput{}
11978	req = c.newRequest(op, input, output)
11979	return
11980}
11981
11982// ListUserTags API operation for AWS Identity and Access Management.
11983//
11984// Lists the tags that are attached to the specified IAM user. The returned
11985// list of tags is sorted by tag key. For more information about tagging, see
11986// Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
11987// in the IAM User Guide.
11988//
11989// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
11990// with awserr.Error's Code and Message methods to get detailed information about
11991// the error.
11992//
11993// See the AWS API reference guide for AWS Identity and Access Management's
11994// API operation ListUserTags for usage and error information.
11995//
11996// Returned Error Codes:
11997//   * ErrCodeNoSuchEntityException "NoSuchEntity"
11998//   The request was rejected because it referenced a resource entity that does
11999//   not exist. The error message describes the resource.
12000//
12001//   * ErrCodeServiceFailureException "ServiceFailure"
12002//   The request processing has failed because of an unknown error, exception
12003//   or failure.
12004//
12005// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListUserTags
12006func (c *IAM) ListUserTags(input *ListUserTagsInput) (*ListUserTagsOutput, error) {
12007	req, out := c.ListUserTagsRequest(input)
12008	return out, req.Send()
12009}
12010
12011// ListUserTagsWithContext is the same as ListUserTags with the addition of
12012// the ability to pass a context and additional request options.
12013//
12014// See ListUserTags for details on how to use this API operation.
12015//
12016// The context must be non-nil and will be used for request cancellation. If
12017// the context is nil a panic will occur. In the future the SDK may create
12018// sub-contexts for http.Requests. See https://golang.org/pkg/context/
12019// for more information on using Contexts.
12020func (c *IAM) ListUserTagsWithContext(ctx aws.Context, input *ListUserTagsInput, opts ...request.Option) (*ListUserTagsOutput, error) {
12021	req, out := c.ListUserTagsRequest(input)
12022	req.SetContext(ctx)
12023	req.ApplyOptions(opts...)
12024	return out, req.Send()
12025}
12026
12027const opListUsers = "ListUsers"
12028
12029// ListUsersRequest generates a "aws/request.Request" representing the
12030// client's request for the ListUsers operation. The "output" return
12031// value will be populated with the request's response once the request completes
12032// successfully.
12033//
12034// Use "Send" method on the returned Request to send the API call to the service.
12035// the "output" return value is not valid until after Send returns without error.
12036//
12037// See ListUsers for more information on using the ListUsers
12038// API call, and error handling.
12039//
12040// This method is useful when you want to inject custom logic or configuration
12041// into the SDK's request lifecycle. Such as custom headers, or retry logic.
12042//
12043//
12044//    // Example sending a request using the ListUsersRequest method.
12045//    req, resp := client.ListUsersRequest(params)
12046//
12047//    err := req.Send()
12048//    if err == nil { // resp is now filled
12049//        fmt.Println(resp)
12050//    }
12051//
12052// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListUsers
12053func (c *IAM) ListUsersRequest(input *ListUsersInput) (req *request.Request, output *ListUsersOutput) {
12054	op := &request.Operation{
12055		Name:       opListUsers,
12056		HTTPMethod: "POST",
12057		HTTPPath:   "/",
12058		Paginator: &request.Paginator{
12059			InputTokens:     []string{"Marker"},
12060			OutputTokens:    []string{"Marker"},
12061			LimitToken:      "MaxItems",
12062			TruncationToken: "IsTruncated",
12063		},
12064	}
12065
12066	if input == nil {
12067		input = &ListUsersInput{}
12068	}
12069
12070	output = &ListUsersOutput{}
12071	req = c.newRequest(op, input, output)
12072	return
12073}
12074
12075// ListUsers API operation for AWS Identity and Access Management.
12076//
12077// Lists the IAM users that have the specified path prefix. If no path prefix
12078// is specified, the operation returns all users in the AWS account. If there
12079// are none, the operation returns an empty list.
12080//
12081// IAM resource-listing operations return a subset of the available attributes
12082// for the resource. For example, this operation does not return tags, even
12083// though they are an attribute of the returned object. To view all of the information
12084// for a user, see GetUser.
12085//
12086// You can paginate the results using the MaxItems and Marker parameters.
12087//
12088// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
12089// with awserr.Error's Code and Message methods to get detailed information about
12090// the error.
12091//
12092// See the AWS API reference guide for AWS Identity and Access Management's
12093// API operation ListUsers for usage and error information.
12094//
12095// Returned Error Codes:
12096//   * ErrCodeServiceFailureException "ServiceFailure"
12097//   The request processing has failed because of an unknown error, exception
12098//   or failure.
12099//
12100// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListUsers
12101func (c *IAM) ListUsers(input *ListUsersInput) (*ListUsersOutput, error) {
12102	req, out := c.ListUsersRequest(input)
12103	return out, req.Send()
12104}
12105
12106// ListUsersWithContext is the same as ListUsers with the addition of
12107// the ability to pass a context and additional request options.
12108//
12109// See ListUsers for details on how to use this API operation.
12110//
12111// The context must be non-nil and will be used for request cancellation. If
12112// the context is nil a panic will occur. In the future the SDK may create
12113// sub-contexts for http.Requests. See https://golang.org/pkg/context/
12114// for more information on using Contexts.
12115func (c *IAM) ListUsersWithContext(ctx aws.Context, input *ListUsersInput, opts ...request.Option) (*ListUsersOutput, error) {
12116	req, out := c.ListUsersRequest(input)
12117	req.SetContext(ctx)
12118	req.ApplyOptions(opts...)
12119	return out, req.Send()
12120}
12121
12122// ListUsersPages iterates over the pages of a ListUsers operation,
12123// calling the "fn" function with the response data for each page. To stop
12124// iterating, return false from the fn function.
12125//
12126// See ListUsers method for more information on how to use this operation.
12127//
12128// Note: This operation can generate multiple requests to a service.
12129//
12130//    // Example iterating over at most 3 pages of a ListUsers operation.
12131//    pageNum := 0
12132//    err := client.ListUsersPages(params,
12133//        func(page *iam.ListUsersOutput, lastPage bool) bool {
12134//            pageNum++
12135//            fmt.Println(page)
12136//            return pageNum <= 3
12137//        })
12138//
12139func (c *IAM) ListUsersPages(input *ListUsersInput, fn func(*ListUsersOutput, bool) bool) error {
12140	return c.ListUsersPagesWithContext(aws.BackgroundContext(), input, fn)
12141}
12142
12143// ListUsersPagesWithContext same as ListUsersPages except
12144// it takes a Context and allows setting request options on the pages.
12145//
12146// The context must be non-nil and will be used for request cancellation. If
12147// the context is nil a panic will occur. In the future the SDK may create
12148// sub-contexts for http.Requests. See https://golang.org/pkg/context/
12149// for more information on using Contexts.
12150func (c *IAM) ListUsersPagesWithContext(ctx aws.Context, input *ListUsersInput, fn func(*ListUsersOutput, bool) bool, opts ...request.Option) error {
12151	p := request.Pagination{
12152		NewRequest: func() (*request.Request, error) {
12153			var inCpy *ListUsersInput
12154			if input != nil {
12155				tmp := *input
12156				inCpy = &tmp
12157			}
12158			req, _ := c.ListUsersRequest(inCpy)
12159			req.SetContext(ctx)
12160			req.ApplyOptions(opts...)
12161			return req, nil
12162		},
12163	}
12164
12165	for p.Next() {
12166		if !fn(p.Page().(*ListUsersOutput), !p.HasNextPage()) {
12167			break
12168		}
12169	}
12170
12171	return p.Err()
12172}
12173
12174const opListVirtualMFADevices = "ListVirtualMFADevices"
12175
12176// ListVirtualMFADevicesRequest generates a "aws/request.Request" representing the
12177// client's request for the ListVirtualMFADevices operation. The "output" return
12178// value will be populated with the request's response once the request completes
12179// successfully.
12180//
12181// Use "Send" method on the returned Request to send the API call to the service.
12182// the "output" return value is not valid until after Send returns without error.
12183//
12184// See ListVirtualMFADevices for more information on using the ListVirtualMFADevices
12185// API call, and error handling.
12186//
12187// This method is useful when you want to inject custom logic or configuration
12188// into the SDK's request lifecycle. Such as custom headers, or retry logic.
12189//
12190//
12191//    // Example sending a request using the ListVirtualMFADevicesRequest method.
12192//    req, resp := client.ListVirtualMFADevicesRequest(params)
12193//
12194//    err := req.Send()
12195//    if err == nil { // resp is now filled
12196//        fmt.Println(resp)
12197//    }
12198//
12199// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListVirtualMFADevices
12200func (c *IAM) ListVirtualMFADevicesRequest(input *ListVirtualMFADevicesInput) (req *request.Request, output *ListVirtualMFADevicesOutput) {
12201	op := &request.Operation{
12202		Name:       opListVirtualMFADevices,
12203		HTTPMethod: "POST",
12204		HTTPPath:   "/",
12205		Paginator: &request.Paginator{
12206			InputTokens:     []string{"Marker"},
12207			OutputTokens:    []string{"Marker"},
12208			LimitToken:      "MaxItems",
12209			TruncationToken: "IsTruncated",
12210		},
12211	}
12212
12213	if input == nil {
12214		input = &ListVirtualMFADevicesInput{}
12215	}
12216
12217	output = &ListVirtualMFADevicesOutput{}
12218	req = c.newRequest(op, input, output)
12219	return
12220}
12221
12222// ListVirtualMFADevices API operation for AWS Identity and Access Management.
12223//
12224// Lists the virtual MFA devices defined in the AWS account by assignment status.
12225// If you do not specify an assignment status, the operation returns a list
12226// of all virtual MFA devices. Assignment status can be Assigned, Unassigned,
12227// or Any.
12228//
12229// IAM resource-listing operations return a subset of the available attributes
12230// for the resource. For example, this operation does not return tags, even
12231// though they are an attribute of the returned object. To view all of the information
12232// for a virtual MFA device, see ListVirtualMFADevices.
12233//
12234// You can paginate the results using the MaxItems and Marker parameters.
12235//
12236// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
12237// with awserr.Error's Code and Message methods to get detailed information about
12238// the error.
12239//
12240// See the AWS API reference guide for AWS Identity and Access Management's
12241// API operation ListVirtualMFADevices for usage and error information.
12242// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListVirtualMFADevices
12243func (c *IAM) ListVirtualMFADevices(input *ListVirtualMFADevicesInput) (*ListVirtualMFADevicesOutput, error) {
12244	req, out := c.ListVirtualMFADevicesRequest(input)
12245	return out, req.Send()
12246}
12247
12248// ListVirtualMFADevicesWithContext is the same as ListVirtualMFADevices with the addition of
12249// the ability to pass a context and additional request options.
12250//
12251// See ListVirtualMFADevices for details on how to use this API operation.
12252//
12253// The context must be non-nil and will be used for request cancellation. If
12254// the context is nil a panic will occur. In the future the SDK may create
12255// sub-contexts for http.Requests. See https://golang.org/pkg/context/
12256// for more information on using Contexts.
12257func (c *IAM) ListVirtualMFADevicesWithContext(ctx aws.Context, input *ListVirtualMFADevicesInput, opts ...request.Option) (*ListVirtualMFADevicesOutput, error) {
12258	req, out := c.ListVirtualMFADevicesRequest(input)
12259	req.SetContext(ctx)
12260	req.ApplyOptions(opts...)
12261	return out, req.Send()
12262}
12263
12264// ListVirtualMFADevicesPages iterates over the pages of a ListVirtualMFADevices operation,
12265// calling the "fn" function with the response data for each page. To stop
12266// iterating, return false from the fn function.
12267//
12268// See ListVirtualMFADevices method for more information on how to use this operation.
12269//
12270// Note: This operation can generate multiple requests to a service.
12271//
12272//    // Example iterating over at most 3 pages of a ListVirtualMFADevices operation.
12273//    pageNum := 0
12274//    err := client.ListVirtualMFADevicesPages(params,
12275//        func(page *iam.ListVirtualMFADevicesOutput, lastPage bool) bool {
12276//            pageNum++
12277//            fmt.Println(page)
12278//            return pageNum <= 3
12279//        })
12280//
12281func (c *IAM) ListVirtualMFADevicesPages(input *ListVirtualMFADevicesInput, fn func(*ListVirtualMFADevicesOutput, bool) bool) error {
12282	return c.ListVirtualMFADevicesPagesWithContext(aws.BackgroundContext(), input, fn)
12283}
12284
12285// ListVirtualMFADevicesPagesWithContext same as ListVirtualMFADevicesPages except
12286// it takes a Context and allows setting request options on the pages.
12287//
12288// The context must be non-nil and will be used for request cancellation. If
12289// the context is nil a panic will occur. In the future the SDK may create
12290// sub-contexts for http.Requests. See https://golang.org/pkg/context/
12291// for more information on using Contexts.
12292func (c *IAM) ListVirtualMFADevicesPagesWithContext(ctx aws.Context, input *ListVirtualMFADevicesInput, fn func(*ListVirtualMFADevicesOutput, bool) bool, opts ...request.Option) error {
12293	p := request.Pagination{
12294		NewRequest: func() (*request.Request, error) {
12295			var inCpy *ListVirtualMFADevicesInput
12296			if input != nil {
12297				tmp := *input
12298				inCpy = &tmp
12299			}
12300			req, _ := c.ListVirtualMFADevicesRequest(inCpy)
12301			req.SetContext(ctx)
12302			req.ApplyOptions(opts...)
12303			return req, nil
12304		},
12305	}
12306
12307	for p.Next() {
12308		if !fn(p.Page().(*ListVirtualMFADevicesOutput), !p.HasNextPage()) {
12309			break
12310		}
12311	}
12312
12313	return p.Err()
12314}
12315
12316const opPutGroupPolicy = "PutGroupPolicy"
12317
12318// PutGroupPolicyRequest generates a "aws/request.Request" representing the
12319// client's request for the PutGroupPolicy operation. The "output" return
12320// value will be populated with the request's response once the request completes
12321// successfully.
12322//
12323// Use "Send" method on the returned Request to send the API call to the service.
12324// the "output" return value is not valid until after Send returns without error.
12325//
12326// See PutGroupPolicy for more information on using the PutGroupPolicy
12327// API call, and error handling.
12328//
12329// This method is useful when you want to inject custom logic or configuration
12330// into the SDK's request lifecycle. Such as custom headers, or retry logic.
12331//
12332//
12333//    // Example sending a request using the PutGroupPolicyRequest method.
12334//    req, resp := client.PutGroupPolicyRequest(params)
12335//
12336//    err := req.Send()
12337//    if err == nil { // resp is now filled
12338//        fmt.Println(resp)
12339//    }
12340//
12341// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/PutGroupPolicy
12342func (c *IAM) PutGroupPolicyRequest(input *PutGroupPolicyInput) (req *request.Request, output *PutGroupPolicyOutput) {
12343	op := &request.Operation{
12344		Name:       opPutGroupPolicy,
12345		HTTPMethod: "POST",
12346		HTTPPath:   "/",
12347	}
12348
12349	if input == nil {
12350		input = &PutGroupPolicyInput{}
12351	}
12352
12353	output = &PutGroupPolicyOutput{}
12354	req = c.newRequest(op, input, output)
12355	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
12356	return
12357}
12358
12359// PutGroupPolicy API operation for AWS Identity and Access Management.
12360//
12361// Adds or updates an inline policy document that is embedded in the specified
12362// IAM group.
12363//
12364// A user can also have managed policies attached to it. To attach a managed
12365// policy to a group, use AttachGroupPolicy. To create a new managed policy,
12366// use CreatePolicy. For information about policies, see Managed policies and
12367// inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
12368// in the IAM User Guide.
12369//
12370// For information about the maximum number of inline policies that you can
12371// embed in a group, see IAM and STS quotas (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html)
12372// in the IAM User Guide.
12373//
12374// Because policy documents can be large, you should use POST rather than GET
12375// when calling PutGroupPolicy. For general information about using the Query
12376// API with IAM, see Making query requests (https://docs.aws.amazon.com/IAM/latest/UserGuide/IAM_UsingQueryAPI.html)
12377// in the IAM User Guide.
12378//
12379// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
12380// with awserr.Error's Code and Message methods to get detailed information about
12381// the error.
12382//
12383// See the AWS API reference guide for AWS Identity and Access Management's
12384// API operation PutGroupPolicy for usage and error information.
12385//
12386// Returned Error Codes:
12387//   * ErrCodeLimitExceededException "LimitExceeded"
12388//   The request was rejected because it attempted to create resources beyond
12389//   the current AWS account limits. The error message describes the limit exceeded.
12390//
12391//   * ErrCodeMalformedPolicyDocumentException "MalformedPolicyDocument"
12392//   The request was rejected because the policy document was malformed. The error
12393//   message describes the specific error.
12394//
12395//   * ErrCodeNoSuchEntityException "NoSuchEntity"
12396//   The request was rejected because it referenced a resource entity that does
12397//   not exist. The error message describes the resource.
12398//
12399//   * ErrCodeServiceFailureException "ServiceFailure"
12400//   The request processing has failed because of an unknown error, exception
12401//   or failure.
12402//
12403// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/PutGroupPolicy
12404func (c *IAM) PutGroupPolicy(input *PutGroupPolicyInput) (*PutGroupPolicyOutput, error) {
12405	req, out := c.PutGroupPolicyRequest(input)
12406	return out, req.Send()
12407}
12408
12409// PutGroupPolicyWithContext is the same as PutGroupPolicy with the addition of
12410// the ability to pass a context and additional request options.
12411//
12412// See PutGroupPolicy for details on how to use this API operation.
12413//
12414// The context must be non-nil and will be used for request cancellation. If
12415// the context is nil a panic will occur. In the future the SDK may create
12416// sub-contexts for http.Requests. See https://golang.org/pkg/context/
12417// for more information on using Contexts.
12418func (c *IAM) PutGroupPolicyWithContext(ctx aws.Context, input *PutGroupPolicyInput, opts ...request.Option) (*PutGroupPolicyOutput, error) {
12419	req, out := c.PutGroupPolicyRequest(input)
12420	req.SetContext(ctx)
12421	req.ApplyOptions(opts...)
12422	return out, req.Send()
12423}
12424
12425const opPutRolePermissionsBoundary = "PutRolePermissionsBoundary"
12426
12427// PutRolePermissionsBoundaryRequest generates a "aws/request.Request" representing the
12428// client's request for the PutRolePermissionsBoundary operation. The "output" return
12429// value will be populated with the request's response once the request completes
12430// successfully.
12431//
12432// Use "Send" method on the returned Request to send the API call to the service.
12433// the "output" return value is not valid until after Send returns without error.
12434//
12435// See PutRolePermissionsBoundary for more information on using the PutRolePermissionsBoundary
12436// API call, and error handling.
12437//
12438// This method is useful when you want to inject custom logic or configuration
12439// into the SDK's request lifecycle. Such as custom headers, or retry logic.
12440//
12441//
12442//    // Example sending a request using the PutRolePermissionsBoundaryRequest method.
12443//    req, resp := client.PutRolePermissionsBoundaryRequest(params)
12444//
12445//    err := req.Send()
12446//    if err == nil { // resp is now filled
12447//        fmt.Println(resp)
12448//    }
12449//
12450// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/PutRolePermissionsBoundary
12451func (c *IAM) PutRolePermissionsBoundaryRequest(input *PutRolePermissionsBoundaryInput) (req *request.Request, output *PutRolePermissionsBoundaryOutput) {
12452	op := &request.Operation{
12453		Name:       opPutRolePermissionsBoundary,
12454		HTTPMethod: "POST",
12455		HTTPPath:   "/",
12456	}
12457
12458	if input == nil {
12459		input = &PutRolePermissionsBoundaryInput{}
12460	}
12461
12462	output = &PutRolePermissionsBoundaryOutput{}
12463	req = c.newRequest(op, input, output)
12464	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
12465	return
12466}
12467
12468// PutRolePermissionsBoundary API operation for AWS Identity and Access Management.
12469//
12470// Adds or updates the policy that is specified as the IAM role's permissions
12471// boundary. You can use an AWS managed policy or a customer managed policy
12472// to set the boundary for a role. Use the boundary to control the maximum permissions
12473// that the role can have. Setting a permissions boundary is an advanced feature
12474// that can affect the permissions for the role.
12475//
12476// You cannot set the boundary for a service-linked role.
12477//
12478// Policies used as permissions boundaries do not provide permissions. You must
12479// also attach a permissions policy to the role. To learn how the effective
12480// permissions for a role are evaluated, see IAM JSON policy evaluation logic
12481// (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluation-logic.html)
12482// in the IAM User Guide.
12483//
12484// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
12485// with awserr.Error's Code and Message methods to get detailed information about
12486// the error.
12487//
12488// See the AWS API reference guide for AWS Identity and Access Management's
12489// API operation PutRolePermissionsBoundary for usage and error information.
12490//
12491// Returned Error Codes:
12492//   * ErrCodeNoSuchEntityException "NoSuchEntity"
12493//   The request was rejected because it referenced a resource entity that does
12494//   not exist. The error message describes the resource.
12495//
12496//   * ErrCodeInvalidInputException "InvalidInput"
12497//   The request was rejected because an invalid or out-of-range value was supplied
12498//   for an input parameter.
12499//
12500//   * ErrCodeUnmodifiableEntityException "UnmodifiableEntity"
12501//   The request was rejected because only the service that depends on the service-linked
12502//   role can modify or delete the role on your behalf. The error message includes
12503//   the name of the service that depends on this service-linked role. You must
12504//   request the change through that service.
12505//
12506//   * ErrCodePolicyNotAttachableException "PolicyNotAttachable"
12507//   The request failed because AWS service role policies can only be attached
12508//   to the service-linked role for that service.
12509//
12510//   * ErrCodeServiceFailureException "ServiceFailure"
12511//   The request processing has failed because of an unknown error, exception
12512//   or failure.
12513//
12514// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/PutRolePermissionsBoundary
12515func (c *IAM) PutRolePermissionsBoundary(input *PutRolePermissionsBoundaryInput) (*PutRolePermissionsBoundaryOutput, error) {
12516	req, out := c.PutRolePermissionsBoundaryRequest(input)
12517	return out, req.Send()
12518}
12519
12520// PutRolePermissionsBoundaryWithContext is the same as PutRolePermissionsBoundary with the addition of
12521// the ability to pass a context and additional request options.
12522//
12523// See PutRolePermissionsBoundary for details on how to use this API operation.
12524//
12525// The context must be non-nil and will be used for request cancellation. If
12526// the context is nil a panic will occur. In the future the SDK may create
12527// sub-contexts for http.Requests. See https://golang.org/pkg/context/
12528// for more information on using Contexts.
12529func (c *IAM) PutRolePermissionsBoundaryWithContext(ctx aws.Context, input *PutRolePermissionsBoundaryInput, opts ...request.Option) (*PutRolePermissionsBoundaryOutput, error) {
12530	req, out := c.PutRolePermissionsBoundaryRequest(input)
12531	req.SetContext(ctx)
12532	req.ApplyOptions(opts...)
12533	return out, req.Send()
12534}
12535
12536const opPutRolePolicy = "PutRolePolicy"
12537
12538// PutRolePolicyRequest generates a "aws/request.Request" representing the
12539// client's request for the PutRolePolicy operation. The "output" return
12540// value will be populated with the request's response once the request completes
12541// successfully.
12542//
12543// Use "Send" method on the returned Request to send the API call to the service.
12544// the "output" return value is not valid until after Send returns without error.
12545//
12546// See PutRolePolicy for more information on using the PutRolePolicy
12547// API call, and error handling.
12548//
12549// This method is useful when you want to inject custom logic or configuration
12550// into the SDK's request lifecycle. Such as custom headers, or retry logic.
12551//
12552//
12553//    // Example sending a request using the PutRolePolicyRequest method.
12554//    req, resp := client.PutRolePolicyRequest(params)
12555//
12556//    err := req.Send()
12557//    if err == nil { // resp is now filled
12558//        fmt.Println(resp)
12559//    }
12560//
12561// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/PutRolePolicy
12562func (c *IAM) PutRolePolicyRequest(input *PutRolePolicyInput) (req *request.Request, output *PutRolePolicyOutput) {
12563	op := &request.Operation{
12564		Name:       opPutRolePolicy,
12565		HTTPMethod: "POST",
12566		HTTPPath:   "/",
12567	}
12568
12569	if input == nil {
12570		input = &PutRolePolicyInput{}
12571	}
12572
12573	output = &PutRolePolicyOutput{}
12574	req = c.newRequest(op, input, output)
12575	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
12576	return
12577}
12578
12579// PutRolePolicy API operation for AWS Identity and Access Management.
12580//
12581// Adds or updates an inline policy document that is embedded in the specified
12582// IAM role.
12583//
12584// When you embed an inline policy in a role, the inline policy is used as part
12585// of the role's access (permissions) policy. The role's trust policy is created
12586// at the same time as the role, using CreateRole. You can update a role's trust
12587// policy using UpdateAssumeRolePolicy. For more information about IAM roles,
12588// see Using roles to delegate permissions and federate identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/roles-toplevel.html).
12589//
12590// A role can also have a managed policy attached to it. To attach a managed
12591// policy to a role, use AttachRolePolicy. To create a new managed policy, use
12592// CreatePolicy. For information about policies, see Managed policies and inline
12593// policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
12594// in the IAM User Guide.
12595//
12596// For information about the maximum number of inline policies that you can
12597// embed with a role, see IAM and STS quotas (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html)
12598// in the IAM User Guide.
12599//
12600// Because policy documents can be large, you should use POST rather than GET
12601// when calling PutRolePolicy. For general information about using the Query
12602// API with IAM, see Making query requests (https://docs.aws.amazon.com/IAM/latest/UserGuide/IAM_UsingQueryAPI.html)
12603// in the IAM User Guide.
12604//
12605// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
12606// with awserr.Error's Code and Message methods to get detailed information about
12607// the error.
12608//
12609// See the AWS API reference guide for AWS Identity and Access Management's
12610// API operation PutRolePolicy for usage and error information.
12611//
12612// Returned Error Codes:
12613//   * ErrCodeLimitExceededException "LimitExceeded"
12614//   The request was rejected because it attempted to create resources beyond
12615//   the current AWS account limits. The error message describes the limit exceeded.
12616//
12617//   * ErrCodeMalformedPolicyDocumentException "MalformedPolicyDocument"
12618//   The request was rejected because the policy document was malformed. The error
12619//   message describes the specific error.
12620//
12621//   * ErrCodeNoSuchEntityException "NoSuchEntity"
12622//   The request was rejected because it referenced a resource entity that does
12623//   not exist. The error message describes the resource.
12624//
12625//   * ErrCodeUnmodifiableEntityException "UnmodifiableEntity"
12626//   The request was rejected because only the service that depends on the service-linked
12627//   role can modify or delete the role on your behalf. The error message includes
12628//   the name of the service that depends on this service-linked role. You must
12629//   request the change through that service.
12630//
12631//   * ErrCodeServiceFailureException "ServiceFailure"
12632//   The request processing has failed because of an unknown error, exception
12633//   or failure.
12634//
12635// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/PutRolePolicy
12636func (c *IAM) PutRolePolicy(input *PutRolePolicyInput) (*PutRolePolicyOutput, error) {
12637	req, out := c.PutRolePolicyRequest(input)
12638	return out, req.Send()
12639}
12640
12641// PutRolePolicyWithContext is the same as PutRolePolicy with the addition of
12642// the ability to pass a context and additional request options.
12643//
12644// See PutRolePolicy for details on how to use this API operation.
12645//
12646// The context must be non-nil and will be used for request cancellation. If
12647// the context is nil a panic will occur. In the future the SDK may create
12648// sub-contexts for http.Requests. See https://golang.org/pkg/context/
12649// for more information on using Contexts.
12650func (c *IAM) PutRolePolicyWithContext(ctx aws.Context, input *PutRolePolicyInput, opts ...request.Option) (*PutRolePolicyOutput, error) {
12651	req, out := c.PutRolePolicyRequest(input)
12652	req.SetContext(ctx)
12653	req.ApplyOptions(opts...)
12654	return out, req.Send()
12655}
12656
12657const opPutUserPermissionsBoundary = "PutUserPermissionsBoundary"
12658
12659// PutUserPermissionsBoundaryRequest generates a "aws/request.Request" representing the
12660// client's request for the PutUserPermissionsBoundary operation. The "output" return
12661// value will be populated with the request's response once the request completes
12662// successfully.
12663//
12664// Use "Send" method on the returned Request to send the API call to the service.
12665// the "output" return value is not valid until after Send returns without error.
12666//
12667// See PutUserPermissionsBoundary for more information on using the PutUserPermissionsBoundary
12668// API call, and error handling.
12669//
12670// This method is useful when you want to inject custom logic or configuration
12671// into the SDK's request lifecycle. Such as custom headers, or retry logic.
12672//
12673//
12674//    // Example sending a request using the PutUserPermissionsBoundaryRequest method.
12675//    req, resp := client.PutUserPermissionsBoundaryRequest(params)
12676//
12677//    err := req.Send()
12678//    if err == nil { // resp is now filled
12679//        fmt.Println(resp)
12680//    }
12681//
12682// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/PutUserPermissionsBoundary
12683func (c *IAM) PutUserPermissionsBoundaryRequest(input *PutUserPermissionsBoundaryInput) (req *request.Request, output *PutUserPermissionsBoundaryOutput) {
12684	op := &request.Operation{
12685		Name:       opPutUserPermissionsBoundary,
12686		HTTPMethod: "POST",
12687		HTTPPath:   "/",
12688	}
12689
12690	if input == nil {
12691		input = &PutUserPermissionsBoundaryInput{}
12692	}
12693
12694	output = &PutUserPermissionsBoundaryOutput{}
12695	req = c.newRequest(op, input, output)
12696	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
12697	return
12698}
12699
12700// PutUserPermissionsBoundary API operation for AWS Identity and Access Management.
12701//
12702// Adds or updates the policy that is specified as the IAM user's permissions
12703// boundary. You can use an AWS managed policy or a customer managed policy
12704// to set the boundary for a user. Use the boundary to control the maximum permissions
12705// that the user can have. Setting a permissions boundary is an advanced feature
12706// that can affect the permissions for the user.
12707//
12708// Policies that are used as permissions boundaries do not provide permissions.
12709// You must also attach a permissions policy to the user. To learn how the effective
12710// permissions for a user are evaluated, see IAM JSON policy evaluation logic
12711// (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluation-logic.html)
12712// in the IAM User Guide.
12713//
12714// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
12715// with awserr.Error's Code and Message methods to get detailed information about
12716// the error.
12717//
12718// See the AWS API reference guide for AWS Identity and Access Management's
12719// API operation PutUserPermissionsBoundary for usage and error information.
12720//
12721// Returned Error Codes:
12722//   * ErrCodeNoSuchEntityException "NoSuchEntity"
12723//   The request was rejected because it referenced a resource entity that does
12724//   not exist. The error message describes the resource.
12725//
12726//   * ErrCodeInvalidInputException "InvalidInput"
12727//   The request was rejected because an invalid or out-of-range value was supplied
12728//   for an input parameter.
12729//
12730//   * ErrCodePolicyNotAttachableException "PolicyNotAttachable"
12731//   The request failed because AWS service role policies can only be attached
12732//   to the service-linked role for that service.
12733//
12734//   * ErrCodeServiceFailureException "ServiceFailure"
12735//   The request processing has failed because of an unknown error, exception
12736//   or failure.
12737//
12738// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/PutUserPermissionsBoundary
12739func (c *IAM) PutUserPermissionsBoundary(input *PutUserPermissionsBoundaryInput) (*PutUserPermissionsBoundaryOutput, error) {
12740	req, out := c.PutUserPermissionsBoundaryRequest(input)
12741	return out, req.Send()
12742}
12743
12744// PutUserPermissionsBoundaryWithContext is the same as PutUserPermissionsBoundary with the addition of
12745// the ability to pass a context and additional request options.
12746//
12747// See PutUserPermissionsBoundary for details on how to use this API operation.
12748//
12749// The context must be non-nil and will be used for request cancellation. If
12750// the context is nil a panic will occur. In the future the SDK may create
12751// sub-contexts for http.Requests. See https://golang.org/pkg/context/
12752// for more information on using Contexts.
12753func (c *IAM) PutUserPermissionsBoundaryWithContext(ctx aws.Context, input *PutUserPermissionsBoundaryInput, opts ...request.Option) (*PutUserPermissionsBoundaryOutput, error) {
12754	req, out := c.PutUserPermissionsBoundaryRequest(input)
12755	req.SetContext(ctx)
12756	req.ApplyOptions(opts...)
12757	return out, req.Send()
12758}
12759
12760const opPutUserPolicy = "PutUserPolicy"
12761
12762// PutUserPolicyRequest generates a "aws/request.Request" representing the
12763// client's request for the PutUserPolicy operation. The "output" return
12764// value will be populated with the request's response once the request completes
12765// successfully.
12766//
12767// Use "Send" method on the returned Request to send the API call to the service.
12768// the "output" return value is not valid until after Send returns without error.
12769//
12770// See PutUserPolicy for more information on using the PutUserPolicy
12771// API call, and error handling.
12772//
12773// This method is useful when you want to inject custom logic or configuration
12774// into the SDK's request lifecycle. Such as custom headers, or retry logic.
12775//
12776//
12777//    // Example sending a request using the PutUserPolicyRequest method.
12778//    req, resp := client.PutUserPolicyRequest(params)
12779//
12780//    err := req.Send()
12781//    if err == nil { // resp is now filled
12782//        fmt.Println(resp)
12783//    }
12784//
12785// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/PutUserPolicy
12786func (c *IAM) PutUserPolicyRequest(input *PutUserPolicyInput) (req *request.Request, output *PutUserPolicyOutput) {
12787	op := &request.Operation{
12788		Name:       opPutUserPolicy,
12789		HTTPMethod: "POST",
12790		HTTPPath:   "/",
12791	}
12792
12793	if input == nil {
12794		input = &PutUserPolicyInput{}
12795	}
12796
12797	output = &PutUserPolicyOutput{}
12798	req = c.newRequest(op, input, output)
12799	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
12800	return
12801}
12802
12803// PutUserPolicy API operation for AWS Identity and Access Management.
12804//
12805// Adds or updates an inline policy document that is embedded in the specified
12806// IAM user.
12807//
12808// An IAM user can also have a managed policy attached to it. To attach a managed
12809// policy to a user, use AttachUserPolicy. To create a new managed policy, use
12810// CreatePolicy. For information about policies, see Managed policies and inline
12811// policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
12812// in the IAM User Guide.
12813//
12814// For information about the maximum number of inline policies that you can
12815// embed in a user, see IAM and STS quotas (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html)
12816// in the IAM User Guide.
12817//
12818// Because policy documents can be large, you should use POST rather than GET
12819// when calling PutUserPolicy. For general information about using the Query
12820// API with IAM, see Making query requests (https://docs.aws.amazon.com/IAM/latest/UserGuide/IAM_UsingQueryAPI.html)
12821// in the IAM User Guide.
12822//
12823// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
12824// with awserr.Error's Code and Message methods to get detailed information about
12825// the error.
12826//
12827// See the AWS API reference guide for AWS Identity and Access Management's
12828// API operation PutUserPolicy for usage and error information.
12829//
12830// Returned Error Codes:
12831//   * ErrCodeLimitExceededException "LimitExceeded"
12832//   The request was rejected because it attempted to create resources beyond
12833//   the current AWS account limits. The error message describes the limit exceeded.
12834//
12835//   * ErrCodeMalformedPolicyDocumentException "MalformedPolicyDocument"
12836//   The request was rejected because the policy document was malformed. The error
12837//   message describes the specific error.
12838//
12839//   * ErrCodeNoSuchEntityException "NoSuchEntity"
12840//   The request was rejected because it referenced a resource entity that does
12841//   not exist. The error message describes the resource.
12842//
12843//   * ErrCodeServiceFailureException "ServiceFailure"
12844//   The request processing has failed because of an unknown error, exception
12845//   or failure.
12846//
12847// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/PutUserPolicy
12848func (c *IAM) PutUserPolicy(input *PutUserPolicyInput) (*PutUserPolicyOutput, error) {
12849	req, out := c.PutUserPolicyRequest(input)
12850	return out, req.Send()
12851}
12852
12853// PutUserPolicyWithContext is the same as PutUserPolicy with the addition of
12854// the ability to pass a context and additional request options.
12855//
12856// See PutUserPolicy for details on how to use this API operation.
12857//
12858// The context must be non-nil and will be used for request cancellation. If
12859// the context is nil a panic will occur. In the future the SDK may create
12860// sub-contexts for http.Requests. See https://golang.org/pkg/context/
12861// for more information on using Contexts.
12862func (c *IAM) PutUserPolicyWithContext(ctx aws.Context, input *PutUserPolicyInput, opts ...request.Option) (*PutUserPolicyOutput, error) {
12863	req, out := c.PutUserPolicyRequest(input)
12864	req.SetContext(ctx)
12865	req.ApplyOptions(opts...)
12866	return out, req.Send()
12867}
12868
12869const opRemoveClientIDFromOpenIDConnectProvider = "RemoveClientIDFromOpenIDConnectProvider"
12870
12871// RemoveClientIDFromOpenIDConnectProviderRequest generates a "aws/request.Request" representing the
12872// client's request for the RemoveClientIDFromOpenIDConnectProvider operation. The "output" return
12873// value will be populated with the request's response once the request completes
12874// successfully.
12875//
12876// Use "Send" method on the returned Request to send the API call to the service.
12877// the "output" return value is not valid until after Send returns without error.
12878//
12879// See RemoveClientIDFromOpenIDConnectProvider for more information on using the RemoveClientIDFromOpenIDConnectProvider
12880// API call, and error handling.
12881//
12882// This method is useful when you want to inject custom logic or configuration
12883// into the SDK's request lifecycle. Such as custom headers, or retry logic.
12884//
12885//
12886//    // Example sending a request using the RemoveClientIDFromOpenIDConnectProviderRequest method.
12887//    req, resp := client.RemoveClientIDFromOpenIDConnectProviderRequest(params)
12888//
12889//    err := req.Send()
12890//    if err == nil { // resp is now filled
12891//        fmt.Println(resp)
12892//    }
12893//
12894// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/RemoveClientIDFromOpenIDConnectProvider
12895func (c *IAM) RemoveClientIDFromOpenIDConnectProviderRequest(input *RemoveClientIDFromOpenIDConnectProviderInput) (req *request.Request, output *RemoveClientIDFromOpenIDConnectProviderOutput) {
12896	op := &request.Operation{
12897		Name:       opRemoveClientIDFromOpenIDConnectProvider,
12898		HTTPMethod: "POST",
12899		HTTPPath:   "/",
12900	}
12901
12902	if input == nil {
12903		input = &RemoveClientIDFromOpenIDConnectProviderInput{}
12904	}
12905
12906	output = &RemoveClientIDFromOpenIDConnectProviderOutput{}
12907	req = c.newRequest(op, input, output)
12908	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
12909	return
12910}
12911
12912// RemoveClientIDFromOpenIDConnectProvider API operation for AWS Identity and Access Management.
12913//
12914// Removes the specified client ID (also known as audience) from the list of
12915// client IDs registered for the specified IAM OpenID Connect (OIDC) provider
12916// resource object.
12917//
12918// This operation is idempotent; it does not fail or return an error if you
12919// try to remove a client ID that does not exist.
12920//
12921// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
12922// with awserr.Error's Code and Message methods to get detailed information about
12923// the error.
12924//
12925// See the AWS API reference guide for AWS Identity and Access Management's
12926// API operation RemoveClientIDFromOpenIDConnectProvider for usage and error information.
12927//
12928// Returned Error Codes:
12929//   * ErrCodeInvalidInputException "InvalidInput"
12930//   The request was rejected because an invalid or out-of-range value was supplied
12931//   for an input parameter.
12932//
12933//   * ErrCodeNoSuchEntityException "NoSuchEntity"
12934//   The request was rejected because it referenced a resource entity that does
12935//   not exist. The error message describes the resource.
12936//
12937//   * ErrCodeServiceFailureException "ServiceFailure"
12938//   The request processing has failed because of an unknown error, exception
12939//   or failure.
12940//
12941// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/RemoveClientIDFromOpenIDConnectProvider
12942func (c *IAM) RemoveClientIDFromOpenIDConnectProvider(input *RemoveClientIDFromOpenIDConnectProviderInput) (*RemoveClientIDFromOpenIDConnectProviderOutput, error) {
12943	req, out := c.RemoveClientIDFromOpenIDConnectProviderRequest(input)
12944	return out, req.Send()
12945}
12946
12947// RemoveClientIDFromOpenIDConnectProviderWithContext is the same as RemoveClientIDFromOpenIDConnectProvider with the addition of
12948// the ability to pass a context and additional request options.
12949//
12950// See RemoveClientIDFromOpenIDConnectProvider for details on how to use this API operation.
12951//
12952// The context must be non-nil and will be used for request cancellation. If
12953// the context is nil a panic will occur. In the future the SDK may create
12954// sub-contexts for http.Requests. See https://golang.org/pkg/context/
12955// for more information on using Contexts.
12956func (c *IAM) RemoveClientIDFromOpenIDConnectProviderWithContext(ctx aws.Context, input *RemoveClientIDFromOpenIDConnectProviderInput, opts ...request.Option) (*RemoveClientIDFromOpenIDConnectProviderOutput, error) {
12957	req, out := c.RemoveClientIDFromOpenIDConnectProviderRequest(input)
12958	req.SetContext(ctx)
12959	req.ApplyOptions(opts...)
12960	return out, req.Send()
12961}
12962
12963const opRemoveRoleFromInstanceProfile = "RemoveRoleFromInstanceProfile"
12964
12965// RemoveRoleFromInstanceProfileRequest generates a "aws/request.Request" representing the
12966// client's request for the RemoveRoleFromInstanceProfile operation. The "output" return
12967// value will be populated with the request's response once the request completes
12968// successfully.
12969//
12970// Use "Send" method on the returned Request to send the API call to the service.
12971// the "output" return value is not valid until after Send returns without error.
12972//
12973// See RemoveRoleFromInstanceProfile for more information on using the RemoveRoleFromInstanceProfile
12974// API call, and error handling.
12975//
12976// This method is useful when you want to inject custom logic or configuration
12977// into the SDK's request lifecycle. Such as custom headers, or retry logic.
12978//
12979//
12980//    // Example sending a request using the RemoveRoleFromInstanceProfileRequest method.
12981//    req, resp := client.RemoveRoleFromInstanceProfileRequest(params)
12982//
12983//    err := req.Send()
12984//    if err == nil { // resp is now filled
12985//        fmt.Println(resp)
12986//    }
12987//
12988// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/RemoveRoleFromInstanceProfile
12989func (c *IAM) RemoveRoleFromInstanceProfileRequest(input *RemoveRoleFromInstanceProfileInput) (req *request.Request, output *RemoveRoleFromInstanceProfileOutput) {
12990	op := &request.Operation{
12991		Name:       opRemoveRoleFromInstanceProfile,
12992		HTTPMethod: "POST",
12993		HTTPPath:   "/",
12994	}
12995
12996	if input == nil {
12997		input = &RemoveRoleFromInstanceProfileInput{}
12998	}
12999
13000	output = &RemoveRoleFromInstanceProfileOutput{}
13001	req = c.newRequest(op, input, output)
13002	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
13003	return
13004}
13005
13006// RemoveRoleFromInstanceProfile API operation for AWS Identity and Access Management.
13007//
13008// Removes the specified IAM role from the specified EC2 instance profile.
13009//
13010// Make sure that you do not have any Amazon EC2 instances running with the
13011// role you are about to remove from the instance profile. Removing a role from
13012// an instance profile that is associated with a running instance might break
13013// any applications running on the instance.
13014//
13015// For more information about IAM roles, see Working with roles (https://docs.aws.amazon.com/IAM/latest/UserGuide/WorkingWithRoles.html).
13016// For more information about instance profiles, see About instance profiles
13017// (https://docs.aws.amazon.com/IAM/latest/UserGuide/AboutInstanceProfiles.html).
13018//
13019// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
13020// with awserr.Error's Code and Message methods to get detailed information about
13021// the error.
13022//
13023// See the AWS API reference guide for AWS Identity and Access Management's
13024// API operation RemoveRoleFromInstanceProfile for usage and error information.
13025//
13026// Returned Error Codes:
13027//   * ErrCodeNoSuchEntityException "NoSuchEntity"
13028//   The request was rejected because it referenced a resource entity that does
13029//   not exist. The error message describes the resource.
13030//
13031//   * ErrCodeLimitExceededException "LimitExceeded"
13032//   The request was rejected because it attempted to create resources beyond
13033//   the current AWS account limits. The error message describes the limit exceeded.
13034//
13035//   * ErrCodeUnmodifiableEntityException "UnmodifiableEntity"
13036//   The request was rejected because only the service that depends on the service-linked
13037//   role can modify or delete the role on your behalf. The error message includes
13038//   the name of the service that depends on this service-linked role. You must
13039//   request the change through that service.
13040//
13041//   * ErrCodeServiceFailureException "ServiceFailure"
13042//   The request processing has failed because of an unknown error, exception
13043//   or failure.
13044//
13045// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/RemoveRoleFromInstanceProfile
13046func (c *IAM) RemoveRoleFromInstanceProfile(input *RemoveRoleFromInstanceProfileInput) (*RemoveRoleFromInstanceProfileOutput, error) {
13047	req, out := c.RemoveRoleFromInstanceProfileRequest(input)
13048	return out, req.Send()
13049}
13050
13051// RemoveRoleFromInstanceProfileWithContext is the same as RemoveRoleFromInstanceProfile with the addition of
13052// the ability to pass a context and additional request options.
13053//
13054// See RemoveRoleFromInstanceProfile for details on how to use this API operation.
13055//
13056// The context must be non-nil and will be used for request cancellation. If
13057// the context is nil a panic will occur. In the future the SDK may create
13058// sub-contexts for http.Requests. See https://golang.org/pkg/context/
13059// for more information on using Contexts.
13060func (c *IAM) RemoveRoleFromInstanceProfileWithContext(ctx aws.Context, input *RemoveRoleFromInstanceProfileInput, opts ...request.Option) (*RemoveRoleFromInstanceProfileOutput, error) {
13061	req, out := c.RemoveRoleFromInstanceProfileRequest(input)
13062	req.SetContext(ctx)
13063	req.ApplyOptions(opts...)
13064	return out, req.Send()
13065}
13066
13067const opRemoveUserFromGroup = "RemoveUserFromGroup"
13068
13069// RemoveUserFromGroupRequest generates a "aws/request.Request" representing the
13070// client's request for the RemoveUserFromGroup operation. The "output" return
13071// value will be populated with the request's response once the request completes
13072// successfully.
13073//
13074// Use "Send" method on the returned Request to send the API call to the service.
13075// the "output" return value is not valid until after Send returns without error.
13076//
13077// See RemoveUserFromGroup for more information on using the RemoveUserFromGroup
13078// API call, and error handling.
13079//
13080// This method is useful when you want to inject custom logic or configuration
13081// into the SDK's request lifecycle. Such as custom headers, or retry logic.
13082//
13083//
13084//    // Example sending a request using the RemoveUserFromGroupRequest method.
13085//    req, resp := client.RemoveUserFromGroupRequest(params)
13086//
13087//    err := req.Send()
13088//    if err == nil { // resp is now filled
13089//        fmt.Println(resp)
13090//    }
13091//
13092// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/RemoveUserFromGroup
13093func (c *IAM) RemoveUserFromGroupRequest(input *RemoveUserFromGroupInput) (req *request.Request, output *RemoveUserFromGroupOutput) {
13094	op := &request.Operation{
13095		Name:       opRemoveUserFromGroup,
13096		HTTPMethod: "POST",
13097		HTTPPath:   "/",
13098	}
13099
13100	if input == nil {
13101		input = &RemoveUserFromGroupInput{}
13102	}
13103
13104	output = &RemoveUserFromGroupOutput{}
13105	req = c.newRequest(op, input, output)
13106	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
13107	return
13108}
13109
13110// RemoveUserFromGroup API operation for AWS Identity and Access Management.
13111//
13112// Removes the specified user from the specified group.
13113//
13114// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
13115// with awserr.Error's Code and Message methods to get detailed information about
13116// the error.
13117//
13118// See the AWS API reference guide for AWS Identity and Access Management's
13119// API operation RemoveUserFromGroup for usage and error information.
13120//
13121// Returned Error Codes:
13122//   * ErrCodeNoSuchEntityException "NoSuchEntity"
13123//   The request was rejected because it referenced a resource entity that does
13124//   not exist. The error message describes the resource.
13125//
13126//   * ErrCodeLimitExceededException "LimitExceeded"
13127//   The request was rejected because it attempted to create resources beyond
13128//   the current AWS account limits. The error message describes the limit exceeded.
13129//
13130//   * ErrCodeServiceFailureException "ServiceFailure"
13131//   The request processing has failed because of an unknown error, exception
13132//   or failure.
13133//
13134// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/RemoveUserFromGroup
13135func (c *IAM) RemoveUserFromGroup(input *RemoveUserFromGroupInput) (*RemoveUserFromGroupOutput, error) {
13136	req, out := c.RemoveUserFromGroupRequest(input)
13137	return out, req.Send()
13138}
13139
13140// RemoveUserFromGroupWithContext is the same as RemoveUserFromGroup with the addition of
13141// the ability to pass a context and additional request options.
13142//
13143// See RemoveUserFromGroup for details on how to use this API operation.
13144//
13145// The context must be non-nil and will be used for request cancellation. If
13146// the context is nil a panic will occur. In the future the SDK may create
13147// sub-contexts for http.Requests. See https://golang.org/pkg/context/
13148// for more information on using Contexts.
13149func (c *IAM) RemoveUserFromGroupWithContext(ctx aws.Context, input *RemoveUserFromGroupInput, opts ...request.Option) (*RemoveUserFromGroupOutput, error) {
13150	req, out := c.RemoveUserFromGroupRequest(input)
13151	req.SetContext(ctx)
13152	req.ApplyOptions(opts...)
13153	return out, req.Send()
13154}
13155
13156const opResetServiceSpecificCredential = "ResetServiceSpecificCredential"
13157
13158// ResetServiceSpecificCredentialRequest generates a "aws/request.Request" representing the
13159// client's request for the ResetServiceSpecificCredential operation. The "output" return
13160// value will be populated with the request's response once the request completes
13161// successfully.
13162//
13163// Use "Send" method on the returned Request to send the API call to the service.
13164// the "output" return value is not valid until after Send returns without error.
13165//
13166// See ResetServiceSpecificCredential for more information on using the ResetServiceSpecificCredential
13167// API call, and error handling.
13168//
13169// This method is useful when you want to inject custom logic or configuration
13170// into the SDK's request lifecycle. Such as custom headers, or retry logic.
13171//
13172//
13173//    // Example sending a request using the ResetServiceSpecificCredentialRequest method.
13174//    req, resp := client.ResetServiceSpecificCredentialRequest(params)
13175//
13176//    err := req.Send()
13177//    if err == nil { // resp is now filled
13178//        fmt.Println(resp)
13179//    }
13180//
13181// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ResetServiceSpecificCredential
13182func (c *IAM) ResetServiceSpecificCredentialRequest(input *ResetServiceSpecificCredentialInput) (req *request.Request, output *ResetServiceSpecificCredentialOutput) {
13183	op := &request.Operation{
13184		Name:       opResetServiceSpecificCredential,
13185		HTTPMethod: "POST",
13186		HTTPPath:   "/",
13187	}
13188
13189	if input == nil {
13190		input = &ResetServiceSpecificCredentialInput{}
13191	}
13192
13193	output = &ResetServiceSpecificCredentialOutput{}
13194	req = c.newRequest(op, input, output)
13195	return
13196}
13197
13198// ResetServiceSpecificCredential API operation for AWS Identity and Access Management.
13199//
13200// Resets the password for a service-specific credential. The new password is
13201// AWS generated and cryptographically strong. It cannot be configured by the
13202// user. Resetting the password immediately invalidates the previous password
13203// associated with this user.
13204//
13205// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
13206// with awserr.Error's Code and Message methods to get detailed information about
13207// the error.
13208//
13209// See the AWS API reference guide for AWS Identity and Access Management's
13210// API operation ResetServiceSpecificCredential for usage and error information.
13211//
13212// Returned Error Codes:
13213//   * ErrCodeNoSuchEntityException "NoSuchEntity"
13214//   The request was rejected because it referenced a resource entity that does
13215//   not exist. The error message describes the resource.
13216//
13217// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ResetServiceSpecificCredential
13218func (c *IAM) ResetServiceSpecificCredential(input *ResetServiceSpecificCredentialInput) (*ResetServiceSpecificCredentialOutput, error) {
13219	req, out := c.ResetServiceSpecificCredentialRequest(input)
13220	return out, req.Send()
13221}
13222
13223// ResetServiceSpecificCredentialWithContext is the same as ResetServiceSpecificCredential with the addition of
13224// the ability to pass a context and additional request options.
13225//
13226// See ResetServiceSpecificCredential for details on how to use this API operation.
13227//
13228// The context must be non-nil and will be used for request cancellation. If
13229// the context is nil a panic will occur. In the future the SDK may create
13230// sub-contexts for http.Requests. See https://golang.org/pkg/context/
13231// for more information on using Contexts.
13232func (c *IAM) ResetServiceSpecificCredentialWithContext(ctx aws.Context, input *ResetServiceSpecificCredentialInput, opts ...request.Option) (*ResetServiceSpecificCredentialOutput, error) {
13233	req, out := c.ResetServiceSpecificCredentialRequest(input)
13234	req.SetContext(ctx)
13235	req.ApplyOptions(opts...)
13236	return out, req.Send()
13237}
13238
13239const opResyncMFADevice = "ResyncMFADevice"
13240
13241// ResyncMFADeviceRequest generates a "aws/request.Request" representing the
13242// client's request for the ResyncMFADevice operation. The "output" return
13243// value will be populated with the request's response once the request completes
13244// successfully.
13245//
13246// Use "Send" method on the returned Request to send the API call to the service.
13247// the "output" return value is not valid until after Send returns without error.
13248//
13249// See ResyncMFADevice for more information on using the ResyncMFADevice
13250// API call, and error handling.
13251//
13252// This method is useful when you want to inject custom logic or configuration
13253// into the SDK's request lifecycle. Such as custom headers, or retry logic.
13254//
13255//
13256//    // Example sending a request using the ResyncMFADeviceRequest method.
13257//    req, resp := client.ResyncMFADeviceRequest(params)
13258//
13259//    err := req.Send()
13260//    if err == nil { // resp is now filled
13261//        fmt.Println(resp)
13262//    }
13263//
13264// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ResyncMFADevice
13265func (c *IAM) ResyncMFADeviceRequest(input *ResyncMFADeviceInput) (req *request.Request, output *ResyncMFADeviceOutput) {
13266	op := &request.Operation{
13267		Name:       opResyncMFADevice,
13268		HTTPMethod: "POST",
13269		HTTPPath:   "/",
13270	}
13271
13272	if input == nil {
13273		input = &ResyncMFADeviceInput{}
13274	}
13275
13276	output = &ResyncMFADeviceOutput{}
13277	req = c.newRequest(op, input, output)
13278	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
13279	return
13280}
13281
13282// ResyncMFADevice API operation for AWS Identity and Access Management.
13283//
13284// Synchronizes the specified MFA device with its IAM resource object on the
13285// AWS servers.
13286//
13287// For more information about creating and working with virtual MFA devices,
13288// see Using a virtual MFA device (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_VirtualMFA.html)
13289// in the IAM User Guide.
13290//
13291// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
13292// with awserr.Error's Code and Message methods to get detailed information about
13293// the error.
13294//
13295// See the AWS API reference guide for AWS Identity and Access Management's
13296// API operation ResyncMFADevice for usage and error information.
13297//
13298// Returned Error Codes:
13299//   * ErrCodeInvalidAuthenticationCodeException "InvalidAuthenticationCode"
13300//   The request was rejected because the authentication code was not recognized.
13301//   The error message describes the specific error.
13302//
13303//   * ErrCodeNoSuchEntityException "NoSuchEntity"
13304//   The request was rejected because it referenced a resource entity that does
13305//   not exist. The error message describes the resource.
13306//
13307//   * ErrCodeLimitExceededException "LimitExceeded"
13308//   The request was rejected because it attempted to create resources beyond
13309//   the current AWS account limits. The error message describes the limit exceeded.
13310//
13311//   * ErrCodeServiceFailureException "ServiceFailure"
13312//   The request processing has failed because of an unknown error, exception
13313//   or failure.
13314//
13315// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ResyncMFADevice
13316func (c *IAM) ResyncMFADevice(input *ResyncMFADeviceInput) (*ResyncMFADeviceOutput, error) {
13317	req, out := c.ResyncMFADeviceRequest(input)
13318	return out, req.Send()
13319}
13320
13321// ResyncMFADeviceWithContext is the same as ResyncMFADevice with the addition of
13322// the ability to pass a context and additional request options.
13323//
13324// See ResyncMFADevice for details on how to use this API operation.
13325//
13326// The context must be non-nil and will be used for request cancellation. If
13327// the context is nil a panic will occur. In the future the SDK may create
13328// sub-contexts for http.Requests. See https://golang.org/pkg/context/
13329// for more information on using Contexts.
13330func (c *IAM) ResyncMFADeviceWithContext(ctx aws.Context, input *ResyncMFADeviceInput, opts ...request.Option) (*ResyncMFADeviceOutput, error) {
13331	req, out := c.ResyncMFADeviceRequest(input)
13332	req.SetContext(ctx)
13333	req.ApplyOptions(opts...)
13334	return out, req.Send()
13335}
13336
13337const opSetDefaultPolicyVersion = "SetDefaultPolicyVersion"
13338
13339// SetDefaultPolicyVersionRequest generates a "aws/request.Request" representing the
13340// client's request for the SetDefaultPolicyVersion operation. The "output" return
13341// value will be populated with the request's response once the request completes
13342// successfully.
13343//
13344// Use "Send" method on the returned Request to send the API call to the service.
13345// the "output" return value is not valid until after Send returns without error.
13346//
13347// See SetDefaultPolicyVersion for more information on using the SetDefaultPolicyVersion
13348// API call, and error handling.
13349//
13350// This method is useful when you want to inject custom logic or configuration
13351// into the SDK's request lifecycle. Such as custom headers, or retry logic.
13352//
13353//
13354//    // Example sending a request using the SetDefaultPolicyVersionRequest method.
13355//    req, resp := client.SetDefaultPolicyVersionRequest(params)
13356//
13357//    err := req.Send()
13358//    if err == nil { // resp is now filled
13359//        fmt.Println(resp)
13360//    }
13361//
13362// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/SetDefaultPolicyVersion
13363func (c *IAM) SetDefaultPolicyVersionRequest(input *SetDefaultPolicyVersionInput) (req *request.Request, output *SetDefaultPolicyVersionOutput) {
13364	op := &request.Operation{
13365		Name:       opSetDefaultPolicyVersion,
13366		HTTPMethod: "POST",
13367		HTTPPath:   "/",
13368	}
13369
13370	if input == nil {
13371		input = &SetDefaultPolicyVersionInput{}
13372	}
13373
13374	output = &SetDefaultPolicyVersionOutput{}
13375	req = c.newRequest(op, input, output)
13376	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
13377	return
13378}
13379
13380// SetDefaultPolicyVersion API operation for AWS Identity and Access Management.
13381//
13382// Sets the specified version of the specified policy as the policy's default
13383// (operative) version.
13384//
13385// This operation affects all users, groups, and roles that the policy is attached
13386// to. To list the users, groups, and roles that the policy is attached to,
13387// use ListEntitiesForPolicy.
13388//
13389// For information about managed policies, see Managed policies and inline policies
13390// (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
13391// in the IAM User Guide.
13392//
13393// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
13394// with awserr.Error's Code and Message methods to get detailed information about
13395// the error.
13396//
13397// See the AWS API reference guide for AWS Identity and Access Management's
13398// API operation SetDefaultPolicyVersion for usage and error information.
13399//
13400// Returned Error Codes:
13401//   * ErrCodeNoSuchEntityException "NoSuchEntity"
13402//   The request was rejected because it referenced a resource entity that does
13403//   not exist. The error message describes the resource.
13404//
13405//   * ErrCodeInvalidInputException "InvalidInput"
13406//   The request was rejected because an invalid or out-of-range value was supplied
13407//   for an input parameter.
13408//
13409//   * ErrCodeLimitExceededException "LimitExceeded"
13410//   The request was rejected because it attempted to create resources beyond
13411//   the current AWS account limits. The error message describes the limit exceeded.
13412//
13413//   * ErrCodeServiceFailureException "ServiceFailure"
13414//   The request processing has failed because of an unknown error, exception
13415//   or failure.
13416//
13417// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/SetDefaultPolicyVersion
13418func (c *IAM) SetDefaultPolicyVersion(input *SetDefaultPolicyVersionInput) (*SetDefaultPolicyVersionOutput, error) {
13419	req, out := c.SetDefaultPolicyVersionRequest(input)
13420	return out, req.Send()
13421}
13422
13423// SetDefaultPolicyVersionWithContext is the same as SetDefaultPolicyVersion with the addition of
13424// the ability to pass a context and additional request options.
13425//
13426// See SetDefaultPolicyVersion for details on how to use this API operation.
13427//
13428// The context must be non-nil and will be used for request cancellation. If
13429// the context is nil a panic will occur. In the future the SDK may create
13430// sub-contexts for http.Requests. See https://golang.org/pkg/context/
13431// for more information on using Contexts.
13432func (c *IAM) SetDefaultPolicyVersionWithContext(ctx aws.Context, input *SetDefaultPolicyVersionInput, opts ...request.Option) (*SetDefaultPolicyVersionOutput, error) {
13433	req, out := c.SetDefaultPolicyVersionRequest(input)
13434	req.SetContext(ctx)
13435	req.ApplyOptions(opts...)
13436	return out, req.Send()
13437}
13438
13439const opSetSecurityTokenServicePreferences = "SetSecurityTokenServicePreferences"
13440
13441// SetSecurityTokenServicePreferencesRequest generates a "aws/request.Request" representing the
13442// client's request for the SetSecurityTokenServicePreferences operation. The "output" return
13443// value will be populated with the request's response once the request completes
13444// successfully.
13445//
13446// Use "Send" method on the returned Request to send the API call to the service.
13447// the "output" return value is not valid until after Send returns without error.
13448//
13449// See SetSecurityTokenServicePreferences for more information on using the SetSecurityTokenServicePreferences
13450// API call, and error handling.
13451//
13452// This method is useful when you want to inject custom logic or configuration
13453// into the SDK's request lifecycle. Such as custom headers, or retry logic.
13454//
13455//
13456//    // Example sending a request using the SetSecurityTokenServicePreferencesRequest method.
13457//    req, resp := client.SetSecurityTokenServicePreferencesRequest(params)
13458//
13459//    err := req.Send()
13460//    if err == nil { // resp is now filled
13461//        fmt.Println(resp)
13462//    }
13463//
13464// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/SetSecurityTokenServicePreferences
13465func (c *IAM) SetSecurityTokenServicePreferencesRequest(input *SetSecurityTokenServicePreferencesInput) (req *request.Request, output *SetSecurityTokenServicePreferencesOutput) {
13466	op := &request.Operation{
13467		Name:       opSetSecurityTokenServicePreferences,
13468		HTTPMethod: "POST",
13469		HTTPPath:   "/",
13470	}
13471
13472	if input == nil {
13473		input = &SetSecurityTokenServicePreferencesInput{}
13474	}
13475
13476	output = &SetSecurityTokenServicePreferencesOutput{}
13477	req = c.newRequest(op, input, output)
13478	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
13479	return
13480}
13481
13482// SetSecurityTokenServicePreferences API operation for AWS Identity and Access Management.
13483//
13484// Sets the specified version of the global endpoint token as the token version
13485// used for the AWS account.
13486//
13487// By default, AWS Security Token Service (STS) is available as a global service,
13488// and all STS requests go to a single endpoint at https://sts.amazonaws.com.
13489// AWS recommends using Regional STS endpoints to reduce latency, build in redundancy,
13490// and increase session token availability. For information about Regional endpoints
13491// for STS, see AWS AWS Security Token Service endpoints and quotas (https://docs.aws.amazon.com/general/latest/gr/sts.html)
13492// in the AWS General Reference.
13493//
13494// If you make an STS call to the global endpoint, the resulting session tokens
13495// might be valid in some Regions but not others. It depends on the version
13496// that is set in this operation. Version 1 tokens are valid only in AWS Regions
13497// that are available by default. These tokens do not work in manually enabled
13498// Regions, such as Asia Pacific (Hong Kong). Version 2 tokens are valid in
13499// all Regions. However, version 2 tokens are longer and might affect systems
13500// where you temporarily store tokens. For information, see Activating and deactivating
13501// STS in an AWS region (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html)
13502// in the IAM User Guide.
13503//
13504// To view the current session token version, see the GlobalEndpointTokenVersion
13505// entry in the response of the GetAccountSummary operation.
13506//
13507// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
13508// with awserr.Error's Code and Message methods to get detailed information about
13509// the error.
13510//
13511// See the AWS API reference guide for AWS Identity and Access Management's
13512// API operation SetSecurityTokenServicePreferences for usage and error information.
13513//
13514// Returned Error Codes:
13515//   * ErrCodeServiceFailureException "ServiceFailure"
13516//   The request processing has failed because of an unknown error, exception
13517//   or failure.
13518//
13519// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/SetSecurityTokenServicePreferences
13520func (c *IAM) SetSecurityTokenServicePreferences(input *SetSecurityTokenServicePreferencesInput) (*SetSecurityTokenServicePreferencesOutput, error) {
13521	req, out := c.SetSecurityTokenServicePreferencesRequest(input)
13522	return out, req.Send()
13523}
13524
13525// SetSecurityTokenServicePreferencesWithContext is the same as SetSecurityTokenServicePreferences with the addition of
13526// the ability to pass a context and additional request options.
13527//
13528// See SetSecurityTokenServicePreferences for details on how to use this API operation.
13529//
13530// The context must be non-nil and will be used for request cancellation. If
13531// the context is nil a panic will occur. In the future the SDK may create
13532// sub-contexts for http.Requests. See https://golang.org/pkg/context/
13533// for more information on using Contexts.
13534func (c *IAM) SetSecurityTokenServicePreferencesWithContext(ctx aws.Context, input *SetSecurityTokenServicePreferencesInput, opts ...request.Option) (*SetSecurityTokenServicePreferencesOutput, error) {
13535	req, out := c.SetSecurityTokenServicePreferencesRequest(input)
13536	req.SetContext(ctx)
13537	req.ApplyOptions(opts...)
13538	return out, req.Send()
13539}
13540
13541const opSimulateCustomPolicy = "SimulateCustomPolicy"
13542
13543// SimulateCustomPolicyRequest generates a "aws/request.Request" representing the
13544// client's request for the SimulateCustomPolicy operation. The "output" return
13545// value will be populated with the request's response once the request completes
13546// successfully.
13547//
13548// Use "Send" method on the returned Request to send the API call to the service.
13549// the "output" return value is not valid until after Send returns without error.
13550//
13551// See SimulateCustomPolicy for more information on using the SimulateCustomPolicy
13552// API call, and error handling.
13553//
13554// This method is useful when you want to inject custom logic or configuration
13555// into the SDK's request lifecycle. Such as custom headers, or retry logic.
13556//
13557//
13558//    // Example sending a request using the SimulateCustomPolicyRequest method.
13559//    req, resp := client.SimulateCustomPolicyRequest(params)
13560//
13561//    err := req.Send()
13562//    if err == nil { // resp is now filled
13563//        fmt.Println(resp)
13564//    }
13565//
13566// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/SimulateCustomPolicy
13567func (c *IAM) SimulateCustomPolicyRequest(input *SimulateCustomPolicyInput) (req *request.Request, output *SimulatePolicyResponse) {
13568	op := &request.Operation{
13569		Name:       opSimulateCustomPolicy,
13570		HTTPMethod: "POST",
13571		HTTPPath:   "/",
13572		Paginator: &request.Paginator{
13573			InputTokens:     []string{"Marker"},
13574			OutputTokens:    []string{"Marker"},
13575			LimitToken:      "MaxItems",
13576			TruncationToken: "IsTruncated",
13577		},
13578	}
13579
13580	if input == nil {
13581		input = &SimulateCustomPolicyInput{}
13582	}
13583
13584	output = &SimulatePolicyResponse{}
13585	req = c.newRequest(op, input, output)
13586	return
13587}
13588
13589// SimulateCustomPolicy API operation for AWS Identity and Access Management.
13590//
13591// Simulate how a set of IAM policies and optionally a resource-based policy
13592// works with a list of API operations and AWS resources to determine the policies'
13593// effective permissions. The policies are provided as strings.
13594//
13595// The simulation does not perform the API operations; it only checks the authorization
13596// to determine if the simulated policies allow or deny the operations. You
13597// can simulate resources that don't exist in your account.
13598//
13599// If you want to simulate existing policies that are attached to an IAM user,
13600// group, or role, use SimulatePrincipalPolicy instead.
13601//
13602// Context keys are variables that are maintained by AWS and its services and
13603// which provide details about the context of an API query request. You can
13604// use the Condition element of an IAM policy to evaluate context keys. To get
13605// the list of context keys that the policies require for correct simulation,
13606// use GetContextKeysForCustomPolicy.
13607//
13608// If the output is long, you can use MaxItems and Marker parameters to paginate
13609// the results.
13610//
13611// For more information about using the policy simulator, see Testing IAM policies
13612// with the IAM policy simulator (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_testing-policies.html)in
13613// the IAM User Guide.
13614//
13615// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
13616// with awserr.Error's Code and Message methods to get detailed information about
13617// the error.
13618//
13619// See the AWS API reference guide for AWS Identity and Access Management's
13620// API operation SimulateCustomPolicy for usage and error information.
13621//
13622// Returned Error Codes:
13623//   * ErrCodeInvalidInputException "InvalidInput"
13624//   The request was rejected because an invalid or out-of-range value was supplied
13625//   for an input parameter.
13626//
13627//   * ErrCodePolicyEvaluationException "PolicyEvaluation"
13628//   The request failed because a provided policy could not be successfully evaluated.
13629//   An additional detailed message indicates the source of the failure.
13630//
13631// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/SimulateCustomPolicy
13632func (c *IAM) SimulateCustomPolicy(input *SimulateCustomPolicyInput) (*SimulatePolicyResponse, error) {
13633	req, out := c.SimulateCustomPolicyRequest(input)
13634	return out, req.Send()
13635}
13636
13637// SimulateCustomPolicyWithContext is the same as SimulateCustomPolicy with the addition of
13638// the ability to pass a context and additional request options.
13639//
13640// See SimulateCustomPolicy for details on how to use this API operation.
13641//
13642// The context must be non-nil and will be used for request cancellation. If
13643// the context is nil a panic will occur. In the future the SDK may create
13644// sub-contexts for http.Requests. See https://golang.org/pkg/context/
13645// for more information on using Contexts.
13646func (c *IAM) SimulateCustomPolicyWithContext(ctx aws.Context, input *SimulateCustomPolicyInput, opts ...request.Option) (*SimulatePolicyResponse, error) {
13647	req, out := c.SimulateCustomPolicyRequest(input)
13648	req.SetContext(ctx)
13649	req.ApplyOptions(opts...)
13650	return out, req.Send()
13651}
13652
13653// SimulateCustomPolicyPages iterates over the pages of a SimulateCustomPolicy operation,
13654// calling the "fn" function with the response data for each page. To stop
13655// iterating, return false from the fn function.
13656//
13657// See SimulateCustomPolicy method for more information on how to use this operation.
13658//
13659// Note: This operation can generate multiple requests to a service.
13660//
13661//    // Example iterating over at most 3 pages of a SimulateCustomPolicy operation.
13662//    pageNum := 0
13663//    err := client.SimulateCustomPolicyPages(params,
13664//        func(page *iam.SimulatePolicyResponse, lastPage bool) bool {
13665//            pageNum++
13666//            fmt.Println(page)
13667//            return pageNum <= 3
13668//        })
13669//
13670func (c *IAM) SimulateCustomPolicyPages(input *SimulateCustomPolicyInput, fn func(*SimulatePolicyResponse, bool) bool) error {
13671	return c.SimulateCustomPolicyPagesWithContext(aws.BackgroundContext(), input, fn)
13672}
13673
13674// SimulateCustomPolicyPagesWithContext same as SimulateCustomPolicyPages except
13675// it takes a Context and allows setting request options on the pages.
13676//
13677// The context must be non-nil and will be used for request cancellation. If
13678// the context is nil a panic will occur. In the future the SDK may create
13679// sub-contexts for http.Requests. See https://golang.org/pkg/context/
13680// for more information on using Contexts.
13681func (c *IAM) SimulateCustomPolicyPagesWithContext(ctx aws.Context, input *SimulateCustomPolicyInput, fn func(*SimulatePolicyResponse, bool) bool, opts ...request.Option) error {
13682	p := request.Pagination{
13683		NewRequest: func() (*request.Request, error) {
13684			var inCpy *SimulateCustomPolicyInput
13685			if input != nil {
13686				tmp := *input
13687				inCpy = &tmp
13688			}
13689			req, _ := c.SimulateCustomPolicyRequest(inCpy)
13690			req.SetContext(ctx)
13691			req.ApplyOptions(opts...)
13692			return req, nil
13693		},
13694	}
13695
13696	for p.Next() {
13697		if !fn(p.Page().(*SimulatePolicyResponse), !p.HasNextPage()) {
13698			break
13699		}
13700	}
13701
13702	return p.Err()
13703}
13704
13705const opSimulatePrincipalPolicy = "SimulatePrincipalPolicy"
13706
13707// SimulatePrincipalPolicyRequest generates a "aws/request.Request" representing the
13708// client's request for the SimulatePrincipalPolicy operation. The "output" return
13709// value will be populated with the request's response once the request completes
13710// successfully.
13711//
13712// Use "Send" method on the returned Request to send the API call to the service.
13713// the "output" return value is not valid until after Send returns without error.
13714//
13715// See SimulatePrincipalPolicy for more information on using the SimulatePrincipalPolicy
13716// API call, and error handling.
13717//
13718// This method is useful when you want to inject custom logic or configuration
13719// into the SDK's request lifecycle. Such as custom headers, or retry logic.
13720//
13721//
13722//    // Example sending a request using the SimulatePrincipalPolicyRequest method.
13723//    req, resp := client.SimulatePrincipalPolicyRequest(params)
13724//
13725//    err := req.Send()
13726//    if err == nil { // resp is now filled
13727//        fmt.Println(resp)
13728//    }
13729//
13730// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/SimulatePrincipalPolicy
13731func (c *IAM) SimulatePrincipalPolicyRequest(input *SimulatePrincipalPolicyInput) (req *request.Request, output *SimulatePolicyResponse) {
13732	op := &request.Operation{
13733		Name:       opSimulatePrincipalPolicy,
13734		HTTPMethod: "POST",
13735		HTTPPath:   "/",
13736		Paginator: &request.Paginator{
13737			InputTokens:     []string{"Marker"},
13738			OutputTokens:    []string{"Marker"},
13739			LimitToken:      "MaxItems",
13740			TruncationToken: "IsTruncated",
13741		},
13742	}
13743
13744	if input == nil {
13745		input = &SimulatePrincipalPolicyInput{}
13746	}
13747
13748	output = &SimulatePolicyResponse{}
13749	req = c.newRequest(op, input, output)
13750	return
13751}
13752
13753// SimulatePrincipalPolicy API operation for AWS Identity and Access Management.
13754//
13755// Simulate how a set of IAM policies attached to an IAM entity works with a
13756// list of API operations and AWS resources to determine the policies' effective
13757// permissions. The entity can be an IAM user, group, or role. If you specify
13758// a user, then the simulation also includes all of the policies that are attached
13759// to groups that the user belongs to. You can simulate resources that don't
13760// exist in your account.
13761//
13762// You can optionally include a list of one or more additional policies specified
13763// as strings to include in the simulation. If you want to simulate only policies
13764// specified as strings, use SimulateCustomPolicy instead.
13765//
13766// You can also optionally include one resource-based policy to be evaluated
13767// with each of the resources included in the simulation.
13768//
13769// The simulation does not perform the API operations; it only checks the authorization
13770// to determine if the simulated policies allow or deny the operations.
13771//
13772// Note: This operation discloses information about the permissions granted
13773// to other users. If you do not want users to see other user's permissions,
13774// then consider allowing them to use SimulateCustomPolicy instead.
13775//
13776// Context keys are variables maintained by AWS and its services that provide
13777// details about the context of an API query request. You can use the Condition
13778// element of an IAM policy to evaluate context keys. To get the list of context
13779// keys that the policies require for correct simulation, use GetContextKeysForPrincipalPolicy.
13780//
13781// If the output is long, you can use the MaxItems and Marker parameters to
13782// paginate the results.
13783//
13784// For more information about using the policy simulator, see Testing IAM policies
13785// with the IAM policy simulator (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_testing-policies.html)in
13786// the IAM User Guide.
13787//
13788// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
13789// with awserr.Error's Code and Message methods to get detailed information about
13790// the error.
13791//
13792// See the AWS API reference guide for AWS Identity and Access Management's
13793// API operation SimulatePrincipalPolicy for usage and error information.
13794//
13795// Returned Error Codes:
13796//   * ErrCodeNoSuchEntityException "NoSuchEntity"
13797//   The request was rejected because it referenced a resource entity that does
13798//   not exist. The error message describes the resource.
13799//
13800//   * ErrCodeInvalidInputException "InvalidInput"
13801//   The request was rejected because an invalid or out-of-range value was supplied
13802//   for an input parameter.
13803//
13804//   * ErrCodePolicyEvaluationException "PolicyEvaluation"
13805//   The request failed because a provided policy could not be successfully evaluated.
13806//   An additional detailed message indicates the source of the failure.
13807//
13808// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/SimulatePrincipalPolicy
13809func (c *IAM) SimulatePrincipalPolicy(input *SimulatePrincipalPolicyInput) (*SimulatePolicyResponse, error) {
13810	req, out := c.SimulatePrincipalPolicyRequest(input)
13811	return out, req.Send()
13812}
13813
13814// SimulatePrincipalPolicyWithContext is the same as SimulatePrincipalPolicy with the addition of
13815// the ability to pass a context and additional request options.
13816//
13817// See SimulatePrincipalPolicy for details on how to use this API operation.
13818//
13819// The context must be non-nil and will be used for request cancellation. If
13820// the context is nil a panic will occur. In the future the SDK may create
13821// sub-contexts for http.Requests. See https://golang.org/pkg/context/
13822// for more information on using Contexts.
13823func (c *IAM) SimulatePrincipalPolicyWithContext(ctx aws.Context, input *SimulatePrincipalPolicyInput, opts ...request.Option) (*SimulatePolicyResponse, error) {
13824	req, out := c.SimulatePrincipalPolicyRequest(input)
13825	req.SetContext(ctx)
13826	req.ApplyOptions(opts...)
13827	return out, req.Send()
13828}
13829
13830// SimulatePrincipalPolicyPages iterates over the pages of a SimulatePrincipalPolicy operation,
13831// calling the "fn" function with the response data for each page. To stop
13832// iterating, return false from the fn function.
13833//
13834// See SimulatePrincipalPolicy method for more information on how to use this operation.
13835//
13836// Note: This operation can generate multiple requests to a service.
13837//
13838//    // Example iterating over at most 3 pages of a SimulatePrincipalPolicy operation.
13839//    pageNum := 0
13840//    err := client.SimulatePrincipalPolicyPages(params,
13841//        func(page *iam.SimulatePolicyResponse, lastPage bool) bool {
13842//            pageNum++
13843//            fmt.Println(page)
13844//            return pageNum <= 3
13845//        })
13846//
13847func (c *IAM) SimulatePrincipalPolicyPages(input *SimulatePrincipalPolicyInput, fn func(*SimulatePolicyResponse, bool) bool) error {
13848	return c.SimulatePrincipalPolicyPagesWithContext(aws.BackgroundContext(), input, fn)
13849}
13850
13851// SimulatePrincipalPolicyPagesWithContext same as SimulatePrincipalPolicyPages except
13852// it takes a Context and allows setting request options on the pages.
13853//
13854// The context must be non-nil and will be used for request cancellation. If
13855// the context is nil a panic will occur. In the future the SDK may create
13856// sub-contexts for http.Requests. See https://golang.org/pkg/context/
13857// for more information on using Contexts.
13858func (c *IAM) SimulatePrincipalPolicyPagesWithContext(ctx aws.Context, input *SimulatePrincipalPolicyInput, fn func(*SimulatePolicyResponse, bool) bool, opts ...request.Option) error {
13859	p := request.Pagination{
13860		NewRequest: func() (*request.Request, error) {
13861			var inCpy *SimulatePrincipalPolicyInput
13862			if input != nil {
13863				tmp := *input
13864				inCpy = &tmp
13865			}
13866			req, _ := c.SimulatePrincipalPolicyRequest(inCpy)
13867			req.SetContext(ctx)
13868			req.ApplyOptions(opts...)
13869			return req, nil
13870		},
13871	}
13872
13873	for p.Next() {
13874		if !fn(p.Page().(*SimulatePolicyResponse), !p.HasNextPage()) {
13875			break
13876		}
13877	}
13878
13879	return p.Err()
13880}
13881
13882const opTagInstanceProfile = "TagInstanceProfile"
13883
13884// TagInstanceProfileRequest generates a "aws/request.Request" representing the
13885// client's request for the TagInstanceProfile operation. The "output" return
13886// value will be populated with the request's response once the request completes
13887// successfully.
13888//
13889// Use "Send" method on the returned Request to send the API call to the service.
13890// the "output" return value is not valid until after Send returns without error.
13891//
13892// See TagInstanceProfile for more information on using the TagInstanceProfile
13893// API call, and error handling.
13894//
13895// This method is useful when you want to inject custom logic or configuration
13896// into the SDK's request lifecycle. Such as custom headers, or retry logic.
13897//
13898//
13899//    // Example sending a request using the TagInstanceProfileRequest method.
13900//    req, resp := client.TagInstanceProfileRequest(params)
13901//
13902//    err := req.Send()
13903//    if err == nil { // resp is now filled
13904//        fmt.Println(resp)
13905//    }
13906//
13907// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/TagInstanceProfile
13908func (c *IAM) TagInstanceProfileRequest(input *TagInstanceProfileInput) (req *request.Request, output *TagInstanceProfileOutput) {
13909	op := &request.Operation{
13910		Name:       opTagInstanceProfile,
13911		HTTPMethod: "POST",
13912		HTTPPath:   "/",
13913	}
13914
13915	if input == nil {
13916		input = &TagInstanceProfileInput{}
13917	}
13918
13919	output = &TagInstanceProfileOutput{}
13920	req = c.newRequest(op, input, output)
13921	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
13922	return
13923}
13924
13925// TagInstanceProfile API operation for AWS Identity and Access Management.
13926//
13927// Adds one or more tags to an IAM instance profile. If a tag with the same
13928// key name already exists, then that tag is overwritten with the new value.
13929//
13930// Each tag consists of a key name and an associated value. By assigning tags
13931// to your resources, you can do the following:
13932//
13933//    * Administrative grouping and discovery - Attach tags to resources to
13934//    aid in organization and search. For example, you could search for all
13935//    resources with the key name Project and the value MyImportantProject.
13936//    Or search for all resources with the key name Cost Center and the value
13937//    41200.
13938//
13939//    * Access control - Include tags in IAM user-based and resource-based policies.
13940//    You can use tags to restrict access to only an IAM instance profile that
13941//    has a specified tag attached. For examples of policies that show how to
13942//    use tags to control access, see Control access using IAM tags (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_tags.html)
13943//    in the IAM User Guide.
13944//
13945//    * If any one of the tags is invalid or if you exceed the allowed maximum
13946//    number of tags, then the entire request fails and the resource is not
13947//    created. For more information about tagging, see Tagging IAM resources
13948//    (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the
13949//    IAM User Guide.
13950//
13951//    * AWS always interprets the tag Value as a single string. If you need
13952//    to store an array, you can store comma-separated values in the string.
13953//    However, you must interpret the value in your code.
13954//
13955// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
13956// with awserr.Error's Code and Message methods to get detailed information about
13957// the error.
13958//
13959// See the AWS API reference guide for AWS Identity and Access Management's
13960// API operation TagInstanceProfile for usage and error information.
13961//
13962// Returned Error Codes:
13963//   * ErrCodeNoSuchEntityException "NoSuchEntity"
13964//   The request was rejected because it referenced a resource entity that does
13965//   not exist. The error message describes the resource.
13966//
13967//   * ErrCodeInvalidInputException "InvalidInput"
13968//   The request was rejected because an invalid or out-of-range value was supplied
13969//   for an input parameter.
13970//
13971//   * ErrCodeLimitExceededException "LimitExceeded"
13972//   The request was rejected because it attempted to create resources beyond
13973//   the current AWS account limits. The error message describes the limit exceeded.
13974//
13975//   * ErrCodeConcurrentModificationException "ConcurrentModification"
13976//   The request was rejected because multiple requests to change this object
13977//   were submitted simultaneously. Wait a few minutes and submit your request
13978//   again.
13979//
13980//   * ErrCodeServiceFailureException "ServiceFailure"
13981//   The request processing has failed because of an unknown error, exception
13982//   or failure.
13983//
13984// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/TagInstanceProfile
13985func (c *IAM) TagInstanceProfile(input *TagInstanceProfileInput) (*TagInstanceProfileOutput, error) {
13986	req, out := c.TagInstanceProfileRequest(input)
13987	return out, req.Send()
13988}
13989
13990// TagInstanceProfileWithContext is the same as TagInstanceProfile with the addition of
13991// the ability to pass a context and additional request options.
13992//
13993// See TagInstanceProfile for details on how to use this API operation.
13994//
13995// The context must be non-nil and will be used for request cancellation. If
13996// the context is nil a panic will occur. In the future the SDK may create
13997// sub-contexts for http.Requests. See https://golang.org/pkg/context/
13998// for more information on using Contexts.
13999func (c *IAM) TagInstanceProfileWithContext(ctx aws.Context, input *TagInstanceProfileInput, opts ...request.Option) (*TagInstanceProfileOutput, error) {
14000	req, out := c.TagInstanceProfileRequest(input)
14001	req.SetContext(ctx)
14002	req.ApplyOptions(opts...)
14003	return out, req.Send()
14004}
14005
14006const opTagMFADevice = "TagMFADevice"
14007
14008// TagMFADeviceRequest generates a "aws/request.Request" representing the
14009// client's request for the TagMFADevice operation. The "output" return
14010// value will be populated with the request's response once the request completes
14011// successfully.
14012//
14013// Use "Send" method on the returned Request to send the API call to the service.
14014// the "output" return value is not valid until after Send returns without error.
14015//
14016// See TagMFADevice for more information on using the TagMFADevice
14017// API call, and error handling.
14018//
14019// This method is useful when you want to inject custom logic or configuration
14020// into the SDK's request lifecycle. Such as custom headers, or retry logic.
14021//
14022//
14023//    // Example sending a request using the TagMFADeviceRequest method.
14024//    req, resp := client.TagMFADeviceRequest(params)
14025//
14026//    err := req.Send()
14027//    if err == nil { // resp is now filled
14028//        fmt.Println(resp)
14029//    }
14030//
14031// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/TagMFADevice
14032func (c *IAM) TagMFADeviceRequest(input *TagMFADeviceInput) (req *request.Request, output *TagMFADeviceOutput) {
14033	op := &request.Operation{
14034		Name:       opTagMFADevice,
14035		HTTPMethod: "POST",
14036		HTTPPath:   "/",
14037	}
14038
14039	if input == nil {
14040		input = &TagMFADeviceInput{}
14041	}
14042
14043	output = &TagMFADeviceOutput{}
14044	req = c.newRequest(op, input, output)
14045	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
14046	return
14047}
14048
14049// TagMFADevice API operation for AWS Identity and Access Management.
14050//
14051// Adds one or more tags to an IAM virtual multi-factor authentication (MFA)
14052// device. If a tag with the same key name already exists, then that tag is
14053// overwritten with the new value.
14054//
14055// A tag consists of a key name and an associated value. By assigning tags to
14056// your resources, you can do the following:
14057//
14058//    * Administrative grouping and discovery - Attach tags to resources to
14059//    aid in organization and search. For example, you could search for all
14060//    resources with the key name Project and the value MyImportantProject.
14061//    Or search for all resources with the key name Cost Center and the value
14062//    41200.
14063//
14064//    * Access control - Include tags in IAM user-based and resource-based policies.
14065//    You can use tags to restrict access to only an IAM virtual MFA device
14066//    that has a specified tag attached. For examples of policies that show
14067//    how to use tags to control access, see Control access using IAM tags (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_tags.html)
14068//    in the IAM User Guide.
14069//
14070//    * If any one of the tags is invalid or if you exceed the allowed maximum
14071//    number of tags, then the entire request fails and the resource is not
14072//    created. For more information about tagging, see Tagging IAM resources
14073//    (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the
14074//    IAM User Guide.
14075//
14076//    * AWS always interprets the tag Value as a single string. If you need
14077//    to store an array, you can store comma-separated values in the string.
14078//    However, you must interpret the value in your code.
14079//
14080// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
14081// with awserr.Error's Code and Message methods to get detailed information about
14082// the error.
14083//
14084// See the AWS API reference guide for AWS Identity and Access Management's
14085// API operation TagMFADevice for usage and error information.
14086//
14087// Returned Error Codes:
14088//   * ErrCodeInvalidInputException "InvalidInput"
14089//   The request was rejected because an invalid or out-of-range value was supplied
14090//   for an input parameter.
14091//
14092//   * ErrCodeNoSuchEntityException "NoSuchEntity"
14093//   The request was rejected because it referenced a resource entity that does
14094//   not exist. The error message describes the resource.
14095//
14096//   * ErrCodeLimitExceededException "LimitExceeded"
14097//   The request was rejected because it attempted to create resources beyond
14098//   the current AWS account limits. The error message describes the limit exceeded.
14099//
14100//   * ErrCodeConcurrentModificationException "ConcurrentModification"
14101//   The request was rejected because multiple requests to change this object
14102//   were submitted simultaneously. Wait a few minutes and submit your request
14103//   again.
14104//
14105//   * ErrCodeServiceFailureException "ServiceFailure"
14106//   The request processing has failed because of an unknown error, exception
14107//   or failure.
14108//
14109// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/TagMFADevice
14110func (c *IAM) TagMFADevice(input *TagMFADeviceInput) (*TagMFADeviceOutput, error) {
14111	req, out := c.TagMFADeviceRequest(input)
14112	return out, req.Send()
14113}
14114
14115// TagMFADeviceWithContext is the same as TagMFADevice with the addition of
14116// the ability to pass a context and additional request options.
14117//
14118// See TagMFADevice for details on how to use this API operation.
14119//
14120// The context must be non-nil and will be used for request cancellation. If
14121// the context is nil a panic will occur. In the future the SDK may create
14122// sub-contexts for http.Requests. See https://golang.org/pkg/context/
14123// for more information on using Contexts.
14124func (c *IAM) TagMFADeviceWithContext(ctx aws.Context, input *TagMFADeviceInput, opts ...request.Option) (*TagMFADeviceOutput, error) {
14125	req, out := c.TagMFADeviceRequest(input)
14126	req.SetContext(ctx)
14127	req.ApplyOptions(opts...)
14128	return out, req.Send()
14129}
14130
14131const opTagOpenIDConnectProvider = "TagOpenIDConnectProvider"
14132
14133// TagOpenIDConnectProviderRequest generates a "aws/request.Request" representing the
14134// client's request for the TagOpenIDConnectProvider operation. The "output" return
14135// value will be populated with the request's response once the request completes
14136// successfully.
14137//
14138// Use "Send" method on the returned Request to send the API call to the service.
14139// the "output" return value is not valid until after Send returns without error.
14140//
14141// See TagOpenIDConnectProvider for more information on using the TagOpenIDConnectProvider
14142// API call, and error handling.
14143//
14144// This method is useful when you want to inject custom logic or configuration
14145// into the SDK's request lifecycle. Such as custom headers, or retry logic.
14146//
14147//
14148//    // Example sending a request using the TagOpenIDConnectProviderRequest method.
14149//    req, resp := client.TagOpenIDConnectProviderRequest(params)
14150//
14151//    err := req.Send()
14152//    if err == nil { // resp is now filled
14153//        fmt.Println(resp)
14154//    }
14155//
14156// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/TagOpenIDConnectProvider
14157func (c *IAM) TagOpenIDConnectProviderRequest(input *TagOpenIDConnectProviderInput) (req *request.Request, output *TagOpenIDConnectProviderOutput) {
14158	op := &request.Operation{
14159		Name:       opTagOpenIDConnectProvider,
14160		HTTPMethod: "POST",
14161		HTTPPath:   "/",
14162	}
14163
14164	if input == nil {
14165		input = &TagOpenIDConnectProviderInput{}
14166	}
14167
14168	output = &TagOpenIDConnectProviderOutput{}
14169	req = c.newRequest(op, input, output)
14170	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
14171	return
14172}
14173
14174// TagOpenIDConnectProvider API operation for AWS Identity and Access Management.
14175//
14176// Adds one or more tags to an OpenID Connect (OIDC)-compatible identity provider.
14177// For more information about these providers, see About web identity federation
14178// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_oidc.html).
14179// If a tag with the same key name already exists, then that tag is overwritten
14180// with the new value.
14181//
14182// A tag consists of a key name and an associated value. By assigning tags to
14183// your resources, you can do the following:
14184//
14185//    * Administrative grouping and discovery - Attach tags to resources to
14186//    aid in organization and search. For example, you could search for all
14187//    resources with the key name Project and the value MyImportantProject.
14188//    Or search for all resources with the key name Cost Center and the value
14189//    41200.
14190//
14191//    * Access control - Include tags in IAM user-based and resource-based policies.
14192//    You can use tags to restrict access to only an OIDC provider that has
14193//    a specified tag attached. For examples of policies that show how to use
14194//    tags to control access, see Control access using IAM tags (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_tags.html)
14195//    in the IAM User Guide.
14196//
14197//    * If any one of the tags is invalid or if you exceed the allowed maximum
14198//    number of tags, then the entire request fails and the resource is not
14199//    created. For more information about tagging, see Tagging IAM resources
14200//    (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the
14201//    IAM User Guide.
14202//
14203//    * AWS always interprets the tag Value as a single string. If you need
14204//    to store an array, you can store comma-separated values in the string.
14205//    However, you must interpret the value in your code.
14206//
14207// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
14208// with awserr.Error's Code and Message methods to get detailed information about
14209// the error.
14210//
14211// See the AWS API reference guide for AWS Identity and Access Management's
14212// API operation TagOpenIDConnectProvider for usage and error information.
14213//
14214// Returned Error Codes:
14215//   * ErrCodeNoSuchEntityException "NoSuchEntity"
14216//   The request was rejected because it referenced a resource entity that does
14217//   not exist. The error message describes the resource.
14218//
14219//   * ErrCodeLimitExceededException "LimitExceeded"
14220//   The request was rejected because it attempted to create resources beyond
14221//   the current AWS account limits. The error message describes the limit exceeded.
14222//
14223//   * ErrCodeInvalidInputException "InvalidInput"
14224//   The request was rejected because an invalid or out-of-range value was supplied
14225//   for an input parameter.
14226//
14227//   * ErrCodeConcurrentModificationException "ConcurrentModification"
14228//   The request was rejected because multiple requests to change this object
14229//   were submitted simultaneously. Wait a few minutes and submit your request
14230//   again.
14231//
14232//   * ErrCodeServiceFailureException "ServiceFailure"
14233//   The request processing has failed because of an unknown error, exception
14234//   or failure.
14235//
14236// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/TagOpenIDConnectProvider
14237func (c *IAM) TagOpenIDConnectProvider(input *TagOpenIDConnectProviderInput) (*TagOpenIDConnectProviderOutput, error) {
14238	req, out := c.TagOpenIDConnectProviderRequest(input)
14239	return out, req.Send()
14240}
14241
14242// TagOpenIDConnectProviderWithContext is the same as TagOpenIDConnectProvider with the addition of
14243// the ability to pass a context and additional request options.
14244//
14245// See TagOpenIDConnectProvider for details on how to use this API operation.
14246//
14247// The context must be non-nil and will be used for request cancellation. If
14248// the context is nil a panic will occur. In the future the SDK may create
14249// sub-contexts for http.Requests. See https://golang.org/pkg/context/
14250// for more information on using Contexts.
14251func (c *IAM) TagOpenIDConnectProviderWithContext(ctx aws.Context, input *TagOpenIDConnectProviderInput, opts ...request.Option) (*TagOpenIDConnectProviderOutput, error) {
14252	req, out := c.TagOpenIDConnectProviderRequest(input)
14253	req.SetContext(ctx)
14254	req.ApplyOptions(opts...)
14255	return out, req.Send()
14256}
14257
14258const opTagPolicy = "TagPolicy"
14259
14260// TagPolicyRequest generates a "aws/request.Request" representing the
14261// client's request for the TagPolicy operation. The "output" return
14262// value will be populated with the request's response once the request completes
14263// successfully.
14264//
14265// Use "Send" method on the returned Request to send the API call to the service.
14266// the "output" return value is not valid until after Send returns without error.
14267//
14268// See TagPolicy for more information on using the TagPolicy
14269// API call, and error handling.
14270//
14271// This method is useful when you want to inject custom logic or configuration
14272// into the SDK's request lifecycle. Such as custom headers, or retry logic.
14273//
14274//
14275//    // Example sending a request using the TagPolicyRequest method.
14276//    req, resp := client.TagPolicyRequest(params)
14277//
14278//    err := req.Send()
14279//    if err == nil { // resp is now filled
14280//        fmt.Println(resp)
14281//    }
14282//
14283// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/TagPolicy
14284func (c *IAM) TagPolicyRequest(input *TagPolicyInput) (req *request.Request, output *TagPolicyOutput) {
14285	op := &request.Operation{
14286		Name:       opTagPolicy,
14287		HTTPMethod: "POST",
14288		HTTPPath:   "/",
14289	}
14290
14291	if input == nil {
14292		input = &TagPolicyInput{}
14293	}
14294
14295	output = &TagPolicyOutput{}
14296	req = c.newRequest(op, input, output)
14297	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
14298	return
14299}
14300
14301// TagPolicy API operation for AWS Identity and Access Management.
14302//
14303// Adds one or more tags to an IAM customer managed policy. If a tag with the
14304// same key name already exists, then that tag is overwritten with the new value.
14305//
14306// A tag consists of a key name and an associated value. By assigning tags to
14307// your resources, you can do the following:
14308//
14309//    * Administrative grouping and discovery - Attach tags to resources to
14310//    aid in organization and search. For example, you could search for all
14311//    resources with the key name Project and the value MyImportantProject.
14312//    Or search for all resources with the key name Cost Center and the value
14313//    41200.
14314//
14315//    * Access control - Include tags in IAM user-based and resource-based policies.
14316//    You can use tags to restrict access to only an IAM customer managed policy
14317//    that has a specified tag attached. For examples of policies that show
14318//    how to use tags to control access, see Control access using IAM tags (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_tags.html)
14319//    in the IAM User Guide.
14320//
14321//    * If any one of the tags is invalid or if you exceed the allowed maximum
14322//    number of tags, then the entire request fails and the resource is not
14323//    created. For more information about tagging, see Tagging IAM resources
14324//    (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the
14325//    IAM User Guide.
14326//
14327//    * AWS always interprets the tag Value as a single string. If you need
14328//    to store an array, you can store comma-separated values in the string.
14329//    However, you must interpret the value in your code.
14330//
14331// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
14332// with awserr.Error's Code and Message methods to get detailed information about
14333// the error.
14334//
14335// See the AWS API reference guide for AWS Identity and Access Management's
14336// API operation TagPolicy for usage and error information.
14337//
14338// Returned Error Codes:
14339//   * ErrCodeNoSuchEntityException "NoSuchEntity"
14340//   The request was rejected because it referenced a resource entity that does
14341//   not exist. The error message describes the resource.
14342//
14343//   * ErrCodeLimitExceededException "LimitExceeded"
14344//   The request was rejected because it attempted to create resources beyond
14345//   the current AWS account limits. The error message describes the limit exceeded.
14346//
14347//   * ErrCodeInvalidInputException "InvalidInput"
14348//   The request was rejected because an invalid or out-of-range value was supplied
14349//   for an input parameter.
14350//
14351//   * ErrCodeConcurrentModificationException "ConcurrentModification"
14352//   The request was rejected because multiple requests to change this object
14353//   were submitted simultaneously. Wait a few minutes and submit your request
14354//   again.
14355//
14356//   * ErrCodeServiceFailureException "ServiceFailure"
14357//   The request processing has failed because of an unknown error, exception
14358//   or failure.
14359//
14360// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/TagPolicy
14361func (c *IAM) TagPolicy(input *TagPolicyInput) (*TagPolicyOutput, error) {
14362	req, out := c.TagPolicyRequest(input)
14363	return out, req.Send()
14364}
14365
14366// TagPolicyWithContext is the same as TagPolicy with the addition of
14367// the ability to pass a context and additional request options.
14368//
14369// See TagPolicy for details on how to use this API operation.
14370//
14371// The context must be non-nil and will be used for request cancellation. If
14372// the context is nil a panic will occur. In the future the SDK may create
14373// sub-contexts for http.Requests. See https://golang.org/pkg/context/
14374// for more information on using Contexts.
14375func (c *IAM) TagPolicyWithContext(ctx aws.Context, input *TagPolicyInput, opts ...request.Option) (*TagPolicyOutput, error) {
14376	req, out := c.TagPolicyRequest(input)
14377	req.SetContext(ctx)
14378	req.ApplyOptions(opts...)
14379	return out, req.Send()
14380}
14381
14382const opTagRole = "TagRole"
14383
14384// TagRoleRequest generates a "aws/request.Request" representing the
14385// client's request for the TagRole operation. The "output" return
14386// value will be populated with the request's response once the request completes
14387// successfully.
14388//
14389// Use "Send" method on the returned Request to send the API call to the service.
14390// the "output" return value is not valid until after Send returns without error.
14391//
14392// See TagRole for more information on using the TagRole
14393// API call, and error handling.
14394//
14395// This method is useful when you want to inject custom logic or configuration
14396// into the SDK's request lifecycle. Such as custom headers, or retry logic.
14397//
14398//
14399//    // Example sending a request using the TagRoleRequest method.
14400//    req, resp := client.TagRoleRequest(params)
14401//
14402//    err := req.Send()
14403//    if err == nil { // resp is now filled
14404//        fmt.Println(resp)
14405//    }
14406//
14407// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/TagRole
14408func (c *IAM) TagRoleRequest(input *TagRoleInput) (req *request.Request, output *TagRoleOutput) {
14409	op := &request.Operation{
14410		Name:       opTagRole,
14411		HTTPMethod: "POST",
14412		HTTPPath:   "/",
14413	}
14414
14415	if input == nil {
14416		input = &TagRoleInput{}
14417	}
14418
14419	output = &TagRoleOutput{}
14420	req = c.newRequest(op, input, output)
14421	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
14422	return
14423}
14424
14425// TagRole API operation for AWS Identity and Access Management.
14426//
14427// Adds one or more tags to an IAM role. The role can be a regular role or a
14428// service-linked role. If a tag with the same key name already exists, then
14429// that tag is overwritten with the new value.
14430//
14431// A tag consists of a key name and an associated value. By assigning tags to
14432// your resources, you can do the following:
14433//
14434//    * Administrative grouping and discovery - Attach tags to resources to
14435//    aid in organization and search. For example, you could search for all
14436//    resources with the key name Project and the value MyImportantProject.
14437//    Or search for all resources with the key name Cost Center and the value
14438//    41200.
14439//
14440//    * Access control - Include tags in IAM user-based and resource-based policies.
14441//    You can use tags to restrict access to only an IAM role that has a specified
14442//    tag attached. You can also restrict access to only those resources that
14443//    have a certain tag attached. For examples of policies that show how to
14444//    use tags to control access, see Control access using IAM tags (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_tags.html)
14445//    in the IAM User Guide.
14446//
14447//    * Cost allocation - Use tags to help track which individuals and teams
14448//    are using which AWS resources.
14449//
14450//    * If any one of the tags is invalid or if you exceed the allowed maximum
14451//    number of tags, then the entire request fails and the resource is not
14452//    created. For more information about tagging, see Tagging IAM resources
14453//    (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the
14454//    IAM User Guide.
14455//
14456//    * AWS always interprets the tag Value as a single string. If you need
14457//    to store an array, you can store comma-separated values in the string.
14458//    However, you must interpret the value in your code.
14459//
14460// For more information about tagging, see Tagging IAM identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
14461// in the IAM User Guide.
14462//
14463// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
14464// with awserr.Error's Code and Message methods to get detailed information about
14465// the error.
14466//
14467// See the AWS API reference guide for AWS Identity and Access Management's
14468// API operation TagRole for usage and error information.
14469//
14470// Returned Error Codes:
14471//   * ErrCodeNoSuchEntityException "NoSuchEntity"
14472//   The request was rejected because it referenced a resource entity that does
14473//   not exist. The error message describes the resource.
14474//
14475//   * ErrCodeLimitExceededException "LimitExceeded"
14476//   The request was rejected because it attempted to create resources beyond
14477//   the current AWS account limits. The error message describes the limit exceeded.
14478//
14479//   * ErrCodeInvalidInputException "InvalidInput"
14480//   The request was rejected because an invalid or out-of-range value was supplied
14481//   for an input parameter.
14482//
14483//   * ErrCodeConcurrentModificationException "ConcurrentModification"
14484//   The request was rejected because multiple requests to change this object
14485//   were submitted simultaneously. Wait a few minutes and submit your request
14486//   again.
14487//
14488//   * ErrCodeServiceFailureException "ServiceFailure"
14489//   The request processing has failed because of an unknown error, exception
14490//   or failure.
14491//
14492// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/TagRole
14493func (c *IAM) TagRole(input *TagRoleInput) (*TagRoleOutput, error) {
14494	req, out := c.TagRoleRequest(input)
14495	return out, req.Send()
14496}
14497
14498// TagRoleWithContext is the same as TagRole with the addition of
14499// the ability to pass a context and additional request options.
14500//
14501// See TagRole for details on how to use this API operation.
14502//
14503// The context must be non-nil and will be used for request cancellation. If
14504// the context is nil a panic will occur. In the future the SDK may create
14505// sub-contexts for http.Requests. See https://golang.org/pkg/context/
14506// for more information on using Contexts.
14507func (c *IAM) TagRoleWithContext(ctx aws.Context, input *TagRoleInput, opts ...request.Option) (*TagRoleOutput, error) {
14508	req, out := c.TagRoleRequest(input)
14509	req.SetContext(ctx)
14510	req.ApplyOptions(opts...)
14511	return out, req.Send()
14512}
14513
14514const opTagSAMLProvider = "TagSAMLProvider"
14515
14516// TagSAMLProviderRequest generates a "aws/request.Request" representing the
14517// client's request for the TagSAMLProvider operation. The "output" return
14518// value will be populated with the request's response once the request completes
14519// successfully.
14520//
14521// Use "Send" method on the returned Request to send the API call to the service.
14522// the "output" return value is not valid until after Send returns without error.
14523//
14524// See TagSAMLProvider for more information on using the TagSAMLProvider
14525// API call, and error handling.
14526//
14527// This method is useful when you want to inject custom logic or configuration
14528// into the SDK's request lifecycle. Such as custom headers, or retry logic.
14529//
14530//
14531//    // Example sending a request using the TagSAMLProviderRequest method.
14532//    req, resp := client.TagSAMLProviderRequest(params)
14533//
14534//    err := req.Send()
14535//    if err == nil { // resp is now filled
14536//        fmt.Println(resp)
14537//    }
14538//
14539// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/TagSAMLProvider
14540func (c *IAM) TagSAMLProviderRequest(input *TagSAMLProviderInput) (req *request.Request, output *TagSAMLProviderOutput) {
14541	op := &request.Operation{
14542		Name:       opTagSAMLProvider,
14543		HTTPMethod: "POST",
14544		HTTPPath:   "/",
14545	}
14546
14547	if input == nil {
14548		input = &TagSAMLProviderInput{}
14549	}
14550
14551	output = &TagSAMLProviderOutput{}
14552	req = c.newRequest(op, input, output)
14553	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
14554	return
14555}
14556
14557// TagSAMLProvider API operation for AWS Identity and Access Management.
14558//
14559// Adds one or more tags to a Security Assertion Markup Language (SAML) identity
14560// provider. For more information about these providers, see About SAML 2.0-based
14561// federation (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_saml.html).
14562// If a tag with the same key name already exists, then that tag is overwritten
14563// with the new value.
14564//
14565// A tag consists of a key name and an associated value. By assigning tags to
14566// your resources, you can do the following:
14567//
14568//    * Administrative grouping and discovery - Attach tags to resources to
14569//    aid in organization and search. For example, you could search for all
14570//    resources with the key name Project and the value MyImportantProject.
14571//    Or search for all resources with the key name Cost Center and the value
14572//    41200.
14573//
14574//    * Access control - Include tags in IAM user-based and resource-based policies.
14575//    You can use tags to restrict access to only a SAML identity provider that
14576//    has a specified tag attached. For examples of policies that show how to
14577//    use tags to control access, see Control access using IAM tags (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_tags.html)
14578//    in the IAM User Guide.
14579//
14580//    * If any one of the tags is invalid or if you exceed the allowed maximum
14581//    number of tags, then the entire request fails and the resource is not
14582//    created. For more information about tagging, see Tagging IAM resources
14583//    (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the
14584//    IAM User Guide.
14585//
14586//    * AWS always interprets the tag Value as a single string. If you need
14587//    to store an array, you can store comma-separated values in the string.
14588//    However, you must interpret the value in your code.
14589//
14590// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
14591// with awserr.Error's Code and Message methods to get detailed information about
14592// the error.
14593//
14594// See the AWS API reference guide for AWS Identity and Access Management's
14595// API operation TagSAMLProvider for usage and error information.
14596//
14597// Returned Error Codes:
14598//   * ErrCodeNoSuchEntityException "NoSuchEntity"
14599//   The request was rejected because it referenced a resource entity that does
14600//   not exist. The error message describes the resource.
14601//
14602//   * ErrCodeLimitExceededException "LimitExceeded"
14603//   The request was rejected because it attempted to create resources beyond
14604//   the current AWS account limits. The error message describes the limit exceeded.
14605//
14606//   * ErrCodeInvalidInputException "InvalidInput"
14607//   The request was rejected because an invalid or out-of-range value was supplied
14608//   for an input parameter.
14609//
14610//   * ErrCodeConcurrentModificationException "ConcurrentModification"
14611//   The request was rejected because multiple requests to change this object
14612//   were submitted simultaneously. Wait a few minutes and submit your request
14613//   again.
14614//
14615//   * ErrCodeServiceFailureException "ServiceFailure"
14616//   The request processing has failed because of an unknown error, exception
14617//   or failure.
14618//
14619// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/TagSAMLProvider
14620func (c *IAM) TagSAMLProvider(input *TagSAMLProviderInput) (*TagSAMLProviderOutput, error) {
14621	req, out := c.TagSAMLProviderRequest(input)
14622	return out, req.Send()
14623}
14624
14625// TagSAMLProviderWithContext is the same as TagSAMLProvider with the addition of
14626// the ability to pass a context and additional request options.
14627//
14628// See TagSAMLProvider for details on how to use this API operation.
14629//
14630// The context must be non-nil and will be used for request cancellation. If
14631// the context is nil a panic will occur. In the future the SDK may create
14632// sub-contexts for http.Requests. See https://golang.org/pkg/context/
14633// for more information on using Contexts.
14634func (c *IAM) TagSAMLProviderWithContext(ctx aws.Context, input *TagSAMLProviderInput, opts ...request.Option) (*TagSAMLProviderOutput, error) {
14635	req, out := c.TagSAMLProviderRequest(input)
14636	req.SetContext(ctx)
14637	req.ApplyOptions(opts...)
14638	return out, req.Send()
14639}
14640
14641const opTagServerCertificate = "TagServerCertificate"
14642
14643// TagServerCertificateRequest generates a "aws/request.Request" representing the
14644// client's request for the TagServerCertificate operation. The "output" return
14645// value will be populated with the request's response once the request completes
14646// successfully.
14647//
14648// Use "Send" method on the returned Request to send the API call to the service.
14649// the "output" return value is not valid until after Send returns without error.
14650//
14651// See TagServerCertificate for more information on using the TagServerCertificate
14652// API call, and error handling.
14653//
14654// This method is useful when you want to inject custom logic or configuration
14655// into the SDK's request lifecycle. Such as custom headers, or retry logic.
14656//
14657//
14658//    // Example sending a request using the TagServerCertificateRequest method.
14659//    req, resp := client.TagServerCertificateRequest(params)
14660//
14661//    err := req.Send()
14662//    if err == nil { // resp is now filled
14663//        fmt.Println(resp)
14664//    }
14665//
14666// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/TagServerCertificate
14667func (c *IAM) TagServerCertificateRequest(input *TagServerCertificateInput) (req *request.Request, output *TagServerCertificateOutput) {
14668	op := &request.Operation{
14669		Name:       opTagServerCertificate,
14670		HTTPMethod: "POST",
14671		HTTPPath:   "/",
14672	}
14673
14674	if input == nil {
14675		input = &TagServerCertificateInput{}
14676	}
14677
14678	output = &TagServerCertificateOutput{}
14679	req = c.newRequest(op, input, output)
14680	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
14681	return
14682}
14683
14684// TagServerCertificate API operation for AWS Identity and Access Management.
14685//
14686// Adds one or more tags to an IAM server certificate. If a tag with the same
14687// key name already exists, then that tag is overwritten with the new value.
14688//
14689// For certificates in a Region supported by AWS Certificate Manager (ACM),
14690// we recommend that you don't use IAM server certificates. Instead, use ACM
14691// to provision, manage, and deploy your server certificates. For more information
14692// about IAM server certificates, Working with server certificates (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_server-certs.html)
14693// in the IAM User Guide.
14694//
14695// A tag consists of a key name and an associated value. By assigning tags to
14696// your resources, you can do the following:
14697//
14698//    * Administrative grouping and discovery - Attach tags to resources to
14699//    aid in organization and search. For example, you could search for all
14700//    resources with the key name Project and the value MyImportantProject.
14701//    Or search for all resources with the key name Cost Center and the value
14702//    41200.
14703//
14704//    * Access control - Include tags in IAM user-based and resource-based policies.
14705//    You can use tags to restrict access to only a server certificate that
14706//    has a specified tag attached. For examples of policies that show how to
14707//    use tags to control access, see Control access using IAM tags (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_tags.html)
14708//    in the IAM User Guide.
14709//
14710//    * Cost allocation - Use tags to help track which individuals and teams
14711//    are using which AWS resources.
14712//
14713//    * If any one of the tags is invalid or if you exceed the allowed maximum
14714//    number of tags, then the entire request fails and the resource is not
14715//    created. For more information about tagging, see Tagging IAM resources
14716//    (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the
14717//    IAM User Guide.
14718//
14719//    * AWS always interprets the tag Value as a single string. If you need
14720//    to store an array, you can store comma-separated values in the string.
14721//    However, you must interpret the value in your code.
14722//
14723// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
14724// with awserr.Error's Code and Message methods to get detailed information about
14725// the error.
14726//
14727// See the AWS API reference guide for AWS Identity and Access Management's
14728// API operation TagServerCertificate for usage and error information.
14729//
14730// Returned Error Codes:
14731//   * ErrCodeNoSuchEntityException "NoSuchEntity"
14732//   The request was rejected because it referenced a resource entity that does
14733//   not exist. The error message describes the resource.
14734//
14735//   * ErrCodeInvalidInputException "InvalidInput"
14736//   The request was rejected because an invalid or out-of-range value was supplied
14737//   for an input parameter.
14738//
14739//   * ErrCodeLimitExceededException "LimitExceeded"
14740//   The request was rejected because it attempted to create resources beyond
14741//   the current AWS account limits. The error message describes the limit exceeded.
14742//
14743//   * ErrCodeConcurrentModificationException "ConcurrentModification"
14744//   The request was rejected because multiple requests to change this object
14745//   were submitted simultaneously. Wait a few minutes and submit your request
14746//   again.
14747//
14748//   * ErrCodeServiceFailureException "ServiceFailure"
14749//   The request processing has failed because of an unknown error, exception
14750//   or failure.
14751//
14752// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/TagServerCertificate
14753func (c *IAM) TagServerCertificate(input *TagServerCertificateInput) (*TagServerCertificateOutput, error) {
14754	req, out := c.TagServerCertificateRequest(input)
14755	return out, req.Send()
14756}
14757
14758// TagServerCertificateWithContext is the same as TagServerCertificate with the addition of
14759// the ability to pass a context and additional request options.
14760//
14761// See TagServerCertificate for details on how to use this API operation.
14762//
14763// The context must be non-nil and will be used for request cancellation. If
14764// the context is nil a panic will occur. In the future the SDK may create
14765// sub-contexts for http.Requests. See https://golang.org/pkg/context/
14766// for more information on using Contexts.
14767func (c *IAM) TagServerCertificateWithContext(ctx aws.Context, input *TagServerCertificateInput, opts ...request.Option) (*TagServerCertificateOutput, error) {
14768	req, out := c.TagServerCertificateRequest(input)
14769	req.SetContext(ctx)
14770	req.ApplyOptions(opts...)
14771	return out, req.Send()
14772}
14773
14774const opTagUser = "TagUser"
14775
14776// TagUserRequest generates a "aws/request.Request" representing the
14777// client's request for the TagUser operation. The "output" return
14778// value will be populated with the request's response once the request completes
14779// successfully.
14780//
14781// Use "Send" method on the returned Request to send the API call to the service.
14782// the "output" return value is not valid until after Send returns without error.
14783//
14784// See TagUser for more information on using the TagUser
14785// API call, and error handling.
14786//
14787// This method is useful when you want to inject custom logic or configuration
14788// into the SDK's request lifecycle. Such as custom headers, or retry logic.
14789//
14790//
14791//    // Example sending a request using the TagUserRequest method.
14792//    req, resp := client.TagUserRequest(params)
14793//
14794//    err := req.Send()
14795//    if err == nil { // resp is now filled
14796//        fmt.Println(resp)
14797//    }
14798//
14799// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/TagUser
14800func (c *IAM) TagUserRequest(input *TagUserInput) (req *request.Request, output *TagUserOutput) {
14801	op := &request.Operation{
14802		Name:       opTagUser,
14803		HTTPMethod: "POST",
14804		HTTPPath:   "/",
14805	}
14806
14807	if input == nil {
14808		input = &TagUserInput{}
14809	}
14810
14811	output = &TagUserOutput{}
14812	req = c.newRequest(op, input, output)
14813	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
14814	return
14815}
14816
14817// TagUser API operation for AWS Identity and Access Management.
14818//
14819// Adds one or more tags to an IAM user. If a tag with the same key name already
14820// exists, then that tag is overwritten with the new value.
14821//
14822// A tag consists of a key name and an associated value. By assigning tags to
14823// your resources, you can do the following:
14824//
14825//    * Administrative grouping and discovery - Attach tags to resources to
14826//    aid in organization and search. For example, you could search for all
14827//    resources with the key name Project and the value MyImportantProject.
14828//    Or search for all resources with the key name Cost Center and the value
14829//    41200.
14830//
14831//    * Access control - Include tags in IAM user-based and resource-based policies.
14832//    You can use tags to restrict access to only an IAM requesting user that
14833//    has a specified tag attached. You can also restrict access to only those
14834//    resources that have a certain tag attached. For examples of policies that
14835//    show how to use tags to control access, see Control access using IAM tags
14836//    (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_tags.html) in
14837//    the IAM User Guide.
14838//
14839//    * Cost allocation - Use tags to help track which individuals and teams
14840//    are using which AWS resources.
14841//
14842//    * If any one of the tags is invalid or if you exceed the allowed maximum
14843//    number of tags, then the entire request fails and the resource is not
14844//    created. For more information about tagging, see Tagging IAM resources
14845//    (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the
14846//    IAM User Guide.
14847//
14848//    * AWS always interprets the tag Value as a single string. If you need
14849//    to store an array, you can store comma-separated values in the string.
14850//    However, you must interpret the value in your code.
14851//
14852// For more information about tagging, see Tagging IAM identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
14853// in the IAM User Guide.
14854//
14855// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
14856// with awserr.Error's Code and Message methods to get detailed information about
14857// the error.
14858//
14859// See the AWS API reference guide for AWS Identity and Access Management's
14860// API operation TagUser for usage and error information.
14861//
14862// Returned Error Codes:
14863//   * ErrCodeNoSuchEntityException "NoSuchEntity"
14864//   The request was rejected because it referenced a resource entity that does
14865//   not exist. The error message describes the resource.
14866//
14867//   * ErrCodeLimitExceededException "LimitExceeded"
14868//   The request was rejected because it attempted to create resources beyond
14869//   the current AWS account limits. The error message describes the limit exceeded.
14870//
14871//   * ErrCodeInvalidInputException "InvalidInput"
14872//   The request was rejected because an invalid or out-of-range value was supplied
14873//   for an input parameter.
14874//
14875//   * ErrCodeConcurrentModificationException "ConcurrentModification"
14876//   The request was rejected because multiple requests to change this object
14877//   were submitted simultaneously. Wait a few minutes and submit your request
14878//   again.
14879//
14880//   * ErrCodeServiceFailureException "ServiceFailure"
14881//   The request processing has failed because of an unknown error, exception
14882//   or failure.
14883//
14884// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/TagUser
14885func (c *IAM) TagUser(input *TagUserInput) (*TagUserOutput, error) {
14886	req, out := c.TagUserRequest(input)
14887	return out, req.Send()
14888}
14889
14890// TagUserWithContext is the same as TagUser with the addition of
14891// the ability to pass a context and additional request options.
14892//
14893// See TagUser for details on how to use this API operation.
14894//
14895// The context must be non-nil and will be used for request cancellation. If
14896// the context is nil a panic will occur. In the future the SDK may create
14897// sub-contexts for http.Requests. See https://golang.org/pkg/context/
14898// for more information on using Contexts.
14899func (c *IAM) TagUserWithContext(ctx aws.Context, input *TagUserInput, opts ...request.Option) (*TagUserOutput, error) {
14900	req, out := c.TagUserRequest(input)
14901	req.SetContext(ctx)
14902	req.ApplyOptions(opts...)
14903	return out, req.Send()
14904}
14905
14906const opUntagInstanceProfile = "UntagInstanceProfile"
14907
14908// UntagInstanceProfileRequest generates a "aws/request.Request" representing the
14909// client's request for the UntagInstanceProfile operation. The "output" return
14910// value will be populated with the request's response once the request completes
14911// successfully.
14912//
14913// Use "Send" method on the returned Request to send the API call to the service.
14914// the "output" return value is not valid until after Send returns without error.
14915//
14916// See UntagInstanceProfile for more information on using the UntagInstanceProfile
14917// API call, and error handling.
14918//
14919// This method is useful when you want to inject custom logic or configuration
14920// into the SDK's request lifecycle. Such as custom headers, or retry logic.
14921//
14922//
14923//    // Example sending a request using the UntagInstanceProfileRequest method.
14924//    req, resp := client.UntagInstanceProfileRequest(params)
14925//
14926//    err := req.Send()
14927//    if err == nil { // resp is now filled
14928//        fmt.Println(resp)
14929//    }
14930//
14931// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UntagInstanceProfile
14932func (c *IAM) UntagInstanceProfileRequest(input *UntagInstanceProfileInput) (req *request.Request, output *UntagInstanceProfileOutput) {
14933	op := &request.Operation{
14934		Name:       opUntagInstanceProfile,
14935		HTTPMethod: "POST",
14936		HTTPPath:   "/",
14937	}
14938
14939	if input == nil {
14940		input = &UntagInstanceProfileInput{}
14941	}
14942
14943	output = &UntagInstanceProfileOutput{}
14944	req = c.newRequest(op, input, output)
14945	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
14946	return
14947}
14948
14949// UntagInstanceProfile API operation for AWS Identity and Access Management.
14950//
14951// Removes the specified tags from the IAM instance profile. For more information
14952// about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
14953// in the IAM User Guide.
14954//
14955// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
14956// with awserr.Error's Code and Message methods to get detailed information about
14957// the error.
14958//
14959// See the AWS API reference guide for AWS Identity and Access Management's
14960// API operation UntagInstanceProfile for usage and error information.
14961//
14962// Returned Error Codes:
14963//   * ErrCodeNoSuchEntityException "NoSuchEntity"
14964//   The request was rejected because it referenced a resource entity that does
14965//   not exist. The error message describes the resource.
14966//
14967//   * ErrCodeInvalidInputException "InvalidInput"
14968//   The request was rejected because an invalid or out-of-range value was supplied
14969//   for an input parameter.
14970//
14971//   * ErrCodeConcurrentModificationException "ConcurrentModification"
14972//   The request was rejected because multiple requests to change this object
14973//   were submitted simultaneously. Wait a few minutes and submit your request
14974//   again.
14975//
14976//   * ErrCodeServiceFailureException "ServiceFailure"
14977//   The request processing has failed because of an unknown error, exception
14978//   or failure.
14979//
14980// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UntagInstanceProfile
14981func (c *IAM) UntagInstanceProfile(input *UntagInstanceProfileInput) (*UntagInstanceProfileOutput, error) {
14982	req, out := c.UntagInstanceProfileRequest(input)
14983	return out, req.Send()
14984}
14985
14986// UntagInstanceProfileWithContext is the same as UntagInstanceProfile with the addition of
14987// the ability to pass a context and additional request options.
14988//
14989// See UntagInstanceProfile for details on how to use this API operation.
14990//
14991// The context must be non-nil and will be used for request cancellation. If
14992// the context is nil a panic will occur. In the future the SDK may create
14993// sub-contexts for http.Requests. See https://golang.org/pkg/context/
14994// for more information on using Contexts.
14995func (c *IAM) UntagInstanceProfileWithContext(ctx aws.Context, input *UntagInstanceProfileInput, opts ...request.Option) (*UntagInstanceProfileOutput, error) {
14996	req, out := c.UntagInstanceProfileRequest(input)
14997	req.SetContext(ctx)
14998	req.ApplyOptions(opts...)
14999	return out, req.Send()
15000}
15001
15002const opUntagMFADevice = "UntagMFADevice"
15003
15004// UntagMFADeviceRequest generates a "aws/request.Request" representing the
15005// client's request for the UntagMFADevice operation. The "output" return
15006// value will be populated with the request's response once the request completes
15007// successfully.
15008//
15009// Use "Send" method on the returned Request to send the API call to the service.
15010// the "output" return value is not valid until after Send returns without error.
15011//
15012// See UntagMFADevice for more information on using the UntagMFADevice
15013// API call, and error handling.
15014//
15015// This method is useful when you want to inject custom logic or configuration
15016// into the SDK's request lifecycle. Such as custom headers, or retry logic.
15017//
15018//
15019//    // Example sending a request using the UntagMFADeviceRequest method.
15020//    req, resp := client.UntagMFADeviceRequest(params)
15021//
15022//    err := req.Send()
15023//    if err == nil { // resp is now filled
15024//        fmt.Println(resp)
15025//    }
15026//
15027// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UntagMFADevice
15028func (c *IAM) UntagMFADeviceRequest(input *UntagMFADeviceInput) (req *request.Request, output *UntagMFADeviceOutput) {
15029	op := &request.Operation{
15030		Name:       opUntagMFADevice,
15031		HTTPMethod: "POST",
15032		HTTPPath:   "/",
15033	}
15034
15035	if input == nil {
15036		input = &UntagMFADeviceInput{}
15037	}
15038
15039	output = &UntagMFADeviceOutput{}
15040	req = c.newRequest(op, input, output)
15041	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
15042	return
15043}
15044
15045// UntagMFADevice API operation for AWS Identity and Access Management.
15046//
15047// Removes the specified tags from the IAM virtual multi-factor authentication
15048// (MFA) device. For more information about tagging, see Tagging IAM resources
15049// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the IAM
15050// User Guide.
15051//
15052// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
15053// with awserr.Error's Code and Message methods to get detailed information about
15054// the error.
15055//
15056// See the AWS API reference guide for AWS Identity and Access Management's
15057// API operation UntagMFADevice for usage and error information.
15058//
15059// Returned Error Codes:
15060//   * ErrCodeNoSuchEntityException "NoSuchEntity"
15061//   The request was rejected because it referenced a resource entity that does
15062//   not exist. The error message describes the resource.
15063//
15064//   * ErrCodeInvalidInputException "InvalidInput"
15065//   The request was rejected because an invalid or out-of-range value was supplied
15066//   for an input parameter.
15067//
15068//   * ErrCodeConcurrentModificationException "ConcurrentModification"
15069//   The request was rejected because multiple requests to change this object
15070//   were submitted simultaneously. Wait a few minutes and submit your request
15071//   again.
15072//
15073//   * ErrCodeServiceFailureException "ServiceFailure"
15074//   The request processing has failed because of an unknown error, exception
15075//   or failure.
15076//
15077// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UntagMFADevice
15078func (c *IAM) UntagMFADevice(input *UntagMFADeviceInput) (*UntagMFADeviceOutput, error) {
15079	req, out := c.UntagMFADeviceRequest(input)
15080	return out, req.Send()
15081}
15082
15083// UntagMFADeviceWithContext is the same as UntagMFADevice with the addition of
15084// the ability to pass a context and additional request options.
15085//
15086// See UntagMFADevice for details on how to use this API operation.
15087//
15088// The context must be non-nil and will be used for request cancellation. If
15089// the context is nil a panic will occur. In the future the SDK may create
15090// sub-contexts for http.Requests. See https://golang.org/pkg/context/
15091// for more information on using Contexts.
15092func (c *IAM) UntagMFADeviceWithContext(ctx aws.Context, input *UntagMFADeviceInput, opts ...request.Option) (*UntagMFADeviceOutput, error) {
15093	req, out := c.UntagMFADeviceRequest(input)
15094	req.SetContext(ctx)
15095	req.ApplyOptions(opts...)
15096	return out, req.Send()
15097}
15098
15099const opUntagOpenIDConnectProvider = "UntagOpenIDConnectProvider"
15100
15101// UntagOpenIDConnectProviderRequest generates a "aws/request.Request" representing the
15102// client's request for the UntagOpenIDConnectProvider operation. The "output" return
15103// value will be populated with the request's response once the request completes
15104// successfully.
15105//
15106// Use "Send" method on the returned Request to send the API call to the service.
15107// the "output" return value is not valid until after Send returns without error.
15108//
15109// See UntagOpenIDConnectProvider for more information on using the UntagOpenIDConnectProvider
15110// API call, and error handling.
15111//
15112// This method is useful when you want to inject custom logic or configuration
15113// into the SDK's request lifecycle. Such as custom headers, or retry logic.
15114//
15115//
15116//    // Example sending a request using the UntagOpenIDConnectProviderRequest method.
15117//    req, resp := client.UntagOpenIDConnectProviderRequest(params)
15118//
15119//    err := req.Send()
15120//    if err == nil { // resp is now filled
15121//        fmt.Println(resp)
15122//    }
15123//
15124// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UntagOpenIDConnectProvider
15125func (c *IAM) UntagOpenIDConnectProviderRequest(input *UntagOpenIDConnectProviderInput) (req *request.Request, output *UntagOpenIDConnectProviderOutput) {
15126	op := &request.Operation{
15127		Name:       opUntagOpenIDConnectProvider,
15128		HTTPMethod: "POST",
15129		HTTPPath:   "/",
15130	}
15131
15132	if input == nil {
15133		input = &UntagOpenIDConnectProviderInput{}
15134	}
15135
15136	output = &UntagOpenIDConnectProviderOutput{}
15137	req = c.newRequest(op, input, output)
15138	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
15139	return
15140}
15141
15142// UntagOpenIDConnectProvider API operation for AWS Identity and Access Management.
15143//
15144// Removes the specified tags from the specified OpenID Connect (OIDC)-compatible
15145// identity provider in IAM. For more information about OIDC providers, see
15146// About web identity federation (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_oidc.html).
15147// For more information about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
15148// in the IAM User Guide.
15149//
15150// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
15151// with awserr.Error's Code and Message methods to get detailed information about
15152// the error.
15153//
15154// See the AWS API reference guide for AWS Identity and Access Management's
15155// API operation UntagOpenIDConnectProvider for usage and error information.
15156//
15157// Returned Error Codes:
15158//   * ErrCodeNoSuchEntityException "NoSuchEntity"
15159//   The request was rejected because it referenced a resource entity that does
15160//   not exist. The error message describes the resource.
15161//
15162//   * ErrCodeInvalidInputException "InvalidInput"
15163//   The request was rejected because an invalid or out-of-range value was supplied
15164//   for an input parameter.
15165//
15166//   * ErrCodeConcurrentModificationException "ConcurrentModification"
15167//   The request was rejected because multiple requests to change this object
15168//   were submitted simultaneously. Wait a few minutes and submit your request
15169//   again.
15170//
15171//   * ErrCodeServiceFailureException "ServiceFailure"
15172//   The request processing has failed because of an unknown error, exception
15173//   or failure.
15174//
15175// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UntagOpenIDConnectProvider
15176func (c *IAM) UntagOpenIDConnectProvider(input *UntagOpenIDConnectProviderInput) (*UntagOpenIDConnectProviderOutput, error) {
15177	req, out := c.UntagOpenIDConnectProviderRequest(input)
15178	return out, req.Send()
15179}
15180
15181// UntagOpenIDConnectProviderWithContext is the same as UntagOpenIDConnectProvider with the addition of
15182// the ability to pass a context and additional request options.
15183//
15184// See UntagOpenIDConnectProvider for details on how to use this API operation.
15185//
15186// The context must be non-nil and will be used for request cancellation. If
15187// the context is nil a panic will occur. In the future the SDK may create
15188// sub-contexts for http.Requests. See https://golang.org/pkg/context/
15189// for more information on using Contexts.
15190func (c *IAM) UntagOpenIDConnectProviderWithContext(ctx aws.Context, input *UntagOpenIDConnectProviderInput, opts ...request.Option) (*UntagOpenIDConnectProviderOutput, error) {
15191	req, out := c.UntagOpenIDConnectProviderRequest(input)
15192	req.SetContext(ctx)
15193	req.ApplyOptions(opts...)
15194	return out, req.Send()
15195}
15196
15197const opUntagPolicy = "UntagPolicy"
15198
15199// UntagPolicyRequest generates a "aws/request.Request" representing the
15200// client's request for the UntagPolicy operation. The "output" return
15201// value will be populated with the request's response once the request completes
15202// successfully.
15203//
15204// Use "Send" method on the returned Request to send the API call to the service.
15205// the "output" return value is not valid until after Send returns without error.
15206//
15207// See UntagPolicy for more information on using the UntagPolicy
15208// API call, and error handling.
15209//
15210// This method is useful when you want to inject custom logic or configuration
15211// into the SDK's request lifecycle. Such as custom headers, or retry logic.
15212//
15213//
15214//    // Example sending a request using the UntagPolicyRequest method.
15215//    req, resp := client.UntagPolicyRequest(params)
15216//
15217//    err := req.Send()
15218//    if err == nil { // resp is now filled
15219//        fmt.Println(resp)
15220//    }
15221//
15222// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UntagPolicy
15223func (c *IAM) UntagPolicyRequest(input *UntagPolicyInput) (req *request.Request, output *UntagPolicyOutput) {
15224	op := &request.Operation{
15225		Name:       opUntagPolicy,
15226		HTTPMethod: "POST",
15227		HTTPPath:   "/",
15228	}
15229
15230	if input == nil {
15231		input = &UntagPolicyInput{}
15232	}
15233
15234	output = &UntagPolicyOutput{}
15235	req = c.newRequest(op, input, output)
15236	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
15237	return
15238}
15239
15240// UntagPolicy API operation for AWS Identity and Access Management.
15241//
15242// Removes the specified tags from the customer managed policy. For more information
15243// about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
15244// in the IAM User Guide.
15245//
15246// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
15247// with awserr.Error's Code and Message methods to get detailed information about
15248// the error.
15249//
15250// See the AWS API reference guide for AWS Identity and Access Management's
15251// API operation UntagPolicy for usage and error information.
15252//
15253// Returned Error Codes:
15254//   * ErrCodeNoSuchEntityException "NoSuchEntity"
15255//   The request was rejected because it referenced a resource entity that does
15256//   not exist. The error message describes the resource.
15257//
15258//   * ErrCodeInvalidInputException "InvalidInput"
15259//   The request was rejected because an invalid or out-of-range value was supplied
15260//   for an input parameter.
15261//
15262//   * ErrCodeConcurrentModificationException "ConcurrentModification"
15263//   The request was rejected because multiple requests to change this object
15264//   were submitted simultaneously. Wait a few minutes and submit your request
15265//   again.
15266//
15267//   * ErrCodeServiceFailureException "ServiceFailure"
15268//   The request processing has failed because of an unknown error, exception
15269//   or failure.
15270//
15271// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UntagPolicy
15272func (c *IAM) UntagPolicy(input *UntagPolicyInput) (*UntagPolicyOutput, error) {
15273	req, out := c.UntagPolicyRequest(input)
15274	return out, req.Send()
15275}
15276
15277// UntagPolicyWithContext is the same as UntagPolicy with the addition of
15278// the ability to pass a context and additional request options.
15279//
15280// See UntagPolicy for details on how to use this API operation.
15281//
15282// The context must be non-nil and will be used for request cancellation. If
15283// the context is nil a panic will occur. In the future the SDK may create
15284// sub-contexts for http.Requests. See https://golang.org/pkg/context/
15285// for more information on using Contexts.
15286func (c *IAM) UntagPolicyWithContext(ctx aws.Context, input *UntagPolicyInput, opts ...request.Option) (*UntagPolicyOutput, error) {
15287	req, out := c.UntagPolicyRequest(input)
15288	req.SetContext(ctx)
15289	req.ApplyOptions(opts...)
15290	return out, req.Send()
15291}
15292
15293const opUntagRole = "UntagRole"
15294
15295// UntagRoleRequest generates a "aws/request.Request" representing the
15296// client's request for the UntagRole operation. The "output" return
15297// value will be populated with the request's response once the request completes
15298// successfully.
15299//
15300// Use "Send" method on the returned Request to send the API call to the service.
15301// the "output" return value is not valid until after Send returns without error.
15302//
15303// See UntagRole for more information on using the UntagRole
15304// API call, and error handling.
15305//
15306// This method is useful when you want to inject custom logic or configuration
15307// into the SDK's request lifecycle. Such as custom headers, or retry logic.
15308//
15309//
15310//    // Example sending a request using the UntagRoleRequest method.
15311//    req, resp := client.UntagRoleRequest(params)
15312//
15313//    err := req.Send()
15314//    if err == nil { // resp is now filled
15315//        fmt.Println(resp)
15316//    }
15317//
15318// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UntagRole
15319func (c *IAM) UntagRoleRequest(input *UntagRoleInput) (req *request.Request, output *UntagRoleOutput) {
15320	op := &request.Operation{
15321		Name:       opUntagRole,
15322		HTTPMethod: "POST",
15323		HTTPPath:   "/",
15324	}
15325
15326	if input == nil {
15327		input = &UntagRoleInput{}
15328	}
15329
15330	output = &UntagRoleOutput{}
15331	req = c.newRequest(op, input, output)
15332	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
15333	return
15334}
15335
15336// UntagRole API operation for AWS Identity and Access Management.
15337//
15338// Removes the specified tags from the role. For more information about tagging,
15339// see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
15340// in the IAM User Guide.
15341//
15342// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
15343// with awserr.Error's Code and Message methods to get detailed information about
15344// the error.
15345//
15346// See the AWS API reference guide for AWS Identity and Access Management's
15347// API operation UntagRole for usage and error information.
15348//
15349// Returned Error Codes:
15350//   * ErrCodeNoSuchEntityException "NoSuchEntity"
15351//   The request was rejected because it referenced a resource entity that does
15352//   not exist. The error message describes the resource.
15353//
15354//   * ErrCodeConcurrentModificationException "ConcurrentModification"
15355//   The request was rejected because multiple requests to change this object
15356//   were submitted simultaneously. Wait a few minutes and submit your request
15357//   again.
15358//
15359//   * ErrCodeServiceFailureException "ServiceFailure"
15360//   The request processing has failed because of an unknown error, exception
15361//   or failure.
15362//
15363// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UntagRole
15364func (c *IAM) UntagRole(input *UntagRoleInput) (*UntagRoleOutput, error) {
15365	req, out := c.UntagRoleRequest(input)
15366	return out, req.Send()
15367}
15368
15369// UntagRoleWithContext is the same as UntagRole with the addition of
15370// the ability to pass a context and additional request options.
15371//
15372// See UntagRole for details on how to use this API operation.
15373//
15374// The context must be non-nil and will be used for request cancellation. If
15375// the context is nil a panic will occur. In the future the SDK may create
15376// sub-contexts for http.Requests. See https://golang.org/pkg/context/
15377// for more information on using Contexts.
15378func (c *IAM) UntagRoleWithContext(ctx aws.Context, input *UntagRoleInput, opts ...request.Option) (*UntagRoleOutput, error) {
15379	req, out := c.UntagRoleRequest(input)
15380	req.SetContext(ctx)
15381	req.ApplyOptions(opts...)
15382	return out, req.Send()
15383}
15384
15385const opUntagSAMLProvider = "UntagSAMLProvider"
15386
15387// UntagSAMLProviderRequest generates a "aws/request.Request" representing the
15388// client's request for the UntagSAMLProvider operation. The "output" return
15389// value will be populated with the request's response once the request completes
15390// successfully.
15391//
15392// Use "Send" method on the returned Request to send the API call to the service.
15393// the "output" return value is not valid until after Send returns without error.
15394//
15395// See UntagSAMLProvider for more information on using the UntagSAMLProvider
15396// API call, and error handling.
15397//
15398// This method is useful when you want to inject custom logic or configuration
15399// into the SDK's request lifecycle. Such as custom headers, or retry logic.
15400//
15401//
15402//    // Example sending a request using the UntagSAMLProviderRequest method.
15403//    req, resp := client.UntagSAMLProviderRequest(params)
15404//
15405//    err := req.Send()
15406//    if err == nil { // resp is now filled
15407//        fmt.Println(resp)
15408//    }
15409//
15410// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UntagSAMLProvider
15411func (c *IAM) UntagSAMLProviderRequest(input *UntagSAMLProviderInput) (req *request.Request, output *UntagSAMLProviderOutput) {
15412	op := &request.Operation{
15413		Name:       opUntagSAMLProvider,
15414		HTTPMethod: "POST",
15415		HTTPPath:   "/",
15416	}
15417
15418	if input == nil {
15419		input = &UntagSAMLProviderInput{}
15420	}
15421
15422	output = &UntagSAMLProviderOutput{}
15423	req = c.newRequest(op, input, output)
15424	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
15425	return
15426}
15427
15428// UntagSAMLProvider API operation for AWS Identity and Access Management.
15429//
15430// Removes the specified tags from the specified Security Assertion Markup Language
15431// (SAML) identity provider in IAM. For more information about these providers,
15432// see About web identity federation (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_oidc.html).
15433// For more information about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
15434// in the IAM User Guide.
15435//
15436// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
15437// with awserr.Error's Code and Message methods to get detailed information about
15438// the error.
15439//
15440// See the AWS API reference guide for AWS Identity and Access Management's
15441// API operation UntagSAMLProvider for usage and error information.
15442//
15443// Returned Error Codes:
15444//   * ErrCodeNoSuchEntityException "NoSuchEntity"
15445//   The request was rejected because it referenced a resource entity that does
15446//   not exist. The error message describes the resource.
15447//
15448//   * ErrCodeInvalidInputException "InvalidInput"
15449//   The request was rejected because an invalid or out-of-range value was supplied
15450//   for an input parameter.
15451//
15452//   * ErrCodeConcurrentModificationException "ConcurrentModification"
15453//   The request was rejected because multiple requests to change this object
15454//   were submitted simultaneously. Wait a few minutes and submit your request
15455//   again.
15456//
15457//   * ErrCodeServiceFailureException "ServiceFailure"
15458//   The request processing has failed because of an unknown error, exception
15459//   or failure.
15460//
15461// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UntagSAMLProvider
15462func (c *IAM) UntagSAMLProvider(input *UntagSAMLProviderInput) (*UntagSAMLProviderOutput, error) {
15463	req, out := c.UntagSAMLProviderRequest(input)
15464	return out, req.Send()
15465}
15466
15467// UntagSAMLProviderWithContext is the same as UntagSAMLProvider with the addition of
15468// the ability to pass a context and additional request options.
15469//
15470// See UntagSAMLProvider for details on how to use this API operation.
15471//
15472// The context must be non-nil and will be used for request cancellation. If
15473// the context is nil a panic will occur. In the future the SDK may create
15474// sub-contexts for http.Requests. See https://golang.org/pkg/context/
15475// for more information on using Contexts.
15476func (c *IAM) UntagSAMLProviderWithContext(ctx aws.Context, input *UntagSAMLProviderInput, opts ...request.Option) (*UntagSAMLProviderOutput, error) {
15477	req, out := c.UntagSAMLProviderRequest(input)
15478	req.SetContext(ctx)
15479	req.ApplyOptions(opts...)
15480	return out, req.Send()
15481}
15482
15483const opUntagServerCertificate = "UntagServerCertificate"
15484
15485// UntagServerCertificateRequest generates a "aws/request.Request" representing the
15486// client's request for the UntagServerCertificate operation. The "output" return
15487// value will be populated with the request's response once the request completes
15488// successfully.
15489//
15490// Use "Send" method on the returned Request to send the API call to the service.
15491// the "output" return value is not valid until after Send returns without error.
15492//
15493// See UntagServerCertificate for more information on using the UntagServerCertificate
15494// API call, and error handling.
15495//
15496// This method is useful when you want to inject custom logic or configuration
15497// into the SDK's request lifecycle. Such as custom headers, or retry logic.
15498//
15499//
15500//    // Example sending a request using the UntagServerCertificateRequest method.
15501//    req, resp := client.UntagServerCertificateRequest(params)
15502//
15503//    err := req.Send()
15504//    if err == nil { // resp is now filled
15505//        fmt.Println(resp)
15506//    }
15507//
15508// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UntagServerCertificate
15509func (c *IAM) UntagServerCertificateRequest(input *UntagServerCertificateInput) (req *request.Request, output *UntagServerCertificateOutput) {
15510	op := &request.Operation{
15511		Name:       opUntagServerCertificate,
15512		HTTPMethod: "POST",
15513		HTTPPath:   "/",
15514	}
15515
15516	if input == nil {
15517		input = &UntagServerCertificateInput{}
15518	}
15519
15520	output = &UntagServerCertificateOutput{}
15521	req = c.newRequest(op, input, output)
15522	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
15523	return
15524}
15525
15526// UntagServerCertificate API operation for AWS Identity and Access Management.
15527//
15528// Removes the specified tags from the IAM server certificate. For more information
15529// about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
15530// in the IAM User Guide.
15531//
15532// For certificates in a Region supported by AWS Certificate Manager (ACM),
15533// we recommend that you don't use IAM server certificates. Instead, use ACM
15534// to provision, manage, and deploy your server certificates. For more information
15535// about IAM server certificates, Working with server certificates (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_server-certs.html)
15536// in the IAM User Guide.
15537//
15538// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
15539// with awserr.Error's Code and Message methods to get detailed information about
15540// the error.
15541//
15542// See the AWS API reference guide for AWS Identity and Access Management's
15543// API operation UntagServerCertificate for usage and error information.
15544//
15545// Returned Error Codes:
15546//   * ErrCodeNoSuchEntityException "NoSuchEntity"
15547//   The request was rejected because it referenced a resource entity that does
15548//   not exist. The error message describes the resource.
15549//
15550//   * ErrCodeInvalidInputException "InvalidInput"
15551//   The request was rejected because an invalid or out-of-range value was supplied
15552//   for an input parameter.
15553//
15554//   * ErrCodeConcurrentModificationException "ConcurrentModification"
15555//   The request was rejected because multiple requests to change this object
15556//   were submitted simultaneously. Wait a few minutes and submit your request
15557//   again.
15558//
15559//   * ErrCodeServiceFailureException "ServiceFailure"
15560//   The request processing has failed because of an unknown error, exception
15561//   or failure.
15562//
15563// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UntagServerCertificate
15564func (c *IAM) UntagServerCertificate(input *UntagServerCertificateInput) (*UntagServerCertificateOutput, error) {
15565	req, out := c.UntagServerCertificateRequest(input)
15566	return out, req.Send()
15567}
15568
15569// UntagServerCertificateWithContext is the same as UntagServerCertificate with the addition of
15570// the ability to pass a context and additional request options.
15571//
15572// See UntagServerCertificate for details on how to use this API operation.
15573//
15574// The context must be non-nil and will be used for request cancellation. If
15575// the context is nil a panic will occur. In the future the SDK may create
15576// sub-contexts for http.Requests. See https://golang.org/pkg/context/
15577// for more information on using Contexts.
15578func (c *IAM) UntagServerCertificateWithContext(ctx aws.Context, input *UntagServerCertificateInput, opts ...request.Option) (*UntagServerCertificateOutput, error) {
15579	req, out := c.UntagServerCertificateRequest(input)
15580	req.SetContext(ctx)
15581	req.ApplyOptions(opts...)
15582	return out, req.Send()
15583}
15584
15585const opUntagUser = "UntagUser"
15586
15587// UntagUserRequest generates a "aws/request.Request" representing the
15588// client's request for the UntagUser operation. The "output" return
15589// value will be populated with the request's response once the request completes
15590// successfully.
15591//
15592// Use "Send" method on the returned Request to send the API call to the service.
15593// the "output" return value is not valid until after Send returns without error.
15594//
15595// See UntagUser for more information on using the UntagUser
15596// API call, and error handling.
15597//
15598// This method is useful when you want to inject custom logic or configuration
15599// into the SDK's request lifecycle. Such as custom headers, or retry logic.
15600//
15601//
15602//    // Example sending a request using the UntagUserRequest method.
15603//    req, resp := client.UntagUserRequest(params)
15604//
15605//    err := req.Send()
15606//    if err == nil { // resp is now filled
15607//        fmt.Println(resp)
15608//    }
15609//
15610// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UntagUser
15611func (c *IAM) UntagUserRequest(input *UntagUserInput) (req *request.Request, output *UntagUserOutput) {
15612	op := &request.Operation{
15613		Name:       opUntagUser,
15614		HTTPMethod: "POST",
15615		HTTPPath:   "/",
15616	}
15617
15618	if input == nil {
15619		input = &UntagUserInput{}
15620	}
15621
15622	output = &UntagUserOutput{}
15623	req = c.newRequest(op, input, output)
15624	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
15625	return
15626}
15627
15628// UntagUser API operation for AWS Identity and Access Management.
15629//
15630// Removes the specified tags from the user. For more information about tagging,
15631// see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
15632// in the IAM User Guide.
15633//
15634// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
15635// with awserr.Error's Code and Message methods to get detailed information about
15636// the error.
15637//
15638// See the AWS API reference guide for AWS Identity and Access Management's
15639// API operation UntagUser for usage and error information.
15640//
15641// Returned Error Codes:
15642//   * ErrCodeNoSuchEntityException "NoSuchEntity"
15643//   The request was rejected because it referenced a resource entity that does
15644//   not exist. The error message describes the resource.
15645//
15646//   * ErrCodeConcurrentModificationException "ConcurrentModification"
15647//   The request was rejected because multiple requests to change this object
15648//   were submitted simultaneously. Wait a few minutes and submit your request
15649//   again.
15650//
15651//   * ErrCodeServiceFailureException "ServiceFailure"
15652//   The request processing has failed because of an unknown error, exception
15653//   or failure.
15654//
15655// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UntagUser
15656func (c *IAM) UntagUser(input *UntagUserInput) (*UntagUserOutput, error) {
15657	req, out := c.UntagUserRequest(input)
15658	return out, req.Send()
15659}
15660
15661// UntagUserWithContext is the same as UntagUser with the addition of
15662// the ability to pass a context and additional request options.
15663//
15664// See UntagUser for details on how to use this API operation.
15665//
15666// The context must be non-nil and will be used for request cancellation. If
15667// the context is nil a panic will occur. In the future the SDK may create
15668// sub-contexts for http.Requests. See https://golang.org/pkg/context/
15669// for more information on using Contexts.
15670func (c *IAM) UntagUserWithContext(ctx aws.Context, input *UntagUserInput, opts ...request.Option) (*UntagUserOutput, error) {
15671	req, out := c.UntagUserRequest(input)
15672	req.SetContext(ctx)
15673	req.ApplyOptions(opts...)
15674	return out, req.Send()
15675}
15676
15677const opUpdateAccessKey = "UpdateAccessKey"
15678
15679// UpdateAccessKeyRequest generates a "aws/request.Request" representing the
15680// client's request for the UpdateAccessKey operation. The "output" return
15681// value will be populated with the request's response once the request completes
15682// successfully.
15683//
15684// Use "Send" method on the returned Request to send the API call to the service.
15685// the "output" return value is not valid until after Send returns without error.
15686//
15687// See UpdateAccessKey for more information on using the UpdateAccessKey
15688// API call, and error handling.
15689//
15690// This method is useful when you want to inject custom logic or configuration
15691// into the SDK's request lifecycle. Such as custom headers, or retry logic.
15692//
15693//
15694//    // Example sending a request using the UpdateAccessKeyRequest method.
15695//    req, resp := client.UpdateAccessKeyRequest(params)
15696//
15697//    err := req.Send()
15698//    if err == nil { // resp is now filled
15699//        fmt.Println(resp)
15700//    }
15701//
15702// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateAccessKey
15703func (c *IAM) UpdateAccessKeyRequest(input *UpdateAccessKeyInput) (req *request.Request, output *UpdateAccessKeyOutput) {
15704	op := &request.Operation{
15705		Name:       opUpdateAccessKey,
15706		HTTPMethod: "POST",
15707		HTTPPath:   "/",
15708	}
15709
15710	if input == nil {
15711		input = &UpdateAccessKeyInput{}
15712	}
15713
15714	output = &UpdateAccessKeyOutput{}
15715	req = c.newRequest(op, input, output)
15716	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
15717	return
15718}
15719
15720// UpdateAccessKey API operation for AWS Identity and Access Management.
15721//
15722// Changes the status of the specified access key from Active to Inactive, or
15723// vice versa. This operation can be used to disable a user's key as part of
15724// a key rotation workflow.
15725//
15726// If the UserName is not specified, the user name is determined implicitly
15727// based on the AWS access key ID used to sign the request. This operation works
15728// for access keys under the AWS account. Consequently, you can use this operation
15729// to manage AWS account root user credentials even if the AWS account has no
15730// associated users.
15731//
15732// For information about rotating keys, see Managing keys and certificates (https://docs.aws.amazon.com/IAM/latest/UserGuide/ManagingCredentials.html)
15733// in the IAM User Guide.
15734//
15735// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
15736// with awserr.Error's Code and Message methods to get detailed information about
15737// the error.
15738//
15739// See the AWS API reference guide for AWS Identity and Access Management's
15740// API operation UpdateAccessKey for usage and error information.
15741//
15742// Returned Error Codes:
15743//   * ErrCodeNoSuchEntityException "NoSuchEntity"
15744//   The request was rejected because it referenced a resource entity that does
15745//   not exist. The error message describes the resource.
15746//
15747//   * ErrCodeLimitExceededException "LimitExceeded"
15748//   The request was rejected because it attempted to create resources beyond
15749//   the current AWS account limits. The error message describes the limit exceeded.
15750//
15751//   * ErrCodeServiceFailureException "ServiceFailure"
15752//   The request processing has failed because of an unknown error, exception
15753//   or failure.
15754//
15755// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateAccessKey
15756func (c *IAM) UpdateAccessKey(input *UpdateAccessKeyInput) (*UpdateAccessKeyOutput, error) {
15757	req, out := c.UpdateAccessKeyRequest(input)
15758	return out, req.Send()
15759}
15760
15761// UpdateAccessKeyWithContext is the same as UpdateAccessKey with the addition of
15762// the ability to pass a context and additional request options.
15763//
15764// See UpdateAccessKey for details on how to use this API operation.
15765//
15766// The context must be non-nil and will be used for request cancellation. If
15767// the context is nil a panic will occur. In the future the SDK may create
15768// sub-contexts for http.Requests. See https://golang.org/pkg/context/
15769// for more information on using Contexts.
15770func (c *IAM) UpdateAccessKeyWithContext(ctx aws.Context, input *UpdateAccessKeyInput, opts ...request.Option) (*UpdateAccessKeyOutput, error) {
15771	req, out := c.UpdateAccessKeyRequest(input)
15772	req.SetContext(ctx)
15773	req.ApplyOptions(opts...)
15774	return out, req.Send()
15775}
15776
15777const opUpdateAccountPasswordPolicy = "UpdateAccountPasswordPolicy"
15778
15779// UpdateAccountPasswordPolicyRequest generates a "aws/request.Request" representing the
15780// client's request for the UpdateAccountPasswordPolicy operation. The "output" return
15781// value will be populated with the request's response once the request completes
15782// successfully.
15783//
15784// Use "Send" method on the returned Request to send the API call to the service.
15785// the "output" return value is not valid until after Send returns without error.
15786//
15787// See UpdateAccountPasswordPolicy for more information on using the UpdateAccountPasswordPolicy
15788// API call, and error handling.
15789//
15790// This method is useful when you want to inject custom logic or configuration
15791// into the SDK's request lifecycle. Such as custom headers, or retry logic.
15792//
15793//
15794//    // Example sending a request using the UpdateAccountPasswordPolicyRequest method.
15795//    req, resp := client.UpdateAccountPasswordPolicyRequest(params)
15796//
15797//    err := req.Send()
15798//    if err == nil { // resp is now filled
15799//        fmt.Println(resp)
15800//    }
15801//
15802// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateAccountPasswordPolicy
15803func (c *IAM) UpdateAccountPasswordPolicyRequest(input *UpdateAccountPasswordPolicyInput) (req *request.Request, output *UpdateAccountPasswordPolicyOutput) {
15804	op := &request.Operation{
15805		Name:       opUpdateAccountPasswordPolicy,
15806		HTTPMethod: "POST",
15807		HTTPPath:   "/",
15808	}
15809
15810	if input == nil {
15811		input = &UpdateAccountPasswordPolicyInput{}
15812	}
15813
15814	output = &UpdateAccountPasswordPolicyOutput{}
15815	req = c.newRequest(op, input, output)
15816	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
15817	return
15818}
15819
15820// UpdateAccountPasswordPolicy API operation for AWS Identity and Access Management.
15821//
15822// Updates the password policy settings for the AWS account.
15823//
15824//    * This operation does not support partial updates. No parameters are required,
15825//    but if you do not specify a parameter, that parameter's value reverts
15826//    to its default value. See the Request Parameters section for each parameter's
15827//    default value. Also note that some parameters do not allow the default
15828//    parameter to be explicitly set. Instead, to invoke the default value,
15829//    do not include that parameter when you invoke the operation.
15830//
15831// For more information about using a password policy, see Managing an IAM password
15832// policy (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_ManagingPasswordPolicies.html)
15833// in the IAM User Guide.
15834//
15835// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
15836// with awserr.Error's Code and Message methods to get detailed information about
15837// the error.
15838//
15839// See the AWS API reference guide for AWS Identity and Access Management's
15840// API operation UpdateAccountPasswordPolicy for usage and error information.
15841//
15842// Returned Error Codes:
15843//   * ErrCodeNoSuchEntityException "NoSuchEntity"
15844//   The request was rejected because it referenced a resource entity that does
15845//   not exist. The error message describes the resource.
15846//
15847//   * ErrCodeMalformedPolicyDocumentException "MalformedPolicyDocument"
15848//   The request was rejected because the policy document was malformed. The error
15849//   message describes the specific error.
15850//
15851//   * ErrCodeLimitExceededException "LimitExceeded"
15852//   The request was rejected because it attempted to create resources beyond
15853//   the current AWS account limits. The error message describes the limit exceeded.
15854//
15855//   * ErrCodeServiceFailureException "ServiceFailure"
15856//   The request processing has failed because of an unknown error, exception
15857//   or failure.
15858//
15859// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateAccountPasswordPolicy
15860func (c *IAM) UpdateAccountPasswordPolicy(input *UpdateAccountPasswordPolicyInput) (*UpdateAccountPasswordPolicyOutput, error) {
15861	req, out := c.UpdateAccountPasswordPolicyRequest(input)
15862	return out, req.Send()
15863}
15864
15865// UpdateAccountPasswordPolicyWithContext is the same as UpdateAccountPasswordPolicy with the addition of
15866// the ability to pass a context and additional request options.
15867//
15868// See UpdateAccountPasswordPolicy for details on how to use this API operation.
15869//
15870// The context must be non-nil and will be used for request cancellation. If
15871// the context is nil a panic will occur. In the future the SDK may create
15872// sub-contexts for http.Requests. See https://golang.org/pkg/context/
15873// for more information on using Contexts.
15874func (c *IAM) UpdateAccountPasswordPolicyWithContext(ctx aws.Context, input *UpdateAccountPasswordPolicyInput, opts ...request.Option) (*UpdateAccountPasswordPolicyOutput, error) {
15875	req, out := c.UpdateAccountPasswordPolicyRequest(input)
15876	req.SetContext(ctx)
15877	req.ApplyOptions(opts...)
15878	return out, req.Send()
15879}
15880
15881const opUpdateAssumeRolePolicy = "UpdateAssumeRolePolicy"
15882
15883// UpdateAssumeRolePolicyRequest generates a "aws/request.Request" representing the
15884// client's request for the UpdateAssumeRolePolicy operation. The "output" return
15885// value will be populated with the request's response once the request completes
15886// successfully.
15887//
15888// Use "Send" method on the returned Request to send the API call to the service.
15889// the "output" return value is not valid until after Send returns without error.
15890//
15891// See UpdateAssumeRolePolicy for more information on using the UpdateAssumeRolePolicy
15892// API call, and error handling.
15893//
15894// This method is useful when you want to inject custom logic or configuration
15895// into the SDK's request lifecycle. Such as custom headers, or retry logic.
15896//
15897//
15898//    // Example sending a request using the UpdateAssumeRolePolicyRequest method.
15899//    req, resp := client.UpdateAssumeRolePolicyRequest(params)
15900//
15901//    err := req.Send()
15902//    if err == nil { // resp is now filled
15903//        fmt.Println(resp)
15904//    }
15905//
15906// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateAssumeRolePolicy
15907func (c *IAM) UpdateAssumeRolePolicyRequest(input *UpdateAssumeRolePolicyInput) (req *request.Request, output *UpdateAssumeRolePolicyOutput) {
15908	op := &request.Operation{
15909		Name:       opUpdateAssumeRolePolicy,
15910		HTTPMethod: "POST",
15911		HTTPPath:   "/",
15912	}
15913
15914	if input == nil {
15915		input = &UpdateAssumeRolePolicyInput{}
15916	}
15917
15918	output = &UpdateAssumeRolePolicyOutput{}
15919	req = c.newRequest(op, input, output)
15920	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
15921	return
15922}
15923
15924// UpdateAssumeRolePolicy API operation for AWS Identity and Access Management.
15925//
15926// Updates the policy that grants an IAM entity permission to assume a role.
15927// This is typically referred to as the "role trust policy". For more information
15928// about roles, see Using roles to delegate permissions and federate identities
15929// (https://docs.aws.amazon.com/IAM/latest/UserGuide/roles-toplevel.html).
15930//
15931// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
15932// with awserr.Error's Code and Message methods to get detailed information about
15933// the error.
15934//
15935// See the AWS API reference guide for AWS Identity and Access Management's
15936// API operation UpdateAssumeRolePolicy for usage and error information.
15937//
15938// Returned Error Codes:
15939//   * ErrCodeNoSuchEntityException "NoSuchEntity"
15940//   The request was rejected because it referenced a resource entity that does
15941//   not exist. The error message describes the resource.
15942//
15943//   * ErrCodeMalformedPolicyDocumentException "MalformedPolicyDocument"
15944//   The request was rejected because the policy document was malformed. The error
15945//   message describes the specific error.
15946//
15947//   * ErrCodeLimitExceededException "LimitExceeded"
15948//   The request was rejected because it attempted to create resources beyond
15949//   the current AWS account limits. The error message describes the limit exceeded.
15950//
15951//   * ErrCodeUnmodifiableEntityException "UnmodifiableEntity"
15952//   The request was rejected because only the service that depends on the service-linked
15953//   role can modify or delete the role on your behalf. The error message includes
15954//   the name of the service that depends on this service-linked role. You must
15955//   request the change through that service.
15956//
15957//   * ErrCodeServiceFailureException "ServiceFailure"
15958//   The request processing has failed because of an unknown error, exception
15959//   or failure.
15960//
15961// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateAssumeRolePolicy
15962func (c *IAM) UpdateAssumeRolePolicy(input *UpdateAssumeRolePolicyInput) (*UpdateAssumeRolePolicyOutput, error) {
15963	req, out := c.UpdateAssumeRolePolicyRequest(input)
15964	return out, req.Send()
15965}
15966
15967// UpdateAssumeRolePolicyWithContext is the same as UpdateAssumeRolePolicy with the addition of
15968// the ability to pass a context and additional request options.
15969//
15970// See UpdateAssumeRolePolicy for details on how to use this API operation.
15971//
15972// The context must be non-nil and will be used for request cancellation. If
15973// the context is nil a panic will occur. In the future the SDK may create
15974// sub-contexts for http.Requests. See https://golang.org/pkg/context/
15975// for more information on using Contexts.
15976func (c *IAM) UpdateAssumeRolePolicyWithContext(ctx aws.Context, input *UpdateAssumeRolePolicyInput, opts ...request.Option) (*UpdateAssumeRolePolicyOutput, error) {
15977	req, out := c.UpdateAssumeRolePolicyRequest(input)
15978	req.SetContext(ctx)
15979	req.ApplyOptions(opts...)
15980	return out, req.Send()
15981}
15982
15983const opUpdateGroup = "UpdateGroup"
15984
15985// UpdateGroupRequest generates a "aws/request.Request" representing the
15986// client's request for the UpdateGroup operation. The "output" return
15987// value will be populated with the request's response once the request completes
15988// successfully.
15989//
15990// Use "Send" method on the returned Request to send the API call to the service.
15991// the "output" return value is not valid until after Send returns without error.
15992//
15993// See UpdateGroup for more information on using the UpdateGroup
15994// API call, and error handling.
15995//
15996// This method is useful when you want to inject custom logic or configuration
15997// into the SDK's request lifecycle. Such as custom headers, or retry logic.
15998//
15999//
16000//    // Example sending a request using the UpdateGroupRequest method.
16001//    req, resp := client.UpdateGroupRequest(params)
16002//
16003//    err := req.Send()
16004//    if err == nil { // resp is now filled
16005//        fmt.Println(resp)
16006//    }
16007//
16008// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateGroup
16009func (c *IAM) UpdateGroupRequest(input *UpdateGroupInput) (req *request.Request, output *UpdateGroupOutput) {
16010	op := &request.Operation{
16011		Name:       opUpdateGroup,
16012		HTTPMethod: "POST",
16013		HTTPPath:   "/",
16014	}
16015
16016	if input == nil {
16017		input = &UpdateGroupInput{}
16018	}
16019
16020	output = &UpdateGroupOutput{}
16021	req = c.newRequest(op, input, output)
16022	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
16023	return
16024}
16025
16026// UpdateGroup API operation for AWS Identity and Access Management.
16027//
16028// Updates the name and/or the path of the specified IAM group.
16029//
16030// You should understand the implications of changing a group's path or name.
16031// For more information, see Renaming users and groups (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_WorkingWithGroupsAndUsers.html)
16032// in the IAM User Guide.
16033//
16034// The person making the request (the principal), must have permission to change
16035// the role group with the old name and the new name. For example, to change
16036// the group named Managers to MGRs, the principal must have a policy that allows
16037// them to update both groups. If the principal has permission to update the
16038// Managers group, but not the MGRs group, then the update fails. For more information
16039// about permissions, see Access management (https://docs.aws.amazon.com/IAM/latest/UserGuide/access.html).
16040//
16041// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
16042// with awserr.Error's Code and Message methods to get detailed information about
16043// the error.
16044//
16045// See the AWS API reference guide for AWS Identity and Access Management's
16046// API operation UpdateGroup for usage and error information.
16047//
16048// Returned Error Codes:
16049//   * ErrCodeNoSuchEntityException "NoSuchEntity"
16050//   The request was rejected because it referenced a resource entity that does
16051//   not exist. The error message describes the resource.
16052//
16053//   * ErrCodeEntityAlreadyExistsException "EntityAlreadyExists"
16054//   The request was rejected because it attempted to create a resource that already
16055//   exists.
16056//
16057//   * ErrCodeLimitExceededException "LimitExceeded"
16058//   The request was rejected because it attempted to create resources beyond
16059//   the current AWS account limits. The error message describes the limit exceeded.
16060//
16061//   * ErrCodeServiceFailureException "ServiceFailure"
16062//   The request processing has failed because of an unknown error, exception
16063//   or failure.
16064//
16065// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateGroup
16066func (c *IAM) UpdateGroup(input *UpdateGroupInput) (*UpdateGroupOutput, error) {
16067	req, out := c.UpdateGroupRequest(input)
16068	return out, req.Send()
16069}
16070
16071// UpdateGroupWithContext is the same as UpdateGroup with the addition of
16072// the ability to pass a context and additional request options.
16073//
16074// See UpdateGroup for details on how to use this API operation.
16075//
16076// The context must be non-nil and will be used for request cancellation. If
16077// the context is nil a panic will occur. In the future the SDK may create
16078// sub-contexts for http.Requests. See https://golang.org/pkg/context/
16079// for more information on using Contexts.
16080func (c *IAM) UpdateGroupWithContext(ctx aws.Context, input *UpdateGroupInput, opts ...request.Option) (*UpdateGroupOutput, error) {
16081	req, out := c.UpdateGroupRequest(input)
16082	req.SetContext(ctx)
16083	req.ApplyOptions(opts...)
16084	return out, req.Send()
16085}
16086
16087const opUpdateLoginProfile = "UpdateLoginProfile"
16088
16089// UpdateLoginProfileRequest generates a "aws/request.Request" representing the
16090// client's request for the UpdateLoginProfile operation. The "output" return
16091// value will be populated with the request's response once the request completes
16092// successfully.
16093//
16094// Use "Send" method on the returned Request to send the API call to the service.
16095// the "output" return value is not valid until after Send returns without error.
16096//
16097// See UpdateLoginProfile for more information on using the UpdateLoginProfile
16098// API call, and error handling.
16099//
16100// This method is useful when you want to inject custom logic or configuration
16101// into the SDK's request lifecycle. Such as custom headers, or retry logic.
16102//
16103//
16104//    // Example sending a request using the UpdateLoginProfileRequest method.
16105//    req, resp := client.UpdateLoginProfileRequest(params)
16106//
16107//    err := req.Send()
16108//    if err == nil { // resp is now filled
16109//        fmt.Println(resp)
16110//    }
16111//
16112// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateLoginProfile
16113func (c *IAM) UpdateLoginProfileRequest(input *UpdateLoginProfileInput) (req *request.Request, output *UpdateLoginProfileOutput) {
16114	op := &request.Operation{
16115		Name:       opUpdateLoginProfile,
16116		HTTPMethod: "POST",
16117		HTTPPath:   "/",
16118	}
16119
16120	if input == nil {
16121		input = &UpdateLoginProfileInput{}
16122	}
16123
16124	output = &UpdateLoginProfileOutput{}
16125	req = c.newRequest(op, input, output)
16126	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
16127	return
16128}
16129
16130// UpdateLoginProfile API operation for AWS Identity and Access Management.
16131//
16132// Changes the password for the specified IAM user. You can use the AWS CLI,
16133// the AWS API, or the Users page in the IAM console to change the password
16134// for any IAM user. Use ChangePassword to change your own password in the My
16135// Security Credentials page in the AWS Management Console.
16136//
16137// For more information about modifying passwords, see Managing passwords (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_ManagingLogins.html)
16138// in the IAM User Guide.
16139//
16140// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
16141// with awserr.Error's Code and Message methods to get detailed information about
16142// the error.
16143//
16144// See the AWS API reference guide for AWS Identity and Access Management's
16145// API operation UpdateLoginProfile for usage and error information.
16146//
16147// Returned Error Codes:
16148//   * ErrCodeEntityTemporarilyUnmodifiableException "EntityTemporarilyUnmodifiable"
16149//   The request was rejected because it referenced an entity that is temporarily
16150//   unmodifiable, such as a user name that was deleted and then recreated. The
16151//   error indicates that the request is likely to succeed if you try again after
16152//   waiting several minutes. The error message describes the entity.
16153//
16154//   * ErrCodeNoSuchEntityException "NoSuchEntity"
16155//   The request was rejected because it referenced a resource entity that does
16156//   not exist. The error message describes the resource.
16157//
16158//   * ErrCodePasswordPolicyViolationException "PasswordPolicyViolation"
16159//   The request was rejected because the provided password did not meet the requirements
16160//   imposed by the account password policy.
16161//
16162//   * ErrCodeLimitExceededException "LimitExceeded"
16163//   The request was rejected because it attempted to create resources beyond
16164//   the current AWS account limits. The error message describes the limit exceeded.
16165//
16166//   * ErrCodeServiceFailureException "ServiceFailure"
16167//   The request processing has failed because of an unknown error, exception
16168//   or failure.
16169//
16170// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateLoginProfile
16171func (c *IAM) UpdateLoginProfile(input *UpdateLoginProfileInput) (*UpdateLoginProfileOutput, error) {
16172	req, out := c.UpdateLoginProfileRequest(input)
16173	return out, req.Send()
16174}
16175
16176// UpdateLoginProfileWithContext is the same as UpdateLoginProfile with the addition of
16177// the ability to pass a context and additional request options.
16178//
16179// See UpdateLoginProfile for details on how to use this API operation.
16180//
16181// The context must be non-nil and will be used for request cancellation. If
16182// the context is nil a panic will occur. In the future the SDK may create
16183// sub-contexts for http.Requests. See https://golang.org/pkg/context/
16184// for more information on using Contexts.
16185func (c *IAM) UpdateLoginProfileWithContext(ctx aws.Context, input *UpdateLoginProfileInput, opts ...request.Option) (*UpdateLoginProfileOutput, error) {
16186	req, out := c.UpdateLoginProfileRequest(input)
16187	req.SetContext(ctx)
16188	req.ApplyOptions(opts...)
16189	return out, req.Send()
16190}
16191
16192const opUpdateOpenIDConnectProviderThumbprint = "UpdateOpenIDConnectProviderThumbprint"
16193
16194// UpdateOpenIDConnectProviderThumbprintRequest generates a "aws/request.Request" representing the
16195// client's request for the UpdateOpenIDConnectProviderThumbprint operation. The "output" return
16196// value will be populated with the request's response once the request completes
16197// successfully.
16198//
16199// Use "Send" method on the returned Request to send the API call to the service.
16200// the "output" return value is not valid until after Send returns without error.
16201//
16202// See UpdateOpenIDConnectProviderThumbprint for more information on using the UpdateOpenIDConnectProviderThumbprint
16203// API call, and error handling.
16204//
16205// This method is useful when you want to inject custom logic or configuration
16206// into the SDK's request lifecycle. Such as custom headers, or retry logic.
16207//
16208//
16209//    // Example sending a request using the UpdateOpenIDConnectProviderThumbprintRequest method.
16210//    req, resp := client.UpdateOpenIDConnectProviderThumbprintRequest(params)
16211//
16212//    err := req.Send()
16213//    if err == nil { // resp is now filled
16214//        fmt.Println(resp)
16215//    }
16216//
16217// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateOpenIDConnectProviderThumbprint
16218func (c *IAM) UpdateOpenIDConnectProviderThumbprintRequest(input *UpdateOpenIDConnectProviderThumbprintInput) (req *request.Request, output *UpdateOpenIDConnectProviderThumbprintOutput) {
16219	op := &request.Operation{
16220		Name:       opUpdateOpenIDConnectProviderThumbprint,
16221		HTTPMethod: "POST",
16222		HTTPPath:   "/",
16223	}
16224
16225	if input == nil {
16226		input = &UpdateOpenIDConnectProviderThumbprintInput{}
16227	}
16228
16229	output = &UpdateOpenIDConnectProviderThumbprintOutput{}
16230	req = c.newRequest(op, input, output)
16231	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
16232	return
16233}
16234
16235// UpdateOpenIDConnectProviderThumbprint API operation for AWS Identity and Access Management.
16236//
16237// Replaces the existing list of server certificate thumbprints associated with
16238// an OpenID Connect (OIDC) provider resource object with a new list of thumbprints.
16239//
16240// The list that you pass with this operation completely replaces the existing
16241// list of thumbprints. (The lists are not merged.)
16242//
16243// Typically, you need to update a thumbprint only when the identity provider's
16244// certificate changes, which occurs rarely. However, if the provider's certificate
16245// does change, any attempt to assume an IAM role that specifies the OIDC provider
16246// as a principal fails until the certificate thumbprint is updated.
16247//
16248// Trust for the OIDC provider is derived from the provider's certificate and
16249// is validated by the thumbprint. Therefore, it is best to limit access to
16250// the UpdateOpenIDConnectProviderThumbprint operation to highly privileged
16251// users.
16252//
16253// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
16254// with awserr.Error's Code and Message methods to get detailed information about
16255// the error.
16256//
16257// See the AWS API reference guide for AWS Identity and Access Management's
16258// API operation UpdateOpenIDConnectProviderThumbprint for usage and error information.
16259//
16260// Returned Error Codes:
16261//   * ErrCodeInvalidInputException "InvalidInput"
16262//   The request was rejected because an invalid or out-of-range value was supplied
16263//   for an input parameter.
16264//
16265//   * ErrCodeNoSuchEntityException "NoSuchEntity"
16266//   The request was rejected because it referenced a resource entity that does
16267//   not exist. The error message describes the resource.
16268//
16269//   * ErrCodeServiceFailureException "ServiceFailure"
16270//   The request processing has failed because of an unknown error, exception
16271//   or failure.
16272//
16273// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateOpenIDConnectProviderThumbprint
16274func (c *IAM) UpdateOpenIDConnectProviderThumbprint(input *UpdateOpenIDConnectProviderThumbprintInput) (*UpdateOpenIDConnectProviderThumbprintOutput, error) {
16275	req, out := c.UpdateOpenIDConnectProviderThumbprintRequest(input)
16276	return out, req.Send()
16277}
16278
16279// UpdateOpenIDConnectProviderThumbprintWithContext is the same as UpdateOpenIDConnectProviderThumbprint with the addition of
16280// the ability to pass a context and additional request options.
16281//
16282// See UpdateOpenIDConnectProviderThumbprint for details on how to use this API operation.
16283//
16284// The context must be non-nil and will be used for request cancellation. If
16285// the context is nil a panic will occur. In the future the SDK may create
16286// sub-contexts for http.Requests. See https://golang.org/pkg/context/
16287// for more information on using Contexts.
16288func (c *IAM) UpdateOpenIDConnectProviderThumbprintWithContext(ctx aws.Context, input *UpdateOpenIDConnectProviderThumbprintInput, opts ...request.Option) (*UpdateOpenIDConnectProviderThumbprintOutput, error) {
16289	req, out := c.UpdateOpenIDConnectProviderThumbprintRequest(input)
16290	req.SetContext(ctx)
16291	req.ApplyOptions(opts...)
16292	return out, req.Send()
16293}
16294
16295const opUpdateRole = "UpdateRole"
16296
16297// UpdateRoleRequest generates a "aws/request.Request" representing the
16298// client's request for the UpdateRole operation. The "output" return
16299// value will be populated with the request's response once the request completes
16300// successfully.
16301//
16302// Use "Send" method on the returned Request to send the API call to the service.
16303// the "output" return value is not valid until after Send returns without error.
16304//
16305// See UpdateRole for more information on using the UpdateRole
16306// API call, and error handling.
16307//
16308// This method is useful when you want to inject custom logic or configuration
16309// into the SDK's request lifecycle. Such as custom headers, or retry logic.
16310//
16311//
16312//    // Example sending a request using the UpdateRoleRequest method.
16313//    req, resp := client.UpdateRoleRequest(params)
16314//
16315//    err := req.Send()
16316//    if err == nil { // resp is now filled
16317//        fmt.Println(resp)
16318//    }
16319//
16320// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateRole
16321func (c *IAM) UpdateRoleRequest(input *UpdateRoleInput) (req *request.Request, output *UpdateRoleOutput) {
16322	op := &request.Operation{
16323		Name:       opUpdateRole,
16324		HTTPMethod: "POST",
16325		HTTPPath:   "/",
16326	}
16327
16328	if input == nil {
16329		input = &UpdateRoleInput{}
16330	}
16331
16332	output = &UpdateRoleOutput{}
16333	req = c.newRequest(op, input, output)
16334	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
16335	return
16336}
16337
16338// UpdateRole API operation for AWS Identity and Access Management.
16339//
16340// Updates the description or maximum session duration setting of a role.
16341//
16342// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
16343// with awserr.Error's Code and Message methods to get detailed information about
16344// the error.
16345//
16346// See the AWS API reference guide for AWS Identity and Access Management's
16347// API operation UpdateRole for usage and error information.
16348//
16349// Returned Error Codes:
16350//   * ErrCodeUnmodifiableEntityException "UnmodifiableEntity"
16351//   The request was rejected because only the service that depends on the service-linked
16352//   role can modify or delete the role on your behalf. The error message includes
16353//   the name of the service that depends on this service-linked role. You must
16354//   request the change through that service.
16355//
16356//   * ErrCodeNoSuchEntityException "NoSuchEntity"
16357//   The request was rejected because it referenced a resource entity that does
16358//   not exist. The error message describes the resource.
16359//
16360//   * ErrCodeServiceFailureException "ServiceFailure"
16361//   The request processing has failed because of an unknown error, exception
16362//   or failure.
16363//
16364// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateRole
16365func (c *IAM) UpdateRole(input *UpdateRoleInput) (*UpdateRoleOutput, error) {
16366	req, out := c.UpdateRoleRequest(input)
16367	return out, req.Send()
16368}
16369
16370// UpdateRoleWithContext is the same as UpdateRole with the addition of
16371// the ability to pass a context and additional request options.
16372//
16373// See UpdateRole for details on how to use this API operation.
16374//
16375// The context must be non-nil and will be used for request cancellation. If
16376// the context is nil a panic will occur. In the future the SDK may create
16377// sub-contexts for http.Requests. See https://golang.org/pkg/context/
16378// for more information on using Contexts.
16379func (c *IAM) UpdateRoleWithContext(ctx aws.Context, input *UpdateRoleInput, opts ...request.Option) (*UpdateRoleOutput, error) {
16380	req, out := c.UpdateRoleRequest(input)
16381	req.SetContext(ctx)
16382	req.ApplyOptions(opts...)
16383	return out, req.Send()
16384}
16385
16386const opUpdateRoleDescription = "UpdateRoleDescription"
16387
16388// UpdateRoleDescriptionRequest generates a "aws/request.Request" representing the
16389// client's request for the UpdateRoleDescription operation. The "output" return
16390// value will be populated with the request's response once the request completes
16391// successfully.
16392//
16393// Use "Send" method on the returned Request to send the API call to the service.
16394// the "output" return value is not valid until after Send returns without error.
16395//
16396// See UpdateRoleDescription for more information on using the UpdateRoleDescription
16397// API call, and error handling.
16398//
16399// This method is useful when you want to inject custom logic or configuration
16400// into the SDK's request lifecycle. Such as custom headers, or retry logic.
16401//
16402//
16403//    // Example sending a request using the UpdateRoleDescriptionRequest method.
16404//    req, resp := client.UpdateRoleDescriptionRequest(params)
16405//
16406//    err := req.Send()
16407//    if err == nil { // resp is now filled
16408//        fmt.Println(resp)
16409//    }
16410//
16411// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateRoleDescription
16412func (c *IAM) UpdateRoleDescriptionRequest(input *UpdateRoleDescriptionInput) (req *request.Request, output *UpdateRoleDescriptionOutput) {
16413	op := &request.Operation{
16414		Name:       opUpdateRoleDescription,
16415		HTTPMethod: "POST",
16416		HTTPPath:   "/",
16417	}
16418
16419	if input == nil {
16420		input = &UpdateRoleDescriptionInput{}
16421	}
16422
16423	output = &UpdateRoleDescriptionOutput{}
16424	req = c.newRequest(op, input, output)
16425	return
16426}
16427
16428// UpdateRoleDescription API operation for AWS Identity and Access Management.
16429//
16430// Use UpdateRole instead.
16431//
16432// Modifies only the description of a role. This operation performs the same
16433// function as the Description parameter in the UpdateRole operation.
16434//
16435// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
16436// with awserr.Error's Code and Message methods to get detailed information about
16437// the error.
16438//
16439// See the AWS API reference guide for AWS Identity and Access Management's
16440// API operation UpdateRoleDescription for usage and error information.
16441//
16442// Returned Error Codes:
16443//   * ErrCodeNoSuchEntityException "NoSuchEntity"
16444//   The request was rejected because it referenced a resource entity that does
16445//   not exist. The error message describes the resource.
16446//
16447//   * ErrCodeUnmodifiableEntityException "UnmodifiableEntity"
16448//   The request was rejected because only the service that depends on the service-linked
16449//   role can modify or delete the role on your behalf. The error message includes
16450//   the name of the service that depends on this service-linked role. You must
16451//   request the change through that service.
16452//
16453//   * ErrCodeServiceFailureException "ServiceFailure"
16454//   The request processing has failed because of an unknown error, exception
16455//   or failure.
16456//
16457// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateRoleDescription
16458func (c *IAM) UpdateRoleDescription(input *UpdateRoleDescriptionInput) (*UpdateRoleDescriptionOutput, error) {
16459	req, out := c.UpdateRoleDescriptionRequest(input)
16460	return out, req.Send()
16461}
16462
16463// UpdateRoleDescriptionWithContext is the same as UpdateRoleDescription with the addition of
16464// the ability to pass a context and additional request options.
16465//
16466// See UpdateRoleDescription for details on how to use this API operation.
16467//
16468// The context must be non-nil and will be used for request cancellation. If
16469// the context is nil a panic will occur. In the future the SDK may create
16470// sub-contexts for http.Requests. See https://golang.org/pkg/context/
16471// for more information on using Contexts.
16472func (c *IAM) UpdateRoleDescriptionWithContext(ctx aws.Context, input *UpdateRoleDescriptionInput, opts ...request.Option) (*UpdateRoleDescriptionOutput, error) {
16473	req, out := c.UpdateRoleDescriptionRequest(input)
16474	req.SetContext(ctx)
16475	req.ApplyOptions(opts...)
16476	return out, req.Send()
16477}
16478
16479const opUpdateSAMLProvider = "UpdateSAMLProvider"
16480
16481// UpdateSAMLProviderRequest generates a "aws/request.Request" representing the
16482// client's request for the UpdateSAMLProvider operation. The "output" return
16483// value will be populated with the request's response once the request completes
16484// successfully.
16485//
16486// Use "Send" method on the returned Request to send the API call to the service.
16487// the "output" return value is not valid until after Send returns without error.
16488//
16489// See UpdateSAMLProvider for more information on using the UpdateSAMLProvider
16490// API call, and error handling.
16491//
16492// This method is useful when you want to inject custom logic or configuration
16493// into the SDK's request lifecycle. Such as custom headers, or retry logic.
16494//
16495//
16496//    // Example sending a request using the UpdateSAMLProviderRequest method.
16497//    req, resp := client.UpdateSAMLProviderRequest(params)
16498//
16499//    err := req.Send()
16500//    if err == nil { // resp is now filled
16501//        fmt.Println(resp)
16502//    }
16503//
16504// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateSAMLProvider
16505func (c *IAM) UpdateSAMLProviderRequest(input *UpdateSAMLProviderInput) (req *request.Request, output *UpdateSAMLProviderOutput) {
16506	op := &request.Operation{
16507		Name:       opUpdateSAMLProvider,
16508		HTTPMethod: "POST",
16509		HTTPPath:   "/",
16510	}
16511
16512	if input == nil {
16513		input = &UpdateSAMLProviderInput{}
16514	}
16515
16516	output = &UpdateSAMLProviderOutput{}
16517	req = c.newRequest(op, input, output)
16518	return
16519}
16520
16521// UpdateSAMLProvider API operation for AWS Identity and Access Management.
16522//
16523// Updates the metadata document for an existing SAML provider resource object.
16524//
16525// This operation requires Signature Version 4 (https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html).
16526//
16527// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
16528// with awserr.Error's Code and Message methods to get detailed information about
16529// the error.
16530//
16531// See the AWS API reference guide for AWS Identity and Access Management's
16532// API operation UpdateSAMLProvider for usage and error information.
16533//
16534// Returned Error Codes:
16535//   * ErrCodeNoSuchEntityException "NoSuchEntity"
16536//   The request was rejected because it referenced a resource entity that does
16537//   not exist. The error message describes the resource.
16538//
16539//   * ErrCodeInvalidInputException "InvalidInput"
16540//   The request was rejected because an invalid or out-of-range value was supplied
16541//   for an input parameter.
16542//
16543//   * ErrCodeLimitExceededException "LimitExceeded"
16544//   The request was rejected because it attempted to create resources beyond
16545//   the current AWS account limits. The error message describes the limit exceeded.
16546//
16547//   * ErrCodeServiceFailureException "ServiceFailure"
16548//   The request processing has failed because of an unknown error, exception
16549//   or failure.
16550//
16551// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateSAMLProvider
16552func (c *IAM) UpdateSAMLProvider(input *UpdateSAMLProviderInput) (*UpdateSAMLProviderOutput, error) {
16553	req, out := c.UpdateSAMLProviderRequest(input)
16554	return out, req.Send()
16555}
16556
16557// UpdateSAMLProviderWithContext is the same as UpdateSAMLProvider with the addition of
16558// the ability to pass a context and additional request options.
16559//
16560// See UpdateSAMLProvider for details on how to use this API operation.
16561//
16562// The context must be non-nil and will be used for request cancellation. If
16563// the context is nil a panic will occur. In the future the SDK may create
16564// sub-contexts for http.Requests. See https://golang.org/pkg/context/
16565// for more information on using Contexts.
16566func (c *IAM) UpdateSAMLProviderWithContext(ctx aws.Context, input *UpdateSAMLProviderInput, opts ...request.Option) (*UpdateSAMLProviderOutput, error) {
16567	req, out := c.UpdateSAMLProviderRequest(input)
16568	req.SetContext(ctx)
16569	req.ApplyOptions(opts...)
16570	return out, req.Send()
16571}
16572
16573const opUpdateSSHPublicKey = "UpdateSSHPublicKey"
16574
16575// UpdateSSHPublicKeyRequest generates a "aws/request.Request" representing the
16576// client's request for the UpdateSSHPublicKey operation. The "output" return
16577// value will be populated with the request's response once the request completes
16578// successfully.
16579//
16580// Use "Send" method on the returned Request to send the API call to the service.
16581// the "output" return value is not valid until after Send returns without error.
16582//
16583// See UpdateSSHPublicKey for more information on using the UpdateSSHPublicKey
16584// API call, and error handling.
16585//
16586// This method is useful when you want to inject custom logic or configuration
16587// into the SDK's request lifecycle. Such as custom headers, or retry logic.
16588//
16589//
16590//    // Example sending a request using the UpdateSSHPublicKeyRequest method.
16591//    req, resp := client.UpdateSSHPublicKeyRequest(params)
16592//
16593//    err := req.Send()
16594//    if err == nil { // resp is now filled
16595//        fmt.Println(resp)
16596//    }
16597//
16598// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateSSHPublicKey
16599func (c *IAM) UpdateSSHPublicKeyRequest(input *UpdateSSHPublicKeyInput) (req *request.Request, output *UpdateSSHPublicKeyOutput) {
16600	op := &request.Operation{
16601		Name:       opUpdateSSHPublicKey,
16602		HTTPMethod: "POST",
16603		HTTPPath:   "/",
16604	}
16605
16606	if input == nil {
16607		input = &UpdateSSHPublicKeyInput{}
16608	}
16609
16610	output = &UpdateSSHPublicKeyOutput{}
16611	req = c.newRequest(op, input, output)
16612	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
16613	return
16614}
16615
16616// UpdateSSHPublicKey API operation for AWS Identity and Access Management.
16617//
16618// Sets the status of an IAM user's SSH public key to active or inactive. SSH
16619// public keys that are inactive cannot be used for authentication. This operation
16620// can be used to disable a user's SSH public key as part of a key rotation
16621// work flow.
16622//
16623// The SSH public key affected by this operation is used only for authenticating
16624// the associated IAM user to an AWS CodeCommit repository. For more information
16625// about using SSH keys to authenticate to an AWS CodeCommit repository, see
16626// Set up AWS CodeCommit for SSH connections (https://docs.aws.amazon.com/codecommit/latest/userguide/setting-up-credentials-ssh.html)
16627// in the AWS CodeCommit User Guide.
16628//
16629// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
16630// with awserr.Error's Code and Message methods to get detailed information about
16631// the error.
16632//
16633// See the AWS API reference guide for AWS Identity and Access Management's
16634// API operation UpdateSSHPublicKey for usage and error information.
16635//
16636// Returned Error Codes:
16637//   * ErrCodeNoSuchEntityException "NoSuchEntity"
16638//   The request was rejected because it referenced a resource entity that does
16639//   not exist. The error message describes the resource.
16640//
16641// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateSSHPublicKey
16642func (c *IAM) UpdateSSHPublicKey(input *UpdateSSHPublicKeyInput) (*UpdateSSHPublicKeyOutput, error) {
16643	req, out := c.UpdateSSHPublicKeyRequest(input)
16644	return out, req.Send()
16645}
16646
16647// UpdateSSHPublicKeyWithContext is the same as UpdateSSHPublicKey with the addition of
16648// the ability to pass a context and additional request options.
16649//
16650// See UpdateSSHPublicKey for details on how to use this API operation.
16651//
16652// The context must be non-nil and will be used for request cancellation. If
16653// the context is nil a panic will occur. In the future the SDK may create
16654// sub-contexts for http.Requests. See https://golang.org/pkg/context/
16655// for more information on using Contexts.
16656func (c *IAM) UpdateSSHPublicKeyWithContext(ctx aws.Context, input *UpdateSSHPublicKeyInput, opts ...request.Option) (*UpdateSSHPublicKeyOutput, error) {
16657	req, out := c.UpdateSSHPublicKeyRequest(input)
16658	req.SetContext(ctx)
16659	req.ApplyOptions(opts...)
16660	return out, req.Send()
16661}
16662
16663const opUpdateServerCertificate = "UpdateServerCertificate"
16664
16665// UpdateServerCertificateRequest generates a "aws/request.Request" representing the
16666// client's request for the UpdateServerCertificate operation. The "output" return
16667// value will be populated with the request's response once the request completes
16668// successfully.
16669//
16670// Use "Send" method on the returned Request to send the API call to the service.
16671// the "output" return value is not valid until after Send returns without error.
16672//
16673// See UpdateServerCertificate for more information on using the UpdateServerCertificate
16674// API call, and error handling.
16675//
16676// This method is useful when you want to inject custom logic or configuration
16677// into the SDK's request lifecycle. Such as custom headers, or retry logic.
16678//
16679//
16680//    // Example sending a request using the UpdateServerCertificateRequest method.
16681//    req, resp := client.UpdateServerCertificateRequest(params)
16682//
16683//    err := req.Send()
16684//    if err == nil { // resp is now filled
16685//        fmt.Println(resp)
16686//    }
16687//
16688// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateServerCertificate
16689func (c *IAM) UpdateServerCertificateRequest(input *UpdateServerCertificateInput) (req *request.Request, output *UpdateServerCertificateOutput) {
16690	op := &request.Operation{
16691		Name:       opUpdateServerCertificate,
16692		HTTPMethod: "POST",
16693		HTTPPath:   "/",
16694	}
16695
16696	if input == nil {
16697		input = &UpdateServerCertificateInput{}
16698	}
16699
16700	output = &UpdateServerCertificateOutput{}
16701	req = c.newRequest(op, input, output)
16702	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
16703	return
16704}
16705
16706// UpdateServerCertificate API operation for AWS Identity and Access Management.
16707//
16708// Updates the name and/or the path of the specified server certificate stored
16709// in IAM.
16710//
16711// For more information about working with server certificates, see Working
16712// with server certificates (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_server-certs.html)
16713// in the IAM User Guide. This topic also includes a list of AWS services that
16714// can use the server certificates that you manage with IAM.
16715//
16716// You should understand the implications of changing a server certificate's
16717// path or name. For more information, see Renaming a server certificate (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_server-certs_manage.html#RenamingServerCerts)
16718// in the IAM User Guide.
16719//
16720// The person making the request (the principal), must have permission to change
16721// the server certificate with the old name and the new name. For example, to
16722// change the certificate named ProductionCert to ProdCert, the principal must
16723// have a policy that allows them to update both certificates. If the principal
16724// has permission to update the ProductionCert group, but not the ProdCert certificate,
16725// then the update fails. For more information about permissions, see Access
16726// management (https://docs.aws.amazon.com/IAM/latest/UserGuide/access.html)
16727// in the IAM User Guide.
16728//
16729// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
16730// with awserr.Error's Code and Message methods to get detailed information about
16731// the error.
16732//
16733// See the AWS API reference guide for AWS Identity and Access Management's
16734// API operation UpdateServerCertificate for usage and error information.
16735//
16736// Returned Error Codes:
16737//   * ErrCodeNoSuchEntityException "NoSuchEntity"
16738//   The request was rejected because it referenced a resource entity that does
16739//   not exist. The error message describes the resource.
16740//
16741//   * ErrCodeEntityAlreadyExistsException "EntityAlreadyExists"
16742//   The request was rejected because it attempted to create a resource that already
16743//   exists.
16744//
16745//   * ErrCodeLimitExceededException "LimitExceeded"
16746//   The request was rejected because it attempted to create resources beyond
16747//   the current AWS account limits. The error message describes the limit exceeded.
16748//
16749//   * ErrCodeServiceFailureException "ServiceFailure"
16750//   The request processing has failed because of an unknown error, exception
16751//   or failure.
16752//
16753// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateServerCertificate
16754func (c *IAM) UpdateServerCertificate(input *UpdateServerCertificateInput) (*UpdateServerCertificateOutput, error) {
16755	req, out := c.UpdateServerCertificateRequest(input)
16756	return out, req.Send()
16757}
16758
16759// UpdateServerCertificateWithContext is the same as UpdateServerCertificate with the addition of
16760// the ability to pass a context and additional request options.
16761//
16762// See UpdateServerCertificate for details on how to use this API operation.
16763//
16764// The context must be non-nil and will be used for request cancellation. If
16765// the context is nil a panic will occur. In the future the SDK may create
16766// sub-contexts for http.Requests. See https://golang.org/pkg/context/
16767// for more information on using Contexts.
16768func (c *IAM) UpdateServerCertificateWithContext(ctx aws.Context, input *UpdateServerCertificateInput, opts ...request.Option) (*UpdateServerCertificateOutput, error) {
16769	req, out := c.UpdateServerCertificateRequest(input)
16770	req.SetContext(ctx)
16771	req.ApplyOptions(opts...)
16772	return out, req.Send()
16773}
16774
16775const opUpdateServiceSpecificCredential = "UpdateServiceSpecificCredential"
16776
16777// UpdateServiceSpecificCredentialRequest generates a "aws/request.Request" representing the
16778// client's request for the UpdateServiceSpecificCredential operation. The "output" return
16779// value will be populated with the request's response once the request completes
16780// successfully.
16781//
16782// Use "Send" method on the returned Request to send the API call to the service.
16783// the "output" return value is not valid until after Send returns without error.
16784//
16785// See UpdateServiceSpecificCredential for more information on using the UpdateServiceSpecificCredential
16786// API call, and error handling.
16787//
16788// This method is useful when you want to inject custom logic or configuration
16789// into the SDK's request lifecycle. Such as custom headers, or retry logic.
16790//
16791//
16792//    // Example sending a request using the UpdateServiceSpecificCredentialRequest method.
16793//    req, resp := client.UpdateServiceSpecificCredentialRequest(params)
16794//
16795//    err := req.Send()
16796//    if err == nil { // resp is now filled
16797//        fmt.Println(resp)
16798//    }
16799//
16800// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateServiceSpecificCredential
16801func (c *IAM) UpdateServiceSpecificCredentialRequest(input *UpdateServiceSpecificCredentialInput) (req *request.Request, output *UpdateServiceSpecificCredentialOutput) {
16802	op := &request.Operation{
16803		Name:       opUpdateServiceSpecificCredential,
16804		HTTPMethod: "POST",
16805		HTTPPath:   "/",
16806	}
16807
16808	if input == nil {
16809		input = &UpdateServiceSpecificCredentialInput{}
16810	}
16811
16812	output = &UpdateServiceSpecificCredentialOutput{}
16813	req = c.newRequest(op, input, output)
16814	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
16815	return
16816}
16817
16818// UpdateServiceSpecificCredential API operation for AWS Identity and Access Management.
16819//
16820// Sets the status of a service-specific credential to Active or Inactive. Service-specific
16821// credentials that are inactive cannot be used for authentication to the service.
16822// This operation can be used to disable a user's service-specific credential
16823// as part of a credential rotation work flow.
16824//
16825// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
16826// with awserr.Error's Code and Message methods to get detailed information about
16827// the error.
16828//
16829// See the AWS API reference guide for AWS Identity and Access Management's
16830// API operation UpdateServiceSpecificCredential for usage and error information.
16831//
16832// Returned Error Codes:
16833//   * ErrCodeNoSuchEntityException "NoSuchEntity"
16834//   The request was rejected because it referenced a resource entity that does
16835//   not exist. The error message describes the resource.
16836//
16837// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateServiceSpecificCredential
16838func (c *IAM) UpdateServiceSpecificCredential(input *UpdateServiceSpecificCredentialInput) (*UpdateServiceSpecificCredentialOutput, error) {
16839	req, out := c.UpdateServiceSpecificCredentialRequest(input)
16840	return out, req.Send()
16841}
16842
16843// UpdateServiceSpecificCredentialWithContext is the same as UpdateServiceSpecificCredential with the addition of
16844// the ability to pass a context and additional request options.
16845//
16846// See UpdateServiceSpecificCredential for details on how to use this API operation.
16847//
16848// The context must be non-nil and will be used for request cancellation. If
16849// the context is nil a panic will occur. In the future the SDK may create
16850// sub-contexts for http.Requests. See https://golang.org/pkg/context/
16851// for more information on using Contexts.
16852func (c *IAM) UpdateServiceSpecificCredentialWithContext(ctx aws.Context, input *UpdateServiceSpecificCredentialInput, opts ...request.Option) (*UpdateServiceSpecificCredentialOutput, error) {
16853	req, out := c.UpdateServiceSpecificCredentialRequest(input)
16854	req.SetContext(ctx)
16855	req.ApplyOptions(opts...)
16856	return out, req.Send()
16857}
16858
16859const opUpdateSigningCertificate = "UpdateSigningCertificate"
16860
16861// UpdateSigningCertificateRequest generates a "aws/request.Request" representing the
16862// client's request for the UpdateSigningCertificate operation. The "output" return
16863// value will be populated with the request's response once the request completes
16864// successfully.
16865//
16866// Use "Send" method on the returned Request to send the API call to the service.
16867// the "output" return value is not valid until after Send returns without error.
16868//
16869// See UpdateSigningCertificate for more information on using the UpdateSigningCertificate
16870// API call, and error handling.
16871//
16872// This method is useful when you want to inject custom logic or configuration
16873// into the SDK's request lifecycle. Such as custom headers, or retry logic.
16874//
16875//
16876//    // Example sending a request using the UpdateSigningCertificateRequest method.
16877//    req, resp := client.UpdateSigningCertificateRequest(params)
16878//
16879//    err := req.Send()
16880//    if err == nil { // resp is now filled
16881//        fmt.Println(resp)
16882//    }
16883//
16884// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateSigningCertificate
16885func (c *IAM) UpdateSigningCertificateRequest(input *UpdateSigningCertificateInput) (req *request.Request, output *UpdateSigningCertificateOutput) {
16886	op := &request.Operation{
16887		Name:       opUpdateSigningCertificate,
16888		HTTPMethod: "POST",
16889		HTTPPath:   "/",
16890	}
16891
16892	if input == nil {
16893		input = &UpdateSigningCertificateInput{}
16894	}
16895
16896	output = &UpdateSigningCertificateOutput{}
16897	req = c.newRequest(op, input, output)
16898	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
16899	return
16900}
16901
16902// UpdateSigningCertificate API operation for AWS Identity and Access Management.
16903//
16904// Changes the status of the specified user signing certificate from active
16905// to disabled, or vice versa. This operation can be used to disable an IAM
16906// user's signing certificate as part of a certificate rotation work flow.
16907//
16908// If the UserName field is not specified, the user name is determined implicitly
16909// based on the AWS access key ID used to sign the request. This operation works
16910// for access keys under the AWS account. Consequently, you can use this operation
16911// to manage AWS account root user credentials even if the AWS account has no
16912// associated users.
16913//
16914// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
16915// with awserr.Error's Code and Message methods to get detailed information about
16916// the error.
16917//
16918// See the AWS API reference guide for AWS Identity and Access Management's
16919// API operation UpdateSigningCertificate for usage and error information.
16920//
16921// Returned Error Codes:
16922//   * ErrCodeNoSuchEntityException "NoSuchEntity"
16923//   The request was rejected because it referenced a resource entity that does
16924//   not exist. The error message describes the resource.
16925//
16926//   * ErrCodeLimitExceededException "LimitExceeded"
16927//   The request was rejected because it attempted to create resources beyond
16928//   the current AWS account limits. The error message describes the limit exceeded.
16929//
16930//   * ErrCodeServiceFailureException "ServiceFailure"
16931//   The request processing has failed because of an unknown error, exception
16932//   or failure.
16933//
16934// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateSigningCertificate
16935func (c *IAM) UpdateSigningCertificate(input *UpdateSigningCertificateInput) (*UpdateSigningCertificateOutput, error) {
16936	req, out := c.UpdateSigningCertificateRequest(input)
16937	return out, req.Send()
16938}
16939
16940// UpdateSigningCertificateWithContext is the same as UpdateSigningCertificate with the addition of
16941// the ability to pass a context and additional request options.
16942//
16943// See UpdateSigningCertificate for details on how to use this API operation.
16944//
16945// The context must be non-nil and will be used for request cancellation. If
16946// the context is nil a panic will occur. In the future the SDK may create
16947// sub-contexts for http.Requests. See https://golang.org/pkg/context/
16948// for more information on using Contexts.
16949func (c *IAM) UpdateSigningCertificateWithContext(ctx aws.Context, input *UpdateSigningCertificateInput, opts ...request.Option) (*UpdateSigningCertificateOutput, error) {
16950	req, out := c.UpdateSigningCertificateRequest(input)
16951	req.SetContext(ctx)
16952	req.ApplyOptions(opts...)
16953	return out, req.Send()
16954}
16955
16956const opUpdateUser = "UpdateUser"
16957
16958// UpdateUserRequest generates a "aws/request.Request" representing the
16959// client's request for the UpdateUser operation. The "output" return
16960// value will be populated with the request's response once the request completes
16961// successfully.
16962//
16963// Use "Send" method on the returned Request to send the API call to the service.
16964// the "output" return value is not valid until after Send returns without error.
16965//
16966// See UpdateUser for more information on using the UpdateUser
16967// API call, and error handling.
16968//
16969// This method is useful when you want to inject custom logic or configuration
16970// into the SDK's request lifecycle. Such as custom headers, or retry logic.
16971//
16972//
16973//    // Example sending a request using the UpdateUserRequest method.
16974//    req, resp := client.UpdateUserRequest(params)
16975//
16976//    err := req.Send()
16977//    if err == nil { // resp is now filled
16978//        fmt.Println(resp)
16979//    }
16980//
16981// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateUser
16982func (c *IAM) UpdateUserRequest(input *UpdateUserInput) (req *request.Request, output *UpdateUserOutput) {
16983	op := &request.Operation{
16984		Name:       opUpdateUser,
16985		HTTPMethod: "POST",
16986		HTTPPath:   "/",
16987	}
16988
16989	if input == nil {
16990		input = &UpdateUserInput{}
16991	}
16992
16993	output = &UpdateUserOutput{}
16994	req = c.newRequest(op, input, output)
16995	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
16996	return
16997}
16998
16999// UpdateUser API operation for AWS Identity and Access Management.
17000//
17001// Updates the name and/or the path of the specified IAM user.
17002//
17003// You should understand the implications of changing an IAM user's path or
17004// name. For more information, see Renaming an IAM user (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_users_manage.html#id_users_renaming)
17005// and Renaming an IAM group (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_groups_manage_rename.html)
17006// in the IAM User Guide.
17007//
17008// To change a user name, the requester must have appropriate permissions on
17009// both the source object and the target object. For example, to change Bob
17010// to Robert, the entity making the request must have permission on Bob and
17011// Robert, or must have permission on all (*). For more information about permissions,
17012// see Permissions and policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/PermissionsAndPolicies.html).
17013//
17014// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
17015// with awserr.Error's Code and Message methods to get detailed information about
17016// the error.
17017//
17018// See the AWS API reference guide for AWS Identity and Access Management's
17019// API operation UpdateUser for usage and error information.
17020//
17021// Returned Error Codes:
17022//   * ErrCodeNoSuchEntityException "NoSuchEntity"
17023//   The request was rejected because it referenced a resource entity that does
17024//   not exist. The error message describes the resource.
17025//
17026//   * ErrCodeLimitExceededException "LimitExceeded"
17027//   The request was rejected because it attempted to create resources beyond
17028//   the current AWS account limits. The error message describes the limit exceeded.
17029//
17030//   * ErrCodeEntityAlreadyExistsException "EntityAlreadyExists"
17031//   The request was rejected because it attempted to create a resource that already
17032//   exists.
17033//
17034//   * ErrCodeEntityTemporarilyUnmodifiableException "EntityTemporarilyUnmodifiable"
17035//   The request was rejected because it referenced an entity that is temporarily
17036//   unmodifiable, such as a user name that was deleted and then recreated. The
17037//   error indicates that the request is likely to succeed if you try again after
17038//   waiting several minutes. The error message describes the entity.
17039//
17040//   * ErrCodeConcurrentModificationException "ConcurrentModification"
17041//   The request was rejected because multiple requests to change this object
17042//   were submitted simultaneously. Wait a few minutes and submit your request
17043//   again.
17044//
17045//   * ErrCodeServiceFailureException "ServiceFailure"
17046//   The request processing has failed because of an unknown error, exception
17047//   or failure.
17048//
17049// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateUser
17050func (c *IAM) UpdateUser(input *UpdateUserInput) (*UpdateUserOutput, error) {
17051	req, out := c.UpdateUserRequest(input)
17052	return out, req.Send()
17053}
17054
17055// UpdateUserWithContext is the same as UpdateUser with the addition of
17056// the ability to pass a context and additional request options.
17057//
17058// See UpdateUser for details on how to use this API operation.
17059//
17060// The context must be non-nil and will be used for request cancellation. If
17061// the context is nil a panic will occur. In the future the SDK may create
17062// sub-contexts for http.Requests. See https://golang.org/pkg/context/
17063// for more information on using Contexts.
17064func (c *IAM) UpdateUserWithContext(ctx aws.Context, input *UpdateUserInput, opts ...request.Option) (*UpdateUserOutput, error) {
17065	req, out := c.UpdateUserRequest(input)
17066	req.SetContext(ctx)
17067	req.ApplyOptions(opts...)
17068	return out, req.Send()
17069}
17070
17071const opUploadSSHPublicKey = "UploadSSHPublicKey"
17072
17073// UploadSSHPublicKeyRequest generates a "aws/request.Request" representing the
17074// client's request for the UploadSSHPublicKey operation. The "output" return
17075// value will be populated with the request's response once the request completes
17076// successfully.
17077//
17078// Use "Send" method on the returned Request to send the API call to the service.
17079// the "output" return value is not valid until after Send returns without error.
17080//
17081// See UploadSSHPublicKey for more information on using the UploadSSHPublicKey
17082// API call, and error handling.
17083//
17084// This method is useful when you want to inject custom logic or configuration
17085// into the SDK's request lifecycle. Such as custom headers, or retry logic.
17086//
17087//
17088//    // Example sending a request using the UploadSSHPublicKeyRequest method.
17089//    req, resp := client.UploadSSHPublicKeyRequest(params)
17090//
17091//    err := req.Send()
17092//    if err == nil { // resp is now filled
17093//        fmt.Println(resp)
17094//    }
17095//
17096// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UploadSSHPublicKey
17097func (c *IAM) UploadSSHPublicKeyRequest(input *UploadSSHPublicKeyInput) (req *request.Request, output *UploadSSHPublicKeyOutput) {
17098	op := &request.Operation{
17099		Name:       opUploadSSHPublicKey,
17100		HTTPMethod: "POST",
17101		HTTPPath:   "/",
17102	}
17103
17104	if input == nil {
17105		input = &UploadSSHPublicKeyInput{}
17106	}
17107
17108	output = &UploadSSHPublicKeyOutput{}
17109	req = c.newRequest(op, input, output)
17110	return
17111}
17112
17113// UploadSSHPublicKey API operation for AWS Identity and Access Management.
17114//
17115// Uploads an SSH public key and associates it with the specified IAM user.
17116//
17117// The SSH public key uploaded by this operation can be used only for authenticating
17118// the associated IAM user to an AWS CodeCommit repository. For more information
17119// about using SSH keys to authenticate to an AWS CodeCommit repository, see
17120// Set up AWS CodeCommit for SSH connections (https://docs.aws.amazon.com/codecommit/latest/userguide/setting-up-credentials-ssh.html)
17121// in the AWS CodeCommit User Guide.
17122//
17123// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
17124// with awserr.Error's Code and Message methods to get detailed information about
17125// the error.
17126//
17127// See the AWS API reference guide for AWS Identity and Access Management's
17128// API operation UploadSSHPublicKey for usage and error information.
17129//
17130// Returned Error Codes:
17131//   * ErrCodeLimitExceededException "LimitExceeded"
17132//   The request was rejected because it attempted to create resources beyond
17133//   the current AWS account limits. The error message describes the limit exceeded.
17134//
17135//   * ErrCodeNoSuchEntityException "NoSuchEntity"
17136//   The request was rejected because it referenced a resource entity that does
17137//   not exist. The error message describes the resource.
17138//
17139//   * ErrCodeInvalidPublicKeyException "InvalidPublicKey"
17140//   The request was rejected because the public key is malformed or otherwise
17141//   invalid.
17142//
17143//   * ErrCodeDuplicateSSHPublicKeyException "DuplicateSSHPublicKey"
17144//   The request was rejected because the SSH public key is already associated
17145//   with the specified IAM user.
17146//
17147//   * ErrCodeUnrecognizedPublicKeyEncodingException "UnrecognizedPublicKeyEncoding"
17148//   The request was rejected because the public key encoding format is unsupported
17149//   or unrecognized.
17150//
17151// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UploadSSHPublicKey
17152func (c *IAM) UploadSSHPublicKey(input *UploadSSHPublicKeyInput) (*UploadSSHPublicKeyOutput, error) {
17153	req, out := c.UploadSSHPublicKeyRequest(input)
17154	return out, req.Send()
17155}
17156
17157// UploadSSHPublicKeyWithContext is the same as UploadSSHPublicKey with the addition of
17158// the ability to pass a context and additional request options.
17159//
17160// See UploadSSHPublicKey for details on how to use this API operation.
17161//
17162// The context must be non-nil and will be used for request cancellation. If
17163// the context is nil a panic will occur. In the future the SDK may create
17164// sub-contexts for http.Requests. See https://golang.org/pkg/context/
17165// for more information on using Contexts.
17166func (c *IAM) UploadSSHPublicKeyWithContext(ctx aws.Context, input *UploadSSHPublicKeyInput, opts ...request.Option) (*UploadSSHPublicKeyOutput, error) {
17167	req, out := c.UploadSSHPublicKeyRequest(input)
17168	req.SetContext(ctx)
17169	req.ApplyOptions(opts...)
17170	return out, req.Send()
17171}
17172
17173const opUploadServerCertificate = "UploadServerCertificate"
17174
17175// UploadServerCertificateRequest generates a "aws/request.Request" representing the
17176// client's request for the UploadServerCertificate operation. The "output" return
17177// value will be populated with the request's response once the request completes
17178// successfully.
17179//
17180// Use "Send" method on the returned Request to send the API call to the service.
17181// the "output" return value is not valid until after Send returns without error.
17182//
17183// See UploadServerCertificate for more information on using the UploadServerCertificate
17184// API call, and error handling.
17185//
17186// This method is useful when you want to inject custom logic or configuration
17187// into the SDK's request lifecycle. Such as custom headers, or retry logic.
17188//
17189//
17190//    // Example sending a request using the UploadServerCertificateRequest method.
17191//    req, resp := client.UploadServerCertificateRequest(params)
17192//
17193//    err := req.Send()
17194//    if err == nil { // resp is now filled
17195//        fmt.Println(resp)
17196//    }
17197//
17198// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UploadServerCertificate
17199func (c *IAM) UploadServerCertificateRequest(input *UploadServerCertificateInput) (req *request.Request, output *UploadServerCertificateOutput) {
17200	op := &request.Operation{
17201		Name:       opUploadServerCertificate,
17202		HTTPMethod: "POST",
17203		HTTPPath:   "/",
17204	}
17205
17206	if input == nil {
17207		input = &UploadServerCertificateInput{}
17208	}
17209
17210	output = &UploadServerCertificateOutput{}
17211	req = c.newRequest(op, input, output)
17212	return
17213}
17214
17215// UploadServerCertificate API operation for AWS Identity and Access Management.
17216//
17217// Uploads a server certificate entity for the AWS account. The server certificate
17218// entity includes a public key certificate, a private key, and an optional
17219// certificate chain, which should all be PEM-encoded.
17220//
17221// We recommend that you use AWS Certificate Manager (https://docs.aws.amazon.com/acm/)
17222// to provision, manage, and deploy your server certificates. With ACM you can
17223// request a certificate, deploy it to AWS resources, and let ACM handle certificate
17224// renewals for you. Certificates provided by ACM are free. For more information
17225// about using ACM, see the AWS Certificate Manager User Guide (https://docs.aws.amazon.com/acm/latest/userguide/).
17226//
17227// For more information about working with server certificates, see Working
17228// with server certificates (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_server-certs.html)
17229// in the IAM User Guide. This topic includes a list of AWS services that can
17230// use the server certificates that you manage with IAM.
17231//
17232// For information about the number of server certificates you can upload, see
17233// IAM and STS quotas (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html)
17234// in the IAM User Guide.
17235//
17236// Because the body of the public key certificate, private key, and the certificate
17237// chain can be large, you should use POST rather than GET when calling UploadServerCertificate.
17238// For information about setting up signatures and authorization through the
17239// API, see Signing AWS API requests (https://docs.aws.amazon.com/general/latest/gr/signing_aws_api_requests.html)
17240// in the AWS General Reference. For general information about using the Query
17241// API with IAM, see Calling the API by making HTTP query requests (https://docs.aws.amazon.com/IAM/latest/UserGuide/programming.html)
17242// in the IAM User Guide.
17243//
17244// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
17245// with awserr.Error's Code and Message methods to get detailed information about
17246// the error.
17247//
17248// See the AWS API reference guide for AWS Identity and Access Management's
17249// API operation UploadServerCertificate for usage and error information.
17250//
17251// Returned Error Codes:
17252//   * ErrCodeLimitExceededException "LimitExceeded"
17253//   The request was rejected because it attempted to create resources beyond
17254//   the current AWS account limits. The error message describes the limit exceeded.
17255//
17256//   * ErrCodeInvalidInputException "InvalidInput"
17257//   The request was rejected because an invalid or out-of-range value was supplied
17258//   for an input parameter.
17259//
17260//   * ErrCodeEntityAlreadyExistsException "EntityAlreadyExists"
17261//   The request was rejected because it attempted to create a resource that already
17262//   exists.
17263//
17264//   * ErrCodeMalformedCertificateException "MalformedCertificate"
17265//   The request was rejected because the certificate was malformed or expired.
17266//   The error message describes the specific error.
17267//
17268//   * ErrCodeKeyPairMismatchException "KeyPairMismatch"
17269//   The request was rejected because the public key certificate and the private
17270//   key do not match.
17271//
17272//   * ErrCodeConcurrentModificationException "ConcurrentModification"
17273//   The request was rejected because multiple requests to change this object
17274//   were submitted simultaneously. Wait a few minutes and submit your request
17275//   again.
17276//
17277//   * ErrCodeServiceFailureException "ServiceFailure"
17278//   The request processing has failed because of an unknown error, exception
17279//   or failure.
17280//
17281// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UploadServerCertificate
17282func (c *IAM) UploadServerCertificate(input *UploadServerCertificateInput) (*UploadServerCertificateOutput, error) {
17283	req, out := c.UploadServerCertificateRequest(input)
17284	return out, req.Send()
17285}
17286
17287// UploadServerCertificateWithContext is the same as UploadServerCertificate with the addition of
17288// the ability to pass a context and additional request options.
17289//
17290// See UploadServerCertificate for details on how to use this API operation.
17291//
17292// The context must be non-nil and will be used for request cancellation. If
17293// the context is nil a panic will occur. In the future the SDK may create
17294// sub-contexts for http.Requests. See https://golang.org/pkg/context/
17295// for more information on using Contexts.
17296func (c *IAM) UploadServerCertificateWithContext(ctx aws.Context, input *UploadServerCertificateInput, opts ...request.Option) (*UploadServerCertificateOutput, error) {
17297	req, out := c.UploadServerCertificateRequest(input)
17298	req.SetContext(ctx)
17299	req.ApplyOptions(opts...)
17300	return out, req.Send()
17301}
17302
17303const opUploadSigningCertificate = "UploadSigningCertificate"
17304
17305// UploadSigningCertificateRequest generates a "aws/request.Request" representing the
17306// client's request for the UploadSigningCertificate operation. The "output" return
17307// value will be populated with the request's response once the request completes
17308// successfully.
17309//
17310// Use "Send" method on the returned Request to send the API call to the service.
17311// the "output" return value is not valid until after Send returns without error.
17312//
17313// See UploadSigningCertificate for more information on using the UploadSigningCertificate
17314// API call, and error handling.
17315//
17316// This method is useful when you want to inject custom logic or configuration
17317// into the SDK's request lifecycle. Such as custom headers, or retry logic.
17318//
17319//
17320//    // Example sending a request using the UploadSigningCertificateRequest method.
17321//    req, resp := client.UploadSigningCertificateRequest(params)
17322//
17323//    err := req.Send()
17324//    if err == nil { // resp is now filled
17325//        fmt.Println(resp)
17326//    }
17327//
17328// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UploadSigningCertificate
17329func (c *IAM) UploadSigningCertificateRequest(input *UploadSigningCertificateInput) (req *request.Request, output *UploadSigningCertificateOutput) {
17330	op := &request.Operation{
17331		Name:       opUploadSigningCertificate,
17332		HTTPMethod: "POST",
17333		HTTPPath:   "/",
17334	}
17335
17336	if input == nil {
17337		input = &UploadSigningCertificateInput{}
17338	}
17339
17340	output = &UploadSigningCertificateOutput{}
17341	req = c.newRequest(op, input, output)
17342	return
17343}
17344
17345// UploadSigningCertificate API operation for AWS Identity and Access Management.
17346//
17347// Uploads an X.509 signing certificate and associates it with the specified
17348// IAM user. Some AWS services require you to use certificates to validate requests
17349// that are signed with a corresponding private key. When you upload the certificate,
17350// its default status is Active.
17351//
17352// For information about when you would use an X.509 signing certificate, see
17353// Managing server certificates in IAM (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_server-certs.html)
17354// in the IAM User Guide.
17355//
17356// If the UserName is not specified, the IAM user name is determined implicitly
17357// based on the AWS access key ID used to sign the request. This operation works
17358// for access keys under the AWS account. Consequently, you can use this operation
17359// to manage AWS account root user credentials even if the AWS account has no
17360// associated users.
17361//
17362// Because the body of an X.509 certificate can be large, you should use POST
17363// rather than GET when calling UploadSigningCertificate. For information about
17364// setting up signatures and authorization through the API, see Signing AWS
17365// API requests (https://docs.aws.amazon.com/general/latest/gr/signing_aws_api_requests.html)
17366// in the AWS General Reference. For general information about using the Query
17367// API with IAM, see Making query requests (https://docs.aws.amazon.com/IAM/latest/UserGuide/IAM_UsingQueryAPI.html)
17368// in the IAM User Guide.
17369//
17370// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
17371// with awserr.Error's Code and Message methods to get detailed information about
17372// the error.
17373//
17374// See the AWS API reference guide for AWS Identity and Access Management's
17375// API operation UploadSigningCertificate for usage and error information.
17376//
17377// Returned Error Codes:
17378//   * ErrCodeLimitExceededException "LimitExceeded"
17379//   The request was rejected because it attempted to create resources beyond
17380//   the current AWS account limits. The error message describes the limit exceeded.
17381//
17382//   * ErrCodeEntityAlreadyExistsException "EntityAlreadyExists"
17383//   The request was rejected because it attempted to create a resource that already
17384//   exists.
17385//
17386//   * ErrCodeMalformedCertificateException "MalformedCertificate"
17387//   The request was rejected because the certificate was malformed or expired.
17388//   The error message describes the specific error.
17389//
17390//   * ErrCodeInvalidCertificateException "InvalidCertificate"
17391//   The request was rejected because the certificate is invalid.
17392//
17393//   * ErrCodeDuplicateCertificateException "DuplicateCertificate"
17394//   The request was rejected because the same certificate is associated with
17395//   an IAM user in the account.
17396//
17397//   * ErrCodeNoSuchEntityException "NoSuchEntity"
17398//   The request was rejected because it referenced a resource entity that does
17399//   not exist. The error message describes the resource.
17400//
17401//   * ErrCodeServiceFailureException "ServiceFailure"
17402//   The request processing has failed because of an unknown error, exception
17403//   or failure.
17404//
17405// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UploadSigningCertificate
17406func (c *IAM) UploadSigningCertificate(input *UploadSigningCertificateInput) (*UploadSigningCertificateOutput, error) {
17407	req, out := c.UploadSigningCertificateRequest(input)
17408	return out, req.Send()
17409}
17410
17411// UploadSigningCertificateWithContext is the same as UploadSigningCertificate with the addition of
17412// the ability to pass a context and additional request options.
17413//
17414// See UploadSigningCertificate for details on how to use this API operation.
17415//
17416// The context must be non-nil and will be used for request cancellation. If
17417// the context is nil a panic will occur. In the future the SDK may create
17418// sub-contexts for http.Requests. See https://golang.org/pkg/context/
17419// for more information on using Contexts.
17420func (c *IAM) UploadSigningCertificateWithContext(ctx aws.Context, input *UploadSigningCertificateInput, opts ...request.Option) (*UploadSigningCertificateOutput, error) {
17421	req, out := c.UploadSigningCertificateRequest(input)
17422	req.SetContext(ctx)
17423	req.ApplyOptions(opts...)
17424	return out, req.Send()
17425}
17426
17427// An object that contains details about when a principal in the reported AWS
17428// Organizations entity last attempted to access an AWS service. A principal
17429// can be an IAM user, an IAM role, or the AWS account root user within the
17430// reported Organizations entity.
17431//
17432// This data type is a response element in the GetOrganizationsAccessReport
17433// operation.
17434type AccessDetail struct {
17435	_ struct{} `type:"structure"`
17436
17437	// The path of the Organizations entity (root, organizational unit, or account)
17438	// from which an authenticated principal last attempted to access the service.
17439	// AWS does not report unauthenticated requests.
17440	//
17441	// This field is null if no principals (IAM users, IAM roles, or root users)
17442	// in the reported Organizations entity attempted to access the service within
17443	// the reporting period (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#service-last-accessed-reporting-period).
17444	EntityPath *string `min:"19" type:"string"`
17445
17446	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
17447	// when an authenticated principal most recently attempted to access the service.
17448	// AWS does not report unauthenticated requests.
17449	//
17450	// This field is null if no principals in the reported Organizations entity
17451	// attempted to access the service within the reporting period (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#service-last-accessed-reporting-period).
17452	LastAuthenticatedTime *time.Time `type:"timestamp"`
17453
17454	// The Region where the last service access attempt occurred.
17455	//
17456	// This field is null if no principals in the reported Organizations entity
17457	// attempted to access the service within the reporting period (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#service-last-accessed-reporting-period).
17458	Region *string `type:"string"`
17459
17460	// The name of the service in which access was attempted.
17461	//
17462	// ServiceName is a required field
17463	ServiceName *string `type:"string" required:"true"`
17464
17465	// The namespace of the service in which access was attempted.
17466	//
17467	// To learn the service namespace of a service, see Actions, resources, and
17468	// condition keys for AWS services (https://docs.aws.amazon.com/service-authorization/latest/reference/reference_policies_actions-resources-contextkeys.html)
17469	// in the Service Authorization Reference. Choose the name of the service to
17470	// view details for that service. In the first paragraph, find the service prefix.
17471	// For example, (service prefix: a4b). For more information about service namespaces,
17472	// see AWS service namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html#genref-aws-service-namespaces)
17473	// in the AWS General Reference.
17474	//
17475	// ServiceNamespace is a required field
17476	ServiceNamespace *string `min:"1" type:"string" required:"true"`
17477
17478	// The number of accounts with authenticated principals (root users, IAM users,
17479	// and IAM roles) that attempted to access the service in the reporting period.
17480	TotalAuthenticatedEntities *int64 `type:"integer"`
17481}
17482
17483// String returns the string representation
17484func (s AccessDetail) String() string {
17485	return awsutil.Prettify(s)
17486}
17487
17488// GoString returns the string representation
17489func (s AccessDetail) GoString() string {
17490	return s.String()
17491}
17492
17493// SetEntityPath sets the EntityPath field's value.
17494func (s *AccessDetail) SetEntityPath(v string) *AccessDetail {
17495	s.EntityPath = &v
17496	return s
17497}
17498
17499// SetLastAuthenticatedTime sets the LastAuthenticatedTime field's value.
17500func (s *AccessDetail) SetLastAuthenticatedTime(v time.Time) *AccessDetail {
17501	s.LastAuthenticatedTime = &v
17502	return s
17503}
17504
17505// SetRegion sets the Region field's value.
17506func (s *AccessDetail) SetRegion(v string) *AccessDetail {
17507	s.Region = &v
17508	return s
17509}
17510
17511// SetServiceName sets the ServiceName field's value.
17512func (s *AccessDetail) SetServiceName(v string) *AccessDetail {
17513	s.ServiceName = &v
17514	return s
17515}
17516
17517// SetServiceNamespace sets the ServiceNamespace field's value.
17518func (s *AccessDetail) SetServiceNamespace(v string) *AccessDetail {
17519	s.ServiceNamespace = &v
17520	return s
17521}
17522
17523// SetTotalAuthenticatedEntities sets the TotalAuthenticatedEntities field's value.
17524func (s *AccessDetail) SetTotalAuthenticatedEntities(v int64) *AccessDetail {
17525	s.TotalAuthenticatedEntities = &v
17526	return s
17527}
17528
17529// Contains information about an AWS access key.
17530//
17531// This data type is used as a response element in the CreateAccessKey and ListAccessKeys
17532// operations.
17533//
17534// The SecretAccessKey value is returned only in response to CreateAccessKey.
17535// You can get a secret access key only when you first create an access key;
17536// you cannot recover the secret access key later. If you lose a secret access
17537// key, you must create a new access key.
17538type AccessKey struct {
17539	_ struct{} `type:"structure"`
17540
17541	// The ID for this access key.
17542	//
17543	// AccessKeyId is a required field
17544	AccessKeyId *string `min:"16" type:"string" required:"true"`
17545
17546	// The date when the access key was created.
17547	CreateDate *time.Time `type:"timestamp"`
17548
17549	// The secret key used to sign requests.
17550	//
17551	// SecretAccessKey is a required field
17552	SecretAccessKey *string `type:"string" required:"true" sensitive:"true"`
17553
17554	// The status of the access key. Active means that the key is valid for API
17555	// calls, while Inactive means it is not.
17556	//
17557	// Status is a required field
17558	Status *string `type:"string" required:"true" enum:"StatusType"`
17559
17560	// The name of the IAM user that the access key is associated with.
17561	//
17562	// UserName is a required field
17563	UserName *string `min:"1" type:"string" required:"true"`
17564}
17565
17566// String returns the string representation
17567func (s AccessKey) String() string {
17568	return awsutil.Prettify(s)
17569}
17570
17571// GoString returns the string representation
17572func (s AccessKey) GoString() string {
17573	return s.String()
17574}
17575
17576// SetAccessKeyId sets the AccessKeyId field's value.
17577func (s *AccessKey) SetAccessKeyId(v string) *AccessKey {
17578	s.AccessKeyId = &v
17579	return s
17580}
17581
17582// SetCreateDate sets the CreateDate field's value.
17583func (s *AccessKey) SetCreateDate(v time.Time) *AccessKey {
17584	s.CreateDate = &v
17585	return s
17586}
17587
17588// SetSecretAccessKey sets the SecretAccessKey field's value.
17589func (s *AccessKey) SetSecretAccessKey(v string) *AccessKey {
17590	s.SecretAccessKey = &v
17591	return s
17592}
17593
17594// SetStatus sets the Status field's value.
17595func (s *AccessKey) SetStatus(v string) *AccessKey {
17596	s.Status = &v
17597	return s
17598}
17599
17600// SetUserName sets the UserName field's value.
17601func (s *AccessKey) SetUserName(v string) *AccessKey {
17602	s.UserName = &v
17603	return s
17604}
17605
17606// Contains information about the last time an AWS access key was used since
17607// IAM began tracking this information on April 22, 2015.
17608//
17609// This data type is used as a response element in the GetAccessKeyLastUsed
17610// operation.
17611type AccessKeyLastUsed struct {
17612	_ struct{} `type:"structure"`
17613
17614	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
17615	// when the access key was most recently used. This field is null in the following
17616	// situations:
17617	//
17618	//    * The user does not have an access key.
17619	//
17620	//    * An access key exists but has not been used since IAM began tracking
17621	//    this information.
17622	//
17623	//    * There is no sign-in data associated with the user.
17624	//
17625	// LastUsedDate is a required field
17626	LastUsedDate *time.Time `type:"timestamp" required:"true"`
17627
17628	// The AWS Region where this access key was most recently used. The value for
17629	// this field is "N/A" in the following situations:
17630	//
17631	//    * The user does not have an access key.
17632	//
17633	//    * An access key exists but has not been used since IAM began tracking
17634	//    this information.
17635	//
17636	//    * There is no sign-in data associated with the user.
17637	//
17638	// For more information about AWS Regions, see Regions and endpoints (https://docs.aws.amazon.com/general/latest/gr/rande.html)
17639	// in the Amazon Web Services General Reference.
17640	//
17641	// Region is a required field
17642	Region *string `type:"string" required:"true"`
17643
17644	// The name of the AWS service with which this access key was most recently
17645	// used. The value of this field is "N/A" in the following situations:
17646	//
17647	//    * The user does not have an access key.
17648	//
17649	//    * An access key exists but has not been used since IAM started tracking
17650	//    this information.
17651	//
17652	//    * There is no sign-in data associated with the user.
17653	//
17654	// ServiceName is a required field
17655	ServiceName *string `type:"string" required:"true"`
17656}
17657
17658// String returns the string representation
17659func (s AccessKeyLastUsed) String() string {
17660	return awsutil.Prettify(s)
17661}
17662
17663// GoString returns the string representation
17664func (s AccessKeyLastUsed) GoString() string {
17665	return s.String()
17666}
17667
17668// SetLastUsedDate sets the LastUsedDate field's value.
17669func (s *AccessKeyLastUsed) SetLastUsedDate(v time.Time) *AccessKeyLastUsed {
17670	s.LastUsedDate = &v
17671	return s
17672}
17673
17674// SetRegion sets the Region field's value.
17675func (s *AccessKeyLastUsed) SetRegion(v string) *AccessKeyLastUsed {
17676	s.Region = &v
17677	return s
17678}
17679
17680// SetServiceName sets the ServiceName field's value.
17681func (s *AccessKeyLastUsed) SetServiceName(v string) *AccessKeyLastUsed {
17682	s.ServiceName = &v
17683	return s
17684}
17685
17686// Contains information about an AWS access key, without its secret key.
17687//
17688// This data type is used as a response element in the ListAccessKeys operation.
17689type AccessKeyMetadata struct {
17690	_ struct{} `type:"structure"`
17691
17692	// The ID for this access key.
17693	AccessKeyId *string `min:"16" type:"string"`
17694
17695	// The date when the access key was created.
17696	CreateDate *time.Time `type:"timestamp"`
17697
17698	// The status of the access key. Active means that the key is valid for API
17699	// calls; Inactive means it is not.
17700	Status *string `type:"string" enum:"StatusType"`
17701
17702	// The name of the IAM user that the key is associated with.
17703	UserName *string `min:"1" type:"string"`
17704}
17705
17706// String returns the string representation
17707func (s AccessKeyMetadata) String() string {
17708	return awsutil.Prettify(s)
17709}
17710
17711// GoString returns the string representation
17712func (s AccessKeyMetadata) GoString() string {
17713	return s.String()
17714}
17715
17716// SetAccessKeyId sets the AccessKeyId field's value.
17717func (s *AccessKeyMetadata) SetAccessKeyId(v string) *AccessKeyMetadata {
17718	s.AccessKeyId = &v
17719	return s
17720}
17721
17722// SetCreateDate sets the CreateDate field's value.
17723func (s *AccessKeyMetadata) SetCreateDate(v time.Time) *AccessKeyMetadata {
17724	s.CreateDate = &v
17725	return s
17726}
17727
17728// SetStatus sets the Status field's value.
17729func (s *AccessKeyMetadata) SetStatus(v string) *AccessKeyMetadata {
17730	s.Status = &v
17731	return s
17732}
17733
17734// SetUserName sets the UserName field's value.
17735func (s *AccessKeyMetadata) SetUserName(v string) *AccessKeyMetadata {
17736	s.UserName = &v
17737	return s
17738}
17739
17740type AddClientIDToOpenIDConnectProviderInput struct {
17741	_ struct{} `type:"structure"`
17742
17743	// The client ID (also known as audience) to add to the IAM OpenID Connect provider
17744	// resource.
17745	//
17746	// ClientID is a required field
17747	ClientID *string `min:"1" type:"string" required:"true"`
17748
17749	// The Amazon Resource Name (ARN) of the IAM OpenID Connect (OIDC) provider
17750	// resource to add the client ID to. You can get a list of OIDC provider ARNs
17751	// by using the ListOpenIDConnectProviders operation.
17752	//
17753	// OpenIDConnectProviderArn is a required field
17754	OpenIDConnectProviderArn *string `min:"20" type:"string" required:"true"`
17755}
17756
17757// String returns the string representation
17758func (s AddClientIDToOpenIDConnectProviderInput) String() string {
17759	return awsutil.Prettify(s)
17760}
17761
17762// GoString returns the string representation
17763func (s AddClientIDToOpenIDConnectProviderInput) GoString() string {
17764	return s.String()
17765}
17766
17767// Validate inspects the fields of the type to determine if they are valid.
17768func (s *AddClientIDToOpenIDConnectProviderInput) Validate() error {
17769	invalidParams := request.ErrInvalidParams{Context: "AddClientIDToOpenIDConnectProviderInput"}
17770	if s.ClientID == nil {
17771		invalidParams.Add(request.NewErrParamRequired("ClientID"))
17772	}
17773	if s.ClientID != nil && len(*s.ClientID) < 1 {
17774		invalidParams.Add(request.NewErrParamMinLen("ClientID", 1))
17775	}
17776	if s.OpenIDConnectProviderArn == nil {
17777		invalidParams.Add(request.NewErrParamRequired("OpenIDConnectProviderArn"))
17778	}
17779	if s.OpenIDConnectProviderArn != nil && len(*s.OpenIDConnectProviderArn) < 20 {
17780		invalidParams.Add(request.NewErrParamMinLen("OpenIDConnectProviderArn", 20))
17781	}
17782
17783	if invalidParams.Len() > 0 {
17784		return invalidParams
17785	}
17786	return nil
17787}
17788
17789// SetClientID sets the ClientID field's value.
17790func (s *AddClientIDToOpenIDConnectProviderInput) SetClientID(v string) *AddClientIDToOpenIDConnectProviderInput {
17791	s.ClientID = &v
17792	return s
17793}
17794
17795// SetOpenIDConnectProviderArn sets the OpenIDConnectProviderArn field's value.
17796func (s *AddClientIDToOpenIDConnectProviderInput) SetOpenIDConnectProviderArn(v string) *AddClientIDToOpenIDConnectProviderInput {
17797	s.OpenIDConnectProviderArn = &v
17798	return s
17799}
17800
17801type AddClientIDToOpenIDConnectProviderOutput struct {
17802	_ struct{} `type:"structure"`
17803}
17804
17805// String returns the string representation
17806func (s AddClientIDToOpenIDConnectProviderOutput) String() string {
17807	return awsutil.Prettify(s)
17808}
17809
17810// GoString returns the string representation
17811func (s AddClientIDToOpenIDConnectProviderOutput) GoString() string {
17812	return s.String()
17813}
17814
17815type AddRoleToInstanceProfileInput struct {
17816	_ struct{} `type:"structure"`
17817
17818	// The name of the instance profile to update.
17819	//
17820	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
17821	// a string of characters consisting of upper and lowercase alphanumeric characters
17822	// with no spaces. You can also include any of the following characters: _+=,.@-
17823	//
17824	// InstanceProfileName is a required field
17825	InstanceProfileName *string `min:"1" type:"string" required:"true"`
17826
17827	// The name of the role to add.
17828	//
17829	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
17830	// a string of characters consisting of upper and lowercase alphanumeric characters
17831	// with no spaces. You can also include any of the following characters: _+=,.@-
17832	//
17833	// RoleName is a required field
17834	RoleName *string `min:"1" type:"string" required:"true"`
17835}
17836
17837// String returns the string representation
17838func (s AddRoleToInstanceProfileInput) String() string {
17839	return awsutil.Prettify(s)
17840}
17841
17842// GoString returns the string representation
17843func (s AddRoleToInstanceProfileInput) GoString() string {
17844	return s.String()
17845}
17846
17847// Validate inspects the fields of the type to determine if they are valid.
17848func (s *AddRoleToInstanceProfileInput) Validate() error {
17849	invalidParams := request.ErrInvalidParams{Context: "AddRoleToInstanceProfileInput"}
17850	if s.InstanceProfileName == nil {
17851		invalidParams.Add(request.NewErrParamRequired("InstanceProfileName"))
17852	}
17853	if s.InstanceProfileName != nil && len(*s.InstanceProfileName) < 1 {
17854		invalidParams.Add(request.NewErrParamMinLen("InstanceProfileName", 1))
17855	}
17856	if s.RoleName == nil {
17857		invalidParams.Add(request.NewErrParamRequired("RoleName"))
17858	}
17859	if s.RoleName != nil && len(*s.RoleName) < 1 {
17860		invalidParams.Add(request.NewErrParamMinLen("RoleName", 1))
17861	}
17862
17863	if invalidParams.Len() > 0 {
17864		return invalidParams
17865	}
17866	return nil
17867}
17868
17869// SetInstanceProfileName sets the InstanceProfileName field's value.
17870func (s *AddRoleToInstanceProfileInput) SetInstanceProfileName(v string) *AddRoleToInstanceProfileInput {
17871	s.InstanceProfileName = &v
17872	return s
17873}
17874
17875// SetRoleName sets the RoleName field's value.
17876func (s *AddRoleToInstanceProfileInput) SetRoleName(v string) *AddRoleToInstanceProfileInput {
17877	s.RoleName = &v
17878	return s
17879}
17880
17881type AddRoleToInstanceProfileOutput struct {
17882	_ struct{} `type:"structure"`
17883}
17884
17885// String returns the string representation
17886func (s AddRoleToInstanceProfileOutput) String() string {
17887	return awsutil.Prettify(s)
17888}
17889
17890// GoString returns the string representation
17891func (s AddRoleToInstanceProfileOutput) GoString() string {
17892	return s.String()
17893}
17894
17895type AddUserToGroupInput struct {
17896	_ struct{} `type:"structure"`
17897
17898	// The name of the group to update.
17899	//
17900	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
17901	// a string of characters consisting of upper and lowercase alphanumeric characters
17902	// with no spaces. You can also include any of the following characters: _+=,.@-
17903	//
17904	// GroupName is a required field
17905	GroupName *string `min:"1" type:"string" required:"true"`
17906
17907	// The name of the user to add.
17908	//
17909	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
17910	// a string of characters consisting of upper and lowercase alphanumeric characters
17911	// with no spaces. You can also include any of the following characters: _+=,.@-
17912	//
17913	// UserName is a required field
17914	UserName *string `min:"1" type:"string" required:"true"`
17915}
17916
17917// String returns the string representation
17918func (s AddUserToGroupInput) String() string {
17919	return awsutil.Prettify(s)
17920}
17921
17922// GoString returns the string representation
17923func (s AddUserToGroupInput) GoString() string {
17924	return s.String()
17925}
17926
17927// Validate inspects the fields of the type to determine if they are valid.
17928func (s *AddUserToGroupInput) Validate() error {
17929	invalidParams := request.ErrInvalidParams{Context: "AddUserToGroupInput"}
17930	if s.GroupName == nil {
17931		invalidParams.Add(request.NewErrParamRequired("GroupName"))
17932	}
17933	if s.GroupName != nil && len(*s.GroupName) < 1 {
17934		invalidParams.Add(request.NewErrParamMinLen("GroupName", 1))
17935	}
17936	if s.UserName == nil {
17937		invalidParams.Add(request.NewErrParamRequired("UserName"))
17938	}
17939	if s.UserName != nil && len(*s.UserName) < 1 {
17940		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
17941	}
17942
17943	if invalidParams.Len() > 0 {
17944		return invalidParams
17945	}
17946	return nil
17947}
17948
17949// SetGroupName sets the GroupName field's value.
17950func (s *AddUserToGroupInput) SetGroupName(v string) *AddUserToGroupInput {
17951	s.GroupName = &v
17952	return s
17953}
17954
17955// SetUserName sets the UserName field's value.
17956func (s *AddUserToGroupInput) SetUserName(v string) *AddUserToGroupInput {
17957	s.UserName = &v
17958	return s
17959}
17960
17961type AddUserToGroupOutput struct {
17962	_ struct{} `type:"structure"`
17963}
17964
17965// String returns the string representation
17966func (s AddUserToGroupOutput) String() string {
17967	return awsutil.Prettify(s)
17968}
17969
17970// GoString returns the string representation
17971func (s AddUserToGroupOutput) GoString() string {
17972	return s.String()
17973}
17974
17975type AttachGroupPolicyInput struct {
17976	_ struct{} `type:"structure"`
17977
17978	// The name (friendly name, not ARN) of the group to attach the policy to.
17979	//
17980	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
17981	// a string of characters consisting of upper and lowercase alphanumeric characters
17982	// with no spaces. You can also include any of the following characters: _+=,.@-
17983	//
17984	// GroupName is a required field
17985	GroupName *string `min:"1" type:"string" required:"true"`
17986
17987	// The Amazon Resource Name (ARN) of the IAM policy you want to attach.
17988	//
17989	// For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
17990	// in the AWS General Reference.
17991	//
17992	// PolicyArn is a required field
17993	PolicyArn *string `min:"20" type:"string" required:"true"`
17994}
17995
17996// String returns the string representation
17997func (s AttachGroupPolicyInput) String() string {
17998	return awsutil.Prettify(s)
17999}
18000
18001// GoString returns the string representation
18002func (s AttachGroupPolicyInput) GoString() string {
18003	return s.String()
18004}
18005
18006// Validate inspects the fields of the type to determine if they are valid.
18007func (s *AttachGroupPolicyInput) Validate() error {
18008	invalidParams := request.ErrInvalidParams{Context: "AttachGroupPolicyInput"}
18009	if s.GroupName == nil {
18010		invalidParams.Add(request.NewErrParamRequired("GroupName"))
18011	}
18012	if s.GroupName != nil && len(*s.GroupName) < 1 {
18013		invalidParams.Add(request.NewErrParamMinLen("GroupName", 1))
18014	}
18015	if s.PolicyArn == nil {
18016		invalidParams.Add(request.NewErrParamRequired("PolicyArn"))
18017	}
18018	if s.PolicyArn != nil && len(*s.PolicyArn) < 20 {
18019		invalidParams.Add(request.NewErrParamMinLen("PolicyArn", 20))
18020	}
18021
18022	if invalidParams.Len() > 0 {
18023		return invalidParams
18024	}
18025	return nil
18026}
18027
18028// SetGroupName sets the GroupName field's value.
18029func (s *AttachGroupPolicyInput) SetGroupName(v string) *AttachGroupPolicyInput {
18030	s.GroupName = &v
18031	return s
18032}
18033
18034// SetPolicyArn sets the PolicyArn field's value.
18035func (s *AttachGroupPolicyInput) SetPolicyArn(v string) *AttachGroupPolicyInput {
18036	s.PolicyArn = &v
18037	return s
18038}
18039
18040type AttachGroupPolicyOutput struct {
18041	_ struct{} `type:"structure"`
18042}
18043
18044// String returns the string representation
18045func (s AttachGroupPolicyOutput) String() string {
18046	return awsutil.Prettify(s)
18047}
18048
18049// GoString returns the string representation
18050func (s AttachGroupPolicyOutput) GoString() string {
18051	return s.String()
18052}
18053
18054type AttachRolePolicyInput struct {
18055	_ struct{} `type:"structure"`
18056
18057	// The Amazon Resource Name (ARN) of the IAM policy you want to attach.
18058	//
18059	// For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
18060	// in the AWS General Reference.
18061	//
18062	// PolicyArn is a required field
18063	PolicyArn *string `min:"20" type:"string" required:"true"`
18064
18065	// The name (friendly name, not ARN) of the role to attach the policy to.
18066	//
18067	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
18068	// a string of characters consisting of upper and lowercase alphanumeric characters
18069	// with no spaces. You can also include any of the following characters: _+=,.@-
18070	//
18071	// RoleName is a required field
18072	RoleName *string `min:"1" type:"string" required:"true"`
18073}
18074
18075// String returns the string representation
18076func (s AttachRolePolicyInput) String() string {
18077	return awsutil.Prettify(s)
18078}
18079
18080// GoString returns the string representation
18081func (s AttachRolePolicyInput) GoString() string {
18082	return s.String()
18083}
18084
18085// Validate inspects the fields of the type to determine if they are valid.
18086func (s *AttachRolePolicyInput) Validate() error {
18087	invalidParams := request.ErrInvalidParams{Context: "AttachRolePolicyInput"}
18088	if s.PolicyArn == nil {
18089		invalidParams.Add(request.NewErrParamRequired("PolicyArn"))
18090	}
18091	if s.PolicyArn != nil && len(*s.PolicyArn) < 20 {
18092		invalidParams.Add(request.NewErrParamMinLen("PolicyArn", 20))
18093	}
18094	if s.RoleName == nil {
18095		invalidParams.Add(request.NewErrParamRequired("RoleName"))
18096	}
18097	if s.RoleName != nil && len(*s.RoleName) < 1 {
18098		invalidParams.Add(request.NewErrParamMinLen("RoleName", 1))
18099	}
18100
18101	if invalidParams.Len() > 0 {
18102		return invalidParams
18103	}
18104	return nil
18105}
18106
18107// SetPolicyArn sets the PolicyArn field's value.
18108func (s *AttachRolePolicyInput) SetPolicyArn(v string) *AttachRolePolicyInput {
18109	s.PolicyArn = &v
18110	return s
18111}
18112
18113// SetRoleName sets the RoleName field's value.
18114func (s *AttachRolePolicyInput) SetRoleName(v string) *AttachRolePolicyInput {
18115	s.RoleName = &v
18116	return s
18117}
18118
18119type AttachRolePolicyOutput struct {
18120	_ struct{} `type:"structure"`
18121}
18122
18123// String returns the string representation
18124func (s AttachRolePolicyOutput) String() string {
18125	return awsutil.Prettify(s)
18126}
18127
18128// GoString returns the string representation
18129func (s AttachRolePolicyOutput) GoString() string {
18130	return s.String()
18131}
18132
18133type AttachUserPolicyInput struct {
18134	_ struct{} `type:"structure"`
18135
18136	// The Amazon Resource Name (ARN) of the IAM policy you want to attach.
18137	//
18138	// For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
18139	// in the AWS General Reference.
18140	//
18141	// PolicyArn is a required field
18142	PolicyArn *string `min:"20" type:"string" required:"true"`
18143
18144	// The name (friendly name, not ARN) of the IAM user to attach the policy to.
18145	//
18146	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
18147	// a string of characters consisting of upper and lowercase alphanumeric characters
18148	// with no spaces. You can also include any of the following characters: _+=,.@-
18149	//
18150	// UserName is a required field
18151	UserName *string `min:"1" type:"string" required:"true"`
18152}
18153
18154// String returns the string representation
18155func (s AttachUserPolicyInput) String() string {
18156	return awsutil.Prettify(s)
18157}
18158
18159// GoString returns the string representation
18160func (s AttachUserPolicyInput) GoString() string {
18161	return s.String()
18162}
18163
18164// Validate inspects the fields of the type to determine if they are valid.
18165func (s *AttachUserPolicyInput) Validate() error {
18166	invalidParams := request.ErrInvalidParams{Context: "AttachUserPolicyInput"}
18167	if s.PolicyArn == nil {
18168		invalidParams.Add(request.NewErrParamRequired("PolicyArn"))
18169	}
18170	if s.PolicyArn != nil && len(*s.PolicyArn) < 20 {
18171		invalidParams.Add(request.NewErrParamMinLen("PolicyArn", 20))
18172	}
18173	if s.UserName == nil {
18174		invalidParams.Add(request.NewErrParamRequired("UserName"))
18175	}
18176	if s.UserName != nil && len(*s.UserName) < 1 {
18177		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
18178	}
18179
18180	if invalidParams.Len() > 0 {
18181		return invalidParams
18182	}
18183	return nil
18184}
18185
18186// SetPolicyArn sets the PolicyArn field's value.
18187func (s *AttachUserPolicyInput) SetPolicyArn(v string) *AttachUserPolicyInput {
18188	s.PolicyArn = &v
18189	return s
18190}
18191
18192// SetUserName sets the UserName field's value.
18193func (s *AttachUserPolicyInput) SetUserName(v string) *AttachUserPolicyInput {
18194	s.UserName = &v
18195	return s
18196}
18197
18198type AttachUserPolicyOutput struct {
18199	_ struct{} `type:"structure"`
18200}
18201
18202// String returns the string representation
18203func (s AttachUserPolicyOutput) String() string {
18204	return awsutil.Prettify(s)
18205}
18206
18207// GoString returns the string representation
18208func (s AttachUserPolicyOutput) GoString() string {
18209	return s.String()
18210}
18211
18212// Contains information about an attached permissions boundary.
18213//
18214// An attached permissions boundary is a managed policy that has been attached
18215// to a user or role to set the permissions boundary.
18216//
18217// For more information about permissions boundaries, see Permissions boundaries
18218// for IAM identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html)
18219// in the IAM User Guide.
18220type AttachedPermissionsBoundary struct {
18221	_ struct{} `type:"structure"`
18222
18223	// The ARN of the policy used to set the permissions boundary for the user or
18224	// role.
18225	PermissionsBoundaryArn *string `min:"20" type:"string"`
18226
18227	// The permissions boundary usage type that indicates what type of IAM resource
18228	// is used as the permissions boundary for an entity. This data type can only
18229	// have a value of Policy.
18230	PermissionsBoundaryType *string `type:"string" enum:"PermissionsBoundaryAttachmentType"`
18231}
18232
18233// String returns the string representation
18234func (s AttachedPermissionsBoundary) String() string {
18235	return awsutil.Prettify(s)
18236}
18237
18238// GoString returns the string representation
18239func (s AttachedPermissionsBoundary) GoString() string {
18240	return s.String()
18241}
18242
18243// SetPermissionsBoundaryArn sets the PermissionsBoundaryArn field's value.
18244func (s *AttachedPermissionsBoundary) SetPermissionsBoundaryArn(v string) *AttachedPermissionsBoundary {
18245	s.PermissionsBoundaryArn = &v
18246	return s
18247}
18248
18249// SetPermissionsBoundaryType sets the PermissionsBoundaryType field's value.
18250func (s *AttachedPermissionsBoundary) SetPermissionsBoundaryType(v string) *AttachedPermissionsBoundary {
18251	s.PermissionsBoundaryType = &v
18252	return s
18253}
18254
18255// Contains information about an attached policy.
18256//
18257// An attached policy is a managed policy that has been attached to a user,
18258// group, or role. This data type is used as a response element in the ListAttachedGroupPolicies,
18259// ListAttachedRolePolicies, ListAttachedUserPolicies, and GetAccountAuthorizationDetails
18260// operations.
18261//
18262// For more information about managed policies, refer to Managed policies and
18263// inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
18264// in the IAM User Guide.
18265type AttachedPolicy struct {
18266	_ struct{} `type:"structure"`
18267
18268	// The Amazon Resource Name (ARN). ARNs are unique identifiers for AWS resources.
18269	//
18270	// For more information about ARNs, go to Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
18271	// in the AWS General Reference.
18272	PolicyArn *string `min:"20" type:"string"`
18273
18274	// The friendly name of the attached policy.
18275	PolicyName *string `min:"1" type:"string"`
18276}
18277
18278// String returns the string representation
18279func (s AttachedPolicy) String() string {
18280	return awsutil.Prettify(s)
18281}
18282
18283// GoString returns the string representation
18284func (s AttachedPolicy) GoString() string {
18285	return s.String()
18286}
18287
18288// SetPolicyArn sets the PolicyArn field's value.
18289func (s *AttachedPolicy) SetPolicyArn(v string) *AttachedPolicy {
18290	s.PolicyArn = &v
18291	return s
18292}
18293
18294// SetPolicyName sets the PolicyName field's value.
18295func (s *AttachedPolicy) SetPolicyName(v string) *AttachedPolicy {
18296	s.PolicyName = &v
18297	return s
18298}
18299
18300type ChangePasswordInput struct {
18301	_ struct{} `type:"structure"`
18302
18303	// The new password. The new password must conform to the AWS account's password
18304	// policy, if one exists.
18305	//
18306	// The regex pattern (http://wikipedia.org/wiki/regex) that is used to validate
18307	// this parameter is a string of characters. That string can include almost
18308	// any printable ASCII character from the space (\u0020) through the end of
18309	// the ASCII character range (\u00FF). You can also include the tab (\u0009),
18310	// line feed (\u000A), and carriage return (\u000D) characters. Any of these
18311	// characters are valid in a password. However, many tools, such as the AWS
18312	// Management Console, might restrict the ability to type certain characters
18313	// because they have special meaning within that tool.
18314	//
18315	// NewPassword is a required field
18316	NewPassword *string `min:"1" type:"string" required:"true" sensitive:"true"`
18317
18318	// The IAM user's current password.
18319	//
18320	// OldPassword is a required field
18321	OldPassword *string `min:"1" type:"string" required:"true" sensitive:"true"`
18322}
18323
18324// String returns the string representation
18325func (s ChangePasswordInput) String() string {
18326	return awsutil.Prettify(s)
18327}
18328
18329// GoString returns the string representation
18330func (s ChangePasswordInput) GoString() string {
18331	return s.String()
18332}
18333
18334// Validate inspects the fields of the type to determine if they are valid.
18335func (s *ChangePasswordInput) Validate() error {
18336	invalidParams := request.ErrInvalidParams{Context: "ChangePasswordInput"}
18337	if s.NewPassword == nil {
18338		invalidParams.Add(request.NewErrParamRequired("NewPassword"))
18339	}
18340	if s.NewPassword != nil && len(*s.NewPassword) < 1 {
18341		invalidParams.Add(request.NewErrParamMinLen("NewPassword", 1))
18342	}
18343	if s.OldPassword == nil {
18344		invalidParams.Add(request.NewErrParamRequired("OldPassword"))
18345	}
18346	if s.OldPassword != nil && len(*s.OldPassword) < 1 {
18347		invalidParams.Add(request.NewErrParamMinLen("OldPassword", 1))
18348	}
18349
18350	if invalidParams.Len() > 0 {
18351		return invalidParams
18352	}
18353	return nil
18354}
18355
18356// SetNewPassword sets the NewPassword field's value.
18357func (s *ChangePasswordInput) SetNewPassword(v string) *ChangePasswordInput {
18358	s.NewPassword = &v
18359	return s
18360}
18361
18362// SetOldPassword sets the OldPassword field's value.
18363func (s *ChangePasswordInput) SetOldPassword(v string) *ChangePasswordInput {
18364	s.OldPassword = &v
18365	return s
18366}
18367
18368type ChangePasswordOutput struct {
18369	_ struct{} `type:"structure"`
18370}
18371
18372// String returns the string representation
18373func (s ChangePasswordOutput) String() string {
18374	return awsutil.Prettify(s)
18375}
18376
18377// GoString returns the string representation
18378func (s ChangePasswordOutput) GoString() string {
18379	return s.String()
18380}
18381
18382// Contains information about a condition context key. It includes the name
18383// of the key and specifies the value (or values, if the context key supports
18384// multiple values) to use in the simulation. This information is used when
18385// evaluating the Condition elements of the input policies.
18386//
18387// This data type is used as an input parameter to SimulateCustomPolicy and
18388// SimulatePrincipalPolicy.
18389type ContextEntry struct {
18390	_ struct{} `type:"structure"`
18391
18392	// The full name of a condition context key, including the service prefix. For
18393	// example, aws:SourceIp or s3:VersionId.
18394	ContextKeyName *string `min:"5" type:"string"`
18395
18396	// The data type of the value (or values) specified in the ContextKeyValues
18397	// parameter.
18398	ContextKeyType *string `type:"string" enum:"ContextKeyTypeEnum"`
18399
18400	// The value (or values, if the condition context key supports multiple values)
18401	// to provide to the simulation when the key is referenced by a Condition element
18402	// in an input policy.
18403	ContextKeyValues []*string `type:"list"`
18404}
18405
18406// String returns the string representation
18407func (s ContextEntry) String() string {
18408	return awsutil.Prettify(s)
18409}
18410
18411// GoString returns the string representation
18412func (s ContextEntry) GoString() string {
18413	return s.String()
18414}
18415
18416// Validate inspects the fields of the type to determine if they are valid.
18417func (s *ContextEntry) Validate() error {
18418	invalidParams := request.ErrInvalidParams{Context: "ContextEntry"}
18419	if s.ContextKeyName != nil && len(*s.ContextKeyName) < 5 {
18420		invalidParams.Add(request.NewErrParamMinLen("ContextKeyName", 5))
18421	}
18422
18423	if invalidParams.Len() > 0 {
18424		return invalidParams
18425	}
18426	return nil
18427}
18428
18429// SetContextKeyName sets the ContextKeyName field's value.
18430func (s *ContextEntry) SetContextKeyName(v string) *ContextEntry {
18431	s.ContextKeyName = &v
18432	return s
18433}
18434
18435// SetContextKeyType sets the ContextKeyType field's value.
18436func (s *ContextEntry) SetContextKeyType(v string) *ContextEntry {
18437	s.ContextKeyType = &v
18438	return s
18439}
18440
18441// SetContextKeyValues sets the ContextKeyValues field's value.
18442func (s *ContextEntry) SetContextKeyValues(v []*string) *ContextEntry {
18443	s.ContextKeyValues = v
18444	return s
18445}
18446
18447type CreateAccessKeyInput struct {
18448	_ struct{} `type:"structure"`
18449
18450	// The name of the IAM user that the new key will belong to.
18451	//
18452	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
18453	// a string of characters consisting of upper and lowercase alphanumeric characters
18454	// with no spaces. You can also include any of the following characters: _+=,.@-
18455	UserName *string `min:"1" type:"string"`
18456}
18457
18458// String returns the string representation
18459func (s CreateAccessKeyInput) String() string {
18460	return awsutil.Prettify(s)
18461}
18462
18463// GoString returns the string representation
18464func (s CreateAccessKeyInput) GoString() string {
18465	return s.String()
18466}
18467
18468// Validate inspects the fields of the type to determine if they are valid.
18469func (s *CreateAccessKeyInput) Validate() error {
18470	invalidParams := request.ErrInvalidParams{Context: "CreateAccessKeyInput"}
18471	if s.UserName != nil && len(*s.UserName) < 1 {
18472		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
18473	}
18474
18475	if invalidParams.Len() > 0 {
18476		return invalidParams
18477	}
18478	return nil
18479}
18480
18481// SetUserName sets the UserName field's value.
18482func (s *CreateAccessKeyInput) SetUserName(v string) *CreateAccessKeyInput {
18483	s.UserName = &v
18484	return s
18485}
18486
18487// Contains the response to a successful CreateAccessKey request.
18488type CreateAccessKeyOutput struct {
18489	_ struct{} `type:"structure"`
18490
18491	// A structure with details about the access key.
18492	//
18493	// AccessKey is a required field
18494	AccessKey *AccessKey `type:"structure" required:"true"`
18495}
18496
18497// String returns the string representation
18498func (s CreateAccessKeyOutput) String() string {
18499	return awsutil.Prettify(s)
18500}
18501
18502// GoString returns the string representation
18503func (s CreateAccessKeyOutput) GoString() string {
18504	return s.String()
18505}
18506
18507// SetAccessKey sets the AccessKey field's value.
18508func (s *CreateAccessKeyOutput) SetAccessKey(v *AccessKey) *CreateAccessKeyOutput {
18509	s.AccessKey = v
18510	return s
18511}
18512
18513type CreateAccountAliasInput struct {
18514	_ struct{} `type:"structure"`
18515
18516	// The account alias to create.
18517	//
18518	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
18519	// a string of characters consisting of lowercase letters, digits, and dashes.
18520	// You cannot start or finish with a dash, nor can you have two dashes in a
18521	// row.
18522	//
18523	// AccountAlias is a required field
18524	AccountAlias *string `min:"3" type:"string" required:"true"`
18525}
18526
18527// String returns the string representation
18528func (s CreateAccountAliasInput) String() string {
18529	return awsutil.Prettify(s)
18530}
18531
18532// GoString returns the string representation
18533func (s CreateAccountAliasInput) GoString() string {
18534	return s.String()
18535}
18536
18537// Validate inspects the fields of the type to determine if they are valid.
18538func (s *CreateAccountAliasInput) Validate() error {
18539	invalidParams := request.ErrInvalidParams{Context: "CreateAccountAliasInput"}
18540	if s.AccountAlias == nil {
18541		invalidParams.Add(request.NewErrParamRequired("AccountAlias"))
18542	}
18543	if s.AccountAlias != nil && len(*s.AccountAlias) < 3 {
18544		invalidParams.Add(request.NewErrParamMinLen("AccountAlias", 3))
18545	}
18546
18547	if invalidParams.Len() > 0 {
18548		return invalidParams
18549	}
18550	return nil
18551}
18552
18553// SetAccountAlias sets the AccountAlias field's value.
18554func (s *CreateAccountAliasInput) SetAccountAlias(v string) *CreateAccountAliasInput {
18555	s.AccountAlias = &v
18556	return s
18557}
18558
18559type CreateAccountAliasOutput struct {
18560	_ struct{} `type:"structure"`
18561}
18562
18563// String returns the string representation
18564func (s CreateAccountAliasOutput) String() string {
18565	return awsutil.Prettify(s)
18566}
18567
18568// GoString returns the string representation
18569func (s CreateAccountAliasOutput) GoString() string {
18570	return s.String()
18571}
18572
18573type CreateGroupInput struct {
18574	_ struct{} `type:"structure"`
18575
18576	// The name of the group to create. Do not include the path in this value.
18577	//
18578	// IAM user, group, role, and policy names must be unique within the account.
18579	// Names are not distinguished by case. For example, you cannot create resources
18580	// named both "MyResource" and "myresource".
18581	//
18582	// GroupName is a required field
18583	GroupName *string `min:"1" type:"string" required:"true"`
18584
18585	// The path to the group. For more information about paths, see IAM identifiers
18586	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
18587	// in the IAM User Guide.
18588	//
18589	// This parameter is optional. If it is not included, it defaults to a slash
18590	// (/).
18591	//
18592	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
18593	// a string of characters consisting of either a forward slash (/) by itself
18594	// or a string that must begin and end with forward slashes. In addition, it
18595	// can contain any ASCII character from the ! (\u0021) through the DEL character
18596	// (\u007F), including most punctuation characters, digits, and upper and lowercased
18597	// letters.
18598	Path *string `min:"1" type:"string"`
18599}
18600
18601// String returns the string representation
18602func (s CreateGroupInput) String() string {
18603	return awsutil.Prettify(s)
18604}
18605
18606// GoString returns the string representation
18607func (s CreateGroupInput) GoString() string {
18608	return s.String()
18609}
18610
18611// Validate inspects the fields of the type to determine if they are valid.
18612func (s *CreateGroupInput) Validate() error {
18613	invalidParams := request.ErrInvalidParams{Context: "CreateGroupInput"}
18614	if s.GroupName == nil {
18615		invalidParams.Add(request.NewErrParamRequired("GroupName"))
18616	}
18617	if s.GroupName != nil && len(*s.GroupName) < 1 {
18618		invalidParams.Add(request.NewErrParamMinLen("GroupName", 1))
18619	}
18620	if s.Path != nil && len(*s.Path) < 1 {
18621		invalidParams.Add(request.NewErrParamMinLen("Path", 1))
18622	}
18623
18624	if invalidParams.Len() > 0 {
18625		return invalidParams
18626	}
18627	return nil
18628}
18629
18630// SetGroupName sets the GroupName field's value.
18631func (s *CreateGroupInput) SetGroupName(v string) *CreateGroupInput {
18632	s.GroupName = &v
18633	return s
18634}
18635
18636// SetPath sets the Path field's value.
18637func (s *CreateGroupInput) SetPath(v string) *CreateGroupInput {
18638	s.Path = &v
18639	return s
18640}
18641
18642// Contains the response to a successful CreateGroup request.
18643type CreateGroupOutput struct {
18644	_ struct{} `type:"structure"`
18645
18646	// A structure containing details about the new group.
18647	//
18648	// Group is a required field
18649	Group *Group `type:"structure" required:"true"`
18650}
18651
18652// String returns the string representation
18653func (s CreateGroupOutput) String() string {
18654	return awsutil.Prettify(s)
18655}
18656
18657// GoString returns the string representation
18658func (s CreateGroupOutput) GoString() string {
18659	return s.String()
18660}
18661
18662// SetGroup sets the Group field's value.
18663func (s *CreateGroupOutput) SetGroup(v *Group) *CreateGroupOutput {
18664	s.Group = v
18665	return s
18666}
18667
18668type CreateInstanceProfileInput struct {
18669	_ struct{} `type:"structure"`
18670
18671	// The name of the instance profile to create.
18672	//
18673	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
18674	// a string of characters consisting of upper and lowercase alphanumeric characters
18675	// with no spaces. You can also include any of the following characters: _+=,.@-
18676	//
18677	// InstanceProfileName is a required field
18678	InstanceProfileName *string `min:"1" type:"string" required:"true"`
18679
18680	// The path to the instance profile. For more information about paths, see IAM
18681	// Identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
18682	// in the IAM User Guide.
18683	//
18684	// This parameter is optional. If it is not included, it defaults to a slash
18685	// (/).
18686	//
18687	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
18688	// a string of characters consisting of either a forward slash (/) by itself
18689	// or a string that must begin and end with forward slashes. In addition, it
18690	// can contain any ASCII character from the ! (\u0021) through the DEL character
18691	// (\u007F), including most punctuation characters, digits, and upper and lowercased
18692	// letters.
18693	Path *string `min:"1" type:"string"`
18694
18695	// A list of tags that you want to attach to the newly created IAM instance
18696	// profile. Each tag consists of a key name and an associated value. For more
18697	// information about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
18698	// in the IAM User Guide.
18699	//
18700	// If any one of the tags is invalid or if you exceed the allowed maximum number
18701	// of tags, then the entire request fails and the resource is not created.
18702	Tags []*Tag `type:"list"`
18703}
18704
18705// String returns the string representation
18706func (s CreateInstanceProfileInput) String() string {
18707	return awsutil.Prettify(s)
18708}
18709
18710// GoString returns the string representation
18711func (s CreateInstanceProfileInput) GoString() string {
18712	return s.String()
18713}
18714
18715// Validate inspects the fields of the type to determine if they are valid.
18716func (s *CreateInstanceProfileInput) Validate() error {
18717	invalidParams := request.ErrInvalidParams{Context: "CreateInstanceProfileInput"}
18718	if s.InstanceProfileName == nil {
18719		invalidParams.Add(request.NewErrParamRequired("InstanceProfileName"))
18720	}
18721	if s.InstanceProfileName != nil && len(*s.InstanceProfileName) < 1 {
18722		invalidParams.Add(request.NewErrParamMinLen("InstanceProfileName", 1))
18723	}
18724	if s.Path != nil && len(*s.Path) < 1 {
18725		invalidParams.Add(request.NewErrParamMinLen("Path", 1))
18726	}
18727	if s.Tags != nil {
18728		for i, v := range s.Tags {
18729			if v == nil {
18730				continue
18731			}
18732			if err := v.Validate(); err != nil {
18733				invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Tags", i), err.(request.ErrInvalidParams))
18734			}
18735		}
18736	}
18737
18738	if invalidParams.Len() > 0 {
18739		return invalidParams
18740	}
18741	return nil
18742}
18743
18744// SetInstanceProfileName sets the InstanceProfileName field's value.
18745func (s *CreateInstanceProfileInput) SetInstanceProfileName(v string) *CreateInstanceProfileInput {
18746	s.InstanceProfileName = &v
18747	return s
18748}
18749
18750// SetPath sets the Path field's value.
18751func (s *CreateInstanceProfileInput) SetPath(v string) *CreateInstanceProfileInput {
18752	s.Path = &v
18753	return s
18754}
18755
18756// SetTags sets the Tags field's value.
18757func (s *CreateInstanceProfileInput) SetTags(v []*Tag) *CreateInstanceProfileInput {
18758	s.Tags = v
18759	return s
18760}
18761
18762// Contains the response to a successful CreateInstanceProfile request.
18763type CreateInstanceProfileOutput struct {
18764	_ struct{} `type:"structure"`
18765
18766	// A structure containing details about the new instance profile.
18767	//
18768	// InstanceProfile is a required field
18769	InstanceProfile *InstanceProfile `type:"structure" required:"true"`
18770}
18771
18772// String returns the string representation
18773func (s CreateInstanceProfileOutput) String() string {
18774	return awsutil.Prettify(s)
18775}
18776
18777// GoString returns the string representation
18778func (s CreateInstanceProfileOutput) GoString() string {
18779	return s.String()
18780}
18781
18782// SetInstanceProfile sets the InstanceProfile field's value.
18783func (s *CreateInstanceProfileOutput) SetInstanceProfile(v *InstanceProfile) *CreateInstanceProfileOutput {
18784	s.InstanceProfile = v
18785	return s
18786}
18787
18788type CreateLoginProfileInput struct {
18789	_ struct{} `type:"structure"`
18790
18791	// The new password for the user.
18792	//
18793	// The regex pattern (http://wikipedia.org/wiki/regex) that is used to validate
18794	// this parameter is a string of characters. That string can include almost
18795	// any printable ASCII character from the space (\u0020) through the end of
18796	// the ASCII character range (\u00FF). You can also include the tab (\u0009),
18797	// line feed (\u000A), and carriage return (\u000D) characters. Any of these
18798	// characters are valid in a password. However, many tools, such as the AWS
18799	// Management Console, might restrict the ability to type certain characters
18800	// because they have special meaning within that tool.
18801	//
18802	// Password is a required field
18803	Password *string `min:"1" type:"string" required:"true" sensitive:"true"`
18804
18805	// Specifies whether the user is required to set a new password on next sign-in.
18806	PasswordResetRequired *bool `type:"boolean"`
18807
18808	// The name of the IAM user to create a password for. The user must already
18809	// exist.
18810	//
18811	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
18812	// a string of characters consisting of upper and lowercase alphanumeric characters
18813	// with no spaces. You can also include any of the following characters: _+=,.@-
18814	//
18815	// UserName is a required field
18816	UserName *string `min:"1" type:"string" required:"true"`
18817}
18818
18819// String returns the string representation
18820func (s CreateLoginProfileInput) String() string {
18821	return awsutil.Prettify(s)
18822}
18823
18824// GoString returns the string representation
18825func (s CreateLoginProfileInput) GoString() string {
18826	return s.String()
18827}
18828
18829// Validate inspects the fields of the type to determine if they are valid.
18830func (s *CreateLoginProfileInput) Validate() error {
18831	invalidParams := request.ErrInvalidParams{Context: "CreateLoginProfileInput"}
18832	if s.Password == nil {
18833		invalidParams.Add(request.NewErrParamRequired("Password"))
18834	}
18835	if s.Password != nil && len(*s.Password) < 1 {
18836		invalidParams.Add(request.NewErrParamMinLen("Password", 1))
18837	}
18838	if s.UserName == nil {
18839		invalidParams.Add(request.NewErrParamRequired("UserName"))
18840	}
18841	if s.UserName != nil && len(*s.UserName) < 1 {
18842		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
18843	}
18844
18845	if invalidParams.Len() > 0 {
18846		return invalidParams
18847	}
18848	return nil
18849}
18850
18851// SetPassword sets the Password field's value.
18852func (s *CreateLoginProfileInput) SetPassword(v string) *CreateLoginProfileInput {
18853	s.Password = &v
18854	return s
18855}
18856
18857// SetPasswordResetRequired sets the PasswordResetRequired field's value.
18858func (s *CreateLoginProfileInput) SetPasswordResetRequired(v bool) *CreateLoginProfileInput {
18859	s.PasswordResetRequired = &v
18860	return s
18861}
18862
18863// SetUserName sets the UserName field's value.
18864func (s *CreateLoginProfileInput) SetUserName(v string) *CreateLoginProfileInput {
18865	s.UserName = &v
18866	return s
18867}
18868
18869// Contains the response to a successful CreateLoginProfile request.
18870type CreateLoginProfileOutput struct {
18871	_ struct{} `type:"structure"`
18872
18873	// A structure containing the user name and password create date.
18874	//
18875	// LoginProfile is a required field
18876	LoginProfile *LoginProfile `type:"structure" required:"true"`
18877}
18878
18879// String returns the string representation
18880func (s CreateLoginProfileOutput) String() string {
18881	return awsutil.Prettify(s)
18882}
18883
18884// GoString returns the string representation
18885func (s CreateLoginProfileOutput) GoString() string {
18886	return s.String()
18887}
18888
18889// SetLoginProfile sets the LoginProfile field's value.
18890func (s *CreateLoginProfileOutput) SetLoginProfile(v *LoginProfile) *CreateLoginProfileOutput {
18891	s.LoginProfile = v
18892	return s
18893}
18894
18895type CreateOpenIDConnectProviderInput struct {
18896	_ struct{} `type:"structure"`
18897
18898	// A list of client IDs (also known as audiences). When a mobile or web app
18899	// registers with an OpenID Connect provider, they establish a value that identifies
18900	// the application. (This is the value that's sent as the client_id parameter
18901	// on OAuth requests.)
18902	//
18903	// You can register multiple client IDs with the same provider. For example,
18904	// you might have multiple applications that use the same OIDC provider. You
18905	// cannot register more than 100 client IDs with a single IAM OIDC provider.
18906	//
18907	// There is no defined format for a client ID. The CreateOpenIDConnectProviderRequest
18908	// operation accepts client IDs up to 255 characters long.
18909	ClientIDList []*string `type:"list"`
18910
18911	// A list of tags that you want to attach to the new IAM OpenID Connect (OIDC)
18912	// provider. Each tag consists of a key name and an associated value. For more
18913	// information about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
18914	// in the IAM User Guide.
18915	//
18916	// If any one of the tags is invalid or if you exceed the allowed maximum number
18917	// of tags, then the entire request fails and the resource is not created.
18918	Tags []*Tag `type:"list"`
18919
18920	// A list of server certificate thumbprints for the OpenID Connect (OIDC) identity
18921	// provider's server certificates. Typically this list includes only one entry.
18922	// However, IAM lets you have up to five thumbprints for an OIDC provider. This
18923	// lets you maintain multiple thumbprints if the identity provider is rotating
18924	// certificates.
18925	//
18926	// The server certificate thumbprint is the hex-encoded SHA-1 hash value of
18927	// the X.509 certificate used by the domain where the OpenID Connect provider
18928	// makes its keys available. It is always a 40-character string.
18929	//
18930	// You must provide at least one thumbprint when creating an IAM OIDC provider.
18931	// For example, assume that the OIDC provider is server.example.com and the
18932	// provider stores its keys at https://keys.server.example.com/openid-connect.
18933	// In that case, the thumbprint string would be the hex-encoded SHA-1 hash value
18934	// of the certificate used by https://keys.server.example.com.
18935	//
18936	// For more information about obtaining the OIDC provider's thumbprint, see
18937	// Obtaining the thumbprint for an OpenID Connect provider (https://docs.aws.amazon.com/IAM/latest/UserGuide/identity-providers-oidc-obtain-thumbprint.html)
18938	// in the IAM User Guide.
18939	//
18940	// ThumbprintList is a required field
18941	ThumbprintList []*string `type:"list" required:"true"`
18942
18943	// The URL of the identity provider. The URL must begin with https:// and should
18944	// correspond to the iss claim in the provider's OpenID Connect ID tokens. Per
18945	// the OIDC standard, path components are allowed but query parameters are not.
18946	// Typically the URL consists of only a hostname, like https://server.example.org
18947	// or https://example.com.
18948	//
18949	// You cannot register the same provider multiple times in a single AWS account.
18950	// If you try to submit a URL that has already been used for an OpenID Connect
18951	// provider in the AWS account, you will get an error.
18952	//
18953	// Url is a required field
18954	Url *string `min:"1" type:"string" required:"true"`
18955}
18956
18957// String returns the string representation
18958func (s CreateOpenIDConnectProviderInput) String() string {
18959	return awsutil.Prettify(s)
18960}
18961
18962// GoString returns the string representation
18963func (s CreateOpenIDConnectProviderInput) GoString() string {
18964	return s.String()
18965}
18966
18967// Validate inspects the fields of the type to determine if they are valid.
18968func (s *CreateOpenIDConnectProviderInput) Validate() error {
18969	invalidParams := request.ErrInvalidParams{Context: "CreateOpenIDConnectProviderInput"}
18970	if s.ThumbprintList == nil {
18971		invalidParams.Add(request.NewErrParamRequired("ThumbprintList"))
18972	}
18973	if s.Url == nil {
18974		invalidParams.Add(request.NewErrParamRequired("Url"))
18975	}
18976	if s.Url != nil && len(*s.Url) < 1 {
18977		invalidParams.Add(request.NewErrParamMinLen("Url", 1))
18978	}
18979	if s.Tags != nil {
18980		for i, v := range s.Tags {
18981			if v == nil {
18982				continue
18983			}
18984			if err := v.Validate(); err != nil {
18985				invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Tags", i), err.(request.ErrInvalidParams))
18986			}
18987		}
18988	}
18989
18990	if invalidParams.Len() > 0 {
18991		return invalidParams
18992	}
18993	return nil
18994}
18995
18996// SetClientIDList sets the ClientIDList field's value.
18997func (s *CreateOpenIDConnectProviderInput) SetClientIDList(v []*string) *CreateOpenIDConnectProviderInput {
18998	s.ClientIDList = v
18999	return s
19000}
19001
19002// SetTags sets the Tags field's value.
19003func (s *CreateOpenIDConnectProviderInput) SetTags(v []*Tag) *CreateOpenIDConnectProviderInput {
19004	s.Tags = v
19005	return s
19006}
19007
19008// SetThumbprintList sets the ThumbprintList field's value.
19009func (s *CreateOpenIDConnectProviderInput) SetThumbprintList(v []*string) *CreateOpenIDConnectProviderInput {
19010	s.ThumbprintList = v
19011	return s
19012}
19013
19014// SetUrl sets the Url field's value.
19015func (s *CreateOpenIDConnectProviderInput) SetUrl(v string) *CreateOpenIDConnectProviderInput {
19016	s.Url = &v
19017	return s
19018}
19019
19020// Contains the response to a successful CreateOpenIDConnectProvider request.
19021type CreateOpenIDConnectProviderOutput struct {
19022	_ struct{} `type:"structure"`
19023
19024	// The Amazon Resource Name (ARN) of the new IAM OpenID Connect provider that
19025	// is created. For more information, see OpenIDConnectProviderListEntry.
19026	OpenIDConnectProviderArn *string `min:"20" type:"string"`
19027
19028	// A list of tags that are attached to the new IAM OIDC provider. The returned
19029	// list of tags is sorted by tag key. For more information about tagging, see
19030	// Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
19031	// in the IAM User Guide.
19032	Tags []*Tag `type:"list"`
19033}
19034
19035// String returns the string representation
19036func (s CreateOpenIDConnectProviderOutput) String() string {
19037	return awsutil.Prettify(s)
19038}
19039
19040// GoString returns the string representation
19041func (s CreateOpenIDConnectProviderOutput) GoString() string {
19042	return s.String()
19043}
19044
19045// SetOpenIDConnectProviderArn sets the OpenIDConnectProviderArn field's value.
19046func (s *CreateOpenIDConnectProviderOutput) SetOpenIDConnectProviderArn(v string) *CreateOpenIDConnectProviderOutput {
19047	s.OpenIDConnectProviderArn = &v
19048	return s
19049}
19050
19051// SetTags sets the Tags field's value.
19052func (s *CreateOpenIDConnectProviderOutput) SetTags(v []*Tag) *CreateOpenIDConnectProviderOutput {
19053	s.Tags = v
19054	return s
19055}
19056
19057type CreatePolicyInput struct {
19058	_ struct{} `type:"structure"`
19059
19060	// A friendly description of the policy.
19061	//
19062	// Typically used to store information about the permissions defined in the
19063	// policy. For example, "Grants access to production DynamoDB tables."
19064	//
19065	// The policy description is immutable. After a value is assigned, it cannot
19066	// be changed.
19067	Description *string `type:"string"`
19068
19069	// The path for the policy.
19070	//
19071	// For more information about paths, see IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
19072	// in the IAM User Guide.
19073	//
19074	// This parameter is optional. If it is not included, it defaults to a slash
19075	// (/).
19076	//
19077	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
19078	// a string of characters consisting of either a forward slash (/) by itself
19079	// or a string that must begin and end with forward slashes. In addition, it
19080	// can contain any ASCII character from the ! (\u0021) through the DEL character
19081	// (\u007F), including most punctuation characters, digits, and upper and lowercased
19082	// letters.
19083	Path *string `min:"1" type:"string"`
19084
19085	// The JSON policy document that you want to use as the content for the new
19086	// policy.
19087	//
19088	// You must provide policies in JSON format in IAM. However, for AWS CloudFormation
19089	// templates formatted in YAML, you can provide the policy in JSON or YAML format.
19090	// AWS CloudFormation always converts a YAML policy to JSON format before submitting
19091	// it to IAM.
19092	//
19093	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
19094	// parameter is a string of characters consisting of the following:
19095	//
19096	//    * Any printable ASCII character ranging from the space character (\u0020)
19097	//    through the end of the ASCII character range
19098	//
19099	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
19100	//    set (through \u00FF)
19101	//
19102	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
19103	//    return (\u000D)
19104	//
19105	// PolicyDocument is a required field
19106	PolicyDocument *string `min:"1" type:"string" required:"true"`
19107
19108	// The friendly name of the policy.
19109	//
19110	// IAM user, group, role, and policy names must be unique within the account.
19111	// Names are not distinguished by case. For example, you cannot create resources
19112	// named both "MyResource" and "myresource".
19113	//
19114	// PolicyName is a required field
19115	PolicyName *string `min:"1" type:"string" required:"true"`
19116
19117	// A list of tags that you want to attach to the new IAM customer managed policy.
19118	// Each tag consists of a key name and an associated value. For more information
19119	// about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
19120	// in the IAM User Guide.
19121	//
19122	// If any one of the tags is invalid or if you exceed the allowed maximum number
19123	// of tags, then the entire request fails and the resource is not created.
19124	Tags []*Tag `type:"list"`
19125}
19126
19127// String returns the string representation
19128func (s CreatePolicyInput) String() string {
19129	return awsutil.Prettify(s)
19130}
19131
19132// GoString returns the string representation
19133func (s CreatePolicyInput) GoString() string {
19134	return s.String()
19135}
19136
19137// Validate inspects the fields of the type to determine if they are valid.
19138func (s *CreatePolicyInput) Validate() error {
19139	invalidParams := request.ErrInvalidParams{Context: "CreatePolicyInput"}
19140	if s.Path != nil && len(*s.Path) < 1 {
19141		invalidParams.Add(request.NewErrParamMinLen("Path", 1))
19142	}
19143	if s.PolicyDocument == nil {
19144		invalidParams.Add(request.NewErrParamRequired("PolicyDocument"))
19145	}
19146	if s.PolicyDocument != nil && len(*s.PolicyDocument) < 1 {
19147		invalidParams.Add(request.NewErrParamMinLen("PolicyDocument", 1))
19148	}
19149	if s.PolicyName == nil {
19150		invalidParams.Add(request.NewErrParamRequired("PolicyName"))
19151	}
19152	if s.PolicyName != nil && len(*s.PolicyName) < 1 {
19153		invalidParams.Add(request.NewErrParamMinLen("PolicyName", 1))
19154	}
19155	if s.Tags != nil {
19156		for i, v := range s.Tags {
19157			if v == nil {
19158				continue
19159			}
19160			if err := v.Validate(); err != nil {
19161				invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Tags", i), err.(request.ErrInvalidParams))
19162			}
19163		}
19164	}
19165
19166	if invalidParams.Len() > 0 {
19167		return invalidParams
19168	}
19169	return nil
19170}
19171
19172// SetDescription sets the Description field's value.
19173func (s *CreatePolicyInput) SetDescription(v string) *CreatePolicyInput {
19174	s.Description = &v
19175	return s
19176}
19177
19178// SetPath sets the Path field's value.
19179func (s *CreatePolicyInput) SetPath(v string) *CreatePolicyInput {
19180	s.Path = &v
19181	return s
19182}
19183
19184// SetPolicyDocument sets the PolicyDocument field's value.
19185func (s *CreatePolicyInput) SetPolicyDocument(v string) *CreatePolicyInput {
19186	s.PolicyDocument = &v
19187	return s
19188}
19189
19190// SetPolicyName sets the PolicyName field's value.
19191func (s *CreatePolicyInput) SetPolicyName(v string) *CreatePolicyInput {
19192	s.PolicyName = &v
19193	return s
19194}
19195
19196// SetTags sets the Tags field's value.
19197func (s *CreatePolicyInput) SetTags(v []*Tag) *CreatePolicyInput {
19198	s.Tags = v
19199	return s
19200}
19201
19202// Contains the response to a successful CreatePolicy request.
19203type CreatePolicyOutput struct {
19204	_ struct{} `type:"structure"`
19205
19206	// A structure containing details about the new policy.
19207	Policy *Policy `type:"structure"`
19208}
19209
19210// String returns the string representation
19211func (s CreatePolicyOutput) String() string {
19212	return awsutil.Prettify(s)
19213}
19214
19215// GoString returns the string representation
19216func (s CreatePolicyOutput) GoString() string {
19217	return s.String()
19218}
19219
19220// SetPolicy sets the Policy field's value.
19221func (s *CreatePolicyOutput) SetPolicy(v *Policy) *CreatePolicyOutput {
19222	s.Policy = v
19223	return s
19224}
19225
19226type CreatePolicyVersionInput struct {
19227	_ struct{} `type:"structure"`
19228
19229	// The Amazon Resource Name (ARN) of the IAM policy to which you want to add
19230	// a new version.
19231	//
19232	// For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
19233	// in the AWS General Reference.
19234	//
19235	// PolicyArn is a required field
19236	PolicyArn *string `min:"20" type:"string" required:"true"`
19237
19238	// The JSON policy document that you want to use as the content for this new
19239	// version of the policy.
19240	//
19241	// You must provide policies in JSON format in IAM. However, for AWS CloudFormation
19242	// templates formatted in YAML, you can provide the policy in JSON or YAML format.
19243	// AWS CloudFormation always converts a YAML policy to JSON format before submitting
19244	// it to IAM.
19245	//
19246	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
19247	// parameter is a string of characters consisting of the following:
19248	//
19249	//    * Any printable ASCII character ranging from the space character (\u0020)
19250	//    through the end of the ASCII character range
19251	//
19252	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
19253	//    set (through \u00FF)
19254	//
19255	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
19256	//    return (\u000D)
19257	//
19258	// PolicyDocument is a required field
19259	PolicyDocument *string `min:"1" type:"string" required:"true"`
19260
19261	// Specifies whether to set this version as the policy's default version.
19262	//
19263	// When this parameter is true, the new policy version becomes the operative
19264	// version. That is, it becomes the version that is in effect for the IAM users,
19265	// groups, and roles that the policy is attached to.
19266	//
19267	// For more information about managed policy versions, see Versioning for managed
19268	// policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-versions.html)
19269	// in the IAM User Guide.
19270	SetAsDefault *bool `type:"boolean"`
19271}
19272
19273// String returns the string representation
19274func (s CreatePolicyVersionInput) String() string {
19275	return awsutil.Prettify(s)
19276}
19277
19278// GoString returns the string representation
19279func (s CreatePolicyVersionInput) GoString() string {
19280	return s.String()
19281}
19282
19283// Validate inspects the fields of the type to determine if they are valid.
19284func (s *CreatePolicyVersionInput) Validate() error {
19285	invalidParams := request.ErrInvalidParams{Context: "CreatePolicyVersionInput"}
19286	if s.PolicyArn == nil {
19287		invalidParams.Add(request.NewErrParamRequired("PolicyArn"))
19288	}
19289	if s.PolicyArn != nil && len(*s.PolicyArn) < 20 {
19290		invalidParams.Add(request.NewErrParamMinLen("PolicyArn", 20))
19291	}
19292	if s.PolicyDocument == nil {
19293		invalidParams.Add(request.NewErrParamRequired("PolicyDocument"))
19294	}
19295	if s.PolicyDocument != nil && len(*s.PolicyDocument) < 1 {
19296		invalidParams.Add(request.NewErrParamMinLen("PolicyDocument", 1))
19297	}
19298
19299	if invalidParams.Len() > 0 {
19300		return invalidParams
19301	}
19302	return nil
19303}
19304
19305// SetPolicyArn sets the PolicyArn field's value.
19306func (s *CreatePolicyVersionInput) SetPolicyArn(v string) *CreatePolicyVersionInput {
19307	s.PolicyArn = &v
19308	return s
19309}
19310
19311// SetPolicyDocument sets the PolicyDocument field's value.
19312func (s *CreatePolicyVersionInput) SetPolicyDocument(v string) *CreatePolicyVersionInput {
19313	s.PolicyDocument = &v
19314	return s
19315}
19316
19317// SetSetAsDefault sets the SetAsDefault field's value.
19318func (s *CreatePolicyVersionInput) SetSetAsDefault(v bool) *CreatePolicyVersionInput {
19319	s.SetAsDefault = &v
19320	return s
19321}
19322
19323// Contains the response to a successful CreatePolicyVersion request.
19324type CreatePolicyVersionOutput struct {
19325	_ struct{} `type:"structure"`
19326
19327	// A structure containing details about the new policy version.
19328	PolicyVersion *PolicyVersion `type:"structure"`
19329}
19330
19331// String returns the string representation
19332func (s CreatePolicyVersionOutput) String() string {
19333	return awsutil.Prettify(s)
19334}
19335
19336// GoString returns the string representation
19337func (s CreatePolicyVersionOutput) GoString() string {
19338	return s.String()
19339}
19340
19341// SetPolicyVersion sets the PolicyVersion field's value.
19342func (s *CreatePolicyVersionOutput) SetPolicyVersion(v *PolicyVersion) *CreatePolicyVersionOutput {
19343	s.PolicyVersion = v
19344	return s
19345}
19346
19347type CreateRoleInput struct {
19348	_ struct{} `type:"structure"`
19349
19350	// The trust relationship policy document that grants an entity permission to
19351	// assume the role.
19352	//
19353	// In IAM, you must provide a JSON policy that has been converted to a string.
19354	// However, for AWS CloudFormation templates formatted in YAML, you can provide
19355	// the policy in JSON or YAML format. AWS CloudFormation always converts a YAML
19356	// policy to JSON format before submitting it to IAM.
19357	//
19358	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
19359	// parameter is a string of characters consisting of the following:
19360	//
19361	//    * Any printable ASCII character ranging from the space character (\u0020)
19362	//    through the end of the ASCII character range
19363	//
19364	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
19365	//    set (through \u00FF)
19366	//
19367	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
19368	//    return (\u000D)
19369	//
19370	// Upon success, the response includes the same trust policy in JSON format.
19371	//
19372	// AssumeRolePolicyDocument is a required field
19373	AssumeRolePolicyDocument *string `min:"1" type:"string" required:"true"`
19374
19375	// A description of the role.
19376	Description *string `type:"string"`
19377
19378	// The maximum session duration (in seconds) that you want to set for the specified
19379	// role. If you do not specify a value for this setting, the default maximum
19380	// of one hour is applied. This setting can have a value from 1 hour to 12 hours.
19381	//
19382	// Anyone who assumes the role from the AWS CLI or API can use the DurationSeconds
19383	// API parameter or the duration-seconds CLI parameter to request a longer session.
19384	// The MaxSessionDuration setting determines the maximum duration that can be
19385	// requested using the DurationSeconds parameter. If users don't specify a value
19386	// for the DurationSeconds parameter, their security credentials are valid for
19387	// one hour by default. This applies when you use the AssumeRole* API operations
19388	// or the assume-role* CLI operations but does not apply when you use those
19389	// operations to create a console URL. For more information, see Using IAM roles
19390	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use.html) in the
19391	// IAM User Guide.
19392	MaxSessionDuration *int64 `min:"3600" type:"integer"`
19393
19394	// The path to the role. For more information about paths, see IAM Identifiers
19395	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
19396	// in the IAM User Guide.
19397	//
19398	// This parameter is optional. If it is not included, it defaults to a slash
19399	// (/).
19400	//
19401	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
19402	// a string of characters consisting of either a forward slash (/) by itself
19403	// or a string that must begin and end with forward slashes. In addition, it
19404	// can contain any ASCII character from the ! (\u0021) through the DEL character
19405	// (\u007F), including most punctuation characters, digits, and upper and lowercased
19406	// letters.
19407	Path *string `min:"1" type:"string"`
19408
19409	// The ARN of the policy that is used to set the permissions boundary for the
19410	// role.
19411	PermissionsBoundary *string `min:"20" type:"string"`
19412
19413	// The name of the role to create.
19414	//
19415	// IAM user, group, role, and policy names must be unique within the account.
19416	// Names are not distinguished by case. For example, you cannot create resources
19417	// named both "MyResource" and "myresource".
19418	//
19419	// RoleName is a required field
19420	RoleName *string `min:"1" type:"string" required:"true"`
19421
19422	// A list of tags that you want to attach to the new role. Each tag consists
19423	// of a key name and an associated value. For more information about tagging,
19424	// see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
19425	// in the IAM User Guide.
19426	//
19427	// If any one of the tags is invalid or if you exceed the allowed maximum number
19428	// of tags, then the entire request fails and the resource is not created.
19429	Tags []*Tag `type:"list"`
19430}
19431
19432// String returns the string representation
19433func (s CreateRoleInput) String() string {
19434	return awsutil.Prettify(s)
19435}
19436
19437// GoString returns the string representation
19438func (s CreateRoleInput) GoString() string {
19439	return s.String()
19440}
19441
19442// Validate inspects the fields of the type to determine if they are valid.
19443func (s *CreateRoleInput) Validate() error {
19444	invalidParams := request.ErrInvalidParams{Context: "CreateRoleInput"}
19445	if s.AssumeRolePolicyDocument == nil {
19446		invalidParams.Add(request.NewErrParamRequired("AssumeRolePolicyDocument"))
19447	}
19448	if s.AssumeRolePolicyDocument != nil && len(*s.AssumeRolePolicyDocument) < 1 {
19449		invalidParams.Add(request.NewErrParamMinLen("AssumeRolePolicyDocument", 1))
19450	}
19451	if s.MaxSessionDuration != nil && *s.MaxSessionDuration < 3600 {
19452		invalidParams.Add(request.NewErrParamMinValue("MaxSessionDuration", 3600))
19453	}
19454	if s.Path != nil && len(*s.Path) < 1 {
19455		invalidParams.Add(request.NewErrParamMinLen("Path", 1))
19456	}
19457	if s.PermissionsBoundary != nil && len(*s.PermissionsBoundary) < 20 {
19458		invalidParams.Add(request.NewErrParamMinLen("PermissionsBoundary", 20))
19459	}
19460	if s.RoleName == nil {
19461		invalidParams.Add(request.NewErrParamRequired("RoleName"))
19462	}
19463	if s.RoleName != nil && len(*s.RoleName) < 1 {
19464		invalidParams.Add(request.NewErrParamMinLen("RoleName", 1))
19465	}
19466	if s.Tags != nil {
19467		for i, v := range s.Tags {
19468			if v == nil {
19469				continue
19470			}
19471			if err := v.Validate(); err != nil {
19472				invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Tags", i), err.(request.ErrInvalidParams))
19473			}
19474		}
19475	}
19476
19477	if invalidParams.Len() > 0 {
19478		return invalidParams
19479	}
19480	return nil
19481}
19482
19483// SetAssumeRolePolicyDocument sets the AssumeRolePolicyDocument field's value.
19484func (s *CreateRoleInput) SetAssumeRolePolicyDocument(v string) *CreateRoleInput {
19485	s.AssumeRolePolicyDocument = &v
19486	return s
19487}
19488
19489// SetDescription sets the Description field's value.
19490func (s *CreateRoleInput) SetDescription(v string) *CreateRoleInput {
19491	s.Description = &v
19492	return s
19493}
19494
19495// SetMaxSessionDuration sets the MaxSessionDuration field's value.
19496func (s *CreateRoleInput) SetMaxSessionDuration(v int64) *CreateRoleInput {
19497	s.MaxSessionDuration = &v
19498	return s
19499}
19500
19501// SetPath sets the Path field's value.
19502func (s *CreateRoleInput) SetPath(v string) *CreateRoleInput {
19503	s.Path = &v
19504	return s
19505}
19506
19507// SetPermissionsBoundary sets the PermissionsBoundary field's value.
19508func (s *CreateRoleInput) SetPermissionsBoundary(v string) *CreateRoleInput {
19509	s.PermissionsBoundary = &v
19510	return s
19511}
19512
19513// SetRoleName sets the RoleName field's value.
19514func (s *CreateRoleInput) SetRoleName(v string) *CreateRoleInput {
19515	s.RoleName = &v
19516	return s
19517}
19518
19519// SetTags sets the Tags field's value.
19520func (s *CreateRoleInput) SetTags(v []*Tag) *CreateRoleInput {
19521	s.Tags = v
19522	return s
19523}
19524
19525// Contains the response to a successful CreateRole request.
19526type CreateRoleOutput struct {
19527	_ struct{} `type:"structure"`
19528
19529	// A structure containing details about the new role.
19530	//
19531	// Role is a required field
19532	Role *Role `type:"structure" required:"true"`
19533}
19534
19535// String returns the string representation
19536func (s CreateRoleOutput) String() string {
19537	return awsutil.Prettify(s)
19538}
19539
19540// GoString returns the string representation
19541func (s CreateRoleOutput) GoString() string {
19542	return s.String()
19543}
19544
19545// SetRole sets the Role field's value.
19546func (s *CreateRoleOutput) SetRole(v *Role) *CreateRoleOutput {
19547	s.Role = v
19548	return s
19549}
19550
19551type CreateSAMLProviderInput struct {
19552	_ struct{} `type:"structure"`
19553
19554	// The name of the provider to create.
19555	//
19556	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
19557	// a string of characters consisting of upper and lowercase alphanumeric characters
19558	// with no spaces. You can also include any of the following characters: _+=,.@-
19559	//
19560	// Name is a required field
19561	Name *string `min:"1" type:"string" required:"true"`
19562
19563	// An XML document generated by an identity provider (IdP) that supports SAML
19564	// 2.0. The document includes the issuer's name, expiration information, and
19565	// keys that can be used to validate the SAML authentication response (assertions)
19566	// that are received from the IdP. You must generate the metadata document using
19567	// the identity management software that is used as your organization's IdP.
19568	//
19569	// For more information, see About SAML 2.0-based federation (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_saml.html)
19570	// in the IAM User Guide
19571	//
19572	// SAMLMetadataDocument is a required field
19573	SAMLMetadataDocument *string `min:"1000" type:"string" required:"true"`
19574
19575	// A list of tags that you want to attach to the new IAM SAML provider. Each
19576	// tag consists of a key name and an associated value. For more information
19577	// about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
19578	// in the IAM User Guide.
19579	//
19580	// If any one of the tags is invalid or if you exceed the allowed maximum number
19581	// of tags, then the entire request fails and the resource is not created.
19582	Tags []*Tag `type:"list"`
19583}
19584
19585// String returns the string representation
19586func (s CreateSAMLProviderInput) String() string {
19587	return awsutil.Prettify(s)
19588}
19589
19590// GoString returns the string representation
19591func (s CreateSAMLProviderInput) GoString() string {
19592	return s.String()
19593}
19594
19595// Validate inspects the fields of the type to determine if they are valid.
19596func (s *CreateSAMLProviderInput) Validate() error {
19597	invalidParams := request.ErrInvalidParams{Context: "CreateSAMLProviderInput"}
19598	if s.Name == nil {
19599		invalidParams.Add(request.NewErrParamRequired("Name"))
19600	}
19601	if s.Name != nil && len(*s.Name) < 1 {
19602		invalidParams.Add(request.NewErrParamMinLen("Name", 1))
19603	}
19604	if s.SAMLMetadataDocument == nil {
19605		invalidParams.Add(request.NewErrParamRequired("SAMLMetadataDocument"))
19606	}
19607	if s.SAMLMetadataDocument != nil && len(*s.SAMLMetadataDocument) < 1000 {
19608		invalidParams.Add(request.NewErrParamMinLen("SAMLMetadataDocument", 1000))
19609	}
19610	if s.Tags != nil {
19611		for i, v := range s.Tags {
19612			if v == nil {
19613				continue
19614			}
19615			if err := v.Validate(); err != nil {
19616				invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Tags", i), err.(request.ErrInvalidParams))
19617			}
19618		}
19619	}
19620
19621	if invalidParams.Len() > 0 {
19622		return invalidParams
19623	}
19624	return nil
19625}
19626
19627// SetName sets the Name field's value.
19628func (s *CreateSAMLProviderInput) SetName(v string) *CreateSAMLProviderInput {
19629	s.Name = &v
19630	return s
19631}
19632
19633// SetSAMLMetadataDocument sets the SAMLMetadataDocument field's value.
19634func (s *CreateSAMLProviderInput) SetSAMLMetadataDocument(v string) *CreateSAMLProviderInput {
19635	s.SAMLMetadataDocument = &v
19636	return s
19637}
19638
19639// SetTags sets the Tags field's value.
19640func (s *CreateSAMLProviderInput) SetTags(v []*Tag) *CreateSAMLProviderInput {
19641	s.Tags = v
19642	return s
19643}
19644
19645// Contains the response to a successful CreateSAMLProvider request.
19646type CreateSAMLProviderOutput struct {
19647	_ struct{} `type:"structure"`
19648
19649	// The Amazon Resource Name (ARN) of the new SAML provider resource in IAM.
19650	SAMLProviderArn *string `min:"20" type:"string"`
19651
19652	// A list of tags that are attached to the new IAM SAML provider. The returned
19653	// list of tags is sorted by tag key. For more information about tagging, see
19654	// Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
19655	// in the IAM User Guide.
19656	Tags []*Tag `type:"list"`
19657}
19658
19659// String returns the string representation
19660func (s CreateSAMLProviderOutput) String() string {
19661	return awsutil.Prettify(s)
19662}
19663
19664// GoString returns the string representation
19665func (s CreateSAMLProviderOutput) GoString() string {
19666	return s.String()
19667}
19668
19669// SetSAMLProviderArn sets the SAMLProviderArn field's value.
19670func (s *CreateSAMLProviderOutput) SetSAMLProviderArn(v string) *CreateSAMLProviderOutput {
19671	s.SAMLProviderArn = &v
19672	return s
19673}
19674
19675// SetTags sets the Tags field's value.
19676func (s *CreateSAMLProviderOutput) SetTags(v []*Tag) *CreateSAMLProviderOutput {
19677	s.Tags = v
19678	return s
19679}
19680
19681type CreateServiceLinkedRoleInput struct {
19682	_ struct{} `type:"structure"`
19683
19684	// The service principal for the AWS service to which this role is attached.
19685	// You use a string similar to a URL but without the http:// in front. For example:
19686	// elasticbeanstalk.amazonaws.com.
19687	//
19688	// Service principals are unique and case-sensitive. To find the exact service
19689	// principal for your service-linked role, see AWS services that work with IAM
19690	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-services-that-work-with-iam.html)
19691	// in the IAM User Guide. Look for the services that have Yes in the Service-Linked
19692	// Role column. Choose the Yes link to view the service-linked role documentation
19693	// for that service.
19694	//
19695	// AWSServiceName is a required field
19696	AWSServiceName *string `min:"1" type:"string" required:"true"`
19697
19698	// A string that you provide, which is combined with the service-provided prefix
19699	// to form the complete role name. If you make multiple requests for the same
19700	// service, then you must supply a different CustomSuffix for each request.
19701	// Otherwise the request fails with a duplicate role name error. For example,
19702	// you could add -1 or -debug to the suffix.
19703	//
19704	// Some services do not support the CustomSuffix parameter. If you provide an
19705	// optional suffix and the operation fails, try the operation again without
19706	// the suffix.
19707	CustomSuffix *string `min:"1" type:"string"`
19708
19709	// The description of the role.
19710	Description *string `type:"string"`
19711}
19712
19713// String returns the string representation
19714func (s CreateServiceLinkedRoleInput) String() string {
19715	return awsutil.Prettify(s)
19716}
19717
19718// GoString returns the string representation
19719func (s CreateServiceLinkedRoleInput) GoString() string {
19720	return s.String()
19721}
19722
19723// Validate inspects the fields of the type to determine if they are valid.
19724func (s *CreateServiceLinkedRoleInput) Validate() error {
19725	invalidParams := request.ErrInvalidParams{Context: "CreateServiceLinkedRoleInput"}
19726	if s.AWSServiceName == nil {
19727		invalidParams.Add(request.NewErrParamRequired("AWSServiceName"))
19728	}
19729	if s.AWSServiceName != nil && len(*s.AWSServiceName) < 1 {
19730		invalidParams.Add(request.NewErrParamMinLen("AWSServiceName", 1))
19731	}
19732	if s.CustomSuffix != nil && len(*s.CustomSuffix) < 1 {
19733		invalidParams.Add(request.NewErrParamMinLen("CustomSuffix", 1))
19734	}
19735
19736	if invalidParams.Len() > 0 {
19737		return invalidParams
19738	}
19739	return nil
19740}
19741
19742// SetAWSServiceName sets the AWSServiceName field's value.
19743func (s *CreateServiceLinkedRoleInput) SetAWSServiceName(v string) *CreateServiceLinkedRoleInput {
19744	s.AWSServiceName = &v
19745	return s
19746}
19747
19748// SetCustomSuffix sets the CustomSuffix field's value.
19749func (s *CreateServiceLinkedRoleInput) SetCustomSuffix(v string) *CreateServiceLinkedRoleInput {
19750	s.CustomSuffix = &v
19751	return s
19752}
19753
19754// SetDescription sets the Description field's value.
19755func (s *CreateServiceLinkedRoleInput) SetDescription(v string) *CreateServiceLinkedRoleInput {
19756	s.Description = &v
19757	return s
19758}
19759
19760type CreateServiceLinkedRoleOutput struct {
19761	_ struct{} `type:"structure"`
19762
19763	// A Role object that contains details about the newly created role.
19764	Role *Role `type:"structure"`
19765}
19766
19767// String returns the string representation
19768func (s CreateServiceLinkedRoleOutput) String() string {
19769	return awsutil.Prettify(s)
19770}
19771
19772// GoString returns the string representation
19773func (s CreateServiceLinkedRoleOutput) GoString() string {
19774	return s.String()
19775}
19776
19777// SetRole sets the Role field's value.
19778func (s *CreateServiceLinkedRoleOutput) SetRole(v *Role) *CreateServiceLinkedRoleOutput {
19779	s.Role = v
19780	return s
19781}
19782
19783type CreateServiceSpecificCredentialInput struct {
19784	_ struct{} `type:"structure"`
19785
19786	// The name of the AWS service that is to be associated with the credentials.
19787	// The service you specify here is the only service that can be accessed using
19788	// these credentials.
19789	//
19790	// ServiceName is a required field
19791	ServiceName *string `type:"string" required:"true"`
19792
19793	// The name of the IAM user that is to be associated with the credentials. The
19794	// new service-specific credentials have the same permissions as the associated
19795	// user except that they can be used only to access the specified service.
19796	//
19797	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
19798	// a string of characters consisting of upper and lowercase alphanumeric characters
19799	// with no spaces. You can also include any of the following characters: _+=,.@-
19800	//
19801	// UserName is a required field
19802	UserName *string `min:"1" type:"string" required:"true"`
19803}
19804
19805// String returns the string representation
19806func (s CreateServiceSpecificCredentialInput) String() string {
19807	return awsutil.Prettify(s)
19808}
19809
19810// GoString returns the string representation
19811func (s CreateServiceSpecificCredentialInput) GoString() string {
19812	return s.String()
19813}
19814
19815// Validate inspects the fields of the type to determine if they are valid.
19816func (s *CreateServiceSpecificCredentialInput) Validate() error {
19817	invalidParams := request.ErrInvalidParams{Context: "CreateServiceSpecificCredentialInput"}
19818	if s.ServiceName == nil {
19819		invalidParams.Add(request.NewErrParamRequired("ServiceName"))
19820	}
19821	if s.UserName == nil {
19822		invalidParams.Add(request.NewErrParamRequired("UserName"))
19823	}
19824	if s.UserName != nil && len(*s.UserName) < 1 {
19825		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
19826	}
19827
19828	if invalidParams.Len() > 0 {
19829		return invalidParams
19830	}
19831	return nil
19832}
19833
19834// SetServiceName sets the ServiceName field's value.
19835func (s *CreateServiceSpecificCredentialInput) SetServiceName(v string) *CreateServiceSpecificCredentialInput {
19836	s.ServiceName = &v
19837	return s
19838}
19839
19840// SetUserName sets the UserName field's value.
19841func (s *CreateServiceSpecificCredentialInput) SetUserName(v string) *CreateServiceSpecificCredentialInput {
19842	s.UserName = &v
19843	return s
19844}
19845
19846type CreateServiceSpecificCredentialOutput struct {
19847	_ struct{} `type:"structure"`
19848
19849	// A structure that contains information about the newly created service-specific
19850	// credential.
19851	//
19852	// This is the only time that the password for this credential set is available.
19853	// It cannot be recovered later. Instead, you must reset the password with ResetServiceSpecificCredential.
19854	ServiceSpecificCredential *ServiceSpecificCredential `type:"structure"`
19855}
19856
19857// String returns the string representation
19858func (s CreateServiceSpecificCredentialOutput) String() string {
19859	return awsutil.Prettify(s)
19860}
19861
19862// GoString returns the string representation
19863func (s CreateServiceSpecificCredentialOutput) GoString() string {
19864	return s.String()
19865}
19866
19867// SetServiceSpecificCredential sets the ServiceSpecificCredential field's value.
19868func (s *CreateServiceSpecificCredentialOutput) SetServiceSpecificCredential(v *ServiceSpecificCredential) *CreateServiceSpecificCredentialOutput {
19869	s.ServiceSpecificCredential = v
19870	return s
19871}
19872
19873type CreateUserInput struct {
19874	_ struct{} `type:"structure"`
19875
19876	// The path for the user name. For more information about paths, see IAM identifiers
19877	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
19878	// in the IAM User Guide.
19879	//
19880	// This parameter is optional. If it is not included, it defaults to a slash
19881	// (/).
19882	//
19883	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
19884	// a string of characters consisting of either a forward slash (/) by itself
19885	// or a string that must begin and end with forward slashes. In addition, it
19886	// can contain any ASCII character from the ! (\u0021) through the DEL character
19887	// (\u007F), including most punctuation characters, digits, and upper and lowercased
19888	// letters.
19889	Path *string `min:"1" type:"string"`
19890
19891	// The ARN of the policy that is used to set the permissions boundary for the
19892	// user.
19893	PermissionsBoundary *string `min:"20" type:"string"`
19894
19895	// A list of tags that you want to attach to the new user. Each tag consists
19896	// of a key name and an associated value. For more information about tagging,
19897	// see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
19898	// in the IAM User Guide.
19899	//
19900	// If any one of the tags is invalid or if you exceed the allowed maximum number
19901	// of tags, then the entire request fails and the resource is not created.
19902	Tags []*Tag `type:"list"`
19903
19904	// The name of the user to create.
19905	//
19906	// IAM user, group, role, and policy names must be unique within the account.
19907	// Names are not distinguished by case. For example, you cannot create resources
19908	// named both "MyResource" and "myresource".
19909	//
19910	// UserName is a required field
19911	UserName *string `min:"1" type:"string" required:"true"`
19912}
19913
19914// String returns the string representation
19915func (s CreateUserInput) String() string {
19916	return awsutil.Prettify(s)
19917}
19918
19919// GoString returns the string representation
19920func (s CreateUserInput) GoString() string {
19921	return s.String()
19922}
19923
19924// Validate inspects the fields of the type to determine if they are valid.
19925func (s *CreateUserInput) Validate() error {
19926	invalidParams := request.ErrInvalidParams{Context: "CreateUserInput"}
19927	if s.Path != nil && len(*s.Path) < 1 {
19928		invalidParams.Add(request.NewErrParamMinLen("Path", 1))
19929	}
19930	if s.PermissionsBoundary != nil && len(*s.PermissionsBoundary) < 20 {
19931		invalidParams.Add(request.NewErrParamMinLen("PermissionsBoundary", 20))
19932	}
19933	if s.UserName == nil {
19934		invalidParams.Add(request.NewErrParamRequired("UserName"))
19935	}
19936	if s.UserName != nil && len(*s.UserName) < 1 {
19937		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
19938	}
19939	if s.Tags != nil {
19940		for i, v := range s.Tags {
19941			if v == nil {
19942				continue
19943			}
19944			if err := v.Validate(); err != nil {
19945				invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Tags", i), err.(request.ErrInvalidParams))
19946			}
19947		}
19948	}
19949
19950	if invalidParams.Len() > 0 {
19951		return invalidParams
19952	}
19953	return nil
19954}
19955
19956// SetPath sets the Path field's value.
19957func (s *CreateUserInput) SetPath(v string) *CreateUserInput {
19958	s.Path = &v
19959	return s
19960}
19961
19962// SetPermissionsBoundary sets the PermissionsBoundary field's value.
19963func (s *CreateUserInput) SetPermissionsBoundary(v string) *CreateUserInput {
19964	s.PermissionsBoundary = &v
19965	return s
19966}
19967
19968// SetTags sets the Tags field's value.
19969func (s *CreateUserInput) SetTags(v []*Tag) *CreateUserInput {
19970	s.Tags = v
19971	return s
19972}
19973
19974// SetUserName sets the UserName field's value.
19975func (s *CreateUserInput) SetUserName(v string) *CreateUserInput {
19976	s.UserName = &v
19977	return s
19978}
19979
19980// Contains the response to a successful CreateUser request.
19981type CreateUserOutput struct {
19982	_ struct{} `type:"structure"`
19983
19984	// A structure with details about the new IAM user.
19985	User *User `type:"structure"`
19986}
19987
19988// String returns the string representation
19989func (s CreateUserOutput) String() string {
19990	return awsutil.Prettify(s)
19991}
19992
19993// GoString returns the string representation
19994func (s CreateUserOutput) GoString() string {
19995	return s.String()
19996}
19997
19998// SetUser sets the User field's value.
19999func (s *CreateUserOutput) SetUser(v *User) *CreateUserOutput {
20000	s.User = v
20001	return s
20002}
20003
20004type CreateVirtualMFADeviceInput struct {
20005	_ struct{} `type:"structure"`
20006
20007	// The path for the virtual MFA device. For more information about paths, see
20008	// IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
20009	// in the IAM User Guide.
20010	//
20011	// This parameter is optional. If it is not included, it defaults to a slash
20012	// (/).
20013	//
20014	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
20015	// a string of characters consisting of either a forward slash (/) by itself
20016	// or a string that must begin and end with forward slashes. In addition, it
20017	// can contain any ASCII character from the ! (\u0021) through the DEL character
20018	// (\u007F), including most punctuation characters, digits, and upper and lowercased
20019	// letters.
20020	Path *string `min:"1" type:"string"`
20021
20022	// A list of tags that you want to attach to the new IAM virtual MFA device.
20023	// Each tag consists of a key name and an associated value. For more information
20024	// about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
20025	// in the IAM User Guide.
20026	//
20027	// If any one of the tags is invalid or if you exceed the allowed maximum number
20028	// of tags, then the entire request fails and the resource is not created.
20029	Tags []*Tag `type:"list"`
20030
20031	// The name of the virtual MFA device. Use with path to uniquely identify a
20032	// virtual MFA device.
20033	//
20034	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
20035	// a string of characters consisting of upper and lowercase alphanumeric characters
20036	// with no spaces. You can also include any of the following characters: _+=,.@-
20037	//
20038	// VirtualMFADeviceName is a required field
20039	VirtualMFADeviceName *string `min:"1" type:"string" required:"true"`
20040}
20041
20042// String returns the string representation
20043func (s CreateVirtualMFADeviceInput) String() string {
20044	return awsutil.Prettify(s)
20045}
20046
20047// GoString returns the string representation
20048func (s CreateVirtualMFADeviceInput) GoString() string {
20049	return s.String()
20050}
20051
20052// Validate inspects the fields of the type to determine if they are valid.
20053func (s *CreateVirtualMFADeviceInput) Validate() error {
20054	invalidParams := request.ErrInvalidParams{Context: "CreateVirtualMFADeviceInput"}
20055	if s.Path != nil && len(*s.Path) < 1 {
20056		invalidParams.Add(request.NewErrParamMinLen("Path", 1))
20057	}
20058	if s.VirtualMFADeviceName == nil {
20059		invalidParams.Add(request.NewErrParamRequired("VirtualMFADeviceName"))
20060	}
20061	if s.VirtualMFADeviceName != nil && len(*s.VirtualMFADeviceName) < 1 {
20062		invalidParams.Add(request.NewErrParamMinLen("VirtualMFADeviceName", 1))
20063	}
20064	if s.Tags != nil {
20065		for i, v := range s.Tags {
20066			if v == nil {
20067				continue
20068			}
20069			if err := v.Validate(); err != nil {
20070				invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Tags", i), err.(request.ErrInvalidParams))
20071			}
20072		}
20073	}
20074
20075	if invalidParams.Len() > 0 {
20076		return invalidParams
20077	}
20078	return nil
20079}
20080
20081// SetPath sets the Path field's value.
20082func (s *CreateVirtualMFADeviceInput) SetPath(v string) *CreateVirtualMFADeviceInput {
20083	s.Path = &v
20084	return s
20085}
20086
20087// SetTags sets the Tags field's value.
20088func (s *CreateVirtualMFADeviceInput) SetTags(v []*Tag) *CreateVirtualMFADeviceInput {
20089	s.Tags = v
20090	return s
20091}
20092
20093// SetVirtualMFADeviceName sets the VirtualMFADeviceName field's value.
20094func (s *CreateVirtualMFADeviceInput) SetVirtualMFADeviceName(v string) *CreateVirtualMFADeviceInput {
20095	s.VirtualMFADeviceName = &v
20096	return s
20097}
20098
20099// Contains the response to a successful CreateVirtualMFADevice request.
20100type CreateVirtualMFADeviceOutput struct {
20101	_ struct{} `type:"structure"`
20102
20103	// A structure containing details about the new virtual MFA device.
20104	//
20105	// VirtualMFADevice is a required field
20106	VirtualMFADevice *VirtualMFADevice `type:"structure" required:"true"`
20107}
20108
20109// String returns the string representation
20110func (s CreateVirtualMFADeviceOutput) String() string {
20111	return awsutil.Prettify(s)
20112}
20113
20114// GoString returns the string representation
20115func (s CreateVirtualMFADeviceOutput) GoString() string {
20116	return s.String()
20117}
20118
20119// SetVirtualMFADevice sets the VirtualMFADevice field's value.
20120func (s *CreateVirtualMFADeviceOutput) SetVirtualMFADevice(v *VirtualMFADevice) *CreateVirtualMFADeviceOutput {
20121	s.VirtualMFADevice = v
20122	return s
20123}
20124
20125type DeactivateMFADeviceInput struct {
20126	_ struct{} `type:"structure"`
20127
20128	// The serial number that uniquely identifies the MFA device. For virtual MFA
20129	// devices, the serial number is the device ARN.
20130	//
20131	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
20132	// a string of characters consisting of upper and lowercase alphanumeric characters
20133	// with no spaces. You can also include any of the following characters: =,.@:/-
20134	//
20135	// SerialNumber is a required field
20136	SerialNumber *string `min:"9" type:"string" required:"true"`
20137
20138	// The name of the user whose MFA device you want to deactivate.
20139	//
20140	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
20141	// a string of characters consisting of upper and lowercase alphanumeric characters
20142	// with no spaces. You can also include any of the following characters: _+=,.@-
20143	//
20144	// UserName is a required field
20145	UserName *string `min:"1" type:"string" required:"true"`
20146}
20147
20148// String returns the string representation
20149func (s DeactivateMFADeviceInput) String() string {
20150	return awsutil.Prettify(s)
20151}
20152
20153// GoString returns the string representation
20154func (s DeactivateMFADeviceInput) GoString() string {
20155	return s.String()
20156}
20157
20158// Validate inspects the fields of the type to determine if they are valid.
20159func (s *DeactivateMFADeviceInput) Validate() error {
20160	invalidParams := request.ErrInvalidParams{Context: "DeactivateMFADeviceInput"}
20161	if s.SerialNumber == nil {
20162		invalidParams.Add(request.NewErrParamRequired("SerialNumber"))
20163	}
20164	if s.SerialNumber != nil && len(*s.SerialNumber) < 9 {
20165		invalidParams.Add(request.NewErrParamMinLen("SerialNumber", 9))
20166	}
20167	if s.UserName == nil {
20168		invalidParams.Add(request.NewErrParamRequired("UserName"))
20169	}
20170	if s.UserName != nil && len(*s.UserName) < 1 {
20171		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
20172	}
20173
20174	if invalidParams.Len() > 0 {
20175		return invalidParams
20176	}
20177	return nil
20178}
20179
20180// SetSerialNumber sets the SerialNumber field's value.
20181func (s *DeactivateMFADeviceInput) SetSerialNumber(v string) *DeactivateMFADeviceInput {
20182	s.SerialNumber = &v
20183	return s
20184}
20185
20186// SetUserName sets the UserName field's value.
20187func (s *DeactivateMFADeviceInput) SetUserName(v string) *DeactivateMFADeviceInput {
20188	s.UserName = &v
20189	return s
20190}
20191
20192type DeactivateMFADeviceOutput struct {
20193	_ struct{} `type:"structure"`
20194}
20195
20196// String returns the string representation
20197func (s DeactivateMFADeviceOutput) String() string {
20198	return awsutil.Prettify(s)
20199}
20200
20201// GoString returns the string representation
20202func (s DeactivateMFADeviceOutput) GoString() string {
20203	return s.String()
20204}
20205
20206type DeleteAccessKeyInput struct {
20207	_ struct{} `type:"structure"`
20208
20209	// The access key ID for the access key ID and secret access key you want to
20210	// delete.
20211	//
20212	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
20213	// a string of characters that can consist of any upper or lowercased letter
20214	// or digit.
20215	//
20216	// AccessKeyId is a required field
20217	AccessKeyId *string `min:"16" type:"string" required:"true"`
20218
20219	// The name of the user whose access key pair you want to delete.
20220	//
20221	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
20222	// a string of characters consisting of upper and lowercase alphanumeric characters
20223	// with no spaces. You can also include any of the following characters: _+=,.@-
20224	UserName *string `min:"1" type:"string"`
20225}
20226
20227// String returns the string representation
20228func (s DeleteAccessKeyInput) String() string {
20229	return awsutil.Prettify(s)
20230}
20231
20232// GoString returns the string representation
20233func (s DeleteAccessKeyInput) GoString() string {
20234	return s.String()
20235}
20236
20237// Validate inspects the fields of the type to determine if they are valid.
20238func (s *DeleteAccessKeyInput) Validate() error {
20239	invalidParams := request.ErrInvalidParams{Context: "DeleteAccessKeyInput"}
20240	if s.AccessKeyId == nil {
20241		invalidParams.Add(request.NewErrParamRequired("AccessKeyId"))
20242	}
20243	if s.AccessKeyId != nil && len(*s.AccessKeyId) < 16 {
20244		invalidParams.Add(request.NewErrParamMinLen("AccessKeyId", 16))
20245	}
20246	if s.UserName != nil && len(*s.UserName) < 1 {
20247		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
20248	}
20249
20250	if invalidParams.Len() > 0 {
20251		return invalidParams
20252	}
20253	return nil
20254}
20255
20256// SetAccessKeyId sets the AccessKeyId field's value.
20257func (s *DeleteAccessKeyInput) SetAccessKeyId(v string) *DeleteAccessKeyInput {
20258	s.AccessKeyId = &v
20259	return s
20260}
20261
20262// SetUserName sets the UserName field's value.
20263func (s *DeleteAccessKeyInput) SetUserName(v string) *DeleteAccessKeyInput {
20264	s.UserName = &v
20265	return s
20266}
20267
20268type DeleteAccessKeyOutput struct {
20269	_ struct{} `type:"structure"`
20270}
20271
20272// String returns the string representation
20273func (s DeleteAccessKeyOutput) String() string {
20274	return awsutil.Prettify(s)
20275}
20276
20277// GoString returns the string representation
20278func (s DeleteAccessKeyOutput) GoString() string {
20279	return s.String()
20280}
20281
20282type DeleteAccountAliasInput struct {
20283	_ struct{} `type:"structure"`
20284
20285	// The name of the account alias to delete.
20286	//
20287	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
20288	// a string of characters consisting of lowercase letters, digits, and dashes.
20289	// You cannot start or finish with a dash, nor can you have two dashes in a
20290	// row.
20291	//
20292	// AccountAlias is a required field
20293	AccountAlias *string `min:"3" type:"string" required:"true"`
20294}
20295
20296// String returns the string representation
20297func (s DeleteAccountAliasInput) String() string {
20298	return awsutil.Prettify(s)
20299}
20300
20301// GoString returns the string representation
20302func (s DeleteAccountAliasInput) GoString() string {
20303	return s.String()
20304}
20305
20306// Validate inspects the fields of the type to determine if they are valid.
20307func (s *DeleteAccountAliasInput) Validate() error {
20308	invalidParams := request.ErrInvalidParams{Context: "DeleteAccountAliasInput"}
20309	if s.AccountAlias == nil {
20310		invalidParams.Add(request.NewErrParamRequired("AccountAlias"))
20311	}
20312	if s.AccountAlias != nil && len(*s.AccountAlias) < 3 {
20313		invalidParams.Add(request.NewErrParamMinLen("AccountAlias", 3))
20314	}
20315
20316	if invalidParams.Len() > 0 {
20317		return invalidParams
20318	}
20319	return nil
20320}
20321
20322// SetAccountAlias sets the AccountAlias field's value.
20323func (s *DeleteAccountAliasInput) SetAccountAlias(v string) *DeleteAccountAliasInput {
20324	s.AccountAlias = &v
20325	return s
20326}
20327
20328type DeleteAccountAliasOutput struct {
20329	_ struct{} `type:"structure"`
20330}
20331
20332// String returns the string representation
20333func (s DeleteAccountAliasOutput) String() string {
20334	return awsutil.Prettify(s)
20335}
20336
20337// GoString returns the string representation
20338func (s DeleteAccountAliasOutput) GoString() string {
20339	return s.String()
20340}
20341
20342type DeleteAccountPasswordPolicyInput struct {
20343	_ struct{} `type:"structure"`
20344}
20345
20346// String returns the string representation
20347func (s DeleteAccountPasswordPolicyInput) String() string {
20348	return awsutil.Prettify(s)
20349}
20350
20351// GoString returns the string representation
20352func (s DeleteAccountPasswordPolicyInput) GoString() string {
20353	return s.String()
20354}
20355
20356type DeleteAccountPasswordPolicyOutput struct {
20357	_ struct{} `type:"structure"`
20358}
20359
20360// String returns the string representation
20361func (s DeleteAccountPasswordPolicyOutput) String() string {
20362	return awsutil.Prettify(s)
20363}
20364
20365// GoString returns the string representation
20366func (s DeleteAccountPasswordPolicyOutput) GoString() string {
20367	return s.String()
20368}
20369
20370type DeleteGroupInput struct {
20371	_ struct{} `type:"structure"`
20372
20373	// The name of the IAM group to delete.
20374	//
20375	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
20376	// a string of characters consisting of upper and lowercase alphanumeric characters
20377	// with no spaces. You can also include any of the following characters: _+=,.@-
20378	//
20379	// GroupName is a required field
20380	GroupName *string `min:"1" type:"string" required:"true"`
20381}
20382
20383// String returns the string representation
20384func (s DeleteGroupInput) String() string {
20385	return awsutil.Prettify(s)
20386}
20387
20388// GoString returns the string representation
20389func (s DeleteGroupInput) GoString() string {
20390	return s.String()
20391}
20392
20393// Validate inspects the fields of the type to determine if they are valid.
20394func (s *DeleteGroupInput) Validate() error {
20395	invalidParams := request.ErrInvalidParams{Context: "DeleteGroupInput"}
20396	if s.GroupName == nil {
20397		invalidParams.Add(request.NewErrParamRequired("GroupName"))
20398	}
20399	if s.GroupName != nil && len(*s.GroupName) < 1 {
20400		invalidParams.Add(request.NewErrParamMinLen("GroupName", 1))
20401	}
20402
20403	if invalidParams.Len() > 0 {
20404		return invalidParams
20405	}
20406	return nil
20407}
20408
20409// SetGroupName sets the GroupName field's value.
20410func (s *DeleteGroupInput) SetGroupName(v string) *DeleteGroupInput {
20411	s.GroupName = &v
20412	return s
20413}
20414
20415type DeleteGroupOutput struct {
20416	_ struct{} `type:"structure"`
20417}
20418
20419// String returns the string representation
20420func (s DeleteGroupOutput) String() string {
20421	return awsutil.Prettify(s)
20422}
20423
20424// GoString returns the string representation
20425func (s DeleteGroupOutput) GoString() string {
20426	return s.String()
20427}
20428
20429type DeleteGroupPolicyInput struct {
20430	_ struct{} `type:"structure"`
20431
20432	// The name (friendly name, not ARN) identifying the group that the policy is
20433	// embedded in.
20434	//
20435	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
20436	// a string of characters consisting of upper and lowercase alphanumeric characters
20437	// with no spaces. You can also include any of the following characters: _+=,.@-
20438	//
20439	// GroupName is a required field
20440	GroupName *string `min:"1" type:"string" required:"true"`
20441
20442	// The name identifying the policy document to delete.
20443	//
20444	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
20445	// a string of characters consisting of upper and lowercase alphanumeric characters
20446	// with no spaces. You can also include any of the following characters: _+=,.@-
20447	//
20448	// PolicyName is a required field
20449	PolicyName *string `min:"1" type:"string" required:"true"`
20450}
20451
20452// String returns the string representation
20453func (s DeleteGroupPolicyInput) String() string {
20454	return awsutil.Prettify(s)
20455}
20456
20457// GoString returns the string representation
20458func (s DeleteGroupPolicyInput) GoString() string {
20459	return s.String()
20460}
20461
20462// Validate inspects the fields of the type to determine if they are valid.
20463func (s *DeleteGroupPolicyInput) Validate() error {
20464	invalidParams := request.ErrInvalidParams{Context: "DeleteGroupPolicyInput"}
20465	if s.GroupName == nil {
20466		invalidParams.Add(request.NewErrParamRequired("GroupName"))
20467	}
20468	if s.GroupName != nil && len(*s.GroupName) < 1 {
20469		invalidParams.Add(request.NewErrParamMinLen("GroupName", 1))
20470	}
20471	if s.PolicyName == nil {
20472		invalidParams.Add(request.NewErrParamRequired("PolicyName"))
20473	}
20474	if s.PolicyName != nil && len(*s.PolicyName) < 1 {
20475		invalidParams.Add(request.NewErrParamMinLen("PolicyName", 1))
20476	}
20477
20478	if invalidParams.Len() > 0 {
20479		return invalidParams
20480	}
20481	return nil
20482}
20483
20484// SetGroupName sets the GroupName field's value.
20485func (s *DeleteGroupPolicyInput) SetGroupName(v string) *DeleteGroupPolicyInput {
20486	s.GroupName = &v
20487	return s
20488}
20489
20490// SetPolicyName sets the PolicyName field's value.
20491func (s *DeleteGroupPolicyInput) SetPolicyName(v string) *DeleteGroupPolicyInput {
20492	s.PolicyName = &v
20493	return s
20494}
20495
20496type DeleteGroupPolicyOutput struct {
20497	_ struct{} `type:"structure"`
20498}
20499
20500// String returns the string representation
20501func (s DeleteGroupPolicyOutput) String() string {
20502	return awsutil.Prettify(s)
20503}
20504
20505// GoString returns the string representation
20506func (s DeleteGroupPolicyOutput) GoString() string {
20507	return s.String()
20508}
20509
20510type DeleteInstanceProfileInput struct {
20511	_ struct{} `type:"structure"`
20512
20513	// The name of the instance profile to delete.
20514	//
20515	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
20516	// a string of characters consisting of upper and lowercase alphanumeric characters
20517	// with no spaces. You can also include any of the following characters: _+=,.@-
20518	//
20519	// InstanceProfileName is a required field
20520	InstanceProfileName *string `min:"1" type:"string" required:"true"`
20521}
20522
20523// String returns the string representation
20524func (s DeleteInstanceProfileInput) String() string {
20525	return awsutil.Prettify(s)
20526}
20527
20528// GoString returns the string representation
20529func (s DeleteInstanceProfileInput) GoString() string {
20530	return s.String()
20531}
20532
20533// Validate inspects the fields of the type to determine if they are valid.
20534func (s *DeleteInstanceProfileInput) Validate() error {
20535	invalidParams := request.ErrInvalidParams{Context: "DeleteInstanceProfileInput"}
20536	if s.InstanceProfileName == nil {
20537		invalidParams.Add(request.NewErrParamRequired("InstanceProfileName"))
20538	}
20539	if s.InstanceProfileName != nil && len(*s.InstanceProfileName) < 1 {
20540		invalidParams.Add(request.NewErrParamMinLen("InstanceProfileName", 1))
20541	}
20542
20543	if invalidParams.Len() > 0 {
20544		return invalidParams
20545	}
20546	return nil
20547}
20548
20549// SetInstanceProfileName sets the InstanceProfileName field's value.
20550func (s *DeleteInstanceProfileInput) SetInstanceProfileName(v string) *DeleteInstanceProfileInput {
20551	s.InstanceProfileName = &v
20552	return s
20553}
20554
20555type DeleteInstanceProfileOutput struct {
20556	_ struct{} `type:"structure"`
20557}
20558
20559// String returns the string representation
20560func (s DeleteInstanceProfileOutput) String() string {
20561	return awsutil.Prettify(s)
20562}
20563
20564// GoString returns the string representation
20565func (s DeleteInstanceProfileOutput) GoString() string {
20566	return s.String()
20567}
20568
20569type DeleteLoginProfileInput struct {
20570	_ struct{} `type:"structure"`
20571
20572	// The name of the user whose password you want to delete.
20573	//
20574	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
20575	// a string of characters consisting of upper and lowercase alphanumeric characters
20576	// with no spaces. You can also include any of the following characters: _+=,.@-
20577	//
20578	// UserName is a required field
20579	UserName *string `min:"1" type:"string" required:"true"`
20580}
20581
20582// String returns the string representation
20583func (s DeleteLoginProfileInput) String() string {
20584	return awsutil.Prettify(s)
20585}
20586
20587// GoString returns the string representation
20588func (s DeleteLoginProfileInput) GoString() string {
20589	return s.String()
20590}
20591
20592// Validate inspects the fields of the type to determine if they are valid.
20593func (s *DeleteLoginProfileInput) Validate() error {
20594	invalidParams := request.ErrInvalidParams{Context: "DeleteLoginProfileInput"}
20595	if s.UserName == nil {
20596		invalidParams.Add(request.NewErrParamRequired("UserName"))
20597	}
20598	if s.UserName != nil && len(*s.UserName) < 1 {
20599		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
20600	}
20601
20602	if invalidParams.Len() > 0 {
20603		return invalidParams
20604	}
20605	return nil
20606}
20607
20608// SetUserName sets the UserName field's value.
20609func (s *DeleteLoginProfileInput) SetUserName(v string) *DeleteLoginProfileInput {
20610	s.UserName = &v
20611	return s
20612}
20613
20614type DeleteLoginProfileOutput struct {
20615	_ struct{} `type:"structure"`
20616}
20617
20618// String returns the string representation
20619func (s DeleteLoginProfileOutput) String() string {
20620	return awsutil.Prettify(s)
20621}
20622
20623// GoString returns the string representation
20624func (s DeleteLoginProfileOutput) GoString() string {
20625	return s.String()
20626}
20627
20628type DeleteOpenIDConnectProviderInput struct {
20629	_ struct{} `type:"structure"`
20630
20631	// The Amazon Resource Name (ARN) of the IAM OpenID Connect provider resource
20632	// object to delete. You can get a list of OpenID Connect provider resource
20633	// ARNs by using the ListOpenIDConnectProviders operation.
20634	//
20635	// OpenIDConnectProviderArn is a required field
20636	OpenIDConnectProviderArn *string `min:"20" type:"string" required:"true"`
20637}
20638
20639// String returns the string representation
20640func (s DeleteOpenIDConnectProviderInput) String() string {
20641	return awsutil.Prettify(s)
20642}
20643
20644// GoString returns the string representation
20645func (s DeleteOpenIDConnectProviderInput) GoString() string {
20646	return s.String()
20647}
20648
20649// Validate inspects the fields of the type to determine if they are valid.
20650func (s *DeleteOpenIDConnectProviderInput) Validate() error {
20651	invalidParams := request.ErrInvalidParams{Context: "DeleteOpenIDConnectProviderInput"}
20652	if s.OpenIDConnectProviderArn == nil {
20653		invalidParams.Add(request.NewErrParamRequired("OpenIDConnectProviderArn"))
20654	}
20655	if s.OpenIDConnectProviderArn != nil && len(*s.OpenIDConnectProviderArn) < 20 {
20656		invalidParams.Add(request.NewErrParamMinLen("OpenIDConnectProviderArn", 20))
20657	}
20658
20659	if invalidParams.Len() > 0 {
20660		return invalidParams
20661	}
20662	return nil
20663}
20664
20665// SetOpenIDConnectProviderArn sets the OpenIDConnectProviderArn field's value.
20666func (s *DeleteOpenIDConnectProviderInput) SetOpenIDConnectProviderArn(v string) *DeleteOpenIDConnectProviderInput {
20667	s.OpenIDConnectProviderArn = &v
20668	return s
20669}
20670
20671type DeleteOpenIDConnectProviderOutput struct {
20672	_ struct{} `type:"structure"`
20673}
20674
20675// String returns the string representation
20676func (s DeleteOpenIDConnectProviderOutput) String() string {
20677	return awsutil.Prettify(s)
20678}
20679
20680// GoString returns the string representation
20681func (s DeleteOpenIDConnectProviderOutput) GoString() string {
20682	return s.String()
20683}
20684
20685type DeletePolicyInput struct {
20686	_ struct{} `type:"structure"`
20687
20688	// The Amazon Resource Name (ARN) of the IAM policy you want to delete.
20689	//
20690	// For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
20691	// in the AWS General Reference.
20692	//
20693	// PolicyArn is a required field
20694	PolicyArn *string `min:"20" type:"string" required:"true"`
20695}
20696
20697// String returns the string representation
20698func (s DeletePolicyInput) String() string {
20699	return awsutil.Prettify(s)
20700}
20701
20702// GoString returns the string representation
20703func (s DeletePolicyInput) GoString() string {
20704	return s.String()
20705}
20706
20707// Validate inspects the fields of the type to determine if they are valid.
20708func (s *DeletePolicyInput) Validate() error {
20709	invalidParams := request.ErrInvalidParams{Context: "DeletePolicyInput"}
20710	if s.PolicyArn == nil {
20711		invalidParams.Add(request.NewErrParamRequired("PolicyArn"))
20712	}
20713	if s.PolicyArn != nil && len(*s.PolicyArn) < 20 {
20714		invalidParams.Add(request.NewErrParamMinLen("PolicyArn", 20))
20715	}
20716
20717	if invalidParams.Len() > 0 {
20718		return invalidParams
20719	}
20720	return nil
20721}
20722
20723// SetPolicyArn sets the PolicyArn field's value.
20724func (s *DeletePolicyInput) SetPolicyArn(v string) *DeletePolicyInput {
20725	s.PolicyArn = &v
20726	return s
20727}
20728
20729type DeletePolicyOutput struct {
20730	_ struct{} `type:"structure"`
20731}
20732
20733// String returns the string representation
20734func (s DeletePolicyOutput) String() string {
20735	return awsutil.Prettify(s)
20736}
20737
20738// GoString returns the string representation
20739func (s DeletePolicyOutput) GoString() string {
20740	return s.String()
20741}
20742
20743type DeletePolicyVersionInput struct {
20744	_ struct{} `type:"structure"`
20745
20746	// The Amazon Resource Name (ARN) of the IAM policy from which you want to delete
20747	// a version.
20748	//
20749	// For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
20750	// in the AWS General Reference.
20751	//
20752	// PolicyArn is a required field
20753	PolicyArn *string `min:"20" type:"string" required:"true"`
20754
20755	// The policy version to delete.
20756	//
20757	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
20758	// a string of characters that consists of the lowercase letter 'v' followed
20759	// by one or two digits, and optionally followed by a period '.' and a string
20760	// of letters and digits.
20761	//
20762	// For more information about managed policy versions, see Versioning for managed
20763	// policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-versions.html)
20764	// in the IAM User Guide.
20765	//
20766	// VersionId is a required field
20767	VersionId *string `type:"string" required:"true"`
20768}
20769
20770// String returns the string representation
20771func (s DeletePolicyVersionInput) String() string {
20772	return awsutil.Prettify(s)
20773}
20774
20775// GoString returns the string representation
20776func (s DeletePolicyVersionInput) GoString() string {
20777	return s.String()
20778}
20779
20780// Validate inspects the fields of the type to determine if they are valid.
20781func (s *DeletePolicyVersionInput) Validate() error {
20782	invalidParams := request.ErrInvalidParams{Context: "DeletePolicyVersionInput"}
20783	if s.PolicyArn == nil {
20784		invalidParams.Add(request.NewErrParamRequired("PolicyArn"))
20785	}
20786	if s.PolicyArn != nil && len(*s.PolicyArn) < 20 {
20787		invalidParams.Add(request.NewErrParamMinLen("PolicyArn", 20))
20788	}
20789	if s.VersionId == nil {
20790		invalidParams.Add(request.NewErrParamRequired("VersionId"))
20791	}
20792
20793	if invalidParams.Len() > 0 {
20794		return invalidParams
20795	}
20796	return nil
20797}
20798
20799// SetPolicyArn sets the PolicyArn field's value.
20800func (s *DeletePolicyVersionInput) SetPolicyArn(v string) *DeletePolicyVersionInput {
20801	s.PolicyArn = &v
20802	return s
20803}
20804
20805// SetVersionId sets the VersionId field's value.
20806func (s *DeletePolicyVersionInput) SetVersionId(v string) *DeletePolicyVersionInput {
20807	s.VersionId = &v
20808	return s
20809}
20810
20811type DeletePolicyVersionOutput struct {
20812	_ struct{} `type:"structure"`
20813}
20814
20815// String returns the string representation
20816func (s DeletePolicyVersionOutput) String() string {
20817	return awsutil.Prettify(s)
20818}
20819
20820// GoString returns the string representation
20821func (s DeletePolicyVersionOutput) GoString() string {
20822	return s.String()
20823}
20824
20825type DeleteRoleInput struct {
20826	_ struct{} `type:"structure"`
20827
20828	// The name of the role to delete.
20829	//
20830	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
20831	// a string of characters consisting of upper and lowercase alphanumeric characters
20832	// with no spaces. You can also include any of the following characters: _+=,.@-
20833	//
20834	// RoleName is a required field
20835	RoleName *string `min:"1" type:"string" required:"true"`
20836}
20837
20838// String returns the string representation
20839func (s DeleteRoleInput) String() string {
20840	return awsutil.Prettify(s)
20841}
20842
20843// GoString returns the string representation
20844func (s DeleteRoleInput) GoString() string {
20845	return s.String()
20846}
20847
20848// Validate inspects the fields of the type to determine if they are valid.
20849func (s *DeleteRoleInput) Validate() error {
20850	invalidParams := request.ErrInvalidParams{Context: "DeleteRoleInput"}
20851	if s.RoleName == nil {
20852		invalidParams.Add(request.NewErrParamRequired("RoleName"))
20853	}
20854	if s.RoleName != nil && len(*s.RoleName) < 1 {
20855		invalidParams.Add(request.NewErrParamMinLen("RoleName", 1))
20856	}
20857
20858	if invalidParams.Len() > 0 {
20859		return invalidParams
20860	}
20861	return nil
20862}
20863
20864// SetRoleName sets the RoleName field's value.
20865func (s *DeleteRoleInput) SetRoleName(v string) *DeleteRoleInput {
20866	s.RoleName = &v
20867	return s
20868}
20869
20870type DeleteRoleOutput struct {
20871	_ struct{} `type:"structure"`
20872}
20873
20874// String returns the string representation
20875func (s DeleteRoleOutput) String() string {
20876	return awsutil.Prettify(s)
20877}
20878
20879// GoString returns the string representation
20880func (s DeleteRoleOutput) GoString() string {
20881	return s.String()
20882}
20883
20884type DeleteRolePermissionsBoundaryInput struct {
20885	_ struct{} `type:"structure"`
20886
20887	// The name (friendly name, not ARN) of the IAM role from which you want to
20888	// remove the permissions boundary.
20889	//
20890	// RoleName is a required field
20891	RoleName *string `min:"1" type:"string" required:"true"`
20892}
20893
20894// String returns the string representation
20895func (s DeleteRolePermissionsBoundaryInput) String() string {
20896	return awsutil.Prettify(s)
20897}
20898
20899// GoString returns the string representation
20900func (s DeleteRolePermissionsBoundaryInput) GoString() string {
20901	return s.String()
20902}
20903
20904// Validate inspects the fields of the type to determine if they are valid.
20905func (s *DeleteRolePermissionsBoundaryInput) Validate() error {
20906	invalidParams := request.ErrInvalidParams{Context: "DeleteRolePermissionsBoundaryInput"}
20907	if s.RoleName == nil {
20908		invalidParams.Add(request.NewErrParamRequired("RoleName"))
20909	}
20910	if s.RoleName != nil && len(*s.RoleName) < 1 {
20911		invalidParams.Add(request.NewErrParamMinLen("RoleName", 1))
20912	}
20913
20914	if invalidParams.Len() > 0 {
20915		return invalidParams
20916	}
20917	return nil
20918}
20919
20920// SetRoleName sets the RoleName field's value.
20921func (s *DeleteRolePermissionsBoundaryInput) SetRoleName(v string) *DeleteRolePermissionsBoundaryInput {
20922	s.RoleName = &v
20923	return s
20924}
20925
20926type DeleteRolePermissionsBoundaryOutput struct {
20927	_ struct{} `type:"structure"`
20928}
20929
20930// String returns the string representation
20931func (s DeleteRolePermissionsBoundaryOutput) String() string {
20932	return awsutil.Prettify(s)
20933}
20934
20935// GoString returns the string representation
20936func (s DeleteRolePermissionsBoundaryOutput) GoString() string {
20937	return s.String()
20938}
20939
20940type DeleteRolePolicyInput struct {
20941	_ struct{} `type:"structure"`
20942
20943	// The name of the inline policy to delete from the specified IAM role.
20944	//
20945	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
20946	// a string of characters consisting of upper and lowercase alphanumeric characters
20947	// with no spaces. You can also include any of the following characters: _+=,.@-
20948	//
20949	// PolicyName is a required field
20950	PolicyName *string `min:"1" type:"string" required:"true"`
20951
20952	// The name (friendly name, not ARN) identifying the role that the policy is
20953	// embedded in.
20954	//
20955	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
20956	// a string of characters consisting of upper and lowercase alphanumeric characters
20957	// with no spaces. You can also include any of the following characters: _+=,.@-
20958	//
20959	// RoleName is a required field
20960	RoleName *string `min:"1" type:"string" required:"true"`
20961}
20962
20963// String returns the string representation
20964func (s DeleteRolePolicyInput) String() string {
20965	return awsutil.Prettify(s)
20966}
20967
20968// GoString returns the string representation
20969func (s DeleteRolePolicyInput) GoString() string {
20970	return s.String()
20971}
20972
20973// Validate inspects the fields of the type to determine if they are valid.
20974func (s *DeleteRolePolicyInput) Validate() error {
20975	invalidParams := request.ErrInvalidParams{Context: "DeleteRolePolicyInput"}
20976	if s.PolicyName == nil {
20977		invalidParams.Add(request.NewErrParamRequired("PolicyName"))
20978	}
20979	if s.PolicyName != nil && len(*s.PolicyName) < 1 {
20980		invalidParams.Add(request.NewErrParamMinLen("PolicyName", 1))
20981	}
20982	if s.RoleName == nil {
20983		invalidParams.Add(request.NewErrParamRequired("RoleName"))
20984	}
20985	if s.RoleName != nil && len(*s.RoleName) < 1 {
20986		invalidParams.Add(request.NewErrParamMinLen("RoleName", 1))
20987	}
20988
20989	if invalidParams.Len() > 0 {
20990		return invalidParams
20991	}
20992	return nil
20993}
20994
20995// SetPolicyName sets the PolicyName field's value.
20996func (s *DeleteRolePolicyInput) SetPolicyName(v string) *DeleteRolePolicyInput {
20997	s.PolicyName = &v
20998	return s
20999}
21000
21001// SetRoleName sets the RoleName field's value.
21002func (s *DeleteRolePolicyInput) SetRoleName(v string) *DeleteRolePolicyInput {
21003	s.RoleName = &v
21004	return s
21005}
21006
21007type DeleteRolePolicyOutput struct {
21008	_ struct{} `type:"structure"`
21009}
21010
21011// String returns the string representation
21012func (s DeleteRolePolicyOutput) String() string {
21013	return awsutil.Prettify(s)
21014}
21015
21016// GoString returns the string representation
21017func (s DeleteRolePolicyOutput) GoString() string {
21018	return s.String()
21019}
21020
21021type DeleteSAMLProviderInput struct {
21022	_ struct{} `type:"structure"`
21023
21024	// The Amazon Resource Name (ARN) of the SAML provider to delete.
21025	//
21026	// SAMLProviderArn is a required field
21027	SAMLProviderArn *string `min:"20" type:"string" required:"true"`
21028}
21029
21030// String returns the string representation
21031func (s DeleteSAMLProviderInput) String() string {
21032	return awsutil.Prettify(s)
21033}
21034
21035// GoString returns the string representation
21036func (s DeleteSAMLProviderInput) GoString() string {
21037	return s.String()
21038}
21039
21040// Validate inspects the fields of the type to determine if they are valid.
21041func (s *DeleteSAMLProviderInput) Validate() error {
21042	invalidParams := request.ErrInvalidParams{Context: "DeleteSAMLProviderInput"}
21043	if s.SAMLProviderArn == nil {
21044		invalidParams.Add(request.NewErrParamRequired("SAMLProviderArn"))
21045	}
21046	if s.SAMLProviderArn != nil && len(*s.SAMLProviderArn) < 20 {
21047		invalidParams.Add(request.NewErrParamMinLen("SAMLProviderArn", 20))
21048	}
21049
21050	if invalidParams.Len() > 0 {
21051		return invalidParams
21052	}
21053	return nil
21054}
21055
21056// SetSAMLProviderArn sets the SAMLProviderArn field's value.
21057func (s *DeleteSAMLProviderInput) SetSAMLProviderArn(v string) *DeleteSAMLProviderInput {
21058	s.SAMLProviderArn = &v
21059	return s
21060}
21061
21062type DeleteSAMLProviderOutput struct {
21063	_ struct{} `type:"structure"`
21064}
21065
21066// String returns the string representation
21067func (s DeleteSAMLProviderOutput) String() string {
21068	return awsutil.Prettify(s)
21069}
21070
21071// GoString returns the string representation
21072func (s DeleteSAMLProviderOutput) GoString() string {
21073	return s.String()
21074}
21075
21076type DeleteSSHPublicKeyInput struct {
21077	_ struct{} `type:"structure"`
21078
21079	// The unique identifier for the SSH public key.
21080	//
21081	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
21082	// a string of characters that can consist of any upper or lowercased letter
21083	// or digit.
21084	//
21085	// SSHPublicKeyId is a required field
21086	SSHPublicKeyId *string `min:"20" type:"string" required:"true"`
21087
21088	// The name of the IAM user associated with the SSH public key.
21089	//
21090	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
21091	// a string of characters consisting of upper and lowercase alphanumeric characters
21092	// with no spaces. You can also include any of the following characters: _+=,.@-
21093	//
21094	// UserName is a required field
21095	UserName *string `min:"1" type:"string" required:"true"`
21096}
21097
21098// String returns the string representation
21099func (s DeleteSSHPublicKeyInput) String() string {
21100	return awsutil.Prettify(s)
21101}
21102
21103// GoString returns the string representation
21104func (s DeleteSSHPublicKeyInput) GoString() string {
21105	return s.String()
21106}
21107
21108// Validate inspects the fields of the type to determine if they are valid.
21109func (s *DeleteSSHPublicKeyInput) Validate() error {
21110	invalidParams := request.ErrInvalidParams{Context: "DeleteSSHPublicKeyInput"}
21111	if s.SSHPublicKeyId == nil {
21112		invalidParams.Add(request.NewErrParamRequired("SSHPublicKeyId"))
21113	}
21114	if s.SSHPublicKeyId != nil && len(*s.SSHPublicKeyId) < 20 {
21115		invalidParams.Add(request.NewErrParamMinLen("SSHPublicKeyId", 20))
21116	}
21117	if s.UserName == nil {
21118		invalidParams.Add(request.NewErrParamRequired("UserName"))
21119	}
21120	if s.UserName != nil && len(*s.UserName) < 1 {
21121		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
21122	}
21123
21124	if invalidParams.Len() > 0 {
21125		return invalidParams
21126	}
21127	return nil
21128}
21129
21130// SetSSHPublicKeyId sets the SSHPublicKeyId field's value.
21131func (s *DeleteSSHPublicKeyInput) SetSSHPublicKeyId(v string) *DeleteSSHPublicKeyInput {
21132	s.SSHPublicKeyId = &v
21133	return s
21134}
21135
21136// SetUserName sets the UserName field's value.
21137func (s *DeleteSSHPublicKeyInput) SetUserName(v string) *DeleteSSHPublicKeyInput {
21138	s.UserName = &v
21139	return s
21140}
21141
21142type DeleteSSHPublicKeyOutput struct {
21143	_ struct{} `type:"structure"`
21144}
21145
21146// String returns the string representation
21147func (s DeleteSSHPublicKeyOutput) String() string {
21148	return awsutil.Prettify(s)
21149}
21150
21151// GoString returns the string representation
21152func (s DeleteSSHPublicKeyOutput) GoString() string {
21153	return s.String()
21154}
21155
21156type DeleteServerCertificateInput struct {
21157	_ struct{} `type:"structure"`
21158
21159	// The name of the server certificate you want to delete.
21160	//
21161	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
21162	// a string of characters consisting of upper and lowercase alphanumeric characters
21163	// with no spaces. You can also include any of the following characters: _+=,.@-
21164	//
21165	// ServerCertificateName is a required field
21166	ServerCertificateName *string `min:"1" type:"string" required:"true"`
21167}
21168
21169// String returns the string representation
21170func (s DeleteServerCertificateInput) String() string {
21171	return awsutil.Prettify(s)
21172}
21173
21174// GoString returns the string representation
21175func (s DeleteServerCertificateInput) GoString() string {
21176	return s.String()
21177}
21178
21179// Validate inspects the fields of the type to determine if they are valid.
21180func (s *DeleteServerCertificateInput) Validate() error {
21181	invalidParams := request.ErrInvalidParams{Context: "DeleteServerCertificateInput"}
21182	if s.ServerCertificateName == nil {
21183		invalidParams.Add(request.NewErrParamRequired("ServerCertificateName"))
21184	}
21185	if s.ServerCertificateName != nil && len(*s.ServerCertificateName) < 1 {
21186		invalidParams.Add(request.NewErrParamMinLen("ServerCertificateName", 1))
21187	}
21188
21189	if invalidParams.Len() > 0 {
21190		return invalidParams
21191	}
21192	return nil
21193}
21194
21195// SetServerCertificateName sets the ServerCertificateName field's value.
21196func (s *DeleteServerCertificateInput) SetServerCertificateName(v string) *DeleteServerCertificateInput {
21197	s.ServerCertificateName = &v
21198	return s
21199}
21200
21201type DeleteServerCertificateOutput struct {
21202	_ struct{} `type:"structure"`
21203}
21204
21205// String returns the string representation
21206func (s DeleteServerCertificateOutput) String() string {
21207	return awsutil.Prettify(s)
21208}
21209
21210// GoString returns the string representation
21211func (s DeleteServerCertificateOutput) GoString() string {
21212	return s.String()
21213}
21214
21215type DeleteServiceLinkedRoleInput struct {
21216	_ struct{} `type:"structure"`
21217
21218	// The name of the service-linked role to be deleted.
21219	//
21220	// RoleName is a required field
21221	RoleName *string `min:"1" type:"string" required:"true"`
21222}
21223
21224// String returns the string representation
21225func (s DeleteServiceLinkedRoleInput) String() string {
21226	return awsutil.Prettify(s)
21227}
21228
21229// GoString returns the string representation
21230func (s DeleteServiceLinkedRoleInput) GoString() string {
21231	return s.String()
21232}
21233
21234// Validate inspects the fields of the type to determine if they are valid.
21235func (s *DeleteServiceLinkedRoleInput) Validate() error {
21236	invalidParams := request.ErrInvalidParams{Context: "DeleteServiceLinkedRoleInput"}
21237	if s.RoleName == nil {
21238		invalidParams.Add(request.NewErrParamRequired("RoleName"))
21239	}
21240	if s.RoleName != nil && len(*s.RoleName) < 1 {
21241		invalidParams.Add(request.NewErrParamMinLen("RoleName", 1))
21242	}
21243
21244	if invalidParams.Len() > 0 {
21245		return invalidParams
21246	}
21247	return nil
21248}
21249
21250// SetRoleName sets the RoleName field's value.
21251func (s *DeleteServiceLinkedRoleInput) SetRoleName(v string) *DeleteServiceLinkedRoleInput {
21252	s.RoleName = &v
21253	return s
21254}
21255
21256type DeleteServiceLinkedRoleOutput struct {
21257	_ struct{} `type:"structure"`
21258
21259	// The deletion task identifier that you can use to check the status of the
21260	// deletion. This identifier is returned in the format task/aws-service-role/<service-principal-name>/<role-name>/<task-uuid>.
21261	//
21262	// DeletionTaskId is a required field
21263	DeletionTaskId *string `min:"1" type:"string" required:"true"`
21264}
21265
21266// String returns the string representation
21267func (s DeleteServiceLinkedRoleOutput) String() string {
21268	return awsutil.Prettify(s)
21269}
21270
21271// GoString returns the string representation
21272func (s DeleteServiceLinkedRoleOutput) GoString() string {
21273	return s.String()
21274}
21275
21276// SetDeletionTaskId sets the DeletionTaskId field's value.
21277func (s *DeleteServiceLinkedRoleOutput) SetDeletionTaskId(v string) *DeleteServiceLinkedRoleOutput {
21278	s.DeletionTaskId = &v
21279	return s
21280}
21281
21282type DeleteServiceSpecificCredentialInput struct {
21283	_ struct{} `type:"structure"`
21284
21285	// The unique identifier of the service-specific credential. You can get this
21286	// value by calling ListServiceSpecificCredentials.
21287	//
21288	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
21289	// a string of characters that can consist of any upper or lowercased letter
21290	// or digit.
21291	//
21292	// ServiceSpecificCredentialId is a required field
21293	ServiceSpecificCredentialId *string `min:"20" type:"string" required:"true"`
21294
21295	// The name of the IAM user associated with the service-specific credential.
21296	// If this value is not specified, then the operation assumes the user whose
21297	// credentials are used to call the operation.
21298	//
21299	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
21300	// a string of characters consisting of upper and lowercase alphanumeric characters
21301	// with no spaces. You can also include any of the following characters: _+=,.@-
21302	UserName *string `min:"1" type:"string"`
21303}
21304
21305// String returns the string representation
21306func (s DeleteServiceSpecificCredentialInput) String() string {
21307	return awsutil.Prettify(s)
21308}
21309
21310// GoString returns the string representation
21311func (s DeleteServiceSpecificCredentialInput) GoString() string {
21312	return s.String()
21313}
21314
21315// Validate inspects the fields of the type to determine if they are valid.
21316func (s *DeleteServiceSpecificCredentialInput) Validate() error {
21317	invalidParams := request.ErrInvalidParams{Context: "DeleteServiceSpecificCredentialInput"}
21318	if s.ServiceSpecificCredentialId == nil {
21319		invalidParams.Add(request.NewErrParamRequired("ServiceSpecificCredentialId"))
21320	}
21321	if s.ServiceSpecificCredentialId != nil && len(*s.ServiceSpecificCredentialId) < 20 {
21322		invalidParams.Add(request.NewErrParamMinLen("ServiceSpecificCredentialId", 20))
21323	}
21324	if s.UserName != nil && len(*s.UserName) < 1 {
21325		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
21326	}
21327
21328	if invalidParams.Len() > 0 {
21329		return invalidParams
21330	}
21331	return nil
21332}
21333
21334// SetServiceSpecificCredentialId sets the ServiceSpecificCredentialId field's value.
21335func (s *DeleteServiceSpecificCredentialInput) SetServiceSpecificCredentialId(v string) *DeleteServiceSpecificCredentialInput {
21336	s.ServiceSpecificCredentialId = &v
21337	return s
21338}
21339
21340// SetUserName sets the UserName field's value.
21341func (s *DeleteServiceSpecificCredentialInput) SetUserName(v string) *DeleteServiceSpecificCredentialInput {
21342	s.UserName = &v
21343	return s
21344}
21345
21346type DeleteServiceSpecificCredentialOutput struct {
21347	_ struct{} `type:"structure"`
21348}
21349
21350// String returns the string representation
21351func (s DeleteServiceSpecificCredentialOutput) String() string {
21352	return awsutil.Prettify(s)
21353}
21354
21355// GoString returns the string representation
21356func (s DeleteServiceSpecificCredentialOutput) GoString() string {
21357	return s.String()
21358}
21359
21360type DeleteSigningCertificateInput struct {
21361	_ struct{} `type:"structure"`
21362
21363	// The ID of the signing certificate to delete.
21364	//
21365	// The format of this parameter, as described by its regex (http://wikipedia.org/wiki/regex)
21366	// pattern, is a string of characters that can be upper- or lower-cased letters
21367	// or digits.
21368	//
21369	// CertificateId is a required field
21370	CertificateId *string `min:"24" type:"string" required:"true"`
21371
21372	// The name of the user the signing certificate belongs to.
21373	//
21374	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
21375	// a string of characters consisting of upper and lowercase alphanumeric characters
21376	// with no spaces. You can also include any of the following characters: _+=,.@-
21377	UserName *string `min:"1" type:"string"`
21378}
21379
21380// String returns the string representation
21381func (s DeleteSigningCertificateInput) String() string {
21382	return awsutil.Prettify(s)
21383}
21384
21385// GoString returns the string representation
21386func (s DeleteSigningCertificateInput) GoString() string {
21387	return s.String()
21388}
21389
21390// Validate inspects the fields of the type to determine if they are valid.
21391func (s *DeleteSigningCertificateInput) Validate() error {
21392	invalidParams := request.ErrInvalidParams{Context: "DeleteSigningCertificateInput"}
21393	if s.CertificateId == nil {
21394		invalidParams.Add(request.NewErrParamRequired("CertificateId"))
21395	}
21396	if s.CertificateId != nil && len(*s.CertificateId) < 24 {
21397		invalidParams.Add(request.NewErrParamMinLen("CertificateId", 24))
21398	}
21399	if s.UserName != nil && len(*s.UserName) < 1 {
21400		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
21401	}
21402
21403	if invalidParams.Len() > 0 {
21404		return invalidParams
21405	}
21406	return nil
21407}
21408
21409// SetCertificateId sets the CertificateId field's value.
21410func (s *DeleteSigningCertificateInput) SetCertificateId(v string) *DeleteSigningCertificateInput {
21411	s.CertificateId = &v
21412	return s
21413}
21414
21415// SetUserName sets the UserName field's value.
21416func (s *DeleteSigningCertificateInput) SetUserName(v string) *DeleteSigningCertificateInput {
21417	s.UserName = &v
21418	return s
21419}
21420
21421type DeleteSigningCertificateOutput struct {
21422	_ struct{} `type:"structure"`
21423}
21424
21425// String returns the string representation
21426func (s DeleteSigningCertificateOutput) String() string {
21427	return awsutil.Prettify(s)
21428}
21429
21430// GoString returns the string representation
21431func (s DeleteSigningCertificateOutput) GoString() string {
21432	return s.String()
21433}
21434
21435type DeleteUserInput struct {
21436	_ struct{} `type:"structure"`
21437
21438	// The name of the user to delete.
21439	//
21440	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
21441	// a string of characters consisting of upper and lowercase alphanumeric characters
21442	// with no spaces. You can also include any of the following characters: _+=,.@-
21443	//
21444	// UserName is a required field
21445	UserName *string `min:"1" type:"string" required:"true"`
21446}
21447
21448// String returns the string representation
21449func (s DeleteUserInput) String() string {
21450	return awsutil.Prettify(s)
21451}
21452
21453// GoString returns the string representation
21454func (s DeleteUserInput) GoString() string {
21455	return s.String()
21456}
21457
21458// Validate inspects the fields of the type to determine if they are valid.
21459func (s *DeleteUserInput) Validate() error {
21460	invalidParams := request.ErrInvalidParams{Context: "DeleteUserInput"}
21461	if s.UserName == nil {
21462		invalidParams.Add(request.NewErrParamRequired("UserName"))
21463	}
21464	if s.UserName != nil && len(*s.UserName) < 1 {
21465		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
21466	}
21467
21468	if invalidParams.Len() > 0 {
21469		return invalidParams
21470	}
21471	return nil
21472}
21473
21474// SetUserName sets the UserName field's value.
21475func (s *DeleteUserInput) SetUserName(v string) *DeleteUserInput {
21476	s.UserName = &v
21477	return s
21478}
21479
21480type DeleteUserOutput struct {
21481	_ struct{} `type:"structure"`
21482}
21483
21484// String returns the string representation
21485func (s DeleteUserOutput) String() string {
21486	return awsutil.Prettify(s)
21487}
21488
21489// GoString returns the string representation
21490func (s DeleteUserOutput) GoString() string {
21491	return s.String()
21492}
21493
21494type DeleteUserPermissionsBoundaryInput struct {
21495	_ struct{} `type:"structure"`
21496
21497	// The name (friendly name, not ARN) of the IAM user from which you want to
21498	// remove the permissions boundary.
21499	//
21500	// UserName is a required field
21501	UserName *string `min:"1" type:"string" required:"true"`
21502}
21503
21504// String returns the string representation
21505func (s DeleteUserPermissionsBoundaryInput) String() string {
21506	return awsutil.Prettify(s)
21507}
21508
21509// GoString returns the string representation
21510func (s DeleteUserPermissionsBoundaryInput) GoString() string {
21511	return s.String()
21512}
21513
21514// Validate inspects the fields of the type to determine if they are valid.
21515func (s *DeleteUserPermissionsBoundaryInput) Validate() error {
21516	invalidParams := request.ErrInvalidParams{Context: "DeleteUserPermissionsBoundaryInput"}
21517	if s.UserName == nil {
21518		invalidParams.Add(request.NewErrParamRequired("UserName"))
21519	}
21520	if s.UserName != nil && len(*s.UserName) < 1 {
21521		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
21522	}
21523
21524	if invalidParams.Len() > 0 {
21525		return invalidParams
21526	}
21527	return nil
21528}
21529
21530// SetUserName sets the UserName field's value.
21531func (s *DeleteUserPermissionsBoundaryInput) SetUserName(v string) *DeleteUserPermissionsBoundaryInput {
21532	s.UserName = &v
21533	return s
21534}
21535
21536type DeleteUserPermissionsBoundaryOutput struct {
21537	_ struct{} `type:"structure"`
21538}
21539
21540// String returns the string representation
21541func (s DeleteUserPermissionsBoundaryOutput) String() string {
21542	return awsutil.Prettify(s)
21543}
21544
21545// GoString returns the string representation
21546func (s DeleteUserPermissionsBoundaryOutput) GoString() string {
21547	return s.String()
21548}
21549
21550type DeleteUserPolicyInput struct {
21551	_ struct{} `type:"structure"`
21552
21553	// The name identifying the policy document to delete.
21554	//
21555	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
21556	// a string of characters consisting of upper and lowercase alphanumeric characters
21557	// with no spaces. You can also include any of the following characters: _+=,.@-
21558	//
21559	// PolicyName is a required field
21560	PolicyName *string `min:"1" type:"string" required:"true"`
21561
21562	// The name (friendly name, not ARN) identifying the user that the policy is
21563	// embedded in.
21564	//
21565	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
21566	// a string of characters consisting of upper and lowercase alphanumeric characters
21567	// with no spaces. You can also include any of the following characters: _+=,.@-
21568	//
21569	// UserName is a required field
21570	UserName *string `min:"1" type:"string" required:"true"`
21571}
21572
21573// String returns the string representation
21574func (s DeleteUserPolicyInput) String() string {
21575	return awsutil.Prettify(s)
21576}
21577
21578// GoString returns the string representation
21579func (s DeleteUserPolicyInput) GoString() string {
21580	return s.String()
21581}
21582
21583// Validate inspects the fields of the type to determine if they are valid.
21584func (s *DeleteUserPolicyInput) Validate() error {
21585	invalidParams := request.ErrInvalidParams{Context: "DeleteUserPolicyInput"}
21586	if s.PolicyName == nil {
21587		invalidParams.Add(request.NewErrParamRequired("PolicyName"))
21588	}
21589	if s.PolicyName != nil && len(*s.PolicyName) < 1 {
21590		invalidParams.Add(request.NewErrParamMinLen("PolicyName", 1))
21591	}
21592	if s.UserName == nil {
21593		invalidParams.Add(request.NewErrParamRequired("UserName"))
21594	}
21595	if s.UserName != nil && len(*s.UserName) < 1 {
21596		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
21597	}
21598
21599	if invalidParams.Len() > 0 {
21600		return invalidParams
21601	}
21602	return nil
21603}
21604
21605// SetPolicyName sets the PolicyName field's value.
21606func (s *DeleteUserPolicyInput) SetPolicyName(v string) *DeleteUserPolicyInput {
21607	s.PolicyName = &v
21608	return s
21609}
21610
21611// SetUserName sets the UserName field's value.
21612func (s *DeleteUserPolicyInput) SetUserName(v string) *DeleteUserPolicyInput {
21613	s.UserName = &v
21614	return s
21615}
21616
21617type DeleteUserPolicyOutput struct {
21618	_ struct{} `type:"structure"`
21619}
21620
21621// String returns the string representation
21622func (s DeleteUserPolicyOutput) String() string {
21623	return awsutil.Prettify(s)
21624}
21625
21626// GoString returns the string representation
21627func (s DeleteUserPolicyOutput) GoString() string {
21628	return s.String()
21629}
21630
21631type DeleteVirtualMFADeviceInput struct {
21632	_ struct{} `type:"structure"`
21633
21634	// The serial number that uniquely identifies the MFA device. For virtual MFA
21635	// devices, the serial number is the same as the ARN.
21636	//
21637	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
21638	// a string of characters consisting of upper and lowercase alphanumeric characters
21639	// with no spaces. You can also include any of the following characters: =,.@:/-
21640	//
21641	// SerialNumber is a required field
21642	SerialNumber *string `min:"9" type:"string" required:"true"`
21643}
21644
21645// String returns the string representation
21646func (s DeleteVirtualMFADeviceInput) String() string {
21647	return awsutil.Prettify(s)
21648}
21649
21650// GoString returns the string representation
21651func (s DeleteVirtualMFADeviceInput) GoString() string {
21652	return s.String()
21653}
21654
21655// Validate inspects the fields of the type to determine if they are valid.
21656func (s *DeleteVirtualMFADeviceInput) Validate() error {
21657	invalidParams := request.ErrInvalidParams{Context: "DeleteVirtualMFADeviceInput"}
21658	if s.SerialNumber == nil {
21659		invalidParams.Add(request.NewErrParamRequired("SerialNumber"))
21660	}
21661	if s.SerialNumber != nil && len(*s.SerialNumber) < 9 {
21662		invalidParams.Add(request.NewErrParamMinLen("SerialNumber", 9))
21663	}
21664
21665	if invalidParams.Len() > 0 {
21666		return invalidParams
21667	}
21668	return nil
21669}
21670
21671// SetSerialNumber sets the SerialNumber field's value.
21672func (s *DeleteVirtualMFADeviceInput) SetSerialNumber(v string) *DeleteVirtualMFADeviceInput {
21673	s.SerialNumber = &v
21674	return s
21675}
21676
21677type DeleteVirtualMFADeviceOutput struct {
21678	_ struct{} `type:"structure"`
21679}
21680
21681// String returns the string representation
21682func (s DeleteVirtualMFADeviceOutput) String() string {
21683	return awsutil.Prettify(s)
21684}
21685
21686// GoString returns the string representation
21687func (s DeleteVirtualMFADeviceOutput) GoString() string {
21688	return s.String()
21689}
21690
21691// The reason that the service-linked role deletion failed.
21692//
21693// This data type is used as a response element in the GetServiceLinkedRoleDeletionStatus
21694// operation.
21695type DeletionTaskFailureReasonType struct {
21696	_ struct{} `type:"structure"`
21697
21698	// A short description of the reason that the service-linked role deletion failed.
21699	Reason *string `type:"string"`
21700
21701	// A list of objects that contains details about the service-linked role deletion
21702	// failure, if that information is returned by the service. If the service-linked
21703	// role has active sessions or if any resources that were used by the role have
21704	// not been deleted from the linked service, the role can't be deleted. This
21705	// parameter includes a list of the resources that are associated with the role
21706	// and the Region in which the resources are being used.
21707	RoleUsageList []*RoleUsageType `type:"list"`
21708}
21709
21710// String returns the string representation
21711func (s DeletionTaskFailureReasonType) String() string {
21712	return awsutil.Prettify(s)
21713}
21714
21715// GoString returns the string representation
21716func (s DeletionTaskFailureReasonType) GoString() string {
21717	return s.String()
21718}
21719
21720// SetReason sets the Reason field's value.
21721func (s *DeletionTaskFailureReasonType) SetReason(v string) *DeletionTaskFailureReasonType {
21722	s.Reason = &v
21723	return s
21724}
21725
21726// SetRoleUsageList sets the RoleUsageList field's value.
21727func (s *DeletionTaskFailureReasonType) SetRoleUsageList(v []*RoleUsageType) *DeletionTaskFailureReasonType {
21728	s.RoleUsageList = v
21729	return s
21730}
21731
21732type DetachGroupPolicyInput struct {
21733	_ struct{} `type:"structure"`
21734
21735	// The name (friendly name, not ARN) of the IAM group to detach the policy from.
21736	//
21737	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
21738	// a string of characters consisting of upper and lowercase alphanumeric characters
21739	// with no spaces. You can also include any of the following characters: _+=,.@-
21740	//
21741	// GroupName is a required field
21742	GroupName *string `min:"1" type:"string" required:"true"`
21743
21744	// The Amazon Resource Name (ARN) of the IAM policy you want to detach.
21745	//
21746	// For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
21747	// in the AWS General Reference.
21748	//
21749	// PolicyArn is a required field
21750	PolicyArn *string `min:"20" type:"string" required:"true"`
21751}
21752
21753// String returns the string representation
21754func (s DetachGroupPolicyInput) String() string {
21755	return awsutil.Prettify(s)
21756}
21757
21758// GoString returns the string representation
21759func (s DetachGroupPolicyInput) GoString() string {
21760	return s.String()
21761}
21762
21763// Validate inspects the fields of the type to determine if they are valid.
21764func (s *DetachGroupPolicyInput) Validate() error {
21765	invalidParams := request.ErrInvalidParams{Context: "DetachGroupPolicyInput"}
21766	if s.GroupName == nil {
21767		invalidParams.Add(request.NewErrParamRequired("GroupName"))
21768	}
21769	if s.GroupName != nil && len(*s.GroupName) < 1 {
21770		invalidParams.Add(request.NewErrParamMinLen("GroupName", 1))
21771	}
21772	if s.PolicyArn == nil {
21773		invalidParams.Add(request.NewErrParamRequired("PolicyArn"))
21774	}
21775	if s.PolicyArn != nil && len(*s.PolicyArn) < 20 {
21776		invalidParams.Add(request.NewErrParamMinLen("PolicyArn", 20))
21777	}
21778
21779	if invalidParams.Len() > 0 {
21780		return invalidParams
21781	}
21782	return nil
21783}
21784
21785// SetGroupName sets the GroupName field's value.
21786func (s *DetachGroupPolicyInput) SetGroupName(v string) *DetachGroupPolicyInput {
21787	s.GroupName = &v
21788	return s
21789}
21790
21791// SetPolicyArn sets the PolicyArn field's value.
21792func (s *DetachGroupPolicyInput) SetPolicyArn(v string) *DetachGroupPolicyInput {
21793	s.PolicyArn = &v
21794	return s
21795}
21796
21797type DetachGroupPolicyOutput struct {
21798	_ struct{} `type:"structure"`
21799}
21800
21801// String returns the string representation
21802func (s DetachGroupPolicyOutput) String() string {
21803	return awsutil.Prettify(s)
21804}
21805
21806// GoString returns the string representation
21807func (s DetachGroupPolicyOutput) GoString() string {
21808	return s.String()
21809}
21810
21811type DetachRolePolicyInput struct {
21812	_ struct{} `type:"structure"`
21813
21814	// The Amazon Resource Name (ARN) of the IAM policy you want to detach.
21815	//
21816	// For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
21817	// in the AWS General Reference.
21818	//
21819	// PolicyArn is a required field
21820	PolicyArn *string `min:"20" type:"string" required:"true"`
21821
21822	// The name (friendly name, not ARN) of the IAM role to detach the policy from.
21823	//
21824	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
21825	// a string of characters consisting of upper and lowercase alphanumeric characters
21826	// with no spaces. You can also include any of the following characters: _+=,.@-
21827	//
21828	// RoleName is a required field
21829	RoleName *string `min:"1" type:"string" required:"true"`
21830}
21831
21832// String returns the string representation
21833func (s DetachRolePolicyInput) String() string {
21834	return awsutil.Prettify(s)
21835}
21836
21837// GoString returns the string representation
21838func (s DetachRolePolicyInput) GoString() string {
21839	return s.String()
21840}
21841
21842// Validate inspects the fields of the type to determine if they are valid.
21843func (s *DetachRolePolicyInput) Validate() error {
21844	invalidParams := request.ErrInvalidParams{Context: "DetachRolePolicyInput"}
21845	if s.PolicyArn == nil {
21846		invalidParams.Add(request.NewErrParamRequired("PolicyArn"))
21847	}
21848	if s.PolicyArn != nil && len(*s.PolicyArn) < 20 {
21849		invalidParams.Add(request.NewErrParamMinLen("PolicyArn", 20))
21850	}
21851	if s.RoleName == nil {
21852		invalidParams.Add(request.NewErrParamRequired("RoleName"))
21853	}
21854	if s.RoleName != nil && len(*s.RoleName) < 1 {
21855		invalidParams.Add(request.NewErrParamMinLen("RoleName", 1))
21856	}
21857
21858	if invalidParams.Len() > 0 {
21859		return invalidParams
21860	}
21861	return nil
21862}
21863
21864// SetPolicyArn sets the PolicyArn field's value.
21865func (s *DetachRolePolicyInput) SetPolicyArn(v string) *DetachRolePolicyInput {
21866	s.PolicyArn = &v
21867	return s
21868}
21869
21870// SetRoleName sets the RoleName field's value.
21871func (s *DetachRolePolicyInput) SetRoleName(v string) *DetachRolePolicyInput {
21872	s.RoleName = &v
21873	return s
21874}
21875
21876type DetachRolePolicyOutput struct {
21877	_ struct{} `type:"structure"`
21878}
21879
21880// String returns the string representation
21881func (s DetachRolePolicyOutput) String() string {
21882	return awsutil.Prettify(s)
21883}
21884
21885// GoString returns the string representation
21886func (s DetachRolePolicyOutput) GoString() string {
21887	return s.String()
21888}
21889
21890type DetachUserPolicyInput struct {
21891	_ struct{} `type:"structure"`
21892
21893	// The Amazon Resource Name (ARN) of the IAM policy you want to detach.
21894	//
21895	// For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
21896	// in the AWS General Reference.
21897	//
21898	// PolicyArn is a required field
21899	PolicyArn *string `min:"20" type:"string" required:"true"`
21900
21901	// The name (friendly name, not ARN) of the IAM user to detach the policy from.
21902	//
21903	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
21904	// a string of characters consisting of upper and lowercase alphanumeric characters
21905	// with no spaces. You can also include any of the following characters: _+=,.@-
21906	//
21907	// UserName is a required field
21908	UserName *string `min:"1" type:"string" required:"true"`
21909}
21910
21911// String returns the string representation
21912func (s DetachUserPolicyInput) String() string {
21913	return awsutil.Prettify(s)
21914}
21915
21916// GoString returns the string representation
21917func (s DetachUserPolicyInput) GoString() string {
21918	return s.String()
21919}
21920
21921// Validate inspects the fields of the type to determine if they are valid.
21922func (s *DetachUserPolicyInput) Validate() error {
21923	invalidParams := request.ErrInvalidParams{Context: "DetachUserPolicyInput"}
21924	if s.PolicyArn == nil {
21925		invalidParams.Add(request.NewErrParamRequired("PolicyArn"))
21926	}
21927	if s.PolicyArn != nil && len(*s.PolicyArn) < 20 {
21928		invalidParams.Add(request.NewErrParamMinLen("PolicyArn", 20))
21929	}
21930	if s.UserName == nil {
21931		invalidParams.Add(request.NewErrParamRequired("UserName"))
21932	}
21933	if s.UserName != nil && len(*s.UserName) < 1 {
21934		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
21935	}
21936
21937	if invalidParams.Len() > 0 {
21938		return invalidParams
21939	}
21940	return nil
21941}
21942
21943// SetPolicyArn sets the PolicyArn field's value.
21944func (s *DetachUserPolicyInput) SetPolicyArn(v string) *DetachUserPolicyInput {
21945	s.PolicyArn = &v
21946	return s
21947}
21948
21949// SetUserName sets the UserName field's value.
21950func (s *DetachUserPolicyInput) SetUserName(v string) *DetachUserPolicyInput {
21951	s.UserName = &v
21952	return s
21953}
21954
21955type DetachUserPolicyOutput struct {
21956	_ struct{} `type:"structure"`
21957}
21958
21959// String returns the string representation
21960func (s DetachUserPolicyOutput) String() string {
21961	return awsutil.Prettify(s)
21962}
21963
21964// GoString returns the string representation
21965func (s DetachUserPolicyOutput) GoString() string {
21966	return s.String()
21967}
21968
21969type EnableMFADeviceInput struct {
21970	_ struct{} `type:"structure"`
21971
21972	// An authentication code emitted by the device.
21973	//
21974	// The format for this parameter is a string of six digits.
21975	//
21976	// Submit your request immediately after generating the authentication codes.
21977	// If you generate the codes and then wait too long to submit the request, the
21978	// MFA device successfully associates with the user but the MFA device becomes
21979	// out of sync. This happens because time-based one-time passwords (TOTP) expire
21980	// after a short period of time. If this happens, you can resync the device
21981	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_mfa_sync.html).
21982	//
21983	// AuthenticationCode1 is a required field
21984	AuthenticationCode1 *string `min:"6" type:"string" required:"true"`
21985
21986	// A subsequent authentication code emitted by the device.
21987	//
21988	// The format for this parameter is a string of six digits.
21989	//
21990	// Submit your request immediately after generating the authentication codes.
21991	// If you generate the codes and then wait too long to submit the request, the
21992	// MFA device successfully associates with the user but the MFA device becomes
21993	// out of sync. This happens because time-based one-time passwords (TOTP) expire
21994	// after a short period of time. If this happens, you can resync the device
21995	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_mfa_sync.html).
21996	//
21997	// AuthenticationCode2 is a required field
21998	AuthenticationCode2 *string `min:"6" type:"string" required:"true"`
21999
22000	// The serial number that uniquely identifies the MFA device. For virtual MFA
22001	// devices, the serial number is the device ARN.
22002	//
22003	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
22004	// a string of characters consisting of upper and lowercase alphanumeric characters
22005	// with no spaces. You can also include any of the following characters: =,.@:/-
22006	//
22007	// SerialNumber is a required field
22008	SerialNumber *string `min:"9" type:"string" required:"true"`
22009
22010	// The name of the IAM user for whom you want to enable the MFA device.
22011	//
22012	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
22013	// a string of characters consisting of upper and lowercase alphanumeric characters
22014	// with no spaces. You can also include any of the following characters: _+=,.@-
22015	//
22016	// UserName is a required field
22017	UserName *string `min:"1" type:"string" required:"true"`
22018}
22019
22020// String returns the string representation
22021func (s EnableMFADeviceInput) String() string {
22022	return awsutil.Prettify(s)
22023}
22024
22025// GoString returns the string representation
22026func (s EnableMFADeviceInput) GoString() string {
22027	return s.String()
22028}
22029
22030// Validate inspects the fields of the type to determine if they are valid.
22031func (s *EnableMFADeviceInput) Validate() error {
22032	invalidParams := request.ErrInvalidParams{Context: "EnableMFADeviceInput"}
22033	if s.AuthenticationCode1 == nil {
22034		invalidParams.Add(request.NewErrParamRequired("AuthenticationCode1"))
22035	}
22036	if s.AuthenticationCode1 != nil && len(*s.AuthenticationCode1) < 6 {
22037		invalidParams.Add(request.NewErrParamMinLen("AuthenticationCode1", 6))
22038	}
22039	if s.AuthenticationCode2 == nil {
22040		invalidParams.Add(request.NewErrParamRequired("AuthenticationCode2"))
22041	}
22042	if s.AuthenticationCode2 != nil && len(*s.AuthenticationCode2) < 6 {
22043		invalidParams.Add(request.NewErrParamMinLen("AuthenticationCode2", 6))
22044	}
22045	if s.SerialNumber == nil {
22046		invalidParams.Add(request.NewErrParamRequired("SerialNumber"))
22047	}
22048	if s.SerialNumber != nil && len(*s.SerialNumber) < 9 {
22049		invalidParams.Add(request.NewErrParamMinLen("SerialNumber", 9))
22050	}
22051	if s.UserName == nil {
22052		invalidParams.Add(request.NewErrParamRequired("UserName"))
22053	}
22054	if s.UserName != nil && len(*s.UserName) < 1 {
22055		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
22056	}
22057
22058	if invalidParams.Len() > 0 {
22059		return invalidParams
22060	}
22061	return nil
22062}
22063
22064// SetAuthenticationCode1 sets the AuthenticationCode1 field's value.
22065func (s *EnableMFADeviceInput) SetAuthenticationCode1(v string) *EnableMFADeviceInput {
22066	s.AuthenticationCode1 = &v
22067	return s
22068}
22069
22070// SetAuthenticationCode2 sets the AuthenticationCode2 field's value.
22071func (s *EnableMFADeviceInput) SetAuthenticationCode2(v string) *EnableMFADeviceInput {
22072	s.AuthenticationCode2 = &v
22073	return s
22074}
22075
22076// SetSerialNumber sets the SerialNumber field's value.
22077func (s *EnableMFADeviceInput) SetSerialNumber(v string) *EnableMFADeviceInput {
22078	s.SerialNumber = &v
22079	return s
22080}
22081
22082// SetUserName sets the UserName field's value.
22083func (s *EnableMFADeviceInput) SetUserName(v string) *EnableMFADeviceInput {
22084	s.UserName = &v
22085	return s
22086}
22087
22088type EnableMFADeviceOutput struct {
22089	_ struct{} `type:"structure"`
22090}
22091
22092// String returns the string representation
22093func (s EnableMFADeviceOutput) String() string {
22094	return awsutil.Prettify(s)
22095}
22096
22097// GoString returns the string representation
22098func (s EnableMFADeviceOutput) GoString() string {
22099	return s.String()
22100}
22101
22102// An object that contains details about when the IAM entities (users or roles)
22103// were last used in an attempt to access the specified AWS service.
22104//
22105// This data type is a response element in the GetServiceLastAccessedDetailsWithEntities
22106// operation.
22107type EntityDetails struct {
22108	_ struct{} `type:"structure"`
22109
22110	// The EntityInfo object that contains details about the entity (user or role).
22111	//
22112	// EntityInfo is a required field
22113	EntityInfo *EntityInfo `type:"structure" required:"true"`
22114
22115	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
22116	// when the authenticated entity last attempted to access AWS. AWS does not
22117	// report unauthenticated requests.
22118	//
22119	// This field is null if no IAM entities attempted to access the service within
22120	// the reporting period (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#service-last-accessed-reporting-period).
22121	LastAuthenticated *time.Time `type:"timestamp"`
22122}
22123
22124// String returns the string representation
22125func (s EntityDetails) String() string {
22126	return awsutil.Prettify(s)
22127}
22128
22129// GoString returns the string representation
22130func (s EntityDetails) GoString() string {
22131	return s.String()
22132}
22133
22134// SetEntityInfo sets the EntityInfo field's value.
22135func (s *EntityDetails) SetEntityInfo(v *EntityInfo) *EntityDetails {
22136	s.EntityInfo = v
22137	return s
22138}
22139
22140// SetLastAuthenticated sets the LastAuthenticated field's value.
22141func (s *EntityDetails) SetLastAuthenticated(v time.Time) *EntityDetails {
22142	s.LastAuthenticated = &v
22143	return s
22144}
22145
22146// Contains details about the specified entity (user or role).
22147//
22148// This data type is an element of the EntityDetails object.
22149type EntityInfo struct {
22150	_ struct{} `type:"structure"`
22151
22152	// The Amazon Resource Name (ARN). ARNs are unique identifiers for AWS resources.
22153	//
22154	// For more information about ARNs, go to Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
22155	// in the AWS General Reference.
22156	//
22157	// Arn is a required field
22158	Arn *string `min:"20" type:"string" required:"true"`
22159
22160	// The identifier of the entity (user or role).
22161	//
22162	// Id is a required field
22163	Id *string `min:"16" type:"string" required:"true"`
22164
22165	// The name of the entity (user or role).
22166	//
22167	// Name is a required field
22168	Name *string `min:"1" type:"string" required:"true"`
22169
22170	// The path to the entity (user or role). For more information about paths,
22171	// see IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
22172	// in the IAM User Guide.
22173	Path *string `min:"1" type:"string"`
22174
22175	// The type of entity (user or role).
22176	//
22177	// Type is a required field
22178	Type *string `type:"string" required:"true" enum:"PolicyOwnerEntityType"`
22179}
22180
22181// String returns the string representation
22182func (s EntityInfo) String() string {
22183	return awsutil.Prettify(s)
22184}
22185
22186// GoString returns the string representation
22187func (s EntityInfo) GoString() string {
22188	return s.String()
22189}
22190
22191// SetArn sets the Arn field's value.
22192func (s *EntityInfo) SetArn(v string) *EntityInfo {
22193	s.Arn = &v
22194	return s
22195}
22196
22197// SetId sets the Id field's value.
22198func (s *EntityInfo) SetId(v string) *EntityInfo {
22199	s.Id = &v
22200	return s
22201}
22202
22203// SetName sets the Name field's value.
22204func (s *EntityInfo) SetName(v string) *EntityInfo {
22205	s.Name = &v
22206	return s
22207}
22208
22209// SetPath sets the Path field's value.
22210func (s *EntityInfo) SetPath(v string) *EntityInfo {
22211	s.Path = &v
22212	return s
22213}
22214
22215// SetType sets the Type field's value.
22216func (s *EntityInfo) SetType(v string) *EntityInfo {
22217	s.Type = &v
22218	return s
22219}
22220
22221// Contains information about the reason that the operation failed.
22222//
22223// This data type is used as a response element in the GetOrganizationsAccessReport,
22224// GetServiceLastAccessedDetails, and GetServiceLastAccessedDetailsWithEntities
22225// operations.
22226type ErrorDetails struct {
22227	_ struct{} `type:"structure"`
22228
22229	// The error code associated with the operation failure.
22230	//
22231	// Code is a required field
22232	Code *string `type:"string" required:"true"`
22233
22234	// Detailed information about the reason that the operation failed.
22235	//
22236	// Message is a required field
22237	Message *string `type:"string" required:"true"`
22238}
22239
22240// String returns the string representation
22241func (s ErrorDetails) String() string {
22242	return awsutil.Prettify(s)
22243}
22244
22245// GoString returns the string representation
22246func (s ErrorDetails) GoString() string {
22247	return s.String()
22248}
22249
22250// SetCode sets the Code field's value.
22251func (s *ErrorDetails) SetCode(v string) *ErrorDetails {
22252	s.Code = &v
22253	return s
22254}
22255
22256// SetMessage sets the Message field's value.
22257func (s *ErrorDetails) SetMessage(v string) *ErrorDetails {
22258	s.Message = &v
22259	return s
22260}
22261
22262// Contains the results of a simulation.
22263//
22264// This data type is used by the return parameter of SimulateCustomPolicy and
22265// SimulatePrincipalPolicy .
22266type EvaluationResult struct {
22267	_ struct{} `type:"structure"`
22268
22269	// The name of the API operation tested on the indicated resource.
22270	//
22271	// EvalActionName is a required field
22272	EvalActionName *string `min:"3" type:"string" required:"true"`
22273
22274	// The result of the simulation.
22275	//
22276	// EvalDecision is a required field
22277	EvalDecision *string `type:"string" required:"true" enum:"PolicyEvaluationDecisionType"`
22278
22279	// Additional details about the results of the cross-account evaluation decision.
22280	// This parameter is populated for only cross-account simulations. It contains
22281	// a brief summary of how each policy type contributes to the final evaluation
22282	// decision.
22283	//
22284	// If the simulation evaluates policies within the same account and includes
22285	// a resource ARN, then the parameter is present but the response is empty.
22286	// If the simulation evaluates policies within the same account and specifies
22287	// all resources (*), then the parameter is not returned.
22288	//
22289	// When you make a cross-account request, AWS evaluates the request in the trusting
22290	// account and the trusted account. The request is allowed only if both evaluations
22291	// return true. For more information about how policies are evaluated, see Evaluating
22292	// policies within a single account (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluation-logic.html#policy-eval-basics).
22293	//
22294	// If an AWS Organizations SCP included in the evaluation denies access, the
22295	// simulation ends. In this case, policy evaluation does not proceed any further
22296	// and this parameter is not returned.
22297	EvalDecisionDetails map[string]*string `type:"map"`
22298
22299	// The ARN of the resource that the indicated API operation was tested on.
22300	EvalResourceName *string `min:"1" type:"string"`
22301
22302	// A list of the statements in the input policies that determine the result
22303	// for this scenario. Remember that even if multiple statements allow the operation
22304	// on the resource, if only one statement denies that operation, then the explicit
22305	// deny overrides any allow. In addition, the deny statement is the only entry
22306	// included in the result.
22307	MatchedStatements []*Statement `type:"list"`
22308
22309	// A list of context keys that are required by the included input policies but
22310	// that were not provided by one of the input parameters. This list is used
22311	// when the resource in a simulation is "*", either explicitly, or when the
22312	// ResourceArns parameter blank. If you include a list of resources, then any
22313	// missing context values are instead included under the ResourceSpecificResults
22314	// section. To discover the context keys used by a set of policies, you can
22315	// call GetContextKeysForCustomPolicy or GetContextKeysForPrincipalPolicy.
22316	MissingContextValues []*string `type:"list"`
22317
22318	// A structure that details how Organizations and its service control policies
22319	// affect the results of the simulation. Only applies if the simulated user's
22320	// account is part of an organization.
22321	OrganizationsDecisionDetail *OrganizationsDecisionDetail `type:"structure"`
22322
22323	// Contains information about the effect that a permissions boundary has on
22324	// a policy simulation when the boundary is applied to an IAM entity.
22325	PermissionsBoundaryDecisionDetail *PermissionsBoundaryDecisionDetail `type:"structure"`
22326
22327	// The individual results of the simulation of the API operation specified in
22328	// EvalActionName on each resource.
22329	ResourceSpecificResults []*ResourceSpecificResult `type:"list"`
22330}
22331
22332// String returns the string representation
22333func (s EvaluationResult) String() string {
22334	return awsutil.Prettify(s)
22335}
22336
22337// GoString returns the string representation
22338func (s EvaluationResult) GoString() string {
22339	return s.String()
22340}
22341
22342// SetEvalActionName sets the EvalActionName field's value.
22343func (s *EvaluationResult) SetEvalActionName(v string) *EvaluationResult {
22344	s.EvalActionName = &v
22345	return s
22346}
22347
22348// SetEvalDecision sets the EvalDecision field's value.
22349func (s *EvaluationResult) SetEvalDecision(v string) *EvaluationResult {
22350	s.EvalDecision = &v
22351	return s
22352}
22353
22354// SetEvalDecisionDetails sets the EvalDecisionDetails field's value.
22355func (s *EvaluationResult) SetEvalDecisionDetails(v map[string]*string) *EvaluationResult {
22356	s.EvalDecisionDetails = v
22357	return s
22358}
22359
22360// SetEvalResourceName sets the EvalResourceName field's value.
22361func (s *EvaluationResult) SetEvalResourceName(v string) *EvaluationResult {
22362	s.EvalResourceName = &v
22363	return s
22364}
22365
22366// SetMatchedStatements sets the MatchedStatements field's value.
22367func (s *EvaluationResult) SetMatchedStatements(v []*Statement) *EvaluationResult {
22368	s.MatchedStatements = v
22369	return s
22370}
22371
22372// SetMissingContextValues sets the MissingContextValues field's value.
22373func (s *EvaluationResult) SetMissingContextValues(v []*string) *EvaluationResult {
22374	s.MissingContextValues = v
22375	return s
22376}
22377
22378// SetOrganizationsDecisionDetail sets the OrganizationsDecisionDetail field's value.
22379func (s *EvaluationResult) SetOrganizationsDecisionDetail(v *OrganizationsDecisionDetail) *EvaluationResult {
22380	s.OrganizationsDecisionDetail = v
22381	return s
22382}
22383
22384// SetPermissionsBoundaryDecisionDetail sets the PermissionsBoundaryDecisionDetail field's value.
22385func (s *EvaluationResult) SetPermissionsBoundaryDecisionDetail(v *PermissionsBoundaryDecisionDetail) *EvaluationResult {
22386	s.PermissionsBoundaryDecisionDetail = v
22387	return s
22388}
22389
22390// SetResourceSpecificResults sets the ResourceSpecificResults field's value.
22391func (s *EvaluationResult) SetResourceSpecificResults(v []*ResourceSpecificResult) *EvaluationResult {
22392	s.ResourceSpecificResults = v
22393	return s
22394}
22395
22396type GenerateCredentialReportInput struct {
22397	_ struct{} `type:"structure"`
22398}
22399
22400// String returns the string representation
22401func (s GenerateCredentialReportInput) String() string {
22402	return awsutil.Prettify(s)
22403}
22404
22405// GoString returns the string representation
22406func (s GenerateCredentialReportInput) GoString() string {
22407	return s.String()
22408}
22409
22410// Contains the response to a successful GenerateCredentialReport request.
22411type GenerateCredentialReportOutput struct {
22412	_ struct{} `type:"structure"`
22413
22414	// Information about the credential report.
22415	Description *string `type:"string"`
22416
22417	// Information about the state of the credential report.
22418	State *string `type:"string" enum:"ReportStateType"`
22419}
22420
22421// String returns the string representation
22422func (s GenerateCredentialReportOutput) String() string {
22423	return awsutil.Prettify(s)
22424}
22425
22426// GoString returns the string representation
22427func (s GenerateCredentialReportOutput) GoString() string {
22428	return s.String()
22429}
22430
22431// SetDescription sets the Description field's value.
22432func (s *GenerateCredentialReportOutput) SetDescription(v string) *GenerateCredentialReportOutput {
22433	s.Description = &v
22434	return s
22435}
22436
22437// SetState sets the State field's value.
22438func (s *GenerateCredentialReportOutput) SetState(v string) *GenerateCredentialReportOutput {
22439	s.State = &v
22440	return s
22441}
22442
22443type GenerateOrganizationsAccessReportInput struct {
22444	_ struct{} `type:"structure"`
22445
22446	// The path of the AWS Organizations entity (root, OU, or account). You can
22447	// build an entity path using the known structure of your organization. For
22448	// example, assume that your account ID is 123456789012 and its parent OU ID
22449	// is ou-rge0-awsabcde. The organization root ID is r-f6g7h8i9j0example and
22450	// your organization ID is o-a1b2c3d4e5. Your entity path is o-a1b2c3d4e5/r-f6g7h8i9j0example/ou-rge0-awsabcde/123456789012.
22451	//
22452	// EntityPath is a required field
22453	EntityPath *string `min:"19" type:"string" required:"true"`
22454
22455	// The identifier of the AWS Organizations service control policy (SCP). This
22456	// parameter is optional.
22457	//
22458	// This ID is used to generate information about when an account principal that
22459	// is limited by the SCP attempted to access an AWS service.
22460	OrganizationsPolicyId *string `type:"string"`
22461}
22462
22463// String returns the string representation
22464func (s GenerateOrganizationsAccessReportInput) String() string {
22465	return awsutil.Prettify(s)
22466}
22467
22468// GoString returns the string representation
22469func (s GenerateOrganizationsAccessReportInput) GoString() string {
22470	return s.String()
22471}
22472
22473// Validate inspects the fields of the type to determine if they are valid.
22474func (s *GenerateOrganizationsAccessReportInput) Validate() error {
22475	invalidParams := request.ErrInvalidParams{Context: "GenerateOrganizationsAccessReportInput"}
22476	if s.EntityPath == nil {
22477		invalidParams.Add(request.NewErrParamRequired("EntityPath"))
22478	}
22479	if s.EntityPath != nil && len(*s.EntityPath) < 19 {
22480		invalidParams.Add(request.NewErrParamMinLen("EntityPath", 19))
22481	}
22482
22483	if invalidParams.Len() > 0 {
22484		return invalidParams
22485	}
22486	return nil
22487}
22488
22489// SetEntityPath sets the EntityPath field's value.
22490func (s *GenerateOrganizationsAccessReportInput) SetEntityPath(v string) *GenerateOrganizationsAccessReportInput {
22491	s.EntityPath = &v
22492	return s
22493}
22494
22495// SetOrganizationsPolicyId sets the OrganizationsPolicyId field's value.
22496func (s *GenerateOrganizationsAccessReportInput) SetOrganizationsPolicyId(v string) *GenerateOrganizationsAccessReportInput {
22497	s.OrganizationsPolicyId = &v
22498	return s
22499}
22500
22501type GenerateOrganizationsAccessReportOutput struct {
22502	_ struct{} `type:"structure"`
22503
22504	// The job identifier that you can use in the GetOrganizationsAccessReport operation.
22505	JobId *string `min:"36" type:"string"`
22506}
22507
22508// String returns the string representation
22509func (s GenerateOrganizationsAccessReportOutput) String() string {
22510	return awsutil.Prettify(s)
22511}
22512
22513// GoString returns the string representation
22514func (s GenerateOrganizationsAccessReportOutput) GoString() string {
22515	return s.String()
22516}
22517
22518// SetJobId sets the JobId field's value.
22519func (s *GenerateOrganizationsAccessReportOutput) SetJobId(v string) *GenerateOrganizationsAccessReportOutput {
22520	s.JobId = &v
22521	return s
22522}
22523
22524type GenerateServiceLastAccessedDetailsInput struct {
22525	_ struct{} `type:"structure"`
22526
22527	// The ARN of the IAM resource (user, group, role, or managed policy) used to
22528	// generate information about when the resource was last used in an attempt
22529	// to access an AWS service.
22530	//
22531	// Arn is a required field
22532	Arn *string `min:"20" type:"string" required:"true"`
22533
22534	// The level of detail that you want to generate. You can specify whether you
22535	// want to generate information about the last attempt to access services or
22536	// actions. If you specify service-level granularity, this operation generates
22537	// only service data. If you specify action-level granularity, it generates
22538	// service and action data. If you don't include this optional parameter, the
22539	// operation generates service data.
22540	Granularity *string `type:"string" enum:"AccessAdvisorUsageGranularityType"`
22541}
22542
22543// String returns the string representation
22544func (s GenerateServiceLastAccessedDetailsInput) String() string {
22545	return awsutil.Prettify(s)
22546}
22547
22548// GoString returns the string representation
22549func (s GenerateServiceLastAccessedDetailsInput) GoString() string {
22550	return s.String()
22551}
22552
22553// Validate inspects the fields of the type to determine if they are valid.
22554func (s *GenerateServiceLastAccessedDetailsInput) Validate() error {
22555	invalidParams := request.ErrInvalidParams{Context: "GenerateServiceLastAccessedDetailsInput"}
22556	if s.Arn == nil {
22557		invalidParams.Add(request.NewErrParamRequired("Arn"))
22558	}
22559	if s.Arn != nil && len(*s.Arn) < 20 {
22560		invalidParams.Add(request.NewErrParamMinLen("Arn", 20))
22561	}
22562
22563	if invalidParams.Len() > 0 {
22564		return invalidParams
22565	}
22566	return nil
22567}
22568
22569// SetArn sets the Arn field's value.
22570func (s *GenerateServiceLastAccessedDetailsInput) SetArn(v string) *GenerateServiceLastAccessedDetailsInput {
22571	s.Arn = &v
22572	return s
22573}
22574
22575// SetGranularity sets the Granularity field's value.
22576func (s *GenerateServiceLastAccessedDetailsInput) SetGranularity(v string) *GenerateServiceLastAccessedDetailsInput {
22577	s.Granularity = &v
22578	return s
22579}
22580
22581type GenerateServiceLastAccessedDetailsOutput struct {
22582	_ struct{} `type:"structure"`
22583
22584	// The JobId that you can use in the GetServiceLastAccessedDetails or GetServiceLastAccessedDetailsWithEntities
22585	// operations. The JobId returned by GenerateServiceLastAccessedDetail must
22586	// be used by the same role within a session, or by the same user when used
22587	// to call GetServiceLastAccessedDetail.
22588	JobId *string `min:"36" type:"string"`
22589}
22590
22591// String returns the string representation
22592func (s GenerateServiceLastAccessedDetailsOutput) String() string {
22593	return awsutil.Prettify(s)
22594}
22595
22596// GoString returns the string representation
22597func (s GenerateServiceLastAccessedDetailsOutput) GoString() string {
22598	return s.String()
22599}
22600
22601// SetJobId sets the JobId field's value.
22602func (s *GenerateServiceLastAccessedDetailsOutput) SetJobId(v string) *GenerateServiceLastAccessedDetailsOutput {
22603	s.JobId = &v
22604	return s
22605}
22606
22607type GetAccessKeyLastUsedInput struct {
22608	_ struct{} `type:"structure"`
22609
22610	// The identifier of an access key.
22611	//
22612	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
22613	// a string of characters that can consist of any upper or lowercased letter
22614	// or digit.
22615	//
22616	// AccessKeyId is a required field
22617	AccessKeyId *string `min:"16" type:"string" required:"true"`
22618}
22619
22620// String returns the string representation
22621func (s GetAccessKeyLastUsedInput) String() string {
22622	return awsutil.Prettify(s)
22623}
22624
22625// GoString returns the string representation
22626func (s GetAccessKeyLastUsedInput) GoString() string {
22627	return s.String()
22628}
22629
22630// Validate inspects the fields of the type to determine if they are valid.
22631func (s *GetAccessKeyLastUsedInput) Validate() error {
22632	invalidParams := request.ErrInvalidParams{Context: "GetAccessKeyLastUsedInput"}
22633	if s.AccessKeyId == nil {
22634		invalidParams.Add(request.NewErrParamRequired("AccessKeyId"))
22635	}
22636	if s.AccessKeyId != nil && len(*s.AccessKeyId) < 16 {
22637		invalidParams.Add(request.NewErrParamMinLen("AccessKeyId", 16))
22638	}
22639
22640	if invalidParams.Len() > 0 {
22641		return invalidParams
22642	}
22643	return nil
22644}
22645
22646// SetAccessKeyId sets the AccessKeyId field's value.
22647func (s *GetAccessKeyLastUsedInput) SetAccessKeyId(v string) *GetAccessKeyLastUsedInput {
22648	s.AccessKeyId = &v
22649	return s
22650}
22651
22652// Contains the response to a successful GetAccessKeyLastUsed request. It is
22653// also returned as a member of the AccessKeyMetaData structure returned by
22654// the ListAccessKeys action.
22655type GetAccessKeyLastUsedOutput struct {
22656	_ struct{} `type:"structure"`
22657
22658	// Contains information about the last time the access key was used.
22659	AccessKeyLastUsed *AccessKeyLastUsed `type:"structure"`
22660
22661	// The name of the AWS IAM user that owns this access key.
22662	UserName *string `min:"1" type:"string"`
22663}
22664
22665// String returns the string representation
22666func (s GetAccessKeyLastUsedOutput) String() string {
22667	return awsutil.Prettify(s)
22668}
22669
22670// GoString returns the string representation
22671func (s GetAccessKeyLastUsedOutput) GoString() string {
22672	return s.String()
22673}
22674
22675// SetAccessKeyLastUsed sets the AccessKeyLastUsed field's value.
22676func (s *GetAccessKeyLastUsedOutput) SetAccessKeyLastUsed(v *AccessKeyLastUsed) *GetAccessKeyLastUsedOutput {
22677	s.AccessKeyLastUsed = v
22678	return s
22679}
22680
22681// SetUserName sets the UserName field's value.
22682func (s *GetAccessKeyLastUsedOutput) SetUserName(v string) *GetAccessKeyLastUsedOutput {
22683	s.UserName = &v
22684	return s
22685}
22686
22687type GetAccountAuthorizationDetailsInput struct {
22688	_ struct{} `type:"structure"`
22689
22690	// A list of entity types used to filter the results. Only the entities that
22691	// match the types you specify are included in the output. Use the value LocalManagedPolicy
22692	// to include customer managed policies.
22693	//
22694	// The format for this parameter is a comma-separated (if more than one) list
22695	// of strings. Each string value in the list must be one of the valid values
22696	// listed below.
22697	Filter []*string `type:"list"`
22698
22699	// Use this parameter only when paginating results and only after you receive
22700	// a response indicating that the results are truncated. Set it to the value
22701	// of the Marker element in the response that you received to indicate where
22702	// the next call should start.
22703	Marker *string `min:"1" type:"string"`
22704
22705	// Use this only when paginating results to indicate the maximum number of items
22706	// you want in the response. If additional items exist beyond the maximum you
22707	// specify, the IsTruncated response element is true.
22708	//
22709	// If you do not include this parameter, the number of items defaults to 100.
22710	// Note that IAM might return fewer results, even when there are more results
22711	// available. In that case, the IsTruncated response element returns true, and
22712	// Marker contains a value to include in the subsequent call that tells the
22713	// service where to continue from.
22714	MaxItems *int64 `min:"1" type:"integer"`
22715}
22716
22717// String returns the string representation
22718func (s GetAccountAuthorizationDetailsInput) String() string {
22719	return awsutil.Prettify(s)
22720}
22721
22722// GoString returns the string representation
22723func (s GetAccountAuthorizationDetailsInput) GoString() string {
22724	return s.String()
22725}
22726
22727// Validate inspects the fields of the type to determine if they are valid.
22728func (s *GetAccountAuthorizationDetailsInput) Validate() error {
22729	invalidParams := request.ErrInvalidParams{Context: "GetAccountAuthorizationDetailsInput"}
22730	if s.Marker != nil && len(*s.Marker) < 1 {
22731		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
22732	}
22733	if s.MaxItems != nil && *s.MaxItems < 1 {
22734		invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1))
22735	}
22736
22737	if invalidParams.Len() > 0 {
22738		return invalidParams
22739	}
22740	return nil
22741}
22742
22743// SetFilter sets the Filter field's value.
22744func (s *GetAccountAuthorizationDetailsInput) SetFilter(v []*string) *GetAccountAuthorizationDetailsInput {
22745	s.Filter = v
22746	return s
22747}
22748
22749// SetMarker sets the Marker field's value.
22750func (s *GetAccountAuthorizationDetailsInput) SetMarker(v string) *GetAccountAuthorizationDetailsInput {
22751	s.Marker = &v
22752	return s
22753}
22754
22755// SetMaxItems sets the MaxItems field's value.
22756func (s *GetAccountAuthorizationDetailsInput) SetMaxItems(v int64) *GetAccountAuthorizationDetailsInput {
22757	s.MaxItems = &v
22758	return s
22759}
22760
22761// Contains the response to a successful GetAccountAuthorizationDetails request.
22762type GetAccountAuthorizationDetailsOutput struct {
22763	_ struct{} `type:"structure"`
22764
22765	// A list containing information about IAM groups.
22766	GroupDetailList []*GroupDetail `type:"list"`
22767
22768	// A flag that indicates whether there are more items to return. If your results
22769	// were truncated, you can make a subsequent pagination request using the Marker
22770	// request parameter to retrieve more items. Note that IAM might return fewer
22771	// than the MaxItems number of results even when there are more results available.
22772	// We recommend that you check IsTruncated after every call to ensure that you
22773	// receive all your results.
22774	IsTruncated *bool `type:"boolean"`
22775
22776	// When IsTruncated is true, this element is present and contains the value
22777	// to use for the Marker parameter in a subsequent pagination request.
22778	Marker *string `type:"string"`
22779
22780	// A list containing information about managed policies.
22781	Policies []*ManagedPolicyDetail `type:"list"`
22782
22783	// A list containing information about IAM roles.
22784	RoleDetailList []*RoleDetail `type:"list"`
22785
22786	// A list containing information about IAM users.
22787	UserDetailList []*UserDetail `type:"list"`
22788}
22789
22790// String returns the string representation
22791func (s GetAccountAuthorizationDetailsOutput) String() string {
22792	return awsutil.Prettify(s)
22793}
22794
22795// GoString returns the string representation
22796func (s GetAccountAuthorizationDetailsOutput) GoString() string {
22797	return s.String()
22798}
22799
22800// SetGroupDetailList sets the GroupDetailList field's value.
22801func (s *GetAccountAuthorizationDetailsOutput) SetGroupDetailList(v []*GroupDetail) *GetAccountAuthorizationDetailsOutput {
22802	s.GroupDetailList = v
22803	return s
22804}
22805
22806// SetIsTruncated sets the IsTruncated field's value.
22807func (s *GetAccountAuthorizationDetailsOutput) SetIsTruncated(v bool) *GetAccountAuthorizationDetailsOutput {
22808	s.IsTruncated = &v
22809	return s
22810}
22811
22812// SetMarker sets the Marker field's value.
22813func (s *GetAccountAuthorizationDetailsOutput) SetMarker(v string) *GetAccountAuthorizationDetailsOutput {
22814	s.Marker = &v
22815	return s
22816}
22817
22818// SetPolicies sets the Policies field's value.
22819func (s *GetAccountAuthorizationDetailsOutput) SetPolicies(v []*ManagedPolicyDetail) *GetAccountAuthorizationDetailsOutput {
22820	s.Policies = v
22821	return s
22822}
22823
22824// SetRoleDetailList sets the RoleDetailList field's value.
22825func (s *GetAccountAuthorizationDetailsOutput) SetRoleDetailList(v []*RoleDetail) *GetAccountAuthorizationDetailsOutput {
22826	s.RoleDetailList = v
22827	return s
22828}
22829
22830// SetUserDetailList sets the UserDetailList field's value.
22831func (s *GetAccountAuthorizationDetailsOutput) SetUserDetailList(v []*UserDetail) *GetAccountAuthorizationDetailsOutput {
22832	s.UserDetailList = v
22833	return s
22834}
22835
22836type GetAccountPasswordPolicyInput struct {
22837	_ struct{} `type:"structure"`
22838}
22839
22840// String returns the string representation
22841func (s GetAccountPasswordPolicyInput) String() string {
22842	return awsutil.Prettify(s)
22843}
22844
22845// GoString returns the string representation
22846func (s GetAccountPasswordPolicyInput) GoString() string {
22847	return s.String()
22848}
22849
22850// Contains the response to a successful GetAccountPasswordPolicy request.
22851type GetAccountPasswordPolicyOutput struct {
22852	_ struct{} `type:"structure"`
22853
22854	// A structure that contains details about the account's password policy.
22855	//
22856	// PasswordPolicy is a required field
22857	PasswordPolicy *PasswordPolicy `type:"structure" required:"true"`
22858}
22859
22860// String returns the string representation
22861func (s GetAccountPasswordPolicyOutput) String() string {
22862	return awsutil.Prettify(s)
22863}
22864
22865// GoString returns the string representation
22866func (s GetAccountPasswordPolicyOutput) GoString() string {
22867	return s.String()
22868}
22869
22870// SetPasswordPolicy sets the PasswordPolicy field's value.
22871func (s *GetAccountPasswordPolicyOutput) SetPasswordPolicy(v *PasswordPolicy) *GetAccountPasswordPolicyOutput {
22872	s.PasswordPolicy = v
22873	return s
22874}
22875
22876type GetAccountSummaryInput struct {
22877	_ struct{} `type:"structure"`
22878}
22879
22880// String returns the string representation
22881func (s GetAccountSummaryInput) String() string {
22882	return awsutil.Prettify(s)
22883}
22884
22885// GoString returns the string representation
22886func (s GetAccountSummaryInput) GoString() string {
22887	return s.String()
22888}
22889
22890// Contains the response to a successful GetAccountSummary request.
22891type GetAccountSummaryOutput struct {
22892	_ struct{} `type:"structure"`
22893
22894	// A set of key–value pairs containing information about IAM entity usage
22895	// and IAM quotas.
22896	SummaryMap map[string]*int64 `type:"map"`
22897}
22898
22899// String returns the string representation
22900func (s GetAccountSummaryOutput) String() string {
22901	return awsutil.Prettify(s)
22902}
22903
22904// GoString returns the string representation
22905func (s GetAccountSummaryOutput) GoString() string {
22906	return s.String()
22907}
22908
22909// SetSummaryMap sets the SummaryMap field's value.
22910func (s *GetAccountSummaryOutput) SetSummaryMap(v map[string]*int64) *GetAccountSummaryOutput {
22911	s.SummaryMap = v
22912	return s
22913}
22914
22915type GetContextKeysForCustomPolicyInput struct {
22916	_ struct{} `type:"structure"`
22917
22918	// A list of policies for which you want the list of context keys referenced
22919	// in those policies. Each document is specified as a string containing the
22920	// complete, valid JSON text of an IAM policy.
22921	//
22922	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
22923	// parameter is a string of characters consisting of the following:
22924	//
22925	//    * Any printable ASCII character ranging from the space character (\u0020)
22926	//    through the end of the ASCII character range
22927	//
22928	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
22929	//    set (through \u00FF)
22930	//
22931	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
22932	//    return (\u000D)
22933	//
22934	// PolicyInputList is a required field
22935	PolicyInputList []*string `type:"list" required:"true"`
22936}
22937
22938// String returns the string representation
22939func (s GetContextKeysForCustomPolicyInput) String() string {
22940	return awsutil.Prettify(s)
22941}
22942
22943// GoString returns the string representation
22944func (s GetContextKeysForCustomPolicyInput) GoString() string {
22945	return s.String()
22946}
22947
22948// Validate inspects the fields of the type to determine if they are valid.
22949func (s *GetContextKeysForCustomPolicyInput) Validate() error {
22950	invalidParams := request.ErrInvalidParams{Context: "GetContextKeysForCustomPolicyInput"}
22951	if s.PolicyInputList == nil {
22952		invalidParams.Add(request.NewErrParamRequired("PolicyInputList"))
22953	}
22954
22955	if invalidParams.Len() > 0 {
22956		return invalidParams
22957	}
22958	return nil
22959}
22960
22961// SetPolicyInputList sets the PolicyInputList field's value.
22962func (s *GetContextKeysForCustomPolicyInput) SetPolicyInputList(v []*string) *GetContextKeysForCustomPolicyInput {
22963	s.PolicyInputList = v
22964	return s
22965}
22966
22967// Contains the response to a successful GetContextKeysForPrincipalPolicy or
22968// GetContextKeysForCustomPolicy request.
22969type GetContextKeysForPolicyResponse struct {
22970	_ struct{} `type:"structure"`
22971
22972	// The list of context keys that are referenced in the input policies.
22973	ContextKeyNames []*string `type:"list"`
22974}
22975
22976// String returns the string representation
22977func (s GetContextKeysForPolicyResponse) String() string {
22978	return awsutil.Prettify(s)
22979}
22980
22981// GoString returns the string representation
22982func (s GetContextKeysForPolicyResponse) GoString() string {
22983	return s.String()
22984}
22985
22986// SetContextKeyNames sets the ContextKeyNames field's value.
22987func (s *GetContextKeysForPolicyResponse) SetContextKeyNames(v []*string) *GetContextKeysForPolicyResponse {
22988	s.ContextKeyNames = v
22989	return s
22990}
22991
22992type GetContextKeysForPrincipalPolicyInput struct {
22993	_ struct{} `type:"structure"`
22994
22995	// An optional list of additional policies for which you want the list of context
22996	// keys that are referenced.
22997	//
22998	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
22999	// parameter is a string of characters consisting of the following:
23000	//
23001	//    * Any printable ASCII character ranging from the space character (\u0020)
23002	//    through the end of the ASCII character range
23003	//
23004	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
23005	//    set (through \u00FF)
23006	//
23007	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
23008	//    return (\u000D)
23009	PolicyInputList []*string `type:"list"`
23010
23011	// The ARN of a user, group, or role whose policies contain the context keys
23012	// that you want listed. If you specify a user, the list includes context keys
23013	// that are found in all policies that are attached to the user. The list also
23014	// includes all groups that the user is a member of. If you pick a group or
23015	// a role, then it includes only those context keys that are found in policies
23016	// attached to that entity. Note that all parameters are shown in unencoded
23017	// form here for clarity, but must be URL encoded to be included as a part of
23018	// a real HTML request.
23019	//
23020	// For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
23021	// in the AWS General Reference.
23022	//
23023	// PolicySourceArn is a required field
23024	PolicySourceArn *string `min:"20" type:"string" required:"true"`
23025}
23026
23027// String returns the string representation
23028func (s GetContextKeysForPrincipalPolicyInput) String() string {
23029	return awsutil.Prettify(s)
23030}
23031
23032// GoString returns the string representation
23033func (s GetContextKeysForPrincipalPolicyInput) GoString() string {
23034	return s.String()
23035}
23036
23037// Validate inspects the fields of the type to determine if they are valid.
23038func (s *GetContextKeysForPrincipalPolicyInput) Validate() error {
23039	invalidParams := request.ErrInvalidParams{Context: "GetContextKeysForPrincipalPolicyInput"}
23040	if s.PolicySourceArn == nil {
23041		invalidParams.Add(request.NewErrParamRequired("PolicySourceArn"))
23042	}
23043	if s.PolicySourceArn != nil && len(*s.PolicySourceArn) < 20 {
23044		invalidParams.Add(request.NewErrParamMinLen("PolicySourceArn", 20))
23045	}
23046
23047	if invalidParams.Len() > 0 {
23048		return invalidParams
23049	}
23050	return nil
23051}
23052
23053// SetPolicyInputList sets the PolicyInputList field's value.
23054func (s *GetContextKeysForPrincipalPolicyInput) SetPolicyInputList(v []*string) *GetContextKeysForPrincipalPolicyInput {
23055	s.PolicyInputList = v
23056	return s
23057}
23058
23059// SetPolicySourceArn sets the PolicySourceArn field's value.
23060func (s *GetContextKeysForPrincipalPolicyInput) SetPolicySourceArn(v string) *GetContextKeysForPrincipalPolicyInput {
23061	s.PolicySourceArn = &v
23062	return s
23063}
23064
23065type GetCredentialReportInput struct {
23066	_ struct{} `type:"structure"`
23067}
23068
23069// String returns the string representation
23070func (s GetCredentialReportInput) String() string {
23071	return awsutil.Prettify(s)
23072}
23073
23074// GoString returns the string representation
23075func (s GetCredentialReportInput) GoString() string {
23076	return s.String()
23077}
23078
23079// Contains the response to a successful GetCredentialReport request.
23080type GetCredentialReportOutput struct {
23081	_ struct{} `type:"structure"`
23082
23083	// Contains the credential report. The report is Base64-encoded.
23084	//
23085	// Content is automatically base64 encoded/decoded by the SDK.
23086	Content []byte `type:"blob"`
23087
23088	// The date and time when the credential report was created, in ISO 8601 date-time
23089	// format (http://www.iso.org/iso/iso8601).
23090	GeneratedTime *time.Time `type:"timestamp"`
23091
23092	// The format (MIME type) of the credential report.
23093	ReportFormat *string `type:"string" enum:"ReportFormatType"`
23094}
23095
23096// String returns the string representation
23097func (s GetCredentialReportOutput) String() string {
23098	return awsutil.Prettify(s)
23099}
23100
23101// GoString returns the string representation
23102func (s GetCredentialReportOutput) GoString() string {
23103	return s.String()
23104}
23105
23106// SetContent sets the Content field's value.
23107func (s *GetCredentialReportOutput) SetContent(v []byte) *GetCredentialReportOutput {
23108	s.Content = v
23109	return s
23110}
23111
23112// SetGeneratedTime sets the GeneratedTime field's value.
23113func (s *GetCredentialReportOutput) SetGeneratedTime(v time.Time) *GetCredentialReportOutput {
23114	s.GeneratedTime = &v
23115	return s
23116}
23117
23118// SetReportFormat sets the ReportFormat field's value.
23119func (s *GetCredentialReportOutput) SetReportFormat(v string) *GetCredentialReportOutput {
23120	s.ReportFormat = &v
23121	return s
23122}
23123
23124type GetGroupInput struct {
23125	_ struct{} `type:"structure"`
23126
23127	// The name of the group.
23128	//
23129	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
23130	// a string of characters consisting of upper and lowercase alphanumeric characters
23131	// with no spaces. You can also include any of the following characters: _+=,.@-
23132	//
23133	// GroupName is a required field
23134	GroupName *string `min:"1" type:"string" required:"true"`
23135
23136	// Use this parameter only when paginating results and only after you receive
23137	// a response indicating that the results are truncated. Set it to the value
23138	// of the Marker element in the response that you received to indicate where
23139	// the next call should start.
23140	Marker *string `min:"1" type:"string"`
23141
23142	// Use this only when paginating results to indicate the maximum number of items
23143	// you want in the response. If additional items exist beyond the maximum you
23144	// specify, the IsTruncated response element is true.
23145	//
23146	// If you do not include this parameter, the number of items defaults to 100.
23147	// Note that IAM might return fewer results, even when there are more results
23148	// available. In that case, the IsTruncated response element returns true, and
23149	// Marker contains a value to include in the subsequent call that tells the
23150	// service where to continue from.
23151	MaxItems *int64 `min:"1" type:"integer"`
23152}
23153
23154// String returns the string representation
23155func (s GetGroupInput) String() string {
23156	return awsutil.Prettify(s)
23157}
23158
23159// GoString returns the string representation
23160func (s GetGroupInput) GoString() string {
23161	return s.String()
23162}
23163
23164// Validate inspects the fields of the type to determine if they are valid.
23165func (s *GetGroupInput) Validate() error {
23166	invalidParams := request.ErrInvalidParams{Context: "GetGroupInput"}
23167	if s.GroupName == nil {
23168		invalidParams.Add(request.NewErrParamRequired("GroupName"))
23169	}
23170	if s.GroupName != nil && len(*s.GroupName) < 1 {
23171		invalidParams.Add(request.NewErrParamMinLen("GroupName", 1))
23172	}
23173	if s.Marker != nil && len(*s.Marker) < 1 {
23174		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
23175	}
23176	if s.MaxItems != nil && *s.MaxItems < 1 {
23177		invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1))
23178	}
23179
23180	if invalidParams.Len() > 0 {
23181		return invalidParams
23182	}
23183	return nil
23184}
23185
23186// SetGroupName sets the GroupName field's value.
23187func (s *GetGroupInput) SetGroupName(v string) *GetGroupInput {
23188	s.GroupName = &v
23189	return s
23190}
23191
23192// SetMarker sets the Marker field's value.
23193func (s *GetGroupInput) SetMarker(v string) *GetGroupInput {
23194	s.Marker = &v
23195	return s
23196}
23197
23198// SetMaxItems sets the MaxItems field's value.
23199func (s *GetGroupInput) SetMaxItems(v int64) *GetGroupInput {
23200	s.MaxItems = &v
23201	return s
23202}
23203
23204// Contains the response to a successful GetGroup request.
23205type GetGroupOutput struct {
23206	_ struct{} `type:"structure"`
23207
23208	// A structure that contains details about the group.
23209	//
23210	// Group is a required field
23211	Group *Group `type:"structure" required:"true"`
23212
23213	// A flag that indicates whether there are more items to return. If your results
23214	// were truncated, you can make a subsequent pagination request using the Marker
23215	// request parameter to retrieve more items. Note that IAM might return fewer
23216	// than the MaxItems number of results even when there are more results available.
23217	// We recommend that you check IsTruncated after every call to ensure that you
23218	// receive all your results.
23219	IsTruncated *bool `type:"boolean"`
23220
23221	// When IsTruncated is true, this element is present and contains the value
23222	// to use for the Marker parameter in a subsequent pagination request.
23223	Marker *string `type:"string"`
23224
23225	// A list of users in the group.
23226	//
23227	// Users is a required field
23228	Users []*User `type:"list" required:"true"`
23229}
23230
23231// String returns the string representation
23232func (s GetGroupOutput) String() string {
23233	return awsutil.Prettify(s)
23234}
23235
23236// GoString returns the string representation
23237func (s GetGroupOutput) GoString() string {
23238	return s.String()
23239}
23240
23241// SetGroup sets the Group field's value.
23242func (s *GetGroupOutput) SetGroup(v *Group) *GetGroupOutput {
23243	s.Group = v
23244	return s
23245}
23246
23247// SetIsTruncated sets the IsTruncated field's value.
23248func (s *GetGroupOutput) SetIsTruncated(v bool) *GetGroupOutput {
23249	s.IsTruncated = &v
23250	return s
23251}
23252
23253// SetMarker sets the Marker field's value.
23254func (s *GetGroupOutput) SetMarker(v string) *GetGroupOutput {
23255	s.Marker = &v
23256	return s
23257}
23258
23259// SetUsers sets the Users field's value.
23260func (s *GetGroupOutput) SetUsers(v []*User) *GetGroupOutput {
23261	s.Users = v
23262	return s
23263}
23264
23265type GetGroupPolicyInput struct {
23266	_ struct{} `type:"structure"`
23267
23268	// The name of the group the policy is associated with.
23269	//
23270	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
23271	// a string of characters consisting of upper and lowercase alphanumeric characters
23272	// with no spaces. You can also include any of the following characters: _+=,.@-
23273	//
23274	// GroupName is a required field
23275	GroupName *string `min:"1" type:"string" required:"true"`
23276
23277	// The name of the policy document to get.
23278	//
23279	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
23280	// a string of characters consisting of upper and lowercase alphanumeric characters
23281	// with no spaces. You can also include any of the following characters: _+=,.@-
23282	//
23283	// PolicyName is a required field
23284	PolicyName *string `min:"1" type:"string" required:"true"`
23285}
23286
23287// String returns the string representation
23288func (s GetGroupPolicyInput) String() string {
23289	return awsutil.Prettify(s)
23290}
23291
23292// GoString returns the string representation
23293func (s GetGroupPolicyInput) GoString() string {
23294	return s.String()
23295}
23296
23297// Validate inspects the fields of the type to determine if they are valid.
23298func (s *GetGroupPolicyInput) Validate() error {
23299	invalidParams := request.ErrInvalidParams{Context: "GetGroupPolicyInput"}
23300	if s.GroupName == nil {
23301		invalidParams.Add(request.NewErrParamRequired("GroupName"))
23302	}
23303	if s.GroupName != nil && len(*s.GroupName) < 1 {
23304		invalidParams.Add(request.NewErrParamMinLen("GroupName", 1))
23305	}
23306	if s.PolicyName == nil {
23307		invalidParams.Add(request.NewErrParamRequired("PolicyName"))
23308	}
23309	if s.PolicyName != nil && len(*s.PolicyName) < 1 {
23310		invalidParams.Add(request.NewErrParamMinLen("PolicyName", 1))
23311	}
23312
23313	if invalidParams.Len() > 0 {
23314		return invalidParams
23315	}
23316	return nil
23317}
23318
23319// SetGroupName sets the GroupName field's value.
23320func (s *GetGroupPolicyInput) SetGroupName(v string) *GetGroupPolicyInput {
23321	s.GroupName = &v
23322	return s
23323}
23324
23325// SetPolicyName sets the PolicyName field's value.
23326func (s *GetGroupPolicyInput) SetPolicyName(v string) *GetGroupPolicyInput {
23327	s.PolicyName = &v
23328	return s
23329}
23330
23331// Contains the response to a successful GetGroupPolicy request.
23332type GetGroupPolicyOutput struct {
23333	_ struct{} `type:"structure"`
23334
23335	// The group the policy is associated with.
23336	//
23337	// GroupName is a required field
23338	GroupName *string `min:"1" type:"string" required:"true"`
23339
23340	// The policy document.
23341	//
23342	// IAM stores policies in JSON format. However, resources that were created
23343	// using AWS CloudFormation templates can be formatted in YAML. AWS CloudFormation
23344	// always converts a YAML policy to JSON format before submitting it to IAM.
23345	//
23346	// PolicyDocument is a required field
23347	PolicyDocument *string `min:"1" type:"string" required:"true"`
23348
23349	// The name of the policy.
23350	//
23351	// PolicyName is a required field
23352	PolicyName *string `min:"1" type:"string" required:"true"`
23353}
23354
23355// String returns the string representation
23356func (s GetGroupPolicyOutput) String() string {
23357	return awsutil.Prettify(s)
23358}
23359
23360// GoString returns the string representation
23361func (s GetGroupPolicyOutput) GoString() string {
23362	return s.String()
23363}
23364
23365// SetGroupName sets the GroupName field's value.
23366func (s *GetGroupPolicyOutput) SetGroupName(v string) *GetGroupPolicyOutput {
23367	s.GroupName = &v
23368	return s
23369}
23370
23371// SetPolicyDocument sets the PolicyDocument field's value.
23372func (s *GetGroupPolicyOutput) SetPolicyDocument(v string) *GetGroupPolicyOutput {
23373	s.PolicyDocument = &v
23374	return s
23375}
23376
23377// SetPolicyName sets the PolicyName field's value.
23378func (s *GetGroupPolicyOutput) SetPolicyName(v string) *GetGroupPolicyOutput {
23379	s.PolicyName = &v
23380	return s
23381}
23382
23383type GetInstanceProfileInput struct {
23384	_ struct{} `type:"structure"`
23385
23386	// The name of the instance profile to get information about.
23387	//
23388	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
23389	// a string of characters consisting of upper and lowercase alphanumeric characters
23390	// with no spaces. You can also include any of the following characters: _+=,.@-
23391	//
23392	// InstanceProfileName is a required field
23393	InstanceProfileName *string `min:"1" type:"string" required:"true"`
23394}
23395
23396// String returns the string representation
23397func (s GetInstanceProfileInput) String() string {
23398	return awsutil.Prettify(s)
23399}
23400
23401// GoString returns the string representation
23402func (s GetInstanceProfileInput) GoString() string {
23403	return s.String()
23404}
23405
23406// Validate inspects the fields of the type to determine if they are valid.
23407func (s *GetInstanceProfileInput) Validate() error {
23408	invalidParams := request.ErrInvalidParams{Context: "GetInstanceProfileInput"}
23409	if s.InstanceProfileName == nil {
23410		invalidParams.Add(request.NewErrParamRequired("InstanceProfileName"))
23411	}
23412	if s.InstanceProfileName != nil && len(*s.InstanceProfileName) < 1 {
23413		invalidParams.Add(request.NewErrParamMinLen("InstanceProfileName", 1))
23414	}
23415
23416	if invalidParams.Len() > 0 {
23417		return invalidParams
23418	}
23419	return nil
23420}
23421
23422// SetInstanceProfileName sets the InstanceProfileName field's value.
23423func (s *GetInstanceProfileInput) SetInstanceProfileName(v string) *GetInstanceProfileInput {
23424	s.InstanceProfileName = &v
23425	return s
23426}
23427
23428// Contains the response to a successful GetInstanceProfile request.
23429type GetInstanceProfileOutput struct {
23430	_ struct{} `type:"structure"`
23431
23432	// A structure containing details about the instance profile.
23433	//
23434	// InstanceProfile is a required field
23435	InstanceProfile *InstanceProfile `type:"structure" required:"true"`
23436}
23437
23438// String returns the string representation
23439func (s GetInstanceProfileOutput) String() string {
23440	return awsutil.Prettify(s)
23441}
23442
23443// GoString returns the string representation
23444func (s GetInstanceProfileOutput) GoString() string {
23445	return s.String()
23446}
23447
23448// SetInstanceProfile sets the InstanceProfile field's value.
23449func (s *GetInstanceProfileOutput) SetInstanceProfile(v *InstanceProfile) *GetInstanceProfileOutput {
23450	s.InstanceProfile = v
23451	return s
23452}
23453
23454type GetLoginProfileInput struct {
23455	_ struct{} `type:"structure"`
23456
23457	// The name of the user whose login profile you want to retrieve.
23458	//
23459	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
23460	// a string of characters consisting of upper and lowercase alphanumeric characters
23461	// with no spaces. You can also include any of the following characters: _+=,.@-
23462	//
23463	// UserName is a required field
23464	UserName *string `min:"1" type:"string" required:"true"`
23465}
23466
23467// String returns the string representation
23468func (s GetLoginProfileInput) String() string {
23469	return awsutil.Prettify(s)
23470}
23471
23472// GoString returns the string representation
23473func (s GetLoginProfileInput) GoString() string {
23474	return s.String()
23475}
23476
23477// Validate inspects the fields of the type to determine if they are valid.
23478func (s *GetLoginProfileInput) Validate() error {
23479	invalidParams := request.ErrInvalidParams{Context: "GetLoginProfileInput"}
23480	if s.UserName == nil {
23481		invalidParams.Add(request.NewErrParamRequired("UserName"))
23482	}
23483	if s.UserName != nil && len(*s.UserName) < 1 {
23484		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
23485	}
23486
23487	if invalidParams.Len() > 0 {
23488		return invalidParams
23489	}
23490	return nil
23491}
23492
23493// SetUserName sets the UserName field's value.
23494func (s *GetLoginProfileInput) SetUserName(v string) *GetLoginProfileInput {
23495	s.UserName = &v
23496	return s
23497}
23498
23499// Contains the response to a successful GetLoginProfile request.
23500type GetLoginProfileOutput struct {
23501	_ struct{} `type:"structure"`
23502
23503	// A structure containing the user name and password create date for the user.
23504	//
23505	// LoginProfile is a required field
23506	LoginProfile *LoginProfile `type:"structure" required:"true"`
23507}
23508
23509// String returns the string representation
23510func (s GetLoginProfileOutput) String() string {
23511	return awsutil.Prettify(s)
23512}
23513
23514// GoString returns the string representation
23515func (s GetLoginProfileOutput) GoString() string {
23516	return s.String()
23517}
23518
23519// SetLoginProfile sets the LoginProfile field's value.
23520func (s *GetLoginProfileOutput) SetLoginProfile(v *LoginProfile) *GetLoginProfileOutput {
23521	s.LoginProfile = v
23522	return s
23523}
23524
23525type GetOpenIDConnectProviderInput struct {
23526	_ struct{} `type:"structure"`
23527
23528	// The Amazon Resource Name (ARN) of the OIDC provider resource object in IAM
23529	// to get information for. You can get a list of OIDC provider resource ARNs
23530	// by using the ListOpenIDConnectProviders operation.
23531	//
23532	// For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
23533	// in the AWS General Reference.
23534	//
23535	// OpenIDConnectProviderArn is a required field
23536	OpenIDConnectProviderArn *string `min:"20" type:"string" required:"true"`
23537}
23538
23539// String returns the string representation
23540func (s GetOpenIDConnectProviderInput) String() string {
23541	return awsutil.Prettify(s)
23542}
23543
23544// GoString returns the string representation
23545func (s GetOpenIDConnectProviderInput) GoString() string {
23546	return s.String()
23547}
23548
23549// Validate inspects the fields of the type to determine if they are valid.
23550func (s *GetOpenIDConnectProviderInput) Validate() error {
23551	invalidParams := request.ErrInvalidParams{Context: "GetOpenIDConnectProviderInput"}
23552	if s.OpenIDConnectProviderArn == nil {
23553		invalidParams.Add(request.NewErrParamRequired("OpenIDConnectProviderArn"))
23554	}
23555	if s.OpenIDConnectProviderArn != nil && len(*s.OpenIDConnectProviderArn) < 20 {
23556		invalidParams.Add(request.NewErrParamMinLen("OpenIDConnectProviderArn", 20))
23557	}
23558
23559	if invalidParams.Len() > 0 {
23560		return invalidParams
23561	}
23562	return nil
23563}
23564
23565// SetOpenIDConnectProviderArn sets the OpenIDConnectProviderArn field's value.
23566func (s *GetOpenIDConnectProviderInput) SetOpenIDConnectProviderArn(v string) *GetOpenIDConnectProviderInput {
23567	s.OpenIDConnectProviderArn = &v
23568	return s
23569}
23570
23571// Contains the response to a successful GetOpenIDConnectProvider request.
23572type GetOpenIDConnectProviderOutput struct {
23573	_ struct{} `type:"structure"`
23574
23575	// A list of client IDs (also known as audiences) that are associated with the
23576	// specified IAM OIDC provider resource object. For more information, see CreateOpenIDConnectProvider.
23577	ClientIDList []*string `type:"list"`
23578
23579	// The date and time when the IAM OIDC provider resource object was created
23580	// in the AWS account.
23581	CreateDate *time.Time `type:"timestamp"`
23582
23583	// A list of tags that are attached to the specified IAM OIDC provider. The
23584	// returned list of tags is sorted by tag key. For more information about tagging,
23585	// see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
23586	// in the IAM User Guide.
23587	Tags []*Tag `type:"list"`
23588
23589	// A list of certificate thumbprints that are associated with the specified
23590	// IAM OIDC provider resource object. For more information, see CreateOpenIDConnectProvider.
23591	ThumbprintList []*string `type:"list"`
23592
23593	// The URL that the IAM OIDC provider resource object is associated with. For
23594	// more information, see CreateOpenIDConnectProvider.
23595	Url *string `min:"1" type:"string"`
23596}
23597
23598// String returns the string representation
23599func (s GetOpenIDConnectProviderOutput) String() string {
23600	return awsutil.Prettify(s)
23601}
23602
23603// GoString returns the string representation
23604func (s GetOpenIDConnectProviderOutput) GoString() string {
23605	return s.String()
23606}
23607
23608// SetClientIDList sets the ClientIDList field's value.
23609func (s *GetOpenIDConnectProviderOutput) SetClientIDList(v []*string) *GetOpenIDConnectProviderOutput {
23610	s.ClientIDList = v
23611	return s
23612}
23613
23614// SetCreateDate sets the CreateDate field's value.
23615func (s *GetOpenIDConnectProviderOutput) SetCreateDate(v time.Time) *GetOpenIDConnectProviderOutput {
23616	s.CreateDate = &v
23617	return s
23618}
23619
23620// SetTags sets the Tags field's value.
23621func (s *GetOpenIDConnectProviderOutput) SetTags(v []*Tag) *GetOpenIDConnectProviderOutput {
23622	s.Tags = v
23623	return s
23624}
23625
23626// SetThumbprintList sets the ThumbprintList field's value.
23627func (s *GetOpenIDConnectProviderOutput) SetThumbprintList(v []*string) *GetOpenIDConnectProviderOutput {
23628	s.ThumbprintList = v
23629	return s
23630}
23631
23632// SetUrl sets the Url field's value.
23633func (s *GetOpenIDConnectProviderOutput) SetUrl(v string) *GetOpenIDConnectProviderOutput {
23634	s.Url = &v
23635	return s
23636}
23637
23638type GetOrganizationsAccessReportInput struct {
23639	_ struct{} `type:"structure"`
23640
23641	// The identifier of the request generated by the GenerateOrganizationsAccessReport
23642	// operation.
23643	//
23644	// JobId is a required field
23645	JobId *string `min:"36" type:"string" required:"true"`
23646
23647	// Use this parameter only when paginating results and only after you receive
23648	// a response indicating that the results are truncated. Set it to the value
23649	// of the Marker element in the response that you received to indicate where
23650	// the next call should start.
23651	Marker *string `min:"1" type:"string"`
23652
23653	// Use this only when paginating results to indicate the maximum number of items
23654	// you want in the response. If additional items exist beyond the maximum you
23655	// specify, the IsTruncated response element is true.
23656	//
23657	// If you do not include this parameter, the number of items defaults to 100.
23658	// Note that IAM might return fewer results, even when there are more results
23659	// available. In that case, the IsTruncated response element returns true, and
23660	// Marker contains a value to include in the subsequent call that tells the
23661	// service where to continue from.
23662	MaxItems *int64 `min:"1" type:"integer"`
23663
23664	// The key that is used to sort the results. If you choose the namespace key,
23665	// the results are returned in alphabetical order. If you choose the time key,
23666	// the results are sorted numerically by the date and time.
23667	SortKey *string `type:"string" enum:"SortKeyType"`
23668}
23669
23670// String returns the string representation
23671func (s GetOrganizationsAccessReportInput) String() string {
23672	return awsutil.Prettify(s)
23673}
23674
23675// GoString returns the string representation
23676func (s GetOrganizationsAccessReportInput) GoString() string {
23677	return s.String()
23678}
23679
23680// Validate inspects the fields of the type to determine if they are valid.
23681func (s *GetOrganizationsAccessReportInput) Validate() error {
23682	invalidParams := request.ErrInvalidParams{Context: "GetOrganizationsAccessReportInput"}
23683	if s.JobId == nil {
23684		invalidParams.Add(request.NewErrParamRequired("JobId"))
23685	}
23686	if s.JobId != nil && len(*s.JobId) < 36 {
23687		invalidParams.Add(request.NewErrParamMinLen("JobId", 36))
23688	}
23689	if s.Marker != nil && len(*s.Marker) < 1 {
23690		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
23691	}
23692	if s.MaxItems != nil && *s.MaxItems < 1 {
23693		invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1))
23694	}
23695
23696	if invalidParams.Len() > 0 {
23697		return invalidParams
23698	}
23699	return nil
23700}
23701
23702// SetJobId sets the JobId field's value.
23703func (s *GetOrganizationsAccessReportInput) SetJobId(v string) *GetOrganizationsAccessReportInput {
23704	s.JobId = &v
23705	return s
23706}
23707
23708// SetMarker sets the Marker field's value.
23709func (s *GetOrganizationsAccessReportInput) SetMarker(v string) *GetOrganizationsAccessReportInput {
23710	s.Marker = &v
23711	return s
23712}
23713
23714// SetMaxItems sets the MaxItems field's value.
23715func (s *GetOrganizationsAccessReportInput) SetMaxItems(v int64) *GetOrganizationsAccessReportInput {
23716	s.MaxItems = &v
23717	return s
23718}
23719
23720// SetSortKey sets the SortKey field's value.
23721func (s *GetOrganizationsAccessReportInput) SetSortKey(v string) *GetOrganizationsAccessReportInput {
23722	s.SortKey = &v
23723	return s
23724}
23725
23726type GetOrganizationsAccessReportOutput struct {
23727	_ struct{} `type:"structure"`
23728
23729	// An object that contains details about the most recent attempt to access the
23730	// service.
23731	AccessDetails []*AccessDetail `type:"list"`
23732
23733	// Contains information about the reason that the operation failed.
23734	//
23735	// This data type is used as a response element in the GetOrganizationsAccessReport,
23736	// GetServiceLastAccessedDetails, and GetServiceLastAccessedDetailsWithEntities
23737	// operations.
23738	ErrorDetails *ErrorDetails `type:"structure"`
23739
23740	// A flag that indicates whether there are more items to return. If your results
23741	// were truncated, you can make a subsequent pagination request using the Marker
23742	// request parameter to retrieve more items. Note that IAM might return fewer
23743	// than the MaxItems number of results even when there are more results available.
23744	// We recommend that you check IsTruncated after every call to ensure that you
23745	// receive all your results.
23746	IsTruncated *bool `type:"boolean"`
23747
23748	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
23749	// when the generated report job was completed or failed.
23750	//
23751	// This field is null if the job is still in progress, as indicated by a job
23752	// status value of IN_PROGRESS.
23753	JobCompletionDate *time.Time `type:"timestamp"`
23754
23755	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
23756	// when the report job was created.
23757	//
23758	// JobCreationDate is a required field
23759	JobCreationDate *time.Time `type:"timestamp" required:"true"`
23760
23761	// The status of the job.
23762	//
23763	// JobStatus is a required field
23764	JobStatus *string `type:"string" required:"true" enum:"JobStatusType"`
23765
23766	// When IsTruncated is true, this element is present and contains the value
23767	// to use for the Marker parameter in a subsequent pagination request.
23768	Marker *string `min:"1" type:"string"`
23769
23770	// The number of services that the applicable SCPs allow account principals
23771	// to access.
23772	NumberOfServicesAccessible *int64 `type:"integer"`
23773
23774	// The number of services that account principals are allowed but did not attempt
23775	// to access.
23776	NumberOfServicesNotAccessed *int64 `type:"integer"`
23777}
23778
23779// String returns the string representation
23780func (s GetOrganizationsAccessReportOutput) String() string {
23781	return awsutil.Prettify(s)
23782}
23783
23784// GoString returns the string representation
23785func (s GetOrganizationsAccessReportOutput) GoString() string {
23786	return s.String()
23787}
23788
23789// SetAccessDetails sets the AccessDetails field's value.
23790func (s *GetOrganizationsAccessReportOutput) SetAccessDetails(v []*AccessDetail) *GetOrganizationsAccessReportOutput {
23791	s.AccessDetails = v
23792	return s
23793}
23794
23795// SetErrorDetails sets the ErrorDetails field's value.
23796func (s *GetOrganizationsAccessReportOutput) SetErrorDetails(v *ErrorDetails) *GetOrganizationsAccessReportOutput {
23797	s.ErrorDetails = v
23798	return s
23799}
23800
23801// SetIsTruncated sets the IsTruncated field's value.
23802func (s *GetOrganizationsAccessReportOutput) SetIsTruncated(v bool) *GetOrganizationsAccessReportOutput {
23803	s.IsTruncated = &v
23804	return s
23805}
23806
23807// SetJobCompletionDate sets the JobCompletionDate field's value.
23808func (s *GetOrganizationsAccessReportOutput) SetJobCompletionDate(v time.Time) *GetOrganizationsAccessReportOutput {
23809	s.JobCompletionDate = &v
23810	return s
23811}
23812
23813// SetJobCreationDate sets the JobCreationDate field's value.
23814func (s *GetOrganizationsAccessReportOutput) SetJobCreationDate(v time.Time) *GetOrganizationsAccessReportOutput {
23815	s.JobCreationDate = &v
23816	return s
23817}
23818
23819// SetJobStatus sets the JobStatus field's value.
23820func (s *GetOrganizationsAccessReportOutput) SetJobStatus(v string) *GetOrganizationsAccessReportOutput {
23821	s.JobStatus = &v
23822	return s
23823}
23824
23825// SetMarker sets the Marker field's value.
23826func (s *GetOrganizationsAccessReportOutput) SetMarker(v string) *GetOrganizationsAccessReportOutput {
23827	s.Marker = &v
23828	return s
23829}
23830
23831// SetNumberOfServicesAccessible sets the NumberOfServicesAccessible field's value.
23832func (s *GetOrganizationsAccessReportOutput) SetNumberOfServicesAccessible(v int64) *GetOrganizationsAccessReportOutput {
23833	s.NumberOfServicesAccessible = &v
23834	return s
23835}
23836
23837// SetNumberOfServicesNotAccessed sets the NumberOfServicesNotAccessed field's value.
23838func (s *GetOrganizationsAccessReportOutput) SetNumberOfServicesNotAccessed(v int64) *GetOrganizationsAccessReportOutput {
23839	s.NumberOfServicesNotAccessed = &v
23840	return s
23841}
23842
23843type GetPolicyInput struct {
23844	_ struct{} `type:"structure"`
23845
23846	// The Amazon Resource Name (ARN) of the managed policy that you want information
23847	// about.
23848	//
23849	// For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
23850	// in the AWS General Reference.
23851	//
23852	// PolicyArn is a required field
23853	PolicyArn *string `min:"20" type:"string" required:"true"`
23854}
23855
23856// String returns the string representation
23857func (s GetPolicyInput) String() string {
23858	return awsutil.Prettify(s)
23859}
23860
23861// GoString returns the string representation
23862func (s GetPolicyInput) GoString() string {
23863	return s.String()
23864}
23865
23866// Validate inspects the fields of the type to determine if they are valid.
23867func (s *GetPolicyInput) Validate() error {
23868	invalidParams := request.ErrInvalidParams{Context: "GetPolicyInput"}
23869	if s.PolicyArn == nil {
23870		invalidParams.Add(request.NewErrParamRequired("PolicyArn"))
23871	}
23872	if s.PolicyArn != nil && len(*s.PolicyArn) < 20 {
23873		invalidParams.Add(request.NewErrParamMinLen("PolicyArn", 20))
23874	}
23875
23876	if invalidParams.Len() > 0 {
23877		return invalidParams
23878	}
23879	return nil
23880}
23881
23882// SetPolicyArn sets the PolicyArn field's value.
23883func (s *GetPolicyInput) SetPolicyArn(v string) *GetPolicyInput {
23884	s.PolicyArn = &v
23885	return s
23886}
23887
23888// Contains the response to a successful GetPolicy request.
23889type GetPolicyOutput struct {
23890	_ struct{} `type:"structure"`
23891
23892	// A structure containing details about the policy.
23893	Policy *Policy `type:"structure"`
23894}
23895
23896// String returns the string representation
23897func (s GetPolicyOutput) String() string {
23898	return awsutil.Prettify(s)
23899}
23900
23901// GoString returns the string representation
23902func (s GetPolicyOutput) GoString() string {
23903	return s.String()
23904}
23905
23906// SetPolicy sets the Policy field's value.
23907func (s *GetPolicyOutput) SetPolicy(v *Policy) *GetPolicyOutput {
23908	s.Policy = v
23909	return s
23910}
23911
23912type GetPolicyVersionInput struct {
23913	_ struct{} `type:"structure"`
23914
23915	// The Amazon Resource Name (ARN) of the managed policy that you want information
23916	// about.
23917	//
23918	// For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
23919	// in the AWS General Reference.
23920	//
23921	// PolicyArn is a required field
23922	PolicyArn *string `min:"20" type:"string" required:"true"`
23923
23924	// Identifies the policy version to retrieve.
23925	//
23926	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
23927	// a string of characters that consists of the lowercase letter 'v' followed
23928	// by one or two digits, and optionally followed by a period '.' and a string
23929	// of letters and digits.
23930	//
23931	// VersionId is a required field
23932	VersionId *string `type:"string" required:"true"`
23933}
23934
23935// String returns the string representation
23936func (s GetPolicyVersionInput) String() string {
23937	return awsutil.Prettify(s)
23938}
23939
23940// GoString returns the string representation
23941func (s GetPolicyVersionInput) GoString() string {
23942	return s.String()
23943}
23944
23945// Validate inspects the fields of the type to determine if they are valid.
23946func (s *GetPolicyVersionInput) Validate() error {
23947	invalidParams := request.ErrInvalidParams{Context: "GetPolicyVersionInput"}
23948	if s.PolicyArn == nil {
23949		invalidParams.Add(request.NewErrParamRequired("PolicyArn"))
23950	}
23951	if s.PolicyArn != nil && len(*s.PolicyArn) < 20 {
23952		invalidParams.Add(request.NewErrParamMinLen("PolicyArn", 20))
23953	}
23954	if s.VersionId == nil {
23955		invalidParams.Add(request.NewErrParamRequired("VersionId"))
23956	}
23957
23958	if invalidParams.Len() > 0 {
23959		return invalidParams
23960	}
23961	return nil
23962}
23963
23964// SetPolicyArn sets the PolicyArn field's value.
23965func (s *GetPolicyVersionInput) SetPolicyArn(v string) *GetPolicyVersionInput {
23966	s.PolicyArn = &v
23967	return s
23968}
23969
23970// SetVersionId sets the VersionId field's value.
23971func (s *GetPolicyVersionInput) SetVersionId(v string) *GetPolicyVersionInput {
23972	s.VersionId = &v
23973	return s
23974}
23975
23976// Contains the response to a successful GetPolicyVersion request.
23977type GetPolicyVersionOutput struct {
23978	_ struct{} `type:"structure"`
23979
23980	// A structure containing details about the policy version.
23981	PolicyVersion *PolicyVersion `type:"structure"`
23982}
23983
23984// String returns the string representation
23985func (s GetPolicyVersionOutput) String() string {
23986	return awsutil.Prettify(s)
23987}
23988
23989// GoString returns the string representation
23990func (s GetPolicyVersionOutput) GoString() string {
23991	return s.String()
23992}
23993
23994// SetPolicyVersion sets the PolicyVersion field's value.
23995func (s *GetPolicyVersionOutput) SetPolicyVersion(v *PolicyVersion) *GetPolicyVersionOutput {
23996	s.PolicyVersion = v
23997	return s
23998}
23999
24000type GetRoleInput struct {
24001	_ struct{} `type:"structure"`
24002
24003	// The name of the IAM role to get information about.
24004	//
24005	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
24006	// a string of characters consisting of upper and lowercase alphanumeric characters
24007	// with no spaces. You can also include any of the following characters: _+=,.@-
24008	//
24009	// RoleName is a required field
24010	RoleName *string `min:"1" type:"string" required:"true"`
24011}
24012
24013// String returns the string representation
24014func (s GetRoleInput) String() string {
24015	return awsutil.Prettify(s)
24016}
24017
24018// GoString returns the string representation
24019func (s GetRoleInput) GoString() string {
24020	return s.String()
24021}
24022
24023// Validate inspects the fields of the type to determine if they are valid.
24024func (s *GetRoleInput) Validate() error {
24025	invalidParams := request.ErrInvalidParams{Context: "GetRoleInput"}
24026	if s.RoleName == nil {
24027		invalidParams.Add(request.NewErrParamRequired("RoleName"))
24028	}
24029	if s.RoleName != nil && len(*s.RoleName) < 1 {
24030		invalidParams.Add(request.NewErrParamMinLen("RoleName", 1))
24031	}
24032
24033	if invalidParams.Len() > 0 {
24034		return invalidParams
24035	}
24036	return nil
24037}
24038
24039// SetRoleName sets the RoleName field's value.
24040func (s *GetRoleInput) SetRoleName(v string) *GetRoleInput {
24041	s.RoleName = &v
24042	return s
24043}
24044
24045// Contains the response to a successful GetRole request.
24046type GetRoleOutput struct {
24047	_ struct{} `type:"structure"`
24048
24049	// A structure containing details about the IAM role.
24050	//
24051	// Role is a required field
24052	Role *Role `type:"structure" required:"true"`
24053}
24054
24055// String returns the string representation
24056func (s GetRoleOutput) String() string {
24057	return awsutil.Prettify(s)
24058}
24059
24060// GoString returns the string representation
24061func (s GetRoleOutput) GoString() string {
24062	return s.String()
24063}
24064
24065// SetRole sets the Role field's value.
24066func (s *GetRoleOutput) SetRole(v *Role) *GetRoleOutput {
24067	s.Role = v
24068	return s
24069}
24070
24071type GetRolePolicyInput struct {
24072	_ struct{} `type:"structure"`
24073
24074	// The name of the policy document to get.
24075	//
24076	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
24077	// a string of characters consisting of upper and lowercase alphanumeric characters
24078	// with no spaces. You can also include any of the following characters: _+=,.@-
24079	//
24080	// PolicyName is a required field
24081	PolicyName *string `min:"1" type:"string" required:"true"`
24082
24083	// The name of the role associated with the policy.
24084	//
24085	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
24086	// a string of characters consisting of upper and lowercase alphanumeric characters
24087	// with no spaces. You can also include any of the following characters: _+=,.@-
24088	//
24089	// RoleName is a required field
24090	RoleName *string `min:"1" type:"string" required:"true"`
24091}
24092
24093// String returns the string representation
24094func (s GetRolePolicyInput) String() string {
24095	return awsutil.Prettify(s)
24096}
24097
24098// GoString returns the string representation
24099func (s GetRolePolicyInput) GoString() string {
24100	return s.String()
24101}
24102
24103// Validate inspects the fields of the type to determine if they are valid.
24104func (s *GetRolePolicyInput) Validate() error {
24105	invalidParams := request.ErrInvalidParams{Context: "GetRolePolicyInput"}
24106	if s.PolicyName == nil {
24107		invalidParams.Add(request.NewErrParamRequired("PolicyName"))
24108	}
24109	if s.PolicyName != nil && len(*s.PolicyName) < 1 {
24110		invalidParams.Add(request.NewErrParamMinLen("PolicyName", 1))
24111	}
24112	if s.RoleName == nil {
24113		invalidParams.Add(request.NewErrParamRequired("RoleName"))
24114	}
24115	if s.RoleName != nil && len(*s.RoleName) < 1 {
24116		invalidParams.Add(request.NewErrParamMinLen("RoleName", 1))
24117	}
24118
24119	if invalidParams.Len() > 0 {
24120		return invalidParams
24121	}
24122	return nil
24123}
24124
24125// SetPolicyName sets the PolicyName field's value.
24126func (s *GetRolePolicyInput) SetPolicyName(v string) *GetRolePolicyInput {
24127	s.PolicyName = &v
24128	return s
24129}
24130
24131// SetRoleName sets the RoleName field's value.
24132func (s *GetRolePolicyInput) SetRoleName(v string) *GetRolePolicyInput {
24133	s.RoleName = &v
24134	return s
24135}
24136
24137// Contains the response to a successful GetRolePolicy request.
24138type GetRolePolicyOutput struct {
24139	_ struct{} `type:"structure"`
24140
24141	// The policy document.
24142	//
24143	// IAM stores policies in JSON format. However, resources that were created
24144	// using AWS CloudFormation templates can be formatted in YAML. AWS CloudFormation
24145	// always converts a YAML policy to JSON format before submitting it to IAM.
24146	//
24147	// PolicyDocument is a required field
24148	PolicyDocument *string `min:"1" type:"string" required:"true"`
24149
24150	// The name of the policy.
24151	//
24152	// PolicyName is a required field
24153	PolicyName *string `min:"1" type:"string" required:"true"`
24154
24155	// The role the policy is associated with.
24156	//
24157	// RoleName is a required field
24158	RoleName *string `min:"1" type:"string" required:"true"`
24159}
24160
24161// String returns the string representation
24162func (s GetRolePolicyOutput) String() string {
24163	return awsutil.Prettify(s)
24164}
24165
24166// GoString returns the string representation
24167func (s GetRolePolicyOutput) GoString() string {
24168	return s.String()
24169}
24170
24171// SetPolicyDocument sets the PolicyDocument field's value.
24172func (s *GetRolePolicyOutput) SetPolicyDocument(v string) *GetRolePolicyOutput {
24173	s.PolicyDocument = &v
24174	return s
24175}
24176
24177// SetPolicyName sets the PolicyName field's value.
24178func (s *GetRolePolicyOutput) SetPolicyName(v string) *GetRolePolicyOutput {
24179	s.PolicyName = &v
24180	return s
24181}
24182
24183// SetRoleName sets the RoleName field's value.
24184func (s *GetRolePolicyOutput) SetRoleName(v string) *GetRolePolicyOutput {
24185	s.RoleName = &v
24186	return s
24187}
24188
24189type GetSAMLProviderInput struct {
24190	_ struct{} `type:"structure"`
24191
24192	// The Amazon Resource Name (ARN) of the SAML provider resource object in IAM
24193	// to get information about.
24194	//
24195	// For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
24196	// in the AWS General Reference.
24197	//
24198	// SAMLProviderArn is a required field
24199	SAMLProviderArn *string `min:"20" type:"string" required:"true"`
24200}
24201
24202// String returns the string representation
24203func (s GetSAMLProviderInput) String() string {
24204	return awsutil.Prettify(s)
24205}
24206
24207// GoString returns the string representation
24208func (s GetSAMLProviderInput) GoString() string {
24209	return s.String()
24210}
24211
24212// Validate inspects the fields of the type to determine if they are valid.
24213func (s *GetSAMLProviderInput) Validate() error {
24214	invalidParams := request.ErrInvalidParams{Context: "GetSAMLProviderInput"}
24215	if s.SAMLProviderArn == nil {
24216		invalidParams.Add(request.NewErrParamRequired("SAMLProviderArn"))
24217	}
24218	if s.SAMLProviderArn != nil && len(*s.SAMLProviderArn) < 20 {
24219		invalidParams.Add(request.NewErrParamMinLen("SAMLProviderArn", 20))
24220	}
24221
24222	if invalidParams.Len() > 0 {
24223		return invalidParams
24224	}
24225	return nil
24226}
24227
24228// SetSAMLProviderArn sets the SAMLProviderArn field's value.
24229func (s *GetSAMLProviderInput) SetSAMLProviderArn(v string) *GetSAMLProviderInput {
24230	s.SAMLProviderArn = &v
24231	return s
24232}
24233
24234// Contains the response to a successful GetSAMLProvider request.
24235type GetSAMLProviderOutput struct {
24236	_ struct{} `type:"structure"`
24237
24238	// The date and time when the SAML provider was created.
24239	CreateDate *time.Time `type:"timestamp"`
24240
24241	// The XML metadata document that includes information about an identity provider.
24242	SAMLMetadataDocument *string `min:"1000" type:"string"`
24243
24244	// A list of tags that are attached to the specified IAM SAML provider. The
24245	// returned list of tags is sorted by tag key. For more information about tagging,
24246	// see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
24247	// in the IAM User Guide.
24248	Tags []*Tag `type:"list"`
24249
24250	// The expiration date and time for the SAML provider.
24251	ValidUntil *time.Time `type:"timestamp"`
24252}
24253
24254// String returns the string representation
24255func (s GetSAMLProviderOutput) String() string {
24256	return awsutil.Prettify(s)
24257}
24258
24259// GoString returns the string representation
24260func (s GetSAMLProviderOutput) GoString() string {
24261	return s.String()
24262}
24263
24264// SetCreateDate sets the CreateDate field's value.
24265func (s *GetSAMLProviderOutput) SetCreateDate(v time.Time) *GetSAMLProviderOutput {
24266	s.CreateDate = &v
24267	return s
24268}
24269
24270// SetSAMLMetadataDocument sets the SAMLMetadataDocument field's value.
24271func (s *GetSAMLProviderOutput) SetSAMLMetadataDocument(v string) *GetSAMLProviderOutput {
24272	s.SAMLMetadataDocument = &v
24273	return s
24274}
24275
24276// SetTags sets the Tags field's value.
24277func (s *GetSAMLProviderOutput) SetTags(v []*Tag) *GetSAMLProviderOutput {
24278	s.Tags = v
24279	return s
24280}
24281
24282// SetValidUntil sets the ValidUntil field's value.
24283func (s *GetSAMLProviderOutput) SetValidUntil(v time.Time) *GetSAMLProviderOutput {
24284	s.ValidUntil = &v
24285	return s
24286}
24287
24288type GetSSHPublicKeyInput struct {
24289	_ struct{} `type:"structure"`
24290
24291	// Specifies the public key encoding format to use in the response. To retrieve
24292	// the public key in ssh-rsa format, use SSH. To retrieve the public key in
24293	// PEM format, use PEM.
24294	//
24295	// Encoding is a required field
24296	Encoding *string `type:"string" required:"true" enum:"EncodingType"`
24297
24298	// The unique identifier for the SSH public key.
24299	//
24300	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
24301	// a string of characters that can consist of any upper or lowercased letter
24302	// or digit.
24303	//
24304	// SSHPublicKeyId is a required field
24305	SSHPublicKeyId *string `min:"20" type:"string" required:"true"`
24306
24307	// The name of the IAM user associated with the SSH public key.
24308	//
24309	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
24310	// a string of characters consisting of upper and lowercase alphanumeric characters
24311	// with no spaces. You can also include any of the following characters: _+=,.@-
24312	//
24313	// UserName is a required field
24314	UserName *string `min:"1" type:"string" required:"true"`
24315}
24316
24317// String returns the string representation
24318func (s GetSSHPublicKeyInput) String() string {
24319	return awsutil.Prettify(s)
24320}
24321
24322// GoString returns the string representation
24323func (s GetSSHPublicKeyInput) GoString() string {
24324	return s.String()
24325}
24326
24327// Validate inspects the fields of the type to determine if they are valid.
24328func (s *GetSSHPublicKeyInput) Validate() error {
24329	invalidParams := request.ErrInvalidParams{Context: "GetSSHPublicKeyInput"}
24330	if s.Encoding == nil {
24331		invalidParams.Add(request.NewErrParamRequired("Encoding"))
24332	}
24333	if s.SSHPublicKeyId == nil {
24334		invalidParams.Add(request.NewErrParamRequired("SSHPublicKeyId"))
24335	}
24336	if s.SSHPublicKeyId != nil && len(*s.SSHPublicKeyId) < 20 {
24337		invalidParams.Add(request.NewErrParamMinLen("SSHPublicKeyId", 20))
24338	}
24339	if s.UserName == nil {
24340		invalidParams.Add(request.NewErrParamRequired("UserName"))
24341	}
24342	if s.UserName != nil && len(*s.UserName) < 1 {
24343		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
24344	}
24345
24346	if invalidParams.Len() > 0 {
24347		return invalidParams
24348	}
24349	return nil
24350}
24351
24352// SetEncoding sets the Encoding field's value.
24353func (s *GetSSHPublicKeyInput) SetEncoding(v string) *GetSSHPublicKeyInput {
24354	s.Encoding = &v
24355	return s
24356}
24357
24358// SetSSHPublicKeyId sets the SSHPublicKeyId field's value.
24359func (s *GetSSHPublicKeyInput) SetSSHPublicKeyId(v string) *GetSSHPublicKeyInput {
24360	s.SSHPublicKeyId = &v
24361	return s
24362}
24363
24364// SetUserName sets the UserName field's value.
24365func (s *GetSSHPublicKeyInput) SetUserName(v string) *GetSSHPublicKeyInput {
24366	s.UserName = &v
24367	return s
24368}
24369
24370// Contains the response to a successful GetSSHPublicKey request.
24371type GetSSHPublicKeyOutput struct {
24372	_ struct{} `type:"structure"`
24373
24374	// A structure containing details about the SSH public key.
24375	SSHPublicKey *SSHPublicKey `type:"structure"`
24376}
24377
24378// String returns the string representation
24379func (s GetSSHPublicKeyOutput) String() string {
24380	return awsutil.Prettify(s)
24381}
24382
24383// GoString returns the string representation
24384func (s GetSSHPublicKeyOutput) GoString() string {
24385	return s.String()
24386}
24387
24388// SetSSHPublicKey sets the SSHPublicKey field's value.
24389func (s *GetSSHPublicKeyOutput) SetSSHPublicKey(v *SSHPublicKey) *GetSSHPublicKeyOutput {
24390	s.SSHPublicKey = v
24391	return s
24392}
24393
24394type GetServerCertificateInput struct {
24395	_ struct{} `type:"structure"`
24396
24397	// The name of the server certificate you want to retrieve information about.
24398	//
24399	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
24400	// a string of characters consisting of upper and lowercase alphanumeric characters
24401	// with no spaces. You can also include any of the following characters: _+=,.@-
24402	//
24403	// ServerCertificateName is a required field
24404	ServerCertificateName *string `min:"1" type:"string" required:"true"`
24405}
24406
24407// String returns the string representation
24408func (s GetServerCertificateInput) String() string {
24409	return awsutil.Prettify(s)
24410}
24411
24412// GoString returns the string representation
24413func (s GetServerCertificateInput) GoString() string {
24414	return s.String()
24415}
24416
24417// Validate inspects the fields of the type to determine if they are valid.
24418func (s *GetServerCertificateInput) Validate() error {
24419	invalidParams := request.ErrInvalidParams{Context: "GetServerCertificateInput"}
24420	if s.ServerCertificateName == nil {
24421		invalidParams.Add(request.NewErrParamRequired("ServerCertificateName"))
24422	}
24423	if s.ServerCertificateName != nil && len(*s.ServerCertificateName) < 1 {
24424		invalidParams.Add(request.NewErrParamMinLen("ServerCertificateName", 1))
24425	}
24426
24427	if invalidParams.Len() > 0 {
24428		return invalidParams
24429	}
24430	return nil
24431}
24432
24433// SetServerCertificateName sets the ServerCertificateName field's value.
24434func (s *GetServerCertificateInput) SetServerCertificateName(v string) *GetServerCertificateInput {
24435	s.ServerCertificateName = &v
24436	return s
24437}
24438
24439// Contains the response to a successful GetServerCertificate request.
24440type GetServerCertificateOutput struct {
24441	_ struct{} `type:"structure"`
24442
24443	// A structure containing details about the server certificate.
24444	//
24445	// ServerCertificate is a required field
24446	ServerCertificate *ServerCertificate `type:"structure" required:"true"`
24447}
24448
24449// String returns the string representation
24450func (s GetServerCertificateOutput) String() string {
24451	return awsutil.Prettify(s)
24452}
24453
24454// GoString returns the string representation
24455func (s GetServerCertificateOutput) GoString() string {
24456	return s.String()
24457}
24458
24459// SetServerCertificate sets the ServerCertificate field's value.
24460func (s *GetServerCertificateOutput) SetServerCertificate(v *ServerCertificate) *GetServerCertificateOutput {
24461	s.ServerCertificate = v
24462	return s
24463}
24464
24465type GetServiceLastAccessedDetailsInput struct {
24466	_ struct{} `type:"structure"`
24467
24468	// The ID of the request generated by the GenerateServiceLastAccessedDetails
24469	// operation. The JobId returned by GenerateServiceLastAccessedDetail must be
24470	// used by the same role within a session, or by the same user when used to
24471	// call GetServiceLastAccessedDetail.
24472	//
24473	// JobId is a required field
24474	JobId *string `min:"36" type:"string" required:"true"`
24475
24476	// Use this parameter only when paginating results and only after you receive
24477	// a response indicating that the results are truncated. Set it to the value
24478	// of the Marker element in the response that you received to indicate where
24479	// the next call should start.
24480	Marker *string `min:"1" type:"string"`
24481
24482	// Use this only when paginating results to indicate the maximum number of items
24483	// you want in the response. If additional items exist beyond the maximum you
24484	// specify, the IsTruncated response element is true.
24485	//
24486	// If you do not include this parameter, the number of items defaults to 100.
24487	// Note that IAM might return fewer results, even when there are more results
24488	// available. In that case, the IsTruncated response element returns true, and
24489	// Marker contains a value to include in the subsequent call that tells the
24490	// service where to continue from.
24491	MaxItems *int64 `min:"1" type:"integer"`
24492}
24493
24494// String returns the string representation
24495func (s GetServiceLastAccessedDetailsInput) String() string {
24496	return awsutil.Prettify(s)
24497}
24498
24499// GoString returns the string representation
24500func (s GetServiceLastAccessedDetailsInput) GoString() string {
24501	return s.String()
24502}
24503
24504// Validate inspects the fields of the type to determine if they are valid.
24505func (s *GetServiceLastAccessedDetailsInput) Validate() error {
24506	invalidParams := request.ErrInvalidParams{Context: "GetServiceLastAccessedDetailsInput"}
24507	if s.JobId == nil {
24508		invalidParams.Add(request.NewErrParamRequired("JobId"))
24509	}
24510	if s.JobId != nil && len(*s.JobId) < 36 {
24511		invalidParams.Add(request.NewErrParamMinLen("JobId", 36))
24512	}
24513	if s.Marker != nil && len(*s.Marker) < 1 {
24514		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
24515	}
24516	if s.MaxItems != nil && *s.MaxItems < 1 {
24517		invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1))
24518	}
24519
24520	if invalidParams.Len() > 0 {
24521		return invalidParams
24522	}
24523	return nil
24524}
24525
24526// SetJobId sets the JobId field's value.
24527func (s *GetServiceLastAccessedDetailsInput) SetJobId(v string) *GetServiceLastAccessedDetailsInput {
24528	s.JobId = &v
24529	return s
24530}
24531
24532// SetMarker sets the Marker field's value.
24533func (s *GetServiceLastAccessedDetailsInput) SetMarker(v string) *GetServiceLastAccessedDetailsInput {
24534	s.Marker = &v
24535	return s
24536}
24537
24538// SetMaxItems sets the MaxItems field's value.
24539func (s *GetServiceLastAccessedDetailsInput) SetMaxItems(v int64) *GetServiceLastAccessedDetailsInput {
24540	s.MaxItems = &v
24541	return s
24542}
24543
24544type GetServiceLastAccessedDetailsOutput struct {
24545	_ struct{} `type:"structure"`
24546
24547	// An object that contains details about the reason the operation failed.
24548	Error *ErrorDetails `type:"structure"`
24549
24550	// A flag that indicates whether there are more items to return. If your results
24551	// were truncated, you can make a subsequent pagination request using the Marker
24552	// request parameter to retrieve more items. Note that IAM might return fewer
24553	// than the MaxItems number of results even when there are more results available.
24554	// We recommend that you check IsTruncated after every call to ensure that you
24555	// receive all your results.
24556	IsTruncated *bool `type:"boolean"`
24557
24558	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
24559	// when the generated report job was completed or failed.
24560	//
24561	// This field is null if the job is still in progress, as indicated by a job
24562	// status value of IN_PROGRESS.
24563	//
24564	// JobCompletionDate is a required field
24565	JobCompletionDate *time.Time `type:"timestamp" required:"true"`
24566
24567	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
24568	// when the report job was created.
24569	//
24570	// JobCreationDate is a required field
24571	JobCreationDate *time.Time `type:"timestamp" required:"true"`
24572
24573	// The status of the job.
24574	//
24575	// JobStatus is a required field
24576	JobStatus *string `type:"string" required:"true" enum:"JobStatusType"`
24577
24578	// The type of job. Service jobs return information about when each service
24579	// was last accessed. Action jobs also include information about when tracked
24580	// actions within the service were last accessed.
24581	JobType *string `type:"string" enum:"AccessAdvisorUsageGranularityType"`
24582
24583	// When IsTruncated is true, this element is present and contains the value
24584	// to use for the Marker parameter in a subsequent pagination request.
24585	Marker *string `type:"string"`
24586
24587	// A ServiceLastAccessed object that contains details about the most recent
24588	// attempt to access the service.
24589	//
24590	// ServicesLastAccessed is a required field
24591	ServicesLastAccessed []*ServiceLastAccessed `type:"list" required:"true"`
24592}
24593
24594// String returns the string representation
24595func (s GetServiceLastAccessedDetailsOutput) String() string {
24596	return awsutil.Prettify(s)
24597}
24598
24599// GoString returns the string representation
24600func (s GetServiceLastAccessedDetailsOutput) GoString() string {
24601	return s.String()
24602}
24603
24604// SetError sets the Error field's value.
24605func (s *GetServiceLastAccessedDetailsOutput) SetError(v *ErrorDetails) *GetServiceLastAccessedDetailsOutput {
24606	s.Error = v
24607	return s
24608}
24609
24610// SetIsTruncated sets the IsTruncated field's value.
24611func (s *GetServiceLastAccessedDetailsOutput) SetIsTruncated(v bool) *GetServiceLastAccessedDetailsOutput {
24612	s.IsTruncated = &v
24613	return s
24614}
24615
24616// SetJobCompletionDate sets the JobCompletionDate field's value.
24617func (s *GetServiceLastAccessedDetailsOutput) SetJobCompletionDate(v time.Time) *GetServiceLastAccessedDetailsOutput {
24618	s.JobCompletionDate = &v
24619	return s
24620}
24621
24622// SetJobCreationDate sets the JobCreationDate field's value.
24623func (s *GetServiceLastAccessedDetailsOutput) SetJobCreationDate(v time.Time) *GetServiceLastAccessedDetailsOutput {
24624	s.JobCreationDate = &v
24625	return s
24626}
24627
24628// SetJobStatus sets the JobStatus field's value.
24629func (s *GetServiceLastAccessedDetailsOutput) SetJobStatus(v string) *GetServiceLastAccessedDetailsOutput {
24630	s.JobStatus = &v
24631	return s
24632}
24633
24634// SetJobType sets the JobType field's value.
24635func (s *GetServiceLastAccessedDetailsOutput) SetJobType(v string) *GetServiceLastAccessedDetailsOutput {
24636	s.JobType = &v
24637	return s
24638}
24639
24640// SetMarker sets the Marker field's value.
24641func (s *GetServiceLastAccessedDetailsOutput) SetMarker(v string) *GetServiceLastAccessedDetailsOutput {
24642	s.Marker = &v
24643	return s
24644}
24645
24646// SetServicesLastAccessed sets the ServicesLastAccessed field's value.
24647func (s *GetServiceLastAccessedDetailsOutput) SetServicesLastAccessed(v []*ServiceLastAccessed) *GetServiceLastAccessedDetailsOutput {
24648	s.ServicesLastAccessed = v
24649	return s
24650}
24651
24652type GetServiceLastAccessedDetailsWithEntitiesInput struct {
24653	_ struct{} `type:"structure"`
24654
24655	// The ID of the request generated by the GenerateServiceLastAccessedDetails
24656	// operation.
24657	//
24658	// JobId is a required field
24659	JobId *string `min:"36" type:"string" required:"true"`
24660
24661	// Use this parameter only when paginating results and only after you receive
24662	// a response indicating that the results are truncated. Set it to the value
24663	// of the Marker element in the response that you received to indicate where
24664	// the next call should start.
24665	Marker *string `min:"1" type:"string"`
24666
24667	// Use this only when paginating results to indicate the maximum number of items
24668	// you want in the response. If additional items exist beyond the maximum you
24669	// specify, the IsTruncated response element is true.
24670	//
24671	// If you do not include this parameter, the number of items defaults to 100.
24672	// Note that IAM might return fewer results, even when there are more results
24673	// available. In that case, the IsTruncated response element returns true, and
24674	// Marker contains a value to include in the subsequent call that tells the
24675	// service where to continue from.
24676	MaxItems *int64 `min:"1" type:"integer"`
24677
24678	// The service namespace for an AWS service. Provide the service namespace to
24679	// learn when the IAM entity last attempted to access the specified service.
24680	//
24681	// To learn the service namespace for a service, see Actions, resources, and
24682	// condition keys for AWS services (https://docs.aws.amazon.com/service-authorization/latest/reference/reference_policies_actions-resources-contextkeys.html)
24683	// in the IAM User Guide. Choose the name of the service to view details for
24684	// that service. In the first paragraph, find the service prefix. For example,
24685	// (service prefix: a4b). For more information about service namespaces, see
24686	// AWS service namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html#genref-aws-service-namespaces)
24687	// in the AWS General Reference.
24688	//
24689	// ServiceNamespace is a required field
24690	ServiceNamespace *string `min:"1" type:"string" required:"true"`
24691}
24692
24693// String returns the string representation
24694func (s GetServiceLastAccessedDetailsWithEntitiesInput) String() string {
24695	return awsutil.Prettify(s)
24696}
24697
24698// GoString returns the string representation
24699func (s GetServiceLastAccessedDetailsWithEntitiesInput) GoString() string {
24700	return s.String()
24701}
24702
24703// Validate inspects the fields of the type to determine if they are valid.
24704func (s *GetServiceLastAccessedDetailsWithEntitiesInput) Validate() error {
24705	invalidParams := request.ErrInvalidParams{Context: "GetServiceLastAccessedDetailsWithEntitiesInput"}
24706	if s.JobId == nil {
24707		invalidParams.Add(request.NewErrParamRequired("JobId"))
24708	}
24709	if s.JobId != nil && len(*s.JobId) < 36 {
24710		invalidParams.Add(request.NewErrParamMinLen("JobId", 36))
24711	}
24712	if s.Marker != nil && len(*s.Marker) < 1 {
24713		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
24714	}
24715	if s.MaxItems != nil && *s.MaxItems < 1 {
24716		invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1))
24717	}
24718	if s.ServiceNamespace == nil {
24719		invalidParams.Add(request.NewErrParamRequired("ServiceNamespace"))
24720	}
24721	if s.ServiceNamespace != nil && len(*s.ServiceNamespace) < 1 {
24722		invalidParams.Add(request.NewErrParamMinLen("ServiceNamespace", 1))
24723	}
24724
24725	if invalidParams.Len() > 0 {
24726		return invalidParams
24727	}
24728	return nil
24729}
24730
24731// SetJobId sets the JobId field's value.
24732func (s *GetServiceLastAccessedDetailsWithEntitiesInput) SetJobId(v string) *GetServiceLastAccessedDetailsWithEntitiesInput {
24733	s.JobId = &v
24734	return s
24735}
24736
24737// SetMarker sets the Marker field's value.
24738func (s *GetServiceLastAccessedDetailsWithEntitiesInput) SetMarker(v string) *GetServiceLastAccessedDetailsWithEntitiesInput {
24739	s.Marker = &v
24740	return s
24741}
24742
24743// SetMaxItems sets the MaxItems field's value.
24744func (s *GetServiceLastAccessedDetailsWithEntitiesInput) SetMaxItems(v int64) *GetServiceLastAccessedDetailsWithEntitiesInput {
24745	s.MaxItems = &v
24746	return s
24747}
24748
24749// SetServiceNamespace sets the ServiceNamespace field's value.
24750func (s *GetServiceLastAccessedDetailsWithEntitiesInput) SetServiceNamespace(v string) *GetServiceLastAccessedDetailsWithEntitiesInput {
24751	s.ServiceNamespace = &v
24752	return s
24753}
24754
24755type GetServiceLastAccessedDetailsWithEntitiesOutput struct {
24756	_ struct{} `type:"structure"`
24757
24758	// An EntityDetailsList object that contains details about when an IAM entity
24759	// (user or role) used group or policy permissions in an attempt to access the
24760	// specified AWS service.
24761	//
24762	// EntityDetailsList is a required field
24763	EntityDetailsList []*EntityDetails `type:"list" required:"true"`
24764
24765	// An object that contains details about the reason the operation failed.
24766	Error *ErrorDetails `type:"structure"`
24767
24768	// A flag that indicates whether there are more items to return. If your results
24769	// were truncated, you can make a subsequent pagination request using the Marker
24770	// request parameter to retrieve more items. Note that IAM might return fewer
24771	// than the MaxItems number of results even when there are more results available.
24772	// We recommend that you check IsTruncated after every call to ensure that you
24773	// receive all your results.
24774	IsTruncated *bool `type:"boolean"`
24775
24776	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
24777	// when the generated report job was completed or failed.
24778	//
24779	// This field is null if the job is still in progress, as indicated by a job
24780	// status value of IN_PROGRESS.
24781	//
24782	// JobCompletionDate is a required field
24783	JobCompletionDate *time.Time `type:"timestamp" required:"true"`
24784
24785	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
24786	// when the report job was created.
24787	//
24788	// JobCreationDate is a required field
24789	JobCreationDate *time.Time `type:"timestamp" required:"true"`
24790
24791	// The status of the job.
24792	//
24793	// JobStatus is a required field
24794	JobStatus *string `type:"string" required:"true" enum:"JobStatusType"`
24795
24796	// When IsTruncated is true, this element is present and contains the value
24797	// to use for the Marker parameter in a subsequent pagination request.
24798	Marker *string `type:"string"`
24799}
24800
24801// String returns the string representation
24802func (s GetServiceLastAccessedDetailsWithEntitiesOutput) String() string {
24803	return awsutil.Prettify(s)
24804}
24805
24806// GoString returns the string representation
24807func (s GetServiceLastAccessedDetailsWithEntitiesOutput) GoString() string {
24808	return s.String()
24809}
24810
24811// SetEntityDetailsList sets the EntityDetailsList field's value.
24812func (s *GetServiceLastAccessedDetailsWithEntitiesOutput) SetEntityDetailsList(v []*EntityDetails) *GetServiceLastAccessedDetailsWithEntitiesOutput {
24813	s.EntityDetailsList = v
24814	return s
24815}
24816
24817// SetError sets the Error field's value.
24818func (s *GetServiceLastAccessedDetailsWithEntitiesOutput) SetError(v *ErrorDetails) *GetServiceLastAccessedDetailsWithEntitiesOutput {
24819	s.Error = v
24820	return s
24821}
24822
24823// SetIsTruncated sets the IsTruncated field's value.
24824func (s *GetServiceLastAccessedDetailsWithEntitiesOutput) SetIsTruncated(v bool) *GetServiceLastAccessedDetailsWithEntitiesOutput {
24825	s.IsTruncated = &v
24826	return s
24827}
24828
24829// SetJobCompletionDate sets the JobCompletionDate field's value.
24830func (s *GetServiceLastAccessedDetailsWithEntitiesOutput) SetJobCompletionDate(v time.Time) *GetServiceLastAccessedDetailsWithEntitiesOutput {
24831	s.JobCompletionDate = &v
24832	return s
24833}
24834
24835// SetJobCreationDate sets the JobCreationDate field's value.
24836func (s *GetServiceLastAccessedDetailsWithEntitiesOutput) SetJobCreationDate(v time.Time) *GetServiceLastAccessedDetailsWithEntitiesOutput {
24837	s.JobCreationDate = &v
24838	return s
24839}
24840
24841// SetJobStatus sets the JobStatus field's value.
24842func (s *GetServiceLastAccessedDetailsWithEntitiesOutput) SetJobStatus(v string) *GetServiceLastAccessedDetailsWithEntitiesOutput {
24843	s.JobStatus = &v
24844	return s
24845}
24846
24847// SetMarker sets the Marker field's value.
24848func (s *GetServiceLastAccessedDetailsWithEntitiesOutput) SetMarker(v string) *GetServiceLastAccessedDetailsWithEntitiesOutput {
24849	s.Marker = &v
24850	return s
24851}
24852
24853type GetServiceLinkedRoleDeletionStatusInput struct {
24854	_ struct{} `type:"structure"`
24855
24856	// The deletion task identifier. This identifier is returned by the DeleteServiceLinkedRole
24857	// operation in the format task/aws-service-role/<service-principal-name>/<role-name>/<task-uuid>.
24858	//
24859	// DeletionTaskId is a required field
24860	DeletionTaskId *string `min:"1" type:"string" required:"true"`
24861}
24862
24863// String returns the string representation
24864func (s GetServiceLinkedRoleDeletionStatusInput) String() string {
24865	return awsutil.Prettify(s)
24866}
24867
24868// GoString returns the string representation
24869func (s GetServiceLinkedRoleDeletionStatusInput) GoString() string {
24870	return s.String()
24871}
24872
24873// Validate inspects the fields of the type to determine if they are valid.
24874func (s *GetServiceLinkedRoleDeletionStatusInput) Validate() error {
24875	invalidParams := request.ErrInvalidParams{Context: "GetServiceLinkedRoleDeletionStatusInput"}
24876	if s.DeletionTaskId == nil {
24877		invalidParams.Add(request.NewErrParamRequired("DeletionTaskId"))
24878	}
24879	if s.DeletionTaskId != nil && len(*s.DeletionTaskId) < 1 {
24880		invalidParams.Add(request.NewErrParamMinLen("DeletionTaskId", 1))
24881	}
24882
24883	if invalidParams.Len() > 0 {
24884		return invalidParams
24885	}
24886	return nil
24887}
24888
24889// SetDeletionTaskId sets the DeletionTaskId field's value.
24890func (s *GetServiceLinkedRoleDeletionStatusInput) SetDeletionTaskId(v string) *GetServiceLinkedRoleDeletionStatusInput {
24891	s.DeletionTaskId = &v
24892	return s
24893}
24894
24895type GetServiceLinkedRoleDeletionStatusOutput struct {
24896	_ struct{} `type:"structure"`
24897
24898	// An object that contains details about the reason the deletion failed.
24899	Reason *DeletionTaskFailureReasonType `type:"structure"`
24900
24901	// The status of the deletion.
24902	//
24903	// Status is a required field
24904	Status *string `type:"string" required:"true" enum:"DeletionTaskStatusType"`
24905}
24906
24907// String returns the string representation
24908func (s GetServiceLinkedRoleDeletionStatusOutput) String() string {
24909	return awsutil.Prettify(s)
24910}
24911
24912// GoString returns the string representation
24913func (s GetServiceLinkedRoleDeletionStatusOutput) GoString() string {
24914	return s.String()
24915}
24916
24917// SetReason sets the Reason field's value.
24918func (s *GetServiceLinkedRoleDeletionStatusOutput) SetReason(v *DeletionTaskFailureReasonType) *GetServiceLinkedRoleDeletionStatusOutput {
24919	s.Reason = v
24920	return s
24921}
24922
24923// SetStatus sets the Status field's value.
24924func (s *GetServiceLinkedRoleDeletionStatusOutput) SetStatus(v string) *GetServiceLinkedRoleDeletionStatusOutput {
24925	s.Status = &v
24926	return s
24927}
24928
24929type GetUserInput struct {
24930	_ struct{} `type:"structure"`
24931
24932	// The name of the user to get information about.
24933	//
24934	// This parameter is optional. If it is not included, it defaults to the user
24935	// making the request. This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
24936	// a string of characters consisting of upper and lowercase alphanumeric characters
24937	// with no spaces. You can also include any of the following characters: _+=,.@-
24938	UserName *string `min:"1" type:"string"`
24939}
24940
24941// String returns the string representation
24942func (s GetUserInput) String() string {
24943	return awsutil.Prettify(s)
24944}
24945
24946// GoString returns the string representation
24947func (s GetUserInput) GoString() string {
24948	return s.String()
24949}
24950
24951// Validate inspects the fields of the type to determine if they are valid.
24952func (s *GetUserInput) Validate() error {
24953	invalidParams := request.ErrInvalidParams{Context: "GetUserInput"}
24954	if s.UserName != nil && len(*s.UserName) < 1 {
24955		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
24956	}
24957
24958	if invalidParams.Len() > 0 {
24959		return invalidParams
24960	}
24961	return nil
24962}
24963
24964// SetUserName sets the UserName field's value.
24965func (s *GetUserInput) SetUserName(v string) *GetUserInput {
24966	s.UserName = &v
24967	return s
24968}
24969
24970// Contains the response to a successful GetUser request.
24971type GetUserOutput struct {
24972	_ struct{} `type:"structure"`
24973
24974	// A structure containing details about the IAM user.
24975	//
24976	// Due to a service issue, password last used data does not include password
24977	// use from May 3, 2018 22:50 PDT to May 23, 2018 14:08 PDT. This affects last
24978	// sign-in (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_finding-unused.html)
24979	// dates shown in the IAM console and password last used dates in the IAM credential
24980	// report (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_getting-report.html),
24981	// and returned by this operation. If users signed in during the affected time,
24982	// the password last used date that is returned is the date the user last signed
24983	// in before May 3, 2018. For users that signed in after May 23, 2018 14:08
24984	// PDT, the returned password last used date is accurate.
24985	//
24986	// You can use password last used information to identify unused credentials
24987	// for deletion. For example, you might delete users who did not sign in to
24988	// AWS in the last 90 days. In cases like this, we recommend that you adjust
24989	// your evaluation window to include dates after May 23, 2018. Alternatively,
24990	// if your users use access keys to access AWS programmatically you can refer
24991	// to access key last used information because it is accurate for all dates.
24992	//
24993	// User is a required field
24994	User *User `type:"structure" required:"true"`
24995}
24996
24997// String returns the string representation
24998func (s GetUserOutput) String() string {
24999	return awsutil.Prettify(s)
25000}
25001
25002// GoString returns the string representation
25003func (s GetUserOutput) GoString() string {
25004	return s.String()
25005}
25006
25007// SetUser sets the User field's value.
25008func (s *GetUserOutput) SetUser(v *User) *GetUserOutput {
25009	s.User = v
25010	return s
25011}
25012
25013type GetUserPolicyInput struct {
25014	_ struct{} `type:"structure"`
25015
25016	// The name of the policy document to get.
25017	//
25018	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
25019	// a string of characters consisting of upper and lowercase alphanumeric characters
25020	// with no spaces. You can also include any of the following characters: _+=,.@-
25021	//
25022	// PolicyName is a required field
25023	PolicyName *string `min:"1" type:"string" required:"true"`
25024
25025	// The name of the user who the policy is associated with.
25026	//
25027	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
25028	// a string of characters consisting of upper and lowercase alphanumeric characters
25029	// with no spaces. You can also include any of the following characters: _+=,.@-
25030	//
25031	// UserName is a required field
25032	UserName *string `min:"1" type:"string" required:"true"`
25033}
25034
25035// String returns the string representation
25036func (s GetUserPolicyInput) String() string {
25037	return awsutil.Prettify(s)
25038}
25039
25040// GoString returns the string representation
25041func (s GetUserPolicyInput) GoString() string {
25042	return s.String()
25043}
25044
25045// Validate inspects the fields of the type to determine if they are valid.
25046func (s *GetUserPolicyInput) Validate() error {
25047	invalidParams := request.ErrInvalidParams{Context: "GetUserPolicyInput"}
25048	if s.PolicyName == nil {
25049		invalidParams.Add(request.NewErrParamRequired("PolicyName"))
25050	}
25051	if s.PolicyName != nil && len(*s.PolicyName) < 1 {
25052		invalidParams.Add(request.NewErrParamMinLen("PolicyName", 1))
25053	}
25054	if s.UserName == nil {
25055		invalidParams.Add(request.NewErrParamRequired("UserName"))
25056	}
25057	if s.UserName != nil && len(*s.UserName) < 1 {
25058		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
25059	}
25060
25061	if invalidParams.Len() > 0 {
25062		return invalidParams
25063	}
25064	return nil
25065}
25066
25067// SetPolicyName sets the PolicyName field's value.
25068func (s *GetUserPolicyInput) SetPolicyName(v string) *GetUserPolicyInput {
25069	s.PolicyName = &v
25070	return s
25071}
25072
25073// SetUserName sets the UserName field's value.
25074func (s *GetUserPolicyInput) SetUserName(v string) *GetUserPolicyInput {
25075	s.UserName = &v
25076	return s
25077}
25078
25079// Contains the response to a successful GetUserPolicy request.
25080type GetUserPolicyOutput struct {
25081	_ struct{} `type:"structure"`
25082
25083	// The policy document.
25084	//
25085	// IAM stores policies in JSON format. However, resources that were created
25086	// using AWS CloudFormation templates can be formatted in YAML. AWS CloudFormation
25087	// always converts a YAML policy to JSON format before submitting it to IAM.
25088	//
25089	// PolicyDocument is a required field
25090	PolicyDocument *string `min:"1" type:"string" required:"true"`
25091
25092	// The name of the policy.
25093	//
25094	// PolicyName is a required field
25095	PolicyName *string `min:"1" type:"string" required:"true"`
25096
25097	// The user the policy is associated with.
25098	//
25099	// UserName is a required field
25100	UserName *string `min:"1" type:"string" required:"true"`
25101}
25102
25103// String returns the string representation
25104func (s GetUserPolicyOutput) String() string {
25105	return awsutil.Prettify(s)
25106}
25107
25108// GoString returns the string representation
25109func (s GetUserPolicyOutput) GoString() string {
25110	return s.String()
25111}
25112
25113// SetPolicyDocument sets the PolicyDocument field's value.
25114func (s *GetUserPolicyOutput) SetPolicyDocument(v string) *GetUserPolicyOutput {
25115	s.PolicyDocument = &v
25116	return s
25117}
25118
25119// SetPolicyName sets the PolicyName field's value.
25120func (s *GetUserPolicyOutput) SetPolicyName(v string) *GetUserPolicyOutput {
25121	s.PolicyName = &v
25122	return s
25123}
25124
25125// SetUserName sets the UserName field's value.
25126func (s *GetUserPolicyOutput) SetUserName(v string) *GetUserPolicyOutput {
25127	s.UserName = &v
25128	return s
25129}
25130
25131// Contains information about an IAM group entity.
25132//
25133// This data type is used as a response element in the following operations:
25134//
25135//    * CreateGroup
25136//
25137//    * GetGroup
25138//
25139//    * ListGroups
25140type Group struct {
25141	_ struct{} `type:"structure"`
25142
25143	// The Amazon Resource Name (ARN) specifying the group. For more information
25144	// about ARNs and how to use them in policies, see IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
25145	// in the IAM User Guide.
25146	//
25147	// Arn is a required field
25148	Arn *string `min:"20" type:"string" required:"true"`
25149
25150	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
25151	// when the group was created.
25152	//
25153	// CreateDate is a required field
25154	CreateDate *time.Time `type:"timestamp" required:"true"`
25155
25156	// The stable and unique string identifying the group. For more information
25157	// about IDs, see IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
25158	// in the IAM User Guide.
25159	//
25160	// GroupId is a required field
25161	GroupId *string `min:"16" type:"string" required:"true"`
25162
25163	// The friendly name that identifies the group.
25164	//
25165	// GroupName is a required field
25166	GroupName *string `min:"1" type:"string" required:"true"`
25167
25168	// The path to the group. For more information about paths, see IAM identifiers
25169	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
25170	// in the IAM User Guide.
25171	//
25172	// Path is a required field
25173	Path *string `min:"1" type:"string" required:"true"`
25174}
25175
25176// String returns the string representation
25177func (s Group) String() string {
25178	return awsutil.Prettify(s)
25179}
25180
25181// GoString returns the string representation
25182func (s Group) GoString() string {
25183	return s.String()
25184}
25185
25186// SetArn sets the Arn field's value.
25187func (s *Group) SetArn(v string) *Group {
25188	s.Arn = &v
25189	return s
25190}
25191
25192// SetCreateDate sets the CreateDate field's value.
25193func (s *Group) SetCreateDate(v time.Time) *Group {
25194	s.CreateDate = &v
25195	return s
25196}
25197
25198// SetGroupId sets the GroupId field's value.
25199func (s *Group) SetGroupId(v string) *Group {
25200	s.GroupId = &v
25201	return s
25202}
25203
25204// SetGroupName sets the GroupName field's value.
25205func (s *Group) SetGroupName(v string) *Group {
25206	s.GroupName = &v
25207	return s
25208}
25209
25210// SetPath sets the Path field's value.
25211func (s *Group) SetPath(v string) *Group {
25212	s.Path = &v
25213	return s
25214}
25215
25216// Contains information about an IAM group, including all of the group's policies.
25217//
25218// This data type is used as a response element in the GetAccountAuthorizationDetails
25219// operation.
25220type GroupDetail struct {
25221	_ struct{} `type:"structure"`
25222
25223	// The Amazon Resource Name (ARN). ARNs are unique identifiers for AWS resources.
25224	//
25225	// For more information about ARNs, go to Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
25226	// in the AWS General Reference.
25227	Arn *string `min:"20" type:"string"`
25228
25229	// A list of the managed policies attached to the group.
25230	AttachedManagedPolicies []*AttachedPolicy `type:"list"`
25231
25232	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
25233	// when the group was created.
25234	CreateDate *time.Time `type:"timestamp"`
25235
25236	// The stable and unique string identifying the group. For more information
25237	// about IDs, see IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
25238	// in the IAM User Guide.
25239	GroupId *string `min:"16" type:"string"`
25240
25241	// The friendly name that identifies the group.
25242	GroupName *string `min:"1" type:"string"`
25243
25244	// A list of the inline policies embedded in the group.
25245	GroupPolicyList []*PolicyDetail `type:"list"`
25246
25247	// The path to the group. For more information about paths, see IAM identifiers
25248	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
25249	// in the IAM User Guide.
25250	Path *string `min:"1" type:"string"`
25251}
25252
25253// String returns the string representation
25254func (s GroupDetail) String() string {
25255	return awsutil.Prettify(s)
25256}
25257
25258// GoString returns the string representation
25259func (s GroupDetail) GoString() string {
25260	return s.String()
25261}
25262
25263// SetArn sets the Arn field's value.
25264func (s *GroupDetail) SetArn(v string) *GroupDetail {
25265	s.Arn = &v
25266	return s
25267}
25268
25269// SetAttachedManagedPolicies sets the AttachedManagedPolicies field's value.
25270func (s *GroupDetail) SetAttachedManagedPolicies(v []*AttachedPolicy) *GroupDetail {
25271	s.AttachedManagedPolicies = v
25272	return s
25273}
25274
25275// SetCreateDate sets the CreateDate field's value.
25276func (s *GroupDetail) SetCreateDate(v time.Time) *GroupDetail {
25277	s.CreateDate = &v
25278	return s
25279}
25280
25281// SetGroupId sets the GroupId field's value.
25282func (s *GroupDetail) SetGroupId(v string) *GroupDetail {
25283	s.GroupId = &v
25284	return s
25285}
25286
25287// SetGroupName sets the GroupName field's value.
25288func (s *GroupDetail) SetGroupName(v string) *GroupDetail {
25289	s.GroupName = &v
25290	return s
25291}
25292
25293// SetGroupPolicyList sets the GroupPolicyList field's value.
25294func (s *GroupDetail) SetGroupPolicyList(v []*PolicyDetail) *GroupDetail {
25295	s.GroupPolicyList = v
25296	return s
25297}
25298
25299// SetPath sets the Path field's value.
25300func (s *GroupDetail) SetPath(v string) *GroupDetail {
25301	s.Path = &v
25302	return s
25303}
25304
25305// Contains information about an instance profile.
25306//
25307// This data type is used as a response element in the following operations:
25308//
25309//    * CreateInstanceProfile
25310//
25311//    * GetInstanceProfile
25312//
25313//    * ListInstanceProfiles
25314//
25315//    * ListInstanceProfilesForRole
25316type InstanceProfile struct {
25317	_ struct{} `type:"structure"`
25318
25319	// The Amazon Resource Name (ARN) specifying the instance profile. For more
25320	// information about ARNs and how to use them in policies, see IAM identifiers
25321	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
25322	// in the IAM User Guide.
25323	//
25324	// Arn is a required field
25325	Arn *string `min:"20" type:"string" required:"true"`
25326
25327	// The date when the instance profile was created.
25328	//
25329	// CreateDate is a required field
25330	CreateDate *time.Time `type:"timestamp" required:"true"`
25331
25332	// The stable and unique string identifying the instance profile. For more information
25333	// about IDs, see IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
25334	// in the IAM User Guide.
25335	//
25336	// InstanceProfileId is a required field
25337	InstanceProfileId *string `min:"16" type:"string" required:"true"`
25338
25339	// The name identifying the instance profile.
25340	//
25341	// InstanceProfileName is a required field
25342	InstanceProfileName *string `min:"1" type:"string" required:"true"`
25343
25344	// The path to the instance profile. For more information about paths, see IAM
25345	// identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
25346	// in the IAM User Guide.
25347	//
25348	// Path is a required field
25349	Path *string `min:"1" type:"string" required:"true"`
25350
25351	// The role associated with the instance profile.
25352	//
25353	// Roles is a required field
25354	Roles []*Role `type:"list" required:"true"`
25355
25356	// A list of tags that are attached to the instance profile. For more information
25357	// about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
25358	// in the IAM User Guide.
25359	Tags []*Tag `type:"list"`
25360}
25361
25362// String returns the string representation
25363func (s InstanceProfile) String() string {
25364	return awsutil.Prettify(s)
25365}
25366
25367// GoString returns the string representation
25368func (s InstanceProfile) GoString() string {
25369	return s.String()
25370}
25371
25372// SetArn sets the Arn field's value.
25373func (s *InstanceProfile) SetArn(v string) *InstanceProfile {
25374	s.Arn = &v
25375	return s
25376}
25377
25378// SetCreateDate sets the CreateDate field's value.
25379func (s *InstanceProfile) SetCreateDate(v time.Time) *InstanceProfile {
25380	s.CreateDate = &v
25381	return s
25382}
25383
25384// SetInstanceProfileId sets the InstanceProfileId field's value.
25385func (s *InstanceProfile) SetInstanceProfileId(v string) *InstanceProfile {
25386	s.InstanceProfileId = &v
25387	return s
25388}
25389
25390// SetInstanceProfileName sets the InstanceProfileName field's value.
25391func (s *InstanceProfile) SetInstanceProfileName(v string) *InstanceProfile {
25392	s.InstanceProfileName = &v
25393	return s
25394}
25395
25396// SetPath sets the Path field's value.
25397func (s *InstanceProfile) SetPath(v string) *InstanceProfile {
25398	s.Path = &v
25399	return s
25400}
25401
25402// SetRoles sets the Roles field's value.
25403func (s *InstanceProfile) SetRoles(v []*Role) *InstanceProfile {
25404	s.Roles = v
25405	return s
25406}
25407
25408// SetTags sets the Tags field's value.
25409func (s *InstanceProfile) SetTags(v []*Tag) *InstanceProfile {
25410	s.Tags = v
25411	return s
25412}
25413
25414type ListAccessKeysInput struct {
25415	_ struct{} `type:"structure"`
25416
25417	// Use this parameter only when paginating results and only after you receive
25418	// a response indicating that the results are truncated. Set it to the value
25419	// of the Marker element in the response that you received to indicate where
25420	// the next call should start.
25421	Marker *string `min:"1" type:"string"`
25422
25423	// Use this only when paginating results to indicate the maximum number of items
25424	// you want in the response. If additional items exist beyond the maximum you
25425	// specify, the IsTruncated response element is true.
25426	//
25427	// If you do not include this parameter, the number of items defaults to 100.
25428	// Note that IAM might return fewer results, even when there are more results
25429	// available. In that case, the IsTruncated response element returns true, and
25430	// Marker contains a value to include in the subsequent call that tells the
25431	// service where to continue from.
25432	MaxItems *int64 `min:"1" type:"integer"`
25433
25434	// The name of the user.
25435	//
25436	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
25437	// a string of characters consisting of upper and lowercase alphanumeric characters
25438	// with no spaces. You can also include any of the following characters: _+=,.@-
25439	UserName *string `min:"1" type:"string"`
25440}
25441
25442// String returns the string representation
25443func (s ListAccessKeysInput) String() string {
25444	return awsutil.Prettify(s)
25445}
25446
25447// GoString returns the string representation
25448func (s ListAccessKeysInput) GoString() string {
25449	return s.String()
25450}
25451
25452// Validate inspects the fields of the type to determine if they are valid.
25453func (s *ListAccessKeysInput) Validate() error {
25454	invalidParams := request.ErrInvalidParams{Context: "ListAccessKeysInput"}
25455	if s.Marker != nil && len(*s.Marker) < 1 {
25456		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
25457	}
25458	if s.MaxItems != nil && *s.MaxItems < 1 {
25459		invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1))
25460	}
25461	if s.UserName != nil && len(*s.UserName) < 1 {
25462		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
25463	}
25464
25465	if invalidParams.Len() > 0 {
25466		return invalidParams
25467	}
25468	return nil
25469}
25470
25471// SetMarker sets the Marker field's value.
25472func (s *ListAccessKeysInput) SetMarker(v string) *ListAccessKeysInput {
25473	s.Marker = &v
25474	return s
25475}
25476
25477// SetMaxItems sets the MaxItems field's value.
25478func (s *ListAccessKeysInput) SetMaxItems(v int64) *ListAccessKeysInput {
25479	s.MaxItems = &v
25480	return s
25481}
25482
25483// SetUserName sets the UserName field's value.
25484func (s *ListAccessKeysInput) SetUserName(v string) *ListAccessKeysInput {
25485	s.UserName = &v
25486	return s
25487}
25488
25489// Contains the response to a successful ListAccessKeys request.
25490type ListAccessKeysOutput struct {
25491	_ struct{} `type:"structure"`
25492
25493	// A list of objects containing metadata about the access keys.
25494	//
25495	// AccessKeyMetadata is a required field
25496	AccessKeyMetadata []*AccessKeyMetadata `type:"list" required:"true"`
25497
25498	// A flag that indicates whether there are more items to return. If your results
25499	// were truncated, you can make a subsequent pagination request using the Marker
25500	// request parameter to retrieve more items. Note that IAM might return fewer
25501	// than the MaxItems number of results even when there are more results available.
25502	// We recommend that you check IsTruncated after every call to ensure that you
25503	// receive all your results.
25504	IsTruncated *bool `type:"boolean"`
25505
25506	// When IsTruncated is true, this element is present and contains the value
25507	// to use for the Marker parameter in a subsequent pagination request.
25508	Marker *string `type:"string"`
25509}
25510
25511// String returns the string representation
25512func (s ListAccessKeysOutput) String() string {
25513	return awsutil.Prettify(s)
25514}
25515
25516// GoString returns the string representation
25517func (s ListAccessKeysOutput) GoString() string {
25518	return s.String()
25519}
25520
25521// SetAccessKeyMetadata sets the AccessKeyMetadata field's value.
25522func (s *ListAccessKeysOutput) SetAccessKeyMetadata(v []*AccessKeyMetadata) *ListAccessKeysOutput {
25523	s.AccessKeyMetadata = v
25524	return s
25525}
25526
25527// SetIsTruncated sets the IsTruncated field's value.
25528func (s *ListAccessKeysOutput) SetIsTruncated(v bool) *ListAccessKeysOutput {
25529	s.IsTruncated = &v
25530	return s
25531}
25532
25533// SetMarker sets the Marker field's value.
25534func (s *ListAccessKeysOutput) SetMarker(v string) *ListAccessKeysOutput {
25535	s.Marker = &v
25536	return s
25537}
25538
25539type ListAccountAliasesInput struct {
25540	_ struct{} `type:"structure"`
25541
25542	// Use this parameter only when paginating results and only after you receive
25543	// a response indicating that the results are truncated. Set it to the value
25544	// of the Marker element in the response that you received to indicate where
25545	// the next call should start.
25546	Marker *string `min:"1" type:"string"`
25547
25548	// Use this only when paginating results to indicate the maximum number of items
25549	// you want in the response. If additional items exist beyond the maximum you
25550	// specify, the IsTruncated response element is true.
25551	//
25552	// If you do not include this parameter, the number of items defaults to 100.
25553	// Note that IAM might return fewer results, even when there are more results
25554	// available. In that case, the IsTruncated response element returns true, and
25555	// Marker contains a value to include in the subsequent call that tells the
25556	// service where to continue from.
25557	MaxItems *int64 `min:"1" type:"integer"`
25558}
25559
25560// String returns the string representation
25561func (s ListAccountAliasesInput) String() string {
25562	return awsutil.Prettify(s)
25563}
25564
25565// GoString returns the string representation
25566func (s ListAccountAliasesInput) GoString() string {
25567	return s.String()
25568}
25569
25570// Validate inspects the fields of the type to determine if they are valid.
25571func (s *ListAccountAliasesInput) Validate() error {
25572	invalidParams := request.ErrInvalidParams{Context: "ListAccountAliasesInput"}
25573	if s.Marker != nil && len(*s.Marker) < 1 {
25574		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
25575	}
25576	if s.MaxItems != nil && *s.MaxItems < 1 {
25577		invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1))
25578	}
25579
25580	if invalidParams.Len() > 0 {
25581		return invalidParams
25582	}
25583	return nil
25584}
25585
25586// SetMarker sets the Marker field's value.
25587func (s *ListAccountAliasesInput) SetMarker(v string) *ListAccountAliasesInput {
25588	s.Marker = &v
25589	return s
25590}
25591
25592// SetMaxItems sets the MaxItems field's value.
25593func (s *ListAccountAliasesInput) SetMaxItems(v int64) *ListAccountAliasesInput {
25594	s.MaxItems = &v
25595	return s
25596}
25597
25598// Contains the response to a successful ListAccountAliases request.
25599type ListAccountAliasesOutput struct {
25600	_ struct{} `type:"structure"`
25601
25602	// A list of aliases associated with the account. AWS supports only one alias
25603	// per account.
25604	//
25605	// AccountAliases is a required field
25606	AccountAliases []*string `type:"list" required:"true"`
25607
25608	// A flag that indicates whether there are more items to return. If your results
25609	// were truncated, you can make a subsequent pagination request using the Marker
25610	// request parameter to retrieve more items. Note that IAM might return fewer
25611	// than the MaxItems number of results even when there are more results available.
25612	// We recommend that you check IsTruncated after every call to ensure that you
25613	// receive all your results.
25614	IsTruncated *bool `type:"boolean"`
25615
25616	// When IsTruncated is true, this element is present and contains the value
25617	// to use for the Marker parameter in a subsequent pagination request.
25618	Marker *string `type:"string"`
25619}
25620
25621// String returns the string representation
25622func (s ListAccountAliasesOutput) String() string {
25623	return awsutil.Prettify(s)
25624}
25625
25626// GoString returns the string representation
25627func (s ListAccountAliasesOutput) GoString() string {
25628	return s.String()
25629}
25630
25631// SetAccountAliases sets the AccountAliases field's value.
25632func (s *ListAccountAliasesOutput) SetAccountAliases(v []*string) *ListAccountAliasesOutput {
25633	s.AccountAliases = v
25634	return s
25635}
25636
25637// SetIsTruncated sets the IsTruncated field's value.
25638func (s *ListAccountAliasesOutput) SetIsTruncated(v bool) *ListAccountAliasesOutput {
25639	s.IsTruncated = &v
25640	return s
25641}
25642
25643// SetMarker sets the Marker field's value.
25644func (s *ListAccountAliasesOutput) SetMarker(v string) *ListAccountAliasesOutput {
25645	s.Marker = &v
25646	return s
25647}
25648
25649type ListAttachedGroupPoliciesInput struct {
25650	_ struct{} `type:"structure"`
25651
25652	// The name (friendly name, not ARN) of the group to list attached policies
25653	// for.
25654	//
25655	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
25656	// a string of characters consisting of upper and lowercase alphanumeric characters
25657	// with no spaces. You can also include any of the following characters: _+=,.@-
25658	//
25659	// GroupName is a required field
25660	GroupName *string `min:"1" type:"string" required:"true"`
25661
25662	// Use this parameter only when paginating results and only after you receive
25663	// a response indicating that the results are truncated. Set it to the value
25664	// of the Marker element in the response that you received to indicate where
25665	// the next call should start.
25666	Marker *string `min:"1" type:"string"`
25667
25668	// Use this only when paginating results to indicate the maximum number of items
25669	// you want in the response. If additional items exist beyond the maximum you
25670	// specify, the IsTruncated response element is true.
25671	//
25672	// If you do not include this parameter, the number of items defaults to 100.
25673	// Note that IAM might return fewer results, even when there are more results
25674	// available. In that case, the IsTruncated response element returns true, and
25675	// Marker contains a value to include in the subsequent call that tells the
25676	// service where to continue from.
25677	MaxItems *int64 `min:"1" type:"integer"`
25678
25679	// The path prefix for filtering the results. This parameter is optional. If
25680	// it is not included, it defaults to a slash (/), listing all policies.
25681	//
25682	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
25683	// a string of characters consisting of either a forward slash (/) by itself
25684	// or a string that must begin and end with forward slashes. In addition, it
25685	// can contain any ASCII character from the ! (\u0021) through the DEL character
25686	// (\u007F), including most punctuation characters, digits, and upper and lowercased
25687	// letters.
25688	PathPrefix *string `min:"1" type:"string"`
25689}
25690
25691// String returns the string representation
25692func (s ListAttachedGroupPoliciesInput) String() string {
25693	return awsutil.Prettify(s)
25694}
25695
25696// GoString returns the string representation
25697func (s ListAttachedGroupPoliciesInput) GoString() string {
25698	return s.String()
25699}
25700
25701// Validate inspects the fields of the type to determine if they are valid.
25702func (s *ListAttachedGroupPoliciesInput) Validate() error {
25703	invalidParams := request.ErrInvalidParams{Context: "ListAttachedGroupPoliciesInput"}
25704	if s.GroupName == nil {
25705		invalidParams.Add(request.NewErrParamRequired("GroupName"))
25706	}
25707	if s.GroupName != nil && len(*s.GroupName) < 1 {
25708		invalidParams.Add(request.NewErrParamMinLen("GroupName", 1))
25709	}
25710	if s.Marker != nil && len(*s.Marker) < 1 {
25711		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
25712	}
25713	if s.MaxItems != nil && *s.MaxItems < 1 {
25714		invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1))
25715	}
25716	if s.PathPrefix != nil && len(*s.PathPrefix) < 1 {
25717		invalidParams.Add(request.NewErrParamMinLen("PathPrefix", 1))
25718	}
25719
25720	if invalidParams.Len() > 0 {
25721		return invalidParams
25722	}
25723	return nil
25724}
25725
25726// SetGroupName sets the GroupName field's value.
25727func (s *ListAttachedGroupPoliciesInput) SetGroupName(v string) *ListAttachedGroupPoliciesInput {
25728	s.GroupName = &v
25729	return s
25730}
25731
25732// SetMarker sets the Marker field's value.
25733func (s *ListAttachedGroupPoliciesInput) SetMarker(v string) *ListAttachedGroupPoliciesInput {
25734	s.Marker = &v
25735	return s
25736}
25737
25738// SetMaxItems sets the MaxItems field's value.
25739func (s *ListAttachedGroupPoliciesInput) SetMaxItems(v int64) *ListAttachedGroupPoliciesInput {
25740	s.MaxItems = &v
25741	return s
25742}
25743
25744// SetPathPrefix sets the PathPrefix field's value.
25745func (s *ListAttachedGroupPoliciesInput) SetPathPrefix(v string) *ListAttachedGroupPoliciesInput {
25746	s.PathPrefix = &v
25747	return s
25748}
25749
25750// Contains the response to a successful ListAttachedGroupPolicies request.
25751type ListAttachedGroupPoliciesOutput struct {
25752	_ struct{} `type:"structure"`
25753
25754	// A list of the attached policies.
25755	AttachedPolicies []*AttachedPolicy `type:"list"`
25756
25757	// A flag that indicates whether there are more items to return. If your results
25758	// were truncated, you can make a subsequent pagination request using the Marker
25759	// request parameter to retrieve more items. Note that IAM might return fewer
25760	// than the MaxItems number of results even when there are more results available.
25761	// We recommend that you check IsTruncated after every call to ensure that you
25762	// receive all your results.
25763	IsTruncated *bool `type:"boolean"`
25764
25765	// When IsTruncated is true, this element is present and contains the value
25766	// to use for the Marker parameter in a subsequent pagination request.
25767	Marker *string `type:"string"`
25768}
25769
25770// String returns the string representation
25771func (s ListAttachedGroupPoliciesOutput) String() string {
25772	return awsutil.Prettify(s)
25773}
25774
25775// GoString returns the string representation
25776func (s ListAttachedGroupPoliciesOutput) GoString() string {
25777	return s.String()
25778}
25779
25780// SetAttachedPolicies sets the AttachedPolicies field's value.
25781func (s *ListAttachedGroupPoliciesOutput) SetAttachedPolicies(v []*AttachedPolicy) *ListAttachedGroupPoliciesOutput {
25782	s.AttachedPolicies = v
25783	return s
25784}
25785
25786// SetIsTruncated sets the IsTruncated field's value.
25787func (s *ListAttachedGroupPoliciesOutput) SetIsTruncated(v bool) *ListAttachedGroupPoliciesOutput {
25788	s.IsTruncated = &v
25789	return s
25790}
25791
25792// SetMarker sets the Marker field's value.
25793func (s *ListAttachedGroupPoliciesOutput) SetMarker(v string) *ListAttachedGroupPoliciesOutput {
25794	s.Marker = &v
25795	return s
25796}
25797
25798type ListAttachedRolePoliciesInput struct {
25799	_ struct{} `type:"structure"`
25800
25801	// Use this parameter only when paginating results and only after you receive
25802	// a response indicating that the results are truncated. Set it to the value
25803	// of the Marker element in the response that you received to indicate where
25804	// the next call should start.
25805	Marker *string `min:"1" type:"string"`
25806
25807	// Use this only when paginating results to indicate the maximum number of items
25808	// you want in the response. If additional items exist beyond the maximum you
25809	// specify, the IsTruncated response element is true.
25810	//
25811	// If you do not include this parameter, the number of items defaults to 100.
25812	// Note that IAM might return fewer results, even when there are more results
25813	// available. In that case, the IsTruncated response element returns true, and
25814	// Marker contains a value to include in the subsequent call that tells the
25815	// service where to continue from.
25816	MaxItems *int64 `min:"1" type:"integer"`
25817
25818	// The path prefix for filtering the results. This parameter is optional. If
25819	// it is not included, it defaults to a slash (/), listing all policies.
25820	//
25821	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
25822	// a string of characters consisting of either a forward slash (/) by itself
25823	// or a string that must begin and end with forward slashes. In addition, it
25824	// can contain any ASCII character from the ! (\u0021) through the DEL character
25825	// (\u007F), including most punctuation characters, digits, and upper and lowercased
25826	// letters.
25827	PathPrefix *string `min:"1" type:"string"`
25828
25829	// The name (friendly name, not ARN) of the role to list attached policies for.
25830	//
25831	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
25832	// a string of characters consisting of upper and lowercase alphanumeric characters
25833	// with no spaces. You can also include any of the following characters: _+=,.@-
25834	//
25835	// RoleName is a required field
25836	RoleName *string `min:"1" type:"string" required:"true"`
25837}
25838
25839// String returns the string representation
25840func (s ListAttachedRolePoliciesInput) String() string {
25841	return awsutil.Prettify(s)
25842}
25843
25844// GoString returns the string representation
25845func (s ListAttachedRolePoliciesInput) GoString() string {
25846	return s.String()
25847}
25848
25849// Validate inspects the fields of the type to determine if they are valid.
25850func (s *ListAttachedRolePoliciesInput) Validate() error {
25851	invalidParams := request.ErrInvalidParams{Context: "ListAttachedRolePoliciesInput"}
25852	if s.Marker != nil && len(*s.Marker) < 1 {
25853		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
25854	}
25855	if s.MaxItems != nil && *s.MaxItems < 1 {
25856		invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1))
25857	}
25858	if s.PathPrefix != nil && len(*s.PathPrefix) < 1 {
25859		invalidParams.Add(request.NewErrParamMinLen("PathPrefix", 1))
25860	}
25861	if s.RoleName == nil {
25862		invalidParams.Add(request.NewErrParamRequired("RoleName"))
25863	}
25864	if s.RoleName != nil && len(*s.RoleName) < 1 {
25865		invalidParams.Add(request.NewErrParamMinLen("RoleName", 1))
25866	}
25867
25868	if invalidParams.Len() > 0 {
25869		return invalidParams
25870	}
25871	return nil
25872}
25873
25874// SetMarker sets the Marker field's value.
25875func (s *ListAttachedRolePoliciesInput) SetMarker(v string) *ListAttachedRolePoliciesInput {
25876	s.Marker = &v
25877	return s
25878}
25879
25880// SetMaxItems sets the MaxItems field's value.
25881func (s *ListAttachedRolePoliciesInput) SetMaxItems(v int64) *ListAttachedRolePoliciesInput {
25882	s.MaxItems = &v
25883	return s
25884}
25885
25886// SetPathPrefix sets the PathPrefix field's value.
25887func (s *ListAttachedRolePoliciesInput) SetPathPrefix(v string) *ListAttachedRolePoliciesInput {
25888	s.PathPrefix = &v
25889	return s
25890}
25891
25892// SetRoleName sets the RoleName field's value.
25893func (s *ListAttachedRolePoliciesInput) SetRoleName(v string) *ListAttachedRolePoliciesInput {
25894	s.RoleName = &v
25895	return s
25896}
25897
25898// Contains the response to a successful ListAttachedRolePolicies request.
25899type ListAttachedRolePoliciesOutput struct {
25900	_ struct{} `type:"structure"`
25901
25902	// A list of the attached policies.
25903	AttachedPolicies []*AttachedPolicy `type:"list"`
25904
25905	// A flag that indicates whether there are more items to return. If your results
25906	// were truncated, you can make a subsequent pagination request using the Marker
25907	// request parameter to retrieve more items. Note that IAM might return fewer
25908	// than the MaxItems number of results even when there are more results available.
25909	// We recommend that you check IsTruncated after every call to ensure that you
25910	// receive all your results.
25911	IsTruncated *bool `type:"boolean"`
25912
25913	// When IsTruncated is true, this element is present and contains the value
25914	// to use for the Marker parameter in a subsequent pagination request.
25915	Marker *string `type:"string"`
25916}
25917
25918// String returns the string representation
25919func (s ListAttachedRolePoliciesOutput) String() string {
25920	return awsutil.Prettify(s)
25921}
25922
25923// GoString returns the string representation
25924func (s ListAttachedRolePoliciesOutput) GoString() string {
25925	return s.String()
25926}
25927
25928// SetAttachedPolicies sets the AttachedPolicies field's value.
25929func (s *ListAttachedRolePoliciesOutput) SetAttachedPolicies(v []*AttachedPolicy) *ListAttachedRolePoliciesOutput {
25930	s.AttachedPolicies = v
25931	return s
25932}
25933
25934// SetIsTruncated sets the IsTruncated field's value.
25935func (s *ListAttachedRolePoliciesOutput) SetIsTruncated(v bool) *ListAttachedRolePoliciesOutput {
25936	s.IsTruncated = &v
25937	return s
25938}
25939
25940// SetMarker sets the Marker field's value.
25941func (s *ListAttachedRolePoliciesOutput) SetMarker(v string) *ListAttachedRolePoliciesOutput {
25942	s.Marker = &v
25943	return s
25944}
25945
25946type ListAttachedUserPoliciesInput struct {
25947	_ struct{} `type:"structure"`
25948
25949	// Use this parameter only when paginating results and only after you receive
25950	// a response indicating that the results are truncated. Set it to the value
25951	// of the Marker element in the response that you received to indicate where
25952	// the next call should start.
25953	Marker *string `min:"1" type:"string"`
25954
25955	// Use this only when paginating results to indicate the maximum number of items
25956	// you want in the response. If additional items exist beyond the maximum you
25957	// specify, the IsTruncated response element is true.
25958	//
25959	// If you do not include this parameter, the number of items defaults to 100.
25960	// Note that IAM might return fewer results, even when there are more results
25961	// available. In that case, the IsTruncated response element returns true, and
25962	// Marker contains a value to include in the subsequent call that tells the
25963	// service where to continue from.
25964	MaxItems *int64 `min:"1" type:"integer"`
25965
25966	// The path prefix for filtering the results. This parameter is optional. If
25967	// it is not included, it defaults to a slash (/), listing all policies.
25968	//
25969	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
25970	// a string of characters consisting of either a forward slash (/) by itself
25971	// or a string that must begin and end with forward slashes. In addition, it
25972	// can contain any ASCII character from the ! (\u0021) through the DEL character
25973	// (\u007F), including most punctuation characters, digits, and upper and lowercased
25974	// letters.
25975	PathPrefix *string `min:"1" type:"string"`
25976
25977	// The name (friendly name, not ARN) of the user to list attached policies for.
25978	//
25979	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
25980	// a string of characters consisting of upper and lowercase alphanumeric characters
25981	// with no spaces. You can also include any of the following characters: _+=,.@-
25982	//
25983	// UserName is a required field
25984	UserName *string `min:"1" type:"string" required:"true"`
25985}
25986
25987// String returns the string representation
25988func (s ListAttachedUserPoliciesInput) String() string {
25989	return awsutil.Prettify(s)
25990}
25991
25992// GoString returns the string representation
25993func (s ListAttachedUserPoliciesInput) GoString() string {
25994	return s.String()
25995}
25996
25997// Validate inspects the fields of the type to determine if they are valid.
25998func (s *ListAttachedUserPoliciesInput) Validate() error {
25999	invalidParams := request.ErrInvalidParams{Context: "ListAttachedUserPoliciesInput"}
26000	if s.Marker != nil && len(*s.Marker) < 1 {
26001		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
26002	}
26003	if s.MaxItems != nil && *s.MaxItems < 1 {
26004		invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1))
26005	}
26006	if s.PathPrefix != nil && len(*s.PathPrefix) < 1 {
26007		invalidParams.Add(request.NewErrParamMinLen("PathPrefix", 1))
26008	}
26009	if s.UserName == nil {
26010		invalidParams.Add(request.NewErrParamRequired("UserName"))
26011	}
26012	if s.UserName != nil && len(*s.UserName) < 1 {
26013		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
26014	}
26015
26016	if invalidParams.Len() > 0 {
26017		return invalidParams
26018	}
26019	return nil
26020}
26021
26022// SetMarker sets the Marker field's value.
26023func (s *ListAttachedUserPoliciesInput) SetMarker(v string) *ListAttachedUserPoliciesInput {
26024	s.Marker = &v
26025	return s
26026}
26027
26028// SetMaxItems sets the MaxItems field's value.
26029func (s *ListAttachedUserPoliciesInput) SetMaxItems(v int64) *ListAttachedUserPoliciesInput {
26030	s.MaxItems = &v
26031	return s
26032}
26033
26034// SetPathPrefix sets the PathPrefix field's value.
26035func (s *ListAttachedUserPoliciesInput) SetPathPrefix(v string) *ListAttachedUserPoliciesInput {
26036	s.PathPrefix = &v
26037	return s
26038}
26039
26040// SetUserName sets the UserName field's value.
26041func (s *ListAttachedUserPoliciesInput) SetUserName(v string) *ListAttachedUserPoliciesInput {
26042	s.UserName = &v
26043	return s
26044}
26045
26046// Contains the response to a successful ListAttachedUserPolicies request.
26047type ListAttachedUserPoliciesOutput struct {
26048	_ struct{} `type:"structure"`
26049
26050	// A list of the attached policies.
26051	AttachedPolicies []*AttachedPolicy `type:"list"`
26052
26053	// A flag that indicates whether there are more items to return. If your results
26054	// were truncated, you can make a subsequent pagination request using the Marker
26055	// request parameter to retrieve more items. Note that IAM might return fewer
26056	// than the MaxItems number of results even when there are more results available.
26057	// We recommend that you check IsTruncated after every call to ensure that you
26058	// receive all your results.
26059	IsTruncated *bool `type:"boolean"`
26060
26061	// When IsTruncated is true, this element is present and contains the value
26062	// to use for the Marker parameter in a subsequent pagination request.
26063	Marker *string `type:"string"`
26064}
26065
26066// String returns the string representation
26067func (s ListAttachedUserPoliciesOutput) String() string {
26068	return awsutil.Prettify(s)
26069}
26070
26071// GoString returns the string representation
26072func (s ListAttachedUserPoliciesOutput) GoString() string {
26073	return s.String()
26074}
26075
26076// SetAttachedPolicies sets the AttachedPolicies field's value.
26077func (s *ListAttachedUserPoliciesOutput) SetAttachedPolicies(v []*AttachedPolicy) *ListAttachedUserPoliciesOutput {
26078	s.AttachedPolicies = v
26079	return s
26080}
26081
26082// SetIsTruncated sets the IsTruncated field's value.
26083func (s *ListAttachedUserPoliciesOutput) SetIsTruncated(v bool) *ListAttachedUserPoliciesOutput {
26084	s.IsTruncated = &v
26085	return s
26086}
26087
26088// SetMarker sets the Marker field's value.
26089func (s *ListAttachedUserPoliciesOutput) SetMarker(v string) *ListAttachedUserPoliciesOutput {
26090	s.Marker = &v
26091	return s
26092}
26093
26094type ListEntitiesForPolicyInput struct {
26095	_ struct{} `type:"structure"`
26096
26097	// The entity type to use for filtering the results.
26098	//
26099	// For example, when EntityFilter is Role, only the roles that are attached
26100	// to the specified policy are returned. This parameter is optional. If it is
26101	// not included, all attached entities (users, groups, and roles) are returned.
26102	// The argument for this parameter must be one of the valid values listed below.
26103	EntityFilter *string `type:"string" enum:"EntityType"`
26104
26105	// Use this parameter only when paginating results and only after you receive
26106	// a response indicating that the results are truncated. Set it to the value
26107	// of the Marker element in the response that you received to indicate where
26108	// the next call should start.
26109	Marker *string `min:"1" type:"string"`
26110
26111	// Use this only when paginating results to indicate the maximum number of items
26112	// you want in the response. If additional items exist beyond the maximum you
26113	// specify, the IsTruncated response element is true.
26114	//
26115	// If you do not include this parameter, the number of items defaults to 100.
26116	// Note that IAM might return fewer results, even when there are more results
26117	// available. In that case, the IsTruncated response element returns true, and
26118	// Marker contains a value to include in the subsequent call that tells the
26119	// service where to continue from.
26120	MaxItems *int64 `min:"1" type:"integer"`
26121
26122	// The path prefix for filtering the results. This parameter is optional. If
26123	// it is not included, it defaults to a slash (/), listing all entities.
26124	//
26125	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
26126	// a string of characters consisting of either a forward slash (/) by itself
26127	// or a string that must begin and end with forward slashes. In addition, it
26128	// can contain any ASCII character from the ! (\u0021) through the DEL character
26129	// (\u007F), including most punctuation characters, digits, and upper and lowercased
26130	// letters.
26131	PathPrefix *string `min:"1" type:"string"`
26132
26133	// The Amazon Resource Name (ARN) of the IAM policy for which you want the versions.
26134	//
26135	// For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
26136	// in the AWS General Reference.
26137	//
26138	// PolicyArn is a required field
26139	PolicyArn *string `min:"20" type:"string" required:"true"`
26140
26141	// The policy usage method to use for filtering the results.
26142	//
26143	// To list only permissions policies, set PolicyUsageFilter to PermissionsPolicy.
26144	// To list only the policies used to set permissions boundaries, set the value
26145	// to PermissionsBoundary.
26146	//
26147	// This parameter is optional. If it is not included, all policies are returned.
26148	PolicyUsageFilter *string `type:"string" enum:"PolicyUsageType"`
26149}
26150
26151// String returns the string representation
26152func (s ListEntitiesForPolicyInput) String() string {
26153	return awsutil.Prettify(s)
26154}
26155
26156// GoString returns the string representation
26157func (s ListEntitiesForPolicyInput) GoString() string {
26158	return s.String()
26159}
26160
26161// Validate inspects the fields of the type to determine if they are valid.
26162func (s *ListEntitiesForPolicyInput) Validate() error {
26163	invalidParams := request.ErrInvalidParams{Context: "ListEntitiesForPolicyInput"}
26164	if s.Marker != nil && len(*s.Marker) < 1 {
26165		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
26166	}
26167	if s.MaxItems != nil && *s.MaxItems < 1 {
26168		invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1))
26169	}
26170	if s.PathPrefix != nil && len(*s.PathPrefix) < 1 {
26171		invalidParams.Add(request.NewErrParamMinLen("PathPrefix", 1))
26172	}
26173	if s.PolicyArn == nil {
26174		invalidParams.Add(request.NewErrParamRequired("PolicyArn"))
26175	}
26176	if s.PolicyArn != nil && len(*s.PolicyArn) < 20 {
26177		invalidParams.Add(request.NewErrParamMinLen("PolicyArn", 20))
26178	}
26179
26180	if invalidParams.Len() > 0 {
26181		return invalidParams
26182	}
26183	return nil
26184}
26185
26186// SetEntityFilter sets the EntityFilter field's value.
26187func (s *ListEntitiesForPolicyInput) SetEntityFilter(v string) *ListEntitiesForPolicyInput {
26188	s.EntityFilter = &v
26189	return s
26190}
26191
26192// SetMarker sets the Marker field's value.
26193func (s *ListEntitiesForPolicyInput) SetMarker(v string) *ListEntitiesForPolicyInput {
26194	s.Marker = &v
26195	return s
26196}
26197
26198// SetMaxItems sets the MaxItems field's value.
26199func (s *ListEntitiesForPolicyInput) SetMaxItems(v int64) *ListEntitiesForPolicyInput {
26200	s.MaxItems = &v
26201	return s
26202}
26203
26204// SetPathPrefix sets the PathPrefix field's value.
26205func (s *ListEntitiesForPolicyInput) SetPathPrefix(v string) *ListEntitiesForPolicyInput {
26206	s.PathPrefix = &v
26207	return s
26208}
26209
26210// SetPolicyArn sets the PolicyArn field's value.
26211func (s *ListEntitiesForPolicyInput) SetPolicyArn(v string) *ListEntitiesForPolicyInput {
26212	s.PolicyArn = &v
26213	return s
26214}
26215
26216// SetPolicyUsageFilter sets the PolicyUsageFilter field's value.
26217func (s *ListEntitiesForPolicyInput) SetPolicyUsageFilter(v string) *ListEntitiesForPolicyInput {
26218	s.PolicyUsageFilter = &v
26219	return s
26220}
26221
26222// Contains the response to a successful ListEntitiesForPolicy request.
26223type ListEntitiesForPolicyOutput struct {
26224	_ struct{} `type:"structure"`
26225
26226	// A flag that indicates whether there are more items to return. If your results
26227	// were truncated, you can make a subsequent pagination request using the Marker
26228	// request parameter to retrieve more items. Note that IAM might return fewer
26229	// than the MaxItems number of results even when there are more results available.
26230	// We recommend that you check IsTruncated after every call to ensure that you
26231	// receive all your results.
26232	IsTruncated *bool `type:"boolean"`
26233
26234	// When IsTruncated is true, this element is present and contains the value
26235	// to use for the Marker parameter in a subsequent pagination request.
26236	Marker *string `type:"string"`
26237
26238	// A list of IAM groups that the policy is attached to.
26239	PolicyGroups []*PolicyGroup `type:"list"`
26240
26241	// A list of IAM roles that the policy is attached to.
26242	PolicyRoles []*PolicyRole `type:"list"`
26243
26244	// A list of IAM users that the policy is attached to.
26245	PolicyUsers []*PolicyUser `type:"list"`
26246}
26247
26248// String returns the string representation
26249func (s ListEntitiesForPolicyOutput) String() string {
26250	return awsutil.Prettify(s)
26251}
26252
26253// GoString returns the string representation
26254func (s ListEntitiesForPolicyOutput) GoString() string {
26255	return s.String()
26256}
26257
26258// SetIsTruncated sets the IsTruncated field's value.
26259func (s *ListEntitiesForPolicyOutput) SetIsTruncated(v bool) *ListEntitiesForPolicyOutput {
26260	s.IsTruncated = &v
26261	return s
26262}
26263
26264// SetMarker sets the Marker field's value.
26265func (s *ListEntitiesForPolicyOutput) SetMarker(v string) *ListEntitiesForPolicyOutput {
26266	s.Marker = &v
26267	return s
26268}
26269
26270// SetPolicyGroups sets the PolicyGroups field's value.
26271func (s *ListEntitiesForPolicyOutput) SetPolicyGroups(v []*PolicyGroup) *ListEntitiesForPolicyOutput {
26272	s.PolicyGroups = v
26273	return s
26274}
26275
26276// SetPolicyRoles sets the PolicyRoles field's value.
26277func (s *ListEntitiesForPolicyOutput) SetPolicyRoles(v []*PolicyRole) *ListEntitiesForPolicyOutput {
26278	s.PolicyRoles = v
26279	return s
26280}
26281
26282// SetPolicyUsers sets the PolicyUsers field's value.
26283func (s *ListEntitiesForPolicyOutput) SetPolicyUsers(v []*PolicyUser) *ListEntitiesForPolicyOutput {
26284	s.PolicyUsers = v
26285	return s
26286}
26287
26288type ListGroupPoliciesInput struct {
26289	_ struct{} `type:"structure"`
26290
26291	// The name of the group to list policies for.
26292	//
26293	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
26294	// a string of characters consisting of upper and lowercase alphanumeric characters
26295	// with no spaces. You can also include any of the following characters: _+=,.@-
26296	//
26297	// GroupName is a required field
26298	GroupName *string `min:"1" type:"string" required:"true"`
26299
26300	// Use this parameter only when paginating results and only after you receive
26301	// a response indicating that the results are truncated. Set it to the value
26302	// of the Marker element in the response that you received to indicate where
26303	// the next call should start.
26304	Marker *string `min:"1" type:"string"`
26305
26306	// Use this only when paginating results to indicate the maximum number of items
26307	// you want in the response. If additional items exist beyond the maximum you
26308	// specify, the IsTruncated response element is true.
26309	//
26310	// If you do not include this parameter, the number of items defaults to 100.
26311	// Note that IAM might return fewer results, even when there are more results
26312	// available. In that case, the IsTruncated response element returns true, and
26313	// Marker contains a value to include in the subsequent call that tells the
26314	// service where to continue from.
26315	MaxItems *int64 `min:"1" type:"integer"`
26316}
26317
26318// String returns the string representation
26319func (s ListGroupPoliciesInput) String() string {
26320	return awsutil.Prettify(s)
26321}
26322
26323// GoString returns the string representation
26324func (s ListGroupPoliciesInput) GoString() string {
26325	return s.String()
26326}
26327
26328// Validate inspects the fields of the type to determine if they are valid.
26329func (s *ListGroupPoliciesInput) Validate() error {
26330	invalidParams := request.ErrInvalidParams{Context: "ListGroupPoliciesInput"}
26331	if s.GroupName == nil {
26332		invalidParams.Add(request.NewErrParamRequired("GroupName"))
26333	}
26334	if s.GroupName != nil && len(*s.GroupName) < 1 {
26335		invalidParams.Add(request.NewErrParamMinLen("GroupName", 1))
26336	}
26337	if s.Marker != nil && len(*s.Marker) < 1 {
26338		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
26339	}
26340	if s.MaxItems != nil && *s.MaxItems < 1 {
26341		invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1))
26342	}
26343
26344	if invalidParams.Len() > 0 {
26345		return invalidParams
26346	}
26347	return nil
26348}
26349
26350// SetGroupName sets the GroupName field's value.
26351func (s *ListGroupPoliciesInput) SetGroupName(v string) *ListGroupPoliciesInput {
26352	s.GroupName = &v
26353	return s
26354}
26355
26356// SetMarker sets the Marker field's value.
26357func (s *ListGroupPoliciesInput) SetMarker(v string) *ListGroupPoliciesInput {
26358	s.Marker = &v
26359	return s
26360}
26361
26362// SetMaxItems sets the MaxItems field's value.
26363func (s *ListGroupPoliciesInput) SetMaxItems(v int64) *ListGroupPoliciesInput {
26364	s.MaxItems = &v
26365	return s
26366}
26367
26368// Contains the response to a successful ListGroupPolicies request.
26369type ListGroupPoliciesOutput struct {
26370	_ struct{} `type:"structure"`
26371
26372	// A flag that indicates whether there are more items to return. If your results
26373	// were truncated, you can make a subsequent pagination request using the Marker
26374	// request parameter to retrieve more items. Note that IAM might return fewer
26375	// than the MaxItems number of results even when there are more results available.
26376	// We recommend that you check IsTruncated after every call to ensure that you
26377	// receive all your results.
26378	IsTruncated *bool `type:"boolean"`
26379
26380	// When IsTruncated is true, this element is present and contains the value
26381	// to use for the Marker parameter in a subsequent pagination request.
26382	Marker *string `type:"string"`
26383
26384	// A list of policy names.
26385	//
26386	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
26387	// a string of characters consisting of upper and lowercase alphanumeric characters
26388	// with no spaces. You can also include any of the following characters: _+=,.@-
26389	//
26390	// PolicyNames is a required field
26391	PolicyNames []*string `type:"list" required:"true"`
26392}
26393
26394// String returns the string representation
26395func (s ListGroupPoliciesOutput) String() string {
26396	return awsutil.Prettify(s)
26397}
26398
26399// GoString returns the string representation
26400func (s ListGroupPoliciesOutput) GoString() string {
26401	return s.String()
26402}
26403
26404// SetIsTruncated sets the IsTruncated field's value.
26405func (s *ListGroupPoliciesOutput) SetIsTruncated(v bool) *ListGroupPoliciesOutput {
26406	s.IsTruncated = &v
26407	return s
26408}
26409
26410// SetMarker sets the Marker field's value.
26411func (s *ListGroupPoliciesOutput) SetMarker(v string) *ListGroupPoliciesOutput {
26412	s.Marker = &v
26413	return s
26414}
26415
26416// SetPolicyNames sets the PolicyNames field's value.
26417func (s *ListGroupPoliciesOutput) SetPolicyNames(v []*string) *ListGroupPoliciesOutput {
26418	s.PolicyNames = v
26419	return s
26420}
26421
26422type ListGroupsForUserInput struct {
26423	_ struct{} `type:"structure"`
26424
26425	// Use this parameter only when paginating results and only after you receive
26426	// a response indicating that the results are truncated. Set it to the value
26427	// of the Marker element in the response that you received to indicate where
26428	// the next call should start.
26429	Marker *string `min:"1" type:"string"`
26430
26431	// Use this only when paginating results to indicate the maximum number of items
26432	// you want in the response. If additional items exist beyond the maximum you
26433	// specify, the IsTruncated response element is true.
26434	//
26435	// If you do not include this parameter, the number of items defaults to 100.
26436	// Note that IAM might return fewer results, even when there are more results
26437	// available. In that case, the IsTruncated response element returns true, and
26438	// Marker contains a value to include in the subsequent call that tells the
26439	// service where to continue from.
26440	MaxItems *int64 `min:"1" type:"integer"`
26441
26442	// The name of the user to list groups for.
26443	//
26444	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
26445	// a string of characters consisting of upper and lowercase alphanumeric characters
26446	// with no spaces. You can also include any of the following characters: _+=,.@-
26447	//
26448	// UserName is a required field
26449	UserName *string `min:"1" type:"string" required:"true"`
26450}
26451
26452// String returns the string representation
26453func (s ListGroupsForUserInput) String() string {
26454	return awsutil.Prettify(s)
26455}
26456
26457// GoString returns the string representation
26458func (s ListGroupsForUserInput) GoString() string {
26459	return s.String()
26460}
26461
26462// Validate inspects the fields of the type to determine if they are valid.
26463func (s *ListGroupsForUserInput) Validate() error {
26464	invalidParams := request.ErrInvalidParams{Context: "ListGroupsForUserInput"}
26465	if s.Marker != nil && len(*s.Marker) < 1 {
26466		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
26467	}
26468	if s.MaxItems != nil && *s.MaxItems < 1 {
26469		invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1))
26470	}
26471	if s.UserName == nil {
26472		invalidParams.Add(request.NewErrParamRequired("UserName"))
26473	}
26474	if s.UserName != nil && len(*s.UserName) < 1 {
26475		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
26476	}
26477
26478	if invalidParams.Len() > 0 {
26479		return invalidParams
26480	}
26481	return nil
26482}
26483
26484// SetMarker sets the Marker field's value.
26485func (s *ListGroupsForUserInput) SetMarker(v string) *ListGroupsForUserInput {
26486	s.Marker = &v
26487	return s
26488}
26489
26490// SetMaxItems sets the MaxItems field's value.
26491func (s *ListGroupsForUserInput) SetMaxItems(v int64) *ListGroupsForUserInput {
26492	s.MaxItems = &v
26493	return s
26494}
26495
26496// SetUserName sets the UserName field's value.
26497func (s *ListGroupsForUserInput) SetUserName(v string) *ListGroupsForUserInput {
26498	s.UserName = &v
26499	return s
26500}
26501
26502// Contains the response to a successful ListGroupsForUser request.
26503type ListGroupsForUserOutput struct {
26504	_ struct{} `type:"structure"`
26505
26506	// A list of groups.
26507	//
26508	// Groups is a required field
26509	Groups []*Group `type:"list" required:"true"`
26510
26511	// A flag that indicates whether there are more items to return. If your results
26512	// were truncated, you can make a subsequent pagination request using the Marker
26513	// request parameter to retrieve more items. Note that IAM might return fewer
26514	// than the MaxItems number of results even when there are more results available.
26515	// We recommend that you check IsTruncated after every call to ensure that you
26516	// receive all your results.
26517	IsTruncated *bool `type:"boolean"`
26518
26519	// When IsTruncated is true, this element is present and contains the value
26520	// to use for the Marker parameter in a subsequent pagination request.
26521	Marker *string `type:"string"`
26522}
26523
26524// String returns the string representation
26525func (s ListGroupsForUserOutput) String() string {
26526	return awsutil.Prettify(s)
26527}
26528
26529// GoString returns the string representation
26530func (s ListGroupsForUserOutput) GoString() string {
26531	return s.String()
26532}
26533
26534// SetGroups sets the Groups field's value.
26535func (s *ListGroupsForUserOutput) SetGroups(v []*Group) *ListGroupsForUserOutput {
26536	s.Groups = v
26537	return s
26538}
26539
26540// SetIsTruncated sets the IsTruncated field's value.
26541func (s *ListGroupsForUserOutput) SetIsTruncated(v bool) *ListGroupsForUserOutput {
26542	s.IsTruncated = &v
26543	return s
26544}
26545
26546// SetMarker sets the Marker field's value.
26547func (s *ListGroupsForUserOutput) SetMarker(v string) *ListGroupsForUserOutput {
26548	s.Marker = &v
26549	return s
26550}
26551
26552type ListGroupsInput struct {
26553	_ struct{} `type:"structure"`
26554
26555	// Use this parameter only when paginating results and only after you receive
26556	// a response indicating that the results are truncated. Set it to the value
26557	// of the Marker element in the response that you received to indicate where
26558	// the next call should start.
26559	Marker *string `min:"1" type:"string"`
26560
26561	// Use this only when paginating results to indicate the maximum number of items
26562	// you want in the response. If additional items exist beyond the maximum you
26563	// specify, the IsTruncated response element is true.
26564	//
26565	// If you do not include this parameter, the number of items defaults to 100.
26566	// Note that IAM might return fewer results, even when there are more results
26567	// available. In that case, the IsTruncated response element returns true, and
26568	// Marker contains a value to include in the subsequent call that tells the
26569	// service where to continue from.
26570	MaxItems *int64 `min:"1" type:"integer"`
26571
26572	// The path prefix for filtering the results. For example, the prefix /division_abc/subdivision_xyz/
26573	// gets all groups whose path starts with /division_abc/subdivision_xyz/.
26574	//
26575	// This parameter is optional. If it is not included, it defaults to a slash
26576	// (/), listing all groups. This parameter allows (through its regex pattern
26577	// (http://wikipedia.org/wiki/regex)) a string of characters consisting of either
26578	// a forward slash (/) by itself or a string that must begin and end with forward
26579	// slashes. In addition, it can contain any ASCII character from the ! (\u0021)
26580	// through the DEL character (\u007F), including most punctuation characters,
26581	// digits, and upper and lowercased letters.
26582	PathPrefix *string `min:"1" type:"string"`
26583}
26584
26585// String returns the string representation
26586func (s ListGroupsInput) String() string {
26587	return awsutil.Prettify(s)
26588}
26589
26590// GoString returns the string representation
26591func (s ListGroupsInput) GoString() string {
26592	return s.String()
26593}
26594
26595// Validate inspects the fields of the type to determine if they are valid.
26596func (s *ListGroupsInput) Validate() error {
26597	invalidParams := request.ErrInvalidParams{Context: "ListGroupsInput"}
26598	if s.Marker != nil && len(*s.Marker) < 1 {
26599		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
26600	}
26601	if s.MaxItems != nil && *s.MaxItems < 1 {
26602		invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1))
26603	}
26604	if s.PathPrefix != nil && len(*s.PathPrefix) < 1 {
26605		invalidParams.Add(request.NewErrParamMinLen("PathPrefix", 1))
26606	}
26607
26608	if invalidParams.Len() > 0 {
26609		return invalidParams
26610	}
26611	return nil
26612}
26613
26614// SetMarker sets the Marker field's value.
26615func (s *ListGroupsInput) SetMarker(v string) *ListGroupsInput {
26616	s.Marker = &v
26617	return s
26618}
26619
26620// SetMaxItems sets the MaxItems field's value.
26621func (s *ListGroupsInput) SetMaxItems(v int64) *ListGroupsInput {
26622	s.MaxItems = &v
26623	return s
26624}
26625
26626// SetPathPrefix sets the PathPrefix field's value.
26627func (s *ListGroupsInput) SetPathPrefix(v string) *ListGroupsInput {
26628	s.PathPrefix = &v
26629	return s
26630}
26631
26632// Contains the response to a successful ListGroups request.
26633type ListGroupsOutput struct {
26634	_ struct{} `type:"structure"`
26635
26636	// A list of groups.
26637	//
26638	// Groups is a required field
26639	Groups []*Group `type:"list" required:"true"`
26640
26641	// A flag that indicates whether there are more items to return. If your results
26642	// were truncated, you can make a subsequent pagination request using the Marker
26643	// request parameter to retrieve more items. Note that IAM might return fewer
26644	// than the MaxItems number of results even when there are more results available.
26645	// We recommend that you check IsTruncated after every call to ensure that you
26646	// receive all your results.
26647	IsTruncated *bool `type:"boolean"`
26648
26649	// When IsTruncated is true, this element is present and contains the value
26650	// to use for the Marker parameter in a subsequent pagination request.
26651	Marker *string `type:"string"`
26652}
26653
26654// String returns the string representation
26655func (s ListGroupsOutput) String() string {
26656	return awsutil.Prettify(s)
26657}
26658
26659// GoString returns the string representation
26660func (s ListGroupsOutput) GoString() string {
26661	return s.String()
26662}
26663
26664// SetGroups sets the Groups field's value.
26665func (s *ListGroupsOutput) SetGroups(v []*Group) *ListGroupsOutput {
26666	s.Groups = v
26667	return s
26668}
26669
26670// SetIsTruncated sets the IsTruncated field's value.
26671func (s *ListGroupsOutput) SetIsTruncated(v bool) *ListGroupsOutput {
26672	s.IsTruncated = &v
26673	return s
26674}
26675
26676// SetMarker sets the Marker field's value.
26677func (s *ListGroupsOutput) SetMarker(v string) *ListGroupsOutput {
26678	s.Marker = &v
26679	return s
26680}
26681
26682type ListInstanceProfileTagsInput struct {
26683	_ struct{} `type:"structure"`
26684
26685	// The name of the IAM instance profile whose tags you want to see.
26686	//
26687	// This parameter accepts (through its regex pattern (http://wikipedia.org/wiki/regex))
26688	// a string of characters that consist of upper and lowercase alphanumeric characters
26689	// with no spaces. You can also include any of the following characters: =,.@-
26690	//
26691	// InstanceProfileName is a required field
26692	InstanceProfileName *string `min:"1" type:"string" required:"true"`
26693
26694	// Use this parameter only when paginating results and only after you receive
26695	// a response indicating that the results are truncated. Set it to the value
26696	// of the Marker element in the response that you received to indicate where
26697	// the next call should start.
26698	Marker *string `min:"1" type:"string"`
26699
26700	// (Optional) Use this only when paginating results to indicate the maximum
26701	// number of items that you want in the response. If additional items exist
26702	// beyond the maximum that you specify, the IsTruncated response element is
26703	// true.
26704	//
26705	// If you do not include this parameter, it defaults to 100. Note that IAM might
26706	// return fewer results, even when more results are available. In that case,
26707	// the IsTruncated response element returns true, and Marker contains a value
26708	// to include in the subsequent call that tells the service where to continue
26709	// from.
26710	MaxItems *int64 `min:"1" type:"integer"`
26711}
26712
26713// String returns the string representation
26714func (s ListInstanceProfileTagsInput) String() string {
26715	return awsutil.Prettify(s)
26716}
26717
26718// GoString returns the string representation
26719func (s ListInstanceProfileTagsInput) GoString() string {
26720	return s.String()
26721}
26722
26723// Validate inspects the fields of the type to determine if they are valid.
26724func (s *ListInstanceProfileTagsInput) Validate() error {
26725	invalidParams := request.ErrInvalidParams{Context: "ListInstanceProfileTagsInput"}
26726	if s.InstanceProfileName == nil {
26727		invalidParams.Add(request.NewErrParamRequired("InstanceProfileName"))
26728	}
26729	if s.InstanceProfileName != nil && len(*s.InstanceProfileName) < 1 {
26730		invalidParams.Add(request.NewErrParamMinLen("InstanceProfileName", 1))
26731	}
26732	if s.Marker != nil && len(*s.Marker) < 1 {
26733		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
26734	}
26735	if s.MaxItems != nil && *s.MaxItems < 1 {
26736		invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1))
26737	}
26738
26739	if invalidParams.Len() > 0 {
26740		return invalidParams
26741	}
26742	return nil
26743}
26744
26745// SetInstanceProfileName sets the InstanceProfileName field's value.
26746func (s *ListInstanceProfileTagsInput) SetInstanceProfileName(v string) *ListInstanceProfileTagsInput {
26747	s.InstanceProfileName = &v
26748	return s
26749}
26750
26751// SetMarker sets the Marker field's value.
26752func (s *ListInstanceProfileTagsInput) SetMarker(v string) *ListInstanceProfileTagsInput {
26753	s.Marker = &v
26754	return s
26755}
26756
26757// SetMaxItems sets the MaxItems field's value.
26758func (s *ListInstanceProfileTagsInput) SetMaxItems(v int64) *ListInstanceProfileTagsInput {
26759	s.MaxItems = &v
26760	return s
26761}
26762
26763type ListInstanceProfileTagsOutput struct {
26764	_ struct{} `type:"structure"`
26765
26766	// A flag that indicates whether there are more items to return. If your results
26767	// were truncated, you can use the Marker request parameter to make a subsequent
26768	// pagination request that retrieves more items. Note that IAM might return
26769	// fewer than the MaxItems number of results even when more results are available.
26770	// Check IsTruncated after every call to ensure that you receive all of your
26771	// results.
26772	IsTruncated *bool `type:"boolean"`
26773
26774	// When IsTruncated is true, this element is present and contains the value
26775	// to use for the Marker parameter in a subsequent pagination request.
26776	Marker *string `type:"string"`
26777
26778	// The list of tags that are currently attached to the IAM instance profile.
26779	// Each tag consists of a key name and an associated value. If no tags are attached
26780	// to the specified resource, the response contains an empty list.
26781	//
26782	// Tags is a required field
26783	Tags []*Tag `type:"list" required:"true"`
26784}
26785
26786// String returns the string representation
26787func (s ListInstanceProfileTagsOutput) String() string {
26788	return awsutil.Prettify(s)
26789}
26790
26791// GoString returns the string representation
26792func (s ListInstanceProfileTagsOutput) GoString() string {
26793	return s.String()
26794}
26795
26796// SetIsTruncated sets the IsTruncated field's value.
26797func (s *ListInstanceProfileTagsOutput) SetIsTruncated(v bool) *ListInstanceProfileTagsOutput {
26798	s.IsTruncated = &v
26799	return s
26800}
26801
26802// SetMarker sets the Marker field's value.
26803func (s *ListInstanceProfileTagsOutput) SetMarker(v string) *ListInstanceProfileTagsOutput {
26804	s.Marker = &v
26805	return s
26806}
26807
26808// SetTags sets the Tags field's value.
26809func (s *ListInstanceProfileTagsOutput) SetTags(v []*Tag) *ListInstanceProfileTagsOutput {
26810	s.Tags = v
26811	return s
26812}
26813
26814type ListInstanceProfilesForRoleInput struct {
26815	_ struct{} `type:"structure"`
26816
26817	// Use this parameter only when paginating results and only after you receive
26818	// a response indicating that the results are truncated. Set it to the value
26819	// of the Marker element in the response that you received to indicate where
26820	// the next call should start.
26821	Marker *string `min:"1" type:"string"`
26822
26823	// Use this only when paginating results to indicate the maximum number of items
26824	// you want in the response. If additional items exist beyond the maximum you
26825	// specify, the IsTruncated response element is true.
26826	//
26827	// If you do not include this parameter, the number of items defaults to 100.
26828	// Note that IAM might return fewer results, even when there are more results
26829	// available. In that case, the IsTruncated response element returns true, and
26830	// Marker contains a value to include in the subsequent call that tells the
26831	// service where to continue from.
26832	MaxItems *int64 `min:"1" type:"integer"`
26833
26834	// The name of the role to list instance profiles for.
26835	//
26836	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
26837	// a string of characters consisting of upper and lowercase alphanumeric characters
26838	// with no spaces. You can also include any of the following characters: _+=,.@-
26839	//
26840	// RoleName is a required field
26841	RoleName *string `min:"1" type:"string" required:"true"`
26842}
26843
26844// String returns the string representation
26845func (s ListInstanceProfilesForRoleInput) String() string {
26846	return awsutil.Prettify(s)
26847}
26848
26849// GoString returns the string representation
26850func (s ListInstanceProfilesForRoleInput) GoString() string {
26851	return s.String()
26852}
26853
26854// Validate inspects the fields of the type to determine if they are valid.
26855func (s *ListInstanceProfilesForRoleInput) Validate() error {
26856	invalidParams := request.ErrInvalidParams{Context: "ListInstanceProfilesForRoleInput"}
26857	if s.Marker != nil && len(*s.Marker) < 1 {
26858		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
26859	}
26860	if s.MaxItems != nil && *s.MaxItems < 1 {
26861		invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1))
26862	}
26863	if s.RoleName == nil {
26864		invalidParams.Add(request.NewErrParamRequired("RoleName"))
26865	}
26866	if s.RoleName != nil && len(*s.RoleName) < 1 {
26867		invalidParams.Add(request.NewErrParamMinLen("RoleName", 1))
26868	}
26869
26870	if invalidParams.Len() > 0 {
26871		return invalidParams
26872	}
26873	return nil
26874}
26875
26876// SetMarker sets the Marker field's value.
26877func (s *ListInstanceProfilesForRoleInput) SetMarker(v string) *ListInstanceProfilesForRoleInput {
26878	s.Marker = &v
26879	return s
26880}
26881
26882// SetMaxItems sets the MaxItems field's value.
26883func (s *ListInstanceProfilesForRoleInput) SetMaxItems(v int64) *ListInstanceProfilesForRoleInput {
26884	s.MaxItems = &v
26885	return s
26886}
26887
26888// SetRoleName sets the RoleName field's value.
26889func (s *ListInstanceProfilesForRoleInput) SetRoleName(v string) *ListInstanceProfilesForRoleInput {
26890	s.RoleName = &v
26891	return s
26892}
26893
26894// Contains the response to a successful ListInstanceProfilesForRole request.
26895type ListInstanceProfilesForRoleOutput struct {
26896	_ struct{} `type:"structure"`
26897
26898	// A list of instance profiles.
26899	//
26900	// InstanceProfiles is a required field
26901	InstanceProfiles []*InstanceProfile `type:"list" required:"true"`
26902
26903	// A flag that indicates whether there are more items to return. If your results
26904	// were truncated, you can make a subsequent pagination request using the Marker
26905	// request parameter to retrieve more items. Note that IAM might return fewer
26906	// than the MaxItems number of results even when there are more results available.
26907	// We recommend that you check IsTruncated after every call to ensure that you
26908	// receive all your results.
26909	IsTruncated *bool `type:"boolean"`
26910
26911	// When IsTruncated is true, this element is present and contains the value
26912	// to use for the Marker parameter in a subsequent pagination request.
26913	Marker *string `type:"string"`
26914}
26915
26916// String returns the string representation
26917func (s ListInstanceProfilesForRoleOutput) String() string {
26918	return awsutil.Prettify(s)
26919}
26920
26921// GoString returns the string representation
26922func (s ListInstanceProfilesForRoleOutput) GoString() string {
26923	return s.String()
26924}
26925
26926// SetInstanceProfiles sets the InstanceProfiles field's value.
26927func (s *ListInstanceProfilesForRoleOutput) SetInstanceProfiles(v []*InstanceProfile) *ListInstanceProfilesForRoleOutput {
26928	s.InstanceProfiles = v
26929	return s
26930}
26931
26932// SetIsTruncated sets the IsTruncated field's value.
26933func (s *ListInstanceProfilesForRoleOutput) SetIsTruncated(v bool) *ListInstanceProfilesForRoleOutput {
26934	s.IsTruncated = &v
26935	return s
26936}
26937
26938// SetMarker sets the Marker field's value.
26939func (s *ListInstanceProfilesForRoleOutput) SetMarker(v string) *ListInstanceProfilesForRoleOutput {
26940	s.Marker = &v
26941	return s
26942}
26943
26944type ListInstanceProfilesInput struct {
26945	_ struct{} `type:"structure"`
26946
26947	// Use this parameter only when paginating results and only after you receive
26948	// a response indicating that the results are truncated. Set it to the value
26949	// of the Marker element in the response that you received to indicate where
26950	// the next call should start.
26951	Marker *string `min:"1" type:"string"`
26952
26953	// Use this only when paginating results to indicate the maximum number of items
26954	// you want in the response. If additional items exist beyond the maximum you
26955	// specify, the IsTruncated response element is true.
26956	//
26957	// If you do not include this parameter, the number of items defaults to 100.
26958	// Note that IAM might return fewer results, even when there are more results
26959	// available. In that case, the IsTruncated response element returns true, and
26960	// Marker contains a value to include in the subsequent call that tells the
26961	// service where to continue from.
26962	MaxItems *int64 `min:"1" type:"integer"`
26963
26964	// The path prefix for filtering the results. For example, the prefix /application_abc/component_xyz/
26965	// gets all instance profiles whose path starts with /application_abc/component_xyz/.
26966	//
26967	// This parameter is optional. If it is not included, it defaults to a slash
26968	// (/), listing all instance profiles. This parameter allows (through its regex
26969	// pattern (http://wikipedia.org/wiki/regex)) a string of characters consisting
26970	// of either a forward slash (/) by itself or a string that must begin and end
26971	// with forward slashes. In addition, it can contain any ASCII character from
26972	// the ! (\u0021) through the DEL character (\u007F), including most punctuation
26973	// characters, digits, and upper and lowercased letters.
26974	PathPrefix *string `min:"1" type:"string"`
26975}
26976
26977// String returns the string representation
26978func (s ListInstanceProfilesInput) String() string {
26979	return awsutil.Prettify(s)
26980}
26981
26982// GoString returns the string representation
26983func (s ListInstanceProfilesInput) GoString() string {
26984	return s.String()
26985}
26986
26987// Validate inspects the fields of the type to determine if they are valid.
26988func (s *ListInstanceProfilesInput) Validate() error {
26989	invalidParams := request.ErrInvalidParams{Context: "ListInstanceProfilesInput"}
26990	if s.Marker != nil && len(*s.Marker) < 1 {
26991		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
26992	}
26993	if s.MaxItems != nil && *s.MaxItems < 1 {
26994		invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1))
26995	}
26996	if s.PathPrefix != nil && len(*s.PathPrefix) < 1 {
26997		invalidParams.Add(request.NewErrParamMinLen("PathPrefix", 1))
26998	}
26999
27000	if invalidParams.Len() > 0 {
27001		return invalidParams
27002	}
27003	return nil
27004}
27005
27006// SetMarker sets the Marker field's value.
27007func (s *ListInstanceProfilesInput) SetMarker(v string) *ListInstanceProfilesInput {
27008	s.Marker = &v
27009	return s
27010}
27011
27012// SetMaxItems sets the MaxItems field's value.
27013func (s *ListInstanceProfilesInput) SetMaxItems(v int64) *ListInstanceProfilesInput {
27014	s.MaxItems = &v
27015	return s
27016}
27017
27018// SetPathPrefix sets the PathPrefix field's value.
27019func (s *ListInstanceProfilesInput) SetPathPrefix(v string) *ListInstanceProfilesInput {
27020	s.PathPrefix = &v
27021	return s
27022}
27023
27024// Contains the response to a successful ListInstanceProfiles request.
27025type ListInstanceProfilesOutput struct {
27026	_ struct{} `type:"structure"`
27027
27028	// A list of instance profiles.
27029	//
27030	// InstanceProfiles is a required field
27031	InstanceProfiles []*InstanceProfile `type:"list" required:"true"`
27032
27033	// A flag that indicates whether there are more items to return. If your results
27034	// were truncated, you can make a subsequent pagination request using the Marker
27035	// request parameter to retrieve more items. Note that IAM might return fewer
27036	// than the MaxItems number of results even when there are more results available.
27037	// We recommend that you check IsTruncated after every call to ensure that you
27038	// receive all your results.
27039	IsTruncated *bool `type:"boolean"`
27040
27041	// When IsTruncated is true, this element is present and contains the value
27042	// to use for the Marker parameter in a subsequent pagination request.
27043	Marker *string `type:"string"`
27044}
27045
27046// String returns the string representation
27047func (s ListInstanceProfilesOutput) String() string {
27048	return awsutil.Prettify(s)
27049}
27050
27051// GoString returns the string representation
27052func (s ListInstanceProfilesOutput) GoString() string {
27053	return s.String()
27054}
27055
27056// SetInstanceProfiles sets the InstanceProfiles field's value.
27057func (s *ListInstanceProfilesOutput) SetInstanceProfiles(v []*InstanceProfile) *ListInstanceProfilesOutput {
27058	s.InstanceProfiles = v
27059	return s
27060}
27061
27062// SetIsTruncated sets the IsTruncated field's value.
27063func (s *ListInstanceProfilesOutput) SetIsTruncated(v bool) *ListInstanceProfilesOutput {
27064	s.IsTruncated = &v
27065	return s
27066}
27067
27068// SetMarker sets the Marker field's value.
27069func (s *ListInstanceProfilesOutput) SetMarker(v string) *ListInstanceProfilesOutput {
27070	s.Marker = &v
27071	return s
27072}
27073
27074type ListMFADeviceTagsInput struct {
27075	_ struct{} `type:"structure"`
27076
27077	// Use this parameter only when paginating results and only after you receive
27078	// a response indicating that the results are truncated. Set it to the value
27079	// of the Marker element in the response that you received to indicate where
27080	// the next call should start.
27081	Marker *string `min:"1" type:"string"`
27082
27083	// (Optional) Use this only when paginating results to indicate the maximum
27084	// number of items that you want in the response. If additional items exist
27085	// beyond the maximum that you specify, the IsTruncated response element is
27086	// true.
27087	//
27088	// If you do not include this parameter, it defaults to 100. Note that IAM might
27089	// return fewer results, even when more results are available. In that case,
27090	// the IsTruncated response element returns true, and Marker contains a value
27091	// to include in the subsequent call that tells the service where to continue
27092	// from.
27093	MaxItems *int64 `min:"1" type:"integer"`
27094
27095	// The unique identifier for the IAM virtual MFA device whose tags you want
27096	// to see. For virtual MFA devices, the serial number is the same as the ARN.
27097	//
27098	// This parameter accepts (through its regex pattern (http://wikipedia.org/wiki/regex))
27099	// a string of characters that consist of upper and lowercase alphanumeric characters
27100	// with no spaces. You can also include any of the following characters: =,.@-
27101	//
27102	// SerialNumber is a required field
27103	SerialNumber *string `min:"9" type:"string" required:"true"`
27104}
27105
27106// String returns the string representation
27107func (s ListMFADeviceTagsInput) String() string {
27108	return awsutil.Prettify(s)
27109}
27110
27111// GoString returns the string representation
27112func (s ListMFADeviceTagsInput) GoString() string {
27113	return s.String()
27114}
27115
27116// Validate inspects the fields of the type to determine if they are valid.
27117func (s *ListMFADeviceTagsInput) Validate() error {
27118	invalidParams := request.ErrInvalidParams{Context: "ListMFADeviceTagsInput"}
27119	if s.Marker != nil && len(*s.Marker) < 1 {
27120		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
27121	}
27122	if s.MaxItems != nil && *s.MaxItems < 1 {
27123		invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1))
27124	}
27125	if s.SerialNumber == nil {
27126		invalidParams.Add(request.NewErrParamRequired("SerialNumber"))
27127	}
27128	if s.SerialNumber != nil && len(*s.SerialNumber) < 9 {
27129		invalidParams.Add(request.NewErrParamMinLen("SerialNumber", 9))
27130	}
27131
27132	if invalidParams.Len() > 0 {
27133		return invalidParams
27134	}
27135	return nil
27136}
27137
27138// SetMarker sets the Marker field's value.
27139func (s *ListMFADeviceTagsInput) SetMarker(v string) *ListMFADeviceTagsInput {
27140	s.Marker = &v
27141	return s
27142}
27143
27144// SetMaxItems sets the MaxItems field's value.
27145func (s *ListMFADeviceTagsInput) SetMaxItems(v int64) *ListMFADeviceTagsInput {
27146	s.MaxItems = &v
27147	return s
27148}
27149
27150// SetSerialNumber sets the SerialNumber field's value.
27151func (s *ListMFADeviceTagsInput) SetSerialNumber(v string) *ListMFADeviceTagsInput {
27152	s.SerialNumber = &v
27153	return s
27154}
27155
27156type ListMFADeviceTagsOutput struct {
27157	_ struct{} `type:"structure"`
27158
27159	// A flag that indicates whether there are more items to return. If your results
27160	// were truncated, you can use the Marker request parameter to make a subsequent
27161	// pagination request that retrieves more items. Note that IAM might return
27162	// fewer than the MaxItems number of results even when more results are available.
27163	// Check IsTruncated after every call to ensure that you receive all of your
27164	// results.
27165	IsTruncated *bool `type:"boolean"`
27166
27167	// When IsTruncated is true, this element is present and contains the value
27168	// to use for the Marker parameter in a subsequent pagination request.
27169	Marker *string `type:"string"`
27170
27171	// The list of tags that are currently attached to the virtual MFA device. Each
27172	// tag consists of a key name and an associated value. If no tags are attached
27173	// to the specified resource, the response contains an empty list.
27174	//
27175	// Tags is a required field
27176	Tags []*Tag `type:"list" required:"true"`
27177}
27178
27179// String returns the string representation
27180func (s ListMFADeviceTagsOutput) String() string {
27181	return awsutil.Prettify(s)
27182}
27183
27184// GoString returns the string representation
27185func (s ListMFADeviceTagsOutput) GoString() string {
27186	return s.String()
27187}
27188
27189// SetIsTruncated sets the IsTruncated field's value.
27190func (s *ListMFADeviceTagsOutput) SetIsTruncated(v bool) *ListMFADeviceTagsOutput {
27191	s.IsTruncated = &v
27192	return s
27193}
27194
27195// SetMarker sets the Marker field's value.
27196func (s *ListMFADeviceTagsOutput) SetMarker(v string) *ListMFADeviceTagsOutput {
27197	s.Marker = &v
27198	return s
27199}
27200
27201// SetTags sets the Tags field's value.
27202func (s *ListMFADeviceTagsOutput) SetTags(v []*Tag) *ListMFADeviceTagsOutput {
27203	s.Tags = v
27204	return s
27205}
27206
27207type ListMFADevicesInput struct {
27208	_ struct{} `type:"structure"`
27209
27210	// Use this parameter only when paginating results and only after you receive
27211	// a response indicating that the results are truncated. Set it to the value
27212	// of the Marker element in the response that you received to indicate where
27213	// the next call should start.
27214	Marker *string `min:"1" type:"string"`
27215
27216	// Use this only when paginating results to indicate the maximum number of items
27217	// you want in the response. If additional items exist beyond the maximum you
27218	// specify, the IsTruncated response element is true.
27219	//
27220	// If you do not include this parameter, the number of items defaults to 100.
27221	// Note that IAM might return fewer results, even when there are more results
27222	// available. In that case, the IsTruncated response element returns true, and
27223	// Marker contains a value to include in the subsequent call that tells the
27224	// service where to continue from.
27225	MaxItems *int64 `min:"1" type:"integer"`
27226
27227	// The name of the user whose MFA devices you want to list.
27228	//
27229	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
27230	// a string of characters consisting of upper and lowercase alphanumeric characters
27231	// with no spaces. You can also include any of the following characters: _+=,.@-
27232	UserName *string `min:"1" type:"string"`
27233}
27234
27235// String returns the string representation
27236func (s ListMFADevicesInput) String() string {
27237	return awsutil.Prettify(s)
27238}
27239
27240// GoString returns the string representation
27241func (s ListMFADevicesInput) GoString() string {
27242	return s.String()
27243}
27244
27245// Validate inspects the fields of the type to determine if they are valid.
27246func (s *ListMFADevicesInput) Validate() error {
27247	invalidParams := request.ErrInvalidParams{Context: "ListMFADevicesInput"}
27248	if s.Marker != nil && len(*s.Marker) < 1 {
27249		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
27250	}
27251	if s.MaxItems != nil && *s.MaxItems < 1 {
27252		invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1))
27253	}
27254	if s.UserName != nil && len(*s.UserName) < 1 {
27255		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
27256	}
27257
27258	if invalidParams.Len() > 0 {
27259		return invalidParams
27260	}
27261	return nil
27262}
27263
27264// SetMarker sets the Marker field's value.
27265func (s *ListMFADevicesInput) SetMarker(v string) *ListMFADevicesInput {
27266	s.Marker = &v
27267	return s
27268}
27269
27270// SetMaxItems sets the MaxItems field's value.
27271func (s *ListMFADevicesInput) SetMaxItems(v int64) *ListMFADevicesInput {
27272	s.MaxItems = &v
27273	return s
27274}
27275
27276// SetUserName sets the UserName field's value.
27277func (s *ListMFADevicesInput) SetUserName(v string) *ListMFADevicesInput {
27278	s.UserName = &v
27279	return s
27280}
27281
27282// Contains the response to a successful ListMFADevices request.
27283type ListMFADevicesOutput struct {
27284	_ struct{} `type:"structure"`
27285
27286	// A flag that indicates whether there are more items to return. If your results
27287	// were truncated, you can make a subsequent pagination request using the Marker
27288	// request parameter to retrieve more items. Note that IAM might return fewer
27289	// than the MaxItems number of results even when there are more results available.
27290	// We recommend that you check IsTruncated after every call to ensure that you
27291	// receive all your results.
27292	IsTruncated *bool `type:"boolean"`
27293
27294	// A list of MFA devices.
27295	//
27296	// MFADevices is a required field
27297	MFADevices []*MFADevice `type:"list" required:"true"`
27298
27299	// When IsTruncated is true, this element is present and contains the value
27300	// to use for the Marker parameter in a subsequent pagination request.
27301	Marker *string `type:"string"`
27302}
27303
27304// String returns the string representation
27305func (s ListMFADevicesOutput) String() string {
27306	return awsutil.Prettify(s)
27307}
27308
27309// GoString returns the string representation
27310func (s ListMFADevicesOutput) GoString() string {
27311	return s.String()
27312}
27313
27314// SetIsTruncated sets the IsTruncated field's value.
27315func (s *ListMFADevicesOutput) SetIsTruncated(v bool) *ListMFADevicesOutput {
27316	s.IsTruncated = &v
27317	return s
27318}
27319
27320// SetMFADevices sets the MFADevices field's value.
27321func (s *ListMFADevicesOutput) SetMFADevices(v []*MFADevice) *ListMFADevicesOutput {
27322	s.MFADevices = v
27323	return s
27324}
27325
27326// SetMarker sets the Marker field's value.
27327func (s *ListMFADevicesOutput) SetMarker(v string) *ListMFADevicesOutput {
27328	s.Marker = &v
27329	return s
27330}
27331
27332type ListOpenIDConnectProviderTagsInput struct {
27333	_ struct{} `type:"structure"`
27334
27335	// Use this parameter only when paginating results and only after you receive
27336	// a response indicating that the results are truncated. Set it to the value
27337	// of the Marker element in the response that you received to indicate where
27338	// the next call should start.
27339	Marker *string `min:"1" type:"string"`
27340
27341	// (Optional) Use this only when paginating results to indicate the maximum
27342	// number of items that you want in the response. If additional items exist
27343	// beyond the maximum that you specify, the IsTruncated response element is
27344	// true.
27345	//
27346	// If you do not include this parameter, it defaults to 100. Note that IAM might
27347	// return fewer results, even when more results are available. In that case,
27348	// the IsTruncated response element returns true, and Marker contains a value
27349	// to include in the subsequent call that tells the service where to continue
27350	// from.
27351	MaxItems *int64 `min:"1" type:"integer"`
27352
27353	// The ARN of the OpenID Connect (OIDC) identity provider whose tags you want
27354	// to see.
27355	//
27356	// This parameter accepts (through its regex pattern (http://wikipedia.org/wiki/regex))
27357	// a string of characters that consist of upper and lowercase alphanumeric characters
27358	// with no spaces. You can also include any of the following characters: =,.@-
27359	//
27360	// OpenIDConnectProviderArn is a required field
27361	OpenIDConnectProviderArn *string `min:"20" type:"string" required:"true"`
27362}
27363
27364// String returns the string representation
27365func (s ListOpenIDConnectProviderTagsInput) String() string {
27366	return awsutil.Prettify(s)
27367}
27368
27369// GoString returns the string representation
27370func (s ListOpenIDConnectProviderTagsInput) GoString() string {
27371	return s.String()
27372}
27373
27374// Validate inspects the fields of the type to determine if they are valid.
27375func (s *ListOpenIDConnectProviderTagsInput) Validate() error {
27376	invalidParams := request.ErrInvalidParams{Context: "ListOpenIDConnectProviderTagsInput"}
27377	if s.Marker != nil && len(*s.Marker) < 1 {
27378		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
27379	}
27380	if s.MaxItems != nil && *s.MaxItems < 1 {
27381		invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1))
27382	}
27383	if s.OpenIDConnectProviderArn == nil {
27384		invalidParams.Add(request.NewErrParamRequired("OpenIDConnectProviderArn"))
27385	}
27386	if s.OpenIDConnectProviderArn != nil && len(*s.OpenIDConnectProviderArn) < 20 {
27387		invalidParams.Add(request.NewErrParamMinLen("OpenIDConnectProviderArn", 20))
27388	}
27389
27390	if invalidParams.Len() > 0 {
27391		return invalidParams
27392	}
27393	return nil
27394}
27395
27396// SetMarker sets the Marker field's value.
27397func (s *ListOpenIDConnectProviderTagsInput) SetMarker(v string) *ListOpenIDConnectProviderTagsInput {
27398	s.Marker = &v
27399	return s
27400}
27401
27402// SetMaxItems sets the MaxItems field's value.
27403func (s *ListOpenIDConnectProviderTagsInput) SetMaxItems(v int64) *ListOpenIDConnectProviderTagsInput {
27404	s.MaxItems = &v
27405	return s
27406}
27407
27408// SetOpenIDConnectProviderArn sets the OpenIDConnectProviderArn field's value.
27409func (s *ListOpenIDConnectProviderTagsInput) SetOpenIDConnectProviderArn(v string) *ListOpenIDConnectProviderTagsInput {
27410	s.OpenIDConnectProviderArn = &v
27411	return s
27412}
27413
27414type ListOpenIDConnectProviderTagsOutput struct {
27415	_ struct{} `type:"structure"`
27416
27417	// A flag that indicates whether there are more items to return. If your results
27418	// were truncated, you can use the Marker request parameter to make a subsequent
27419	// pagination request that retrieves more items. Note that IAM might return
27420	// fewer than the MaxItems number of results even when more results are available.
27421	// Check IsTruncated after every call to ensure that you receive all of your
27422	// results.
27423	IsTruncated *bool `type:"boolean"`
27424
27425	// When IsTruncated is true, this element is present and contains the value
27426	// to use for the Marker parameter in a subsequent pagination request.
27427	Marker *string `type:"string"`
27428
27429	// The list of tags that are currently attached to the OpenID Connect (OIDC)
27430	// identity provider. Each tag consists of a key name and an associated value.
27431	// If no tags are attached to the specified resource, the response contains
27432	// an empty list.
27433	//
27434	// Tags is a required field
27435	Tags []*Tag `type:"list" required:"true"`
27436}
27437
27438// String returns the string representation
27439func (s ListOpenIDConnectProviderTagsOutput) String() string {
27440	return awsutil.Prettify(s)
27441}
27442
27443// GoString returns the string representation
27444func (s ListOpenIDConnectProviderTagsOutput) GoString() string {
27445	return s.String()
27446}
27447
27448// SetIsTruncated sets the IsTruncated field's value.
27449func (s *ListOpenIDConnectProviderTagsOutput) SetIsTruncated(v bool) *ListOpenIDConnectProviderTagsOutput {
27450	s.IsTruncated = &v
27451	return s
27452}
27453
27454// SetMarker sets the Marker field's value.
27455func (s *ListOpenIDConnectProviderTagsOutput) SetMarker(v string) *ListOpenIDConnectProviderTagsOutput {
27456	s.Marker = &v
27457	return s
27458}
27459
27460// SetTags sets the Tags field's value.
27461func (s *ListOpenIDConnectProviderTagsOutput) SetTags(v []*Tag) *ListOpenIDConnectProviderTagsOutput {
27462	s.Tags = v
27463	return s
27464}
27465
27466type ListOpenIDConnectProvidersInput struct {
27467	_ struct{} `type:"structure"`
27468}
27469
27470// String returns the string representation
27471func (s ListOpenIDConnectProvidersInput) String() string {
27472	return awsutil.Prettify(s)
27473}
27474
27475// GoString returns the string representation
27476func (s ListOpenIDConnectProvidersInput) GoString() string {
27477	return s.String()
27478}
27479
27480// Contains the response to a successful ListOpenIDConnectProviders request.
27481type ListOpenIDConnectProvidersOutput struct {
27482	_ struct{} `type:"structure"`
27483
27484	// The list of IAM OIDC provider resource objects defined in the AWS account.
27485	OpenIDConnectProviderList []*OpenIDConnectProviderListEntry `type:"list"`
27486}
27487
27488// String returns the string representation
27489func (s ListOpenIDConnectProvidersOutput) String() string {
27490	return awsutil.Prettify(s)
27491}
27492
27493// GoString returns the string representation
27494func (s ListOpenIDConnectProvidersOutput) GoString() string {
27495	return s.String()
27496}
27497
27498// SetOpenIDConnectProviderList sets the OpenIDConnectProviderList field's value.
27499func (s *ListOpenIDConnectProvidersOutput) SetOpenIDConnectProviderList(v []*OpenIDConnectProviderListEntry) *ListOpenIDConnectProvidersOutput {
27500	s.OpenIDConnectProviderList = v
27501	return s
27502}
27503
27504// Contains details about the permissions policies that are attached to the
27505// specified identity (user, group, or role).
27506//
27507// This data type is used as a response element in the ListPoliciesGrantingServiceAccess
27508// operation.
27509type ListPoliciesGrantingServiceAccessEntry struct {
27510	_ struct{} `type:"structure"`
27511
27512	// The PoliciesGrantingServiceAccess object that contains details about the
27513	// policy.
27514	Policies []*PolicyGrantingServiceAccess `type:"list"`
27515
27516	// The namespace of the service that was accessed.
27517	//
27518	// To learn the service namespace of a service, see Actions, resources, and
27519	// condition keys for AWS services (https://docs.aws.amazon.com/service-authorization/latest/reference/reference_policies_actions-resources-contextkeys.html)
27520	// in the Service Authorization Reference. Choose the name of the service to
27521	// view details for that service. In the first paragraph, find the service prefix.
27522	// For example, (service prefix: a4b). For more information about service namespaces,
27523	// see AWS service namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html#genref-aws-service-namespaces)
27524	// in the AWS General Reference.
27525	ServiceNamespace *string `min:"1" type:"string"`
27526}
27527
27528// String returns the string representation
27529func (s ListPoliciesGrantingServiceAccessEntry) String() string {
27530	return awsutil.Prettify(s)
27531}
27532
27533// GoString returns the string representation
27534func (s ListPoliciesGrantingServiceAccessEntry) GoString() string {
27535	return s.String()
27536}
27537
27538// SetPolicies sets the Policies field's value.
27539func (s *ListPoliciesGrantingServiceAccessEntry) SetPolicies(v []*PolicyGrantingServiceAccess) *ListPoliciesGrantingServiceAccessEntry {
27540	s.Policies = v
27541	return s
27542}
27543
27544// SetServiceNamespace sets the ServiceNamespace field's value.
27545func (s *ListPoliciesGrantingServiceAccessEntry) SetServiceNamespace(v string) *ListPoliciesGrantingServiceAccessEntry {
27546	s.ServiceNamespace = &v
27547	return s
27548}
27549
27550type ListPoliciesGrantingServiceAccessInput struct {
27551	_ struct{} `type:"structure"`
27552
27553	// The ARN of the IAM identity (user, group, or role) whose policies you want
27554	// to list.
27555	//
27556	// Arn is a required field
27557	Arn *string `min:"20" type:"string" required:"true"`
27558
27559	// Use this parameter only when paginating results and only after you receive
27560	// a response indicating that the results are truncated. Set it to the value
27561	// of the Marker element in the response that you received to indicate where
27562	// the next call should start.
27563	Marker *string `min:"1" type:"string"`
27564
27565	// The service namespace for the AWS services whose policies you want to list.
27566	//
27567	// To learn the service namespace for a service, see Actions, resources, and
27568	// condition keys for AWS services (https://docs.aws.amazon.com/service-authorization/latest/reference/reference_policies_actions-resources-contextkeys.html)
27569	// in the IAM User Guide. Choose the name of the service to view details for
27570	// that service. In the first paragraph, find the service prefix. For example,
27571	// (service prefix: a4b). For more information about service namespaces, see
27572	// AWS service namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html#genref-aws-service-namespaces)
27573	// in the AWS General Reference.
27574	//
27575	// ServiceNamespaces is a required field
27576	ServiceNamespaces []*string `min:"1" type:"list" required:"true"`
27577}
27578
27579// String returns the string representation
27580func (s ListPoliciesGrantingServiceAccessInput) String() string {
27581	return awsutil.Prettify(s)
27582}
27583
27584// GoString returns the string representation
27585func (s ListPoliciesGrantingServiceAccessInput) GoString() string {
27586	return s.String()
27587}
27588
27589// Validate inspects the fields of the type to determine if they are valid.
27590func (s *ListPoliciesGrantingServiceAccessInput) Validate() error {
27591	invalidParams := request.ErrInvalidParams{Context: "ListPoliciesGrantingServiceAccessInput"}
27592	if s.Arn == nil {
27593		invalidParams.Add(request.NewErrParamRequired("Arn"))
27594	}
27595	if s.Arn != nil && len(*s.Arn) < 20 {
27596		invalidParams.Add(request.NewErrParamMinLen("Arn", 20))
27597	}
27598	if s.Marker != nil && len(*s.Marker) < 1 {
27599		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
27600	}
27601	if s.ServiceNamespaces == nil {
27602		invalidParams.Add(request.NewErrParamRequired("ServiceNamespaces"))
27603	}
27604	if s.ServiceNamespaces != nil && len(s.ServiceNamespaces) < 1 {
27605		invalidParams.Add(request.NewErrParamMinLen("ServiceNamespaces", 1))
27606	}
27607
27608	if invalidParams.Len() > 0 {
27609		return invalidParams
27610	}
27611	return nil
27612}
27613
27614// SetArn sets the Arn field's value.
27615func (s *ListPoliciesGrantingServiceAccessInput) SetArn(v string) *ListPoliciesGrantingServiceAccessInput {
27616	s.Arn = &v
27617	return s
27618}
27619
27620// SetMarker sets the Marker field's value.
27621func (s *ListPoliciesGrantingServiceAccessInput) SetMarker(v string) *ListPoliciesGrantingServiceAccessInput {
27622	s.Marker = &v
27623	return s
27624}
27625
27626// SetServiceNamespaces sets the ServiceNamespaces field's value.
27627func (s *ListPoliciesGrantingServiceAccessInput) SetServiceNamespaces(v []*string) *ListPoliciesGrantingServiceAccessInput {
27628	s.ServiceNamespaces = v
27629	return s
27630}
27631
27632type ListPoliciesGrantingServiceAccessOutput struct {
27633	_ struct{} `type:"structure"`
27634
27635	// A flag that indicates whether there are more items to return. If your results
27636	// were truncated, you can make a subsequent pagination request using the Marker
27637	// request parameter to retrieve more items. We recommend that you check IsTruncated
27638	// after every call to ensure that you receive all your results.
27639	IsTruncated *bool `type:"boolean"`
27640
27641	// When IsTruncated is true, this element is present and contains the value
27642	// to use for the Marker parameter in a subsequent pagination request.
27643	Marker *string `type:"string"`
27644
27645	// A ListPoliciesGrantingServiceAccess object that contains details about the
27646	// permissions policies attached to the specified identity (user, group, or
27647	// role).
27648	//
27649	// PoliciesGrantingServiceAccess is a required field
27650	PoliciesGrantingServiceAccess []*ListPoliciesGrantingServiceAccessEntry `type:"list" required:"true"`
27651}
27652
27653// String returns the string representation
27654func (s ListPoliciesGrantingServiceAccessOutput) String() string {
27655	return awsutil.Prettify(s)
27656}
27657
27658// GoString returns the string representation
27659func (s ListPoliciesGrantingServiceAccessOutput) GoString() string {
27660	return s.String()
27661}
27662
27663// SetIsTruncated sets the IsTruncated field's value.
27664func (s *ListPoliciesGrantingServiceAccessOutput) SetIsTruncated(v bool) *ListPoliciesGrantingServiceAccessOutput {
27665	s.IsTruncated = &v
27666	return s
27667}
27668
27669// SetMarker sets the Marker field's value.
27670func (s *ListPoliciesGrantingServiceAccessOutput) SetMarker(v string) *ListPoliciesGrantingServiceAccessOutput {
27671	s.Marker = &v
27672	return s
27673}
27674
27675// SetPoliciesGrantingServiceAccess sets the PoliciesGrantingServiceAccess field's value.
27676func (s *ListPoliciesGrantingServiceAccessOutput) SetPoliciesGrantingServiceAccess(v []*ListPoliciesGrantingServiceAccessEntry) *ListPoliciesGrantingServiceAccessOutput {
27677	s.PoliciesGrantingServiceAccess = v
27678	return s
27679}
27680
27681type ListPoliciesInput struct {
27682	_ struct{} `type:"structure"`
27683
27684	// Use this parameter only when paginating results and only after you receive
27685	// a response indicating that the results are truncated. Set it to the value
27686	// of the Marker element in the response that you received to indicate where
27687	// the next call should start.
27688	Marker *string `min:"1" type:"string"`
27689
27690	// Use this only when paginating results to indicate the maximum number of items
27691	// you want in the response. If additional items exist beyond the maximum you
27692	// specify, the IsTruncated response element is true.
27693	//
27694	// If you do not include this parameter, the number of items defaults to 100.
27695	// Note that IAM might return fewer results, even when there are more results
27696	// available. In that case, the IsTruncated response element returns true, and
27697	// Marker contains a value to include in the subsequent call that tells the
27698	// service where to continue from.
27699	MaxItems *int64 `min:"1" type:"integer"`
27700
27701	// A flag to filter the results to only the attached policies.
27702	//
27703	// When OnlyAttached is true, the returned list contains only the policies that
27704	// are attached to an IAM user, group, or role. When OnlyAttached is false,
27705	// or when the parameter is not included, all policies are returned.
27706	OnlyAttached *bool `type:"boolean"`
27707
27708	// The path prefix for filtering the results. This parameter is optional. If
27709	// it is not included, it defaults to a slash (/), listing all policies. This
27710	// parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
27711	// a string of characters consisting of either a forward slash (/) by itself
27712	// or a string that must begin and end with forward slashes. In addition, it
27713	// can contain any ASCII character from the ! (\u0021) through the DEL character
27714	// (\u007F), including most punctuation characters, digits, and upper and lowercased
27715	// letters.
27716	PathPrefix *string `min:"1" type:"string"`
27717
27718	// The policy usage method to use for filtering the results.
27719	//
27720	// To list only permissions policies, set PolicyUsageFilter to PermissionsPolicy.
27721	// To list only the policies used to set permissions boundaries, set the value
27722	// to PermissionsBoundary.
27723	//
27724	// This parameter is optional. If it is not included, all policies are returned.
27725	PolicyUsageFilter *string `type:"string" enum:"PolicyUsageType"`
27726
27727	// The scope to use for filtering the results.
27728	//
27729	// To list only AWS managed policies, set Scope to AWS. To list only the customer
27730	// managed policies in your AWS account, set Scope to Local.
27731	//
27732	// This parameter is optional. If it is not included, or if it is set to All,
27733	// all policies are returned.
27734	Scope *string `type:"string" enum:"PolicyScopeType"`
27735}
27736
27737// String returns the string representation
27738func (s ListPoliciesInput) String() string {
27739	return awsutil.Prettify(s)
27740}
27741
27742// GoString returns the string representation
27743func (s ListPoliciesInput) GoString() string {
27744	return s.String()
27745}
27746
27747// Validate inspects the fields of the type to determine if they are valid.
27748func (s *ListPoliciesInput) Validate() error {
27749	invalidParams := request.ErrInvalidParams{Context: "ListPoliciesInput"}
27750	if s.Marker != nil && len(*s.Marker) < 1 {
27751		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
27752	}
27753	if s.MaxItems != nil && *s.MaxItems < 1 {
27754		invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1))
27755	}
27756	if s.PathPrefix != nil && len(*s.PathPrefix) < 1 {
27757		invalidParams.Add(request.NewErrParamMinLen("PathPrefix", 1))
27758	}
27759
27760	if invalidParams.Len() > 0 {
27761		return invalidParams
27762	}
27763	return nil
27764}
27765
27766// SetMarker sets the Marker field's value.
27767func (s *ListPoliciesInput) SetMarker(v string) *ListPoliciesInput {
27768	s.Marker = &v
27769	return s
27770}
27771
27772// SetMaxItems sets the MaxItems field's value.
27773func (s *ListPoliciesInput) SetMaxItems(v int64) *ListPoliciesInput {
27774	s.MaxItems = &v
27775	return s
27776}
27777
27778// SetOnlyAttached sets the OnlyAttached field's value.
27779func (s *ListPoliciesInput) SetOnlyAttached(v bool) *ListPoliciesInput {
27780	s.OnlyAttached = &v
27781	return s
27782}
27783
27784// SetPathPrefix sets the PathPrefix field's value.
27785func (s *ListPoliciesInput) SetPathPrefix(v string) *ListPoliciesInput {
27786	s.PathPrefix = &v
27787	return s
27788}
27789
27790// SetPolicyUsageFilter sets the PolicyUsageFilter field's value.
27791func (s *ListPoliciesInput) SetPolicyUsageFilter(v string) *ListPoliciesInput {
27792	s.PolicyUsageFilter = &v
27793	return s
27794}
27795
27796// SetScope sets the Scope field's value.
27797func (s *ListPoliciesInput) SetScope(v string) *ListPoliciesInput {
27798	s.Scope = &v
27799	return s
27800}
27801
27802// Contains the response to a successful ListPolicies request.
27803type ListPoliciesOutput struct {
27804	_ struct{} `type:"structure"`
27805
27806	// A flag that indicates whether there are more items to return. If your results
27807	// were truncated, you can make a subsequent pagination request using the Marker
27808	// request parameter to retrieve more items. Note that IAM might return fewer
27809	// than the MaxItems number of results even when there are more results available.
27810	// We recommend that you check IsTruncated after every call to ensure that you
27811	// receive all your results.
27812	IsTruncated *bool `type:"boolean"`
27813
27814	// When IsTruncated is true, this element is present and contains the value
27815	// to use for the Marker parameter in a subsequent pagination request.
27816	Marker *string `type:"string"`
27817
27818	// A list of policies.
27819	Policies []*Policy `type:"list"`
27820}
27821
27822// String returns the string representation
27823func (s ListPoliciesOutput) String() string {
27824	return awsutil.Prettify(s)
27825}
27826
27827// GoString returns the string representation
27828func (s ListPoliciesOutput) GoString() string {
27829	return s.String()
27830}
27831
27832// SetIsTruncated sets the IsTruncated field's value.
27833func (s *ListPoliciesOutput) SetIsTruncated(v bool) *ListPoliciesOutput {
27834	s.IsTruncated = &v
27835	return s
27836}
27837
27838// SetMarker sets the Marker field's value.
27839func (s *ListPoliciesOutput) SetMarker(v string) *ListPoliciesOutput {
27840	s.Marker = &v
27841	return s
27842}
27843
27844// SetPolicies sets the Policies field's value.
27845func (s *ListPoliciesOutput) SetPolicies(v []*Policy) *ListPoliciesOutput {
27846	s.Policies = v
27847	return s
27848}
27849
27850type ListPolicyTagsInput struct {
27851	_ struct{} `type:"structure"`
27852
27853	// Use this parameter only when paginating results and only after you receive
27854	// a response indicating that the results are truncated. Set it to the value
27855	// of the Marker element in the response that you received to indicate where
27856	// the next call should start.
27857	Marker *string `min:"1" type:"string"`
27858
27859	// (Optional) Use this only when paginating results to indicate the maximum
27860	// number of items that you want in the response. If additional items exist
27861	// beyond the maximum that you specify, the IsTruncated response element is
27862	// true.
27863	//
27864	// If you do not include this parameter, it defaults to 100. Note that IAM might
27865	// return fewer results, even when more results are available. In that case,
27866	// the IsTruncated response element returns true, and Marker contains a value
27867	// to include in the subsequent call that tells the service where to continue
27868	// from.
27869	MaxItems *int64 `min:"1" type:"integer"`
27870
27871	// The ARN of the IAM customer managed policy whose tags you want to see.
27872	//
27873	// This parameter accepts (through its regex pattern (http://wikipedia.org/wiki/regex))
27874	// a string of characters that consist of upper and lowercase alphanumeric characters
27875	// with no spaces. You can also include any of the following characters: =,.@-
27876	//
27877	// PolicyArn is a required field
27878	PolicyArn *string `min:"20" type:"string" required:"true"`
27879}
27880
27881// String returns the string representation
27882func (s ListPolicyTagsInput) String() string {
27883	return awsutil.Prettify(s)
27884}
27885
27886// GoString returns the string representation
27887func (s ListPolicyTagsInput) GoString() string {
27888	return s.String()
27889}
27890
27891// Validate inspects the fields of the type to determine if they are valid.
27892func (s *ListPolicyTagsInput) Validate() error {
27893	invalidParams := request.ErrInvalidParams{Context: "ListPolicyTagsInput"}
27894	if s.Marker != nil && len(*s.Marker) < 1 {
27895		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
27896	}
27897	if s.MaxItems != nil && *s.MaxItems < 1 {
27898		invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1))
27899	}
27900	if s.PolicyArn == nil {
27901		invalidParams.Add(request.NewErrParamRequired("PolicyArn"))
27902	}
27903	if s.PolicyArn != nil && len(*s.PolicyArn) < 20 {
27904		invalidParams.Add(request.NewErrParamMinLen("PolicyArn", 20))
27905	}
27906
27907	if invalidParams.Len() > 0 {
27908		return invalidParams
27909	}
27910	return nil
27911}
27912
27913// SetMarker sets the Marker field's value.
27914func (s *ListPolicyTagsInput) SetMarker(v string) *ListPolicyTagsInput {
27915	s.Marker = &v
27916	return s
27917}
27918
27919// SetMaxItems sets the MaxItems field's value.
27920func (s *ListPolicyTagsInput) SetMaxItems(v int64) *ListPolicyTagsInput {
27921	s.MaxItems = &v
27922	return s
27923}
27924
27925// SetPolicyArn sets the PolicyArn field's value.
27926func (s *ListPolicyTagsInput) SetPolicyArn(v string) *ListPolicyTagsInput {
27927	s.PolicyArn = &v
27928	return s
27929}
27930
27931type ListPolicyTagsOutput struct {
27932	_ struct{} `type:"structure"`
27933
27934	// A flag that indicates whether there are more items to return. If your results
27935	// were truncated, you can use the Marker request parameter to make a subsequent
27936	// pagination request that retrieves more items. Note that IAM might return
27937	// fewer than the MaxItems number of results even when more results are available.
27938	// Check IsTruncated after every call to ensure that you receive all of your
27939	// results.
27940	IsTruncated *bool `type:"boolean"`
27941
27942	// When IsTruncated is true, this element is present and contains the value
27943	// to use for the Marker parameter in a subsequent pagination request.
27944	Marker *string `type:"string"`
27945
27946	// The list of tags that are currently attached to the IAM customer managed
27947	// policy. Each tag consists of a key name and an associated value. If no tags
27948	// are attached to the specified resource, the response contains an empty list.
27949	//
27950	// Tags is a required field
27951	Tags []*Tag `type:"list" required:"true"`
27952}
27953
27954// String returns the string representation
27955func (s ListPolicyTagsOutput) String() string {
27956	return awsutil.Prettify(s)
27957}
27958
27959// GoString returns the string representation
27960func (s ListPolicyTagsOutput) GoString() string {
27961	return s.String()
27962}
27963
27964// SetIsTruncated sets the IsTruncated field's value.
27965func (s *ListPolicyTagsOutput) SetIsTruncated(v bool) *ListPolicyTagsOutput {
27966	s.IsTruncated = &v
27967	return s
27968}
27969
27970// SetMarker sets the Marker field's value.
27971func (s *ListPolicyTagsOutput) SetMarker(v string) *ListPolicyTagsOutput {
27972	s.Marker = &v
27973	return s
27974}
27975
27976// SetTags sets the Tags field's value.
27977func (s *ListPolicyTagsOutput) SetTags(v []*Tag) *ListPolicyTagsOutput {
27978	s.Tags = v
27979	return s
27980}
27981
27982type ListPolicyVersionsInput struct {
27983	_ struct{} `type:"structure"`
27984
27985	// Use this parameter only when paginating results and only after you receive
27986	// a response indicating that the results are truncated. Set it to the value
27987	// of the Marker element in the response that you received to indicate where
27988	// the next call should start.
27989	Marker *string `min:"1" type:"string"`
27990
27991	// Use this only when paginating results to indicate the maximum number of items
27992	// you want in the response. If additional items exist beyond the maximum you
27993	// specify, the IsTruncated response element is true.
27994	//
27995	// If you do not include this parameter, the number of items defaults to 100.
27996	// Note that IAM might return fewer results, even when there are more results
27997	// available. In that case, the IsTruncated response element returns true, and
27998	// Marker contains a value to include in the subsequent call that tells the
27999	// service where to continue from.
28000	MaxItems *int64 `min:"1" type:"integer"`
28001
28002	// The Amazon Resource Name (ARN) of the IAM policy for which you want the versions.
28003	//
28004	// For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
28005	// in the AWS General Reference.
28006	//
28007	// PolicyArn is a required field
28008	PolicyArn *string `min:"20" type:"string" required:"true"`
28009}
28010
28011// String returns the string representation
28012func (s ListPolicyVersionsInput) String() string {
28013	return awsutil.Prettify(s)
28014}
28015
28016// GoString returns the string representation
28017func (s ListPolicyVersionsInput) GoString() string {
28018	return s.String()
28019}
28020
28021// Validate inspects the fields of the type to determine if they are valid.
28022func (s *ListPolicyVersionsInput) Validate() error {
28023	invalidParams := request.ErrInvalidParams{Context: "ListPolicyVersionsInput"}
28024	if s.Marker != nil && len(*s.Marker) < 1 {
28025		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
28026	}
28027	if s.MaxItems != nil && *s.MaxItems < 1 {
28028		invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1))
28029	}
28030	if s.PolicyArn == nil {
28031		invalidParams.Add(request.NewErrParamRequired("PolicyArn"))
28032	}
28033	if s.PolicyArn != nil && len(*s.PolicyArn) < 20 {
28034		invalidParams.Add(request.NewErrParamMinLen("PolicyArn", 20))
28035	}
28036
28037	if invalidParams.Len() > 0 {
28038		return invalidParams
28039	}
28040	return nil
28041}
28042
28043// SetMarker sets the Marker field's value.
28044func (s *ListPolicyVersionsInput) SetMarker(v string) *ListPolicyVersionsInput {
28045	s.Marker = &v
28046	return s
28047}
28048
28049// SetMaxItems sets the MaxItems field's value.
28050func (s *ListPolicyVersionsInput) SetMaxItems(v int64) *ListPolicyVersionsInput {
28051	s.MaxItems = &v
28052	return s
28053}
28054
28055// SetPolicyArn sets the PolicyArn field's value.
28056func (s *ListPolicyVersionsInput) SetPolicyArn(v string) *ListPolicyVersionsInput {
28057	s.PolicyArn = &v
28058	return s
28059}
28060
28061// Contains the response to a successful ListPolicyVersions request.
28062type ListPolicyVersionsOutput struct {
28063	_ struct{} `type:"structure"`
28064
28065	// A flag that indicates whether there are more items to return. If your results
28066	// were truncated, you can make a subsequent pagination request using the Marker
28067	// request parameter to retrieve more items. Note that IAM might return fewer
28068	// than the MaxItems number of results even when there are more results available.
28069	// We recommend that you check IsTruncated after every call to ensure that you
28070	// receive all your results.
28071	IsTruncated *bool `type:"boolean"`
28072
28073	// When IsTruncated is true, this element is present and contains the value
28074	// to use for the Marker parameter in a subsequent pagination request.
28075	Marker *string `type:"string"`
28076
28077	// A list of policy versions.
28078	//
28079	// For more information about managed policy versions, see Versioning for managed
28080	// policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-versions.html)
28081	// in the IAM User Guide.
28082	Versions []*PolicyVersion `type:"list"`
28083}
28084
28085// String returns the string representation
28086func (s ListPolicyVersionsOutput) String() string {
28087	return awsutil.Prettify(s)
28088}
28089
28090// GoString returns the string representation
28091func (s ListPolicyVersionsOutput) GoString() string {
28092	return s.String()
28093}
28094
28095// SetIsTruncated sets the IsTruncated field's value.
28096func (s *ListPolicyVersionsOutput) SetIsTruncated(v bool) *ListPolicyVersionsOutput {
28097	s.IsTruncated = &v
28098	return s
28099}
28100
28101// SetMarker sets the Marker field's value.
28102func (s *ListPolicyVersionsOutput) SetMarker(v string) *ListPolicyVersionsOutput {
28103	s.Marker = &v
28104	return s
28105}
28106
28107// SetVersions sets the Versions field's value.
28108func (s *ListPolicyVersionsOutput) SetVersions(v []*PolicyVersion) *ListPolicyVersionsOutput {
28109	s.Versions = v
28110	return s
28111}
28112
28113type ListRolePoliciesInput struct {
28114	_ struct{} `type:"structure"`
28115
28116	// Use this parameter only when paginating results and only after you receive
28117	// a response indicating that the results are truncated. Set it to the value
28118	// of the Marker element in the response that you received to indicate where
28119	// the next call should start.
28120	Marker *string `min:"1" type:"string"`
28121
28122	// Use this only when paginating results to indicate the maximum number of items
28123	// you want in the response. If additional items exist beyond the maximum you
28124	// specify, the IsTruncated response element is true.
28125	//
28126	// If you do not include this parameter, the number of items defaults to 100.
28127	// Note that IAM might return fewer results, even when there are more results
28128	// available. In that case, the IsTruncated response element returns true, and
28129	// Marker contains a value to include in the subsequent call that tells the
28130	// service where to continue from.
28131	MaxItems *int64 `min:"1" type:"integer"`
28132
28133	// The name of the role to list policies for.
28134	//
28135	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
28136	// a string of characters consisting of upper and lowercase alphanumeric characters
28137	// with no spaces. You can also include any of the following characters: _+=,.@-
28138	//
28139	// RoleName is a required field
28140	RoleName *string `min:"1" type:"string" required:"true"`
28141}
28142
28143// String returns the string representation
28144func (s ListRolePoliciesInput) String() string {
28145	return awsutil.Prettify(s)
28146}
28147
28148// GoString returns the string representation
28149func (s ListRolePoliciesInput) GoString() string {
28150	return s.String()
28151}
28152
28153// Validate inspects the fields of the type to determine if they are valid.
28154func (s *ListRolePoliciesInput) Validate() error {
28155	invalidParams := request.ErrInvalidParams{Context: "ListRolePoliciesInput"}
28156	if s.Marker != nil && len(*s.Marker) < 1 {
28157		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
28158	}
28159	if s.MaxItems != nil && *s.MaxItems < 1 {
28160		invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1))
28161	}
28162	if s.RoleName == nil {
28163		invalidParams.Add(request.NewErrParamRequired("RoleName"))
28164	}
28165	if s.RoleName != nil && len(*s.RoleName) < 1 {
28166		invalidParams.Add(request.NewErrParamMinLen("RoleName", 1))
28167	}
28168
28169	if invalidParams.Len() > 0 {
28170		return invalidParams
28171	}
28172	return nil
28173}
28174
28175// SetMarker sets the Marker field's value.
28176func (s *ListRolePoliciesInput) SetMarker(v string) *ListRolePoliciesInput {
28177	s.Marker = &v
28178	return s
28179}
28180
28181// SetMaxItems sets the MaxItems field's value.
28182func (s *ListRolePoliciesInput) SetMaxItems(v int64) *ListRolePoliciesInput {
28183	s.MaxItems = &v
28184	return s
28185}
28186
28187// SetRoleName sets the RoleName field's value.
28188func (s *ListRolePoliciesInput) SetRoleName(v string) *ListRolePoliciesInput {
28189	s.RoleName = &v
28190	return s
28191}
28192
28193// Contains the response to a successful ListRolePolicies request.
28194type ListRolePoliciesOutput struct {
28195	_ struct{} `type:"structure"`
28196
28197	// A flag that indicates whether there are more items to return. If your results
28198	// were truncated, you can make a subsequent pagination request using the Marker
28199	// request parameter to retrieve more items. Note that IAM might return fewer
28200	// than the MaxItems number of results even when there are more results available.
28201	// We recommend that you check IsTruncated after every call to ensure that you
28202	// receive all your results.
28203	IsTruncated *bool `type:"boolean"`
28204
28205	// When IsTruncated is true, this element is present and contains the value
28206	// to use for the Marker parameter in a subsequent pagination request.
28207	Marker *string `type:"string"`
28208
28209	// A list of policy names.
28210	//
28211	// PolicyNames is a required field
28212	PolicyNames []*string `type:"list" required:"true"`
28213}
28214
28215// String returns the string representation
28216func (s ListRolePoliciesOutput) String() string {
28217	return awsutil.Prettify(s)
28218}
28219
28220// GoString returns the string representation
28221func (s ListRolePoliciesOutput) GoString() string {
28222	return s.String()
28223}
28224
28225// SetIsTruncated sets the IsTruncated field's value.
28226func (s *ListRolePoliciesOutput) SetIsTruncated(v bool) *ListRolePoliciesOutput {
28227	s.IsTruncated = &v
28228	return s
28229}
28230
28231// SetMarker sets the Marker field's value.
28232func (s *ListRolePoliciesOutput) SetMarker(v string) *ListRolePoliciesOutput {
28233	s.Marker = &v
28234	return s
28235}
28236
28237// SetPolicyNames sets the PolicyNames field's value.
28238func (s *ListRolePoliciesOutput) SetPolicyNames(v []*string) *ListRolePoliciesOutput {
28239	s.PolicyNames = v
28240	return s
28241}
28242
28243type ListRoleTagsInput struct {
28244	_ struct{} `type:"structure"`
28245
28246	// Use this parameter only when paginating results and only after you receive
28247	// a response indicating that the results are truncated. Set it to the value
28248	// of the Marker element in the response that you received to indicate where
28249	// the next call should start.
28250	Marker *string `min:"1" type:"string"`
28251
28252	// (Optional) Use this only when paginating results to indicate the maximum
28253	// number of items that you want in the response. If additional items exist
28254	// beyond the maximum that you specify, the IsTruncated response element is
28255	// true.
28256	//
28257	// If you do not include this parameter, it defaults to 100. Note that IAM might
28258	// return fewer results, even when more results are available. In that case,
28259	// the IsTruncated response element returns true, and Marker contains a value
28260	// to include in the subsequent call that tells the service where to continue
28261	// from.
28262	MaxItems *int64 `min:"1" type:"integer"`
28263
28264	// The name of the IAM role for which you want to see the list of tags.
28265	//
28266	// This parameter accepts (through its regex pattern (http://wikipedia.org/wiki/regex))
28267	// a string of characters that consist of upper and lowercase alphanumeric characters
28268	// with no spaces. You can also include any of the following characters: _+=,.@-
28269	//
28270	// RoleName is a required field
28271	RoleName *string `min:"1" type:"string" required:"true"`
28272}
28273
28274// String returns the string representation
28275func (s ListRoleTagsInput) String() string {
28276	return awsutil.Prettify(s)
28277}
28278
28279// GoString returns the string representation
28280func (s ListRoleTagsInput) GoString() string {
28281	return s.String()
28282}
28283
28284// Validate inspects the fields of the type to determine if they are valid.
28285func (s *ListRoleTagsInput) Validate() error {
28286	invalidParams := request.ErrInvalidParams{Context: "ListRoleTagsInput"}
28287	if s.Marker != nil && len(*s.Marker) < 1 {
28288		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
28289	}
28290	if s.MaxItems != nil && *s.MaxItems < 1 {
28291		invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1))
28292	}
28293	if s.RoleName == nil {
28294		invalidParams.Add(request.NewErrParamRequired("RoleName"))
28295	}
28296	if s.RoleName != nil && len(*s.RoleName) < 1 {
28297		invalidParams.Add(request.NewErrParamMinLen("RoleName", 1))
28298	}
28299
28300	if invalidParams.Len() > 0 {
28301		return invalidParams
28302	}
28303	return nil
28304}
28305
28306// SetMarker sets the Marker field's value.
28307func (s *ListRoleTagsInput) SetMarker(v string) *ListRoleTagsInput {
28308	s.Marker = &v
28309	return s
28310}
28311
28312// SetMaxItems sets the MaxItems field's value.
28313func (s *ListRoleTagsInput) SetMaxItems(v int64) *ListRoleTagsInput {
28314	s.MaxItems = &v
28315	return s
28316}
28317
28318// SetRoleName sets the RoleName field's value.
28319func (s *ListRoleTagsInput) SetRoleName(v string) *ListRoleTagsInput {
28320	s.RoleName = &v
28321	return s
28322}
28323
28324type ListRoleTagsOutput struct {
28325	_ struct{} `type:"structure"`
28326
28327	// A flag that indicates whether there are more items to return. If your results
28328	// were truncated, you can use the Marker request parameter to make a subsequent
28329	// pagination request that retrieves more items. Note that IAM might return
28330	// fewer than the MaxItems number of results even when more results are available.
28331	// Check IsTruncated after every call to ensure that you receive all of your
28332	// results.
28333	IsTruncated *bool `type:"boolean"`
28334
28335	// When IsTruncated is true, this element is present and contains the value
28336	// to use for the Marker parameter in a subsequent pagination request.
28337	Marker *string `type:"string"`
28338
28339	// The list of tags that are currently attached to the role. Each tag consists
28340	// of a key name and an associated value. If no tags are attached to the specified
28341	// resource, the response contains an empty list.
28342	//
28343	// Tags is a required field
28344	Tags []*Tag `type:"list" required:"true"`
28345}
28346
28347// String returns the string representation
28348func (s ListRoleTagsOutput) String() string {
28349	return awsutil.Prettify(s)
28350}
28351
28352// GoString returns the string representation
28353func (s ListRoleTagsOutput) GoString() string {
28354	return s.String()
28355}
28356
28357// SetIsTruncated sets the IsTruncated field's value.
28358func (s *ListRoleTagsOutput) SetIsTruncated(v bool) *ListRoleTagsOutput {
28359	s.IsTruncated = &v
28360	return s
28361}
28362
28363// SetMarker sets the Marker field's value.
28364func (s *ListRoleTagsOutput) SetMarker(v string) *ListRoleTagsOutput {
28365	s.Marker = &v
28366	return s
28367}
28368
28369// SetTags sets the Tags field's value.
28370func (s *ListRoleTagsOutput) SetTags(v []*Tag) *ListRoleTagsOutput {
28371	s.Tags = v
28372	return s
28373}
28374
28375type ListRolesInput struct {
28376	_ struct{} `type:"structure"`
28377
28378	// Use this parameter only when paginating results and only after you receive
28379	// a response indicating that the results are truncated. Set it to the value
28380	// of the Marker element in the response that you received to indicate where
28381	// the next call should start.
28382	Marker *string `min:"1" type:"string"`
28383
28384	// Use this only when paginating results to indicate the maximum number of items
28385	// you want in the response. If additional items exist beyond the maximum you
28386	// specify, the IsTruncated response element is true.
28387	//
28388	// If you do not include this parameter, the number of items defaults to 100.
28389	// Note that IAM might return fewer results, even when there are more results
28390	// available. In that case, the IsTruncated response element returns true, and
28391	// Marker contains a value to include in the subsequent call that tells the
28392	// service where to continue from.
28393	MaxItems *int64 `min:"1" type:"integer"`
28394
28395	// The path prefix for filtering the results. For example, the prefix /application_abc/component_xyz/
28396	// gets all roles whose path starts with /application_abc/component_xyz/.
28397	//
28398	// This parameter is optional. If it is not included, it defaults to a slash
28399	// (/), listing all roles. This parameter allows (through its regex pattern
28400	// (http://wikipedia.org/wiki/regex)) a string of characters consisting of either
28401	// a forward slash (/) by itself or a string that must begin and end with forward
28402	// slashes. In addition, it can contain any ASCII character from the ! (\u0021)
28403	// through the DEL character (\u007F), including most punctuation characters,
28404	// digits, and upper and lowercased letters.
28405	PathPrefix *string `min:"1" type:"string"`
28406}
28407
28408// String returns the string representation
28409func (s ListRolesInput) String() string {
28410	return awsutil.Prettify(s)
28411}
28412
28413// GoString returns the string representation
28414func (s ListRolesInput) GoString() string {
28415	return s.String()
28416}
28417
28418// Validate inspects the fields of the type to determine if they are valid.
28419func (s *ListRolesInput) Validate() error {
28420	invalidParams := request.ErrInvalidParams{Context: "ListRolesInput"}
28421	if s.Marker != nil && len(*s.Marker) < 1 {
28422		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
28423	}
28424	if s.MaxItems != nil && *s.MaxItems < 1 {
28425		invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1))
28426	}
28427	if s.PathPrefix != nil && len(*s.PathPrefix) < 1 {
28428		invalidParams.Add(request.NewErrParamMinLen("PathPrefix", 1))
28429	}
28430
28431	if invalidParams.Len() > 0 {
28432		return invalidParams
28433	}
28434	return nil
28435}
28436
28437// SetMarker sets the Marker field's value.
28438func (s *ListRolesInput) SetMarker(v string) *ListRolesInput {
28439	s.Marker = &v
28440	return s
28441}
28442
28443// SetMaxItems sets the MaxItems field's value.
28444func (s *ListRolesInput) SetMaxItems(v int64) *ListRolesInput {
28445	s.MaxItems = &v
28446	return s
28447}
28448
28449// SetPathPrefix sets the PathPrefix field's value.
28450func (s *ListRolesInput) SetPathPrefix(v string) *ListRolesInput {
28451	s.PathPrefix = &v
28452	return s
28453}
28454
28455// Contains the response to a successful ListRoles request.
28456type ListRolesOutput struct {
28457	_ struct{} `type:"structure"`
28458
28459	// A flag that indicates whether there are more items to return. If your results
28460	// were truncated, you can make a subsequent pagination request using the Marker
28461	// request parameter to retrieve more items. Note that IAM might return fewer
28462	// than the MaxItems number of results even when there are more results available.
28463	// We recommend that you check IsTruncated after every call to ensure that you
28464	// receive all your results.
28465	IsTruncated *bool `type:"boolean"`
28466
28467	// When IsTruncated is true, this element is present and contains the value
28468	// to use for the Marker parameter in a subsequent pagination request.
28469	Marker *string `type:"string"`
28470
28471	// A list of roles.
28472	//
28473	// Roles is a required field
28474	Roles []*Role `type:"list" required:"true"`
28475}
28476
28477// String returns the string representation
28478func (s ListRolesOutput) String() string {
28479	return awsutil.Prettify(s)
28480}
28481
28482// GoString returns the string representation
28483func (s ListRolesOutput) GoString() string {
28484	return s.String()
28485}
28486
28487// SetIsTruncated sets the IsTruncated field's value.
28488func (s *ListRolesOutput) SetIsTruncated(v bool) *ListRolesOutput {
28489	s.IsTruncated = &v
28490	return s
28491}
28492
28493// SetMarker sets the Marker field's value.
28494func (s *ListRolesOutput) SetMarker(v string) *ListRolesOutput {
28495	s.Marker = &v
28496	return s
28497}
28498
28499// SetRoles sets the Roles field's value.
28500func (s *ListRolesOutput) SetRoles(v []*Role) *ListRolesOutput {
28501	s.Roles = v
28502	return s
28503}
28504
28505type ListSAMLProviderTagsInput struct {
28506	_ struct{} `type:"structure"`
28507
28508	// Use this parameter only when paginating results and only after you receive
28509	// a response indicating that the results are truncated. Set it to the value
28510	// of the Marker element in the response that you received to indicate where
28511	// the next call should start.
28512	Marker *string `min:"1" type:"string"`
28513
28514	// (Optional) Use this only when paginating results to indicate the maximum
28515	// number of items that you want in the response. If additional items exist
28516	// beyond the maximum that you specify, the IsTruncated response element is
28517	// true.
28518	//
28519	// If you do not include this parameter, it defaults to 100. Note that IAM might
28520	// return fewer results, even when more results are available. In that case,
28521	// the IsTruncated response element returns true, and Marker contains a value
28522	// to include in the subsequent call that tells the service where to continue
28523	// from.
28524	MaxItems *int64 `min:"1" type:"integer"`
28525
28526	// The ARN of the Security Assertion Markup Language (SAML) identity provider
28527	// whose tags you want to see.
28528	//
28529	// This parameter accepts (through its regex pattern (http://wikipedia.org/wiki/regex))
28530	// a string of characters that consist of upper and lowercase alphanumeric characters
28531	// with no spaces. You can also include any of the following characters: =,.@-
28532	//
28533	// SAMLProviderArn is a required field
28534	SAMLProviderArn *string `min:"20" type:"string" required:"true"`
28535}
28536
28537// String returns the string representation
28538func (s ListSAMLProviderTagsInput) String() string {
28539	return awsutil.Prettify(s)
28540}
28541
28542// GoString returns the string representation
28543func (s ListSAMLProviderTagsInput) GoString() string {
28544	return s.String()
28545}
28546
28547// Validate inspects the fields of the type to determine if they are valid.
28548func (s *ListSAMLProviderTagsInput) Validate() error {
28549	invalidParams := request.ErrInvalidParams{Context: "ListSAMLProviderTagsInput"}
28550	if s.Marker != nil && len(*s.Marker) < 1 {
28551		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
28552	}
28553	if s.MaxItems != nil && *s.MaxItems < 1 {
28554		invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1))
28555	}
28556	if s.SAMLProviderArn == nil {
28557		invalidParams.Add(request.NewErrParamRequired("SAMLProviderArn"))
28558	}
28559	if s.SAMLProviderArn != nil && len(*s.SAMLProviderArn) < 20 {
28560		invalidParams.Add(request.NewErrParamMinLen("SAMLProviderArn", 20))
28561	}
28562
28563	if invalidParams.Len() > 0 {
28564		return invalidParams
28565	}
28566	return nil
28567}
28568
28569// SetMarker sets the Marker field's value.
28570func (s *ListSAMLProviderTagsInput) SetMarker(v string) *ListSAMLProviderTagsInput {
28571	s.Marker = &v
28572	return s
28573}
28574
28575// SetMaxItems sets the MaxItems field's value.
28576func (s *ListSAMLProviderTagsInput) SetMaxItems(v int64) *ListSAMLProviderTagsInput {
28577	s.MaxItems = &v
28578	return s
28579}
28580
28581// SetSAMLProviderArn sets the SAMLProviderArn field's value.
28582func (s *ListSAMLProviderTagsInput) SetSAMLProviderArn(v string) *ListSAMLProviderTagsInput {
28583	s.SAMLProviderArn = &v
28584	return s
28585}
28586
28587type ListSAMLProviderTagsOutput struct {
28588	_ struct{} `type:"structure"`
28589
28590	// A flag that indicates whether there are more items to return. If your results
28591	// were truncated, you can use the Marker request parameter to make a subsequent
28592	// pagination request that retrieves more items. Note that IAM might return
28593	// fewer than the MaxItems number of results even when more results are available.
28594	// Check IsTruncated after every call to ensure that you receive all of your
28595	// results.
28596	IsTruncated *bool `type:"boolean"`
28597
28598	// When IsTruncated is true, this element is present and contains the value
28599	// to use for the Marker parameter in a subsequent pagination request.
28600	Marker *string `type:"string"`
28601
28602	// The list of tags that are currently attached to the Security Assertion Markup
28603	// Language (SAML) identity provider. Each tag consists of a key name and an
28604	// associated value. If no tags are attached to the specified resource, the
28605	// response contains an empty list.
28606	//
28607	// Tags is a required field
28608	Tags []*Tag `type:"list" required:"true"`
28609}
28610
28611// String returns the string representation
28612func (s ListSAMLProviderTagsOutput) String() string {
28613	return awsutil.Prettify(s)
28614}
28615
28616// GoString returns the string representation
28617func (s ListSAMLProviderTagsOutput) GoString() string {
28618	return s.String()
28619}
28620
28621// SetIsTruncated sets the IsTruncated field's value.
28622func (s *ListSAMLProviderTagsOutput) SetIsTruncated(v bool) *ListSAMLProviderTagsOutput {
28623	s.IsTruncated = &v
28624	return s
28625}
28626
28627// SetMarker sets the Marker field's value.
28628func (s *ListSAMLProviderTagsOutput) SetMarker(v string) *ListSAMLProviderTagsOutput {
28629	s.Marker = &v
28630	return s
28631}
28632
28633// SetTags sets the Tags field's value.
28634func (s *ListSAMLProviderTagsOutput) SetTags(v []*Tag) *ListSAMLProviderTagsOutput {
28635	s.Tags = v
28636	return s
28637}
28638
28639type ListSAMLProvidersInput struct {
28640	_ struct{} `type:"structure"`
28641}
28642
28643// String returns the string representation
28644func (s ListSAMLProvidersInput) String() string {
28645	return awsutil.Prettify(s)
28646}
28647
28648// GoString returns the string representation
28649func (s ListSAMLProvidersInput) GoString() string {
28650	return s.String()
28651}
28652
28653// Contains the response to a successful ListSAMLProviders request.
28654type ListSAMLProvidersOutput struct {
28655	_ struct{} `type:"structure"`
28656
28657	// The list of SAML provider resource objects defined in IAM for this AWS account.
28658	SAMLProviderList []*SAMLProviderListEntry `type:"list"`
28659}
28660
28661// String returns the string representation
28662func (s ListSAMLProvidersOutput) String() string {
28663	return awsutil.Prettify(s)
28664}
28665
28666// GoString returns the string representation
28667func (s ListSAMLProvidersOutput) GoString() string {
28668	return s.String()
28669}
28670
28671// SetSAMLProviderList sets the SAMLProviderList field's value.
28672func (s *ListSAMLProvidersOutput) SetSAMLProviderList(v []*SAMLProviderListEntry) *ListSAMLProvidersOutput {
28673	s.SAMLProviderList = v
28674	return s
28675}
28676
28677type ListSSHPublicKeysInput struct {
28678	_ struct{} `type:"structure"`
28679
28680	// Use this parameter only when paginating results and only after you receive
28681	// a response indicating that the results are truncated. Set it to the value
28682	// of the Marker element in the response that you received to indicate where
28683	// the next call should start.
28684	Marker *string `min:"1" type:"string"`
28685
28686	// Use this only when paginating results to indicate the maximum number of items
28687	// you want in the response. If additional items exist beyond the maximum you
28688	// specify, the IsTruncated response element is true.
28689	//
28690	// If you do not include this parameter, the number of items defaults to 100.
28691	// Note that IAM might return fewer results, even when there are more results
28692	// available. In that case, the IsTruncated response element returns true, and
28693	// Marker contains a value to include in the subsequent call that tells the
28694	// service where to continue from.
28695	MaxItems *int64 `min:"1" type:"integer"`
28696
28697	// The name of the IAM user to list SSH public keys for. If none is specified,
28698	// the UserName field is determined implicitly based on the AWS access key used
28699	// to sign the request.
28700	//
28701	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
28702	// a string of characters consisting of upper and lowercase alphanumeric characters
28703	// with no spaces. You can also include any of the following characters: _+=,.@-
28704	UserName *string `min:"1" type:"string"`
28705}
28706
28707// String returns the string representation
28708func (s ListSSHPublicKeysInput) String() string {
28709	return awsutil.Prettify(s)
28710}
28711
28712// GoString returns the string representation
28713func (s ListSSHPublicKeysInput) GoString() string {
28714	return s.String()
28715}
28716
28717// Validate inspects the fields of the type to determine if they are valid.
28718func (s *ListSSHPublicKeysInput) Validate() error {
28719	invalidParams := request.ErrInvalidParams{Context: "ListSSHPublicKeysInput"}
28720	if s.Marker != nil && len(*s.Marker) < 1 {
28721		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
28722	}
28723	if s.MaxItems != nil && *s.MaxItems < 1 {
28724		invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1))
28725	}
28726	if s.UserName != nil && len(*s.UserName) < 1 {
28727		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
28728	}
28729
28730	if invalidParams.Len() > 0 {
28731		return invalidParams
28732	}
28733	return nil
28734}
28735
28736// SetMarker sets the Marker field's value.
28737func (s *ListSSHPublicKeysInput) SetMarker(v string) *ListSSHPublicKeysInput {
28738	s.Marker = &v
28739	return s
28740}
28741
28742// SetMaxItems sets the MaxItems field's value.
28743func (s *ListSSHPublicKeysInput) SetMaxItems(v int64) *ListSSHPublicKeysInput {
28744	s.MaxItems = &v
28745	return s
28746}
28747
28748// SetUserName sets the UserName field's value.
28749func (s *ListSSHPublicKeysInput) SetUserName(v string) *ListSSHPublicKeysInput {
28750	s.UserName = &v
28751	return s
28752}
28753
28754// Contains the response to a successful ListSSHPublicKeys request.
28755type ListSSHPublicKeysOutput struct {
28756	_ struct{} `type:"structure"`
28757
28758	// A flag that indicates whether there are more items to return. If your results
28759	// were truncated, you can make a subsequent pagination request using the Marker
28760	// request parameter to retrieve more items. Note that IAM might return fewer
28761	// than the MaxItems number of results even when there are more results available.
28762	// We recommend that you check IsTruncated after every call to ensure that you
28763	// receive all your results.
28764	IsTruncated *bool `type:"boolean"`
28765
28766	// When IsTruncated is true, this element is present and contains the value
28767	// to use for the Marker parameter in a subsequent pagination request.
28768	Marker *string `type:"string"`
28769
28770	// A list of the SSH public keys assigned to IAM user.
28771	SSHPublicKeys []*SSHPublicKeyMetadata `type:"list"`
28772}
28773
28774// String returns the string representation
28775func (s ListSSHPublicKeysOutput) String() string {
28776	return awsutil.Prettify(s)
28777}
28778
28779// GoString returns the string representation
28780func (s ListSSHPublicKeysOutput) GoString() string {
28781	return s.String()
28782}
28783
28784// SetIsTruncated sets the IsTruncated field's value.
28785func (s *ListSSHPublicKeysOutput) SetIsTruncated(v bool) *ListSSHPublicKeysOutput {
28786	s.IsTruncated = &v
28787	return s
28788}
28789
28790// SetMarker sets the Marker field's value.
28791func (s *ListSSHPublicKeysOutput) SetMarker(v string) *ListSSHPublicKeysOutput {
28792	s.Marker = &v
28793	return s
28794}
28795
28796// SetSSHPublicKeys sets the SSHPublicKeys field's value.
28797func (s *ListSSHPublicKeysOutput) SetSSHPublicKeys(v []*SSHPublicKeyMetadata) *ListSSHPublicKeysOutput {
28798	s.SSHPublicKeys = v
28799	return s
28800}
28801
28802type ListServerCertificateTagsInput struct {
28803	_ struct{} `type:"structure"`
28804
28805	// Use this parameter only when paginating results and only after you receive
28806	// a response indicating that the results are truncated. Set it to the value
28807	// of the Marker element in the response that you received to indicate where
28808	// the next call should start.
28809	Marker *string `min:"1" type:"string"`
28810
28811	// (Optional) Use this only when paginating results to indicate the maximum
28812	// number of items that you want in the response. If additional items exist
28813	// beyond the maximum that you specify, the IsTruncated response element is
28814	// true.
28815	//
28816	// If you do not include this parameter, it defaults to 100. Note that IAM might
28817	// return fewer results, even when more results are available. In that case,
28818	// the IsTruncated response element returns true, and Marker contains a value
28819	// to include in the subsequent call that tells the service where to continue
28820	// from.
28821	MaxItems *int64 `min:"1" type:"integer"`
28822
28823	// The name of the IAM server certificate whose tags you want to see.
28824	//
28825	// This parameter accepts (through its regex pattern (http://wikipedia.org/wiki/regex))
28826	// a string of characters that consist of upper and lowercase alphanumeric characters
28827	// with no spaces. You can also include any of the following characters: =,.@-
28828	//
28829	// ServerCertificateName is a required field
28830	ServerCertificateName *string `min:"1" type:"string" required:"true"`
28831}
28832
28833// String returns the string representation
28834func (s ListServerCertificateTagsInput) String() string {
28835	return awsutil.Prettify(s)
28836}
28837
28838// GoString returns the string representation
28839func (s ListServerCertificateTagsInput) GoString() string {
28840	return s.String()
28841}
28842
28843// Validate inspects the fields of the type to determine if they are valid.
28844func (s *ListServerCertificateTagsInput) Validate() error {
28845	invalidParams := request.ErrInvalidParams{Context: "ListServerCertificateTagsInput"}
28846	if s.Marker != nil && len(*s.Marker) < 1 {
28847		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
28848	}
28849	if s.MaxItems != nil && *s.MaxItems < 1 {
28850		invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1))
28851	}
28852	if s.ServerCertificateName == nil {
28853		invalidParams.Add(request.NewErrParamRequired("ServerCertificateName"))
28854	}
28855	if s.ServerCertificateName != nil && len(*s.ServerCertificateName) < 1 {
28856		invalidParams.Add(request.NewErrParamMinLen("ServerCertificateName", 1))
28857	}
28858
28859	if invalidParams.Len() > 0 {
28860		return invalidParams
28861	}
28862	return nil
28863}
28864
28865// SetMarker sets the Marker field's value.
28866func (s *ListServerCertificateTagsInput) SetMarker(v string) *ListServerCertificateTagsInput {
28867	s.Marker = &v
28868	return s
28869}
28870
28871// SetMaxItems sets the MaxItems field's value.
28872func (s *ListServerCertificateTagsInput) SetMaxItems(v int64) *ListServerCertificateTagsInput {
28873	s.MaxItems = &v
28874	return s
28875}
28876
28877// SetServerCertificateName sets the ServerCertificateName field's value.
28878func (s *ListServerCertificateTagsInput) SetServerCertificateName(v string) *ListServerCertificateTagsInput {
28879	s.ServerCertificateName = &v
28880	return s
28881}
28882
28883type ListServerCertificateTagsOutput struct {
28884	_ struct{} `type:"structure"`
28885
28886	// A flag that indicates whether there are more items to return. If your results
28887	// were truncated, you can use the Marker request parameter to make a subsequent
28888	// pagination request that retrieves more items. Note that IAM might return
28889	// fewer than the MaxItems number of results even when more results are available.
28890	// Check IsTruncated after every call to ensure that you receive all of your
28891	// results.
28892	IsTruncated *bool `type:"boolean"`
28893
28894	// When IsTruncated is true, this element is present and contains the value
28895	// to use for the Marker parameter in a subsequent pagination request.
28896	Marker *string `type:"string"`
28897
28898	// The list of tags that are currently attached to the IAM server certificate.
28899	// Each tag consists of a key name and an associated value. If no tags are attached
28900	// to the specified resource, the response contains an empty list.
28901	//
28902	// Tags is a required field
28903	Tags []*Tag `type:"list" required:"true"`
28904}
28905
28906// String returns the string representation
28907func (s ListServerCertificateTagsOutput) String() string {
28908	return awsutil.Prettify(s)
28909}
28910
28911// GoString returns the string representation
28912func (s ListServerCertificateTagsOutput) GoString() string {
28913	return s.String()
28914}
28915
28916// SetIsTruncated sets the IsTruncated field's value.
28917func (s *ListServerCertificateTagsOutput) SetIsTruncated(v bool) *ListServerCertificateTagsOutput {
28918	s.IsTruncated = &v
28919	return s
28920}
28921
28922// SetMarker sets the Marker field's value.
28923func (s *ListServerCertificateTagsOutput) SetMarker(v string) *ListServerCertificateTagsOutput {
28924	s.Marker = &v
28925	return s
28926}
28927
28928// SetTags sets the Tags field's value.
28929func (s *ListServerCertificateTagsOutput) SetTags(v []*Tag) *ListServerCertificateTagsOutput {
28930	s.Tags = v
28931	return s
28932}
28933
28934type ListServerCertificatesInput struct {
28935	_ struct{} `type:"structure"`
28936
28937	// Use this parameter only when paginating results and only after you receive
28938	// a response indicating that the results are truncated. Set it to the value
28939	// of the Marker element in the response that you received to indicate where
28940	// the next call should start.
28941	Marker *string `min:"1" type:"string"`
28942
28943	// Use this only when paginating results to indicate the maximum number of items
28944	// you want in the response. If additional items exist beyond the maximum you
28945	// specify, the IsTruncated response element is true.
28946	//
28947	// If you do not include this parameter, the number of items defaults to 100.
28948	// Note that IAM might return fewer results, even when there are more results
28949	// available. In that case, the IsTruncated response element returns true, and
28950	// Marker contains a value to include in the subsequent call that tells the
28951	// service where to continue from.
28952	MaxItems *int64 `min:"1" type:"integer"`
28953
28954	// The path prefix for filtering the results. For example: /company/servercerts
28955	// would get all server certificates for which the path starts with /company/servercerts.
28956	//
28957	// This parameter is optional. If it is not included, it defaults to a slash
28958	// (/), listing all server certificates. This parameter allows (through its
28959	// regex pattern (http://wikipedia.org/wiki/regex)) a string of characters consisting
28960	// of either a forward slash (/) by itself or a string that must begin and end
28961	// with forward slashes. In addition, it can contain any ASCII character from
28962	// the ! (\u0021) through the DEL character (\u007F), including most punctuation
28963	// characters, digits, and upper and lowercased letters.
28964	PathPrefix *string `min:"1" type:"string"`
28965}
28966
28967// String returns the string representation
28968func (s ListServerCertificatesInput) String() string {
28969	return awsutil.Prettify(s)
28970}
28971
28972// GoString returns the string representation
28973func (s ListServerCertificatesInput) GoString() string {
28974	return s.String()
28975}
28976
28977// Validate inspects the fields of the type to determine if they are valid.
28978func (s *ListServerCertificatesInput) Validate() error {
28979	invalidParams := request.ErrInvalidParams{Context: "ListServerCertificatesInput"}
28980	if s.Marker != nil && len(*s.Marker) < 1 {
28981		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
28982	}
28983	if s.MaxItems != nil && *s.MaxItems < 1 {
28984		invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1))
28985	}
28986	if s.PathPrefix != nil && len(*s.PathPrefix) < 1 {
28987		invalidParams.Add(request.NewErrParamMinLen("PathPrefix", 1))
28988	}
28989
28990	if invalidParams.Len() > 0 {
28991		return invalidParams
28992	}
28993	return nil
28994}
28995
28996// SetMarker sets the Marker field's value.
28997func (s *ListServerCertificatesInput) SetMarker(v string) *ListServerCertificatesInput {
28998	s.Marker = &v
28999	return s
29000}
29001
29002// SetMaxItems sets the MaxItems field's value.
29003func (s *ListServerCertificatesInput) SetMaxItems(v int64) *ListServerCertificatesInput {
29004	s.MaxItems = &v
29005	return s
29006}
29007
29008// SetPathPrefix sets the PathPrefix field's value.
29009func (s *ListServerCertificatesInput) SetPathPrefix(v string) *ListServerCertificatesInput {
29010	s.PathPrefix = &v
29011	return s
29012}
29013
29014// Contains the response to a successful ListServerCertificates request.
29015type ListServerCertificatesOutput struct {
29016	_ struct{} `type:"structure"`
29017
29018	// A flag that indicates whether there are more items to return. If your results
29019	// were truncated, you can make a subsequent pagination request using the Marker
29020	// request parameter to retrieve more items. Note that IAM might return fewer
29021	// than the MaxItems number of results even when there are more results available.
29022	// We recommend that you check IsTruncated after every call to ensure that you
29023	// receive all your results.
29024	IsTruncated *bool `type:"boolean"`
29025
29026	// When IsTruncated is true, this element is present and contains the value
29027	// to use for the Marker parameter in a subsequent pagination request.
29028	Marker *string `type:"string"`
29029
29030	// A list of server certificates.
29031	//
29032	// ServerCertificateMetadataList is a required field
29033	ServerCertificateMetadataList []*ServerCertificateMetadata `type:"list" required:"true"`
29034}
29035
29036// String returns the string representation
29037func (s ListServerCertificatesOutput) String() string {
29038	return awsutil.Prettify(s)
29039}
29040
29041// GoString returns the string representation
29042func (s ListServerCertificatesOutput) GoString() string {
29043	return s.String()
29044}
29045
29046// SetIsTruncated sets the IsTruncated field's value.
29047func (s *ListServerCertificatesOutput) SetIsTruncated(v bool) *ListServerCertificatesOutput {
29048	s.IsTruncated = &v
29049	return s
29050}
29051
29052// SetMarker sets the Marker field's value.
29053func (s *ListServerCertificatesOutput) SetMarker(v string) *ListServerCertificatesOutput {
29054	s.Marker = &v
29055	return s
29056}
29057
29058// SetServerCertificateMetadataList sets the ServerCertificateMetadataList field's value.
29059func (s *ListServerCertificatesOutput) SetServerCertificateMetadataList(v []*ServerCertificateMetadata) *ListServerCertificatesOutput {
29060	s.ServerCertificateMetadataList = v
29061	return s
29062}
29063
29064type ListServiceSpecificCredentialsInput struct {
29065	_ struct{} `type:"structure"`
29066
29067	// Filters the returned results to only those for the specified AWS service.
29068	// If not specified, then AWS returns service-specific credentials for all services.
29069	ServiceName *string `type:"string"`
29070
29071	// The name of the user whose service-specific credentials you want information
29072	// about. If this value is not specified, then the operation assumes the user
29073	// whose credentials are used to call the operation.
29074	//
29075	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
29076	// a string of characters consisting of upper and lowercase alphanumeric characters
29077	// with no spaces. You can also include any of the following characters: _+=,.@-
29078	UserName *string `min:"1" type:"string"`
29079}
29080
29081// String returns the string representation
29082func (s ListServiceSpecificCredentialsInput) String() string {
29083	return awsutil.Prettify(s)
29084}
29085
29086// GoString returns the string representation
29087func (s ListServiceSpecificCredentialsInput) GoString() string {
29088	return s.String()
29089}
29090
29091// Validate inspects the fields of the type to determine if they are valid.
29092func (s *ListServiceSpecificCredentialsInput) Validate() error {
29093	invalidParams := request.ErrInvalidParams{Context: "ListServiceSpecificCredentialsInput"}
29094	if s.UserName != nil && len(*s.UserName) < 1 {
29095		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
29096	}
29097
29098	if invalidParams.Len() > 0 {
29099		return invalidParams
29100	}
29101	return nil
29102}
29103
29104// SetServiceName sets the ServiceName field's value.
29105func (s *ListServiceSpecificCredentialsInput) SetServiceName(v string) *ListServiceSpecificCredentialsInput {
29106	s.ServiceName = &v
29107	return s
29108}
29109
29110// SetUserName sets the UserName field's value.
29111func (s *ListServiceSpecificCredentialsInput) SetUserName(v string) *ListServiceSpecificCredentialsInput {
29112	s.UserName = &v
29113	return s
29114}
29115
29116type ListServiceSpecificCredentialsOutput struct {
29117	_ struct{} `type:"structure"`
29118
29119	// A list of structures that each contain details about a service-specific credential.
29120	ServiceSpecificCredentials []*ServiceSpecificCredentialMetadata `type:"list"`
29121}
29122
29123// String returns the string representation
29124func (s ListServiceSpecificCredentialsOutput) String() string {
29125	return awsutil.Prettify(s)
29126}
29127
29128// GoString returns the string representation
29129func (s ListServiceSpecificCredentialsOutput) GoString() string {
29130	return s.String()
29131}
29132
29133// SetServiceSpecificCredentials sets the ServiceSpecificCredentials field's value.
29134func (s *ListServiceSpecificCredentialsOutput) SetServiceSpecificCredentials(v []*ServiceSpecificCredentialMetadata) *ListServiceSpecificCredentialsOutput {
29135	s.ServiceSpecificCredentials = v
29136	return s
29137}
29138
29139type ListSigningCertificatesInput struct {
29140	_ struct{} `type:"structure"`
29141
29142	// Use this parameter only when paginating results and only after you receive
29143	// a response indicating that the results are truncated. Set it to the value
29144	// of the Marker element in the response that you received to indicate where
29145	// the next call should start.
29146	Marker *string `min:"1" type:"string"`
29147
29148	// Use this only when paginating results to indicate the maximum number of items
29149	// you want in the response. If additional items exist beyond the maximum you
29150	// specify, the IsTruncated response element is true.
29151	//
29152	// If you do not include this parameter, the number of items defaults to 100.
29153	// Note that IAM might return fewer results, even when there are more results
29154	// available. In that case, the IsTruncated response element returns true, and
29155	// Marker contains a value to include in the subsequent call that tells the
29156	// service where to continue from.
29157	MaxItems *int64 `min:"1" type:"integer"`
29158
29159	// The name of the IAM user whose signing certificates you want to examine.
29160	//
29161	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
29162	// a string of characters consisting of upper and lowercase alphanumeric characters
29163	// with no spaces. You can also include any of the following characters: _+=,.@-
29164	UserName *string `min:"1" type:"string"`
29165}
29166
29167// String returns the string representation
29168func (s ListSigningCertificatesInput) String() string {
29169	return awsutil.Prettify(s)
29170}
29171
29172// GoString returns the string representation
29173func (s ListSigningCertificatesInput) GoString() string {
29174	return s.String()
29175}
29176
29177// Validate inspects the fields of the type to determine if they are valid.
29178func (s *ListSigningCertificatesInput) Validate() error {
29179	invalidParams := request.ErrInvalidParams{Context: "ListSigningCertificatesInput"}
29180	if s.Marker != nil && len(*s.Marker) < 1 {
29181		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
29182	}
29183	if s.MaxItems != nil && *s.MaxItems < 1 {
29184		invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1))
29185	}
29186	if s.UserName != nil && len(*s.UserName) < 1 {
29187		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
29188	}
29189
29190	if invalidParams.Len() > 0 {
29191		return invalidParams
29192	}
29193	return nil
29194}
29195
29196// SetMarker sets the Marker field's value.
29197func (s *ListSigningCertificatesInput) SetMarker(v string) *ListSigningCertificatesInput {
29198	s.Marker = &v
29199	return s
29200}
29201
29202// SetMaxItems sets the MaxItems field's value.
29203func (s *ListSigningCertificatesInput) SetMaxItems(v int64) *ListSigningCertificatesInput {
29204	s.MaxItems = &v
29205	return s
29206}
29207
29208// SetUserName sets the UserName field's value.
29209func (s *ListSigningCertificatesInput) SetUserName(v string) *ListSigningCertificatesInput {
29210	s.UserName = &v
29211	return s
29212}
29213
29214// Contains the response to a successful ListSigningCertificates request.
29215type ListSigningCertificatesOutput struct {
29216	_ struct{} `type:"structure"`
29217
29218	// A list of the user's signing certificate information.
29219	//
29220	// Certificates is a required field
29221	Certificates []*SigningCertificate `type:"list" required:"true"`
29222
29223	// A flag that indicates whether there are more items to return. If your results
29224	// were truncated, you can make a subsequent pagination request using the Marker
29225	// request parameter to retrieve more items. Note that IAM might return fewer
29226	// than the MaxItems number of results even when there are more results available.
29227	// We recommend that you check IsTruncated after every call to ensure that you
29228	// receive all your results.
29229	IsTruncated *bool `type:"boolean"`
29230
29231	// When IsTruncated is true, this element is present and contains the value
29232	// to use for the Marker parameter in a subsequent pagination request.
29233	Marker *string `type:"string"`
29234}
29235
29236// String returns the string representation
29237func (s ListSigningCertificatesOutput) String() string {
29238	return awsutil.Prettify(s)
29239}
29240
29241// GoString returns the string representation
29242func (s ListSigningCertificatesOutput) GoString() string {
29243	return s.String()
29244}
29245
29246// SetCertificates sets the Certificates field's value.
29247func (s *ListSigningCertificatesOutput) SetCertificates(v []*SigningCertificate) *ListSigningCertificatesOutput {
29248	s.Certificates = v
29249	return s
29250}
29251
29252// SetIsTruncated sets the IsTruncated field's value.
29253func (s *ListSigningCertificatesOutput) SetIsTruncated(v bool) *ListSigningCertificatesOutput {
29254	s.IsTruncated = &v
29255	return s
29256}
29257
29258// SetMarker sets the Marker field's value.
29259func (s *ListSigningCertificatesOutput) SetMarker(v string) *ListSigningCertificatesOutput {
29260	s.Marker = &v
29261	return s
29262}
29263
29264type ListUserPoliciesInput struct {
29265	_ struct{} `type:"structure"`
29266
29267	// Use this parameter only when paginating results and only after you receive
29268	// a response indicating that the results are truncated. Set it to the value
29269	// of the Marker element in the response that you received to indicate where
29270	// the next call should start.
29271	Marker *string `min:"1" type:"string"`
29272
29273	// Use this only when paginating results to indicate the maximum number of items
29274	// you want in the response. If additional items exist beyond the maximum you
29275	// specify, the IsTruncated response element is true.
29276	//
29277	// If you do not include this parameter, the number of items defaults to 100.
29278	// Note that IAM might return fewer results, even when there are more results
29279	// available. In that case, the IsTruncated response element returns true, and
29280	// Marker contains a value to include in the subsequent call that tells the
29281	// service where to continue from.
29282	MaxItems *int64 `min:"1" type:"integer"`
29283
29284	// The name of the user to list policies for.
29285	//
29286	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
29287	// a string of characters consisting of upper and lowercase alphanumeric characters
29288	// with no spaces. You can also include any of the following characters: _+=,.@-
29289	//
29290	// UserName is a required field
29291	UserName *string `min:"1" type:"string" required:"true"`
29292}
29293
29294// String returns the string representation
29295func (s ListUserPoliciesInput) String() string {
29296	return awsutil.Prettify(s)
29297}
29298
29299// GoString returns the string representation
29300func (s ListUserPoliciesInput) GoString() string {
29301	return s.String()
29302}
29303
29304// Validate inspects the fields of the type to determine if they are valid.
29305func (s *ListUserPoliciesInput) Validate() error {
29306	invalidParams := request.ErrInvalidParams{Context: "ListUserPoliciesInput"}
29307	if s.Marker != nil && len(*s.Marker) < 1 {
29308		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
29309	}
29310	if s.MaxItems != nil && *s.MaxItems < 1 {
29311		invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1))
29312	}
29313	if s.UserName == nil {
29314		invalidParams.Add(request.NewErrParamRequired("UserName"))
29315	}
29316	if s.UserName != nil && len(*s.UserName) < 1 {
29317		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
29318	}
29319
29320	if invalidParams.Len() > 0 {
29321		return invalidParams
29322	}
29323	return nil
29324}
29325
29326// SetMarker sets the Marker field's value.
29327func (s *ListUserPoliciesInput) SetMarker(v string) *ListUserPoliciesInput {
29328	s.Marker = &v
29329	return s
29330}
29331
29332// SetMaxItems sets the MaxItems field's value.
29333func (s *ListUserPoliciesInput) SetMaxItems(v int64) *ListUserPoliciesInput {
29334	s.MaxItems = &v
29335	return s
29336}
29337
29338// SetUserName sets the UserName field's value.
29339func (s *ListUserPoliciesInput) SetUserName(v string) *ListUserPoliciesInput {
29340	s.UserName = &v
29341	return s
29342}
29343
29344// Contains the response to a successful ListUserPolicies request.
29345type ListUserPoliciesOutput struct {
29346	_ struct{} `type:"structure"`
29347
29348	// A flag that indicates whether there are more items to return. If your results
29349	// were truncated, you can make a subsequent pagination request using the Marker
29350	// request parameter to retrieve more items. Note that IAM might return fewer
29351	// than the MaxItems number of results even when there are more results available.
29352	// We recommend that you check IsTruncated after every call to ensure that you
29353	// receive all your results.
29354	IsTruncated *bool `type:"boolean"`
29355
29356	// When IsTruncated is true, this element is present and contains the value
29357	// to use for the Marker parameter in a subsequent pagination request.
29358	Marker *string `type:"string"`
29359
29360	// A list of policy names.
29361	//
29362	// PolicyNames is a required field
29363	PolicyNames []*string `type:"list" required:"true"`
29364}
29365
29366// String returns the string representation
29367func (s ListUserPoliciesOutput) String() string {
29368	return awsutil.Prettify(s)
29369}
29370
29371// GoString returns the string representation
29372func (s ListUserPoliciesOutput) GoString() string {
29373	return s.String()
29374}
29375
29376// SetIsTruncated sets the IsTruncated field's value.
29377func (s *ListUserPoliciesOutput) SetIsTruncated(v bool) *ListUserPoliciesOutput {
29378	s.IsTruncated = &v
29379	return s
29380}
29381
29382// SetMarker sets the Marker field's value.
29383func (s *ListUserPoliciesOutput) SetMarker(v string) *ListUserPoliciesOutput {
29384	s.Marker = &v
29385	return s
29386}
29387
29388// SetPolicyNames sets the PolicyNames field's value.
29389func (s *ListUserPoliciesOutput) SetPolicyNames(v []*string) *ListUserPoliciesOutput {
29390	s.PolicyNames = v
29391	return s
29392}
29393
29394type ListUserTagsInput struct {
29395	_ struct{} `type:"structure"`
29396
29397	// Use this parameter only when paginating results and only after you receive
29398	// a response indicating that the results are truncated. Set it to the value
29399	// of the Marker element in the response that you received to indicate where
29400	// the next call should start.
29401	Marker *string `min:"1" type:"string"`
29402
29403	// (Optional) Use this only when paginating results to indicate the maximum
29404	// number of items that you want in the response. If additional items exist
29405	// beyond the maximum that you specify, the IsTruncated response element is
29406	// true.
29407	//
29408	// If you do not include this parameter, it defaults to 100. Note that IAM might
29409	// return fewer results, even when more results are available. In that case,
29410	// the IsTruncated response element returns true, and Marker contains a value
29411	// to include in the subsequent call that tells the service where to continue
29412	// from.
29413	MaxItems *int64 `min:"1" type:"integer"`
29414
29415	// The name of the IAM user whose tags you want to see.
29416	//
29417	// This parameter accepts (through its regex pattern (http://wikipedia.org/wiki/regex))
29418	// a string of characters that consist of upper and lowercase alphanumeric characters
29419	// with no spaces. You can also include any of the following characters: =,.@-
29420	//
29421	// UserName is a required field
29422	UserName *string `min:"1" type:"string" required:"true"`
29423}
29424
29425// String returns the string representation
29426func (s ListUserTagsInput) String() string {
29427	return awsutil.Prettify(s)
29428}
29429
29430// GoString returns the string representation
29431func (s ListUserTagsInput) GoString() string {
29432	return s.String()
29433}
29434
29435// Validate inspects the fields of the type to determine if they are valid.
29436func (s *ListUserTagsInput) Validate() error {
29437	invalidParams := request.ErrInvalidParams{Context: "ListUserTagsInput"}
29438	if s.Marker != nil && len(*s.Marker) < 1 {
29439		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
29440	}
29441	if s.MaxItems != nil && *s.MaxItems < 1 {
29442		invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1))
29443	}
29444	if s.UserName == nil {
29445		invalidParams.Add(request.NewErrParamRequired("UserName"))
29446	}
29447	if s.UserName != nil && len(*s.UserName) < 1 {
29448		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
29449	}
29450
29451	if invalidParams.Len() > 0 {
29452		return invalidParams
29453	}
29454	return nil
29455}
29456
29457// SetMarker sets the Marker field's value.
29458func (s *ListUserTagsInput) SetMarker(v string) *ListUserTagsInput {
29459	s.Marker = &v
29460	return s
29461}
29462
29463// SetMaxItems sets the MaxItems field's value.
29464func (s *ListUserTagsInput) SetMaxItems(v int64) *ListUserTagsInput {
29465	s.MaxItems = &v
29466	return s
29467}
29468
29469// SetUserName sets the UserName field's value.
29470func (s *ListUserTagsInput) SetUserName(v string) *ListUserTagsInput {
29471	s.UserName = &v
29472	return s
29473}
29474
29475type ListUserTagsOutput struct {
29476	_ struct{} `type:"structure"`
29477
29478	// A flag that indicates whether there are more items to return. If your results
29479	// were truncated, you can use the Marker request parameter to make a subsequent
29480	// pagination request that retrieves more items. Note that IAM might return
29481	// fewer than the MaxItems number of results even when more results are available.
29482	// Check IsTruncated after every call to ensure that you receive all of your
29483	// results.
29484	IsTruncated *bool `type:"boolean"`
29485
29486	// When IsTruncated is true, this element is present and contains the value
29487	// to use for the Marker parameter in a subsequent pagination request.
29488	Marker *string `type:"string"`
29489
29490	// The list of tags that are currently attached to the user. Each tag consists
29491	// of a key name and an associated value. If no tags are attached to the specified
29492	// resource, the response contains an empty list.
29493	//
29494	// Tags is a required field
29495	Tags []*Tag `type:"list" required:"true"`
29496}
29497
29498// String returns the string representation
29499func (s ListUserTagsOutput) String() string {
29500	return awsutil.Prettify(s)
29501}
29502
29503// GoString returns the string representation
29504func (s ListUserTagsOutput) GoString() string {
29505	return s.String()
29506}
29507
29508// SetIsTruncated sets the IsTruncated field's value.
29509func (s *ListUserTagsOutput) SetIsTruncated(v bool) *ListUserTagsOutput {
29510	s.IsTruncated = &v
29511	return s
29512}
29513
29514// SetMarker sets the Marker field's value.
29515func (s *ListUserTagsOutput) SetMarker(v string) *ListUserTagsOutput {
29516	s.Marker = &v
29517	return s
29518}
29519
29520// SetTags sets the Tags field's value.
29521func (s *ListUserTagsOutput) SetTags(v []*Tag) *ListUserTagsOutput {
29522	s.Tags = v
29523	return s
29524}
29525
29526type ListUsersInput struct {
29527	_ struct{} `type:"structure"`
29528
29529	// Use this parameter only when paginating results and only after you receive
29530	// a response indicating that the results are truncated. Set it to the value
29531	// of the Marker element in the response that you received to indicate where
29532	// the next call should start.
29533	Marker *string `min:"1" type:"string"`
29534
29535	// Use this only when paginating results to indicate the maximum number of items
29536	// you want in the response. If additional items exist beyond the maximum you
29537	// specify, the IsTruncated response element is true.
29538	//
29539	// If you do not include this parameter, the number of items defaults to 100.
29540	// Note that IAM might return fewer results, even when there are more results
29541	// available. In that case, the IsTruncated response element returns true, and
29542	// Marker contains a value to include in the subsequent call that tells the
29543	// service where to continue from.
29544	MaxItems *int64 `min:"1" type:"integer"`
29545
29546	// The path prefix for filtering the results. For example: /division_abc/subdivision_xyz/,
29547	// which would get all user names whose path starts with /division_abc/subdivision_xyz/.
29548	//
29549	// This parameter is optional. If it is not included, it defaults to a slash
29550	// (/), listing all user names. This parameter allows (through its regex pattern
29551	// (http://wikipedia.org/wiki/regex)) a string of characters consisting of either
29552	// a forward slash (/) by itself or a string that must begin and end with forward
29553	// slashes. In addition, it can contain any ASCII character from the ! (\u0021)
29554	// through the DEL character (\u007F), including most punctuation characters,
29555	// digits, and upper and lowercased letters.
29556	PathPrefix *string `min:"1" type:"string"`
29557}
29558
29559// String returns the string representation
29560func (s ListUsersInput) String() string {
29561	return awsutil.Prettify(s)
29562}
29563
29564// GoString returns the string representation
29565func (s ListUsersInput) GoString() string {
29566	return s.String()
29567}
29568
29569// Validate inspects the fields of the type to determine if they are valid.
29570func (s *ListUsersInput) Validate() error {
29571	invalidParams := request.ErrInvalidParams{Context: "ListUsersInput"}
29572	if s.Marker != nil && len(*s.Marker) < 1 {
29573		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
29574	}
29575	if s.MaxItems != nil && *s.MaxItems < 1 {
29576		invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1))
29577	}
29578	if s.PathPrefix != nil && len(*s.PathPrefix) < 1 {
29579		invalidParams.Add(request.NewErrParamMinLen("PathPrefix", 1))
29580	}
29581
29582	if invalidParams.Len() > 0 {
29583		return invalidParams
29584	}
29585	return nil
29586}
29587
29588// SetMarker sets the Marker field's value.
29589func (s *ListUsersInput) SetMarker(v string) *ListUsersInput {
29590	s.Marker = &v
29591	return s
29592}
29593
29594// SetMaxItems sets the MaxItems field's value.
29595func (s *ListUsersInput) SetMaxItems(v int64) *ListUsersInput {
29596	s.MaxItems = &v
29597	return s
29598}
29599
29600// SetPathPrefix sets the PathPrefix field's value.
29601func (s *ListUsersInput) SetPathPrefix(v string) *ListUsersInput {
29602	s.PathPrefix = &v
29603	return s
29604}
29605
29606// Contains the response to a successful ListUsers request.
29607type ListUsersOutput struct {
29608	_ struct{} `type:"structure"`
29609
29610	// A flag that indicates whether there are more items to return. If your results
29611	// were truncated, you can make a subsequent pagination request using the Marker
29612	// request parameter to retrieve more items. Note that IAM might return fewer
29613	// than the MaxItems number of results even when there are more results available.
29614	// We recommend that you check IsTruncated after every call to ensure that you
29615	// receive all your results.
29616	IsTruncated *bool `type:"boolean"`
29617
29618	// When IsTruncated is true, this element is present and contains the value
29619	// to use for the Marker parameter in a subsequent pagination request.
29620	Marker *string `type:"string"`
29621
29622	// A list of users.
29623	//
29624	// Users is a required field
29625	Users []*User `type:"list" required:"true"`
29626}
29627
29628// String returns the string representation
29629func (s ListUsersOutput) String() string {
29630	return awsutil.Prettify(s)
29631}
29632
29633// GoString returns the string representation
29634func (s ListUsersOutput) GoString() string {
29635	return s.String()
29636}
29637
29638// SetIsTruncated sets the IsTruncated field's value.
29639func (s *ListUsersOutput) SetIsTruncated(v bool) *ListUsersOutput {
29640	s.IsTruncated = &v
29641	return s
29642}
29643
29644// SetMarker sets the Marker field's value.
29645func (s *ListUsersOutput) SetMarker(v string) *ListUsersOutput {
29646	s.Marker = &v
29647	return s
29648}
29649
29650// SetUsers sets the Users field's value.
29651func (s *ListUsersOutput) SetUsers(v []*User) *ListUsersOutput {
29652	s.Users = v
29653	return s
29654}
29655
29656type ListVirtualMFADevicesInput struct {
29657	_ struct{} `type:"structure"`
29658
29659	// The status (Unassigned or Assigned) of the devices to list. If you do not
29660	// specify an AssignmentStatus, the operation defaults to Any, which lists both
29661	// assigned and unassigned virtual MFA devices.,
29662	AssignmentStatus *string `type:"string" enum:"AssignmentStatusType"`
29663
29664	// Use this parameter only when paginating results and only after you receive
29665	// a response indicating that the results are truncated. Set it to the value
29666	// of the Marker element in the response that you received to indicate where
29667	// the next call should start.
29668	Marker *string `min:"1" type:"string"`
29669
29670	// Use this only when paginating results to indicate the maximum number of items
29671	// you want in the response. If additional items exist beyond the maximum you
29672	// specify, the IsTruncated response element is true.
29673	//
29674	// If you do not include this parameter, the number of items defaults to 100.
29675	// Note that IAM might return fewer results, even when there are more results
29676	// available. In that case, the IsTruncated response element returns true, and
29677	// Marker contains a value to include in the subsequent call that tells the
29678	// service where to continue from.
29679	MaxItems *int64 `min:"1" type:"integer"`
29680}
29681
29682// String returns the string representation
29683func (s ListVirtualMFADevicesInput) String() string {
29684	return awsutil.Prettify(s)
29685}
29686
29687// GoString returns the string representation
29688func (s ListVirtualMFADevicesInput) GoString() string {
29689	return s.String()
29690}
29691
29692// Validate inspects the fields of the type to determine if they are valid.
29693func (s *ListVirtualMFADevicesInput) Validate() error {
29694	invalidParams := request.ErrInvalidParams{Context: "ListVirtualMFADevicesInput"}
29695	if s.Marker != nil && len(*s.Marker) < 1 {
29696		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
29697	}
29698	if s.MaxItems != nil && *s.MaxItems < 1 {
29699		invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1))
29700	}
29701
29702	if invalidParams.Len() > 0 {
29703		return invalidParams
29704	}
29705	return nil
29706}
29707
29708// SetAssignmentStatus sets the AssignmentStatus field's value.
29709func (s *ListVirtualMFADevicesInput) SetAssignmentStatus(v string) *ListVirtualMFADevicesInput {
29710	s.AssignmentStatus = &v
29711	return s
29712}
29713
29714// SetMarker sets the Marker field's value.
29715func (s *ListVirtualMFADevicesInput) SetMarker(v string) *ListVirtualMFADevicesInput {
29716	s.Marker = &v
29717	return s
29718}
29719
29720// SetMaxItems sets the MaxItems field's value.
29721func (s *ListVirtualMFADevicesInput) SetMaxItems(v int64) *ListVirtualMFADevicesInput {
29722	s.MaxItems = &v
29723	return s
29724}
29725
29726// Contains the response to a successful ListVirtualMFADevices request.
29727type ListVirtualMFADevicesOutput struct {
29728	_ struct{} `type:"structure"`
29729
29730	// A flag that indicates whether there are more items to return. If your results
29731	// were truncated, you can make a subsequent pagination request using the Marker
29732	// request parameter to retrieve more items. Note that IAM might return fewer
29733	// than the MaxItems number of results even when there are more results available.
29734	// We recommend that you check IsTruncated after every call to ensure that you
29735	// receive all your results.
29736	IsTruncated *bool `type:"boolean"`
29737
29738	// When IsTruncated is true, this element is present and contains the value
29739	// to use for the Marker parameter in a subsequent pagination request.
29740	Marker *string `type:"string"`
29741
29742	// The list of virtual MFA devices in the current account that match the AssignmentStatus
29743	// value that was passed in the request.
29744	//
29745	// VirtualMFADevices is a required field
29746	VirtualMFADevices []*VirtualMFADevice `type:"list" required:"true"`
29747}
29748
29749// String returns the string representation
29750func (s ListVirtualMFADevicesOutput) String() string {
29751	return awsutil.Prettify(s)
29752}
29753
29754// GoString returns the string representation
29755func (s ListVirtualMFADevicesOutput) GoString() string {
29756	return s.String()
29757}
29758
29759// SetIsTruncated sets the IsTruncated field's value.
29760func (s *ListVirtualMFADevicesOutput) SetIsTruncated(v bool) *ListVirtualMFADevicesOutput {
29761	s.IsTruncated = &v
29762	return s
29763}
29764
29765// SetMarker sets the Marker field's value.
29766func (s *ListVirtualMFADevicesOutput) SetMarker(v string) *ListVirtualMFADevicesOutput {
29767	s.Marker = &v
29768	return s
29769}
29770
29771// SetVirtualMFADevices sets the VirtualMFADevices field's value.
29772func (s *ListVirtualMFADevicesOutput) SetVirtualMFADevices(v []*VirtualMFADevice) *ListVirtualMFADevicesOutput {
29773	s.VirtualMFADevices = v
29774	return s
29775}
29776
29777// Contains the user name and password create date for a user.
29778//
29779// This data type is used as a response element in the CreateLoginProfile and
29780// GetLoginProfile operations.
29781type LoginProfile struct {
29782	_ struct{} `type:"structure"`
29783
29784	// The date when the password for the user was created.
29785	//
29786	// CreateDate is a required field
29787	CreateDate *time.Time `type:"timestamp" required:"true"`
29788
29789	// Specifies whether the user is required to set a new password on next sign-in.
29790	PasswordResetRequired *bool `type:"boolean"`
29791
29792	// The name of the user, which can be used for signing in to the AWS Management
29793	// Console.
29794	//
29795	// UserName is a required field
29796	UserName *string `min:"1" type:"string" required:"true"`
29797}
29798
29799// String returns the string representation
29800func (s LoginProfile) String() string {
29801	return awsutil.Prettify(s)
29802}
29803
29804// GoString returns the string representation
29805func (s LoginProfile) GoString() string {
29806	return s.String()
29807}
29808
29809// SetCreateDate sets the CreateDate field's value.
29810func (s *LoginProfile) SetCreateDate(v time.Time) *LoginProfile {
29811	s.CreateDate = &v
29812	return s
29813}
29814
29815// SetPasswordResetRequired sets the PasswordResetRequired field's value.
29816func (s *LoginProfile) SetPasswordResetRequired(v bool) *LoginProfile {
29817	s.PasswordResetRequired = &v
29818	return s
29819}
29820
29821// SetUserName sets the UserName field's value.
29822func (s *LoginProfile) SetUserName(v string) *LoginProfile {
29823	s.UserName = &v
29824	return s
29825}
29826
29827// Contains information about an MFA device.
29828//
29829// This data type is used as a response element in the ListMFADevices operation.
29830type MFADevice struct {
29831	_ struct{} `type:"structure"`
29832
29833	// The date when the MFA device was enabled for the user.
29834	//
29835	// EnableDate is a required field
29836	EnableDate *time.Time `type:"timestamp" required:"true"`
29837
29838	// The serial number that uniquely identifies the MFA device. For virtual MFA
29839	// devices, the serial number is the device ARN.
29840	//
29841	// SerialNumber is a required field
29842	SerialNumber *string `min:"9" type:"string" required:"true"`
29843
29844	// The user with whom the MFA device is associated.
29845	//
29846	// UserName is a required field
29847	UserName *string `min:"1" type:"string" required:"true"`
29848}
29849
29850// String returns the string representation
29851func (s MFADevice) String() string {
29852	return awsutil.Prettify(s)
29853}
29854
29855// GoString returns the string representation
29856func (s MFADevice) GoString() string {
29857	return s.String()
29858}
29859
29860// SetEnableDate sets the EnableDate field's value.
29861func (s *MFADevice) SetEnableDate(v time.Time) *MFADevice {
29862	s.EnableDate = &v
29863	return s
29864}
29865
29866// SetSerialNumber sets the SerialNumber field's value.
29867func (s *MFADevice) SetSerialNumber(v string) *MFADevice {
29868	s.SerialNumber = &v
29869	return s
29870}
29871
29872// SetUserName sets the UserName field's value.
29873func (s *MFADevice) SetUserName(v string) *MFADevice {
29874	s.UserName = &v
29875	return s
29876}
29877
29878// Contains information about a managed policy, including the policy's ARN,
29879// versions, and the number of principal entities (users, groups, and roles)
29880// that the policy is attached to.
29881//
29882// This data type is used as a response element in the GetAccountAuthorizationDetails
29883// operation.
29884//
29885// For more information about managed policies, see Managed policies and inline
29886// policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
29887// in the IAM User Guide.
29888type ManagedPolicyDetail struct {
29889	_ struct{} `type:"structure"`
29890
29891	// The Amazon Resource Name (ARN). ARNs are unique identifiers for AWS resources.
29892	//
29893	// For more information about ARNs, go to Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
29894	// in the AWS General Reference.
29895	Arn *string `min:"20" type:"string"`
29896
29897	// The number of principal entities (users, groups, and roles) that the policy
29898	// is attached to.
29899	AttachmentCount *int64 `type:"integer"`
29900
29901	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
29902	// when the policy was created.
29903	CreateDate *time.Time `type:"timestamp"`
29904
29905	// The identifier for the version of the policy that is set as the default (operative)
29906	// version.
29907	//
29908	// For more information about policy versions, see Versioning for managed policies
29909	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-versions.html)
29910	// in the IAM User Guide.
29911	DefaultVersionId *string `type:"string"`
29912
29913	// A friendly description of the policy.
29914	Description *string `type:"string"`
29915
29916	// Specifies whether the policy can be attached to an IAM user, group, or role.
29917	IsAttachable *bool `type:"boolean"`
29918
29919	// The path to the policy.
29920	//
29921	// For more information about paths, see IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
29922	// in the IAM User Guide.
29923	Path *string `min:"1" type:"string"`
29924
29925	// The number of entities (users and roles) for which the policy is used as
29926	// the permissions boundary.
29927	//
29928	// For more information about permissions boundaries, see Permissions boundaries
29929	// for IAM identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html)
29930	// in the IAM User Guide.
29931	PermissionsBoundaryUsageCount *int64 `type:"integer"`
29932
29933	// The stable and unique string identifying the policy.
29934	//
29935	// For more information about IDs, see IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
29936	// in the IAM User Guide.
29937	PolicyId *string `min:"16" type:"string"`
29938
29939	// The friendly name (not ARN) identifying the policy.
29940	PolicyName *string `min:"1" type:"string"`
29941
29942	// A list containing information about the versions of the policy.
29943	PolicyVersionList []*PolicyVersion `type:"list"`
29944
29945	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
29946	// when the policy was last updated.
29947	//
29948	// When a policy has only one version, this field contains the date and time
29949	// when the policy was created. When a policy has more than one version, this
29950	// field contains the date and time when the most recent policy version was
29951	// created.
29952	UpdateDate *time.Time `type:"timestamp"`
29953}
29954
29955// String returns the string representation
29956func (s ManagedPolicyDetail) String() string {
29957	return awsutil.Prettify(s)
29958}
29959
29960// GoString returns the string representation
29961func (s ManagedPolicyDetail) GoString() string {
29962	return s.String()
29963}
29964
29965// SetArn sets the Arn field's value.
29966func (s *ManagedPolicyDetail) SetArn(v string) *ManagedPolicyDetail {
29967	s.Arn = &v
29968	return s
29969}
29970
29971// SetAttachmentCount sets the AttachmentCount field's value.
29972func (s *ManagedPolicyDetail) SetAttachmentCount(v int64) *ManagedPolicyDetail {
29973	s.AttachmentCount = &v
29974	return s
29975}
29976
29977// SetCreateDate sets the CreateDate field's value.
29978func (s *ManagedPolicyDetail) SetCreateDate(v time.Time) *ManagedPolicyDetail {
29979	s.CreateDate = &v
29980	return s
29981}
29982
29983// SetDefaultVersionId sets the DefaultVersionId field's value.
29984func (s *ManagedPolicyDetail) SetDefaultVersionId(v string) *ManagedPolicyDetail {
29985	s.DefaultVersionId = &v
29986	return s
29987}
29988
29989// SetDescription sets the Description field's value.
29990func (s *ManagedPolicyDetail) SetDescription(v string) *ManagedPolicyDetail {
29991	s.Description = &v
29992	return s
29993}
29994
29995// SetIsAttachable sets the IsAttachable field's value.
29996func (s *ManagedPolicyDetail) SetIsAttachable(v bool) *ManagedPolicyDetail {
29997	s.IsAttachable = &v
29998	return s
29999}
30000
30001// SetPath sets the Path field's value.
30002func (s *ManagedPolicyDetail) SetPath(v string) *ManagedPolicyDetail {
30003	s.Path = &v
30004	return s
30005}
30006
30007// SetPermissionsBoundaryUsageCount sets the PermissionsBoundaryUsageCount field's value.
30008func (s *ManagedPolicyDetail) SetPermissionsBoundaryUsageCount(v int64) *ManagedPolicyDetail {
30009	s.PermissionsBoundaryUsageCount = &v
30010	return s
30011}
30012
30013// SetPolicyId sets the PolicyId field's value.
30014func (s *ManagedPolicyDetail) SetPolicyId(v string) *ManagedPolicyDetail {
30015	s.PolicyId = &v
30016	return s
30017}
30018
30019// SetPolicyName sets the PolicyName field's value.
30020func (s *ManagedPolicyDetail) SetPolicyName(v string) *ManagedPolicyDetail {
30021	s.PolicyName = &v
30022	return s
30023}
30024
30025// SetPolicyVersionList sets the PolicyVersionList field's value.
30026func (s *ManagedPolicyDetail) SetPolicyVersionList(v []*PolicyVersion) *ManagedPolicyDetail {
30027	s.PolicyVersionList = v
30028	return s
30029}
30030
30031// SetUpdateDate sets the UpdateDate field's value.
30032func (s *ManagedPolicyDetail) SetUpdateDate(v time.Time) *ManagedPolicyDetail {
30033	s.UpdateDate = &v
30034	return s
30035}
30036
30037// Contains the Amazon Resource Name (ARN) for an IAM OpenID Connect provider.
30038type OpenIDConnectProviderListEntry struct {
30039	_ struct{} `type:"structure"`
30040
30041	// The Amazon Resource Name (ARN). ARNs are unique identifiers for AWS resources.
30042	//
30043	// For more information about ARNs, go to Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
30044	// in the AWS General Reference.
30045	Arn *string `min:"20" type:"string"`
30046}
30047
30048// String returns the string representation
30049func (s OpenIDConnectProviderListEntry) String() string {
30050	return awsutil.Prettify(s)
30051}
30052
30053// GoString returns the string representation
30054func (s OpenIDConnectProviderListEntry) GoString() string {
30055	return s.String()
30056}
30057
30058// SetArn sets the Arn field's value.
30059func (s *OpenIDConnectProviderListEntry) SetArn(v string) *OpenIDConnectProviderListEntry {
30060	s.Arn = &v
30061	return s
30062}
30063
30064// Contains information about the effect that Organizations has on a policy
30065// simulation.
30066type OrganizationsDecisionDetail struct {
30067	_ struct{} `type:"structure"`
30068
30069	// Specifies whether the simulated operation is allowed by the Organizations
30070	// service control policies that impact the simulated user's account.
30071	AllowedByOrganizations *bool `type:"boolean"`
30072}
30073
30074// String returns the string representation
30075func (s OrganizationsDecisionDetail) String() string {
30076	return awsutil.Prettify(s)
30077}
30078
30079// GoString returns the string representation
30080func (s OrganizationsDecisionDetail) GoString() string {
30081	return s.String()
30082}
30083
30084// SetAllowedByOrganizations sets the AllowedByOrganizations field's value.
30085func (s *OrganizationsDecisionDetail) SetAllowedByOrganizations(v bool) *OrganizationsDecisionDetail {
30086	s.AllowedByOrganizations = &v
30087	return s
30088}
30089
30090// Contains information about the account password policy.
30091//
30092// This data type is used as a response element in the GetAccountPasswordPolicy
30093// operation.
30094type PasswordPolicy struct {
30095	_ struct{} `type:"structure"`
30096
30097	// Specifies whether IAM users are allowed to change their own password.
30098	AllowUsersToChangePassword *bool `type:"boolean"`
30099
30100	// Indicates whether passwords in the account expire. Returns true if MaxPasswordAge
30101	// contains a value greater than 0. Returns false if MaxPasswordAge is 0 or
30102	// not present.
30103	ExpirePasswords *bool `type:"boolean"`
30104
30105	// Specifies whether IAM users are prevented from setting a new password after
30106	// their password has expired.
30107	HardExpiry *bool `type:"boolean"`
30108
30109	// The number of days that an IAM user password is valid.
30110	MaxPasswordAge *int64 `min:"1" type:"integer"`
30111
30112	// Minimum length to require for IAM user passwords.
30113	MinimumPasswordLength *int64 `min:"6" type:"integer"`
30114
30115	// Specifies the number of previous passwords that IAM users are prevented from
30116	// reusing.
30117	PasswordReusePrevention *int64 `min:"1" type:"integer"`
30118
30119	// Specifies whether IAM user passwords must contain at least one lowercase
30120	// character (a to z).
30121	RequireLowercaseCharacters *bool `type:"boolean"`
30122
30123	// Specifies whether IAM user passwords must contain at least one numeric character
30124	// (0 to 9).
30125	RequireNumbers *bool `type:"boolean"`
30126
30127	// Specifies whether IAM user passwords must contain at least one of the following
30128	// symbols:
30129	//
30130	// ! @ # $ % ^ & * ( ) _ + - = [ ] { } | '
30131	RequireSymbols *bool `type:"boolean"`
30132
30133	// Specifies whether IAM user passwords must contain at least one uppercase
30134	// character (A to Z).
30135	RequireUppercaseCharacters *bool `type:"boolean"`
30136}
30137
30138// String returns the string representation
30139func (s PasswordPolicy) String() string {
30140	return awsutil.Prettify(s)
30141}
30142
30143// GoString returns the string representation
30144func (s PasswordPolicy) GoString() string {
30145	return s.String()
30146}
30147
30148// SetAllowUsersToChangePassword sets the AllowUsersToChangePassword field's value.
30149func (s *PasswordPolicy) SetAllowUsersToChangePassword(v bool) *PasswordPolicy {
30150	s.AllowUsersToChangePassword = &v
30151	return s
30152}
30153
30154// SetExpirePasswords sets the ExpirePasswords field's value.
30155func (s *PasswordPolicy) SetExpirePasswords(v bool) *PasswordPolicy {
30156	s.ExpirePasswords = &v
30157	return s
30158}
30159
30160// SetHardExpiry sets the HardExpiry field's value.
30161func (s *PasswordPolicy) SetHardExpiry(v bool) *PasswordPolicy {
30162	s.HardExpiry = &v
30163	return s
30164}
30165
30166// SetMaxPasswordAge sets the MaxPasswordAge field's value.
30167func (s *PasswordPolicy) SetMaxPasswordAge(v int64) *PasswordPolicy {
30168	s.MaxPasswordAge = &v
30169	return s
30170}
30171
30172// SetMinimumPasswordLength sets the MinimumPasswordLength field's value.
30173func (s *PasswordPolicy) SetMinimumPasswordLength(v int64) *PasswordPolicy {
30174	s.MinimumPasswordLength = &v
30175	return s
30176}
30177
30178// SetPasswordReusePrevention sets the PasswordReusePrevention field's value.
30179func (s *PasswordPolicy) SetPasswordReusePrevention(v int64) *PasswordPolicy {
30180	s.PasswordReusePrevention = &v
30181	return s
30182}
30183
30184// SetRequireLowercaseCharacters sets the RequireLowercaseCharacters field's value.
30185func (s *PasswordPolicy) SetRequireLowercaseCharacters(v bool) *PasswordPolicy {
30186	s.RequireLowercaseCharacters = &v
30187	return s
30188}
30189
30190// SetRequireNumbers sets the RequireNumbers field's value.
30191func (s *PasswordPolicy) SetRequireNumbers(v bool) *PasswordPolicy {
30192	s.RequireNumbers = &v
30193	return s
30194}
30195
30196// SetRequireSymbols sets the RequireSymbols field's value.
30197func (s *PasswordPolicy) SetRequireSymbols(v bool) *PasswordPolicy {
30198	s.RequireSymbols = &v
30199	return s
30200}
30201
30202// SetRequireUppercaseCharacters sets the RequireUppercaseCharacters field's value.
30203func (s *PasswordPolicy) SetRequireUppercaseCharacters(v bool) *PasswordPolicy {
30204	s.RequireUppercaseCharacters = &v
30205	return s
30206}
30207
30208// Contains information about the effect that a permissions boundary has on
30209// a policy simulation when the boundary is applied to an IAM entity.
30210type PermissionsBoundaryDecisionDetail struct {
30211	_ struct{} `type:"structure"`
30212
30213	// Specifies whether an action is allowed by a permissions boundary that is
30214	// applied to an IAM entity (user or role). A value of true means that the permissions
30215	// boundary does not deny the action. This means that the policy includes an
30216	// Allow statement that matches the request. In this case, if an identity-based
30217	// policy also allows the action, the request is allowed. A value of false means
30218	// that either the requested action is not allowed (implicitly denied) or that
30219	// the action is explicitly denied by the permissions boundary. In both of these
30220	// cases, the action is not allowed, regardless of the identity-based policy.
30221	AllowedByPermissionsBoundary *bool `type:"boolean"`
30222}
30223
30224// String returns the string representation
30225func (s PermissionsBoundaryDecisionDetail) String() string {
30226	return awsutil.Prettify(s)
30227}
30228
30229// GoString returns the string representation
30230func (s PermissionsBoundaryDecisionDetail) GoString() string {
30231	return s.String()
30232}
30233
30234// SetAllowedByPermissionsBoundary sets the AllowedByPermissionsBoundary field's value.
30235func (s *PermissionsBoundaryDecisionDetail) SetAllowedByPermissionsBoundary(v bool) *PermissionsBoundaryDecisionDetail {
30236	s.AllowedByPermissionsBoundary = &v
30237	return s
30238}
30239
30240// Contains information about a managed policy.
30241//
30242// This data type is used as a response element in the CreatePolicy, GetPolicy,
30243// and ListPolicies operations.
30244//
30245// For more information about managed policies, refer to Managed policies and
30246// inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
30247// in the IAM User Guide.
30248type Policy struct {
30249	_ struct{} `type:"structure"`
30250
30251	// The Amazon Resource Name (ARN). ARNs are unique identifiers for AWS resources.
30252	//
30253	// For more information about ARNs, go to Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
30254	// in the AWS General Reference.
30255	Arn *string `min:"20" type:"string"`
30256
30257	// The number of entities (users, groups, and roles) that the policy is attached
30258	// to.
30259	AttachmentCount *int64 `type:"integer"`
30260
30261	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
30262	// when the policy was created.
30263	CreateDate *time.Time `type:"timestamp"`
30264
30265	// The identifier for the version of the policy that is set as the default version.
30266	DefaultVersionId *string `type:"string"`
30267
30268	// A friendly description of the policy.
30269	//
30270	// This element is included in the response to the GetPolicy operation. It is
30271	// not included in the response to the ListPolicies operation.
30272	Description *string `type:"string"`
30273
30274	// Specifies whether the policy can be attached to an IAM user, group, or role.
30275	IsAttachable *bool `type:"boolean"`
30276
30277	// The path to the policy.
30278	//
30279	// For more information about paths, see IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
30280	// in the IAM User Guide.
30281	Path *string `min:"1" type:"string"`
30282
30283	// The number of entities (users and roles) for which the policy is used to
30284	// set the permissions boundary.
30285	//
30286	// For more information about permissions boundaries, see Permissions boundaries
30287	// for IAM identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html)
30288	// in the IAM User Guide.
30289	PermissionsBoundaryUsageCount *int64 `type:"integer"`
30290
30291	// The stable and unique string identifying the policy.
30292	//
30293	// For more information about IDs, see IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
30294	// in the IAM User Guide.
30295	PolicyId *string `min:"16" type:"string"`
30296
30297	// The friendly name (not ARN) identifying the policy.
30298	PolicyName *string `min:"1" type:"string"`
30299
30300	// A list of tags that are attached to the instance profile. For more information
30301	// about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
30302	// in the IAM User Guide.
30303	Tags []*Tag `type:"list"`
30304
30305	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
30306	// when the policy was last updated.
30307	//
30308	// When a policy has only one version, this field contains the date and time
30309	// when the policy was created. When a policy has more than one version, this
30310	// field contains the date and time when the most recent policy version was
30311	// created.
30312	UpdateDate *time.Time `type:"timestamp"`
30313}
30314
30315// String returns the string representation
30316func (s Policy) String() string {
30317	return awsutil.Prettify(s)
30318}
30319
30320// GoString returns the string representation
30321func (s Policy) GoString() string {
30322	return s.String()
30323}
30324
30325// SetArn sets the Arn field's value.
30326func (s *Policy) SetArn(v string) *Policy {
30327	s.Arn = &v
30328	return s
30329}
30330
30331// SetAttachmentCount sets the AttachmentCount field's value.
30332func (s *Policy) SetAttachmentCount(v int64) *Policy {
30333	s.AttachmentCount = &v
30334	return s
30335}
30336
30337// SetCreateDate sets the CreateDate field's value.
30338func (s *Policy) SetCreateDate(v time.Time) *Policy {
30339	s.CreateDate = &v
30340	return s
30341}
30342
30343// SetDefaultVersionId sets the DefaultVersionId field's value.
30344func (s *Policy) SetDefaultVersionId(v string) *Policy {
30345	s.DefaultVersionId = &v
30346	return s
30347}
30348
30349// SetDescription sets the Description field's value.
30350func (s *Policy) SetDescription(v string) *Policy {
30351	s.Description = &v
30352	return s
30353}
30354
30355// SetIsAttachable sets the IsAttachable field's value.
30356func (s *Policy) SetIsAttachable(v bool) *Policy {
30357	s.IsAttachable = &v
30358	return s
30359}
30360
30361// SetPath sets the Path field's value.
30362func (s *Policy) SetPath(v string) *Policy {
30363	s.Path = &v
30364	return s
30365}
30366
30367// SetPermissionsBoundaryUsageCount sets the PermissionsBoundaryUsageCount field's value.
30368func (s *Policy) SetPermissionsBoundaryUsageCount(v int64) *Policy {
30369	s.PermissionsBoundaryUsageCount = &v
30370	return s
30371}
30372
30373// SetPolicyId sets the PolicyId field's value.
30374func (s *Policy) SetPolicyId(v string) *Policy {
30375	s.PolicyId = &v
30376	return s
30377}
30378
30379// SetPolicyName sets the PolicyName field's value.
30380func (s *Policy) SetPolicyName(v string) *Policy {
30381	s.PolicyName = &v
30382	return s
30383}
30384
30385// SetTags sets the Tags field's value.
30386func (s *Policy) SetTags(v []*Tag) *Policy {
30387	s.Tags = v
30388	return s
30389}
30390
30391// SetUpdateDate sets the UpdateDate field's value.
30392func (s *Policy) SetUpdateDate(v time.Time) *Policy {
30393	s.UpdateDate = &v
30394	return s
30395}
30396
30397// Contains information about an IAM policy, including the policy document.
30398//
30399// This data type is used as a response element in the GetAccountAuthorizationDetails
30400// operation.
30401type PolicyDetail struct {
30402	_ struct{} `type:"structure"`
30403
30404	// The policy document.
30405	PolicyDocument *string `min:"1" type:"string"`
30406
30407	// The name of the policy.
30408	PolicyName *string `min:"1" type:"string"`
30409}
30410
30411// String returns the string representation
30412func (s PolicyDetail) String() string {
30413	return awsutil.Prettify(s)
30414}
30415
30416// GoString returns the string representation
30417func (s PolicyDetail) GoString() string {
30418	return s.String()
30419}
30420
30421// SetPolicyDocument sets the PolicyDocument field's value.
30422func (s *PolicyDetail) SetPolicyDocument(v string) *PolicyDetail {
30423	s.PolicyDocument = &v
30424	return s
30425}
30426
30427// SetPolicyName sets the PolicyName field's value.
30428func (s *PolicyDetail) SetPolicyName(v string) *PolicyDetail {
30429	s.PolicyName = &v
30430	return s
30431}
30432
30433// Contains details about the permissions policies that are attached to the
30434// specified identity (user, group, or role).
30435//
30436// This data type is an element of the ListPoliciesGrantingServiceAccessEntry
30437// object.
30438type PolicyGrantingServiceAccess struct {
30439	_ struct{} `type:"structure"`
30440
30441	// The name of the entity (user or role) to which the inline policy is attached.
30442	//
30443	// This field is null for managed policies. For more information about these
30444	// policy types, see Managed policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_managed-vs-inline.html)
30445	// in the IAM User Guide.
30446	EntityName *string `min:"1" type:"string"`
30447
30448	// The type of entity (user or role) that used the policy to access the service
30449	// to which the inline policy is attached.
30450	//
30451	// This field is null for managed policies. For more information about these
30452	// policy types, see Managed policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_managed-vs-inline.html)
30453	// in the IAM User Guide.
30454	EntityType *string `type:"string" enum:"PolicyOwnerEntityType"`
30455
30456	// The Amazon Resource Name (ARN). ARNs are unique identifiers for AWS resources.
30457	//
30458	// For more information about ARNs, go to Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
30459	// in the AWS General Reference.
30460	PolicyArn *string `min:"20" type:"string"`
30461
30462	// The policy name.
30463	//
30464	// PolicyName is a required field
30465	PolicyName *string `min:"1" type:"string" required:"true"`
30466
30467	// The policy type. For more information about these policy types, see Managed
30468	// policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_managed-vs-inline.html)
30469	// in the IAM User Guide.
30470	//
30471	// PolicyType is a required field
30472	PolicyType *string `type:"string" required:"true" enum:"PolicyType"`
30473}
30474
30475// String returns the string representation
30476func (s PolicyGrantingServiceAccess) String() string {
30477	return awsutil.Prettify(s)
30478}
30479
30480// GoString returns the string representation
30481func (s PolicyGrantingServiceAccess) GoString() string {
30482	return s.String()
30483}
30484
30485// SetEntityName sets the EntityName field's value.
30486func (s *PolicyGrantingServiceAccess) SetEntityName(v string) *PolicyGrantingServiceAccess {
30487	s.EntityName = &v
30488	return s
30489}
30490
30491// SetEntityType sets the EntityType field's value.
30492func (s *PolicyGrantingServiceAccess) SetEntityType(v string) *PolicyGrantingServiceAccess {
30493	s.EntityType = &v
30494	return s
30495}
30496
30497// SetPolicyArn sets the PolicyArn field's value.
30498func (s *PolicyGrantingServiceAccess) SetPolicyArn(v string) *PolicyGrantingServiceAccess {
30499	s.PolicyArn = &v
30500	return s
30501}
30502
30503// SetPolicyName sets the PolicyName field's value.
30504func (s *PolicyGrantingServiceAccess) SetPolicyName(v string) *PolicyGrantingServiceAccess {
30505	s.PolicyName = &v
30506	return s
30507}
30508
30509// SetPolicyType sets the PolicyType field's value.
30510func (s *PolicyGrantingServiceAccess) SetPolicyType(v string) *PolicyGrantingServiceAccess {
30511	s.PolicyType = &v
30512	return s
30513}
30514
30515// Contains information about a group that a managed policy is attached to.
30516//
30517// This data type is used as a response element in the ListEntitiesForPolicy
30518// operation.
30519//
30520// For more information about managed policies, refer to Managed policies and
30521// inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
30522// in the IAM User Guide.
30523type PolicyGroup struct {
30524	_ struct{} `type:"structure"`
30525
30526	// The stable and unique string identifying the group. For more information
30527	// about IDs, see IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html)
30528	// in the IAM User Guide.
30529	GroupId *string `min:"16" type:"string"`
30530
30531	// The name (friendly name, not ARN) identifying the group.
30532	GroupName *string `min:"1" type:"string"`
30533}
30534
30535// String returns the string representation
30536func (s PolicyGroup) String() string {
30537	return awsutil.Prettify(s)
30538}
30539
30540// GoString returns the string representation
30541func (s PolicyGroup) GoString() string {
30542	return s.String()
30543}
30544
30545// SetGroupId sets the GroupId field's value.
30546func (s *PolicyGroup) SetGroupId(v string) *PolicyGroup {
30547	s.GroupId = &v
30548	return s
30549}
30550
30551// SetGroupName sets the GroupName field's value.
30552func (s *PolicyGroup) SetGroupName(v string) *PolicyGroup {
30553	s.GroupName = &v
30554	return s
30555}
30556
30557// Contains information about a role that a managed policy is attached to.
30558//
30559// This data type is used as a response element in the ListEntitiesForPolicy
30560// operation.
30561//
30562// For more information about managed policies, refer to Managed policies and
30563// inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
30564// in the IAM User Guide.
30565type PolicyRole struct {
30566	_ struct{} `type:"structure"`
30567
30568	// The stable and unique string identifying the role. For more information about
30569	// IDs, see IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html)
30570	// in the IAM User Guide.
30571	RoleId *string `min:"16" type:"string"`
30572
30573	// The name (friendly name, not ARN) identifying the role.
30574	RoleName *string `min:"1" type:"string"`
30575}
30576
30577// String returns the string representation
30578func (s PolicyRole) String() string {
30579	return awsutil.Prettify(s)
30580}
30581
30582// GoString returns the string representation
30583func (s PolicyRole) GoString() string {
30584	return s.String()
30585}
30586
30587// SetRoleId sets the RoleId field's value.
30588func (s *PolicyRole) SetRoleId(v string) *PolicyRole {
30589	s.RoleId = &v
30590	return s
30591}
30592
30593// SetRoleName sets the RoleName field's value.
30594func (s *PolicyRole) SetRoleName(v string) *PolicyRole {
30595	s.RoleName = &v
30596	return s
30597}
30598
30599// Contains information about a user that a managed policy is attached to.
30600//
30601// This data type is used as a response element in the ListEntitiesForPolicy
30602// operation.
30603//
30604// For more information about managed policies, refer to Managed policies and
30605// inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
30606// in the IAM User Guide.
30607type PolicyUser struct {
30608	_ struct{} `type:"structure"`
30609
30610	// The stable and unique string identifying the user. For more information about
30611	// IDs, see IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html)
30612	// in the IAM User Guide.
30613	UserId *string `min:"16" type:"string"`
30614
30615	// The name (friendly name, not ARN) identifying the user.
30616	UserName *string `min:"1" type:"string"`
30617}
30618
30619// String returns the string representation
30620func (s PolicyUser) String() string {
30621	return awsutil.Prettify(s)
30622}
30623
30624// GoString returns the string representation
30625func (s PolicyUser) GoString() string {
30626	return s.String()
30627}
30628
30629// SetUserId sets the UserId field's value.
30630func (s *PolicyUser) SetUserId(v string) *PolicyUser {
30631	s.UserId = &v
30632	return s
30633}
30634
30635// SetUserName sets the UserName field's value.
30636func (s *PolicyUser) SetUserName(v string) *PolicyUser {
30637	s.UserName = &v
30638	return s
30639}
30640
30641// Contains information about a version of a managed policy.
30642//
30643// This data type is used as a response element in the CreatePolicyVersion,
30644// GetPolicyVersion, ListPolicyVersions, and GetAccountAuthorizationDetails
30645// operations.
30646//
30647// For more information about managed policies, refer to Managed policies and
30648// inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
30649// in the IAM User Guide.
30650type PolicyVersion struct {
30651	_ struct{} `type:"structure"`
30652
30653	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
30654	// when the policy version was created.
30655	CreateDate *time.Time `type:"timestamp"`
30656
30657	// The policy document.
30658	//
30659	// The policy document is returned in the response to the GetPolicyVersion and
30660	// GetAccountAuthorizationDetails operations. It is not returned in the response
30661	// to the CreatePolicyVersion or ListPolicyVersions operations.
30662	//
30663	// The policy document returned in this structure is URL-encoded compliant with
30664	// RFC 3986 (https://tools.ietf.org/html/rfc3986). You can use a URL decoding
30665	// method to convert the policy back to plain JSON text. For example, if you
30666	// use Java, you can use the decode method of the java.net.URLDecoder utility
30667	// class in the Java SDK. Other languages and SDKs provide similar functionality.
30668	Document *string `min:"1" type:"string"`
30669
30670	// Specifies whether the policy version is set as the policy's default version.
30671	IsDefaultVersion *bool `type:"boolean"`
30672
30673	// The identifier for the policy version.
30674	//
30675	// Policy version identifiers always begin with v (always lowercase). When a
30676	// policy is created, the first policy version is v1.
30677	VersionId *string `type:"string"`
30678}
30679
30680// String returns the string representation
30681func (s PolicyVersion) String() string {
30682	return awsutil.Prettify(s)
30683}
30684
30685// GoString returns the string representation
30686func (s PolicyVersion) GoString() string {
30687	return s.String()
30688}
30689
30690// SetCreateDate sets the CreateDate field's value.
30691func (s *PolicyVersion) SetCreateDate(v time.Time) *PolicyVersion {
30692	s.CreateDate = &v
30693	return s
30694}
30695
30696// SetDocument sets the Document field's value.
30697func (s *PolicyVersion) SetDocument(v string) *PolicyVersion {
30698	s.Document = &v
30699	return s
30700}
30701
30702// SetIsDefaultVersion sets the IsDefaultVersion field's value.
30703func (s *PolicyVersion) SetIsDefaultVersion(v bool) *PolicyVersion {
30704	s.IsDefaultVersion = &v
30705	return s
30706}
30707
30708// SetVersionId sets the VersionId field's value.
30709func (s *PolicyVersion) SetVersionId(v string) *PolicyVersion {
30710	s.VersionId = &v
30711	return s
30712}
30713
30714// Contains the row and column of a location of a Statement element in a policy
30715// document.
30716//
30717// This data type is used as a member of the Statement type.
30718type Position struct {
30719	_ struct{} `type:"structure"`
30720
30721	// The column in the line containing the specified position in the document.
30722	Column *int64 `type:"integer"`
30723
30724	// The line containing the specified position in the document.
30725	Line *int64 `type:"integer"`
30726}
30727
30728// String returns the string representation
30729func (s Position) String() string {
30730	return awsutil.Prettify(s)
30731}
30732
30733// GoString returns the string representation
30734func (s Position) GoString() string {
30735	return s.String()
30736}
30737
30738// SetColumn sets the Column field's value.
30739func (s *Position) SetColumn(v int64) *Position {
30740	s.Column = &v
30741	return s
30742}
30743
30744// SetLine sets the Line field's value.
30745func (s *Position) SetLine(v int64) *Position {
30746	s.Line = &v
30747	return s
30748}
30749
30750type PutGroupPolicyInput struct {
30751	_ struct{} `type:"structure"`
30752
30753	// The name of the group to associate the policy with.
30754	//
30755	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
30756	// a string of characters consisting of upper and lowercase alphanumeric characters
30757	// with no spaces. You can also include any of the following characters: _+=,.@-.
30758	//
30759	// GroupName is a required field
30760	GroupName *string `min:"1" type:"string" required:"true"`
30761
30762	// The policy document.
30763	//
30764	// You must provide policies in JSON format in IAM. However, for AWS CloudFormation
30765	// templates formatted in YAML, you can provide the policy in JSON or YAML format.
30766	// AWS CloudFormation always converts a YAML policy to JSON format before submitting
30767	// it to IAM.
30768	//
30769	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
30770	// parameter is a string of characters consisting of the following:
30771	//
30772	//    * Any printable ASCII character ranging from the space character (\u0020)
30773	//    through the end of the ASCII character range
30774	//
30775	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
30776	//    set (through \u00FF)
30777	//
30778	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
30779	//    return (\u000D)
30780	//
30781	// PolicyDocument is a required field
30782	PolicyDocument *string `min:"1" type:"string" required:"true"`
30783
30784	// The name of the policy document.
30785	//
30786	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
30787	// a string of characters consisting of upper and lowercase alphanumeric characters
30788	// with no spaces. You can also include any of the following characters: _+=,.@-
30789	//
30790	// PolicyName is a required field
30791	PolicyName *string `min:"1" type:"string" required:"true"`
30792}
30793
30794// String returns the string representation
30795func (s PutGroupPolicyInput) String() string {
30796	return awsutil.Prettify(s)
30797}
30798
30799// GoString returns the string representation
30800func (s PutGroupPolicyInput) GoString() string {
30801	return s.String()
30802}
30803
30804// Validate inspects the fields of the type to determine if they are valid.
30805func (s *PutGroupPolicyInput) Validate() error {
30806	invalidParams := request.ErrInvalidParams{Context: "PutGroupPolicyInput"}
30807	if s.GroupName == nil {
30808		invalidParams.Add(request.NewErrParamRequired("GroupName"))
30809	}
30810	if s.GroupName != nil && len(*s.GroupName) < 1 {
30811		invalidParams.Add(request.NewErrParamMinLen("GroupName", 1))
30812	}
30813	if s.PolicyDocument == nil {
30814		invalidParams.Add(request.NewErrParamRequired("PolicyDocument"))
30815	}
30816	if s.PolicyDocument != nil && len(*s.PolicyDocument) < 1 {
30817		invalidParams.Add(request.NewErrParamMinLen("PolicyDocument", 1))
30818	}
30819	if s.PolicyName == nil {
30820		invalidParams.Add(request.NewErrParamRequired("PolicyName"))
30821	}
30822	if s.PolicyName != nil && len(*s.PolicyName) < 1 {
30823		invalidParams.Add(request.NewErrParamMinLen("PolicyName", 1))
30824	}
30825
30826	if invalidParams.Len() > 0 {
30827		return invalidParams
30828	}
30829	return nil
30830}
30831
30832// SetGroupName sets the GroupName field's value.
30833func (s *PutGroupPolicyInput) SetGroupName(v string) *PutGroupPolicyInput {
30834	s.GroupName = &v
30835	return s
30836}
30837
30838// SetPolicyDocument sets the PolicyDocument field's value.
30839func (s *PutGroupPolicyInput) SetPolicyDocument(v string) *PutGroupPolicyInput {
30840	s.PolicyDocument = &v
30841	return s
30842}
30843
30844// SetPolicyName sets the PolicyName field's value.
30845func (s *PutGroupPolicyInput) SetPolicyName(v string) *PutGroupPolicyInput {
30846	s.PolicyName = &v
30847	return s
30848}
30849
30850type PutGroupPolicyOutput struct {
30851	_ struct{} `type:"structure"`
30852}
30853
30854// String returns the string representation
30855func (s PutGroupPolicyOutput) String() string {
30856	return awsutil.Prettify(s)
30857}
30858
30859// GoString returns the string representation
30860func (s PutGroupPolicyOutput) GoString() string {
30861	return s.String()
30862}
30863
30864type PutRolePermissionsBoundaryInput struct {
30865	_ struct{} `type:"structure"`
30866
30867	// The ARN of the policy that is used to set the permissions boundary for the
30868	// role.
30869	//
30870	// PermissionsBoundary is a required field
30871	PermissionsBoundary *string `min:"20" type:"string" required:"true"`
30872
30873	// The name (friendly name, not ARN) of the IAM role for which you want to set
30874	// the permissions boundary.
30875	//
30876	// RoleName is a required field
30877	RoleName *string `min:"1" type:"string" required:"true"`
30878}
30879
30880// String returns the string representation
30881func (s PutRolePermissionsBoundaryInput) String() string {
30882	return awsutil.Prettify(s)
30883}
30884
30885// GoString returns the string representation
30886func (s PutRolePermissionsBoundaryInput) GoString() string {
30887	return s.String()
30888}
30889
30890// Validate inspects the fields of the type to determine if they are valid.
30891func (s *PutRolePermissionsBoundaryInput) Validate() error {
30892	invalidParams := request.ErrInvalidParams{Context: "PutRolePermissionsBoundaryInput"}
30893	if s.PermissionsBoundary == nil {
30894		invalidParams.Add(request.NewErrParamRequired("PermissionsBoundary"))
30895	}
30896	if s.PermissionsBoundary != nil && len(*s.PermissionsBoundary) < 20 {
30897		invalidParams.Add(request.NewErrParamMinLen("PermissionsBoundary", 20))
30898	}
30899	if s.RoleName == nil {
30900		invalidParams.Add(request.NewErrParamRequired("RoleName"))
30901	}
30902	if s.RoleName != nil && len(*s.RoleName) < 1 {
30903		invalidParams.Add(request.NewErrParamMinLen("RoleName", 1))
30904	}
30905
30906	if invalidParams.Len() > 0 {
30907		return invalidParams
30908	}
30909	return nil
30910}
30911
30912// SetPermissionsBoundary sets the PermissionsBoundary field's value.
30913func (s *PutRolePermissionsBoundaryInput) SetPermissionsBoundary(v string) *PutRolePermissionsBoundaryInput {
30914	s.PermissionsBoundary = &v
30915	return s
30916}
30917
30918// SetRoleName sets the RoleName field's value.
30919func (s *PutRolePermissionsBoundaryInput) SetRoleName(v string) *PutRolePermissionsBoundaryInput {
30920	s.RoleName = &v
30921	return s
30922}
30923
30924type PutRolePermissionsBoundaryOutput struct {
30925	_ struct{} `type:"structure"`
30926}
30927
30928// String returns the string representation
30929func (s PutRolePermissionsBoundaryOutput) String() string {
30930	return awsutil.Prettify(s)
30931}
30932
30933// GoString returns the string representation
30934func (s PutRolePermissionsBoundaryOutput) GoString() string {
30935	return s.String()
30936}
30937
30938type PutRolePolicyInput struct {
30939	_ struct{} `type:"structure"`
30940
30941	// The policy document.
30942	//
30943	// You must provide policies in JSON format in IAM. However, for AWS CloudFormation
30944	// templates formatted in YAML, you can provide the policy in JSON or YAML format.
30945	// AWS CloudFormation always converts a YAML policy to JSON format before submitting
30946	// it to IAM.
30947	//
30948	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
30949	// parameter is a string of characters consisting of the following:
30950	//
30951	//    * Any printable ASCII character ranging from the space character (\u0020)
30952	//    through the end of the ASCII character range
30953	//
30954	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
30955	//    set (through \u00FF)
30956	//
30957	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
30958	//    return (\u000D)
30959	//
30960	// PolicyDocument is a required field
30961	PolicyDocument *string `min:"1" type:"string" required:"true"`
30962
30963	// The name of the policy document.
30964	//
30965	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
30966	// a string of characters consisting of upper and lowercase alphanumeric characters
30967	// with no spaces. You can also include any of the following characters: _+=,.@-
30968	//
30969	// PolicyName is a required field
30970	PolicyName *string `min:"1" type:"string" required:"true"`
30971
30972	// The name of the role to associate the policy with.
30973	//
30974	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
30975	// a string of characters consisting of upper and lowercase alphanumeric characters
30976	// with no spaces. You can also include any of the following characters: _+=,.@-
30977	//
30978	// RoleName is a required field
30979	RoleName *string `min:"1" type:"string" required:"true"`
30980}
30981
30982// String returns the string representation
30983func (s PutRolePolicyInput) String() string {
30984	return awsutil.Prettify(s)
30985}
30986
30987// GoString returns the string representation
30988func (s PutRolePolicyInput) GoString() string {
30989	return s.String()
30990}
30991
30992// Validate inspects the fields of the type to determine if they are valid.
30993func (s *PutRolePolicyInput) Validate() error {
30994	invalidParams := request.ErrInvalidParams{Context: "PutRolePolicyInput"}
30995	if s.PolicyDocument == nil {
30996		invalidParams.Add(request.NewErrParamRequired("PolicyDocument"))
30997	}
30998	if s.PolicyDocument != nil && len(*s.PolicyDocument) < 1 {
30999		invalidParams.Add(request.NewErrParamMinLen("PolicyDocument", 1))
31000	}
31001	if s.PolicyName == nil {
31002		invalidParams.Add(request.NewErrParamRequired("PolicyName"))
31003	}
31004	if s.PolicyName != nil && len(*s.PolicyName) < 1 {
31005		invalidParams.Add(request.NewErrParamMinLen("PolicyName", 1))
31006	}
31007	if s.RoleName == nil {
31008		invalidParams.Add(request.NewErrParamRequired("RoleName"))
31009	}
31010	if s.RoleName != nil && len(*s.RoleName) < 1 {
31011		invalidParams.Add(request.NewErrParamMinLen("RoleName", 1))
31012	}
31013
31014	if invalidParams.Len() > 0 {
31015		return invalidParams
31016	}
31017	return nil
31018}
31019
31020// SetPolicyDocument sets the PolicyDocument field's value.
31021func (s *PutRolePolicyInput) SetPolicyDocument(v string) *PutRolePolicyInput {
31022	s.PolicyDocument = &v
31023	return s
31024}
31025
31026// SetPolicyName sets the PolicyName field's value.
31027func (s *PutRolePolicyInput) SetPolicyName(v string) *PutRolePolicyInput {
31028	s.PolicyName = &v
31029	return s
31030}
31031
31032// SetRoleName sets the RoleName field's value.
31033func (s *PutRolePolicyInput) SetRoleName(v string) *PutRolePolicyInput {
31034	s.RoleName = &v
31035	return s
31036}
31037
31038type PutRolePolicyOutput struct {
31039	_ struct{} `type:"structure"`
31040}
31041
31042// String returns the string representation
31043func (s PutRolePolicyOutput) String() string {
31044	return awsutil.Prettify(s)
31045}
31046
31047// GoString returns the string representation
31048func (s PutRolePolicyOutput) GoString() string {
31049	return s.String()
31050}
31051
31052type PutUserPermissionsBoundaryInput struct {
31053	_ struct{} `type:"structure"`
31054
31055	// The ARN of the policy that is used to set the permissions boundary for the
31056	// user.
31057	//
31058	// PermissionsBoundary is a required field
31059	PermissionsBoundary *string `min:"20" type:"string" required:"true"`
31060
31061	// The name (friendly name, not ARN) of the IAM user for which you want to set
31062	// the permissions boundary.
31063	//
31064	// UserName is a required field
31065	UserName *string `min:"1" type:"string" required:"true"`
31066}
31067
31068// String returns the string representation
31069func (s PutUserPermissionsBoundaryInput) String() string {
31070	return awsutil.Prettify(s)
31071}
31072
31073// GoString returns the string representation
31074func (s PutUserPermissionsBoundaryInput) GoString() string {
31075	return s.String()
31076}
31077
31078// Validate inspects the fields of the type to determine if they are valid.
31079func (s *PutUserPermissionsBoundaryInput) Validate() error {
31080	invalidParams := request.ErrInvalidParams{Context: "PutUserPermissionsBoundaryInput"}
31081	if s.PermissionsBoundary == nil {
31082		invalidParams.Add(request.NewErrParamRequired("PermissionsBoundary"))
31083	}
31084	if s.PermissionsBoundary != nil && len(*s.PermissionsBoundary) < 20 {
31085		invalidParams.Add(request.NewErrParamMinLen("PermissionsBoundary", 20))
31086	}
31087	if s.UserName == nil {
31088		invalidParams.Add(request.NewErrParamRequired("UserName"))
31089	}
31090	if s.UserName != nil && len(*s.UserName) < 1 {
31091		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
31092	}
31093
31094	if invalidParams.Len() > 0 {
31095		return invalidParams
31096	}
31097	return nil
31098}
31099
31100// SetPermissionsBoundary sets the PermissionsBoundary field's value.
31101func (s *PutUserPermissionsBoundaryInput) SetPermissionsBoundary(v string) *PutUserPermissionsBoundaryInput {
31102	s.PermissionsBoundary = &v
31103	return s
31104}
31105
31106// SetUserName sets the UserName field's value.
31107func (s *PutUserPermissionsBoundaryInput) SetUserName(v string) *PutUserPermissionsBoundaryInput {
31108	s.UserName = &v
31109	return s
31110}
31111
31112type PutUserPermissionsBoundaryOutput struct {
31113	_ struct{} `type:"structure"`
31114}
31115
31116// String returns the string representation
31117func (s PutUserPermissionsBoundaryOutput) String() string {
31118	return awsutil.Prettify(s)
31119}
31120
31121// GoString returns the string representation
31122func (s PutUserPermissionsBoundaryOutput) GoString() string {
31123	return s.String()
31124}
31125
31126type PutUserPolicyInput struct {
31127	_ struct{} `type:"structure"`
31128
31129	// The policy document.
31130	//
31131	// You must provide policies in JSON format in IAM. However, for AWS CloudFormation
31132	// templates formatted in YAML, you can provide the policy in JSON or YAML format.
31133	// AWS CloudFormation always converts a YAML policy to JSON format before submitting
31134	// it to IAM.
31135	//
31136	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
31137	// parameter is a string of characters consisting of the following:
31138	//
31139	//    * Any printable ASCII character ranging from the space character (\u0020)
31140	//    through the end of the ASCII character range
31141	//
31142	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
31143	//    set (through \u00FF)
31144	//
31145	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
31146	//    return (\u000D)
31147	//
31148	// PolicyDocument is a required field
31149	PolicyDocument *string `min:"1" type:"string" required:"true"`
31150
31151	// The name of the policy document.
31152	//
31153	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
31154	// a string of characters consisting of upper and lowercase alphanumeric characters
31155	// with no spaces. You can also include any of the following characters: _+=,.@-
31156	//
31157	// PolicyName is a required field
31158	PolicyName *string `min:"1" type:"string" required:"true"`
31159
31160	// The name of the user to associate the policy with.
31161	//
31162	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
31163	// a string of characters consisting of upper and lowercase alphanumeric characters
31164	// with no spaces. You can also include any of the following characters: _+=,.@-
31165	//
31166	// UserName is a required field
31167	UserName *string `min:"1" type:"string" required:"true"`
31168}
31169
31170// String returns the string representation
31171func (s PutUserPolicyInput) String() string {
31172	return awsutil.Prettify(s)
31173}
31174
31175// GoString returns the string representation
31176func (s PutUserPolicyInput) GoString() string {
31177	return s.String()
31178}
31179
31180// Validate inspects the fields of the type to determine if they are valid.
31181func (s *PutUserPolicyInput) Validate() error {
31182	invalidParams := request.ErrInvalidParams{Context: "PutUserPolicyInput"}
31183	if s.PolicyDocument == nil {
31184		invalidParams.Add(request.NewErrParamRequired("PolicyDocument"))
31185	}
31186	if s.PolicyDocument != nil && len(*s.PolicyDocument) < 1 {
31187		invalidParams.Add(request.NewErrParamMinLen("PolicyDocument", 1))
31188	}
31189	if s.PolicyName == nil {
31190		invalidParams.Add(request.NewErrParamRequired("PolicyName"))
31191	}
31192	if s.PolicyName != nil && len(*s.PolicyName) < 1 {
31193		invalidParams.Add(request.NewErrParamMinLen("PolicyName", 1))
31194	}
31195	if s.UserName == nil {
31196		invalidParams.Add(request.NewErrParamRequired("UserName"))
31197	}
31198	if s.UserName != nil && len(*s.UserName) < 1 {
31199		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
31200	}
31201
31202	if invalidParams.Len() > 0 {
31203		return invalidParams
31204	}
31205	return nil
31206}
31207
31208// SetPolicyDocument sets the PolicyDocument field's value.
31209func (s *PutUserPolicyInput) SetPolicyDocument(v string) *PutUserPolicyInput {
31210	s.PolicyDocument = &v
31211	return s
31212}
31213
31214// SetPolicyName sets the PolicyName field's value.
31215func (s *PutUserPolicyInput) SetPolicyName(v string) *PutUserPolicyInput {
31216	s.PolicyName = &v
31217	return s
31218}
31219
31220// SetUserName sets the UserName field's value.
31221func (s *PutUserPolicyInput) SetUserName(v string) *PutUserPolicyInput {
31222	s.UserName = &v
31223	return s
31224}
31225
31226type PutUserPolicyOutput struct {
31227	_ struct{} `type:"structure"`
31228}
31229
31230// String returns the string representation
31231func (s PutUserPolicyOutput) String() string {
31232	return awsutil.Prettify(s)
31233}
31234
31235// GoString returns the string representation
31236func (s PutUserPolicyOutput) GoString() string {
31237	return s.String()
31238}
31239
31240type RemoveClientIDFromOpenIDConnectProviderInput struct {
31241	_ struct{} `type:"structure"`
31242
31243	// The client ID (also known as audience) to remove from the IAM OIDC provider
31244	// resource. For more information about client IDs, see CreateOpenIDConnectProvider.
31245	//
31246	// ClientID is a required field
31247	ClientID *string `min:"1" type:"string" required:"true"`
31248
31249	// The Amazon Resource Name (ARN) of the IAM OIDC provider resource to remove
31250	// the client ID from. You can get a list of OIDC provider ARNs by using the
31251	// ListOpenIDConnectProviders operation.
31252	//
31253	// For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
31254	// in the AWS General Reference.
31255	//
31256	// OpenIDConnectProviderArn is a required field
31257	OpenIDConnectProviderArn *string `min:"20" type:"string" required:"true"`
31258}
31259
31260// String returns the string representation
31261func (s RemoveClientIDFromOpenIDConnectProviderInput) String() string {
31262	return awsutil.Prettify(s)
31263}
31264
31265// GoString returns the string representation
31266func (s RemoveClientIDFromOpenIDConnectProviderInput) GoString() string {
31267	return s.String()
31268}
31269
31270// Validate inspects the fields of the type to determine if they are valid.
31271func (s *RemoveClientIDFromOpenIDConnectProviderInput) Validate() error {
31272	invalidParams := request.ErrInvalidParams{Context: "RemoveClientIDFromOpenIDConnectProviderInput"}
31273	if s.ClientID == nil {
31274		invalidParams.Add(request.NewErrParamRequired("ClientID"))
31275	}
31276	if s.ClientID != nil && len(*s.ClientID) < 1 {
31277		invalidParams.Add(request.NewErrParamMinLen("ClientID", 1))
31278	}
31279	if s.OpenIDConnectProviderArn == nil {
31280		invalidParams.Add(request.NewErrParamRequired("OpenIDConnectProviderArn"))
31281	}
31282	if s.OpenIDConnectProviderArn != nil && len(*s.OpenIDConnectProviderArn) < 20 {
31283		invalidParams.Add(request.NewErrParamMinLen("OpenIDConnectProviderArn", 20))
31284	}
31285
31286	if invalidParams.Len() > 0 {
31287		return invalidParams
31288	}
31289	return nil
31290}
31291
31292// SetClientID sets the ClientID field's value.
31293func (s *RemoveClientIDFromOpenIDConnectProviderInput) SetClientID(v string) *RemoveClientIDFromOpenIDConnectProviderInput {
31294	s.ClientID = &v
31295	return s
31296}
31297
31298// SetOpenIDConnectProviderArn sets the OpenIDConnectProviderArn field's value.
31299func (s *RemoveClientIDFromOpenIDConnectProviderInput) SetOpenIDConnectProviderArn(v string) *RemoveClientIDFromOpenIDConnectProviderInput {
31300	s.OpenIDConnectProviderArn = &v
31301	return s
31302}
31303
31304type RemoveClientIDFromOpenIDConnectProviderOutput struct {
31305	_ struct{} `type:"structure"`
31306}
31307
31308// String returns the string representation
31309func (s RemoveClientIDFromOpenIDConnectProviderOutput) String() string {
31310	return awsutil.Prettify(s)
31311}
31312
31313// GoString returns the string representation
31314func (s RemoveClientIDFromOpenIDConnectProviderOutput) GoString() string {
31315	return s.String()
31316}
31317
31318type RemoveRoleFromInstanceProfileInput struct {
31319	_ struct{} `type:"structure"`
31320
31321	// The name of the instance profile to update.
31322	//
31323	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
31324	// a string of characters consisting of upper and lowercase alphanumeric characters
31325	// with no spaces. You can also include any of the following characters: _+=,.@-
31326	//
31327	// InstanceProfileName is a required field
31328	InstanceProfileName *string `min:"1" type:"string" required:"true"`
31329
31330	// The name of the role to remove.
31331	//
31332	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
31333	// a string of characters consisting of upper and lowercase alphanumeric characters
31334	// with no spaces. You can also include any of the following characters: _+=,.@-
31335	//
31336	// RoleName is a required field
31337	RoleName *string `min:"1" type:"string" required:"true"`
31338}
31339
31340// String returns the string representation
31341func (s RemoveRoleFromInstanceProfileInput) String() string {
31342	return awsutil.Prettify(s)
31343}
31344
31345// GoString returns the string representation
31346func (s RemoveRoleFromInstanceProfileInput) GoString() string {
31347	return s.String()
31348}
31349
31350// Validate inspects the fields of the type to determine if they are valid.
31351func (s *RemoveRoleFromInstanceProfileInput) Validate() error {
31352	invalidParams := request.ErrInvalidParams{Context: "RemoveRoleFromInstanceProfileInput"}
31353	if s.InstanceProfileName == nil {
31354		invalidParams.Add(request.NewErrParamRequired("InstanceProfileName"))
31355	}
31356	if s.InstanceProfileName != nil && len(*s.InstanceProfileName) < 1 {
31357		invalidParams.Add(request.NewErrParamMinLen("InstanceProfileName", 1))
31358	}
31359	if s.RoleName == nil {
31360		invalidParams.Add(request.NewErrParamRequired("RoleName"))
31361	}
31362	if s.RoleName != nil && len(*s.RoleName) < 1 {
31363		invalidParams.Add(request.NewErrParamMinLen("RoleName", 1))
31364	}
31365
31366	if invalidParams.Len() > 0 {
31367		return invalidParams
31368	}
31369	return nil
31370}
31371
31372// SetInstanceProfileName sets the InstanceProfileName field's value.
31373func (s *RemoveRoleFromInstanceProfileInput) SetInstanceProfileName(v string) *RemoveRoleFromInstanceProfileInput {
31374	s.InstanceProfileName = &v
31375	return s
31376}
31377
31378// SetRoleName sets the RoleName field's value.
31379func (s *RemoveRoleFromInstanceProfileInput) SetRoleName(v string) *RemoveRoleFromInstanceProfileInput {
31380	s.RoleName = &v
31381	return s
31382}
31383
31384type RemoveRoleFromInstanceProfileOutput struct {
31385	_ struct{} `type:"structure"`
31386}
31387
31388// String returns the string representation
31389func (s RemoveRoleFromInstanceProfileOutput) String() string {
31390	return awsutil.Prettify(s)
31391}
31392
31393// GoString returns the string representation
31394func (s RemoveRoleFromInstanceProfileOutput) GoString() string {
31395	return s.String()
31396}
31397
31398type RemoveUserFromGroupInput struct {
31399	_ struct{} `type:"structure"`
31400
31401	// The name of the group to update.
31402	//
31403	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
31404	// a string of characters consisting of upper and lowercase alphanumeric characters
31405	// with no spaces. You can also include any of the following characters: _+=,.@-
31406	//
31407	// GroupName is a required field
31408	GroupName *string `min:"1" type:"string" required:"true"`
31409
31410	// The name of the user to remove.
31411	//
31412	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
31413	// a string of characters consisting of upper and lowercase alphanumeric characters
31414	// with no spaces. You can also include any of the following characters: _+=,.@-
31415	//
31416	// UserName is a required field
31417	UserName *string `min:"1" type:"string" required:"true"`
31418}
31419
31420// String returns the string representation
31421func (s RemoveUserFromGroupInput) String() string {
31422	return awsutil.Prettify(s)
31423}
31424
31425// GoString returns the string representation
31426func (s RemoveUserFromGroupInput) GoString() string {
31427	return s.String()
31428}
31429
31430// Validate inspects the fields of the type to determine if they are valid.
31431func (s *RemoveUserFromGroupInput) Validate() error {
31432	invalidParams := request.ErrInvalidParams{Context: "RemoveUserFromGroupInput"}
31433	if s.GroupName == nil {
31434		invalidParams.Add(request.NewErrParamRequired("GroupName"))
31435	}
31436	if s.GroupName != nil && len(*s.GroupName) < 1 {
31437		invalidParams.Add(request.NewErrParamMinLen("GroupName", 1))
31438	}
31439	if s.UserName == nil {
31440		invalidParams.Add(request.NewErrParamRequired("UserName"))
31441	}
31442	if s.UserName != nil && len(*s.UserName) < 1 {
31443		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
31444	}
31445
31446	if invalidParams.Len() > 0 {
31447		return invalidParams
31448	}
31449	return nil
31450}
31451
31452// SetGroupName sets the GroupName field's value.
31453func (s *RemoveUserFromGroupInput) SetGroupName(v string) *RemoveUserFromGroupInput {
31454	s.GroupName = &v
31455	return s
31456}
31457
31458// SetUserName sets the UserName field's value.
31459func (s *RemoveUserFromGroupInput) SetUserName(v string) *RemoveUserFromGroupInput {
31460	s.UserName = &v
31461	return s
31462}
31463
31464type RemoveUserFromGroupOutput struct {
31465	_ struct{} `type:"structure"`
31466}
31467
31468// String returns the string representation
31469func (s RemoveUserFromGroupOutput) String() string {
31470	return awsutil.Prettify(s)
31471}
31472
31473// GoString returns the string representation
31474func (s RemoveUserFromGroupOutput) GoString() string {
31475	return s.String()
31476}
31477
31478type ResetServiceSpecificCredentialInput struct {
31479	_ struct{} `type:"structure"`
31480
31481	// The unique identifier of the service-specific credential.
31482	//
31483	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
31484	// a string of characters that can consist of any upper or lowercased letter
31485	// or digit.
31486	//
31487	// ServiceSpecificCredentialId is a required field
31488	ServiceSpecificCredentialId *string `min:"20" type:"string" required:"true"`
31489
31490	// The name of the IAM user associated with the service-specific credential.
31491	// If this value is not specified, then the operation assumes the user whose
31492	// credentials are used to call the operation.
31493	//
31494	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
31495	// a string of characters consisting of upper and lowercase alphanumeric characters
31496	// with no spaces. You can also include any of the following characters: _+=,.@-
31497	UserName *string `min:"1" type:"string"`
31498}
31499
31500// String returns the string representation
31501func (s ResetServiceSpecificCredentialInput) String() string {
31502	return awsutil.Prettify(s)
31503}
31504
31505// GoString returns the string representation
31506func (s ResetServiceSpecificCredentialInput) GoString() string {
31507	return s.String()
31508}
31509
31510// Validate inspects the fields of the type to determine if they are valid.
31511func (s *ResetServiceSpecificCredentialInput) Validate() error {
31512	invalidParams := request.ErrInvalidParams{Context: "ResetServiceSpecificCredentialInput"}
31513	if s.ServiceSpecificCredentialId == nil {
31514		invalidParams.Add(request.NewErrParamRequired("ServiceSpecificCredentialId"))
31515	}
31516	if s.ServiceSpecificCredentialId != nil && len(*s.ServiceSpecificCredentialId) < 20 {
31517		invalidParams.Add(request.NewErrParamMinLen("ServiceSpecificCredentialId", 20))
31518	}
31519	if s.UserName != nil && len(*s.UserName) < 1 {
31520		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
31521	}
31522
31523	if invalidParams.Len() > 0 {
31524		return invalidParams
31525	}
31526	return nil
31527}
31528
31529// SetServiceSpecificCredentialId sets the ServiceSpecificCredentialId field's value.
31530func (s *ResetServiceSpecificCredentialInput) SetServiceSpecificCredentialId(v string) *ResetServiceSpecificCredentialInput {
31531	s.ServiceSpecificCredentialId = &v
31532	return s
31533}
31534
31535// SetUserName sets the UserName field's value.
31536func (s *ResetServiceSpecificCredentialInput) SetUserName(v string) *ResetServiceSpecificCredentialInput {
31537	s.UserName = &v
31538	return s
31539}
31540
31541type ResetServiceSpecificCredentialOutput struct {
31542	_ struct{} `type:"structure"`
31543
31544	// A structure with details about the updated service-specific credential, including
31545	// the new password.
31546	//
31547	// This is the only time that you can access the password. You cannot recover
31548	// the password later, but you can reset it again.
31549	ServiceSpecificCredential *ServiceSpecificCredential `type:"structure"`
31550}
31551
31552// String returns the string representation
31553func (s ResetServiceSpecificCredentialOutput) String() string {
31554	return awsutil.Prettify(s)
31555}
31556
31557// GoString returns the string representation
31558func (s ResetServiceSpecificCredentialOutput) GoString() string {
31559	return s.String()
31560}
31561
31562// SetServiceSpecificCredential sets the ServiceSpecificCredential field's value.
31563func (s *ResetServiceSpecificCredentialOutput) SetServiceSpecificCredential(v *ServiceSpecificCredential) *ResetServiceSpecificCredentialOutput {
31564	s.ServiceSpecificCredential = v
31565	return s
31566}
31567
31568// Contains the result of the simulation of a single API operation call on a
31569// single resource.
31570//
31571// This data type is used by a member of the EvaluationResult data type.
31572type ResourceSpecificResult struct {
31573	_ struct{} `type:"structure"`
31574
31575	// Additional details about the results of the evaluation decision on a single
31576	// resource. This parameter is returned only for cross-account simulations.
31577	// This parameter explains how each policy type contributes to the resource-specific
31578	// evaluation decision.
31579	EvalDecisionDetails map[string]*string `type:"map"`
31580
31581	// The result of the simulation of the simulated API operation on the resource
31582	// specified in EvalResourceName.
31583	//
31584	// EvalResourceDecision is a required field
31585	EvalResourceDecision *string `type:"string" required:"true" enum:"PolicyEvaluationDecisionType"`
31586
31587	// The name of the simulated resource, in Amazon Resource Name (ARN) format.
31588	//
31589	// EvalResourceName is a required field
31590	EvalResourceName *string `min:"1" type:"string" required:"true"`
31591
31592	// A list of the statements in the input policies that determine the result
31593	// for this part of the simulation. Remember that even if multiple statements
31594	// allow the operation on the resource, if any statement denies that operation,
31595	// then the explicit deny overrides any allow. In addition, the deny statement
31596	// is the only entry included in the result.
31597	MatchedStatements []*Statement `type:"list"`
31598
31599	// A list of context keys that are required by the included input policies but
31600	// that were not provided by one of the input parameters. This list is used
31601	// when a list of ARNs is included in the ResourceArns parameter instead of
31602	// "*". If you do not specify individual resources, by setting ResourceArns
31603	// to "*" or by not including the ResourceArns parameter, then any missing context
31604	// values are instead included under the EvaluationResults section. To discover
31605	// the context keys used by a set of policies, you can call GetContextKeysForCustomPolicy
31606	// or GetContextKeysForPrincipalPolicy.
31607	MissingContextValues []*string `type:"list"`
31608
31609	// Contains information about the effect that a permissions boundary has on
31610	// a policy simulation when that boundary is applied to an IAM entity.
31611	PermissionsBoundaryDecisionDetail *PermissionsBoundaryDecisionDetail `type:"structure"`
31612}
31613
31614// String returns the string representation
31615func (s ResourceSpecificResult) String() string {
31616	return awsutil.Prettify(s)
31617}
31618
31619// GoString returns the string representation
31620func (s ResourceSpecificResult) GoString() string {
31621	return s.String()
31622}
31623
31624// SetEvalDecisionDetails sets the EvalDecisionDetails field's value.
31625func (s *ResourceSpecificResult) SetEvalDecisionDetails(v map[string]*string) *ResourceSpecificResult {
31626	s.EvalDecisionDetails = v
31627	return s
31628}
31629
31630// SetEvalResourceDecision sets the EvalResourceDecision field's value.
31631func (s *ResourceSpecificResult) SetEvalResourceDecision(v string) *ResourceSpecificResult {
31632	s.EvalResourceDecision = &v
31633	return s
31634}
31635
31636// SetEvalResourceName sets the EvalResourceName field's value.
31637func (s *ResourceSpecificResult) SetEvalResourceName(v string) *ResourceSpecificResult {
31638	s.EvalResourceName = &v
31639	return s
31640}
31641
31642// SetMatchedStatements sets the MatchedStatements field's value.
31643func (s *ResourceSpecificResult) SetMatchedStatements(v []*Statement) *ResourceSpecificResult {
31644	s.MatchedStatements = v
31645	return s
31646}
31647
31648// SetMissingContextValues sets the MissingContextValues field's value.
31649func (s *ResourceSpecificResult) SetMissingContextValues(v []*string) *ResourceSpecificResult {
31650	s.MissingContextValues = v
31651	return s
31652}
31653
31654// SetPermissionsBoundaryDecisionDetail sets the PermissionsBoundaryDecisionDetail field's value.
31655func (s *ResourceSpecificResult) SetPermissionsBoundaryDecisionDetail(v *PermissionsBoundaryDecisionDetail) *ResourceSpecificResult {
31656	s.PermissionsBoundaryDecisionDetail = v
31657	return s
31658}
31659
31660type ResyncMFADeviceInput struct {
31661	_ struct{} `type:"structure"`
31662
31663	// An authentication code emitted by the device.
31664	//
31665	// The format for this parameter is a sequence of six digits.
31666	//
31667	// AuthenticationCode1 is a required field
31668	AuthenticationCode1 *string `min:"6" type:"string" required:"true"`
31669
31670	// A subsequent authentication code emitted by the device.
31671	//
31672	// The format for this parameter is a sequence of six digits.
31673	//
31674	// AuthenticationCode2 is a required field
31675	AuthenticationCode2 *string `min:"6" type:"string" required:"true"`
31676
31677	// Serial number that uniquely identifies the MFA device.
31678	//
31679	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
31680	// a string of characters consisting of upper and lowercase alphanumeric characters
31681	// with no spaces. You can also include any of the following characters: _+=,.@-
31682	//
31683	// SerialNumber is a required field
31684	SerialNumber *string `min:"9" type:"string" required:"true"`
31685
31686	// The name of the user whose MFA device you want to resynchronize.
31687	//
31688	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
31689	// a string of characters consisting of upper and lowercase alphanumeric characters
31690	// with no spaces. You can also include any of the following characters: _+=,.@-
31691	//
31692	// UserName is a required field
31693	UserName *string `min:"1" type:"string" required:"true"`
31694}
31695
31696// String returns the string representation
31697func (s ResyncMFADeviceInput) String() string {
31698	return awsutil.Prettify(s)
31699}
31700
31701// GoString returns the string representation
31702func (s ResyncMFADeviceInput) GoString() string {
31703	return s.String()
31704}
31705
31706// Validate inspects the fields of the type to determine if they are valid.
31707func (s *ResyncMFADeviceInput) Validate() error {
31708	invalidParams := request.ErrInvalidParams{Context: "ResyncMFADeviceInput"}
31709	if s.AuthenticationCode1 == nil {
31710		invalidParams.Add(request.NewErrParamRequired("AuthenticationCode1"))
31711	}
31712	if s.AuthenticationCode1 != nil && len(*s.AuthenticationCode1) < 6 {
31713		invalidParams.Add(request.NewErrParamMinLen("AuthenticationCode1", 6))
31714	}
31715	if s.AuthenticationCode2 == nil {
31716		invalidParams.Add(request.NewErrParamRequired("AuthenticationCode2"))
31717	}
31718	if s.AuthenticationCode2 != nil && len(*s.AuthenticationCode2) < 6 {
31719		invalidParams.Add(request.NewErrParamMinLen("AuthenticationCode2", 6))
31720	}
31721	if s.SerialNumber == nil {
31722		invalidParams.Add(request.NewErrParamRequired("SerialNumber"))
31723	}
31724	if s.SerialNumber != nil && len(*s.SerialNumber) < 9 {
31725		invalidParams.Add(request.NewErrParamMinLen("SerialNumber", 9))
31726	}
31727	if s.UserName == nil {
31728		invalidParams.Add(request.NewErrParamRequired("UserName"))
31729	}
31730	if s.UserName != nil && len(*s.UserName) < 1 {
31731		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
31732	}
31733
31734	if invalidParams.Len() > 0 {
31735		return invalidParams
31736	}
31737	return nil
31738}
31739
31740// SetAuthenticationCode1 sets the AuthenticationCode1 field's value.
31741func (s *ResyncMFADeviceInput) SetAuthenticationCode1(v string) *ResyncMFADeviceInput {
31742	s.AuthenticationCode1 = &v
31743	return s
31744}
31745
31746// SetAuthenticationCode2 sets the AuthenticationCode2 field's value.
31747func (s *ResyncMFADeviceInput) SetAuthenticationCode2(v string) *ResyncMFADeviceInput {
31748	s.AuthenticationCode2 = &v
31749	return s
31750}
31751
31752// SetSerialNumber sets the SerialNumber field's value.
31753func (s *ResyncMFADeviceInput) SetSerialNumber(v string) *ResyncMFADeviceInput {
31754	s.SerialNumber = &v
31755	return s
31756}
31757
31758// SetUserName sets the UserName field's value.
31759func (s *ResyncMFADeviceInput) SetUserName(v string) *ResyncMFADeviceInput {
31760	s.UserName = &v
31761	return s
31762}
31763
31764type ResyncMFADeviceOutput struct {
31765	_ struct{} `type:"structure"`
31766}
31767
31768// String returns the string representation
31769func (s ResyncMFADeviceOutput) String() string {
31770	return awsutil.Prettify(s)
31771}
31772
31773// GoString returns the string representation
31774func (s ResyncMFADeviceOutput) GoString() string {
31775	return s.String()
31776}
31777
31778// Contains information about an IAM role. This structure is returned as a response
31779// element in several API operations that interact with roles.
31780type Role struct {
31781	_ struct{} `type:"structure"`
31782
31783	// The Amazon Resource Name (ARN) specifying the role. For more information
31784	// about ARNs and how to use them in policies, see IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
31785	// in the IAM User Guide guide.
31786	//
31787	// Arn is a required field
31788	Arn *string `min:"20" type:"string" required:"true"`
31789
31790	// The policy that grants an entity permission to assume the role.
31791	AssumeRolePolicyDocument *string `min:"1" type:"string"`
31792
31793	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
31794	// when the role was created.
31795	//
31796	// CreateDate is a required field
31797	CreateDate *time.Time `type:"timestamp" required:"true"`
31798
31799	// A description of the role that you provide.
31800	Description *string `type:"string"`
31801
31802	// The maximum session duration (in seconds) for the specified role. Anyone
31803	// who uses the AWS CLI, or API to assume the role can specify the duration
31804	// using the optional DurationSeconds API parameter or duration-seconds CLI
31805	// parameter.
31806	MaxSessionDuration *int64 `min:"3600" type:"integer"`
31807
31808	// The path to the role. For more information about paths, see IAM identifiers
31809	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
31810	// in the IAM User Guide.
31811	//
31812	// Path is a required field
31813	Path *string `min:"1" type:"string" required:"true"`
31814
31815	// The ARN of the policy used to set the permissions boundary for the role.
31816	//
31817	// For more information about permissions boundaries, see Permissions boundaries
31818	// for IAM identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html)
31819	// in the IAM User Guide.
31820	PermissionsBoundary *AttachedPermissionsBoundary `type:"structure"`
31821
31822	// The stable and unique string identifying the role. For more information about
31823	// IDs, see IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
31824	// in the IAM User Guide.
31825	//
31826	// RoleId is a required field
31827	RoleId *string `min:"16" type:"string" required:"true"`
31828
31829	// Contains information about the last time that an IAM role was used. This
31830	// includes the date and time and the Region in which the role was last used.
31831	// Activity is only reported for the trailing 400 days. This period can be shorter
31832	// if your Region began supporting these features within the last year. The
31833	// role might have been used more than 400 days ago. For more information, see
31834	// Regions where data is tracked (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#access-advisor_tracking-period)
31835	// in the IAM User Guide.
31836	RoleLastUsed *RoleLastUsed `type:"structure"`
31837
31838	// The friendly name that identifies the role.
31839	//
31840	// RoleName is a required field
31841	RoleName *string `min:"1" type:"string" required:"true"`
31842
31843	// A list of tags that are attached to the role. For more information about
31844	// tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
31845	// in the IAM User Guide.
31846	Tags []*Tag `type:"list"`
31847}
31848
31849// String returns the string representation
31850func (s Role) String() string {
31851	return awsutil.Prettify(s)
31852}
31853
31854// GoString returns the string representation
31855func (s Role) GoString() string {
31856	return s.String()
31857}
31858
31859// SetArn sets the Arn field's value.
31860func (s *Role) SetArn(v string) *Role {
31861	s.Arn = &v
31862	return s
31863}
31864
31865// SetAssumeRolePolicyDocument sets the AssumeRolePolicyDocument field's value.
31866func (s *Role) SetAssumeRolePolicyDocument(v string) *Role {
31867	s.AssumeRolePolicyDocument = &v
31868	return s
31869}
31870
31871// SetCreateDate sets the CreateDate field's value.
31872func (s *Role) SetCreateDate(v time.Time) *Role {
31873	s.CreateDate = &v
31874	return s
31875}
31876
31877// SetDescription sets the Description field's value.
31878func (s *Role) SetDescription(v string) *Role {
31879	s.Description = &v
31880	return s
31881}
31882
31883// SetMaxSessionDuration sets the MaxSessionDuration field's value.
31884func (s *Role) SetMaxSessionDuration(v int64) *Role {
31885	s.MaxSessionDuration = &v
31886	return s
31887}
31888
31889// SetPath sets the Path field's value.
31890func (s *Role) SetPath(v string) *Role {
31891	s.Path = &v
31892	return s
31893}
31894
31895// SetPermissionsBoundary sets the PermissionsBoundary field's value.
31896func (s *Role) SetPermissionsBoundary(v *AttachedPermissionsBoundary) *Role {
31897	s.PermissionsBoundary = v
31898	return s
31899}
31900
31901// SetRoleId sets the RoleId field's value.
31902func (s *Role) SetRoleId(v string) *Role {
31903	s.RoleId = &v
31904	return s
31905}
31906
31907// SetRoleLastUsed sets the RoleLastUsed field's value.
31908func (s *Role) SetRoleLastUsed(v *RoleLastUsed) *Role {
31909	s.RoleLastUsed = v
31910	return s
31911}
31912
31913// SetRoleName sets the RoleName field's value.
31914func (s *Role) SetRoleName(v string) *Role {
31915	s.RoleName = &v
31916	return s
31917}
31918
31919// SetTags sets the Tags field's value.
31920func (s *Role) SetTags(v []*Tag) *Role {
31921	s.Tags = v
31922	return s
31923}
31924
31925// Contains information about an IAM role, including all of the role's policies.
31926//
31927// This data type is used as a response element in the GetAccountAuthorizationDetails
31928// operation.
31929type RoleDetail struct {
31930	_ struct{} `type:"structure"`
31931
31932	// The Amazon Resource Name (ARN). ARNs are unique identifiers for AWS resources.
31933	//
31934	// For more information about ARNs, go to Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
31935	// in the AWS General Reference.
31936	Arn *string `min:"20" type:"string"`
31937
31938	// The trust policy that grants permission to assume the role.
31939	AssumeRolePolicyDocument *string `min:"1" type:"string"`
31940
31941	// A list of managed policies attached to the role. These policies are the role's
31942	// access (permissions) policies.
31943	AttachedManagedPolicies []*AttachedPolicy `type:"list"`
31944
31945	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
31946	// when the role was created.
31947	CreateDate *time.Time `type:"timestamp"`
31948
31949	// A list of instance profiles that contain this role.
31950	InstanceProfileList []*InstanceProfile `type:"list"`
31951
31952	// The path to the role. For more information about paths, see IAM identifiers
31953	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
31954	// in the IAM User Guide.
31955	Path *string `min:"1" type:"string"`
31956
31957	// The ARN of the policy used to set the permissions boundary for the role.
31958	//
31959	// For more information about permissions boundaries, see Permissions boundaries
31960	// for IAM identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html)
31961	// in the IAM User Guide.
31962	PermissionsBoundary *AttachedPermissionsBoundary `type:"structure"`
31963
31964	// The stable and unique string identifying the role. For more information about
31965	// IDs, see IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
31966	// in the IAM User Guide.
31967	RoleId *string `min:"16" type:"string"`
31968
31969	// Contains information about the last time that an IAM role was used. This
31970	// includes the date and time and the Region in which the role was last used.
31971	// Activity is only reported for the trailing 400 days. This period can be shorter
31972	// if your Region began supporting these features within the last year. The
31973	// role might have been used more than 400 days ago. For more information, see
31974	// Regions where data is tracked (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#access-advisor_tracking-period)
31975	// in the IAM User Guide.
31976	RoleLastUsed *RoleLastUsed `type:"structure"`
31977
31978	// The friendly name that identifies the role.
31979	RoleName *string `min:"1" type:"string"`
31980
31981	// A list of inline policies embedded in the role. These policies are the role's
31982	// access (permissions) policies.
31983	RolePolicyList []*PolicyDetail `type:"list"`
31984
31985	// A list of tags that are attached to the role. For more information about
31986	// tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
31987	// in the IAM User Guide.
31988	Tags []*Tag `type:"list"`
31989}
31990
31991// String returns the string representation
31992func (s RoleDetail) String() string {
31993	return awsutil.Prettify(s)
31994}
31995
31996// GoString returns the string representation
31997func (s RoleDetail) GoString() string {
31998	return s.String()
31999}
32000
32001// SetArn sets the Arn field's value.
32002func (s *RoleDetail) SetArn(v string) *RoleDetail {
32003	s.Arn = &v
32004	return s
32005}
32006
32007// SetAssumeRolePolicyDocument sets the AssumeRolePolicyDocument field's value.
32008func (s *RoleDetail) SetAssumeRolePolicyDocument(v string) *RoleDetail {
32009	s.AssumeRolePolicyDocument = &v
32010	return s
32011}
32012
32013// SetAttachedManagedPolicies sets the AttachedManagedPolicies field's value.
32014func (s *RoleDetail) SetAttachedManagedPolicies(v []*AttachedPolicy) *RoleDetail {
32015	s.AttachedManagedPolicies = v
32016	return s
32017}
32018
32019// SetCreateDate sets the CreateDate field's value.
32020func (s *RoleDetail) SetCreateDate(v time.Time) *RoleDetail {
32021	s.CreateDate = &v
32022	return s
32023}
32024
32025// SetInstanceProfileList sets the InstanceProfileList field's value.
32026func (s *RoleDetail) SetInstanceProfileList(v []*InstanceProfile) *RoleDetail {
32027	s.InstanceProfileList = v
32028	return s
32029}
32030
32031// SetPath sets the Path field's value.
32032func (s *RoleDetail) SetPath(v string) *RoleDetail {
32033	s.Path = &v
32034	return s
32035}
32036
32037// SetPermissionsBoundary sets the PermissionsBoundary field's value.
32038func (s *RoleDetail) SetPermissionsBoundary(v *AttachedPermissionsBoundary) *RoleDetail {
32039	s.PermissionsBoundary = v
32040	return s
32041}
32042
32043// SetRoleId sets the RoleId field's value.
32044func (s *RoleDetail) SetRoleId(v string) *RoleDetail {
32045	s.RoleId = &v
32046	return s
32047}
32048
32049// SetRoleLastUsed sets the RoleLastUsed field's value.
32050func (s *RoleDetail) SetRoleLastUsed(v *RoleLastUsed) *RoleDetail {
32051	s.RoleLastUsed = v
32052	return s
32053}
32054
32055// SetRoleName sets the RoleName field's value.
32056func (s *RoleDetail) SetRoleName(v string) *RoleDetail {
32057	s.RoleName = &v
32058	return s
32059}
32060
32061// SetRolePolicyList sets the RolePolicyList field's value.
32062func (s *RoleDetail) SetRolePolicyList(v []*PolicyDetail) *RoleDetail {
32063	s.RolePolicyList = v
32064	return s
32065}
32066
32067// SetTags sets the Tags field's value.
32068func (s *RoleDetail) SetTags(v []*Tag) *RoleDetail {
32069	s.Tags = v
32070	return s
32071}
32072
32073// Contains information about the last time that an IAM role was used. This
32074// includes the date and time and the Region in which the role was last used.
32075// Activity is only reported for the trailing 400 days. This period can be shorter
32076// if your Region began supporting these features within the last year. The
32077// role might have been used more than 400 days ago. For more information, see
32078// Regions where data is tracked (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#access-advisor_tracking-period)
32079// in the IAM User Guide.
32080//
32081// This data type is returned as a response element in the GetRole and GetAccountAuthorizationDetails
32082// operations.
32083type RoleLastUsed struct {
32084	_ struct{} `type:"structure"`
32085
32086	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601)
32087	// that the role was last used.
32088	//
32089	// This field is null if the role has not been used within the IAM tracking
32090	// period. For more information about the tracking period, see Regions where
32091	// data is tracked (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#access-advisor_tracking-period)
32092	// in the IAM User Guide.
32093	LastUsedDate *time.Time `type:"timestamp"`
32094
32095	// The name of the AWS Region in which the role was last used.
32096	Region *string `type:"string"`
32097}
32098
32099// String returns the string representation
32100func (s RoleLastUsed) String() string {
32101	return awsutil.Prettify(s)
32102}
32103
32104// GoString returns the string representation
32105func (s RoleLastUsed) GoString() string {
32106	return s.String()
32107}
32108
32109// SetLastUsedDate sets the LastUsedDate field's value.
32110func (s *RoleLastUsed) SetLastUsedDate(v time.Time) *RoleLastUsed {
32111	s.LastUsedDate = &v
32112	return s
32113}
32114
32115// SetRegion sets the Region field's value.
32116func (s *RoleLastUsed) SetRegion(v string) *RoleLastUsed {
32117	s.Region = &v
32118	return s
32119}
32120
32121// An object that contains details about how a service-linked role is used,
32122// if that information is returned by the service.
32123//
32124// This data type is used as a response element in the GetServiceLinkedRoleDeletionStatus
32125// operation.
32126type RoleUsageType struct {
32127	_ struct{} `type:"structure"`
32128
32129	// The name of the Region where the service-linked role is being used.
32130	Region *string `min:"1" type:"string"`
32131
32132	// The name of the resource that is using the service-linked role.
32133	Resources []*string `type:"list"`
32134}
32135
32136// String returns the string representation
32137func (s RoleUsageType) String() string {
32138	return awsutil.Prettify(s)
32139}
32140
32141// GoString returns the string representation
32142func (s RoleUsageType) GoString() string {
32143	return s.String()
32144}
32145
32146// SetRegion sets the Region field's value.
32147func (s *RoleUsageType) SetRegion(v string) *RoleUsageType {
32148	s.Region = &v
32149	return s
32150}
32151
32152// SetResources sets the Resources field's value.
32153func (s *RoleUsageType) SetResources(v []*string) *RoleUsageType {
32154	s.Resources = v
32155	return s
32156}
32157
32158// Contains the list of SAML providers for this account.
32159type SAMLProviderListEntry struct {
32160	_ struct{} `type:"structure"`
32161
32162	// The Amazon Resource Name (ARN) of the SAML provider.
32163	Arn *string `min:"20" type:"string"`
32164
32165	// The date and time when the SAML provider was created.
32166	CreateDate *time.Time `type:"timestamp"`
32167
32168	// The expiration date and time for the SAML provider.
32169	ValidUntil *time.Time `type:"timestamp"`
32170}
32171
32172// String returns the string representation
32173func (s SAMLProviderListEntry) String() string {
32174	return awsutil.Prettify(s)
32175}
32176
32177// GoString returns the string representation
32178func (s SAMLProviderListEntry) GoString() string {
32179	return s.String()
32180}
32181
32182// SetArn sets the Arn field's value.
32183func (s *SAMLProviderListEntry) SetArn(v string) *SAMLProviderListEntry {
32184	s.Arn = &v
32185	return s
32186}
32187
32188// SetCreateDate sets the CreateDate field's value.
32189func (s *SAMLProviderListEntry) SetCreateDate(v time.Time) *SAMLProviderListEntry {
32190	s.CreateDate = &v
32191	return s
32192}
32193
32194// SetValidUntil sets the ValidUntil field's value.
32195func (s *SAMLProviderListEntry) SetValidUntil(v time.Time) *SAMLProviderListEntry {
32196	s.ValidUntil = &v
32197	return s
32198}
32199
32200// Contains information about an SSH public key.
32201//
32202// This data type is used as a response element in the GetSSHPublicKey and UploadSSHPublicKey
32203// operations.
32204type SSHPublicKey struct {
32205	_ struct{} `type:"structure"`
32206
32207	// The MD5 message digest of the SSH public key.
32208	//
32209	// Fingerprint is a required field
32210	Fingerprint *string `min:"48" type:"string" required:"true"`
32211
32212	// The SSH public key.
32213	//
32214	// SSHPublicKeyBody is a required field
32215	SSHPublicKeyBody *string `min:"1" type:"string" required:"true"`
32216
32217	// The unique identifier for the SSH public key.
32218	//
32219	// SSHPublicKeyId is a required field
32220	SSHPublicKeyId *string `min:"20" type:"string" required:"true"`
32221
32222	// The status of the SSH public key. Active means that the key can be used for
32223	// authentication with an AWS CodeCommit repository. Inactive means that the
32224	// key cannot be used.
32225	//
32226	// Status is a required field
32227	Status *string `type:"string" required:"true" enum:"StatusType"`
32228
32229	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
32230	// when the SSH public key was uploaded.
32231	UploadDate *time.Time `type:"timestamp"`
32232
32233	// The name of the IAM user associated with the SSH public key.
32234	//
32235	// UserName is a required field
32236	UserName *string `min:"1" type:"string" required:"true"`
32237}
32238
32239// String returns the string representation
32240func (s SSHPublicKey) String() string {
32241	return awsutil.Prettify(s)
32242}
32243
32244// GoString returns the string representation
32245func (s SSHPublicKey) GoString() string {
32246	return s.String()
32247}
32248
32249// SetFingerprint sets the Fingerprint field's value.
32250func (s *SSHPublicKey) SetFingerprint(v string) *SSHPublicKey {
32251	s.Fingerprint = &v
32252	return s
32253}
32254
32255// SetSSHPublicKeyBody sets the SSHPublicKeyBody field's value.
32256func (s *SSHPublicKey) SetSSHPublicKeyBody(v string) *SSHPublicKey {
32257	s.SSHPublicKeyBody = &v
32258	return s
32259}
32260
32261// SetSSHPublicKeyId sets the SSHPublicKeyId field's value.
32262func (s *SSHPublicKey) SetSSHPublicKeyId(v string) *SSHPublicKey {
32263	s.SSHPublicKeyId = &v
32264	return s
32265}
32266
32267// SetStatus sets the Status field's value.
32268func (s *SSHPublicKey) SetStatus(v string) *SSHPublicKey {
32269	s.Status = &v
32270	return s
32271}
32272
32273// SetUploadDate sets the UploadDate field's value.
32274func (s *SSHPublicKey) SetUploadDate(v time.Time) *SSHPublicKey {
32275	s.UploadDate = &v
32276	return s
32277}
32278
32279// SetUserName sets the UserName field's value.
32280func (s *SSHPublicKey) SetUserName(v string) *SSHPublicKey {
32281	s.UserName = &v
32282	return s
32283}
32284
32285// Contains information about an SSH public key, without the key's body or fingerprint.
32286//
32287// This data type is used as a response element in the ListSSHPublicKeys operation.
32288type SSHPublicKeyMetadata struct {
32289	_ struct{} `type:"structure"`
32290
32291	// The unique identifier for the SSH public key.
32292	//
32293	// SSHPublicKeyId is a required field
32294	SSHPublicKeyId *string `min:"20" type:"string" required:"true"`
32295
32296	// The status of the SSH public key. Active means that the key can be used for
32297	// authentication with an AWS CodeCommit repository. Inactive means that the
32298	// key cannot be used.
32299	//
32300	// Status is a required field
32301	Status *string `type:"string" required:"true" enum:"StatusType"`
32302
32303	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
32304	// when the SSH public key was uploaded.
32305	//
32306	// UploadDate is a required field
32307	UploadDate *time.Time `type:"timestamp" required:"true"`
32308
32309	// The name of the IAM user associated with the SSH public key.
32310	//
32311	// UserName is a required field
32312	UserName *string `min:"1" type:"string" required:"true"`
32313}
32314
32315// String returns the string representation
32316func (s SSHPublicKeyMetadata) String() string {
32317	return awsutil.Prettify(s)
32318}
32319
32320// GoString returns the string representation
32321func (s SSHPublicKeyMetadata) GoString() string {
32322	return s.String()
32323}
32324
32325// SetSSHPublicKeyId sets the SSHPublicKeyId field's value.
32326func (s *SSHPublicKeyMetadata) SetSSHPublicKeyId(v string) *SSHPublicKeyMetadata {
32327	s.SSHPublicKeyId = &v
32328	return s
32329}
32330
32331// SetStatus sets the Status field's value.
32332func (s *SSHPublicKeyMetadata) SetStatus(v string) *SSHPublicKeyMetadata {
32333	s.Status = &v
32334	return s
32335}
32336
32337// SetUploadDate sets the UploadDate field's value.
32338func (s *SSHPublicKeyMetadata) SetUploadDate(v time.Time) *SSHPublicKeyMetadata {
32339	s.UploadDate = &v
32340	return s
32341}
32342
32343// SetUserName sets the UserName field's value.
32344func (s *SSHPublicKeyMetadata) SetUserName(v string) *SSHPublicKeyMetadata {
32345	s.UserName = &v
32346	return s
32347}
32348
32349// Contains information about a server certificate.
32350//
32351// This data type is used as a response element in the GetServerCertificate
32352// operation.
32353type ServerCertificate struct {
32354	_ struct{} `type:"structure"`
32355
32356	// The contents of the public key certificate.
32357	//
32358	// CertificateBody is a required field
32359	CertificateBody *string `min:"1" type:"string" required:"true"`
32360
32361	// The contents of the public key certificate chain.
32362	CertificateChain *string `min:"1" type:"string"`
32363
32364	// The meta information of the server certificate, such as its name, path, ID,
32365	// and ARN.
32366	//
32367	// ServerCertificateMetadata is a required field
32368	ServerCertificateMetadata *ServerCertificateMetadata `type:"structure" required:"true"`
32369
32370	// A list of tags that are attached to the server certificate. For more information
32371	// about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
32372	// in the IAM User Guide.
32373	Tags []*Tag `type:"list"`
32374}
32375
32376// String returns the string representation
32377func (s ServerCertificate) String() string {
32378	return awsutil.Prettify(s)
32379}
32380
32381// GoString returns the string representation
32382func (s ServerCertificate) GoString() string {
32383	return s.String()
32384}
32385
32386// SetCertificateBody sets the CertificateBody field's value.
32387func (s *ServerCertificate) SetCertificateBody(v string) *ServerCertificate {
32388	s.CertificateBody = &v
32389	return s
32390}
32391
32392// SetCertificateChain sets the CertificateChain field's value.
32393func (s *ServerCertificate) SetCertificateChain(v string) *ServerCertificate {
32394	s.CertificateChain = &v
32395	return s
32396}
32397
32398// SetServerCertificateMetadata sets the ServerCertificateMetadata field's value.
32399func (s *ServerCertificate) SetServerCertificateMetadata(v *ServerCertificateMetadata) *ServerCertificate {
32400	s.ServerCertificateMetadata = v
32401	return s
32402}
32403
32404// SetTags sets the Tags field's value.
32405func (s *ServerCertificate) SetTags(v []*Tag) *ServerCertificate {
32406	s.Tags = v
32407	return s
32408}
32409
32410// Contains information about a server certificate without its certificate body,
32411// certificate chain, and private key.
32412//
32413// This data type is used as a response element in the UploadServerCertificate
32414// and ListServerCertificates operations.
32415type ServerCertificateMetadata struct {
32416	_ struct{} `type:"structure"`
32417
32418	// The Amazon Resource Name (ARN) specifying the server certificate. For more
32419	// information about ARNs and how to use them in policies, see IAM identifiers
32420	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
32421	// in the IAM User Guide.
32422	//
32423	// Arn is a required field
32424	Arn *string `min:"20" type:"string" required:"true"`
32425
32426	// The date on which the certificate is set to expire.
32427	Expiration *time.Time `type:"timestamp"`
32428
32429	// The path to the server certificate. For more information about paths, see
32430	// IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
32431	// in the IAM User Guide.
32432	//
32433	// Path is a required field
32434	Path *string `min:"1" type:"string" required:"true"`
32435
32436	// The stable and unique string identifying the server certificate. For more
32437	// information about IDs, see IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
32438	// in the IAM User Guide.
32439	//
32440	// ServerCertificateId is a required field
32441	ServerCertificateId *string `min:"16" type:"string" required:"true"`
32442
32443	// The name that identifies the server certificate.
32444	//
32445	// ServerCertificateName is a required field
32446	ServerCertificateName *string `min:"1" type:"string" required:"true"`
32447
32448	// The date when the server certificate was uploaded.
32449	UploadDate *time.Time `type:"timestamp"`
32450}
32451
32452// String returns the string representation
32453func (s ServerCertificateMetadata) String() string {
32454	return awsutil.Prettify(s)
32455}
32456
32457// GoString returns the string representation
32458func (s ServerCertificateMetadata) GoString() string {
32459	return s.String()
32460}
32461
32462// SetArn sets the Arn field's value.
32463func (s *ServerCertificateMetadata) SetArn(v string) *ServerCertificateMetadata {
32464	s.Arn = &v
32465	return s
32466}
32467
32468// SetExpiration sets the Expiration field's value.
32469func (s *ServerCertificateMetadata) SetExpiration(v time.Time) *ServerCertificateMetadata {
32470	s.Expiration = &v
32471	return s
32472}
32473
32474// SetPath sets the Path field's value.
32475func (s *ServerCertificateMetadata) SetPath(v string) *ServerCertificateMetadata {
32476	s.Path = &v
32477	return s
32478}
32479
32480// SetServerCertificateId sets the ServerCertificateId field's value.
32481func (s *ServerCertificateMetadata) SetServerCertificateId(v string) *ServerCertificateMetadata {
32482	s.ServerCertificateId = &v
32483	return s
32484}
32485
32486// SetServerCertificateName sets the ServerCertificateName field's value.
32487func (s *ServerCertificateMetadata) SetServerCertificateName(v string) *ServerCertificateMetadata {
32488	s.ServerCertificateName = &v
32489	return s
32490}
32491
32492// SetUploadDate sets the UploadDate field's value.
32493func (s *ServerCertificateMetadata) SetUploadDate(v time.Time) *ServerCertificateMetadata {
32494	s.UploadDate = &v
32495	return s
32496}
32497
32498// Contains details about the most recent attempt to access the service.
32499//
32500// This data type is used as a response element in the GetServiceLastAccessedDetails
32501// operation.
32502type ServiceLastAccessed struct {
32503	_ struct{} `type:"structure"`
32504
32505	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
32506	// when an authenticated entity most recently attempted to access the service.
32507	// AWS does not report unauthenticated requests.
32508	//
32509	// This field is null if no IAM entities attempted to access the service within
32510	// the reporting period (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#service-last-accessed-reporting-period).
32511	LastAuthenticated *time.Time `type:"timestamp"`
32512
32513	// The ARN of the authenticated entity (user or role) that last attempted to
32514	// access the service. AWS does not report unauthenticated requests.
32515	//
32516	// This field is null if no IAM entities attempted to access the service within
32517	// the reporting period (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#service-last-accessed-reporting-period).
32518	LastAuthenticatedEntity *string `min:"20" type:"string"`
32519
32520	// The Region from which the authenticated entity (user or role) last attempted
32521	// to access the service. AWS does not report unauthenticated requests.
32522	//
32523	// This field is null if no IAM entities attempted to access the service within
32524	// the reporting period (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#service-last-accessed-reporting-period).
32525	LastAuthenticatedRegion *string `type:"string"`
32526
32527	// The name of the service in which access was attempted.
32528	//
32529	// ServiceName is a required field
32530	ServiceName *string `type:"string" required:"true"`
32531
32532	// The namespace of the service in which access was attempted.
32533	//
32534	// To learn the service namespace of a service, see Actions, resources, and
32535	// condition keys for AWS services (https://docs.aws.amazon.com/service-authorization/latest/reference/reference_policies_actions-resources-contextkeys.html)
32536	// in the Service Authorization Reference. Choose the name of the service to
32537	// view details for that service. In the first paragraph, find the service prefix.
32538	// For example, (service prefix: a4b). For more information about service namespaces,
32539	// see AWS Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html#genref-aws-service-namespaces)
32540	// in the AWS General Reference.
32541	//
32542	// ServiceNamespace is a required field
32543	ServiceNamespace *string `min:"1" type:"string" required:"true"`
32544
32545	// The total number of authenticated principals (root user, IAM users, or IAM
32546	// roles) that have attempted to access the service.
32547	//
32548	// This field is null if no principals attempted to access the service within
32549	// the reporting period (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#service-last-accessed-reporting-period).
32550	TotalAuthenticatedEntities *int64 `type:"integer"`
32551
32552	// An object that contains details about the most recent attempt to access a
32553	// tracked action within the service.
32554	//
32555	// This field is null if there no tracked actions or if the principal did not
32556	// use the tracked actions within the reporting period (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#service-last-accessed-reporting-period).
32557	// This field is also null if the report was generated at the service level
32558	// and not the action level. For more information, see the Granularity field
32559	// in GenerateServiceLastAccessedDetails.
32560	TrackedActionsLastAccessed []*TrackedActionLastAccessed `type:"list"`
32561}
32562
32563// String returns the string representation
32564func (s ServiceLastAccessed) String() string {
32565	return awsutil.Prettify(s)
32566}
32567
32568// GoString returns the string representation
32569func (s ServiceLastAccessed) GoString() string {
32570	return s.String()
32571}
32572
32573// SetLastAuthenticated sets the LastAuthenticated field's value.
32574func (s *ServiceLastAccessed) SetLastAuthenticated(v time.Time) *ServiceLastAccessed {
32575	s.LastAuthenticated = &v
32576	return s
32577}
32578
32579// SetLastAuthenticatedEntity sets the LastAuthenticatedEntity field's value.
32580func (s *ServiceLastAccessed) SetLastAuthenticatedEntity(v string) *ServiceLastAccessed {
32581	s.LastAuthenticatedEntity = &v
32582	return s
32583}
32584
32585// SetLastAuthenticatedRegion sets the LastAuthenticatedRegion field's value.
32586func (s *ServiceLastAccessed) SetLastAuthenticatedRegion(v string) *ServiceLastAccessed {
32587	s.LastAuthenticatedRegion = &v
32588	return s
32589}
32590
32591// SetServiceName sets the ServiceName field's value.
32592func (s *ServiceLastAccessed) SetServiceName(v string) *ServiceLastAccessed {
32593	s.ServiceName = &v
32594	return s
32595}
32596
32597// SetServiceNamespace sets the ServiceNamespace field's value.
32598func (s *ServiceLastAccessed) SetServiceNamespace(v string) *ServiceLastAccessed {
32599	s.ServiceNamespace = &v
32600	return s
32601}
32602
32603// SetTotalAuthenticatedEntities sets the TotalAuthenticatedEntities field's value.
32604func (s *ServiceLastAccessed) SetTotalAuthenticatedEntities(v int64) *ServiceLastAccessed {
32605	s.TotalAuthenticatedEntities = &v
32606	return s
32607}
32608
32609// SetTrackedActionsLastAccessed sets the TrackedActionsLastAccessed field's value.
32610func (s *ServiceLastAccessed) SetTrackedActionsLastAccessed(v []*TrackedActionLastAccessed) *ServiceLastAccessed {
32611	s.TrackedActionsLastAccessed = v
32612	return s
32613}
32614
32615// Contains the details of a service-specific credential.
32616type ServiceSpecificCredential struct {
32617	_ struct{} `type:"structure"`
32618
32619	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
32620	// when the service-specific credential were created.
32621	//
32622	// CreateDate is a required field
32623	CreateDate *time.Time `type:"timestamp" required:"true"`
32624
32625	// The name of the service associated with the service-specific credential.
32626	//
32627	// ServiceName is a required field
32628	ServiceName *string `type:"string" required:"true"`
32629
32630	// The generated password for the service-specific credential.
32631	//
32632	// ServicePassword is a required field
32633	ServicePassword *string `type:"string" required:"true" sensitive:"true"`
32634
32635	// The unique identifier for the service-specific credential.
32636	//
32637	// ServiceSpecificCredentialId is a required field
32638	ServiceSpecificCredentialId *string `min:"20" type:"string" required:"true"`
32639
32640	// The generated user name for the service-specific credential. This value is
32641	// generated by combining the IAM user's name combined with the ID number of
32642	// the AWS account, as in jane-at-123456789012, for example. This value cannot
32643	// be configured by the user.
32644	//
32645	// ServiceUserName is a required field
32646	ServiceUserName *string `min:"17" type:"string" required:"true"`
32647
32648	// The status of the service-specific credential. Active means that the key
32649	// is valid for API calls, while Inactive means it is not.
32650	//
32651	// Status is a required field
32652	Status *string `type:"string" required:"true" enum:"StatusType"`
32653
32654	// The name of the IAM user associated with the service-specific credential.
32655	//
32656	// UserName is a required field
32657	UserName *string `min:"1" type:"string" required:"true"`
32658}
32659
32660// String returns the string representation
32661func (s ServiceSpecificCredential) String() string {
32662	return awsutil.Prettify(s)
32663}
32664
32665// GoString returns the string representation
32666func (s ServiceSpecificCredential) GoString() string {
32667	return s.String()
32668}
32669
32670// SetCreateDate sets the CreateDate field's value.
32671func (s *ServiceSpecificCredential) SetCreateDate(v time.Time) *ServiceSpecificCredential {
32672	s.CreateDate = &v
32673	return s
32674}
32675
32676// SetServiceName sets the ServiceName field's value.
32677func (s *ServiceSpecificCredential) SetServiceName(v string) *ServiceSpecificCredential {
32678	s.ServiceName = &v
32679	return s
32680}
32681
32682// SetServicePassword sets the ServicePassword field's value.
32683func (s *ServiceSpecificCredential) SetServicePassword(v string) *ServiceSpecificCredential {
32684	s.ServicePassword = &v
32685	return s
32686}
32687
32688// SetServiceSpecificCredentialId sets the ServiceSpecificCredentialId field's value.
32689func (s *ServiceSpecificCredential) SetServiceSpecificCredentialId(v string) *ServiceSpecificCredential {
32690	s.ServiceSpecificCredentialId = &v
32691	return s
32692}
32693
32694// SetServiceUserName sets the ServiceUserName field's value.
32695func (s *ServiceSpecificCredential) SetServiceUserName(v string) *ServiceSpecificCredential {
32696	s.ServiceUserName = &v
32697	return s
32698}
32699
32700// SetStatus sets the Status field's value.
32701func (s *ServiceSpecificCredential) SetStatus(v string) *ServiceSpecificCredential {
32702	s.Status = &v
32703	return s
32704}
32705
32706// SetUserName sets the UserName field's value.
32707func (s *ServiceSpecificCredential) SetUserName(v string) *ServiceSpecificCredential {
32708	s.UserName = &v
32709	return s
32710}
32711
32712// Contains additional details about a service-specific credential.
32713type ServiceSpecificCredentialMetadata struct {
32714	_ struct{} `type:"structure"`
32715
32716	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
32717	// when the service-specific credential were created.
32718	//
32719	// CreateDate is a required field
32720	CreateDate *time.Time `type:"timestamp" required:"true"`
32721
32722	// The name of the service associated with the service-specific credential.
32723	//
32724	// ServiceName is a required field
32725	ServiceName *string `type:"string" required:"true"`
32726
32727	// The unique identifier for the service-specific credential.
32728	//
32729	// ServiceSpecificCredentialId is a required field
32730	ServiceSpecificCredentialId *string `min:"20" type:"string" required:"true"`
32731
32732	// The generated user name for the service-specific credential.
32733	//
32734	// ServiceUserName is a required field
32735	ServiceUserName *string `min:"17" type:"string" required:"true"`
32736
32737	// The status of the service-specific credential. Active means that the key
32738	// is valid for API calls, while Inactive means it is not.
32739	//
32740	// Status is a required field
32741	Status *string `type:"string" required:"true" enum:"StatusType"`
32742
32743	// The name of the IAM user associated with the service-specific credential.
32744	//
32745	// UserName is a required field
32746	UserName *string `min:"1" type:"string" required:"true"`
32747}
32748
32749// String returns the string representation
32750func (s ServiceSpecificCredentialMetadata) String() string {
32751	return awsutil.Prettify(s)
32752}
32753
32754// GoString returns the string representation
32755func (s ServiceSpecificCredentialMetadata) GoString() string {
32756	return s.String()
32757}
32758
32759// SetCreateDate sets the CreateDate field's value.
32760func (s *ServiceSpecificCredentialMetadata) SetCreateDate(v time.Time) *ServiceSpecificCredentialMetadata {
32761	s.CreateDate = &v
32762	return s
32763}
32764
32765// SetServiceName sets the ServiceName field's value.
32766func (s *ServiceSpecificCredentialMetadata) SetServiceName(v string) *ServiceSpecificCredentialMetadata {
32767	s.ServiceName = &v
32768	return s
32769}
32770
32771// SetServiceSpecificCredentialId sets the ServiceSpecificCredentialId field's value.
32772func (s *ServiceSpecificCredentialMetadata) SetServiceSpecificCredentialId(v string) *ServiceSpecificCredentialMetadata {
32773	s.ServiceSpecificCredentialId = &v
32774	return s
32775}
32776
32777// SetServiceUserName sets the ServiceUserName field's value.
32778func (s *ServiceSpecificCredentialMetadata) SetServiceUserName(v string) *ServiceSpecificCredentialMetadata {
32779	s.ServiceUserName = &v
32780	return s
32781}
32782
32783// SetStatus sets the Status field's value.
32784func (s *ServiceSpecificCredentialMetadata) SetStatus(v string) *ServiceSpecificCredentialMetadata {
32785	s.Status = &v
32786	return s
32787}
32788
32789// SetUserName sets the UserName field's value.
32790func (s *ServiceSpecificCredentialMetadata) SetUserName(v string) *ServiceSpecificCredentialMetadata {
32791	s.UserName = &v
32792	return s
32793}
32794
32795type SetDefaultPolicyVersionInput struct {
32796	_ struct{} `type:"structure"`
32797
32798	// The Amazon Resource Name (ARN) of the IAM policy whose default version you
32799	// want to set.
32800	//
32801	// For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
32802	// in the AWS General Reference.
32803	//
32804	// PolicyArn is a required field
32805	PolicyArn *string `min:"20" type:"string" required:"true"`
32806
32807	// The version of the policy to set as the default (operative) version.
32808	//
32809	// For more information about managed policy versions, see Versioning for managed
32810	// policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-versions.html)
32811	// in the IAM User Guide.
32812	//
32813	// VersionId is a required field
32814	VersionId *string `type:"string" required:"true"`
32815}
32816
32817// String returns the string representation
32818func (s SetDefaultPolicyVersionInput) String() string {
32819	return awsutil.Prettify(s)
32820}
32821
32822// GoString returns the string representation
32823func (s SetDefaultPolicyVersionInput) GoString() string {
32824	return s.String()
32825}
32826
32827// Validate inspects the fields of the type to determine if they are valid.
32828func (s *SetDefaultPolicyVersionInput) Validate() error {
32829	invalidParams := request.ErrInvalidParams{Context: "SetDefaultPolicyVersionInput"}
32830	if s.PolicyArn == nil {
32831		invalidParams.Add(request.NewErrParamRequired("PolicyArn"))
32832	}
32833	if s.PolicyArn != nil && len(*s.PolicyArn) < 20 {
32834		invalidParams.Add(request.NewErrParamMinLen("PolicyArn", 20))
32835	}
32836	if s.VersionId == nil {
32837		invalidParams.Add(request.NewErrParamRequired("VersionId"))
32838	}
32839
32840	if invalidParams.Len() > 0 {
32841		return invalidParams
32842	}
32843	return nil
32844}
32845
32846// SetPolicyArn sets the PolicyArn field's value.
32847func (s *SetDefaultPolicyVersionInput) SetPolicyArn(v string) *SetDefaultPolicyVersionInput {
32848	s.PolicyArn = &v
32849	return s
32850}
32851
32852// SetVersionId sets the VersionId field's value.
32853func (s *SetDefaultPolicyVersionInput) SetVersionId(v string) *SetDefaultPolicyVersionInput {
32854	s.VersionId = &v
32855	return s
32856}
32857
32858type SetDefaultPolicyVersionOutput struct {
32859	_ struct{} `type:"structure"`
32860}
32861
32862// String returns the string representation
32863func (s SetDefaultPolicyVersionOutput) String() string {
32864	return awsutil.Prettify(s)
32865}
32866
32867// GoString returns the string representation
32868func (s SetDefaultPolicyVersionOutput) GoString() string {
32869	return s.String()
32870}
32871
32872type SetSecurityTokenServicePreferencesInput struct {
32873	_ struct{} `type:"structure"`
32874
32875	// The version of the global endpoint token. Version 1 tokens are valid only
32876	// in AWS Regions that are available by default. These tokens do not work in
32877	// manually enabled Regions, such as Asia Pacific (Hong Kong). Version 2 tokens
32878	// are valid in all Regions. However, version 2 tokens are longer and might
32879	// affect systems where you temporarily store tokens.
32880	//
32881	// For information, see Activating and deactivating STS in an AWS region (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html)
32882	// in the IAM User Guide.
32883	//
32884	// GlobalEndpointTokenVersion is a required field
32885	GlobalEndpointTokenVersion *string `type:"string" required:"true" enum:"GlobalEndpointTokenVersion"`
32886}
32887
32888// String returns the string representation
32889func (s SetSecurityTokenServicePreferencesInput) String() string {
32890	return awsutil.Prettify(s)
32891}
32892
32893// GoString returns the string representation
32894func (s SetSecurityTokenServicePreferencesInput) GoString() string {
32895	return s.String()
32896}
32897
32898// Validate inspects the fields of the type to determine if they are valid.
32899func (s *SetSecurityTokenServicePreferencesInput) Validate() error {
32900	invalidParams := request.ErrInvalidParams{Context: "SetSecurityTokenServicePreferencesInput"}
32901	if s.GlobalEndpointTokenVersion == nil {
32902		invalidParams.Add(request.NewErrParamRequired("GlobalEndpointTokenVersion"))
32903	}
32904
32905	if invalidParams.Len() > 0 {
32906		return invalidParams
32907	}
32908	return nil
32909}
32910
32911// SetGlobalEndpointTokenVersion sets the GlobalEndpointTokenVersion field's value.
32912func (s *SetSecurityTokenServicePreferencesInput) SetGlobalEndpointTokenVersion(v string) *SetSecurityTokenServicePreferencesInput {
32913	s.GlobalEndpointTokenVersion = &v
32914	return s
32915}
32916
32917type SetSecurityTokenServicePreferencesOutput struct {
32918	_ struct{} `type:"structure"`
32919}
32920
32921// String returns the string representation
32922func (s SetSecurityTokenServicePreferencesOutput) String() string {
32923	return awsutil.Prettify(s)
32924}
32925
32926// GoString returns the string representation
32927func (s SetSecurityTokenServicePreferencesOutput) GoString() string {
32928	return s.String()
32929}
32930
32931// Contains information about an X.509 signing certificate.
32932//
32933// This data type is used as a response element in the UploadSigningCertificate
32934// and ListSigningCertificates operations.
32935type SigningCertificate struct {
32936	_ struct{} `type:"structure"`
32937
32938	// The contents of the signing certificate.
32939	//
32940	// CertificateBody is a required field
32941	CertificateBody *string `min:"1" type:"string" required:"true"`
32942
32943	// The ID for the signing certificate.
32944	//
32945	// CertificateId is a required field
32946	CertificateId *string `min:"24" type:"string" required:"true"`
32947
32948	// The status of the signing certificate. Active means that the key is valid
32949	// for API calls, while Inactive means it is not.
32950	//
32951	// Status is a required field
32952	Status *string `type:"string" required:"true" enum:"StatusType"`
32953
32954	// The date when the signing certificate was uploaded.
32955	UploadDate *time.Time `type:"timestamp"`
32956
32957	// The name of the user the signing certificate is associated with.
32958	//
32959	// UserName is a required field
32960	UserName *string `min:"1" type:"string" required:"true"`
32961}
32962
32963// String returns the string representation
32964func (s SigningCertificate) String() string {
32965	return awsutil.Prettify(s)
32966}
32967
32968// GoString returns the string representation
32969func (s SigningCertificate) GoString() string {
32970	return s.String()
32971}
32972
32973// SetCertificateBody sets the CertificateBody field's value.
32974func (s *SigningCertificate) SetCertificateBody(v string) *SigningCertificate {
32975	s.CertificateBody = &v
32976	return s
32977}
32978
32979// SetCertificateId sets the CertificateId field's value.
32980func (s *SigningCertificate) SetCertificateId(v string) *SigningCertificate {
32981	s.CertificateId = &v
32982	return s
32983}
32984
32985// SetStatus sets the Status field's value.
32986func (s *SigningCertificate) SetStatus(v string) *SigningCertificate {
32987	s.Status = &v
32988	return s
32989}
32990
32991// SetUploadDate sets the UploadDate field's value.
32992func (s *SigningCertificate) SetUploadDate(v time.Time) *SigningCertificate {
32993	s.UploadDate = &v
32994	return s
32995}
32996
32997// SetUserName sets the UserName field's value.
32998func (s *SigningCertificate) SetUserName(v string) *SigningCertificate {
32999	s.UserName = &v
33000	return s
33001}
33002
33003type SimulateCustomPolicyInput struct {
33004	_ struct{} `type:"structure"`
33005
33006	// A list of names of API operations to evaluate in the simulation. Each operation
33007	// is evaluated against each resource. Each operation must include the service
33008	// identifier, such as iam:CreateUser. This operation does not support using
33009	// wildcards (*) in an action name.
33010	//
33011	// ActionNames is a required field
33012	ActionNames []*string `type:"list" required:"true"`
33013
33014	// The ARN of the IAM user that you want to use as the simulated caller of the
33015	// API operations. CallerArn is required if you include a ResourcePolicy so
33016	// that the policy's Principal element has a value to use in evaluating the
33017	// policy.
33018	//
33019	// You can specify only the ARN of an IAM user. You cannot specify the ARN of
33020	// an assumed role, federated user, or a service principal.
33021	CallerArn *string `min:"1" type:"string"`
33022
33023	// A list of context keys and corresponding values for the simulation to use.
33024	// Whenever a context key is evaluated in one of the simulated IAM permissions
33025	// policies, the corresponding value is supplied.
33026	ContextEntries []*ContextEntry `type:"list"`
33027
33028	// Use this parameter only when paginating results and only after you receive
33029	// a response indicating that the results are truncated. Set it to the value
33030	// of the Marker element in the response that you received to indicate where
33031	// the next call should start.
33032	Marker *string `min:"1" type:"string"`
33033
33034	// Use this only when paginating results to indicate the maximum number of items
33035	// you want in the response. If additional items exist beyond the maximum you
33036	// specify, the IsTruncated response element is true.
33037	//
33038	// If you do not include this parameter, the number of items defaults to 100.
33039	// Note that IAM might return fewer results, even when there are more results
33040	// available. In that case, the IsTruncated response element returns true, and
33041	// Marker contains a value to include in the subsequent call that tells the
33042	// service where to continue from.
33043	MaxItems *int64 `min:"1" type:"integer"`
33044
33045	// The IAM permissions boundary policy to simulate. The permissions boundary
33046	// sets the maximum permissions that an IAM entity can have. You can input only
33047	// one permissions boundary when you pass a policy to this operation. For more
33048	// information about permissions boundaries, see Permissions boundaries for
33049	// IAM entities (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html)
33050	// in the IAM User Guide. The policy input is specified as a string that contains
33051	// the complete, valid JSON text of a permissions boundary policy.
33052	//
33053	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
33054	// parameter is a string of characters consisting of the following:
33055	//
33056	//    * Any printable ASCII character ranging from the space character (\u0020)
33057	//    through the end of the ASCII character range
33058	//
33059	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
33060	//    set (through \u00FF)
33061	//
33062	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
33063	//    return (\u000D)
33064	PermissionsBoundaryPolicyInputList []*string `type:"list"`
33065
33066	// A list of policy documents to include in the simulation. Each document is
33067	// specified as a string containing the complete, valid JSON text of an IAM
33068	// policy. Do not include any resource-based policies in this parameter. Any
33069	// resource-based policy must be submitted with the ResourcePolicy parameter.
33070	// The policies cannot be "scope-down" policies, such as you could include in
33071	// a call to GetFederationToken (https://docs.aws.amazon.com/IAM/latest/APIReference/API_GetFederationToken.html)
33072	// or one of the AssumeRole (https://docs.aws.amazon.com/IAM/latest/APIReference/API_AssumeRole.html)
33073	// API operations. In other words, do not use policies designed to restrict
33074	// what a user can do while using the temporary credentials.
33075	//
33076	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
33077	// parameter is a string of characters consisting of the following:
33078	//
33079	//    * Any printable ASCII character ranging from the space character (\u0020)
33080	//    through the end of the ASCII character range
33081	//
33082	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
33083	//    set (through \u00FF)
33084	//
33085	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
33086	//    return (\u000D)
33087	//
33088	// PolicyInputList is a required field
33089	PolicyInputList []*string `type:"list" required:"true"`
33090
33091	// A list of ARNs of AWS resources to include in the simulation. If this parameter
33092	// is not provided, then the value defaults to * (all resources). Each API in
33093	// the ActionNames parameter is evaluated for each resource in this list. The
33094	// simulation determines the access result (allowed or denied) of each combination
33095	// and reports it in the response. You can simulate resources that don't exist
33096	// in your account.
33097	//
33098	// The simulation does not automatically retrieve policies for the specified
33099	// resources. If you want to include a resource policy in the simulation, then
33100	// you must include the policy as a string in the ResourcePolicy parameter.
33101	//
33102	// If you include a ResourcePolicy, then it must be applicable to all of the
33103	// resources included in the simulation or you receive an invalid input error.
33104	//
33105	// For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
33106	// in the AWS General Reference.
33107	ResourceArns []*string `type:"list"`
33108
33109	// Specifies the type of simulation to run. Different API operations that support
33110	// resource-based policies require different combinations of resources. By specifying
33111	// the type of simulation to run, you enable the policy simulator to enforce
33112	// the presence of the required resources to ensure reliable simulation results.
33113	// If your simulation does not match one of the following scenarios, then you
33114	// can omit this parameter. The following list shows each of the supported scenario
33115	// values and the resources that you must define to run the simulation.
33116	//
33117	// Each of the EC2 scenarios requires that you specify instance, image, and
33118	// security-group resources. If your scenario includes an EBS volume, then you
33119	// must specify that volume as a resource. If the EC2 scenario includes VPC,
33120	// then you must supply the network-interface resource. If it includes an IP
33121	// subnet, then you must specify the subnet resource. For more information on
33122	// the EC2 scenario options, see Supported platforms (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-supported-platforms.html)
33123	// in the Amazon EC2 User Guide.
33124	//
33125	//    * EC2-Classic-InstanceStore instance, image, security-group
33126	//
33127	//    * EC2-Classic-EBS instance, image, security-group, volume
33128	//
33129	//    * EC2-VPC-InstanceStore instance, image, security-group, network-interface
33130	//
33131	//    * EC2-VPC-InstanceStore-Subnet instance, image, security-group, network-interface,
33132	//    subnet
33133	//
33134	//    * EC2-VPC-EBS instance, image, security-group, network-interface, volume
33135	//
33136	//    * EC2-VPC-EBS-Subnet instance, image, security-group, network-interface,
33137	//    subnet, volume
33138	ResourceHandlingOption *string `min:"1" type:"string"`
33139
33140	// An ARN representing the AWS account ID that specifies the owner of any simulated
33141	// resource that does not identify its owner in the resource ARN. Examples of
33142	// resource ARNs include an S3 bucket or object. If ResourceOwner is specified,
33143	// it is also used as the account owner of any ResourcePolicy included in the
33144	// simulation. If the ResourceOwner parameter is not specified, then the owner
33145	// of the resources and the resource policy defaults to the account of the identity
33146	// provided in CallerArn. This parameter is required only if you specify a resource-based
33147	// policy and account that owns the resource is different from the account that
33148	// owns the simulated calling user CallerArn.
33149	//
33150	// The ARN for an account uses the following syntax: arn:aws:iam::AWS-account-ID:root.
33151	// For example, to represent the account with the 112233445566 ID, use the following
33152	// ARN: arn:aws:iam::112233445566-ID:root.
33153	ResourceOwner *string `min:"1" type:"string"`
33154
33155	// A resource-based policy to include in the simulation provided as a string.
33156	// Each resource in the simulation is treated as if it had this policy attached.
33157	// You can include only one resource-based policy in a simulation.
33158	//
33159	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
33160	// parameter is a string of characters consisting of the following:
33161	//
33162	//    * Any printable ASCII character ranging from the space character (\u0020)
33163	//    through the end of the ASCII character range
33164	//
33165	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
33166	//    set (through \u00FF)
33167	//
33168	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
33169	//    return (\u000D)
33170	ResourcePolicy *string `min:"1" type:"string"`
33171}
33172
33173// String returns the string representation
33174func (s SimulateCustomPolicyInput) String() string {
33175	return awsutil.Prettify(s)
33176}
33177
33178// GoString returns the string representation
33179func (s SimulateCustomPolicyInput) GoString() string {
33180	return s.String()
33181}
33182
33183// Validate inspects the fields of the type to determine if they are valid.
33184func (s *SimulateCustomPolicyInput) Validate() error {
33185	invalidParams := request.ErrInvalidParams{Context: "SimulateCustomPolicyInput"}
33186	if s.ActionNames == nil {
33187		invalidParams.Add(request.NewErrParamRequired("ActionNames"))
33188	}
33189	if s.CallerArn != nil && len(*s.CallerArn) < 1 {
33190		invalidParams.Add(request.NewErrParamMinLen("CallerArn", 1))
33191	}
33192	if s.Marker != nil && len(*s.Marker) < 1 {
33193		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
33194	}
33195	if s.MaxItems != nil && *s.MaxItems < 1 {
33196		invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1))
33197	}
33198	if s.PolicyInputList == nil {
33199		invalidParams.Add(request.NewErrParamRequired("PolicyInputList"))
33200	}
33201	if s.ResourceHandlingOption != nil && len(*s.ResourceHandlingOption) < 1 {
33202		invalidParams.Add(request.NewErrParamMinLen("ResourceHandlingOption", 1))
33203	}
33204	if s.ResourceOwner != nil && len(*s.ResourceOwner) < 1 {
33205		invalidParams.Add(request.NewErrParamMinLen("ResourceOwner", 1))
33206	}
33207	if s.ResourcePolicy != nil && len(*s.ResourcePolicy) < 1 {
33208		invalidParams.Add(request.NewErrParamMinLen("ResourcePolicy", 1))
33209	}
33210	if s.ContextEntries != nil {
33211		for i, v := range s.ContextEntries {
33212			if v == nil {
33213				continue
33214			}
33215			if err := v.Validate(); err != nil {
33216				invalidParams.AddNested(fmt.Sprintf("%s[%v]", "ContextEntries", i), err.(request.ErrInvalidParams))
33217			}
33218		}
33219	}
33220
33221	if invalidParams.Len() > 0 {
33222		return invalidParams
33223	}
33224	return nil
33225}
33226
33227// SetActionNames sets the ActionNames field's value.
33228func (s *SimulateCustomPolicyInput) SetActionNames(v []*string) *SimulateCustomPolicyInput {
33229	s.ActionNames = v
33230	return s
33231}
33232
33233// SetCallerArn sets the CallerArn field's value.
33234func (s *SimulateCustomPolicyInput) SetCallerArn(v string) *SimulateCustomPolicyInput {
33235	s.CallerArn = &v
33236	return s
33237}
33238
33239// SetContextEntries sets the ContextEntries field's value.
33240func (s *SimulateCustomPolicyInput) SetContextEntries(v []*ContextEntry) *SimulateCustomPolicyInput {
33241	s.ContextEntries = v
33242	return s
33243}
33244
33245// SetMarker sets the Marker field's value.
33246func (s *SimulateCustomPolicyInput) SetMarker(v string) *SimulateCustomPolicyInput {
33247	s.Marker = &v
33248	return s
33249}
33250
33251// SetMaxItems sets the MaxItems field's value.
33252func (s *SimulateCustomPolicyInput) SetMaxItems(v int64) *SimulateCustomPolicyInput {
33253	s.MaxItems = &v
33254	return s
33255}
33256
33257// SetPermissionsBoundaryPolicyInputList sets the PermissionsBoundaryPolicyInputList field's value.
33258func (s *SimulateCustomPolicyInput) SetPermissionsBoundaryPolicyInputList(v []*string) *SimulateCustomPolicyInput {
33259	s.PermissionsBoundaryPolicyInputList = v
33260	return s
33261}
33262
33263// SetPolicyInputList sets the PolicyInputList field's value.
33264func (s *SimulateCustomPolicyInput) SetPolicyInputList(v []*string) *SimulateCustomPolicyInput {
33265	s.PolicyInputList = v
33266	return s
33267}
33268
33269// SetResourceArns sets the ResourceArns field's value.
33270func (s *SimulateCustomPolicyInput) SetResourceArns(v []*string) *SimulateCustomPolicyInput {
33271	s.ResourceArns = v
33272	return s
33273}
33274
33275// SetResourceHandlingOption sets the ResourceHandlingOption field's value.
33276func (s *SimulateCustomPolicyInput) SetResourceHandlingOption(v string) *SimulateCustomPolicyInput {
33277	s.ResourceHandlingOption = &v
33278	return s
33279}
33280
33281// SetResourceOwner sets the ResourceOwner field's value.
33282func (s *SimulateCustomPolicyInput) SetResourceOwner(v string) *SimulateCustomPolicyInput {
33283	s.ResourceOwner = &v
33284	return s
33285}
33286
33287// SetResourcePolicy sets the ResourcePolicy field's value.
33288func (s *SimulateCustomPolicyInput) SetResourcePolicy(v string) *SimulateCustomPolicyInput {
33289	s.ResourcePolicy = &v
33290	return s
33291}
33292
33293// Contains the response to a successful SimulatePrincipalPolicy or SimulateCustomPolicy
33294// request.
33295type SimulatePolicyResponse struct {
33296	_ struct{} `type:"structure"`
33297
33298	// The results of the simulation.
33299	EvaluationResults []*EvaluationResult `type:"list"`
33300
33301	// A flag that indicates whether there are more items to return. If your results
33302	// were truncated, you can make a subsequent pagination request using the Marker
33303	// request parameter to retrieve more items. Note that IAM might return fewer
33304	// than the MaxItems number of results even when there are more results available.
33305	// We recommend that you check IsTruncated after every call to ensure that you
33306	// receive all your results.
33307	IsTruncated *bool `type:"boolean"`
33308
33309	// When IsTruncated is true, this element is present and contains the value
33310	// to use for the Marker parameter in a subsequent pagination request.
33311	Marker *string `type:"string"`
33312}
33313
33314// String returns the string representation
33315func (s SimulatePolicyResponse) String() string {
33316	return awsutil.Prettify(s)
33317}
33318
33319// GoString returns the string representation
33320func (s SimulatePolicyResponse) GoString() string {
33321	return s.String()
33322}
33323
33324// SetEvaluationResults sets the EvaluationResults field's value.
33325func (s *SimulatePolicyResponse) SetEvaluationResults(v []*EvaluationResult) *SimulatePolicyResponse {
33326	s.EvaluationResults = v
33327	return s
33328}
33329
33330// SetIsTruncated sets the IsTruncated field's value.
33331func (s *SimulatePolicyResponse) SetIsTruncated(v bool) *SimulatePolicyResponse {
33332	s.IsTruncated = &v
33333	return s
33334}
33335
33336// SetMarker sets the Marker field's value.
33337func (s *SimulatePolicyResponse) SetMarker(v string) *SimulatePolicyResponse {
33338	s.Marker = &v
33339	return s
33340}
33341
33342type SimulatePrincipalPolicyInput struct {
33343	_ struct{} `type:"structure"`
33344
33345	// A list of names of API operations to evaluate in the simulation. Each operation
33346	// is evaluated for each resource. Each operation must include the service identifier,
33347	// such as iam:CreateUser.
33348	//
33349	// ActionNames is a required field
33350	ActionNames []*string `type:"list" required:"true"`
33351
33352	// The ARN of the IAM user that you want to specify as the simulated caller
33353	// of the API operations. If you do not specify a CallerArn, it defaults to
33354	// the ARN of the user that you specify in PolicySourceArn, if you specified
33355	// a user. If you include both a PolicySourceArn (for example, arn:aws:iam::123456789012:user/David)
33356	// and a CallerArn (for example, arn:aws:iam::123456789012:user/Bob), the result
33357	// is that you simulate calling the API operations as Bob, as if Bob had David's
33358	// policies.
33359	//
33360	// You can specify only the ARN of an IAM user. You cannot specify the ARN of
33361	// an assumed role, federated user, or a service principal.
33362	//
33363	// CallerArn is required if you include a ResourcePolicy and the PolicySourceArn
33364	// is not the ARN for an IAM user. This is required so that the resource-based
33365	// policy's Principal element has a value to use in evaluating the policy.
33366	//
33367	// For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
33368	// in the AWS General Reference.
33369	CallerArn *string `min:"1" type:"string"`
33370
33371	// A list of context keys and corresponding values for the simulation to use.
33372	// Whenever a context key is evaluated in one of the simulated IAM permissions
33373	// policies, the corresponding value is supplied.
33374	ContextEntries []*ContextEntry `type:"list"`
33375
33376	// Use this parameter only when paginating results and only after you receive
33377	// a response indicating that the results are truncated. Set it to the value
33378	// of the Marker element in the response that you received to indicate where
33379	// the next call should start.
33380	Marker *string `min:"1" type:"string"`
33381
33382	// Use this only when paginating results to indicate the maximum number of items
33383	// you want in the response. If additional items exist beyond the maximum you
33384	// specify, the IsTruncated response element is true.
33385	//
33386	// If you do not include this parameter, the number of items defaults to 100.
33387	// Note that IAM might return fewer results, even when there are more results
33388	// available. In that case, the IsTruncated response element returns true, and
33389	// Marker contains a value to include in the subsequent call that tells the
33390	// service where to continue from.
33391	MaxItems *int64 `min:"1" type:"integer"`
33392
33393	// The IAM permissions boundary policy to simulate. The permissions boundary
33394	// sets the maximum permissions that the entity can have. You can input only
33395	// one permissions boundary when you pass a policy to this operation. An IAM
33396	// entity can only have one permissions boundary in effect at a time. For example,
33397	// if a permissions boundary is attached to an entity and you pass in a different
33398	// permissions boundary policy using this parameter, then the new permissions
33399	// boundary policy is used for the simulation. For more information about permissions
33400	// boundaries, see Permissions boundaries for IAM entities (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html)
33401	// in the IAM User Guide. The policy input is specified as a string containing
33402	// the complete, valid JSON text of a permissions boundary policy.
33403	//
33404	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
33405	// parameter is a string of characters consisting of the following:
33406	//
33407	//    * Any printable ASCII character ranging from the space character (\u0020)
33408	//    through the end of the ASCII character range
33409	//
33410	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
33411	//    set (through \u00FF)
33412	//
33413	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
33414	//    return (\u000D)
33415	PermissionsBoundaryPolicyInputList []*string `type:"list"`
33416
33417	// An optional list of additional policy documents to include in the simulation.
33418	// Each document is specified as a string containing the complete, valid JSON
33419	// text of an IAM policy.
33420	//
33421	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
33422	// parameter is a string of characters consisting of the following:
33423	//
33424	//    * Any printable ASCII character ranging from the space character (\u0020)
33425	//    through the end of the ASCII character range
33426	//
33427	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
33428	//    set (through \u00FF)
33429	//
33430	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
33431	//    return (\u000D)
33432	PolicyInputList []*string `type:"list"`
33433
33434	// The Amazon Resource Name (ARN) of a user, group, or role whose policies you
33435	// want to include in the simulation. If you specify a user, group, or role,
33436	// the simulation includes all policies that are associated with that entity.
33437	// If you specify a user, the simulation also includes all policies that are
33438	// attached to any groups the user belongs to.
33439	//
33440	// For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
33441	// in the AWS General Reference.
33442	//
33443	// PolicySourceArn is a required field
33444	PolicySourceArn *string `min:"20" type:"string" required:"true"`
33445
33446	// A list of ARNs of AWS resources to include in the simulation. If this parameter
33447	// is not provided, then the value defaults to * (all resources). Each API in
33448	// the ActionNames parameter is evaluated for each resource in this list. The
33449	// simulation determines the access result (allowed or denied) of each combination
33450	// and reports it in the response. You can simulate resources that don't exist
33451	// in your account.
33452	//
33453	// The simulation does not automatically retrieve policies for the specified
33454	// resources. If you want to include a resource policy in the simulation, then
33455	// you must include the policy as a string in the ResourcePolicy parameter.
33456	//
33457	// For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
33458	// in the AWS General Reference.
33459	ResourceArns []*string `type:"list"`
33460
33461	// Specifies the type of simulation to run. Different API operations that support
33462	// resource-based policies require different combinations of resources. By specifying
33463	// the type of simulation to run, you enable the policy simulator to enforce
33464	// the presence of the required resources to ensure reliable simulation results.
33465	// If your simulation does not match one of the following scenarios, then you
33466	// can omit this parameter. The following list shows each of the supported scenario
33467	// values and the resources that you must define to run the simulation.
33468	//
33469	// Each of the EC2 scenarios requires that you specify instance, image, and
33470	// security group resources. If your scenario includes an EBS volume, then you
33471	// must specify that volume as a resource. If the EC2 scenario includes VPC,
33472	// then you must supply the network interface resource. If it includes an IP
33473	// subnet, then you must specify the subnet resource. For more information on
33474	// the EC2 scenario options, see Supported platforms (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-supported-platforms.html)
33475	// in the Amazon EC2 User Guide.
33476	//
33477	//    * EC2-Classic-InstanceStore instance, image, security group
33478	//
33479	//    * EC2-Classic-EBS instance, image, security group, volume
33480	//
33481	//    * EC2-VPC-InstanceStore instance, image, security group, network interface
33482	//
33483	//    * EC2-VPC-InstanceStore-Subnet instance, image, security group, network
33484	//    interface, subnet
33485	//
33486	//    * EC2-VPC-EBS instance, image, security group, network interface, volume
33487	//
33488	//    * EC2-VPC-EBS-Subnet instance, image, security group, network interface,
33489	//    subnet, volume
33490	ResourceHandlingOption *string `min:"1" type:"string"`
33491
33492	// An AWS account ID that specifies the owner of any simulated resource that
33493	// does not identify its owner in the resource ARN. Examples of resource ARNs
33494	// include an S3 bucket or object. If ResourceOwner is specified, it is also
33495	// used as the account owner of any ResourcePolicy included in the simulation.
33496	// If the ResourceOwner parameter is not specified, then the owner of the resources
33497	// and the resource policy defaults to the account of the identity provided
33498	// in CallerArn. This parameter is required only if you specify a resource-based
33499	// policy and account that owns the resource is different from the account that
33500	// owns the simulated calling user CallerArn.
33501	ResourceOwner *string `min:"1" type:"string"`
33502
33503	// A resource-based policy to include in the simulation provided as a string.
33504	// Each resource in the simulation is treated as if it had this policy attached.
33505	// You can include only one resource-based policy in a simulation.
33506	//
33507	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
33508	// parameter is a string of characters consisting of the following:
33509	//
33510	//    * Any printable ASCII character ranging from the space character (\u0020)
33511	//    through the end of the ASCII character range
33512	//
33513	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
33514	//    set (through \u00FF)
33515	//
33516	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
33517	//    return (\u000D)
33518	ResourcePolicy *string `min:"1" type:"string"`
33519}
33520
33521// String returns the string representation
33522func (s SimulatePrincipalPolicyInput) String() string {
33523	return awsutil.Prettify(s)
33524}
33525
33526// GoString returns the string representation
33527func (s SimulatePrincipalPolicyInput) GoString() string {
33528	return s.String()
33529}
33530
33531// Validate inspects the fields of the type to determine if they are valid.
33532func (s *SimulatePrincipalPolicyInput) Validate() error {
33533	invalidParams := request.ErrInvalidParams{Context: "SimulatePrincipalPolicyInput"}
33534	if s.ActionNames == nil {
33535		invalidParams.Add(request.NewErrParamRequired("ActionNames"))
33536	}
33537	if s.CallerArn != nil && len(*s.CallerArn) < 1 {
33538		invalidParams.Add(request.NewErrParamMinLen("CallerArn", 1))
33539	}
33540	if s.Marker != nil && len(*s.Marker) < 1 {
33541		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
33542	}
33543	if s.MaxItems != nil && *s.MaxItems < 1 {
33544		invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1))
33545	}
33546	if s.PolicySourceArn == nil {
33547		invalidParams.Add(request.NewErrParamRequired("PolicySourceArn"))
33548	}
33549	if s.PolicySourceArn != nil && len(*s.PolicySourceArn) < 20 {
33550		invalidParams.Add(request.NewErrParamMinLen("PolicySourceArn", 20))
33551	}
33552	if s.ResourceHandlingOption != nil && len(*s.ResourceHandlingOption) < 1 {
33553		invalidParams.Add(request.NewErrParamMinLen("ResourceHandlingOption", 1))
33554	}
33555	if s.ResourceOwner != nil && len(*s.ResourceOwner) < 1 {
33556		invalidParams.Add(request.NewErrParamMinLen("ResourceOwner", 1))
33557	}
33558	if s.ResourcePolicy != nil && len(*s.ResourcePolicy) < 1 {
33559		invalidParams.Add(request.NewErrParamMinLen("ResourcePolicy", 1))
33560	}
33561	if s.ContextEntries != nil {
33562		for i, v := range s.ContextEntries {
33563			if v == nil {
33564				continue
33565			}
33566			if err := v.Validate(); err != nil {
33567				invalidParams.AddNested(fmt.Sprintf("%s[%v]", "ContextEntries", i), err.(request.ErrInvalidParams))
33568			}
33569		}
33570	}
33571
33572	if invalidParams.Len() > 0 {
33573		return invalidParams
33574	}
33575	return nil
33576}
33577
33578// SetActionNames sets the ActionNames field's value.
33579func (s *SimulatePrincipalPolicyInput) SetActionNames(v []*string) *SimulatePrincipalPolicyInput {
33580	s.ActionNames = v
33581	return s
33582}
33583
33584// SetCallerArn sets the CallerArn field's value.
33585func (s *SimulatePrincipalPolicyInput) SetCallerArn(v string) *SimulatePrincipalPolicyInput {
33586	s.CallerArn = &v
33587	return s
33588}
33589
33590// SetContextEntries sets the ContextEntries field's value.
33591func (s *SimulatePrincipalPolicyInput) SetContextEntries(v []*ContextEntry) *SimulatePrincipalPolicyInput {
33592	s.ContextEntries = v
33593	return s
33594}
33595
33596// SetMarker sets the Marker field's value.
33597func (s *SimulatePrincipalPolicyInput) SetMarker(v string) *SimulatePrincipalPolicyInput {
33598	s.Marker = &v
33599	return s
33600}
33601
33602// SetMaxItems sets the MaxItems field's value.
33603func (s *SimulatePrincipalPolicyInput) SetMaxItems(v int64) *SimulatePrincipalPolicyInput {
33604	s.MaxItems = &v
33605	return s
33606}
33607
33608// SetPermissionsBoundaryPolicyInputList sets the PermissionsBoundaryPolicyInputList field's value.
33609func (s *SimulatePrincipalPolicyInput) SetPermissionsBoundaryPolicyInputList(v []*string) *SimulatePrincipalPolicyInput {
33610	s.PermissionsBoundaryPolicyInputList = v
33611	return s
33612}
33613
33614// SetPolicyInputList sets the PolicyInputList field's value.
33615func (s *SimulatePrincipalPolicyInput) SetPolicyInputList(v []*string) *SimulatePrincipalPolicyInput {
33616	s.PolicyInputList = v
33617	return s
33618}
33619
33620// SetPolicySourceArn sets the PolicySourceArn field's value.
33621func (s *SimulatePrincipalPolicyInput) SetPolicySourceArn(v string) *SimulatePrincipalPolicyInput {
33622	s.PolicySourceArn = &v
33623	return s
33624}
33625
33626// SetResourceArns sets the ResourceArns field's value.
33627func (s *SimulatePrincipalPolicyInput) SetResourceArns(v []*string) *SimulatePrincipalPolicyInput {
33628	s.ResourceArns = v
33629	return s
33630}
33631
33632// SetResourceHandlingOption sets the ResourceHandlingOption field's value.
33633func (s *SimulatePrincipalPolicyInput) SetResourceHandlingOption(v string) *SimulatePrincipalPolicyInput {
33634	s.ResourceHandlingOption = &v
33635	return s
33636}
33637
33638// SetResourceOwner sets the ResourceOwner field's value.
33639func (s *SimulatePrincipalPolicyInput) SetResourceOwner(v string) *SimulatePrincipalPolicyInput {
33640	s.ResourceOwner = &v
33641	return s
33642}
33643
33644// SetResourcePolicy sets the ResourcePolicy field's value.
33645func (s *SimulatePrincipalPolicyInput) SetResourcePolicy(v string) *SimulatePrincipalPolicyInput {
33646	s.ResourcePolicy = &v
33647	return s
33648}
33649
33650// Contains a reference to a Statement element in a policy document that determines
33651// the result of the simulation.
33652//
33653// This data type is used by the MatchedStatements member of the EvaluationResult
33654// type.
33655type Statement struct {
33656	_ struct{} `type:"structure"`
33657
33658	// The row and column of the end of a Statement in an IAM policy.
33659	EndPosition *Position `type:"structure"`
33660
33661	// The identifier of the policy that was provided as an input.
33662	SourcePolicyId *string `type:"string"`
33663
33664	// The type of the policy.
33665	SourcePolicyType *string `type:"string" enum:"PolicySourceType"`
33666
33667	// The row and column of the beginning of the Statement in an IAM policy.
33668	StartPosition *Position `type:"structure"`
33669}
33670
33671// String returns the string representation
33672func (s Statement) String() string {
33673	return awsutil.Prettify(s)
33674}
33675
33676// GoString returns the string representation
33677func (s Statement) GoString() string {
33678	return s.String()
33679}
33680
33681// SetEndPosition sets the EndPosition field's value.
33682func (s *Statement) SetEndPosition(v *Position) *Statement {
33683	s.EndPosition = v
33684	return s
33685}
33686
33687// SetSourcePolicyId sets the SourcePolicyId field's value.
33688func (s *Statement) SetSourcePolicyId(v string) *Statement {
33689	s.SourcePolicyId = &v
33690	return s
33691}
33692
33693// SetSourcePolicyType sets the SourcePolicyType field's value.
33694func (s *Statement) SetSourcePolicyType(v string) *Statement {
33695	s.SourcePolicyType = &v
33696	return s
33697}
33698
33699// SetStartPosition sets the StartPosition field's value.
33700func (s *Statement) SetStartPosition(v *Position) *Statement {
33701	s.StartPosition = v
33702	return s
33703}
33704
33705// A structure that represents user-provided metadata that can be associated
33706// with an IAM resource. For more information about tagging, see Tagging IAM
33707// resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
33708// in the IAM User Guide.
33709type Tag struct {
33710	_ struct{} `type:"structure"`
33711
33712	// The key name that can be used to look up or retrieve the associated value.
33713	// For example, Department or Cost Center are common choices.
33714	//
33715	// Key is a required field
33716	Key *string `min:"1" type:"string" required:"true"`
33717
33718	// The value associated with this tag. For example, tags with a key name of
33719	// Department could have values such as Human Resources, Accounting, and Support.
33720	// Tags with a key name of Cost Center might have values that consist of the
33721	// number associated with the different cost centers in your company. Typically,
33722	// many resources have tags with the same key name but with different values.
33723	//
33724	// AWS always interprets the tag Value as a single string. If you need to store
33725	// an array, you can store comma-separated values in the string. However, you
33726	// must interpret the value in your code.
33727	//
33728	// Value is a required field
33729	Value *string `type:"string" required:"true"`
33730}
33731
33732// String returns the string representation
33733func (s Tag) String() string {
33734	return awsutil.Prettify(s)
33735}
33736
33737// GoString returns the string representation
33738func (s Tag) GoString() string {
33739	return s.String()
33740}
33741
33742// Validate inspects the fields of the type to determine if they are valid.
33743func (s *Tag) Validate() error {
33744	invalidParams := request.ErrInvalidParams{Context: "Tag"}
33745	if s.Key == nil {
33746		invalidParams.Add(request.NewErrParamRequired("Key"))
33747	}
33748	if s.Key != nil && len(*s.Key) < 1 {
33749		invalidParams.Add(request.NewErrParamMinLen("Key", 1))
33750	}
33751	if s.Value == nil {
33752		invalidParams.Add(request.NewErrParamRequired("Value"))
33753	}
33754
33755	if invalidParams.Len() > 0 {
33756		return invalidParams
33757	}
33758	return nil
33759}
33760
33761// SetKey sets the Key field's value.
33762func (s *Tag) SetKey(v string) *Tag {
33763	s.Key = &v
33764	return s
33765}
33766
33767// SetValue sets the Value field's value.
33768func (s *Tag) SetValue(v string) *Tag {
33769	s.Value = &v
33770	return s
33771}
33772
33773type TagInstanceProfileInput struct {
33774	_ struct{} `type:"structure"`
33775
33776	// The name of the IAM instance profile to which you want to add tags.
33777	//
33778	// This parameter accepts (through its regex pattern (http://wikipedia.org/wiki/regex))
33779	// a string of characters that consist of upper and lowercase alphanumeric characters
33780	// with no spaces. You can also include any of the following characters: =,.@-
33781	//
33782	// InstanceProfileName is a required field
33783	InstanceProfileName *string `min:"1" type:"string" required:"true"`
33784
33785	// The list of tags that you want to attach to the IAM instance profile. Each
33786	// tag consists of a key name and an associated value.
33787	//
33788	// Tags is a required field
33789	Tags []*Tag `type:"list" required:"true"`
33790}
33791
33792// String returns the string representation
33793func (s TagInstanceProfileInput) String() string {
33794	return awsutil.Prettify(s)
33795}
33796
33797// GoString returns the string representation
33798func (s TagInstanceProfileInput) GoString() string {
33799	return s.String()
33800}
33801
33802// Validate inspects the fields of the type to determine if they are valid.
33803func (s *TagInstanceProfileInput) Validate() error {
33804	invalidParams := request.ErrInvalidParams{Context: "TagInstanceProfileInput"}
33805	if s.InstanceProfileName == nil {
33806		invalidParams.Add(request.NewErrParamRequired("InstanceProfileName"))
33807	}
33808	if s.InstanceProfileName != nil && len(*s.InstanceProfileName) < 1 {
33809		invalidParams.Add(request.NewErrParamMinLen("InstanceProfileName", 1))
33810	}
33811	if s.Tags == nil {
33812		invalidParams.Add(request.NewErrParamRequired("Tags"))
33813	}
33814	if s.Tags != nil {
33815		for i, v := range s.Tags {
33816			if v == nil {
33817				continue
33818			}
33819			if err := v.Validate(); err != nil {
33820				invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Tags", i), err.(request.ErrInvalidParams))
33821			}
33822		}
33823	}
33824
33825	if invalidParams.Len() > 0 {
33826		return invalidParams
33827	}
33828	return nil
33829}
33830
33831// SetInstanceProfileName sets the InstanceProfileName field's value.
33832func (s *TagInstanceProfileInput) SetInstanceProfileName(v string) *TagInstanceProfileInput {
33833	s.InstanceProfileName = &v
33834	return s
33835}
33836
33837// SetTags sets the Tags field's value.
33838func (s *TagInstanceProfileInput) SetTags(v []*Tag) *TagInstanceProfileInput {
33839	s.Tags = v
33840	return s
33841}
33842
33843type TagInstanceProfileOutput struct {
33844	_ struct{} `type:"structure"`
33845}
33846
33847// String returns the string representation
33848func (s TagInstanceProfileOutput) String() string {
33849	return awsutil.Prettify(s)
33850}
33851
33852// GoString returns the string representation
33853func (s TagInstanceProfileOutput) GoString() string {
33854	return s.String()
33855}
33856
33857type TagMFADeviceInput struct {
33858	_ struct{} `type:"structure"`
33859
33860	// The unique identifier for the IAM virtual MFA device to which you want to
33861	// add tags. For virtual MFA devices, the serial number is the same as the ARN.
33862	//
33863	// This parameter accepts (through its regex pattern (http://wikipedia.org/wiki/regex))
33864	// a string of characters that consist of upper and lowercase alphanumeric characters
33865	// with no spaces. You can also include any of the following characters: =,.@-
33866	//
33867	// SerialNumber is a required field
33868	SerialNumber *string `min:"9" type:"string" required:"true"`
33869
33870	// The list of tags that you want to attach to the IAM virtual MFA device. Each
33871	// tag consists of a key name and an associated value.
33872	//
33873	// Tags is a required field
33874	Tags []*Tag `type:"list" required:"true"`
33875}
33876
33877// String returns the string representation
33878func (s TagMFADeviceInput) String() string {
33879	return awsutil.Prettify(s)
33880}
33881
33882// GoString returns the string representation
33883func (s TagMFADeviceInput) GoString() string {
33884	return s.String()
33885}
33886
33887// Validate inspects the fields of the type to determine if they are valid.
33888func (s *TagMFADeviceInput) Validate() error {
33889	invalidParams := request.ErrInvalidParams{Context: "TagMFADeviceInput"}
33890	if s.SerialNumber == nil {
33891		invalidParams.Add(request.NewErrParamRequired("SerialNumber"))
33892	}
33893	if s.SerialNumber != nil && len(*s.SerialNumber) < 9 {
33894		invalidParams.Add(request.NewErrParamMinLen("SerialNumber", 9))
33895	}
33896	if s.Tags == nil {
33897		invalidParams.Add(request.NewErrParamRequired("Tags"))
33898	}
33899	if s.Tags != nil {
33900		for i, v := range s.Tags {
33901			if v == nil {
33902				continue
33903			}
33904			if err := v.Validate(); err != nil {
33905				invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Tags", i), err.(request.ErrInvalidParams))
33906			}
33907		}
33908	}
33909
33910	if invalidParams.Len() > 0 {
33911		return invalidParams
33912	}
33913	return nil
33914}
33915
33916// SetSerialNumber sets the SerialNumber field's value.
33917func (s *TagMFADeviceInput) SetSerialNumber(v string) *TagMFADeviceInput {
33918	s.SerialNumber = &v
33919	return s
33920}
33921
33922// SetTags sets the Tags field's value.
33923func (s *TagMFADeviceInput) SetTags(v []*Tag) *TagMFADeviceInput {
33924	s.Tags = v
33925	return s
33926}
33927
33928type TagMFADeviceOutput struct {
33929	_ struct{} `type:"structure"`
33930}
33931
33932// String returns the string representation
33933func (s TagMFADeviceOutput) String() string {
33934	return awsutil.Prettify(s)
33935}
33936
33937// GoString returns the string representation
33938func (s TagMFADeviceOutput) GoString() string {
33939	return s.String()
33940}
33941
33942type TagOpenIDConnectProviderInput struct {
33943	_ struct{} `type:"structure"`
33944
33945	// The ARN of the OIDC identity provider in IAM to which you want to add tags.
33946	//
33947	// This parameter accepts (through its regex pattern (http://wikipedia.org/wiki/regex))
33948	// a string of characters that consist of upper and lowercase alphanumeric characters
33949	// with no spaces. You can also include any of the following characters: =,.@-
33950	//
33951	// OpenIDConnectProviderArn is a required field
33952	OpenIDConnectProviderArn *string `min:"20" type:"string" required:"true"`
33953
33954	// The list of tags that you want to attach to the OIDC identity provider in
33955	// IAM. Each tag consists of a key name and an associated value.
33956	//
33957	// Tags is a required field
33958	Tags []*Tag `type:"list" required:"true"`
33959}
33960
33961// String returns the string representation
33962func (s TagOpenIDConnectProviderInput) String() string {
33963	return awsutil.Prettify(s)
33964}
33965
33966// GoString returns the string representation
33967func (s TagOpenIDConnectProviderInput) GoString() string {
33968	return s.String()
33969}
33970
33971// Validate inspects the fields of the type to determine if they are valid.
33972func (s *TagOpenIDConnectProviderInput) Validate() error {
33973	invalidParams := request.ErrInvalidParams{Context: "TagOpenIDConnectProviderInput"}
33974	if s.OpenIDConnectProviderArn == nil {
33975		invalidParams.Add(request.NewErrParamRequired("OpenIDConnectProviderArn"))
33976	}
33977	if s.OpenIDConnectProviderArn != nil && len(*s.OpenIDConnectProviderArn) < 20 {
33978		invalidParams.Add(request.NewErrParamMinLen("OpenIDConnectProviderArn", 20))
33979	}
33980	if s.Tags == nil {
33981		invalidParams.Add(request.NewErrParamRequired("Tags"))
33982	}
33983	if s.Tags != nil {
33984		for i, v := range s.Tags {
33985			if v == nil {
33986				continue
33987			}
33988			if err := v.Validate(); err != nil {
33989				invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Tags", i), err.(request.ErrInvalidParams))
33990			}
33991		}
33992	}
33993
33994	if invalidParams.Len() > 0 {
33995		return invalidParams
33996	}
33997	return nil
33998}
33999
34000// SetOpenIDConnectProviderArn sets the OpenIDConnectProviderArn field's value.
34001func (s *TagOpenIDConnectProviderInput) SetOpenIDConnectProviderArn(v string) *TagOpenIDConnectProviderInput {
34002	s.OpenIDConnectProviderArn = &v
34003	return s
34004}
34005
34006// SetTags sets the Tags field's value.
34007func (s *TagOpenIDConnectProviderInput) SetTags(v []*Tag) *TagOpenIDConnectProviderInput {
34008	s.Tags = v
34009	return s
34010}
34011
34012type TagOpenIDConnectProviderOutput struct {
34013	_ struct{} `type:"structure"`
34014}
34015
34016// String returns the string representation
34017func (s TagOpenIDConnectProviderOutput) String() string {
34018	return awsutil.Prettify(s)
34019}
34020
34021// GoString returns the string representation
34022func (s TagOpenIDConnectProviderOutput) GoString() string {
34023	return s.String()
34024}
34025
34026type TagPolicyInput struct {
34027	_ struct{} `type:"structure"`
34028
34029	// The ARN of the IAM customer managed policy to which you want to add tags.
34030	//
34031	// This parameter accepts (through its regex pattern (http://wikipedia.org/wiki/regex))
34032	// a string of characters that consist of upper and lowercase alphanumeric characters
34033	// with no spaces. You can also include any of the following characters: =,.@-
34034	//
34035	// PolicyArn is a required field
34036	PolicyArn *string `min:"20" type:"string" required:"true"`
34037
34038	// The list of tags that you want to attach to the IAM customer managed policy.
34039	// Each tag consists of a key name and an associated value.
34040	//
34041	// Tags is a required field
34042	Tags []*Tag `type:"list" required:"true"`
34043}
34044
34045// String returns the string representation
34046func (s TagPolicyInput) String() string {
34047	return awsutil.Prettify(s)
34048}
34049
34050// GoString returns the string representation
34051func (s TagPolicyInput) GoString() string {
34052	return s.String()
34053}
34054
34055// Validate inspects the fields of the type to determine if they are valid.
34056func (s *TagPolicyInput) Validate() error {
34057	invalidParams := request.ErrInvalidParams{Context: "TagPolicyInput"}
34058	if s.PolicyArn == nil {
34059		invalidParams.Add(request.NewErrParamRequired("PolicyArn"))
34060	}
34061	if s.PolicyArn != nil && len(*s.PolicyArn) < 20 {
34062		invalidParams.Add(request.NewErrParamMinLen("PolicyArn", 20))
34063	}
34064	if s.Tags == nil {
34065		invalidParams.Add(request.NewErrParamRequired("Tags"))
34066	}
34067	if s.Tags != nil {
34068		for i, v := range s.Tags {
34069			if v == nil {
34070				continue
34071			}
34072			if err := v.Validate(); err != nil {
34073				invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Tags", i), err.(request.ErrInvalidParams))
34074			}
34075		}
34076	}
34077
34078	if invalidParams.Len() > 0 {
34079		return invalidParams
34080	}
34081	return nil
34082}
34083
34084// SetPolicyArn sets the PolicyArn field's value.
34085func (s *TagPolicyInput) SetPolicyArn(v string) *TagPolicyInput {
34086	s.PolicyArn = &v
34087	return s
34088}
34089
34090// SetTags sets the Tags field's value.
34091func (s *TagPolicyInput) SetTags(v []*Tag) *TagPolicyInput {
34092	s.Tags = v
34093	return s
34094}
34095
34096type TagPolicyOutput struct {
34097	_ struct{} `type:"structure"`
34098}
34099
34100// String returns the string representation
34101func (s TagPolicyOutput) String() string {
34102	return awsutil.Prettify(s)
34103}
34104
34105// GoString returns the string representation
34106func (s TagPolicyOutput) GoString() string {
34107	return s.String()
34108}
34109
34110type TagRoleInput struct {
34111	_ struct{} `type:"structure"`
34112
34113	// The name of the IAM role to which you want to add tags.
34114	//
34115	// This parameter accepts (through its regex pattern (http://wikipedia.org/wiki/regex))
34116	// a string of characters that consist of upper and lowercase alphanumeric characters
34117	// with no spaces. You can also include any of the following characters: _+=,.@-
34118	//
34119	// RoleName is a required field
34120	RoleName *string `min:"1" type:"string" required:"true"`
34121
34122	// The list of tags that you want to attach to the IAM role. Each tag consists
34123	// of a key name and an associated value.
34124	//
34125	// Tags is a required field
34126	Tags []*Tag `type:"list" required:"true"`
34127}
34128
34129// String returns the string representation
34130func (s TagRoleInput) String() string {
34131	return awsutil.Prettify(s)
34132}
34133
34134// GoString returns the string representation
34135func (s TagRoleInput) GoString() string {
34136	return s.String()
34137}
34138
34139// Validate inspects the fields of the type to determine if they are valid.
34140func (s *TagRoleInput) Validate() error {
34141	invalidParams := request.ErrInvalidParams{Context: "TagRoleInput"}
34142	if s.RoleName == nil {
34143		invalidParams.Add(request.NewErrParamRequired("RoleName"))
34144	}
34145	if s.RoleName != nil && len(*s.RoleName) < 1 {
34146		invalidParams.Add(request.NewErrParamMinLen("RoleName", 1))
34147	}
34148	if s.Tags == nil {
34149		invalidParams.Add(request.NewErrParamRequired("Tags"))
34150	}
34151	if s.Tags != nil {
34152		for i, v := range s.Tags {
34153			if v == nil {
34154				continue
34155			}
34156			if err := v.Validate(); err != nil {
34157				invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Tags", i), err.(request.ErrInvalidParams))
34158			}
34159		}
34160	}
34161
34162	if invalidParams.Len() > 0 {
34163		return invalidParams
34164	}
34165	return nil
34166}
34167
34168// SetRoleName sets the RoleName field's value.
34169func (s *TagRoleInput) SetRoleName(v string) *TagRoleInput {
34170	s.RoleName = &v
34171	return s
34172}
34173
34174// SetTags sets the Tags field's value.
34175func (s *TagRoleInput) SetTags(v []*Tag) *TagRoleInput {
34176	s.Tags = v
34177	return s
34178}
34179
34180type TagRoleOutput struct {
34181	_ struct{} `type:"structure"`
34182}
34183
34184// String returns the string representation
34185func (s TagRoleOutput) String() string {
34186	return awsutil.Prettify(s)
34187}
34188
34189// GoString returns the string representation
34190func (s TagRoleOutput) GoString() string {
34191	return s.String()
34192}
34193
34194type TagSAMLProviderInput struct {
34195	_ struct{} `type:"structure"`
34196
34197	// The ARN of the SAML identity provider in IAM to which you want to add tags.
34198	//
34199	// This parameter accepts (through its regex pattern (http://wikipedia.org/wiki/regex))
34200	// a string of characters that consist of upper and lowercase alphanumeric characters
34201	// with no spaces. You can also include any of the following characters: =,.@-
34202	//
34203	// SAMLProviderArn is a required field
34204	SAMLProviderArn *string `min:"20" type:"string" required:"true"`
34205
34206	// The list of tags that you want to attach to the SAML identity provider in
34207	// IAM. Each tag consists of a key name and an associated value.
34208	//
34209	// Tags is a required field
34210	Tags []*Tag `type:"list" required:"true"`
34211}
34212
34213// String returns the string representation
34214func (s TagSAMLProviderInput) String() string {
34215	return awsutil.Prettify(s)
34216}
34217
34218// GoString returns the string representation
34219func (s TagSAMLProviderInput) GoString() string {
34220	return s.String()
34221}
34222
34223// Validate inspects the fields of the type to determine if they are valid.
34224func (s *TagSAMLProviderInput) Validate() error {
34225	invalidParams := request.ErrInvalidParams{Context: "TagSAMLProviderInput"}
34226	if s.SAMLProviderArn == nil {
34227		invalidParams.Add(request.NewErrParamRequired("SAMLProviderArn"))
34228	}
34229	if s.SAMLProviderArn != nil && len(*s.SAMLProviderArn) < 20 {
34230		invalidParams.Add(request.NewErrParamMinLen("SAMLProviderArn", 20))
34231	}
34232	if s.Tags == nil {
34233		invalidParams.Add(request.NewErrParamRequired("Tags"))
34234	}
34235	if s.Tags != nil {
34236		for i, v := range s.Tags {
34237			if v == nil {
34238				continue
34239			}
34240			if err := v.Validate(); err != nil {
34241				invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Tags", i), err.(request.ErrInvalidParams))
34242			}
34243		}
34244	}
34245
34246	if invalidParams.Len() > 0 {
34247		return invalidParams
34248	}
34249	return nil
34250}
34251
34252// SetSAMLProviderArn sets the SAMLProviderArn field's value.
34253func (s *TagSAMLProviderInput) SetSAMLProviderArn(v string) *TagSAMLProviderInput {
34254	s.SAMLProviderArn = &v
34255	return s
34256}
34257
34258// SetTags sets the Tags field's value.
34259func (s *TagSAMLProviderInput) SetTags(v []*Tag) *TagSAMLProviderInput {
34260	s.Tags = v
34261	return s
34262}
34263
34264type TagSAMLProviderOutput struct {
34265	_ struct{} `type:"structure"`
34266}
34267
34268// String returns the string representation
34269func (s TagSAMLProviderOutput) String() string {
34270	return awsutil.Prettify(s)
34271}
34272
34273// GoString returns the string representation
34274func (s TagSAMLProviderOutput) GoString() string {
34275	return s.String()
34276}
34277
34278type TagServerCertificateInput struct {
34279	_ struct{} `type:"structure"`
34280
34281	// The name of the IAM server certificate to which you want to add tags.
34282	//
34283	// This parameter accepts (through its regex pattern (http://wikipedia.org/wiki/regex))
34284	// a string of characters that consist of upper and lowercase alphanumeric characters
34285	// with no spaces. You can also include any of the following characters: =,.@-
34286	//
34287	// ServerCertificateName is a required field
34288	ServerCertificateName *string `min:"1" type:"string" required:"true"`
34289
34290	// The list of tags that you want to attach to the IAM server certificate. Each
34291	// tag consists of a key name and an associated value.
34292	//
34293	// Tags is a required field
34294	Tags []*Tag `type:"list" required:"true"`
34295}
34296
34297// String returns the string representation
34298func (s TagServerCertificateInput) String() string {
34299	return awsutil.Prettify(s)
34300}
34301
34302// GoString returns the string representation
34303func (s TagServerCertificateInput) GoString() string {
34304	return s.String()
34305}
34306
34307// Validate inspects the fields of the type to determine if they are valid.
34308func (s *TagServerCertificateInput) Validate() error {
34309	invalidParams := request.ErrInvalidParams{Context: "TagServerCertificateInput"}
34310	if s.ServerCertificateName == nil {
34311		invalidParams.Add(request.NewErrParamRequired("ServerCertificateName"))
34312	}
34313	if s.ServerCertificateName != nil && len(*s.ServerCertificateName) < 1 {
34314		invalidParams.Add(request.NewErrParamMinLen("ServerCertificateName", 1))
34315	}
34316	if s.Tags == nil {
34317		invalidParams.Add(request.NewErrParamRequired("Tags"))
34318	}
34319	if s.Tags != nil {
34320		for i, v := range s.Tags {
34321			if v == nil {
34322				continue
34323			}
34324			if err := v.Validate(); err != nil {
34325				invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Tags", i), err.(request.ErrInvalidParams))
34326			}
34327		}
34328	}
34329
34330	if invalidParams.Len() > 0 {
34331		return invalidParams
34332	}
34333	return nil
34334}
34335
34336// SetServerCertificateName sets the ServerCertificateName field's value.
34337func (s *TagServerCertificateInput) SetServerCertificateName(v string) *TagServerCertificateInput {
34338	s.ServerCertificateName = &v
34339	return s
34340}
34341
34342// SetTags sets the Tags field's value.
34343func (s *TagServerCertificateInput) SetTags(v []*Tag) *TagServerCertificateInput {
34344	s.Tags = v
34345	return s
34346}
34347
34348type TagServerCertificateOutput struct {
34349	_ struct{} `type:"structure"`
34350}
34351
34352// String returns the string representation
34353func (s TagServerCertificateOutput) String() string {
34354	return awsutil.Prettify(s)
34355}
34356
34357// GoString returns the string representation
34358func (s TagServerCertificateOutput) GoString() string {
34359	return s.String()
34360}
34361
34362type TagUserInput struct {
34363	_ struct{} `type:"structure"`
34364
34365	// The list of tags that you want to attach to the IAM user. Each tag consists
34366	// of a key name and an associated value.
34367	//
34368	// Tags is a required field
34369	Tags []*Tag `type:"list" required:"true"`
34370
34371	// The name of the IAM user to which you want to add tags.
34372	//
34373	// This parameter accepts (through its regex pattern (http://wikipedia.org/wiki/regex))
34374	// a string of characters that consist of upper and lowercase alphanumeric characters
34375	// with no spaces. You can also include any of the following characters: =,.@-
34376	//
34377	// UserName is a required field
34378	UserName *string `min:"1" type:"string" required:"true"`
34379}
34380
34381// String returns the string representation
34382func (s TagUserInput) String() string {
34383	return awsutil.Prettify(s)
34384}
34385
34386// GoString returns the string representation
34387func (s TagUserInput) GoString() string {
34388	return s.String()
34389}
34390
34391// Validate inspects the fields of the type to determine if they are valid.
34392func (s *TagUserInput) Validate() error {
34393	invalidParams := request.ErrInvalidParams{Context: "TagUserInput"}
34394	if s.Tags == nil {
34395		invalidParams.Add(request.NewErrParamRequired("Tags"))
34396	}
34397	if s.UserName == nil {
34398		invalidParams.Add(request.NewErrParamRequired("UserName"))
34399	}
34400	if s.UserName != nil && len(*s.UserName) < 1 {
34401		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
34402	}
34403	if s.Tags != nil {
34404		for i, v := range s.Tags {
34405			if v == nil {
34406				continue
34407			}
34408			if err := v.Validate(); err != nil {
34409				invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Tags", i), err.(request.ErrInvalidParams))
34410			}
34411		}
34412	}
34413
34414	if invalidParams.Len() > 0 {
34415		return invalidParams
34416	}
34417	return nil
34418}
34419
34420// SetTags sets the Tags field's value.
34421func (s *TagUserInput) SetTags(v []*Tag) *TagUserInput {
34422	s.Tags = v
34423	return s
34424}
34425
34426// SetUserName sets the UserName field's value.
34427func (s *TagUserInput) SetUserName(v string) *TagUserInput {
34428	s.UserName = &v
34429	return s
34430}
34431
34432type TagUserOutput struct {
34433	_ struct{} `type:"structure"`
34434}
34435
34436// String returns the string representation
34437func (s TagUserOutput) String() string {
34438	return awsutil.Prettify(s)
34439}
34440
34441// GoString returns the string representation
34442func (s TagUserOutput) GoString() string {
34443	return s.String()
34444}
34445
34446// Contains details about the most recent attempt to access an action within
34447// the service.
34448//
34449// This data type is used as a response element in the GetServiceLastAccessedDetails
34450// operation.
34451type TrackedActionLastAccessed struct {
34452	_ struct{} `type:"structure"`
34453
34454	// The name of the tracked action to which access was attempted. Tracked actions
34455	// are actions that report activity to IAM.
34456	ActionName *string `type:"string"`
34457
34458	// The Amazon Resource Name (ARN). ARNs are unique identifiers for AWS resources.
34459	//
34460	// For more information about ARNs, go to Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
34461	// in the AWS General Reference.
34462	LastAccessedEntity *string `min:"20" type:"string"`
34463
34464	// The Region from which the authenticated entity (user or role) last attempted
34465	// to access the tracked action. AWS does not report unauthenticated requests.
34466	//
34467	// This field is null if no IAM entities attempted to access the service within
34468	// the reporting period (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#service-last-accessed-reporting-period).
34469	LastAccessedRegion *string `type:"string"`
34470
34471	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
34472	// when an authenticated entity most recently attempted to access the tracked
34473	// service. AWS does not report unauthenticated requests.
34474	//
34475	// This field is null if no IAM entities attempted to access the service within
34476	// the reporting period (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#service-last-accessed-reporting-period).
34477	LastAccessedTime *time.Time `type:"timestamp"`
34478}
34479
34480// String returns the string representation
34481func (s TrackedActionLastAccessed) String() string {
34482	return awsutil.Prettify(s)
34483}
34484
34485// GoString returns the string representation
34486func (s TrackedActionLastAccessed) GoString() string {
34487	return s.String()
34488}
34489
34490// SetActionName sets the ActionName field's value.
34491func (s *TrackedActionLastAccessed) SetActionName(v string) *TrackedActionLastAccessed {
34492	s.ActionName = &v
34493	return s
34494}
34495
34496// SetLastAccessedEntity sets the LastAccessedEntity field's value.
34497func (s *TrackedActionLastAccessed) SetLastAccessedEntity(v string) *TrackedActionLastAccessed {
34498	s.LastAccessedEntity = &v
34499	return s
34500}
34501
34502// SetLastAccessedRegion sets the LastAccessedRegion field's value.
34503func (s *TrackedActionLastAccessed) SetLastAccessedRegion(v string) *TrackedActionLastAccessed {
34504	s.LastAccessedRegion = &v
34505	return s
34506}
34507
34508// SetLastAccessedTime sets the LastAccessedTime field's value.
34509func (s *TrackedActionLastAccessed) SetLastAccessedTime(v time.Time) *TrackedActionLastAccessed {
34510	s.LastAccessedTime = &v
34511	return s
34512}
34513
34514type UntagInstanceProfileInput struct {
34515	_ struct{} `type:"structure"`
34516
34517	// The name of the IAM instance profile from which you want to remove tags.
34518	//
34519	// This parameter accepts (through its regex pattern (http://wikipedia.org/wiki/regex))
34520	// a string of characters that consist of upper and lowercase alphanumeric characters
34521	// with no spaces. You can also include any of the following characters: =,.@-
34522	//
34523	// InstanceProfileName is a required field
34524	InstanceProfileName *string `min:"1" type:"string" required:"true"`
34525
34526	// A list of key names as a simple array of strings. The tags with matching
34527	// keys are removed from the specified instance profile.
34528	//
34529	// TagKeys is a required field
34530	TagKeys []*string `type:"list" required:"true"`
34531}
34532
34533// String returns the string representation
34534func (s UntagInstanceProfileInput) String() string {
34535	return awsutil.Prettify(s)
34536}
34537
34538// GoString returns the string representation
34539func (s UntagInstanceProfileInput) GoString() string {
34540	return s.String()
34541}
34542
34543// Validate inspects the fields of the type to determine if they are valid.
34544func (s *UntagInstanceProfileInput) Validate() error {
34545	invalidParams := request.ErrInvalidParams{Context: "UntagInstanceProfileInput"}
34546	if s.InstanceProfileName == nil {
34547		invalidParams.Add(request.NewErrParamRequired("InstanceProfileName"))
34548	}
34549	if s.InstanceProfileName != nil && len(*s.InstanceProfileName) < 1 {
34550		invalidParams.Add(request.NewErrParamMinLen("InstanceProfileName", 1))
34551	}
34552	if s.TagKeys == nil {
34553		invalidParams.Add(request.NewErrParamRequired("TagKeys"))
34554	}
34555
34556	if invalidParams.Len() > 0 {
34557		return invalidParams
34558	}
34559	return nil
34560}
34561
34562// SetInstanceProfileName sets the InstanceProfileName field's value.
34563func (s *UntagInstanceProfileInput) SetInstanceProfileName(v string) *UntagInstanceProfileInput {
34564	s.InstanceProfileName = &v
34565	return s
34566}
34567
34568// SetTagKeys sets the TagKeys field's value.
34569func (s *UntagInstanceProfileInput) SetTagKeys(v []*string) *UntagInstanceProfileInput {
34570	s.TagKeys = v
34571	return s
34572}
34573
34574type UntagInstanceProfileOutput struct {
34575	_ struct{} `type:"structure"`
34576}
34577
34578// String returns the string representation
34579func (s UntagInstanceProfileOutput) String() string {
34580	return awsutil.Prettify(s)
34581}
34582
34583// GoString returns the string representation
34584func (s UntagInstanceProfileOutput) GoString() string {
34585	return s.String()
34586}
34587
34588type UntagMFADeviceInput struct {
34589	_ struct{} `type:"structure"`
34590
34591	// The unique identifier for the IAM virtual MFA device from which you want
34592	// to remove tags. For virtual MFA devices, the serial number is the same as
34593	// the ARN.
34594	//
34595	// This parameter accepts (through its regex pattern (http://wikipedia.org/wiki/regex))
34596	// a string of characters that consist of upper and lowercase alphanumeric characters
34597	// with no spaces. You can also include any of the following characters: =,.@-
34598	//
34599	// SerialNumber is a required field
34600	SerialNumber *string `min:"9" type:"string" required:"true"`
34601
34602	// A list of key names as a simple array of strings. The tags with matching
34603	// keys are removed from the specified instance profile.
34604	//
34605	// TagKeys is a required field
34606	TagKeys []*string `type:"list" required:"true"`
34607}
34608
34609// String returns the string representation
34610func (s UntagMFADeviceInput) String() string {
34611	return awsutil.Prettify(s)
34612}
34613
34614// GoString returns the string representation
34615func (s UntagMFADeviceInput) GoString() string {
34616	return s.String()
34617}
34618
34619// Validate inspects the fields of the type to determine if they are valid.
34620func (s *UntagMFADeviceInput) Validate() error {
34621	invalidParams := request.ErrInvalidParams{Context: "UntagMFADeviceInput"}
34622	if s.SerialNumber == nil {
34623		invalidParams.Add(request.NewErrParamRequired("SerialNumber"))
34624	}
34625	if s.SerialNumber != nil && len(*s.SerialNumber) < 9 {
34626		invalidParams.Add(request.NewErrParamMinLen("SerialNumber", 9))
34627	}
34628	if s.TagKeys == nil {
34629		invalidParams.Add(request.NewErrParamRequired("TagKeys"))
34630	}
34631
34632	if invalidParams.Len() > 0 {
34633		return invalidParams
34634	}
34635	return nil
34636}
34637
34638// SetSerialNumber sets the SerialNumber field's value.
34639func (s *UntagMFADeviceInput) SetSerialNumber(v string) *UntagMFADeviceInput {
34640	s.SerialNumber = &v
34641	return s
34642}
34643
34644// SetTagKeys sets the TagKeys field's value.
34645func (s *UntagMFADeviceInput) SetTagKeys(v []*string) *UntagMFADeviceInput {
34646	s.TagKeys = v
34647	return s
34648}
34649
34650type UntagMFADeviceOutput struct {
34651	_ struct{} `type:"structure"`
34652}
34653
34654// String returns the string representation
34655func (s UntagMFADeviceOutput) String() string {
34656	return awsutil.Prettify(s)
34657}
34658
34659// GoString returns the string representation
34660func (s UntagMFADeviceOutput) GoString() string {
34661	return s.String()
34662}
34663
34664type UntagOpenIDConnectProviderInput struct {
34665	_ struct{} `type:"structure"`
34666
34667	// The ARN of the OIDC provider in IAM from which you want to remove tags.
34668	//
34669	// This parameter accepts (through its regex pattern (http://wikipedia.org/wiki/regex))
34670	// a string of characters that consist of upper and lowercase alphanumeric characters
34671	// with no spaces. You can also include any of the following characters: =,.@-
34672	//
34673	// OpenIDConnectProviderArn is a required field
34674	OpenIDConnectProviderArn *string `min:"20" type:"string" required:"true"`
34675
34676	// A list of key names as a simple array of strings. The tags with matching
34677	// keys are removed from the specified OIDC provider.
34678	//
34679	// TagKeys is a required field
34680	TagKeys []*string `type:"list" required:"true"`
34681}
34682
34683// String returns the string representation
34684func (s UntagOpenIDConnectProviderInput) String() string {
34685	return awsutil.Prettify(s)
34686}
34687
34688// GoString returns the string representation
34689func (s UntagOpenIDConnectProviderInput) GoString() string {
34690	return s.String()
34691}
34692
34693// Validate inspects the fields of the type to determine if they are valid.
34694func (s *UntagOpenIDConnectProviderInput) Validate() error {
34695	invalidParams := request.ErrInvalidParams{Context: "UntagOpenIDConnectProviderInput"}
34696	if s.OpenIDConnectProviderArn == nil {
34697		invalidParams.Add(request.NewErrParamRequired("OpenIDConnectProviderArn"))
34698	}
34699	if s.OpenIDConnectProviderArn != nil && len(*s.OpenIDConnectProviderArn) < 20 {
34700		invalidParams.Add(request.NewErrParamMinLen("OpenIDConnectProviderArn", 20))
34701	}
34702	if s.TagKeys == nil {
34703		invalidParams.Add(request.NewErrParamRequired("TagKeys"))
34704	}
34705
34706	if invalidParams.Len() > 0 {
34707		return invalidParams
34708	}
34709	return nil
34710}
34711
34712// SetOpenIDConnectProviderArn sets the OpenIDConnectProviderArn field's value.
34713func (s *UntagOpenIDConnectProviderInput) SetOpenIDConnectProviderArn(v string) *UntagOpenIDConnectProviderInput {
34714	s.OpenIDConnectProviderArn = &v
34715	return s
34716}
34717
34718// SetTagKeys sets the TagKeys field's value.
34719func (s *UntagOpenIDConnectProviderInput) SetTagKeys(v []*string) *UntagOpenIDConnectProviderInput {
34720	s.TagKeys = v
34721	return s
34722}
34723
34724type UntagOpenIDConnectProviderOutput struct {
34725	_ struct{} `type:"structure"`
34726}
34727
34728// String returns the string representation
34729func (s UntagOpenIDConnectProviderOutput) String() string {
34730	return awsutil.Prettify(s)
34731}
34732
34733// GoString returns the string representation
34734func (s UntagOpenIDConnectProviderOutput) GoString() string {
34735	return s.String()
34736}
34737
34738type UntagPolicyInput struct {
34739	_ struct{} `type:"structure"`
34740
34741	// The ARN of the IAM customer managed policy from which you want to remove
34742	// tags.
34743	//
34744	// This parameter accepts (through its regex pattern (http://wikipedia.org/wiki/regex))
34745	// a string of characters that consist of upper and lowercase alphanumeric characters
34746	// with no spaces. You can also include any of the following characters: =,.@-
34747	//
34748	// PolicyArn is a required field
34749	PolicyArn *string `min:"20" type:"string" required:"true"`
34750
34751	// A list of key names as a simple array of strings. The tags with matching
34752	// keys are removed from the specified policy.
34753	//
34754	// TagKeys is a required field
34755	TagKeys []*string `type:"list" required:"true"`
34756}
34757
34758// String returns the string representation
34759func (s UntagPolicyInput) String() string {
34760	return awsutil.Prettify(s)
34761}
34762
34763// GoString returns the string representation
34764func (s UntagPolicyInput) GoString() string {
34765	return s.String()
34766}
34767
34768// Validate inspects the fields of the type to determine if they are valid.
34769func (s *UntagPolicyInput) Validate() error {
34770	invalidParams := request.ErrInvalidParams{Context: "UntagPolicyInput"}
34771	if s.PolicyArn == nil {
34772		invalidParams.Add(request.NewErrParamRequired("PolicyArn"))
34773	}
34774	if s.PolicyArn != nil && len(*s.PolicyArn) < 20 {
34775		invalidParams.Add(request.NewErrParamMinLen("PolicyArn", 20))
34776	}
34777	if s.TagKeys == nil {
34778		invalidParams.Add(request.NewErrParamRequired("TagKeys"))
34779	}
34780
34781	if invalidParams.Len() > 0 {
34782		return invalidParams
34783	}
34784	return nil
34785}
34786
34787// SetPolicyArn sets the PolicyArn field's value.
34788func (s *UntagPolicyInput) SetPolicyArn(v string) *UntagPolicyInput {
34789	s.PolicyArn = &v
34790	return s
34791}
34792
34793// SetTagKeys sets the TagKeys field's value.
34794func (s *UntagPolicyInput) SetTagKeys(v []*string) *UntagPolicyInput {
34795	s.TagKeys = v
34796	return s
34797}
34798
34799type UntagPolicyOutput struct {
34800	_ struct{} `type:"structure"`
34801}
34802
34803// String returns the string representation
34804func (s UntagPolicyOutput) String() string {
34805	return awsutil.Prettify(s)
34806}
34807
34808// GoString returns the string representation
34809func (s UntagPolicyOutput) GoString() string {
34810	return s.String()
34811}
34812
34813type UntagRoleInput struct {
34814	_ struct{} `type:"structure"`
34815
34816	// The name of the IAM role from which you want to remove tags.
34817	//
34818	// This parameter accepts (through its regex pattern (http://wikipedia.org/wiki/regex))
34819	// a string of characters that consist of upper and lowercase alphanumeric characters
34820	// with no spaces. You can also include any of the following characters: _+=,.@-
34821	//
34822	// RoleName is a required field
34823	RoleName *string `min:"1" type:"string" required:"true"`
34824
34825	// A list of key names as a simple array of strings. The tags with matching
34826	// keys are removed from the specified role.
34827	//
34828	// TagKeys is a required field
34829	TagKeys []*string `type:"list" required:"true"`
34830}
34831
34832// String returns the string representation
34833func (s UntagRoleInput) String() string {
34834	return awsutil.Prettify(s)
34835}
34836
34837// GoString returns the string representation
34838func (s UntagRoleInput) GoString() string {
34839	return s.String()
34840}
34841
34842// Validate inspects the fields of the type to determine if they are valid.
34843func (s *UntagRoleInput) Validate() error {
34844	invalidParams := request.ErrInvalidParams{Context: "UntagRoleInput"}
34845	if s.RoleName == nil {
34846		invalidParams.Add(request.NewErrParamRequired("RoleName"))
34847	}
34848	if s.RoleName != nil && len(*s.RoleName) < 1 {
34849		invalidParams.Add(request.NewErrParamMinLen("RoleName", 1))
34850	}
34851	if s.TagKeys == nil {
34852		invalidParams.Add(request.NewErrParamRequired("TagKeys"))
34853	}
34854
34855	if invalidParams.Len() > 0 {
34856		return invalidParams
34857	}
34858	return nil
34859}
34860
34861// SetRoleName sets the RoleName field's value.
34862func (s *UntagRoleInput) SetRoleName(v string) *UntagRoleInput {
34863	s.RoleName = &v
34864	return s
34865}
34866
34867// SetTagKeys sets the TagKeys field's value.
34868func (s *UntagRoleInput) SetTagKeys(v []*string) *UntagRoleInput {
34869	s.TagKeys = v
34870	return s
34871}
34872
34873type UntagRoleOutput struct {
34874	_ struct{} `type:"structure"`
34875}
34876
34877// String returns the string representation
34878func (s UntagRoleOutput) String() string {
34879	return awsutil.Prettify(s)
34880}
34881
34882// GoString returns the string representation
34883func (s UntagRoleOutput) GoString() string {
34884	return s.String()
34885}
34886
34887type UntagSAMLProviderInput struct {
34888	_ struct{} `type:"structure"`
34889
34890	// The ARN of the SAML identity provider in IAM from which you want to remove
34891	// tags.
34892	//
34893	// This parameter accepts (through its regex pattern (http://wikipedia.org/wiki/regex))
34894	// a string of characters that consist of upper and lowercase alphanumeric characters
34895	// with no spaces. You can also include any of the following characters: =,.@-
34896	//
34897	// SAMLProviderArn is a required field
34898	SAMLProviderArn *string `min:"20" type:"string" required:"true"`
34899
34900	// A list of key names as a simple array of strings. The tags with matching
34901	// keys are removed from the specified SAML identity provider.
34902	//
34903	// TagKeys is a required field
34904	TagKeys []*string `type:"list" required:"true"`
34905}
34906
34907// String returns the string representation
34908func (s UntagSAMLProviderInput) String() string {
34909	return awsutil.Prettify(s)
34910}
34911
34912// GoString returns the string representation
34913func (s UntagSAMLProviderInput) GoString() string {
34914	return s.String()
34915}
34916
34917// Validate inspects the fields of the type to determine if they are valid.
34918func (s *UntagSAMLProviderInput) Validate() error {
34919	invalidParams := request.ErrInvalidParams{Context: "UntagSAMLProviderInput"}
34920	if s.SAMLProviderArn == nil {
34921		invalidParams.Add(request.NewErrParamRequired("SAMLProviderArn"))
34922	}
34923	if s.SAMLProviderArn != nil && len(*s.SAMLProviderArn) < 20 {
34924		invalidParams.Add(request.NewErrParamMinLen("SAMLProviderArn", 20))
34925	}
34926	if s.TagKeys == nil {
34927		invalidParams.Add(request.NewErrParamRequired("TagKeys"))
34928	}
34929
34930	if invalidParams.Len() > 0 {
34931		return invalidParams
34932	}
34933	return nil
34934}
34935
34936// SetSAMLProviderArn sets the SAMLProviderArn field's value.
34937func (s *UntagSAMLProviderInput) SetSAMLProviderArn(v string) *UntagSAMLProviderInput {
34938	s.SAMLProviderArn = &v
34939	return s
34940}
34941
34942// SetTagKeys sets the TagKeys field's value.
34943func (s *UntagSAMLProviderInput) SetTagKeys(v []*string) *UntagSAMLProviderInput {
34944	s.TagKeys = v
34945	return s
34946}
34947
34948type UntagSAMLProviderOutput struct {
34949	_ struct{} `type:"structure"`
34950}
34951
34952// String returns the string representation
34953func (s UntagSAMLProviderOutput) String() string {
34954	return awsutil.Prettify(s)
34955}
34956
34957// GoString returns the string representation
34958func (s UntagSAMLProviderOutput) GoString() string {
34959	return s.String()
34960}
34961
34962type UntagServerCertificateInput struct {
34963	_ struct{} `type:"structure"`
34964
34965	// The name of the IAM server certificate from which you want to remove tags.
34966	//
34967	// This parameter accepts (through its regex pattern (http://wikipedia.org/wiki/regex))
34968	// a string of characters that consist of upper and lowercase alphanumeric characters
34969	// with no spaces. You can also include any of the following characters: =,.@-
34970	//
34971	// ServerCertificateName is a required field
34972	ServerCertificateName *string `min:"1" type:"string" required:"true"`
34973
34974	// A list of key names as a simple array of strings. The tags with matching
34975	// keys are removed from the specified IAM server certificate.
34976	//
34977	// TagKeys is a required field
34978	TagKeys []*string `type:"list" required:"true"`
34979}
34980
34981// String returns the string representation
34982func (s UntagServerCertificateInput) String() string {
34983	return awsutil.Prettify(s)
34984}
34985
34986// GoString returns the string representation
34987func (s UntagServerCertificateInput) GoString() string {
34988	return s.String()
34989}
34990
34991// Validate inspects the fields of the type to determine if they are valid.
34992func (s *UntagServerCertificateInput) Validate() error {
34993	invalidParams := request.ErrInvalidParams{Context: "UntagServerCertificateInput"}
34994	if s.ServerCertificateName == nil {
34995		invalidParams.Add(request.NewErrParamRequired("ServerCertificateName"))
34996	}
34997	if s.ServerCertificateName != nil && len(*s.ServerCertificateName) < 1 {
34998		invalidParams.Add(request.NewErrParamMinLen("ServerCertificateName", 1))
34999	}
35000	if s.TagKeys == nil {
35001		invalidParams.Add(request.NewErrParamRequired("TagKeys"))
35002	}
35003
35004	if invalidParams.Len() > 0 {
35005		return invalidParams
35006	}
35007	return nil
35008}
35009
35010// SetServerCertificateName sets the ServerCertificateName field's value.
35011func (s *UntagServerCertificateInput) SetServerCertificateName(v string) *UntagServerCertificateInput {
35012	s.ServerCertificateName = &v
35013	return s
35014}
35015
35016// SetTagKeys sets the TagKeys field's value.
35017func (s *UntagServerCertificateInput) SetTagKeys(v []*string) *UntagServerCertificateInput {
35018	s.TagKeys = v
35019	return s
35020}
35021
35022type UntagServerCertificateOutput struct {
35023	_ struct{} `type:"structure"`
35024}
35025
35026// String returns the string representation
35027func (s UntagServerCertificateOutput) String() string {
35028	return awsutil.Prettify(s)
35029}
35030
35031// GoString returns the string representation
35032func (s UntagServerCertificateOutput) GoString() string {
35033	return s.String()
35034}
35035
35036type UntagUserInput struct {
35037	_ struct{} `type:"structure"`
35038
35039	// A list of key names as a simple array of strings. The tags with matching
35040	// keys are removed from the specified user.
35041	//
35042	// TagKeys is a required field
35043	TagKeys []*string `type:"list" required:"true"`
35044
35045	// The name of the IAM user from which you want to remove tags.
35046	//
35047	// This parameter accepts (through its regex pattern (http://wikipedia.org/wiki/regex))
35048	// a string of characters that consist of upper and lowercase alphanumeric characters
35049	// with no spaces. You can also include any of the following characters: =,.@-
35050	//
35051	// UserName is a required field
35052	UserName *string `min:"1" type:"string" required:"true"`
35053}
35054
35055// String returns the string representation
35056func (s UntagUserInput) String() string {
35057	return awsutil.Prettify(s)
35058}
35059
35060// GoString returns the string representation
35061func (s UntagUserInput) GoString() string {
35062	return s.String()
35063}
35064
35065// Validate inspects the fields of the type to determine if they are valid.
35066func (s *UntagUserInput) Validate() error {
35067	invalidParams := request.ErrInvalidParams{Context: "UntagUserInput"}
35068	if s.TagKeys == nil {
35069		invalidParams.Add(request.NewErrParamRequired("TagKeys"))
35070	}
35071	if s.UserName == nil {
35072		invalidParams.Add(request.NewErrParamRequired("UserName"))
35073	}
35074	if s.UserName != nil && len(*s.UserName) < 1 {
35075		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
35076	}
35077
35078	if invalidParams.Len() > 0 {
35079		return invalidParams
35080	}
35081	return nil
35082}
35083
35084// SetTagKeys sets the TagKeys field's value.
35085func (s *UntagUserInput) SetTagKeys(v []*string) *UntagUserInput {
35086	s.TagKeys = v
35087	return s
35088}
35089
35090// SetUserName sets the UserName field's value.
35091func (s *UntagUserInput) SetUserName(v string) *UntagUserInput {
35092	s.UserName = &v
35093	return s
35094}
35095
35096type UntagUserOutput struct {
35097	_ struct{} `type:"structure"`
35098}
35099
35100// String returns the string representation
35101func (s UntagUserOutput) String() string {
35102	return awsutil.Prettify(s)
35103}
35104
35105// GoString returns the string representation
35106func (s UntagUserOutput) GoString() string {
35107	return s.String()
35108}
35109
35110type UpdateAccessKeyInput struct {
35111	_ struct{} `type:"structure"`
35112
35113	// The access key ID of the secret access key you want to update.
35114	//
35115	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
35116	// a string of characters that can consist of any upper or lowercased letter
35117	// or digit.
35118	//
35119	// AccessKeyId is a required field
35120	AccessKeyId *string `min:"16" type:"string" required:"true"`
35121
35122	// The status you want to assign to the secret access key. Active means that
35123	// the key can be used for programmatic calls to AWS, while Inactive means that
35124	// the key cannot be used.
35125	//
35126	// Status is a required field
35127	Status *string `type:"string" required:"true" enum:"StatusType"`
35128
35129	// The name of the user whose key you want to update.
35130	//
35131	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
35132	// a string of characters consisting of upper and lowercase alphanumeric characters
35133	// with no spaces. You can also include any of the following characters: _+=,.@-
35134	UserName *string `min:"1" type:"string"`
35135}
35136
35137// String returns the string representation
35138func (s UpdateAccessKeyInput) String() string {
35139	return awsutil.Prettify(s)
35140}
35141
35142// GoString returns the string representation
35143func (s UpdateAccessKeyInput) GoString() string {
35144	return s.String()
35145}
35146
35147// Validate inspects the fields of the type to determine if they are valid.
35148func (s *UpdateAccessKeyInput) Validate() error {
35149	invalidParams := request.ErrInvalidParams{Context: "UpdateAccessKeyInput"}
35150	if s.AccessKeyId == nil {
35151		invalidParams.Add(request.NewErrParamRequired("AccessKeyId"))
35152	}
35153	if s.AccessKeyId != nil && len(*s.AccessKeyId) < 16 {
35154		invalidParams.Add(request.NewErrParamMinLen("AccessKeyId", 16))
35155	}
35156	if s.Status == nil {
35157		invalidParams.Add(request.NewErrParamRequired("Status"))
35158	}
35159	if s.UserName != nil && len(*s.UserName) < 1 {
35160		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
35161	}
35162
35163	if invalidParams.Len() > 0 {
35164		return invalidParams
35165	}
35166	return nil
35167}
35168
35169// SetAccessKeyId sets the AccessKeyId field's value.
35170func (s *UpdateAccessKeyInput) SetAccessKeyId(v string) *UpdateAccessKeyInput {
35171	s.AccessKeyId = &v
35172	return s
35173}
35174
35175// SetStatus sets the Status field's value.
35176func (s *UpdateAccessKeyInput) SetStatus(v string) *UpdateAccessKeyInput {
35177	s.Status = &v
35178	return s
35179}
35180
35181// SetUserName sets the UserName field's value.
35182func (s *UpdateAccessKeyInput) SetUserName(v string) *UpdateAccessKeyInput {
35183	s.UserName = &v
35184	return s
35185}
35186
35187type UpdateAccessKeyOutput struct {
35188	_ struct{} `type:"structure"`
35189}
35190
35191// String returns the string representation
35192func (s UpdateAccessKeyOutput) String() string {
35193	return awsutil.Prettify(s)
35194}
35195
35196// GoString returns the string representation
35197func (s UpdateAccessKeyOutput) GoString() string {
35198	return s.String()
35199}
35200
35201type UpdateAccountPasswordPolicyInput struct {
35202	_ struct{} `type:"structure"`
35203
35204	// Allows all IAM users in your account to use the AWS Management Console to
35205	// change their own passwords. For more information, see Letting IAM users change
35206	// their own passwords (https://docs.aws.amazon.com/IAM/latest/UserGuide/HowToPwdIAMUser.html)
35207	// in the IAM User Guide.
35208	//
35209	// If you do not specify a value for this parameter, then the operation uses
35210	// the default value of false. The result is that IAM users in the account do
35211	// not automatically have permissions to change their own password.
35212	AllowUsersToChangePassword *bool `type:"boolean"`
35213
35214	// Prevents IAM users from setting a new password after their password has expired.
35215	// The IAM user cannot be accessed until an administrator resets the password.
35216	//
35217	// If you do not specify a value for this parameter, then the operation uses
35218	// the default value of false. The result is that IAM users can change their
35219	// passwords after they expire and continue to sign in as the user.
35220	HardExpiry *bool `type:"boolean"`
35221
35222	// The number of days that an IAM user password is valid.
35223	//
35224	// If you do not specify a value for this parameter, then the operation uses
35225	// the default value of 0. The result is that IAM user passwords never expire.
35226	MaxPasswordAge *int64 `min:"1" type:"integer"`
35227
35228	// The minimum number of characters allowed in an IAM user password.
35229	//
35230	// If you do not specify a value for this parameter, then the operation uses
35231	// the default value of 6.
35232	MinimumPasswordLength *int64 `min:"6" type:"integer"`
35233
35234	// Specifies the number of previous passwords that IAM users are prevented from
35235	// reusing.
35236	//
35237	// If you do not specify a value for this parameter, then the operation uses
35238	// the default value of 0. The result is that IAM users are not prevented from
35239	// reusing previous passwords.
35240	PasswordReusePrevention *int64 `min:"1" type:"integer"`
35241
35242	// Specifies whether IAM user passwords must contain at least one lowercase
35243	// character from the ISO basic Latin alphabet (a to z).
35244	//
35245	// If you do not specify a value for this parameter, then the operation uses
35246	// the default value of false. The result is that passwords do not require at
35247	// least one lowercase character.
35248	RequireLowercaseCharacters *bool `type:"boolean"`
35249
35250	// Specifies whether IAM user passwords must contain at least one numeric character
35251	// (0 to 9).
35252	//
35253	// If you do not specify a value for this parameter, then the operation uses
35254	// the default value of false. The result is that passwords do not require at
35255	// least one numeric character.
35256	RequireNumbers *bool `type:"boolean"`
35257
35258	// Specifies whether IAM user passwords must contain at least one of the following
35259	// non-alphanumeric characters:
35260	//
35261	// ! @ # $ % ^ & * ( ) _ + - = [ ] { } | '
35262	//
35263	// If you do not specify a value for this parameter, then the operation uses
35264	// the default value of false. The result is that passwords do not require at
35265	// least one symbol character.
35266	RequireSymbols *bool `type:"boolean"`
35267
35268	// Specifies whether IAM user passwords must contain at least one uppercase
35269	// character from the ISO basic Latin alphabet (A to Z).
35270	//
35271	// If you do not specify a value for this parameter, then the operation uses
35272	// the default value of false. The result is that passwords do not require at
35273	// least one uppercase character.
35274	RequireUppercaseCharacters *bool `type:"boolean"`
35275}
35276
35277// String returns the string representation
35278func (s UpdateAccountPasswordPolicyInput) String() string {
35279	return awsutil.Prettify(s)
35280}
35281
35282// GoString returns the string representation
35283func (s UpdateAccountPasswordPolicyInput) GoString() string {
35284	return s.String()
35285}
35286
35287// Validate inspects the fields of the type to determine if they are valid.
35288func (s *UpdateAccountPasswordPolicyInput) Validate() error {
35289	invalidParams := request.ErrInvalidParams{Context: "UpdateAccountPasswordPolicyInput"}
35290	if s.MaxPasswordAge != nil && *s.MaxPasswordAge < 1 {
35291		invalidParams.Add(request.NewErrParamMinValue("MaxPasswordAge", 1))
35292	}
35293	if s.MinimumPasswordLength != nil && *s.MinimumPasswordLength < 6 {
35294		invalidParams.Add(request.NewErrParamMinValue("MinimumPasswordLength", 6))
35295	}
35296	if s.PasswordReusePrevention != nil && *s.PasswordReusePrevention < 1 {
35297		invalidParams.Add(request.NewErrParamMinValue("PasswordReusePrevention", 1))
35298	}
35299
35300	if invalidParams.Len() > 0 {
35301		return invalidParams
35302	}
35303	return nil
35304}
35305
35306// SetAllowUsersToChangePassword sets the AllowUsersToChangePassword field's value.
35307func (s *UpdateAccountPasswordPolicyInput) SetAllowUsersToChangePassword(v bool) *UpdateAccountPasswordPolicyInput {
35308	s.AllowUsersToChangePassword = &v
35309	return s
35310}
35311
35312// SetHardExpiry sets the HardExpiry field's value.
35313func (s *UpdateAccountPasswordPolicyInput) SetHardExpiry(v bool) *UpdateAccountPasswordPolicyInput {
35314	s.HardExpiry = &v
35315	return s
35316}
35317
35318// SetMaxPasswordAge sets the MaxPasswordAge field's value.
35319func (s *UpdateAccountPasswordPolicyInput) SetMaxPasswordAge(v int64) *UpdateAccountPasswordPolicyInput {
35320	s.MaxPasswordAge = &v
35321	return s
35322}
35323
35324// SetMinimumPasswordLength sets the MinimumPasswordLength field's value.
35325func (s *UpdateAccountPasswordPolicyInput) SetMinimumPasswordLength(v int64) *UpdateAccountPasswordPolicyInput {
35326	s.MinimumPasswordLength = &v
35327	return s
35328}
35329
35330// SetPasswordReusePrevention sets the PasswordReusePrevention field's value.
35331func (s *UpdateAccountPasswordPolicyInput) SetPasswordReusePrevention(v int64) *UpdateAccountPasswordPolicyInput {
35332	s.PasswordReusePrevention = &v
35333	return s
35334}
35335
35336// SetRequireLowercaseCharacters sets the RequireLowercaseCharacters field's value.
35337func (s *UpdateAccountPasswordPolicyInput) SetRequireLowercaseCharacters(v bool) *UpdateAccountPasswordPolicyInput {
35338	s.RequireLowercaseCharacters = &v
35339	return s
35340}
35341
35342// SetRequireNumbers sets the RequireNumbers field's value.
35343func (s *UpdateAccountPasswordPolicyInput) SetRequireNumbers(v bool) *UpdateAccountPasswordPolicyInput {
35344	s.RequireNumbers = &v
35345	return s
35346}
35347
35348// SetRequireSymbols sets the RequireSymbols field's value.
35349func (s *UpdateAccountPasswordPolicyInput) SetRequireSymbols(v bool) *UpdateAccountPasswordPolicyInput {
35350	s.RequireSymbols = &v
35351	return s
35352}
35353
35354// SetRequireUppercaseCharacters sets the RequireUppercaseCharacters field's value.
35355func (s *UpdateAccountPasswordPolicyInput) SetRequireUppercaseCharacters(v bool) *UpdateAccountPasswordPolicyInput {
35356	s.RequireUppercaseCharacters = &v
35357	return s
35358}
35359
35360type UpdateAccountPasswordPolicyOutput struct {
35361	_ struct{} `type:"structure"`
35362}
35363
35364// String returns the string representation
35365func (s UpdateAccountPasswordPolicyOutput) String() string {
35366	return awsutil.Prettify(s)
35367}
35368
35369// GoString returns the string representation
35370func (s UpdateAccountPasswordPolicyOutput) GoString() string {
35371	return s.String()
35372}
35373
35374type UpdateAssumeRolePolicyInput struct {
35375	_ struct{} `type:"structure"`
35376
35377	// The policy that grants an entity permission to assume the role.
35378	//
35379	// You must provide policies in JSON format in IAM. However, for AWS CloudFormation
35380	// templates formatted in YAML, you can provide the policy in JSON or YAML format.
35381	// AWS CloudFormation always converts a YAML policy to JSON format before submitting
35382	// it to IAM.
35383	//
35384	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
35385	// parameter is a string of characters consisting of the following:
35386	//
35387	//    * Any printable ASCII character ranging from the space character (\u0020)
35388	//    through the end of the ASCII character range
35389	//
35390	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
35391	//    set (through \u00FF)
35392	//
35393	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
35394	//    return (\u000D)
35395	//
35396	// PolicyDocument is a required field
35397	PolicyDocument *string `min:"1" type:"string" required:"true"`
35398
35399	// The name of the role to update with the new policy.
35400	//
35401	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
35402	// a string of characters consisting of upper and lowercase alphanumeric characters
35403	// with no spaces. You can also include any of the following characters: _+=,.@-
35404	//
35405	// RoleName is a required field
35406	RoleName *string `min:"1" type:"string" required:"true"`
35407}
35408
35409// String returns the string representation
35410func (s UpdateAssumeRolePolicyInput) String() string {
35411	return awsutil.Prettify(s)
35412}
35413
35414// GoString returns the string representation
35415func (s UpdateAssumeRolePolicyInput) GoString() string {
35416	return s.String()
35417}
35418
35419// Validate inspects the fields of the type to determine if they are valid.
35420func (s *UpdateAssumeRolePolicyInput) Validate() error {
35421	invalidParams := request.ErrInvalidParams{Context: "UpdateAssumeRolePolicyInput"}
35422	if s.PolicyDocument == nil {
35423		invalidParams.Add(request.NewErrParamRequired("PolicyDocument"))
35424	}
35425	if s.PolicyDocument != nil && len(*s.PolicyDocument) < 1 {
35426		invalidParams.Add(request.NewErrParamMinLen("PolicyDocument", 1))
35427	}
35428	if s.RoleName == nil {
35429		invalidParams.Add(request.NewErrParamRequired("RoleName"))
35430	}
35431	if s.RoleName != nil && len(*s.RoleName) < 1 {
35432		invalidParams.Add(request.NewErrParamMinLen("RoleName", 1))
35433	}
35434
35435	if invalidParams.Len() > 0 {
35436		return invalidParams
35437	}
35438	return nil
35439}
35440
35441// SetPolicyDocument sets the PolicyDocument field's value.
35442func (s *UpdateAssumeRolePolicyInput) SetPolicyDocument(v string) *UpdateAssumeRolePolicyInput {
35443	s.PolicyDocument = &v
35444	return s
35445}
35446
35447// SetRoleName sets the RoleName field's value.
35448func (s *UpdateAssumeRolePolicyInput) SetRoleName(v string) *UpdateAssumeRolePolicyInput {
35449	s.RoleName = &v
35450	return s
35451}
35452
35453type UpdateAssumeRolePolicyOutput struct {
35454	_ struct{} `type:"structure"`
35455}
35456
35457// String returns the string representation
35458func (s UpdateAssumeRolePolicyOutput) String() string {
35459	return awsutil.Prettify(s)
35460}
35461
35462// GoString returns the string representation
35463func (s UpdateAssumeRolePolicyOutput) GoString() string {
35464	return s.String()
35465}
35466
35467type UpdateGroupInput struct {
35468	_ struct{} `type:"structure"`
35469
35470	// Name of the IAM group to update. If you're changing the name of the group,
35471	// this is the original name.
35472	//
35473	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
35474	// a string of characters consisting of upper and lowercase alphanumeric characters
35475	// with no spaces. You can also include any of the following characters: _+=,.@-
35476	//
35477	// GroupName is a required field
35478	GroupName *string `min:"1" type:"string" required:"true"`
35479
35480	// New name for the IAM group. Only include this if changing the group's name.
35481	//
35482	// IAM user, group, role, and policy names must be unique within the account.
35483	// Names are not distinguished by case. For example, you cannot create resources
35484	// named both "MyResource" and "myresource".
35485	NewGroupName *string `min:"1" type:"string"`
35486
35487	// New path for the IAM group. Only include this if changing the group's path.
35488	//
35489	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
35490	// a string of characters consisting of either a forward slash (/) by itself
35491	// or a string that must begin and end with forward slashes. In addition, it
35492	// can contain any ASCII character from the ! (\u0021) through the DEL character
35493	// (\u007F), including most punctuation characters, digits, and upper and lowercased
35494	// letters.
35495	NewPath *string `min:"1" type:"string"`
35496}
35497
35498// String returns the string representation
35499func (s UpdateGroupInput) String() string {
35500	return awsutil.Prettify(s)
35501}
35502
35503// GoString returns the string representation
35504func (s UpdateGroupInput) GoString() string {
35505	return s.String()
35506}
35507
35508// Validate inspects the fields of the type to determine if they are valid.
35509func (s *UpdateGroupInput) Validate() error {
35510	invalidParams := request.ErrInvalidParams{Context: "UpdateGroupInput"}
35511	if s.GroupName == nil {
35512		invalidParams.Add(request.NewErrParamRequired("GroupName"))
35513	}
35514	if s.GroupName != nil && len(*s.GroupName) < 1 {
35515		invalidParams.Add(request.NewErrParamMinLen("GroupName", 1))
35516	}
35517	if s.NewGroupName != nil && len(*s.NewGroupName) < 1 {
35518		invalidParams.Add(request.NewErrParamMinLen("NewGroupName", 1))
35519	}
35520	if s.NewPath != nil && len(*s.NewPath) < 1 {
35521		invalidParams.Add(request.NewErrParamMinLen("NewPath", 1))
35522	}
35523
35524	if invalidParams.Len() > 0 {
35525		return invalidParams
35526	}
35527	return nil
35528}
35529
35530// SetGroupName sets the GroupName field's value.
35531func (s *UpdateGroupInput) SetGroupName(v string) *UpdateGroupInput {
35532	s.GroupName = &v
35533	return s
35534}
35535
35536// SetNewGroupName sets the NewGroupName field's value.
35537func (s *UpdateGroupInput) SetNewGroupName(v string) *UpdateGroupInput {
35538	s.NewGroupName = &v
35539	return s
35540}
35541
35542// SetNewPath sets the NewPath field's value.
35543func (s *UpdateGroupInput) SetNewPath(v string) *UpdateGroupInput {
35544	s.NewPath = &v
35545	return s
35546}
35547
35548type UpdateGroupOutput struct {
35549	_ struct{} `type:"structure"`
35550}
35551
35552// String returns the string representation
35553func (s UpdateGroupOutput) String() string {
35554	return awsutil.Prettify(s)
35555}
35556
35557// GoString returns the string representation
35558func (s UpdateGroupOutput) GoString() string {
35559	return s.String()
35560}
35561
35562type UpdateLoginProfileInput struct {
35563	_ struct{} `type:"structure"`
35564
35565	// The new password for the specified IAM user.
35566	//
35567	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
35568	// parameter is a string of characters consisting of the following:
35569	//
35570	//    * Any printable ASCII character ranging from the space character (\u0020)
35571	//    through the end of the ASCII character range
35572	//
35573	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
35574	//    set (through \u00FF)
35575	//
35576	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
35577	//    return (\u000D)
35578	//
35579	// However, the format can be further restricted by the account administrator
35580	// by setting a password policy on the AWS account. For more information, see
35581	// UpdateAccountPasswordPolicy.
35582	Password *string `min:"1" type:"string" sensitive:"true"`
35583
35584	// Allows this new password to be used only once by requiring the specified
35585	// IAM user to set a new password on next sign-in.
35586	PasswordResetRequired *bool `type:"boolean"`
35587
35588	// The name of the user whose password you want to update.
35589	//
35590	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
35591	// a string of characters consisting of upper and lowercase alphanumeric characters
35592	// with no spaces. You can also include any of the following characters: _+=,.@-
35593	//
35594	// UserName is a required field
35595	UserName *string `min:"1" type:"string" required:"true"`
35596}
35597
35598// String returns the string representation
35599func (s UpdateLoginProfileInput) String() string {
35600	return awsutil.Prettify(s)
35601}
35602
35603// GoString returns the string representation
35604func (s UpdateLoginProfileInput) GoString() string {
35605	return s.String()
35606}
35607
35608// Validate inspects the fields of the type to determine if they are valid.
35609func (s *UpdateLoginProfileInput) Validate() error {
35610	invalidParams := request.ErrInvalidParams{Context: "UpdateLoginProfileInput"}
35611	if s.Password != nil && len(*s.Password) < 1 {
35612		invalidParams.Add(request.NewErrParamMinLen("Password", 1))
35613	}
35614	if s.UserName == nil {
35615		invalidParams.Add(request.NewErrParamRequired("UserName"))
35616	}
35617	if s.UserName != nil && len(*s.UserName) < 1 {
35618		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
35619	}
35620
35621	if invalidParams.Len() > 0 {
35622		return invalidParams
35623	}
35624	return nil
35625}
35626
35627// SetPassword sets the Password field's value.
35628func (s *UpdateLoginProfileInput) SetPassword(v string) *UpdateLoginProfileInput {
35629	s.Password = &v
35630	return s
35631}
35632
35633// SetPasswordResetRequired sets the PasswordResetRequired field's value.
35634func (s *UpdateLoginProfileInput) SetPasswordResetRequired(v bool) *UpdateLoginProfileInput {
35635	s.PasswordResetRequired = &v
35636	return s
35637}
35638
35639// SetUserName sets the UserName field's value.
35640func (s *UpdateLoginProfileInput) SetUserName(v string) *UpdateLoginProfileInput {
35641	s.UserName = &v
35642	return s
35643}
35644
35645type UpdateLoginProfileOutput struct {
35646	_ struct{} `type:"structure"`
35647}
35648
35649// String returns the string representation
35650func (s UpdateLoginProfileOutput) String() string {
35651	return awsutil.Prettify(s)
35652}
35653
35654// GoString returns the string representation
35655func (s UpdateLoginProfileOutput) GoString() string {
35656	return s.String()
35657}
35658
35659type UpdateOpenIDConnectProviderThumbprintInput struct {
35660	_ struct{} `type:"structure"`
35661
35662	// The Amazon Resource Name (ARN) of the IAM OIDC provider resource object for
35663	// which you want to update the thumbprint. You can get a list of OIDC provider
35664	// ARNs by using the ListOpenIDConnectProviders operation.
35665	//
35666	// For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
35667	// in the AWS General Reference.
35668	//
35669	// OpenIDConnectProviderArn is a required field
35670	OpenIDConnectProviderArn *string `min:"20" type:"string" required:"true"`
35671
35672	// A list of certificate thumbprints that are associated with the specified
35673	// IAM OpenID Connect provider. For more information, see CreateOpenIDConnectProvider.
35674	//
35675	// ThumbprintList is a required field
35676	ThumbprintList []*string `type:"list" required:"true"`
35677}
35678
35679// String returns the string representation
35680func (s UpdateOpenIDConnectProviderThumbprintInput) String() string {
35681	return awsutil.Prettify(s)
35682}
35683
35684// GoString returns the string representation
35685func (s UpdateOpenIDConnectProviderThumbprintInput) GoString() string {
35686	return s.String()
35687}
35688
35689// Validate inspects the fields of the type to determine if they are valid.
35690func (s *UpdateOpenIDConnectProviderThumbprintInput) Validate() error {
35691	invalidParams := request.ErrInvalidParams{Context: "UpdateOpenIDConnectProviderThumbprintInput"}
35692	if s.OpenIDConnectProviderArn == nil {
35693		invalidParams.Add(request.NewErrParamRequired("OpenIDConnectProviderArn"))
35694	}
35695	if s.OpenIDConnectProviderArn != nil && len(*s.OpenIDConnectProviderArn) < 20 {
35696		invalidParams.Add(request.NewErrParamMinLen("OpenIDConnectProviderArn", 20))
35697	}
35698	if s.ThumbprintList == nil {
35699		invalidParams.Add(request.NewErrParamRequired("ThumbprintList"))
35700	}
35701
35702	if invalidParams.Len() > 0 {
35703		return invalidParams
35704	}
35705	return nil
35706}
35707
35708// SetOpenIDConnectProviderArn sets the OpenIDConnectProviderArn field's value.
35709func (s *UpdateOpenIDConnectProviderThumbprintInput) SetOpenIDConnectProviderArn(v string) *UpdateOpenIDConnectProviderThumbprintInput {
35710	s.OpenIDConnectProviderArn = &v
35711	return s
35712}
35713
35714// SetThumbprintList sets the ThumbprintList field's value.
35715func (s *UpdateOpenIDConnectProviderThumbprintInput) SetThumbprintList(v []*string) *UpdateOpenIDConnectProviderThumbprintInput {
35716	s.ThumbprintList = v
35717	return s
35718}
35719
35720type UpdateOpenIDConnectProviderThumbprintOutput struct {
35721	_ struct{} `type:"structure"`
35722}
35723
35724// String returns the string representation
35725func (s UpdateOpenIDConnectProviderThumbprintOutput) String() string {
35726	return awsutil.Prettify(s)
35727}
35728
35729// GoString returns the string representation
35730func (s UpdateOpenIDConnectProviderThumbprintOutput) GoString() string {
35731	return s.String()
35732}
35733
35734type UpdateRoleDescriptionInput struct {
35735	_ struct{} `type:"structure"`
35736
35737	// The new description that you want to apply to the specified role.
35738	//
35739	// Description is a required field
35740	Description *string `type:"string" required:"true"`
35741
35742	// The name of the role that you want to modify.
35743	//
35744	// RoleName is a required field
35745	RoleName *string `min:"1" type:"string" required:"true"`
35746}
35747
35748// String returns the string representation
35749func (s UpdateRoleDescriptionInput) String() string {
35750	return awsutil.Prettify(s)
35751}
35752
35753// GoString returns the string representation
35754func (s UpdateRoleDescriptionInput) GoString() string {
35755	return s.String()
35756}
35757
35758// Validate inspects the fields of the type to determine if they are valid.
35759func (s *UpdateRoleDescriptionInput) Validate() error {
35760	invalidParams := request.ErrInvalidParams{Context: "UpdateRoleDescriptionInput"}
35761	if s.Description == nil {
35762		invalidParams.Add(request.NewErrParamRequired("Description"))
35763	}
35764	if s.RoleName == nil {
35765		invalidParams.Add(request.NewErrParamRequired("RoleName"))
35766	}
35767	if s.RoleName != nil && len(*s.RoleName) < 1 {
35768		invalidParams.Add(request.NewErrParamMinLen("RoleName", 1))
35769	}
35770
35771	if invalidParams.Len() > 0 {
35772		return invalidParams
35773	}
35774	return nil
35775}
35776
35777// SetDescription sets the Description field's value.
35778func (s *UpdateRoleDescriptionInput) SetDescription(v string) *UpdateRoleDescriptionInput {
35779	s.Description = &v
35780	return s
35781}
35782
35783// SetRoleName sets the RoleName field's value.
35784func (s *UpdateRoleDescriptionInput) SetRoleName(v string) *UpdateRoleDescriptionInput {
35785	s.RoleName = &v
35786	return s
35787}
35788
35789type UpdateRoleDescriptionOutput struct {
35790	_ struct{} `type:"structure"`
35791
35792	// A structure that contains details about the modified role.
35793	Role *Role `type:"structure"`
35794}
35795
35796// String returns the string representation
35797func (s UpdateRoleDescriptionOutput) String() string {
35798	return awsutil.Prettify(s)
35799}
35800
35801// GoString returns the string representation
35802func (s UpdateRoleDescriptionOutput) GoString() string {
35803	return s.String()
35804}
35805
35806// SetRole sets the Role field's value.
35807func (s *UpdateRoleDescriptionOutput) SetRole(v *Role) *UpdateRoleDescriptionOutput {
35808	s.Role = v
35809	return s
35810}
35811
35812type UpdateRoleInput struct {
35813	_ struct{} `type:"structure"`
35814
35815	// The new description that you want to apply to the specified role.
35816	Description *string `type:"string"`
35817
35818	// The maximum session duration (in seconds) that you want to set for the specified
35819	// role. If you do not specify a value for this setting, the default maximum
35820	// of one hour is applied. This setting can have a value from 1 hour to 12 hours.
35821	//
35822	// Anyone who assumes the role from the AWS CLI or API can use the DurationSeconds
35823	// API parameter or the duration-seconds CLI parameter to request a longer session.
35824	// The MaxSessionDuration setting determines the maximum duration that can be
35825	// requested using the DurationSeconds parameter. If users don't specify a value
35826	// for the DurationSeconds parameter, their security credentials are valid for
35827	// one hour by default. This applies when you use the AssumeRole* API operations
35828	// or the assume-role* CLI operations but does not apply when you use those
35829	// operations to create a console URL. For more information, see Using IAM roles
35830	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use.html) in the
35831	// IAM User Guide.
35832	MaxSessionDuration *int64 `min:"3600" type:"integer"`
35833
35834	// The name of the role that you want to modify.
35835	//
35836	// RoleName is a required field
35837	RoleName *string `min:"1" type:"string" required:"true"`
35838}
35839
35840// String returns the string representation
35841func (s UpdateRoleInput) String() string {
35842	return awsutil.Prettify(s)
35843}
35844
35845// GoString returns the string representation
35846func (s UpdateRoleInput) GoString() string {
35847	return s.String()
35848}
35849
35850// Validate inspects the fields of the type to determine if they are valid.
35851func (s *UpdateRoleInput) Validate() error {
35852	invalidParams := request.ErrInvalidParams{Context: "UpdateRoleInput"}
35853	if s.MaxSessionDuration != nil && *s.MaxSessionDuration < 3600 {
35854		invalidParams.Add(request.NewErrParamMinValue("MaxSessionDuration", 3600))
35855	}
35856	if s.RoleName == nil {
35857		invalidParams.Add(request.NewErrParamRequired("RoleName"))
35858	}
35859	if s.RoleName != nil && len(*s.RoleName) < 1 {
35860		invalidParams.Add(request.NewErrParamMinLen("RoleName", 1))
35861	}
35862
35863	if invalidParams.Len() > 0 {
35864		return invalidParams
35865	}
35866	return nil
35867}
35868
35869// SetDescription sets the Description field's value.
35870func (s *UpdateRoleInput) SetDescription(v string) *UpdateRoleInput {
35871	s.Description = &v
35872	return s
35873}
35874
35875// SetMaxSessionDuration sets the MaxSessionDuration field's value.
35876func (s *UpdateRoleInput) SetMaxSessionDuration(v int64) *UpdateRoleInput {
35877	s.MaxSessionDuration = &v
35878	return s
35879}
35880
35881// SetRoleName sets the RoleName field's value.
35882func (s *UpdateRoleInput) SetRoleName(v string) *UpdateRoleInput {
35883	s.RoleName = &v
35884	return s
35885}
35886
35887type UpdateRoleOutput struct {
35888	_ struct{} `type:"structure"`
35889}
35890
35891// String returns the string representation
35892func (s UpdateRoleOutput) String() string {
35893	return awsutil.Prettify(s)
35894}
35895
35896// GoString returns the string representation
35897func (s UpdateRoleOutput) GoString() string {
35898	return s.String()
35899}
35900
35901type UpdateSAMLProviderInput struct {
35902	_ struct{} `type:"structure"`
35903
35904	// An XML document generated by an identity provider (IdP) that supports SAML
35905	// 2.0. The document includes the issuer's name, expiration information, and
35906	// keys that can be used to validate the SAML authentication response (assertions)
35907	// that are received from the IdP. You must generate the metadata document using
35908	// the identity management software that is used as your organization's IdP.
35909	//
35910	// SAMLMetadataDocument is a required field
35911	SAMLMetadataDocument *string `min:"1000" type:"string" required:"true"`
35912
35913	// The Amazon Resource Name (ARN) of the SAML provider to update.
35914	//
35915	// For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
35916	// in the AWS General Reference.
35917	//
35918	// SAMLProviderArn is a required field
35919	SAMLProviderArn *string `min:"20" type:"string" required:"true"`
35920}
35921
35922// String returns the string representation
35923func (s UpdateSAMLProviderInput) String() string {
35924	return awsutil.Prettify(s)
35925}
35926
35927// GoString returns the string representation
35928func (s UpdateSAMLProviderInput) GoString() string {
35929	return s.String()
35930}
35931
35932// Validate inspects the fields of the type to determine if they are valid.
35933func (s *UpdateSAMLProviderInput) Validate() error {
35934	invalidParams := request.ErrInvalidParams{Context: "UpdateSAMLProviderInput"}
35935	if s.SAMLMetadataDocument == nil {
35936		invalidParams.Add(request.NewErrParamRequired("SAMLMetadataDocument"))
35937	}
35938	if s.SAMLMetadataDocument != nil && len(*s.SAMLMetadataDocument) < 1000 {
35939		invalidParams.Add(request.NewErrParamMinLen("SAMLMetadataDocument", 1000))
35940	}
35941	if s.SAMLProviderArn == nil {
35942		invalidParams.Add(request.NewErrParamRequired("SAMLProviderArn"))
35943	}
35944	if s.SAMLProviderArn != nil && len(*s.SAMLProviderArn) < 20 {
35945		invalidParams.Add(request.NewErrParamMinLen("SAMLProviderArn", 20))
35946	}
35947
35948	if invalidParams.Len() > 0 {
35949		return invalidParams
35950	}
35951	return nil
35952}
35953
35954// SetSAMLMetadataDocument sets the SAMLMetadataDocument field's value.
35955func (s *UpdateSAMLProviderInput) SetSAMLMetadataDocument(v string) *UpdateSAMLProviderInput {
35956	s.SAMLMetadataDocument = &v
35957	return s
35958}
35959
35960// SetSAMLProviderArn sets the SAMLProviderArn field's value.
35961func (s *UpdateSAMLProviderInput) SetSAMLProviderArn(v string) *UpdateSAMLProviderInput {
35962	s.SAMLProviderArn = &v
35963	return s
35964}
35965
35966// Contains the response to a successful UpdateSAMLProvider request.
35967type UpdateSAMLProviderOutput struct {
35968	_ struct{} `type:"structure"`
35969
35970	// The Amazon Resource Name (ARN) of the SAML provider that was updated.
35971	SAMLProviderArn *string `min:"20" type:"string"`
35972}
35973
35974// String returns the string representation
35975func (s UpdateSAMLProviderOutput) String() string {
35976	return awsutil.Prettify(s)
35977}
35978
35979// GoString returns the string representation
35980func (s UpdateSAMLProviderOutput) GoString() string {
35981	return s.String()
35982}
35983
35984// SetSAMLProviderArn sets the SAMLProviderArn field's value.
35985func (s *UpdateSAMLProviderOutput) SetSAMLProviderArn(v string) *UpdateSAMLProviderOutput {
35986	s.SAMLProviderArn = &v
35987	return s
35988}
35989
35990type UpdateSSHPublicKeyInput struct {
35991	_ struct{} `type:"structure"`
35992
35993	// The unique identifier for the SSH public key.
35994	//
35995	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
35996	// a string of characters that can consist of any upper or lowercased letter
35997	// or digit.
35998	//
35999	// SSHPublicKeyId is a required field
36000	SSHPublicKeyId *string `min:"20" type:"string" required:"true"`
36001
36002	// The status to assign to the SSH public key. Active means that the key can
36003	// be used for authentication with an AWS CodeCommit repository. Inactive means
36004	// that the key cannot be used.
36005	//
36006	// Status is a required field
36007	Status *string `type:"string" required:"true" enum:"StatusType"`
36008
36009	// The name of the IAM user associated with the SSH public key.
36010	//
36011	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
36012	// a string of characters consisting of upper and lowercase alphanumeric characters
36013	// with no spaces. You can also include any of the following characters: _+=,.@-
36014	//
36015	// UserName is a required field
36016	UserName *string `min:"1" type:"string" required:"true"`
36017}
36018
36019// String returns the string representation
36020func (s UpdateSSHPublicKeyInput) String() string {
36021	return awsutil.Prettify(s)
36022}
36023
36024// GoString returns the string representation
36025func (s UpdateSSHPublicKeyInput) GoString() string {
36026	return s.String()
36027}
36028
36029// Validate inspects the fields of the type to determine if they are valid.
36030func (s *UpdateSSHPublicKeyInput) Validate() error {
36031	invalidParams := request.ErrInvalidParams{Context: "UpdateSSHPublicKeyInput"}
36032	if s.SSHPublicKeyId == nil {
36033		invalidParams.Add(request.NewErrParamRequired("SSHPublicKeyId"))
36034	}
36035	if s.SSHPublicKeyId != nil && len(*s.SSHPublicKeyId) < 20 {
36036		invalidParams.Add(request.NewErrParamMinLen("SSHPublicKeyId", 20))
36037	}
36038	if s.Status == nil {
36039		invalidParams.Add(request.NewErrParamRequired("Status"))
36040	}
36041	if s.UserName == nil {
36042		invalidParams.Add(request.NewErrParamRequired("UserName"))
36043	}
36044	if s.UserName != nil && len(*s.UserName) < 1 {
36045		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
36046	}
36047
36048	if invalidParams.Len() > 0 {
36049		return invalidParams
36050	}
36051	return nil
36052}
36053
36054// SetSSHPublicKeyId sets the SSHPublicKeyId field's value.
36055func (s *UpdateSSHPublicKeyInput) SetSSHPublicKeyId(v string) *UpdateSSHPublicKeyInput {
36056	s.SSHPublicKeyId = &v
36057	return s
36058}
36059
36060// SetStatus sets the Status field's value.
36061func (s *UpdateSSHPublicKeyInput) SetStatus(v string) *UpdateSSHPublicKeyInput {
36062	s.Status = &v
36063	return s
36064}
36065
36066// SetUserName sets the UserName field's value.
36067func (s *UpdateSSHPublicKeyInput) SetUserName(v string) *UpdateSSHPublicKeyInput {
36068	s.UserName = &v
36069	return s
36070}
36071
36072type UpdateSSHPublicKeyOutput struct {
36073	_ struct{} `type:"structure"`
36074}
36075
36076// String returns the string representation
36077func (s UpdateSSHPublicKeyOutput) String() string {
36078	return awsutil.Prettify(s)
36079}
36080
36081// GoString returns the string representation
36082func (s UpdateSSHPublicKeyOutput) GoString() string {
36083	return s.String()
36084}
36085
36086type UpdateServerCertificateInput struct {
36087	_ struct{} `type:"structure"`
36088
36089	// The new path for the server certificate. Include this only if you are updating
36090	// the server certificate's path.
36091	//
36092	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
36093	// a string of characters consisting of either a forward slash (/) by itself
36094	// or a string that must begin and end with forward slashes. In addition, it
36095	// can contain any ASCII character from the ! (\u0021) through the DEL character
36096	// (\u007F), including most punctuation characters, digits, and upper and lowercased
36097	// letters.
36098	NewPath *string `min:"1" type:"string"`
36099
36100	// The new name for the server certificate. Include this only if you are updating
36101	// the server certificate's name. The name of the certificate cannot contain
36102	// any spaces.
36103	//
36104	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
36105	// a string of characters consisting of upper and lowercase alphanumeric characters
36106	// with no spaces. You can also include any of the following characters: _+=,.@-
36107	NewServerCertificateName *string `min:"1" type:"string"`
36108
36109	// The name of the server certificate that you want to update.
36110	//
36111	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
36112	// a string of characters consisting of upper and lowercase alphanumeric characters
36113	// with no spaces. You can also include any of the following characters: _+=,.@-
36114	//
36115	// ServerCertificateName is a required field
36116	ServerCertificateName *string `min:"1" type:"string" required:"true"`
36117}
36118
36119// String returns the string representation
36120func (s UpdateServerCertificateInput) String() string {
36121	return awsutil.Prettify(s)
36122}
36123
36124// GoString returns the string representation
36125func (s UpdateServerCertificateInput) GoString() string {
36126	return s.String()
36127}
36128
36129// Validate inspects the fields of the type to determine if they are valid.
36130func (s *UpdateServerCertificateInput) Validate() error {
36131	invalidParams := request.ErrInvalidParams{Context: "UpdateServerCertificateInput"}
36132	if s.NewPath != nil && len(*s.NewPath) < 1 {
36133		invalidParams.Add(request.NewErrParamMinLen("NewPath", 1))
36134	}
36135	if s.NewServerCertificateName != nil && len(*s.NewServerCertificateName) < 1 {
36136		invalidParams.Add(request.NewErrParamMinLen("NewServerCertificateName", 1))
36137	}
36138	if s.ServerCertificateName == nil {
36139		invalidParams.Add(request.NewErrParamRequired("ServerCertificateName"))
36140	}
36141	if s.ServerCertificateName != nil && len(*s.ServerCertificateName) < 1 {
36142		invalidParams.Add(request.NewErrParamMinLen("ServerCertificateName", 1))
36143	}
36144
36145	if invalidParams.Len() > 0 {
36146		return invalidParams
36147	}
36148	return nil
36149}
36150
36151// SetNewPath sets the NewPath field's value.
36152func (s *UpdateServerCertificateInput) SetNewPath(v string) *UpdateServerCertificateInput {
36153	s.NewPath = &v
36154	return s
36155}
36156
36157// SetNewServerCertificateName sets the NewServerCertificateName field's value.
36158func (s *UpdateServerCertificateInput) SetNewServerCertificateName(v string) *UpdateServerCertificateInput {
36159	s.NewServerCertificateName = &v
36160	return s
36161}
36162
36163// SetServerCertificateName sets the ServerCertificateName field's value.
36164func (s *UpdateServerCertificateInput) SetServerCertificateName(v string) *UpdateServerCertificateInput {
36165	s.ServerCertificateName = &v
36166	return s
36167}
36168
36169type UpdateServerCertificateOutput struct {
36170	_ struct{} `type:"structure"`
36171}
36172
36173// String returns the string representation
36174func (s UpdateServerCertificateOutput) String() string {
36175	return awsutil.Prettify(s)
36176}
36177
36178// GoString returns the string representation
36179func (s UpdateServerCertificateOutput) GoString() string {
36180	return s.String()
36181}
36182
36183type UpdateServiceSpecificCredentialInput struct {
36184	_ struct{} `type:"structure"`
36185
36186	// The unique identifier of the service-specific credential.
36187	//
36188	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
36189	// a string of characters that can consist of any upper or lowercased letter
36190	// or digit.
36191	//
36192	// ServiceSpecificCredentialId is a required field
36193	ServiceSpecificCredentialId *string `min:"20" type:"string" required:"true"`
36194
36195	// The status to be assigned to the service-specific credential.
36196	//
36197	// Status is a required field
36198	Status *string `type:"string" required:"true" enum:"StatusType"`
36199
36200	// The name of the IAM user associated with the service-specific credential.
36201	// If you do not specify this value, then the operation assumes the user whose
36202	// credentials are used to call the operation.
36203	//
36204	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
36205	// a string of characters consisting of upper and lowercase alphanumeric characters
36206	// with no spaces. You can also include any of the following characters: _+=,.@-
36207	UserName *string `min:"1" type:"string"`
36208}
36209
36210// String returns the string representation
36211func (s UpdateServiceSpecificCredentialInput) String() string {
36212	return awsutil.Prettify(s)
36213}
36214
36215// GoString returns the string representation
36216func (s UpdateServiceSpecificCredentialInput) GoString() string {
36217	return s.String()
36218}
36219
36220// Validate inspects the fields of the type to determine if they are valid.
36221func (s *UpdateServiceSpecificCredentialInput) Validate() error {
36222	invalidParams := request.ErrInvalidParams{Context: "UpdateServiceSpecificCredentialInput"}
36223	if s.ServiceSpecificCredentialId == nil {
36224		invalidParams.Add(request.NewErrParamRequired("ServiceSpecificCredentialId"))
36225	}
36226	if s.ServiceSpecificCredentialId != nil && len(*s.ServiceSpecificCredentialId) < 20 {
36227		invalidParams.Add(request.NewErrParamMinLen("ServiceSpecificCredentialId", 20))
36228	}
36229	if s.Status == nil {
36230		invalidParams.Add(request.NewErrParamRequired("Status"))
36231	}
36232	if s.UserName != nil && len(*s.UserName) < 1 {
36233		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
36234	}
36235
36236	if invalidParams.Len() > 0 {
36237		return invalidParams
36238	}
36239	return nil
36240}
36241
36242// SetServiceSpecificCredentialId sets the ServiceSpecificCredentialId field's value.
36243func (s *UpdateServiceSpecificCredentialInput) SetServiceSpecificCredentialId(v string) *UpdateServiceSpecificCredentialInput {
36244	s.ServiceSpecificCredentialId = &v
36245	return s
36246}
36247
36248// SetStatus sets the Status field's value.
36249func (s *UpdateServiceSpecificCredentialInput) SetStatus(v string) *UpdateServiceSpecificCredentialInput {
36250	s.Status = &v
36251	return s
36252}
36253
36254// SetUserName sets the UserName field's value.
36255func (s *UpdateServiceSpecificCredentialInput) SetUserName(v string) *UpdateServiceSpecificCredentialInput {
36256	s.UserName = &v
36257	return s
36258}
36259
36260type UpdateServiceSpecificCredentialOutput struct {
36261	_ struct{} `type:"structure"`
36262}
36263
36264// String returns the string representation
36265func (s UpdateServiceSpecificCredentialOutput) String() string {
36266	return awsutil.Prettify(s)
36267}
36268
36269// GoString returns the string representation
36270func (s UpdateServiceSpecificCredentialOutput) GoString() string {
36271	return s.String()
36272}
36273
36274type UpdateSigningCertificateInput struct {
36275	_ struct{} `type:"structure"`
36276
36277	// The ID of the signing certificate you want to update.
36278	//
36279	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
36280	// a string of characters that can consist of any upper or lowercased letter
36281	// or digit.
36282	//
36283	// CertificateId is a required field
36284	CertificateId *string `min:"24" type:"string" required:"true"`
36285
36286	// The status you want to assign to the certificate. Active means that the certificate
36287	// can be used for programmatic calls to AWS Inactive means that the certificate
36288	// cannot be used.
36289	//
36290	// Status is a required field
36291	Status *string `type:"string" required:"true" enum:"StatusType"`
36292
36293	// The name of the IAM user the signing certificate belongs to.
36294	//
36295	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
36296	// a string of characters consisting of upper and lowercase alphanumeric characters
36297	// with no spaces. You can also include any of the following characters: _+=,.@-
36298	UserName *string `min:"1" type:"string"`
36299}
36300
36301// String returns the string representation
36302func (s UpdateSigningCertificateInput) String() string {
36303	return awsutil.Prettify(s)
36304}
36305
36306// GoString returns the string representation
36307func (s UpdateSigningCertificateInput) GoString() string {
36308	return s.String()
36309}
36310
36311// Validate inspects the fields of the type to determine if they are valid.
36312func (s *UpdateSigningCertificateInput) Validate() error {
36313	invalidParams := request.ErrInvalidParams{Context: "UpdateSigningCertificateInput"}
36314	if s.CertificateId == nil {
36315		invalidParams.Add(request.NewErrParamRequired("CertificateId"))
36316	}
36317	if s.CertificateId != nil && len(*s.CertificateId) < 24 {
36318		invalidParams.Add(request.NewErrParamMinLen("CertificateId", 24))
36319	}
36320	if s.Status == nil {
36321		invalidParams.Add(request.NewErrParamRequired("Status"))
36322	}
36323	if s.UserName != nil && len(*s.UserName) < 1 {
36324		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
36325	}
36326
36327	if invalidParams.Len() > 0 {
36328		return invalidParams
36329	}
36330	return nil
36331}
36332
36333// SetCertificateId sets the CertificateId field's value.
36334func (s *UpdateSigningCertificateInput) SetCertificateId(v string) *UpdateSigningCertificateInput {
36335	s.CertificateId = &v
36336	return s
36337}
36338
36339// SetStatus sets the Status field's value.
36340func (s *UpdateSigningCertificateInput) SetStatus(v string) *UpdateSigningCertificateInput {
36341	s.Status = &v
36342	return s
36343}
36344
36345// SetUserName sets the UserName field's value.
36346func (s *UpdateSigningCertificateInput) SetUserName(v string) *UpdateSigningCertificateInput {
36347	s.UserName = &v
36348	return s
36349}
36350
36351type UpdateSigningCertificateOutput struct {
36352	_ struct{} `type:"structure"`
36353}
36354
36355// String returns the string representation
36356func (s UpdateSigningCertificateOutput) String() string {
36357	return awsutil.Prettify(s)
36358}
36359
36360// GoString returns the string representation
36361func (s UpdateSigningCertificateOutput) GoString() string {
36362	return s.String()
36363}
36364
36365type UpdateUserInput struct {
36366	_ struct{} `type:"structure"`
36367
36368	// New path for the IAM user. Include this parameter only if you're changing
36369	// the user's path.
36370	//
36371	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
36372	// a string of characters consisting of either a forward slash (/) by itself
36373	// or a string that must begin and end with forward slashes. In addition, it
36374	// can contain any ASCII character from the ! (\u0021) through the DEL character
36375	// (\u007F), including most punctuation characters, digits, and upper and lowercased
36376	// letters.
36377	NewPath *string `min:"1" type:"string"`
36378
36379	// New name for the user. Include this parameter only if you're changing the
36380	// user's name.
36381	//
36382	// IAM user, group, role, and policy names must be unique within the account.
36383	// Names are not distinguished by case. For example, you cannot create resources
36384	// named both "MyResource" and "myresource".
36385	NewUserName *string `min:"1" type:"string"`
36386
36387	// Name of the user to update. If you're changing the name of the user, this
36388	// is the original user name.
36389	//
36390	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
36391	// a string of characters consisting of upper and lowercase alphanumeric characters
36392	// with no spaces. You can also include any of the following characters: _+=,.@-
36393	//
36394	// UserName is a required field
36395	UserName *string `min:"1" type:"string" required:"true"`
36396}
36397
36398// String returns the string representation
36399func (s UpdateUserInput) String() string {
36400	return awsutil.Prettify(s)
36401}
36402
36403// GoString returns the string representation
36404func (s UpdateUserInput) GoString() string {
36405	return s.String()
36406}
36407
36408// Validate inspects the fields of the type to determine if they are valid.
36409func (s *UpdateUserInput) Validate() error {
36410	invalidParams := request.ErrInvalidParams{Context: "UpdateUserInput"}
36411	if s.NewPath != nil && len(*s.NewPath) < 1 {
36412		invalidParams.Add(request.NewErrParamMinLen("NewPath", 1))
36413	}
36414	if s.NewUserName != nil && len(*s.NewUserName) < 1 {
36415		invalidParams.Add(request.NewErrParamMinLen("NewUserName", 1))
36416	}
36417	if s.UserName == nil {
36418		invalidParams.Add(request.NewErrParamRequired("UserName"))
36419	}
36420	if s.UserName != nil && len(*s.UserName) < 1 {
36421		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
36422	}
36423
36424	if invalidParams.Len() > 0 {
36425		return invalidParams
36426	}
36427	return nil
36428}
36429
36430// SetNewPath sets the NewPath field's value.
36431func (s *UpdateUserInput) SetNewPath(v string) *UpdateUserInput {
36432	s.NewPath = &v
36433	return s
36434}
36435
36436// SetNewUserName sets the NewUserName field's value.
36437func (s *UpdateUserInput) SetNewUserName(v string) *UpdateUserInput {
36438	s.NewUserName = &v
36439	return s
36440}
36441
36442// SetUserName sets the UserName field's value.
36443func (s *UpdateUserInput) SetUserName(v string) *UpdateUserInput {
36444	s.UserName = &v
36445	return s
36446}
36447
36448type UpdateUserOutput struct {
36449	_ struct{} `type:"structure"`
36450}
36451
36452// String returns the string representation
36453func (s UpdateUserOutput) String() string {
36454	return awsutil.Prettify(s)
36455}
36456
36457// GoString returns the string representation
36458func (s UpdateUserOutput) GoString() string {
36459	return s.String()
36460}
36461
36462type UploadSSHPublicKeyInput struct {
36463	_ struct{} `type:"structure"`
36464
36465	// The SSH public key. The public key must be encoded in ssh-rsa format or PEM
36466	// format. The minimum bit-length of the public key is 2048 bits. For example,
36467	// you can generate a 2048-bit key, and the resulting PEM file is 1679 bytes
36468	// long.
36469	//
36470	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
36471	// parameter is a string of characters consisting of the following:
36472	//
36473	//    * Any printable ASCII character ranging from the space character (\u0020)
36474	//    through the end of the ASCII character range
36475	//
36476	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
36477	//    set (through \u00FF)
36478	//
36479	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
36480	//    return (\u000D)
36481	//
36482	// SSHPublicKeyBody is a required field
36483	SSHPublicKeyBody *string `min:"1" type:"string" required:"true"`
36484
36485	// The name of the IAM user to associate the SSH public key with.
36486	//
36487	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
36488	// a string of characters consisting of upper and lowercase alphanumeric characters
36489	// with no spaces. You can also include any of the following characters: _+=,.@-
36490	//
36491	// UserName is a required field
36492	UserName *string `min:"1" type:"string" required:"true"`
36493}
36494
36495// String returns the string representation
36496func (s UploadSSHPublicKeyInput) String() string {
36497	return awsutil.Prettify(s)
36498}
36499
36500// GoString returns the string representation
36501func (s UploadSSHPublicKeyInput) GoString() string {
36502	return s.String()
36503}
36504
36505// Validate inspects the fields of the type to determine if they are valid.
36506func (s *UploadSSHPublicKeyInput) Validate() error {
36507	invalidParams := request.ErrInvalidParams{Context: "UploadSSHPublicKeyInput"}
36508	if s.SSHPublicKeyBody == nil {
36509		invalidParams.Add(request.NewErrParamRequired("SSHPublicKeyBody"))
36510	}
36511	if s.SSHPublicKeyBody != nil && len(*s.SSHPublicKeyBody) < 1 {
36512		invalidParams.Add(request.NewErrParamMinLen("SSHPublicKeyBody", 1))
36513	}
36514	if s.UserName == nil {
36515		invalidParams.Add(request.NewErrParamRequired("UserName"))
36516	}
36517	if s.UserName != nil && len(*s.UserName) < 1 {
36518		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
36519	}
36520
36521	if invalidParams.Len() > 0 {
36522		return invalidParams
36523	}
36524	return nil
36525}
36526
36527// SetSSHPublicKeyBody sets the SSHPublicKeyBody field's value.
36528func (s *UploadSSHPublicKeyInput) SetSSHPublicKeyBody(v string) *UploadSSHPublicKeyInput {
36529	s.SSHPublicKeyBody = &v
36530	return s
36531}
36532
36533// SetUserName sets the UserName field's value.
36534func (s *UploadSSHPublicKeyInput) SetUserName(v string) *UploadSSHPublicKeyInput {
36535	s.UserName = &v
36536	return s
36537}
36538
36539// Contains the response to a successful UploadSSHPublicKey request.
36540type UploadSSHPublicKeyOutput struct {
36541	_ struct{} `type:"structure"`
36542
36543	// Contains information about the SSH public key.
36544	SSHPublicKey *SSHPublicKey `type:"structure"`
36545}
36546
36547// String returns the string representation
36548func (s UploadSSHPublicKeyOutput) String() string {
36549	return awsutil.Prettify(s)
36550}
36551
36552// GoString returns the string representation
36553func (s UploadSSHPublicKeyOutput) GoString() string {
36554	return s.String()
36555}
36556
36557// SetSSHPublicKey sets the SSHPublicKey field's value.
36558func (s *UploadSSHPublicKeyOutput) SetSSHPublicKey(v *SSHPublicKey) *UploadSSHPublicKeyOutput {
36559	s.SSHPublicKey = v
36560	return s
36561}
36562
36563type UploadServerCertificateInput struct {
36564	_ struct{} `type:"structure"`
36565
36566	// The contents of the public key certificate in PEM-encoded format.
36567	//
36568	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
36569	// parameter is a string of characters consisting of the following:
36570	//
36571	//    * Any printable ASCII character ranging from the space character (\u0020)
36572	//    through the end of the ASCII character range
36573	//
36574	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
36575	//    set (through \u00FF)
36576	//
36577	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
36578	//    return (\u000D)
36579	//
36580	// CertificateBody is a required field
36581	CertificateBody *string `min:"1" type:"string" required:"true"`
36582
36583	// The contents of the certificate chain. This is typically a concatenation
36584	// of the PEM-encoded public key certificates of the chain.
36585	//
36586	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
36587	// parameter is a string of characters consisting of the following:
36588	//
36589	//    * Any printable ASCII character ranging from the space character (\u0020)
36590	//    through the end of the ASCII character range
36591	//
36592	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
36593	//    set (through \u00FF)
36594	//
36595	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
36596	//    return (\u000D)
36597	CertificateChain *string `min:"1" type:"string"`
36598
36599	// The path for the server certificate. For more information about paths, see
36600	// IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
36601	// in the IAM User Guide.
36602	//
36603	// This parameter is optional. If it is not included, it defaults to a slash
36604	// (/). This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
36605	// a string of characters consisting of either a forward slash (/) by itself
36606	// or a string that must begin and end with forward slashes. In addition, it
36607	// can contain any ASCII character from the ! (\u0021) through the DEL character
36608	// (\u007F), including most punctuation characters, digits, and upper and lowercased
36609	// letters.
36610	//
36611	// If you are uploading a server certificate specifically for use with Amazon
36612	// CloudFront distributions, you must specify a path using the path parameter.
36613	// The path must begin with /cloudfront and must include a trailing slash (for
36614	// example, /cloudfront/test/).
36615	Path *string `min:"1" type:"string"`
36616
36617	// The contents of the private key in PEM-encoded format.
36618	//
36619	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
36620	// parameter is a string of characters consisting of the following:
36621	//
36622	//    * Any printable ASCII character ranging from the space character (\u0020)
36623	//    through the end of the ASCII character range
36624	//
36625	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
36626	//    set (through \u00FF)
36627	//
36628	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
36629	//    return (\u000D)
36630	//
36631	// PrivateKey is a required field
36632	PrivateKey *string `min:"1" type:"string" required:"true" sensitive:"true"`
36633
36634	// The name for the server certificate. Do not include the path in this value.
36635	// The name of the certificate cannot contain any spaces.
36636	//
36637	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
36638	// a string of characters consisting of upper and lowercase alphanumeric characters
36639	// with no spaces. You can also include any of the following characters: _+=,.@-
36640	//
36641	// ServerCertificateName is a required field
36642	ServerCertificateName *string `min:"1" type:"string" required:"true"`
36643
36644	// A list of tags that you want to attach to the new IAM server certificate
36645	// resource. Each tag consists of a key name and an associated value. For more
36646	// information about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
36647	// in the IAM User Guide.
36648	//
36649	// If any one of the tags is invalid or if you exceed the allowed maximum number
36650	// of tags, then the entire request fails and the resource is not created.
36651	Tags []*Tag `type:"list"`
36652}
36653
36654// String returns the string representation
36655func (s UploadServerCertificateInput) String() string {
36656	return awsutil.Prettify(s)
36657}
36658
36659// GoString returns the string representation
36660func (s UploadServerCertificateInput) GoString() string {
36661	return s.String()
36662}
36663
36664// Validate inspects the fields of the type to determine if they are valid.
36665func (s *UploadServerCertificateInput) Validate() error {
36666	invalidParams := request.ErrInvalidParams{Context: "UploadServerCertificateInput"}
36667	if s.CertificateBody == nil {
36668		invalidParams.Add(request.NewErrParamRequired("CertificateBody"))
36669	}
36670	if s.CertificateBody != nil && len(*s.CertificateBody) < 1 {
36671		invalidParams.Add(request.NewErrParamMinLen("CertificateBody", 1))
36672	}
36673	if s.CertificateChain != nil && len(*s.CertificateChain) < 1 {
36674		invalidParams.Add(request.NewErrParamMinLen("CertificateChain", 1))
36675	}
36676	if s.Path != nil && len(*s.Path) < 1 {
36677		invalidParams.Add(request.NewErrParamMinLen("Path", 1))
36678	}
36679	if s.PrivateKey == nil {
36680		invalidParams.Add(request.NewErrParamRequired("PrivateKey"))
36681	}
36682	if s.PrivateKey != nil && len(*s.PrivateKey) < 1 {
36683		invalidParams.Add(request.NewErrParamMinLen("PrivateKey", 1))
36684	}
36685	if s.ServerCertificateName == nil {
36686		invalidParams.Add(request.NewErrParamRequired("ServerCertificateName"))
36687	}
36688	if s.ServerCertificateName != nil && len(*s.ServerCertificateName) < 1 {
36689		invalidParams.Add(request.NewErrParamMinLen("ServerCertificateName", 1))
36690	}
36691	if s.Tags != nil {
36692		for i, v := range s.Tags {
36693			if v == nil {
36694				continue
36695			}
36696			if err := v.Validate(); err != nil {
36697				invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Tags", i), err.(request.ErrInvalidParams))
36698			}
36699		}
36700	}
36701
36702	if invalidParams.Len() > 0 {
36703		return invalidParams
36704	}
36705	return nil
36706}
36707
36708// SetCertificateBody sets the CertificateBody field's value.
36709func (s *UploadServerCertificateInput) SetCertificateBody(v string) *UploadServerCertificateInput {
36710	s.CertificateBody = &v
36711	return s
36712}
36713
36714// SetCertificateChain sets the CertificateChain field's value.
36715func (s *UploadServerCertificateInput) SetCertificateChain(v string) *UploadServerCertificateInput {
36716	s.CertificateChain = &v
36717	return s
36718}
36719
36720// SetPath sets the Path field's value.
36721func (s *UploadServerCertificateInput) SetPath(v string) *UploadServerCertificateInput {
36722	s.Path = &v
36723	return s
36724}
36725
36726// SetPrivateKey sets the PrivateKey field's value.
36727func (s *UploadServerCertificateInput) SetPrivateKey(v string) *UploadServerCertificateInput {
36728	s.PrivateKey = &v
36729	return s
36730}
36731
36732// SetServerCertificateName sets the ServerCertificateName field's value.
36733func (s *UploadServerCertificateInput) SetServerCertificateName(v string) *UploadServerCertificateInput {
36734	s.ServerCertificateName = &v
36735	return s
36736}
36737
36738// SetTags sets the Tags field's value.
36739func (s *UploadServerCertificateInput) SetTags(v []*Tag) *UploadServerCertificateInput {
36740	s.Tags = v
36741	return s
36742}
36743
36744// Contains the response to a successful UploadServerCertificate request.
36745type UploadServerCertificateOutput struct {
36746	_ struct{} `type:"structure"`
36747
36748	// The meta information of the uploaded server certificate without its certificate
36749	// body, certificate chain, and private key.
36750	ServerCertificateMetadata *ServerCertificateMetadata `type:"structure"`
36751
36752	// A list of tags that are attached to the new IAM server certificate. The returned
36753	// list of tags is sorted by tag key. For more information about tagging, see
36754	// Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
36755	// in the IAM User Guide.
36756	Tags []*Tag `type:"list"`
36757}
36758
36759// String returns the string representation
36760func (s UploadServerCertificateOutput) String() string {
36761	return awsutil.Prettify(s)
36762}
36763
36764// GoString returns the string representation
36765func (s UploadServerCertificateOutput) GoString() string {
36766	return s.String()
36767}
36768
36769// SetServerCertificateMetadata sets the ServerCertificateMetadata field's value.
36770func (s *UploadServerCertificateOutput) SetServerCertificateMetadata(v *ServerCertificateMetadata) *UploadServerCertificateOutput {
36771	s.ServerCertificateMetadata = v
36772	return s
36773}
36774
36775// SetTags sets the Tags field's value.
36776func (s *UploadServerCertificateOutput) SetTags(v []*Tag) *UploadServerCertificateOutput {
36777	s.Tags = v
36778	return s
36779}
36780
36781type UploadSigningCertificateInput struct {
36782	_ struct{} `type:"structure"`
36783
36784	// The contents of the signing certificate.
36785	//
36786	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
36787	// parameter is a string of characters consisting of the following:
36788	//
36789	//    * Any printable ASCII character ranging from the space character (\u0020)
36790	//    through the end of the ASCII character range
36791	//
36792	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
36793	//    set (through \u00FF)
36794	//
36795	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
36796	//    return (\u000D)
36797	//
36798	// CertificateBody is a required field
36799	CertificateBody *string `min:"1" type:"string" required:"true"`
36800
36801	// The name of the user the signing certificate is for.
36802	//
36803	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
36804	// a string of characters consisting of upper and lowercase alphanumeric characters
36805	// with no spaces. You can also include any of the following characters: _+=,.@-
36806	UserName *string `min:"1" type:"string"`
36807}
36808
36809// String returns the string representation
36810func (s UploadSigningCertificateInput) String() string {
36811	return awsutil.Prettify(s)
36812}
36813
36814// GoString returns the string representation
36815func (s UploadSigningCertificateInput) GoString() string {
36816	return s.String()
36817}
36818
36819// Validate inspects the fields of the type to determine if they are valid.
36820func (s *UploadSigningCertificateInput) Validate() error {
36821	invalidParams := request.ErrInvalidParams{Context: "UploadSigningCertificateInput"}
36822	if s.CertificateBody == nil {
36823		invalidParams.Add(request.NewErrParamRequired("CertificateBody"))
36824	}
36825	if s.CertificateBody != nil && len(*s.CertificateBody) < 1 {
36826		invalidParams.Add(request.NewErrParamMinLen("CertificateBody", 1))
36827	}
36828	if s.UserName != nil && len(*s.UserName) < 1 {
36829		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
36830	}
36831
36832	if invalidParams.Len() > 0 {
36833		return invalidParams
36834	}
36835	return nil
36836}
36837
36838// SetCertificateBody sets the CertificateBody field's value.
36839func (s *UploadSigningCertificateInput) SetCertificateBody(v string) *UploadSigningCertificateInput {
36840	s.CertificateBody = &v
36841	return s
36842}
36843
36844// SetUserName sets the UserName field's value.
36845func (s *UploadSigningCertificateInput) SetUserName(v string) *UploadSigningCertificateInput {
36846	s.UserName = &v
36847	return s
36848}
36849
36850// Contains the response to a successful UploadSigningCertificate request.
36851type UploadSigningCertificateOutput struct {
36852	_ struct{} `type:"structure"`
36853
36854	// Information about the certificate.
36855	//
36856	// Certificate is a required field
36857	Certificate *SigningCertificate `type:"structure" required:"true"`
36858}
36859
36860// String returns the string representation
36861func (s UploadSigningCertificateOutput) String() string {
36862	return awsutil.Prettify(s)
36863}
36864
36865// GoString returns the string representation
36866func (s UploadSigningCertificateOutput) GoString() string {
36867	return s.String()
36868}
36869
36870// SetCertificate sets the Certificate field's value.
36871func (s *UploadSigningCertificateOutput) SetCertificate(v *SigningCertificate) *UploadSigningCertificateOutput {
36872	s.Certificate = v
36873	return s
36874}
36875
36876// Contains information about an IAM user entity.
36877//
36878// This data type is used as a response element in the following operations:
36879//
36880//    * CreateUser
36881//
36882//    * GetUser
36883//
36884//    * ListUsers
36885type User struct {
36886	_ struct{} `type:"structure"`
36887
36888	// The Amazon Resource Name (ARN) that identifies the user. For more information
36889	// about ARNs and how to use ARNs in policies, see IAM Identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
36890	// in the IAM User Guide.
36891	//
36892	// Arn is a required field
36893	Arn *string `min:"20" type:"string" required:"true"`
36894
36895	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
36896	// when the user was created.
36897	//
36898	// CreateDate is a required field
36899	CreateDate *time.Time `type:"timestamp" required:"true"`
36900
36901	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
36902	// when the user's password was last used to sign in to an AWS website. For
36903	// a list of AWS websites that capture a user's last sign-in time, see the Credential
36904	// reports (https://docs.aws.amazon.com/IAM/latest/UserGuide/credential-reports.html)
36905	// topic in the IAM User Guide. If a password is used more than once in a five-minute
36906	// span, only the first use is returned in this field. If the field is null
36907	// (no value), then it indicates that they never signed in with a password.
36908	// This can be because:
36909	//
36910	//    * The user never had a password.
36911	//
36912	//    * A password exists but has not been used since IAM started tracking this
36913	//    information on October 20, 2014.
36914	//
36915	// A null value does not mean that the user never had a password. Also, if the
36916	// user does not currently have a password but had one in the past, then this
36917	// field contains the date and time the most recent password was used.
36918	//
36919	// This value is returned only in the GetUser and ListUsers operations.
36920	PasswordLastUsed *time.Time `type:"timestamp"`
36921
36922	// The path to the user. For more information about paths, see IAM identifiers
36923	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
36924	// in the IAM User Guide.
36925	//
36926	// The ARN of the policy used to set the permissions boundary for the user.
36927	//
36928	// Path is a required field
36929	Path *string `min:"1" type:"string" required:"true"`
36930
36931	// For more information about permissions boundaries, see Permissions boundaries
36932	// for IAM identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html)
36933	// in the IAM User Guide.
36934	PermissionsBoundary *AttachedPermissionsBoundary `type:"structure"`
36935
36936	// A list of tags that are associated with the user. For more information about
36937	// tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
36938	// in the IAM User Guide.
36939	Tags []*Tag `type:"list"`
36940
36941	// The stable and unique string identifying the user. For more information about
36942	// IDs, see IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
36943	// in the IAM User Guide.
36944	//
36945	// UserId is a required field
36946	UserId *string `min:"16" type:"string" required:"true"`
36947
36948	// The friendly name identifying the user.
36949	//
36950	// UserName is a required field
36951	UserName *string `min:"1" type:"string" required:"true"`
36952}
36953
36954// String returns the string representation
36955func (s User) String() string {
36956	return awsutil.Prettify(s)
36957}
36958
36959// GoString returns the string representation
36960func (s User) GoString() string {
36961	return s.String()
36962}
36963
36964// SetArn sets the Arn field's value.
36965func (s *User) SetArn(v string) *User {
36966	s.Arn = &v
36967	return s
36968}
36969
36970// SetCreateDate sets the CreateDate field's value.
36971func (s *User) SetCreateDate(v time.Time) *User {
36972	s.CreateDate = &v
36973	return s
36974}
36975
36976// SetPasswordLastUsed sets the PasswordLastUsed field's value.
36977func (s *User) SetPasswordLastUsed(v time.Time) *User {
36978	s.PasswordLastUsed = &v
36979	return s
36980}
36981
36982// SetPath sets the Path field's value.
36983func (s *User) SetPath(v string) *User {
36984	s.Path = &v
36985	return s
36986}
36987
36988// SetPermissionsBoundary sets the PermissionsBoundary field's value.
36989func (s *User) SetPermissionsBoundary(v *AttachedPermissionsBoundary) *User {
36990	s.PermissionsBoundary = v
36991	return s
36992}
36993
36994// SetTags sets the Tags field's value.
36995func (s *User) SetTags(v []*Tag) *User {
36996	s.Tags = v
36997	return s
36998}
36999
37000// SetUserId sets the UserId field's value.
37001func (s *User) SetUserId(v string) *User {
37002	s.UserId = &v
37003	return s
37004}
37005
37006// SetUserName sets the UserName field's value.
37007func (s *User) SetUserName(v string) *User {
37008	s.UserName = &v
37009	return s
37010}
37011
37012// Contains information about an IAM user, including all the user's policies
37013// and all the IAM groups the user is in.
37014//
37015// This data type is used as a response element in the GetAccountAuthorizationDetails
37016// operation.
37017type UserDetail struct {
37018	_ struct{} `type:"structure"`
37019
37020	// The Amazon Resource Name (ARN). ARNs are unique identifiers for AWS resources.
37021	//
37022	// For more information about ARNs, go to Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
37023	// in the AWS General Reference.
37024	Arn *string `min:"20" type:"string"`
37025
37026	// A list of the managed policies attached to the user.
37027	AttachedManagedPolicies []*AttachedPolicy `type:"list"`
37028
37029	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
37030	// when the user was created.
37031	CreateDate *time.Time `type:"timestamp"`
37032
37033	// A list of IAM groups that the user is in.
37034	GroupList []*string `type:"list"`
37035
37036	// The path to the user. For more information about paths, see IAM identifiers
37037	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
37038	// in the IAM User Guide.
37039	Path *string `min:"1" type:"string"`
37040
37041	// The ARN of the policy used to set the permissions boundary for the user.
37042	//
37043	// For more information about permissions boundaries, see Permissions boundaries
37044	// for IAM identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html)
37045	// in the IAM User Guide.
37046	PermissionsBoundary *AttachedPermissionsBoundary `type:"structure"`
37047
37048	// A list of tags that are associated with the user. For more information about
37049	// tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
37050	// in the IAM User Guide.
37051	Tags []*Tag `type:"list"`
37052
37053	// The stable and unique string identifying the user. For more information about
37054	// IDs, see IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
37055	// in the IAM User Guide.
37056	UserId *string `min:"16" type:"string"`
37057
37058	// The friendly name identifying the user.
37059	UserName *string `min:"1" type:"string"`
37060
37061	// A list of the inline policies embedded in the user.
37062	UserPolicyList []*PolicyDetail `type:"list"`
37063}
37064
37065// String returns the string representation
37066func (s UserDetail) String() string {
37067	return awsutil.Prettify(s)
37068}
37069
37070// GoString returns the string representation
37071func (s UserDetail) GoString() string {
37072	return s.String()
37073}
37074
37075// SetArn sets the Arn field's value.
37076func (s *UserDetail) SetArn(v string) *UserDetail {
37077	s.Arn = &v
37078	return s
37079}
37080
37081// SetAttachedManagedPolicies sets the AttachedManagedPolicies field's value.
37082func (s *UserDetail) SetAttachedManagedPolicies(v []*AttachedPolicy) *UserDetail {
37083	s.AttachedManagedPolicies = v
37084	return s
37085}
37086
37087// SetCreateDate sets the CreateDate field's value.
37088func (s *UserDetail) SetCreateDate(v time.Time) *UserDetail {
37089	s.CreateDate = &v
37090	return s
37091}
37092
37093// SetGroupList sets the GroupList field's value.
37094func (s *UserDetail) SetGroupList(v []*string) *UserDetail {
37095	s.GroupList = v
37096	return s
37097}
37098
37099// SetPath sets the Path field's value.
37100func (s *UserDetail) SetPath(v string) *UserDetail {
37101	s.Path = &v
37102	return s
37103}
37104
37105// SetPermissionsBoundary sets the PermissionsBoundary field's value.
37106func (s *UserDetail) SetPermissionsBoundary(v *AttachedPermissionsBoundary) *UserDetail {
37107	s.PermissionsBoundary = v
37108	return s
37109}
37110
37111// SetTags sets the Tags field's value.
37112func (s *UserDetail) SetTags(v []*Tag) *UserDetail {
37113	s.Tags = v
37114	return s
37115}
37116
37117// SetUserId sets the UserId field's value.
37118func (s *UserDetail) SetUserId(v string) *UserDetail {
37119	s.UserId = &v
37120	return s
37121}
37122
37123// SetUserName sets the UserName field's value.
37124func (s *UserDetail) SetUserName(v string) *UserDetail {
37125	s.UserName = &v
37126	return s
37127}
37128
37129// SetUserPolicyList sets the UserPolicyList field's value.
37130func (s *UserDetail) SetUserPolicyList(v []*PolicyDetail) *UserDetail {
37131	s.UserPolicyList = v
37132	return s
37133}
37134
37135// Contains information about a virtual MFA device.
37136type VirtualMFADevice struct {
37137	_ struct{} `type:"structure"`
37138
37139	// The base32 seed defined as specified in RFC3548 (https://tools.ietf.org/html/rfc3548.txt).
37140	// The Base32StringSeed is base64-encoded.
37141	//
37142	// Base32StringSeed is automatically base64 encoded/decoded by the SDK.
37143	Base32StringSeed []byte `type:"blob" sensitive:"true"`
37144
37145	// The date and time on which the virtual MFA device was enabled.
37146	EnableDate *time.Time `type:"timestamp"`
37147
37148	// A QR code PNG image that encodes otpauth://totp/$virtualMFADeviceName@$AccountName?secret=$Base32String
37149	// where $virtualMFADeviceName is one of the create call arguments. AccountName
37150	// is the user name if set (otherwise, the account ID otherwise), and Base32String
37151	// is the seed in base32 format. The Base32String value is base64-encoded.
37152	//
37153	// QRCodePNG is automatically base64 encoded/decoded by the SDK.
37154	QRCodePNG []byte `type:"blob" sensitive:"true"`
37155
37156	// The serial number associated with VirtualMFADevice.
37157	//
37158	// SerialNumber is a required field
37159	SerialNumber *string `min:"9" type:"string" required:"true"`
37160
37161	// A list of tags that are attached to the virtual MFA device. For more information
37162	// about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
37163	// in the IAM User Guide.
37164	Tags []*Tag `type:"list"`
37165
37166	// The IAM user associated with this virtual MFA device.
37167	User *User `type:"structure"`
37168}
37169
37170// String returns the string representation
37171func (s VirtualMFADevice) String() string {
37172	return awsutil.Prettify(s)
37173}
37174
37175// GoString returns the string representation
37176func (s VirtualMFADevice) GoString() string {
37177	return s.String()
37178}
37179
37180// SetBase32StringSeed sets the Base32StringSeed field's value.
37181func (s *VirtualMFADevice) SetBase32StringSeed(v []byte) *VirtualMFADevice {
37182	s.Base32StringSeed = v
37183	return s
37184}
37185
37186// SetEnableDate sets the EnableDate field's value.
37187func (s *VirtualMFADevice) SetEnableDate(v time.Time) *VirtualMFADevice {
37188	s.EnableDate = &v
37189	return s
37190}
37191
37192// SetQRCodePNG sets the QRCodePNG field's value.
37193func (s *VirtualMFADevice) SetQRCodePNG(v []byte) *VirtualMFADevice {
37194	s.QRCodePNG = v
37195	return s
37196}
37197
37198// SetSerialNumber sets the SerialNumber field's value.
37199func (s *VirtualMFADevice) SetSerialNumber(v string) *VirtualMFADevice {
37200	s.SerialNumber = &v
37201	return s
37202}
37203
37204// SetTags sets the Tags field's value.
37205func (s *VirtualMFADevice) SetTags(v []*Tag) *VirtualMFADevice {
37206	s.Tags = v
37207	return s
37208}
37209
37210// SetUser sets the User field's value.
37211func (s *VirtualMFADevice) SetUser(v *User) *VirtualMFADevice {
37212	s.User = v
37213	return s
37214}
37215
37216const (
37217	// AccessAdvisorUsageGranularityTypeServiceLevel is a AccessAdvisorUsageGranularityType enum value
37218	AccessAdvisorUsageGranularityTypeServiceLevel = "SERVICE_LEVEL"
37219
37220	// AccessAdvisorUsageGranularityTypeActionLevel is a AccessAdvisorUsageGranularityType enum value
37221	AccessAdvisorUsageGranularityTypeActionLevel = "ACTION_LEVEL"
37222)
37223
37224// AccessAdvisorUsageGranularityType_Values returns all elements of the AccessAdvisorUsageGranularityType enum
37225func AccessAdvisorUsageGranularityType_Values() []string {
37226	return []string{
37227		AccessAdvisorUsageGranularityTypeServiceLevel,
37228		AccessAdvisorUsageGranularityTypeActionLevel,
37229	}
37230}
37231
37232const (
37233	// AssignmentStatusTypeAssigned is a AssignmentStatusType enum value
37234	AssignmentStatusTypeAssigned = "Assigned"
37235
37236	// AssignmentStatusTypeUnassigned is a AssignmentStatusType enum value
37237	AssignmentStatusTypeUnassigned = "Unassigned"
37238
37239	// AssignmentStatusTypeAny is a AssignmentStatusType enum value
37240	AssignmentStatusTypeAny = "Any"
37241)
37242
37243// AssignmentStatusType_Values returns all elements of the AssignmentStatusType enum
37244func AssignmentStatusType_Values() []string {
37245	return []string{
37246		AssignmentStatusTypeAssigned,
37247		AssignmentStatusTypeUnassigned,
37248		AssignmentStatusTypeAny,
37249	}
37250}
37251
37252const (
37253	// ContextKeyTypeEnumString is a ContextKeyTypeEnum enum value
37254	ContextKeyTypeEnumString = "string"
37255
37256	// ContextKeyTypeEnumStringList is a ContextKeyTypeEnum enum value
37257	ContextKeyTypeEnumStringList = "stringList"
37258
37259	// ContextKeyTypeEnumNumeric is a ContextKeyTypeEnum enum value
37260	ContextKeyTypeEnumNumeric = "numeric"
37261
37262	// ContextKeyTypeEnumNumericList is a ContextKeyTypeEnum enum value
37263	ContextKeyTypeEnumNumericList = "numericList"
37264
37265	// ContextKeyTypeEnumBoolean is a ContextKeyTypeEnum enum value
37266	ContextKeyTypeEnumBoolean = "boolean"
37267
37268	// ContextKeyTypeEnumBooleanList is a ContextKeyTypeEnum enum value
37269	ContextKeyTypeEnumBooleanList = "booleanList"
37270
37271	// ContextKeyTypeEnumIp is a ContextKeyTypeEnum enum value
37272	ContextKeyTypeEnumIp = "ip"
37273
37274	// ContextKeyTypeEnumIpList is a ContextKeyTypeEnum enum value
37275	ContextKeyTypeEnumIpList = "ipList"
37276
37277	// ContextKeyTypeEnumBinary is a ContextKeyTypeEnum enum value
37278	ContextKeyTypeEnumBinary = "binary"
37279
37280	// ContextKeyTypeEnumBinaryList is a ContextKeyTypeEnum enum value
37281	ContextKeyTypeEnumBinaryList = "binaryList"
37282
37283	// ContextKeyTypeEnumDate is a ContextKeyTypeEnum enum value
37284	ContextKeyTypeEnumDate = "date"
37285
37286	// ContextKeyTypeEnumDateList is a ContextKeyTypeEnum enum value
37287	ContextKeyTypeEnumDateList = "dateList"
37288)
37289
37290// ContextKeyTypeEnum_Values returns all elements of the ContextKeyTypeEnum enum
37291func ContextKeyTypeEnum_Values() []string {
37292	return []string{
37293		ContextKeyTypeEnumString,
37294		ContextKeyTypeEnumStringList,
37295		ContextKeyTypeEnumNumeric,
37296		ContextKeyTypeEnumNumericList,
37297		ContextKeyTypeEnumBoolean,
37298		ContextKeyTypeEnumBooleanList,
37299		ContextKeyTypeEnumIp,
37300		ContextKeyTypeEnumIpList,
37301		ContextKeyTypeEnumBinary,
37302		ContextKeyTypeEnumBinaryList,
37303		ContextKeyTypeEnumDate,
37304		ContextKeyTypeEnumDateList,
37305	}
37306}
37307
37308const (
37309	// DeletionTaskStatusTypeSucceeded is a DeletionTaskStatusType enum value
37310	DeletionTaskStatusTypeSucceeded = "SUCCEEDED"
37311
37312	// DeletionTaskStatusTypeInProgress is a DeletionTaskStatusType enum value
37313	DeletionTaskStatusTypeInProgress = "IN_PROGRESS"
37314
37315	// DeletionTaskStatusTypeFailed is a DeletionTaskStatusType enum value
37316	DeletionTaskStatusTypeFailed = "FAILED"
37317
37318	// DeletionTaskStatusTypeNotStarted is a DeletionTaskStatusType enum value
37319	DeletionTaskStatusTypeNotStarted = "NOT_STARTED"
37320)
37321
37322// DeletionTaskStatusType_Values returns all elements of the DeletionTaskStatusType enum
37323func DeletionTaskStatusType_Values() []string {
37324	return []string{
37325		DeletionTaskStatusTypeSucceeded,
37326		DeletionTaskStatusTypeInProgress,
37327		DeletionTaskStatusTypeFailed,
37328		DeletionTaskStatusTypeNotStarted,
37329	}
37330}
37331
37332const (
37333	// EncodingTypeSsh is a EncodingType enum value
37334	EncodingTypeSsh = "SSH"
37335
37336	// EncodingTypePem is a EncodingType enum value
37337	EncodingTypePem = "PEM"
37338)
37339
37340// EncodingType_Values returns all elements of the EncodingType enum
37341func EncodingType_Values() []string {
37342	return []string{
37343		EncodingTypeSsh,
37344		EncodingTypePem,
37345	}
37346}
37347
37348const (
37349	// EntityTypeUser is a EntityType enum value
37350	EntityTypeUser = "User"
37351
37352	// EntityTypeRole is a EntityType enum value
37353	EntityTypeRole = "Role"
37354
37355	// EntityTypeGroup is a EntityType enum value
37356	EntityTypeGroup = "Group"
37357
37358	// EntityTypeLocalManagedPolicy is a EntityType enum value
37359	EntityTypeLocalManagedPolicy = "LocalManagedPolicy"
37360
37361	// EntityTypeAwsmanagedPolicy is a EntityType enum value
37362	EntityTypeAwsmanagedPolicy = "AWSManagedPolicy"
37363)
37364
37365// EntityType_Values returns all elements of the EntityType enum
37366func EntityType_Values() []string {
37367	return []string{
37368		EntityTypeUser,
37369		EntityTypeRole,
37370		EntityTypeGroup,
37371		EntityTypeLocalManagedPolicy,
37372		EntityTypeAwsmanagedPolicy,
37373	}
37374}
37375
37376const (
37377	// GlobalEndpointTokenVersionV1token is a GlobalEndpointTokenVersion enum value
37378	GlobalEndpointTokenVersionV1token = "v1Token"
37379
37380	// GlobalEndpointTokenVersionV2token is a GlobalEndpointTokenVersion enum value
37381	GlobalEndpointTokenVersionV2token = "v2Token"
37382)
37383
37384// GlobalEndpointTokenVersion_Values returns all elements of the GlobalEndpointTokenVersion enum
37385func GlobalEndpointTokenVersion_Values() []string {
37386	return []string{
37387		GlobalEndpointTokenVersionV1token,
37388		GlobalEndpointTokenVersionV2token,
37389	}
37390}
37391
37392const (
37393	// JobStatusTypeInProgress is a JobStatusType enum value
37394	JobStatusTypeInProgress = "IN_PROGRESS"
37395
37396	// JobStatusTypeCompleted is a JobStatusType enum value
37397	JobStatusTypeCompleted = "COMPLETED"
37398
37399	// JobStatusTypeFailed is a JobStatusType enum value
37400	JobStatusTypeFailed = "FAILED"
37401)
37402
37403// JobStatusType_Values returns all elements of the JobStatusType enum
37404func JobStatusType_Values() []string {
37405	return []string{
37406		JobStatusTypeInProgress,
37407		JobStatusTypeCompleted,
37408		JobStatusTypeFailed,
37409	}
37410}
37411
37412const (
37413	// PermissionsBoundaryAttachmentTypePermissionsBoundaryPolicy is a PermissionsBoundaryAttachmentType enum value
37414	PermissionsBoundaryAttachmentTypePermissionsBoundaryPolicy = "PermissionsBoundaryPolicy"
37415)
37416
37417// PermissionsBoundaryAttachmentType_Values returns all elements of the PermissionsBoundaryAttachmentType enum
37418func PermissionsBoundaryAttachmentType_Values() []string {
37419	return []string{
37420		PermissionsBoundaryAttachmentTypePermissionsBoundaryPolicy,
37421	}
37422}
37423
37424const (
37425	// PolicyEvaluationDecisionTypeAllowed is a PolicyEvaluationDecisionType enum value
37426	PolicyEvaluationDecisionTypeAllowed = "allowed"
37427
37428	// PolicyEvaluationDecisionTypeExplicitDeny is a PolicyEvaluationDecisionType enum value
37429	PolicyEvaluationDecisionTypeExplicitDeny = "explicitDeny"
37430
37431	// PolicyEvaluationDecisionTypeImplicitDeny is a PolicyEvaluationDecisionType enum value
37432	PolicyEvaluationDecisionTypeImplicitDeny = "implicitDeny"
37433)
37434
37435// PolicyEvaluationDecisionType_Values returns all elements of the PolicyEvaluationDecisionType enum
37436func PolicyEvaluationDecisionType_Values() []string {
37437	return []string{
37438		PolicyEvaluationDecisionTypeAllowed,
37439		PolicyEvaluationDecisionTypeExplicitDeny,
37440		PolicyEvaluationDecisionTypeImplicitDeny,
37441	}
37442}
37443
37444const (
37445	// PolicyOwnerEntityTypeUser is a PolicyOwnerEntityType enum value
37446	PolicyOwnerEntityTypeUser = "USER"
37447
37448	// PolicyOwnerEntityTypeRole is a PolicyOwnerEntityType enum value
37449	PolicyOwnerEntityTypeRole = "ROLE"
37450
37451	// PolicyOwnerEntityTypeGroup is a PolicyOwnerEntityType enum value
37452	PolicyOwnerEntityTypeGroup = "GROUP"
37453)
37454
37455// PolicyOwnerEntityType_Values returns all elements of the PolicyOwnerEntityType enum
37456func PolicyOwnerEntityType_Values() []string {
37457	return []string{
37458		PolicyOwnerEntityTypeUser,
37459		PolicyOwnerEntityTypeRole,
37460		PolicyOwnerEntityTypeGroup,
37461	}
37462}
37463
37464const (
37465	// PolicyScopeTypeAll is a PolicyScopeType enum value
37466	PolicyScopeTypeAll = "All"
37467
37468	// PolicyScopeTypeAws is a PolicyScopeType enum value
37469	PolicyScopeTypeAws = "AWS"
37470
37471	// PolicyScopeTypeLocal is a PolicyScopeType enum value
37472	PolicyScopeTypeLocal = "Local"
37473)
37474
37475// PolicyScopeType_Values returns all elements of the PolicyScopeType enum
37476func PolicyScopeType_Values() []string {
37477	return []string{
37478		PolicyScopeTypeAll,
37479		PolicyScopeTypeAws,
37480		PolicyScopeTypeLocal,
37481	}
37482}
37483
37484const (
37485	// PolicySourceTypeUser is a PolicySourceType enum value
37486	PolicySourceTypeUser = "user"
37487
37488	// PolicySourceTypeGroup is a PolicySourceType enum value
37489	PolicySourceTypeGroup = "group"
37490
37491	// PolicySourceTypeRole is a PolicySourceType enum value
37492	PolicySourceTypeRole = "role"
37493
37494	// PolicySourceTypeAwsManaged is a PolicySourceType enum value
37495	PolicySourceTypeAwsManaged = "aws-managed"
37496
37497	// PolicySourceTypeUserManaged is a PolicySourceType enum value
37498	PolicySourceTypeUserManaged = "user-managed"
37499
37500	// PolicySourceTypeResource is a PolicySourceType enum value
37501	PolicySourceTypeResource = "resource"
37502
37503	// PolicySourceTypeNone is a PolicySourceType enum value
37504	PolicySourceTypeNone = "none"
37505)
37506
37507// PolicySourceType_Values returns all elements of the PolicySourceType enum
37508func PolicySourceType_Values() []string {
37509	return []string{
37510		PolicySourceTypeUser,
37511		PolicySourceTypeGroup,
37512		PolicySourceTypeRole,
37513		PolicySourceTypeAwsManaged,
37514		PolicySourceTypeUserManaged,
37515		PolicySourceTypeResource,
37516		PolicySourceTypeNone,
37517	}
37518}
37519
37520const (
37521	// PolicyTypeInline is a PolicyType enum value
37522	PolicyTypeInline = "INLINE"
37523
37524	// PolicyTypeManaged is a PolicyType enum value
37525	PolicyTypeManaged = "MANAGED"
37526)
37527
37528// PolicyType_Values returns all elements of the PolicyType enum
37529func PolicyType_Values() []string {
37530	return []string{
37531		PolicyTypeInline,
37532		PolicyTypeManaged,
37533	}
37534}
37535
37536// The policy usage type that indicates whether the policy is used as a permissions
37537// policy or as the permissions boundary for an entity.
37538//
37539// For more information about permissions boundaries, see Permissions boundaries
37540// for IAM identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html)
37541// in the IAM User Guide.
37542const (
37543	// PolicyUsageTypePermissionsPolicy is a PolicyUsageType enum value
37544	PolicyUsageTypePermissionsPolicy = "PermissionsPolicy"
37545
37546	// PolicyUsageTypePermissionsBoundary is a PolicyUsageType enum value
37547	PolicyUsageTypePermissionsBoundary = "PermissionsBoundary"
37548)
37549
37550// PolicyUsageType_Values returns all elements of the PolicyUsageType enum
37551func PolicyUsageType_Values() []string {
37552	return []string{
37553		PolicyUsageTypePermissionsPolicy,
37554		PolicyUsageTypePermissionsBoundary,
37555	}
37556}
37557
37558const (
37559	// ReportFormatTypeTextCsv is a ReportFormatType enum value
37560	ReportFormatTypeTextCsv = "text/csv"
37561)
37562
37563// ReportFormatType_Values returns all elements of the ReportFormatType enum
37564func ReportFormatType_Values() []string {
37565	return []string{
37566		ReportFormatTypeTextCsv,
37567	}
37568}
37569
37570const (
37571	// ReportStateTypeStarted is a ReportStateType enum value
37572	ReportStateTypeStarted = "STARTED"
37573
37574	// ReportStateTypeInprogress is a ReportStateType enum value
37575	ReportStateTypeInprogress = "INPROGRESS"
37576
37577	// ReportStateTypeComplete is a ReportStateType enum value
37578	ReportStateTypeComplete = "COMPLETE"
37579)
37580
37581// ReportStateType_Values returns all elements of the ReportStateType enum
37582func ReportStateType_Values() []string {
37583	return []string{
37584		ReportStateTypeStarted,
37585		ReportStateTypeInprogress,
37586		ReportStateTypeComplete,
37587	}
37588}
37589
37590const (
37591	// SortKeyTypeServiceNamespaceAscending is a SortKeyType enum value
37592	SortKeyTypeServiceNamespaceAscending = "SERVICE_NAMESPACE_ASCENDING"
37593
37594	// SortKeyTypeServiceNamespaceDescending is a SortKeyType enum value
37595	SortKeyTypeServiceNamespaceDescending = "SERVICE_NAMESPACE_DESCENDING"
37596
37597	// SortKeyTypeLastAuthenticatedTimeAscending is a SortKeyType enum value
37598	SortKeyTypeLastAuthenticatedTimeAscending = "LAST_AUTHENTICATED_TIME_ASCENDING"
37599
37600	// SortKeyTypeLastAuthenticatedTimeDescending is a SortKeyType enum value
37601	SortKeyTypeLastAuthenticatedTimeDescending = "LAST_AUTHENTICATED_TIME_DESCENDING"
37602)
37603
37604// SortKeyType_Values returns all elements of the SortKeyType enum
37605func SortKeyType_Values() []string {
37606	return []string{
37607		SortKeyTypeServiceNamespaceAscending,
37608		SortKeyTypeServiceNamespaceDescending,
37609		SortKeyTypeLastAuthenticatedTimeAscending,
37610		SortKeyTypeLastAuthenticatedTimeDescending,
37611	}
37612}
37613
37614const (
37615	// StatusTypeActive is a StatusType enum value
37616	StatusTypeActive = "Active"
37617
37618	// StatusTypeInactive is a StatusType enum value
37619	StatusTypeInactive = "Inactive"
37620)
37621
37622// StatusType_Values returns all elements of the StatusType enum
37623func StatusType_Values() []string {
37624	return []string{
37625		StatusTypeActive,
37626		StatusTypeInactive,
37627	}
37628}
37629
37630const (
37631	// SummaryKeyTypeUsers is a SummaryKeyType enum value
37632	SummaryKeyTypeUsers = "Users"
37633
37634	// SummaryKeyTypeUsersQuota is a SummaryKeyType enum value
37635	SummaryKeyTypeUsersQuota = "UsersQuota"
37636
37637	// SummaryKeyTypeGroups is a SummaryKeyType enum value
37638	SummaryKeyTypeGroups = "Groups"
37639
37640	// SummaryKeyTypeGroupsQuota is a SummaryKeyType enum value
37641	SummaryKeyTypeGroupsQuota = "GroupsQuota"
37642
37643	// SummaryKeyTypeServerCertificates is a SummaryKeyType enum value
37644	SummaryKeyTypeServerCertificates = "ServerCertificates"
37645
37646	// SummaryKeyTypeServerCertificatesQuota is a SummaryKeyType enum value
37647	SummaryKeyTypeServerCertificatesQuota = "ServerCertificatesQuota"
37648
37649	// SummaryKeyTypeUserPolicySizeQuota is a SummaryKeyType enum value
37650	SummaryKeyTypeUserPolicySizeQuota = "UserPolicySizeQuota"
37651
37652	// SummaryKeyTypeGroupPolicySizeQuota is a SummaryKeyType enum value
37653	SummaryKeyTypeGroupPolicySizeQuota = "GroupPolicySizeQuota"
37654
37655	// SummaryKeyTypeGroupsPerUserQuota is a SummaryKeyType enum value
37656	SummaryKeyTypeGroupsPerUserQuota = "GroupsPerUserQuota"
37657
37658	// SummaryKeyTypeSigningCertificatesPerUserQuota is a SummaryKeyType enum value
37659	SummaryKeyTypeSigningCertificatesPerUserQuota = "SigningCertificatesPerUserQuota"
37660
37661	// SummaryKeyTypeAccessKeysPerUserQuota is a SummaryKeyType enum value
37662	SummaryKeyTypeAccessKeysPerUserQuota = "AccessKeysPerUserQuota"
37663
37664	// SummaryKeyTypeMfadevices is a SummaryKeyType enum value
37665	SummaryKeyTypeMfadevices = "MFADevices"
37666
37667	// SummaryKeyTypeMfadevicesInUse is a SummaryKeyType enum value
37668	SummaryKeyTypeMfadevicesInUse = "MFADevicesInUse"
37669
37670	// SummaryKeyTypeAccountMfaenabled is a SummaryKeyType enum value
37671	SummaryKeyTypeAccountMfaenabled = "AccountMFAEnabled"
37672
37673	// SummaryKeyTypeAccountAccessKeysPresent is a SummaryKeyType enum value
37674	SummaryKeyTypeAccountAccessKeysPresent = "AccountAccessKeysPresent"
37675
37676	// SummaryKeyTypeAccountSigningCertificatesPresent is a SummaryKeyType enum value
37677	SummaryKeyTypeAccountSigningCertificatesPresent = "AccountSigningCertificatesPresent"
37678
37679	// SummaryKeyTypeAttachedPoliciesPerGroupQuota is a SummaryKeyType enum value
37680	SummaryKeyTypeAttachedPoliciesPerGroupQuota = "AttachedPoliciesPerGroupQuota"
37681
37682	// SummaryKeyTypeAttachedPoliciesPerRoleQuota is a SummaryKeyType enum value
37683	SummaryKeyTypeAttachedPoliciesPerRoleQuota = "AttachedPoliciesPerRoleQuota"
37684
37685	// SummaryKeyTypeAttachedPoliciesPerUserQuota is a SummaryKeyType enum value
37686	SummaryKeyTypeAttachedPoliciesPerUserQuota = "AttachedPoliciesPerUserQuota"
37687
37688	// SummaryKeyTypePolicies is a SummaryKeyType enum value
37689	SummaryKeyTypePolicies = "Policies"
37690
37691	// SummaryKeyTypePoliciesQuota is a SummaryKeyType enum value
37692	SummaryKeyTypePoliciesQuota = "PoliciesQuota"
37693
37694	// SummaryKeyTypePolicySizeQuota is a SummaryKeyType enum value
37695	SummaryKeyTypePolicySizeQuota = "PolicySizeQuota"
37696
37697	// SummaryKeyTypePolicyVersionsInUse is a SummaryKeyType enum value
37698	SummaryKeyTypePolicyVersionsInUse = "PolicyVersionsInUse"
37699
37700	// SummaryKeyTypePolicyVersionsInUseQuota is a SummaryKeyType enum value
37701	SummaryKeyTypePolicyVersionsInUseQuota = "PolicyVersionsInUseQuota"
37702
37703	// SummaryKeyTypeVersionsPerPolicyQuota is a SummaryKeyType enum value
37704	SummaryKeyTypeVersionsPerPolicyQuota = "VersionsPerPolicyQuota"
37705
37706	// SummaryKeyTypeGlobalEndpointTokenVersion is a SummaryKeyType enum value
37707	SummaryKeyTypeGlobalEndpointTokenVersion = "GlobalEndpointTokenVersion"
37708)
37709
37710// SummaryKeyType_Values returns all elements of the SummaryKeyType enum
37711func SummaryKeyType_Values() []string {
37712	return []string{
37713		SummaryKeyTypeUsers,
37714		SummaryKeyTypeUsersQuota,
37715		SummaryKeyTypeGroups,
37716		SummaryKeyTypeGroupsQuota,
37717		SummaryKeyTypeServerCertificates,
37718		SummaryKeyTypeServerCertificatesQuota,
37719		SummaryKeyTypeUserPolicySizeQuota,
37720		SummaryKeyTypeGroupPolicySizeQuota,
37721		SummaryKeyTypeGroupsPerUserQuota,
37722		SummaryKeyTypeSigningCertificatesPerUserQuota,
37723		SummaryKeyTypeAccessKeysPerUserQuota,
37724		SummaryKeyTypeMfadevices,
37725		SummaryKeyTypeMfadevicesInUse,
37726		SummaryKeyTypeAccountMfaenabled,
37727		SummaryKeyTypeAccountAccessKeysPresent,
37728		SummaryKeyTypeAccountSigningCertificatesPresent,
37729		SummaryKeyTypeAttachedPoliciesPerGroupQuota,
37730		SummaryKeyTypeAttachedPoliciesPerRoleQuota,
37731		SummaryKeyTypeAttachedPoliciesPerUserQuota,
37732		SummaryKeyTypePolicies,
37733		SummaryKeyTypePoliciesQuota,
37734		SummaryKeyTypePolicySizeQuota,
37735		SummaryKeyTypePolicyVersionsInUse,
37736		SummaryKeyTypePolicyVersionsInUseQuota,
37737		SummaryKeyTypeVersionsPerPolicyQuota,
37738		SummaryKeyTypeGlobalEndpointTokenVersion,
37739	}
37740}
37741