1// Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT.
2
3package iam
4
5import (
6	"fmt"
7	"time"
8
9	"github.com/aws/aws-sdk-go/aws"
10	"github.com/aws/aws-sdk-go/aws/awsutil"
11	"github.com/aws/aws-sdk-go/aws/request"
12	"github.com/aws/aws-sdk-go/private/protocol"
13	"github.com/aws/aws-sdk-go/private/protocol/query"
14)
15
16const opAddClientIDToOpenIDConnectProvider = "AddClientIDToOpenIDConnectProvider"
17
18// AddClientIDToOpenIDConnectProviderRequest generates a "aws/request.Request" representing the
19// client's request for the AddClientIDToOpenIDConnectProvider operation. The "output" return
20// value will be populated with the request's response once the request completes
21// successfully.
22//
23// Use "Send" method on the returned Request to send the API call to the service.
24// the "output" return value is not valid until after Send returns without error.
25//
26// See AddClientIDToOpenIDConnectProvider for more information on using the AddClientIDToOpenIDConnectProvider
27// API call, and error handling.
28//
29// This method is useful when you want to inject custom logic or configuration
30// into the SDK's request lifecycle. Such as custom headers, or retry logic.
31//
32//
33//    // Example sending a request using the AddClientIDToOpenIDConnectProviderRequest method.
34//    req, resp := client.AddClientIDToOpenIDConnectProviderRequest(params)
35//
36//    err := req.Send()
37//    if err == nil { // resp is now filled
38//        fmt.Println(resp)
39//    }
40//
41// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/AddClientIDToOpenIDConnectProvider
42func (c *IAM) AddClientIDToOpenIDConnectProviderRequest(input *AddClientIDToOpenIDConnectProviderInput) (req *request.Request, output *AddClientIDToOpenIDConnectProviderOutput) {
43	op := &request.Operation{
44		Name:       opAddClientIDToOpenIDConnectProvider,
45		HTTPMethod: "POST",
46		HTTPPath:   "/",
47	}
48
49	if input == nil {
50		input = &AddClientIDToOpenIDConnectProviderInput{}
51	}
52
53	output = &AddClientIDToOpenIDConnectProviderOutput{}
54	req = c.newRequest(op, input, output)
55	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
56	return
57}
58
59// AddClientIDToOpenIDConnectProvider API operation for AWS Identity and Access Management.
60//
61// Adds a new client ID (also known as audience) to the list of client IDs already
62// registered for the specified IAM OpenID Connect (OIDC) provider resource.
63//
64// This operation is idempotent; it does not fail or return an error if you
65// add an existing client ID to the provider.
66//
67// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
68// with awserr.Error's Code and Message methods to get detailed information about
69// the error.
70//
71// See the AWS API reference guide for AWS Identity and Access Management's
72// API operation AddClientIDToOpenIDConnectProvider for usage and error information.
73//
74// Returned Error Codes:
75//   * ErrCodeInvalidInputException "InvalidInput"
76//   The request was rejected because an invalid or out-of-range value was supplied
77//   for an input parameter.
78//
79//   * ErrCodeNoSuchEntityException "NoSuchEntity"
80//   The request was rejected because it referenced a resource entity that does
81//   not exist. The error message describes the resource.
82//
83//   * ErrCodeLimitExceededException "LimitExceeded"
84//   The request was rejected because it attempted to create resources beyond
85//   the current Amazon Web Services account limits. The error message describes
86//   the limit exceeded.
87//
88//   * ErrCodeServiceFailureException "ServiceFailure"
89//   The request processing has failed because of an unknown error, exception
90//   or failure.
91//
92// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/AddClientIDToOpenIDConnectProvider
93func (c *IAM) AddClientIDToOpenIDConnectProvider(input *AddClientIDToOpenIDConnectProviderInput) (*AddClientIDToOpenIDConnectProviderOutput, error) {
94	req, out := c.AddClientIDToOpenIDConnectProviderRequest(input)
95	return out, req.Send()
96}
97
98// AddClientIDToOpenIDConnectProviderWithContext is the same as AddClientIDToOpenIDConnectProvider with the addition of
99// the ability to pass a context and additional request options.
100//
101// See AddClientIDToOpenIDConnectProvider for details on how to use this API operation.
102//
103// The context must be non-nil and will be used for request cancellation. If
104// the context is nil a panic will occur. In the future the SDK may create
105// sub-contexts for http.Requests. See https://golang.org/pkg/context/
106// for more information on using Contexts.
107func (c *IAM) AddClientIDToOpenIDConnectProviderWithContext(ctx aws.Context, input *AddClientIDToOpenIDConnectProviderInput, opts ...request.Option) (*AddClientIDToOpenIDConnectProviderOutput, error) {
108	req, out := c.AddClientIDToOpenIDConnectProviderRequest(input)
109	req.SetContext(ctx)
110	req.ApplyOptions(opts...)
111	return out, req.Send()
112}
113
114const opAddRoleToInstanceProfile = "AddRoleToInstanceProfile"
115
116// AddRoleToInstanceProfileRequest generates a "aws/request.Request" representing the
117// client's request for the AddRoleToInstanceProfile operation. The "output" return
118// value will be populated with the request's response once the request completes
119// successfully.
120//
121// Use "Send" method on the returned Request to send the API call to the service.
122// the "output" return value is not valid until after Send returns without error.
123//
124// See AddRoleToInstanceProfile for more information on using the AddRoleToInstanceProfile
125// API call, and error handling.
126//
127// This method is useful when you want to inject custom logic or configuration
128// into the SDK's request lifecycle. Such as custom headers, or retry logic.
129//
130//
131//    // Example sending a request using the AddRoleToInstanceProfileRequest method.
132//    req, resp := client.AddRoleToInstanceProfileRequest(params)
133//
134//    err := req.Send()
135//    if err == nil { // resp is now filled
136//        fmt.Println(resp)
137//    }
138//
139// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/AddRoleToInstanceProfile
140func (c *IAM) AddRoleToInstanceProfileRequest(input *AddRoleToInstanceProfileInput) (req *request.Request, output *AddRoleToInstanceProfileOutput) {
141	op := &request.Operation{
142		Name:       opAddRoleToInstanceProfile,
143		HTTPMethod: "POST",
144		HTTPPath:   "/",
145	}
146
147	if input == nil {
148		input = &AddRoleToInstanceProfileInput{}
149	}
150
151	output = &AddRoleToInstanceProfileOutput{}
152	req = c.newRequest(op, input, output)
153	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
154	return
155}
156
157// AddRoleToInstanceProfile API operation for AWS Identity and Access Management.
158//
159// Adds the specified IAM role to the specified instance profile. An instance
160// profile can contain only one role, and this quota cannot be increased. You
161// can remove the existing role and then add a different role to an instance
162// profile. You must then wait for the change to appear across all of Amazon
163// Web Services because of eventual consistency (https://en.wikipedia.org/wiki/Eventual_consistency).
164// To force the change, you must disassociate the instance profile (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DisassociateIamInstanceProfile.html)
165// and then associate the instance profile (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AssociateIamInstanceProfile.html),
166// or you can stop your instance and then restart it.
167//
168// The caller of this operation must be granted the PassRole permission on the
169// IAM role by a permissions policy.
170//
171// For more information about roles, see Working with roles (https://docs.aws.amazon.com/IAM/latest/UserGuide/WorkingWithRoles.html).
172// For more information about instance profiles, see About instance profiles
173// (https://docs.aws.amazon.com/IAM/latest/UserGuide/AboutInstanceProfiles.html).
174//
175// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
176// with awserr.Error's Code and Message methods to get detailed information about
177// the error.
178//
179// See the AWS API reference guide for AWS Identity and Access Management's
180// API operation AddRoleToInstanceProfile for usage and error information.
181//
182// Returned Error Codes:
183//   * ErrCodeNoSuchEntityException "NoSuchEntity"
184//   The request was rejected because it referenced a resource entity that does
185//   not exist. The error message describes the resource.
186//
187//   * ErrCodeEntityAlreadyExistsException "EntityAlreadyExists"
188//   The request was rejected because it attempted to create a resource that already
189//   exists.
190//
191//   * ErrCodeLimitExceededException "LimitExceeded"
192//   The request was rejected because it attempted to create resources beyond
193//   the current Amazon Web Services account limits. The error message describes
194//   the limit exceeded.
195//
196//   * ErrCodeUnmodifiableEntityException "UnmodifiableEntity"
197//   The request was rejected because only the service that depends on the service-linked
198//   role can modify or delete the role on your behalf. The error message includes
199//   the name of the service that depends on this service-linked role. You must
200//   request the change through that service.
201//
202//   * ErrCodeServiceFailureException "ServiceFailure"
203//   The request processing has failed because of an unknown error, exception
204//   or failure.
205//
206// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/AddRoleToInstanceProfile
207func (c *IAM) AddRoleToInstanceProfile(input *AddRoleToInstanceProfileInput) (*AddRoleToInstanceProfileOutput, error) {
208	req, out := c.AddRoleToInstanceProfileRequest(input)
209	return out, req.Send()
210}
211
212// AddRoleToInstanceProfileWithContext is the same as AddRoleToInstanceProfile with the addition of
213// the ability to pass a context and additional request options.
214//
215// See AddRoleToInstanceProfile for details on how to use this API operation.
216//
217// The context must be non-nil and will be used for request cancellation. If
218// the context is nil a panic will occur. In the future the SDK may create
219// sub-contexts for http.Requests. See https://golang.org/pkg/context/
220// for more information on using Contexts.
221func (c *IAM) AddRoleToInstanceProfileWithContext(ctx aws.Context, input *AddRoleToInstanceProfileInput, opts ...request.Option) (*AddRoleToInstanceProfileOutput, error) {
222	req, out := c.AddRoleToInstanceProfileRequest(input)
223	req.SetContext(ctx)
224	req.ApplyOptions(opts...)
225	return out, req.Send()
226}
227
228const opAddUserToGroup = "AddUserToGroup"
229
230// AddUserToGroupRequest generates a "aws/request.Request" representing the
231// client's request for the AddUserToGroup operation. The "output" return
232// value will be populated with the request's response once the request completes
233// successfully.
234//
235// Use "Send" method on the returned Request to send the API call to the service.
236// the "output" return value is not valid until after Send returns without error.
237//
238// See AddUserToGroup for more information on using the AddUserToGroup
239// API call, and error handling.
240//
241// This method is useful when you want to inject custom logic or configuration
242// into the SDK's request lifecycle. Such as custom headers, or retry logic.
243//
244//
245//    // Example sending a request using the AddUserToGroupRequest method.
246//    req, resp := client.AddUserToGroupRequest(params)
247//
248//    err := req.Send()
249//    if err == nil { // resp is now filled
250//        fmt.Println(resp)
251//    }
252//
253// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/AddUserToGroup
254func (c *IAM) AddUserToGroupRequest(input *AddUserToGroupInput) (req *request.Request, output *AddUserToGroupOutput) {
255	op := &request.Operation{
256		Name:       opAddUserToGroup,
257		HTTPMethod: "POST",
258		HTTPPath:   "/",
259	}
260
261	if input == nil {
262		input = &AddUserToGroupInput{}
263	}
264
265	output = &AddUserToGroupOutput{}
266	req = c.newRequest(op, input, output)
267	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
268	return
269}
270
271// AddUserToGroup API operation for AWS Identity and Access Management.
272//
273// Adds the specified user to the specified group.
274//
275// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
276// with awserr.Error's Code and Message methods to get detailed information about
277// the error.
278//
279// See the AWS API reference guide for AWS Identity and Access Management's
280// API operation AddUserToGroup for usage and error information.
281//
282// Returned Error Codes:
283//   * ErrCodeNoSuchEntityException "NoSuchEntity"
284//   The request was rejected because it referenced a resource entity that does
285//   not exist. The error message describes the resource.
286//
287//   * ErrCodeLimitExceededException "LimitExceeded"
288//   The request was rejected because it attempted to create resources beyond
289//   the current Amazon Web Services account limits. The error message describes
290//   the limit exceeded.
291//
292//   * ErrCodeServiceFailureException "ServiceFailure"
293//   The request processing has failed because of an unknown error, exception
294//   or failure.
295//
296// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/AddUserToGroup
297func (c *IAM) AddUserToGroup(input *AddUserToGroupInput) (*AddUserToGroupOutput, error) {
298	req, out := c.AddUserToGroupRequest(input)
299	return out, req.Send()
300}
301
302// AddUserToGroupWithContext is the same as AddUserToGroup with the addition of
303// the ability to pass a context and additional request options.
304//
305// See AddUserToGroup for details on how to use this API operation.
306//
307// The context must be non-nil and will be used for request cancellation. If
308// the context is nil a panic will occur. In the future the SDK may create
309// sub-contexts for http.Requests. See https://golang.org/pkg/context/
310// for more information on using Contexts.
311func (c *IAM) AddUserToGroupWithContext(ctx aws.Context, input *AddUserToGroupInput, opts ...request.Option) (*AddUserToGroupOutput, error) {
312	req, out := c.AddUserToGroupRequest(input)
313	req.SetContext(ctx)
314	req.ApplyOptions(opts...)
315	return out, req.Send()
316}
317
318const opAttachGroupPolicy = "AttachGroupPolicy"
319
320// AttachGroupPolicyRequest generates a "aws/request.Request" representing the
321// client's request for the AttachGroupPolicy operation. The "output" return
322// value will be populated with the request's response once the request completes
323// successfully.
324//
325// Use "Send" method on the returned Request to send the API call to the service.
326// the "output" return value is not valid until after Send returns without error.
327//
328// See AttachGroupPolicy for more information on using the AttachGroupPolicy
329// API call, and error handling.
330//
331// This method is useful when you want to inject custom logic or configuration
332// into the SDK's request lifecycle. Such as custom headers, or retry logic.
333//
334//
335//    // Example sending a request using the AttachGroupPolicyRequest method.
336//    req, resp := client.AttachGroupPolicyRequest(params)
337//
338//    err := req.Send()
339//    if err == nil { // resp is now filled
340//        fmt.Println(resp)
341//    }
342//
343// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/AttachGroupPolicy
344func (c *IAM) AttachGroupPolicyRequest(input *AttachGroupPolicyInput) (req *request.Request, output *AttachGroupPolicyOutput) {
345	op := &request.Operation{
346		Name:       opAttachGroupPolicy,
347		HTTPMethod: "POST",
348		HTTPPath:   "/",
349	}
350
351	if input == nil {
352		input = &AttachGroupPolicyInput{}
353	}
354
355	output = &AttachGroupPolicyOutput{}
356	req = c.newRequest(op, input, output)
357	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
358	return
359}
360
361// AttachGroupPolicy API operation for AWS Identity and Access Management.
362//
363// Attaches the specified managed policy to the specified IAM group.
364//
365// You use this operation to attach a managed policy to a group. To embed an
366// inline policy in a group, use PutGroupPolicy.
367//
368// As a best practice, you can validate your IAM policies. To learn more, see
369// Validating IAM policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_policy-validator.html)
370// in the IAM User Guide.
371//
372// For more information about policies, see Managed policies and inline policies
373// (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
374// in the IAM User Guide.
375//
376// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
377// with awserr.Error's Code and Message methods to get detailed information about
378// the error.
379//
380// See the AWS API reference guide for AWS Identity and Access Management's
381// API operation AttachGroupPolicy for usage and error information.
382//
383// Returned Error Codes:
384//   * ErrCodeNoSuchEntityException "NoSuchEntity"
385//   The request was rejected because it referenced a resource entity that does
386//   not exist. The error message describes the resource.
387//
388//   * ErrCodeLimitExceededException "LimitExceeded"
389//   The request was rejected because it attempted to create resources beyond
390//   the current Amazon Web Services account limits. The error message describes
391//   the limit exceeded.
392//
393//   * ErrCodeInvalidInputException "InvalidInput"
394//   The request was rejected because an invalid or out-of-range value was supplied
395//   for an input parameter.
396//
397//   * ErrCodePolicyNotAttachableException "PolicyNotAttachable"
398//   The request failed because Amazon Web Services service role policies can
399//   only be attached to the service-linked role for that service.
400//
401//   * ErrCodeServiceFailureException "ServiceFailure"
402//   The request processing has failed because of an unknown error, exception
403//   or failure.
404//
405// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/AttachGroupPolicy
406func (c *IAM) AttachGroupPolicy(input *AttachGroupPolicyInput) (*AttachGroupPolicyOutput, error) {
407	req, out := c.AttachGroupPolicyRequest(input)
408	return out, req.Send()
409}
410
411// AttachGroupPolicyWithContext is the same as AttachGroupPolicy with the addition of
412// the ability to pass a context and additional request options.
413//
414// See AttachGroupPolicy for details on how to use this API operation.
415//
416// The context must be non-nil and will be used for request cancellation. If
417// the context is nil a panic will occur. In the future the SDK may create
418// sub-contexts for http.Requests. See https://golang.org/pkg/context/
419// for more information on using Contexts.
420func (c *IAM) AttachGroupPolicyWithContext(ctx aws.Context, input *AttachGroupPolicyInput, opts ...request.Option) (*AttachGroupPolicyOutput, error) {
421	req, out := c.AttachGroupPolicyRequest(input)
422	req.SetContext(ctx)
423	req.ApplyOptions(opts...)
424	return out, req.Send()
425}
426
427const opAttachRolePolicy = "AttachRolePolicy"
428
429// AttachRolePolicyRequest generates a "aws/request.Request" representing the
430// client's request for the AttachRolePolicy operation. The "output" return
431// value will be populated with the request's response once the request completes
432// successfully.
433//
434// Use "Send" method on the returned Request to send the API call to the service.
435// the "output" return value is not valid until after Send returns without error.
436//
437// See AttachRolePolicy for more information on using the AttachRolePolicy
438// API call, and error handling.
439//
440// This method is useful when you want to inject custom logic or configuration
441// into the SDK's request lifecycle. Such as custom headers, or retry logic.
442//
443//
444//    // Example sending a request using the AttachRolePolicyRequest method.
445//    req, resp := client.AttachRolePolicyRequest(params)
446//
447//    err := req.Send()
448//    if err == nil { // resp is now filled
449//        fmt.Println(resp)
450//    }
451//
452// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/AttachRolePolicy
453func (c *IAM) AttachRolePolicyRequest(input *AttachRolePolicyInput) (req *request.Request, output *AttachRolePolicyOutput) {
454	op := &request.Operation{
455		Name:       opAttachRolePolicy,
456		HTTPMethod: "POST",
457		HTTPPath:   "/",
458	}
459
460	if input == nil {
461		input = &AttachRolePolicyInput{}
462	}
463
464	output = &AttachRolePolicyOutput{}
465	req = c.newRequest(op, input, output)
466	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
467	return
468}
469
470// AttachRolePolicy API operation for AWS Identity and Access Management.
471//
472// Attaches the specified managed policy to the specified IAM role. When you
473// attach a managed policy to a role, the managed policy becomes part of the
474// role's permission (access) policy.
475//
476// You cannot use a managed policy as the role's trust policy. The role's trust
477// policy is created at the same time as the role, using CreateRole. You can
478// update a role's trust policy using UpdateAssumeRolePolicy.
479//
480// Use this operation to attach a managed policy to a role. To embed an inline
481// policy in a role, use PutRolePolicy. For more information about policies,
482// see Managed policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
483// in the IAM User Guide.
484//
485// As a best practice, you can validate your IAM policies. To learn more, see
486// Validating IAM policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_policy-validator.html)
487// in the IAM User Guide.
488//
489// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
490// with awserr.Error's Code and Message methods to get detailed information about
491// the error.
492//
493// See the AWS API reference guide for AWS Identity and Access Management's
494// API operation AttachRolePolicy for usage and error information.
495//
496// Returned Error Codes:
497//   * ErrCodeNoSuchEntityException "NoSuchEntity"
498//   The request was rejected because it referenced a resource entity that does
499//   not exist. The error message describes the resource.
500//
501//   * ErrCodeLimitExceededException "LimitExceeded"
502//   The request was rejected because it attempted to create resources beyond
503//   the current Amazon Web Services account limits. The error message describes
504//   the limit exceeded.
505//
506//   * ErrCodeInvalidInputException "InvalidInput"
507//   The request was rejected because an invalid or out-of-range value was supplied
508//   for an input parameter.
509//
510//   * ErrCodeUnmodifiableEntityException "UnmodifiableEntity"
511//   The request was rejected because only the service that depends on the service-linked
512//   role can modify or delete the role on your behalf. The error message includes
513//   the name of the service that depends on this service-linked role. You must
514//   request the change through that service.
515//
516//   * ErrCodePolicyNotAttachableException "PolicyNotAttachable"
517//   The request failed because Amazon Web Services service role policies can
518//   only be attached to the service-linked role for that service.
519//
520//   * ErrCodeServiceFailureException "ServiceFailure"
521//   The request processing has failed because of an unknown error, exception
522//   or failure.
523//
524// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/AttachRolePolicy
525func (c *IAM) AttachRolePolicy(input *AttachRolePolicyInput) (*AttachRolePolicyOutput, error) {
526	req, out := c.AttachRolePolicyRequest(input)
527	return out, req.Send()
528}
529
530// AttachRolePolicyWithContext is the same as AttachRolePolicy with the addition of
531// the ability to pass a context and additional request options.
532//
533// See AttachRolePolicy for details on how to use this API operation.
534//
535// The context must be non-nil and will be used for request cancellation. If
536// the context is nil a panic will occur. In the future the SDK may create
537// sub-contexts for http.Requests. See https://golang.org/pkg/context/
538// for more information on using Contexts.
539func (c *IAM) AttachRolePolicyWithContext(ctx aws.Context, input *AttachRolePolicyInput, opts ...request.Option) (*AttachRolePolicyOutput, error) {
540	req, out := c.AttachRolePolicyRequest(input)
541	req.SetContext(ctx)
542	req.ApplyOptions(opts...)
543	return out, req.Send()
544}
545
546const opAttachUserPolicy = "AttachUserPolicy"
547
548// AttachUserPolicyRequest generates a "aws/request.Request" representing the
549// client's request for the AttachUserPolicy operation. The "output" return
550// value will be populated with the request's response once the request completes
551// successfully.
552//
553// Use "Send" method on the returned Request to send the API call to the service.
554// the "output" return value is not valid until after Send returns without error.
555//
556// See AttachUserPolicy for more information on using the AttachUserPolicy
557// API call, and error handling.
558//
559// This method is useful when you want to inject custom logic or configuration
560// into the SDK's request lifecycle. Such as custom headers, or retry logic.
561//
562//
563//    // Example sending a request using the AttachUserPolicyRequest method.
564//    req, resp := client.AttachUserPolicyRequest(params)
565//
566//    err := req.Send()
567//    if err == nil { // resp is now filled
568//        fmt.Println(resp)
569//    }
570//
571// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/AttachUserPolicy
572func (c *IAM) AttachUserPolicyRequest(input *AttachUserPolicyInput) (req *request.Request, output *AttachUserPolicyOutput) {
573	op := &request.Operation{
574		Name:       opAttachUserPolicy,
575		HTTPMethod: "POST",
576		HTTPPath:   "/",
577	}
578
579	if input == nil {
580		input = &AttachUserPolicyInput{}
581	}
582
583	output = &AttachUserPolicyOutput{}
584	req = c.newRequest(op, input, output)
585	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
586	return
587}
588
589// AttachUserPolicy API operation for AWS Identity and Access Management.
590//
591// Attaches the specified managed policy to the specified user.
592//
593// You use this operation to attach a managed policy to a user. To embed an
594// inline policy in a user, use PutUserPolicy.
595//
596// As a best practice, you can validate your IAM policies. To learn more, see
597// Validating IAM policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_policy-validator.html)
598// in the IAM User Guide.
599//
600// For more information about policies, see Managed policies and inline policies
601// (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
602// in the IAM User Guide.
603//
604// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
605// with awserr.Error's Code and Message methods to get detailed information about
606// the error.
607//
608// See the AWS API reference guide for AWS Identity and Access Management's
609// API operation AttachUserPolicy for usage and error information.
610//
611// Returned Error Codes:
612//   * ErrCodeNoSuchEntityException "NoSuchEntity"
613//   The request was rejected because it referenced a resource entity that does
614//   not exist. The error message describes the resource.
615//
616//   * ErrCodeLimitExceededException "LimitExceeded"
617//   The request was rejected because it attempted to create resources beyond
618//   the current Amazon Web Services account limits. The error message describes
619//   the limit exceeded.
620//
621//   * ErrCodeInvalidInputException "InvalidInput"
622//   The request was rejected because an invalid or out-of-range value was supplied
623//   for an input parameter.
624//
625//   * ErrCodePolicyNotAttachableException "PolicyNotAttachable"
626//   The request failed because Amazon Web Services service role policies can
627//   only be attached to the service-linked role for that service.
628//
629//   * ErrCodeServiceFailureException "ServiceFailure"
630//   The request processing has failed because of an unknown error, exception
631//   or failure.
632//
633// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/AttachUserPolicy
634func (c *IAM) AttachUserPolicy(input *AttachUserPolicyInput) (*AttachUserPolicyOutput, error) {
635	req, out := c.AttachUserPolicyRequest(input)
636	return out, req.Send()
637}
638
639// AttachUserPolicyWithContext is the same as AttachUserPolicy with the addition of
640// the ability to pass a context and additional request options.
641//
642// See AttachUserPolicy for details on how to use this API operation.
643//
644// The context must be non-nil and will be used for request cancellation. If
645// the context is nil a panic will occur. In the future the SDK may create
646// sub-contexts for http.Requests. See https://golang.org/pkg/context/
647// for more information on using Contexts.
648func (c *IAM) AttachUserPolicyWithContext(ctx aws.Context, input *AttachUserPolicyInput, opts ...request.Option) (*AttachUserPolicyOutput, error) {
649	req, out := c.AttachUserPolicyRequest(input)
650	req.SetContext(ctx)
651	req.ApplyOptions(opts...)
652	return out, req.Send()
653}
654
655const opChangePassword = "ChangePassword"
656
657// ChangePasswordRequest generates a "aws/request.Request" representing the
658// client's request for the ChangePassword operation. The "output" return
659// value will be populated with the request's response once the request completes
660// successfully.
661//
662// Use "Send" method on the returned Request to send the API call to the service.
663// the "output" return value is not valid until after Send returns without error.
664//
665// See ChangePassword for more information on using the ChangePassword
666// API call, and error handling.
667//
668// This method is useful when you want to inject custom logic or configuration
669// into the SDK's request lifecycle. Such as custom headers, or retry logic.
670//
671//
672//    // Example sending a request using the ChangePasswordRequest method.
673//    req, resp := client.ChangePasswordRequest(params)
674//
675//    err := req.Send()
676//    if err == nil { // resp is now filled
677//        fmt.Println(resp)
678//    }
679//
680// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ChangePassword
681func (c *IAM) ChangePasswordRequest(input *ChangePasswordInput) (req *request.Request, output *ChangePasswordOutput) {
682	op := &request.Operation{
683		Name:       opChangePassword,
684		HTTPMethod: "POST",
685		HTTPPath:   "/",
686	}
687
688	if input == nil {
689		input = &ChangePasswordInput{}
690	}
691
692	output = &ChangePasswordOutput{}
693	req = c.newRequest(op, input, output)
694	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
695	return
696}
697
698// ChangePassword API operation for AWS Identity and Access Management.
699//
700// Changes the password of the IAM user who is calling this operation. This
701// operation can be performed using the CLI, the Amazon Web Services API, or
702// the My Security Credentials page in the Amazon Web Services Management Console.
703// The Amazon Web Services account root user password is not affected by this
704// operation.
705//
706// Use UpdateLoginProfile to use the CLI, the Amazon Web Services API, or the
707// Users page in the IAM console to change the password for any IAM user. For
708// more information about modifying passwords, see Managing passwords (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_ManagingLogins.html)
709// in the IAM User Guide.
710//
711// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
712// with awserr.Error's Code and Message methods to get detailed information about
713// the error.
714//
715// See the AWS API reference guide for AWS Identity and Access Management's
716// API operation ChangePassword for usage and error information.
717//
718// Returned Error Codes:
719//   * ErrCodeNoSuchEntityException "NoSuchEntity"
720//   The request was rejected because it referenced a resource entity that does
721//   not exist. The error message describes the resource.
722//
723//   * ErrCodeInvalidUserTypeException "InvalidUserType"
724//   The request was rejected because the type of user for the transaction was
725//   incorrect.
726//
727//   * ErrCodeLimitExceededException "LimitExceeded"
728//   The request was rejected because it attempted to create resources beyond
729//   the current Amazon Web Services account limits. The error message describes
730//   the limit exceeded.
731//
732//   * ErrCodeEntityTemporarilyUnmodifiableException "EntityTemporarilyUnmodifiable"
733//   The request was rejected because it referenced an entity that is temporarily
734//   unmodifiable, such as a user name that was deleted and then recreated. The
735//   error indicates that the request is likely to succeed if you try again after
736//   waiting several minutes. The error message describes the entity.
737//
738//   * ErrCodePasswordPolicyViolationException "PasswordPolicyViolation"
739//   The request was rejected because the provided password did not meet the requirements
740//   imposed by the account password policy.
741//
742//   * ErrCodeServiceFailureException "ServiceFailure"
743//   The request processing has failed because of an unknown error, exception
744//   or failure.
745//
746// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ChangePassword
747func (c *IAM) ChangePassword(input *ChangePasswordInput) (*ChangePasswordOutput, error) {
748	req, out := c.ChangePasswordRequest(input)
749	return out, req.Send()
750}
751
752// ChangePasswordWithContext is the same as ChangePassword with the addition of
753// the ability to pass a context and additional request options.
754//
755// See ChangePassword for details on how to use this API operation.
756//
757// The context must be non-nil and will be used for request cancellation. If
758// the context is nil a panic will occur. In the future the SDK may create
759// sub-contexts for http.Requests. See https://golang.org/pkg/context/
760// for more information on using Contexts.
761func (c *IAM) ChangePasswordWithContext(ctx aws.Context, input *ChangePasswordInput, opts ...request.Option) (*ChangePasswordOutput, error) {
762	req, out := c.ChangePasswordRequest(input)
763	req.SetContext(ctx)
764	req.ApplyOptions(opts...)
765	return out, req.Send()
766}
767
768const opCreateAccessKey = "CreateAccessKey"
769
770// CreateAccessKeyRequest generates a "aws/request.Request" representing the
771// client's request for the CreateAccessKey operation. The "output" return
772// value will be populated with the request's response once the request completes
773// successfully.
774//
775// Use "Send" method on the returned Request to send the API call to the service.
776// the "output" return value is not valid until after Send returns without error.
777//
778// See CreateAccessKey for more information on using the CreateAccessKey
779// API call, and error handling.
780//
781// This method is useful when you want to inject custom logic or configuration
782// into the SDK's request lifecycle. Such as custom headers, or retry logic.
783//
784//
785//    // Example sending a request using the CreateAccessKeyRequest method.
786//    req, resp := client.CreateAccessKeyRequest(params)
787//
788//    err := req.Send()
789//    if err == nil { // resp is now filled
790//        fmt.Println(resp)
791//    }
792//
793// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateAccessKey
794func (c *IAM) CreateAccessKeyRequest(input *CreateAccessKeyInput) (req *request.Request, output *CreateAccessKeyOutput) {
795	op := &request.Operation{
796		Name:       opCreateAccessKey,
797		HTTPMethod: "POST",
798		HTTPPath:   "/",
799	}
800
801	if input == nil {
802		input = &CreateAccessKeyInput{}
803	}
804
805	output = &CreateAccessKeyOutput{}
806	req = c.newRequest(op, input, output)
807	return
808}
809
810// CreateAccessKey API operation for AWS Identity and Access Management.
811//
812// Creates a new Amazon Web Services secret access key and corresponding Amazon
813// Web Services access key ID for the specified user. The default status for
814// new keys is Active.
815//
816// If you do not specify a user name, IAM determines the user name implicitly
817// based on the Amazon Web Services access key ID signing the request. This
818// operation works for access keys under the Amazon Web Services account. Consequently,
819// you can use this operation to manage Amazon Web Services account root user
820// credentials. This is true even if the Amazon Web Services account has no
821// associated users.
822//
823// For information about quotas on the number of keys you can create, see IAM
824// and STS quotas (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html)
825// in the IAM User Guide.
826//
827// To ensure the security of your Amazon Web Services account, the secret access
828// key is accessible only during key and user creation. You must save the key
829// (for example, in a text file) if you want to be able to access it again.
830// If a secret key is lost, you can delete the access keys for the associated
831// user and then create new keys.
832//
833// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
834// with awserr.Error's Code and Message methods to get detailed information about
835// the error.
836//
837// See the AWS API reference guide for AWS Identity and Access Management's
838// API operation CreateAccessKey for usage and error information.
839//
840// Returned Error Codes:
841//   * ErrCodeNoSuchEntityException "NoSuchEntity"
842//   The request was rejected because it referenced a resource entity that does
843//   not exist. The error message describes the resource.
844//
845//   * ErrCodeLimitExceededException "LimitExceeded"
846//   The request was rejected because it attempted to create resources beyond
847//   the current Amazon Web Services account limits. The error message describes
848//   the limit exceeded.
849//
850//   * ErrCodeServiceFailureException "ServiceFailure"
851//   The request processing has failed because of an unknown error, exception
852//   or failure.
853//
854// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateAccessKey
855func (c *IAM) CreateAccessKey(input *CreateAccessKeyInput) (*CreateAccessKeyOutput, error) {
856	req, out := c.CreateAccessKeyRequest(input)
857	return out, req.Send()
858}
859
860// CreateAccessKeyWithContext is the same as CreateAccessKey with the addition of
861// the ability to pass a context and additional request options.
862//
863// See CreateAccessKey for details on how to use this API operation.
864//
865// The context must be non-nil and will be used for request cancellation. If
866// the context is nil a panic will occur. In the future the SDK may create
867// sub-contexts for http.Requests. See https://golang.org/pkg/context/
868// for more information on using Contexts.
869func (c *IAM) CreateAccessKeyWithContext(ctx aws.Context, input *CreateAccessKeyInput, opts ...request.Option) (*CreateAccessKeyOutput, error) {
870	req, out := c.CreateAccessKeyRequest(input)
871	req.SetContext(ctx)
872	req.ApplyOptions(opts...)
873	return out, req.Send()
874}
875
876const opCreateAccountAlias = "CreateAccountAlias"
877
878// CreateAccountAliasRequest generates a "aws/request.Request" representing the
879// client's request for the CreateAccountAlias operation. The "output" return
880// value will be populated with the request's response once the request completes
881// successfully.
882//
883// Use "Send" method on the returned Request to send the API call to the service.
884// the "output" return value is not valid until after Send returns without error.
885//
886// See CreateAccountAlias for more information on using the CreateAccountAlias
887// API call, and error handling.
888//
889// This method is useful when you want to inject custom logic or configuration
890// into the SDK's request lifecycle. Such as custom headers, or retry logic.
891//
892//
893//    // Example sending a request using the CreateAccountAliasRequest method.
894//    req, resp := client.CreateAccountAliasRequest(params)
895//
896//    err := req.Send()
897//    if err == nil { // resp is now filled
898//        fmt.Println(resp)
899//    }
900//
901// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateAccountAlias
902func (c *IAM) CreateAccountAliasRequest(input *CreateAccountAliasInput) (req *request.Request, output *CreateAccountAliasOutput) {
903	op := &request.Operation{
904		Name:       opCreateAccountAlias,
905		HTTPMethod: "POST",
906		HTTPPath:   "/",
907	}
908
909	if input == nil {
910		input = &CreateAccountAliasInput{}
911	}
912
913	output = &CreateAccountAliasOutput{}
914	req = c.newRequest(op, input, output)
915	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
916	return
917}
918
919// CreateAccountAlias API operation for AWS Identity and Access Management.
920//
921// Creates an alias for your Amazon Web Services account. For information about
922// using an Amazon Web Services account alias, see Using an alias for your Amazon
923// Web Services account ID (https://docs.aws.amazon.com/IAM/latest/UserGuide/AccountAlias.html)
924// in the IAM User Guide.
925//
926// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
927// with awserr.Error's Code and Message methods to get detailed information about
928// the error.
929//
930// See the AWS API reference guide for AWS Identity and Access Management's
931// API operation CreateAccountAlias for usage and error information.
932//
933// Returned Error Codes:
934//   * ErrCodeEntityAlreadyExistsException "EntityAlreadyExists"
935//   The request was rejected because it attempted to create a resource that already
936//   exists.
937//
938//   * ErrCodeLimitExceededException "LimitExceeded"
939//   The request was rejected because it attempted to create resources beyond
940//   the current Amazon Web Services account limits. The error message describes
941//   the limit exceeded.
942//
943//   * ErrCodeServiceFailureException "ServiceFailure"
944//   The request processing has failed because of an unknown error, exception
945//   or failure.
946//
947// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateAccountAlias
948func (c *IAM) CreateAccountAlias(input *CreateAccountAliasInput) (*CreateAccountAliasOutput, error) {
949	req, out := c.CreateAccountAliasRequest(input)
950	return out, req.Send()
951}
952
953// CreateAccountAliasWithContext is the same as CreateAccountAlias with the addition of
954// the ability to pass a context and additional request options.
955//
956// See CreateAccountAlias for details on how to use this API operation.
957//
958// The context must be non-nil and will be used for request cancellation. If
959// the context is nil a panic will occur. In the future the SDK may create
960// sub-contexts for http.Requests. See https://golang.org/pkg/context/
961// for more information on using Contexts.
962func (c *IAM) CreateAccountAliasWithContext(ctx aws.Context, input *CreateAccountAliasInput, opts ...request.Option) (*CreateAccountAliasOutput, error) {
963	req, out := c.CreateAccountAliasRequest(input)
964	req.SetContext(ctx)
965	req.ApplyOptions(opts...)
966	return out, req.Send()
967}
968
969const opCreateGroup = "CreateGroup"
970
971// CreateGroupRequest generates a "aws/request.Request" representing the
972// client's request for the CreateGroup operation. The "output" return
973// value will be populated with the request's response once the request completes
974// successfully.
975//
976// Use "Send" method on the returned Request to send the API call to the service.
977// the "output" return value is not valid until after Send returns without error.
978//
979// See CreateGroup for more information on using the CreateGroup
980// API call, and error handling.
981//
982// This method is useful when you want to inject custom logic or configuration
983// into the SDK's request lifecycle. Such as custom headers, or retry logic.
984//
985//
986//    // Example sending a request using the CreateGroupRequest method.
987//    req, resp := client.CreateGroupRequest(params)
988//
989//    err := req.Send()
990//    if err == nil { // resp is now filled
991//        fmt.Println(resp)
992//    }
993//
994// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateGroup
995func (c *IAM) CreateGroupRequest(input *CreateGroupInput) (req *request.Request, output *CreateGroupOutput) {
996	op := &request.Operation{
997		Name:       opCreateGroup,
998		HTTPMethod: "POST",
999		HTTPPath:   "/",
1000	}
1001
1002	if input == nil {
1003		input = &CreateGroupInput{}
1004	}
1005
1006	output = &CreateGroupOutput{}
1007	req = c.newRequest(op, input, output)
1008	return
1009}
1010
1011// CreateGroup API operation for AWS Identity and Access Management.
1012//
1013// Creates a new group.
1014//
1015// For information about the number of groups you can create, see IAM and STS
1016// quotas (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html)
1017// in the IAM User Guide.
1018//
1019// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
1020// with awserr.Error's Code and Message methods to get detailed information about
1021// the error.
1022//
1023// See the AWS API reference guide for AWS Identity and Access Management's
1024// API operation CreateGroup for usage and error information.
1025//
1026// Returned Error Codes:
1027//   * ErrCodeLimitExceededException "LimitExceeded"
1028//   The request was rejected because it attempted to create resources beyond
1029//   the current Amazon Web Services account limits. The error message describes
1030//   the limit exceeded.
1031//
1032//   * ErrCodeEntityAlreadyExistsException "EntityAlreadyExists"
1033//   The request was rejected because it attempted to create a resource that already
1034//   exists.
1035//
1036//   * ErrCodeNoSuchEntityException "NoSuchEntity"
1037//   The request was rejected because it referenced a resource entity that does
1038//   not exist. The error message describes the resource.
1039//
1040//   * ErrCodeServiceFailureException "ServiceFailure"
1041//   The request processing has failed because of an unknown error, exception
1042//   or failure.
1043//
1044// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateGroup
1045func (c *IAM) CreateGroup(input *CreateGroupInput) (*CreateGroupOutput, error) {
1046	req, out := c.CreateGroupRequest(input)
1047	return out, req.Send()
1048}
1049
1050// CreateGroupWithContext is the same as CreateGroup with the addition of
1051// the ability to pass a context and additional request options.
1052//
1053// See CreateGroup for details on how to use this API operation.
1054//
1055// The context must be non-nil and will be used for request cancellation. If
1056// the context is nil a panic will occur. In the future the SDK may create
1057// sub-contexts for http.Requests. See https://golang.org/pkg/context/
1058// for more information on using Contexts.
1059func (c *IAM) CreateGroupWithContext(ctx aws.Context, input *CreateGroupInput, opts ...request.Option) (*CreateGroupOutput, error) {
1060	req, out := c.CreateGroupRequest(input)
1061	req.SetContext(ctx)
1062	req.ApplyOptions(opts...)
1063	return out, req.Send()
1064}
1065
1066const opCreateInstanceProfile = "CreateInstanceProfile"
1067
1068// CreateInstanceProfileRequest generates a "aws/request.Request" representing the
1069// client's request for the CreateInstanceProfile operation. The "output" return
1070// value will be populated with the request's response once the request completes
1071// successfully.
1072//
1073// Use "Send" method on the returned Request to send the API call to the service.
1074// the "output" return value is not valid until after Send returns without error.
1075//
1076// See CreateInstanceProfile for more information on using the CreateInstanceProfile
1077// API call, and error handling.
1078//
1079// This method is useful when you want to inject custom logic or configuration
1080// into the SDK's request lifecycle. Such as custom headers, or retry logic.
1081//
1082//
1083//    // Example sending a request using the CreateInstanceProfileRequest method.
1084//    req, resp := client.CreateInstanceProfileRequest(params)
1085//
1086//    err := req.Send()
1087//    if err == nil { // resp is now filled
1088//        fmt.Println(resp)
1089//    }
1090//
1091// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateInstanceProfile
1092func (c *IAM) CreateInstanceProfileRequest(input *CreateInstanceProfileInput) (req *request.Request, output *CreateInstanceProfileOutput) {
1093	op := &request.Operation{
1094		Name:       opCreateInstanceProfile,
1095		HTTPMethod: "POST",
1096		HTTPPath:   "/",
1097	}
1098
1099	if input == nil {
1100		input = &CreateInstanceProfileInput{}
1101	}
1102
1103	output = &CreateInstanceProfileOutput{}
1104	req = c.newRequest(op, input, output)
1105	return
1106}
1107
1108// CreateInstanceProfile API operation for AWS Identity and Access Management.
1109//
1110// Creates a new instance profile. For information about instance profiles,
1111// see Using roles for applications on Amazon EC2 (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use_switch-role-ec2.html)
1112// in the IAM User Guide, and Instance profiles (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/iam-roles-for-amazon-ec2.html#ec2-instance-profile)
1113// in the Amazon EC2 User Guide.
1114//
1115// For information about the number of instance profiles you can create, see
1116// IAM object quotas (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html)
1117// in the IAM User Guide.
1118//
1119// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
1120// with awserr.Error's Code and Message methods to get detailed information about
1121// the error.
1122//
1123// See the AWS API reference guide for AWS Identity and Access Management's
1124// API operation CreateInstanceProfile for usage and error information.
1125//
1126// Returned Error Codes:
1127//   * ErrCodeEntityAlreadyExistsException "EntityAlreadyExists"
1128//   The request was rejected because it attempted to create a resource that already
1129//   exists.
1130//
1131//   * ErrCodeInvalidInputException "InvalidInput"
1132//   The request was rejected because an invalid or out-of-range value was supplied
1133//   for an input parameter.
1134//
1135//   * ErrCodeLimitExceededException "LimitExceeded"
1136//   The request was rejected because it attempted to create resources beyond
1137//   the current Amazon Web Services account limits. The error message describes
1138//   the limit exceeded.
1139//
1140//   * ErrCodeConcurrentModificationException "ConcurrentModification"
1141//   The request was rejected because multiple requests to change this object
1142//   were submitted simultaneously. Wait a few minutes and submit your request
1143//   again.
1144//
1145//   * ErrCodeServiceFailureException "ServiceFailure"
1146//   The request processing has failed because of an unknown error, exception
1147//   or failure.
1148//
1149// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateInstanceProfile
1150func (c *IAM) CreateInstanceProfile(input *CreateInstanceProfileInput) (*CreateInstanceProfileOutput, error) {
1151	req, out := c.CreateInstanceProfileRequest(input)
1152	return out, req.Send()
1153}
1154
1155// CreateInstanceProfileWithContext is the same as CreateInstanceProfile with the addition of
1156// the ability to pass a context and additional request options.
1157//
1158// See CreateInstanceProfile for details on how to use this API operation.
1159//
1160// The context must be non-nil and will be used for request cancellation. If
1161// the context is nil a panic will occur. In the future the SDK may create
1162// sub-contexts for http.Requests. See https://golang.org/pkg/context/
1163// for more information on using Contexts.
1164func (c *IAM) CreateInstanceProfileWithContext(ctx aws.Context, input *CreateInstanceProfileInput, opts ...request.Option) (*CreateInstanceProfileOutput, error) {
1165	req, out := c.CreateInstanceProfileRequest(input)
1166	req.SetContext(ctx)
1167	req.ApplyOptions(opts...)
1168	return out, req.Send()
1169}
1170
1171const opCreateLoginProfile = "CreateLoginProfile"
1172
1173// CreateLoginProfileRequest generates a "aws/request.Request" representing the
1174// client's request for the CreateLoginProfile operation. The "output" return
1175// value will be populated with the request's response once the request completes
1176// successfully.
1177//
1178// Use "Send" method on the returned Request to send the API call to the service.
1179// the "output" return value is not valid until after Send returns without error.
1180//
1181// See CreateLoginProfile for more information on using the CreateLoginProfile
1182// API call, and error handling.
1183//
1184// This method is useful when you want to inject custom logic or configuration
1185// into the SDK's request lifecycle. Such as custom headers, or retry logic.
1186//
1187//
1188//    // Example sending a request using the CreateLoginProfileRequest method.
1189//    req, resp := client.CreateLoginProfileRequest(params)
1190//
1191//    err := req.Send()
1192//    if err == nil { // resp is now filled
1193//        fmt.Println(resp)
1194//    }
1195//
1196// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateLoginProfile
1197func (c *IAM) CreateLoginProfileRequest(input *CreateLoginProfileInput) (req *request.Request, output *CreateLoginProfileOutput) {
1198	op := &request.Operation{
1199		Name:       opCreateLoginProfile,
1200		HTTPMethod: "POST",
1201		HTTPPath:   "/",
1202	}
1203
1204	if input == nil {
1205		input = &CreateLoginProfileInput{}
1206	}
1207
1208	output = &CreateLoginProfileOutput{}
1209	req = c.newRequest(op, input, output)
1210	return
1211}
1212
1213// CreateLoginProfile API operation for AWS Identity and Access Management.
1214//
1215// Creates a password for the specified IAM user. A password allows an IAM user
1216// to access Amazon Web Services services through the Amazon Web Services Management
1217// Console.
1218//
1219// You can use the CLI, the Amazon Web Services API, or the Users page in the
1220// IAM console to create a password for any IAM user. Use ChangePassword to
1221// update your own existing password in the My Security Credentials page in
1222// the Amazon Web Services Management Console.
1223//
1224// For more information about managing passwords, see Managing passwords (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_ManagingLogins.html)
1225// in the IAM User Guide.
1226//
1227// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
1228// with awserr.Error's Code and Message methods to get detailed information about
1229// the error.
1230//
1231// See the AWS API reference guide for AWS Identity and Access Management's
1232// API operation CreateLoginProfile for usage and error information.
1233//
1234// Returned Error Codes:
1235//   * ErrCodeEntityAlreadyExistsException "EntityAlreadyExists"
1236//   The request was rejected because it attempted to create a resource that already
1237//   exists.
1238//
1239//   * ErrCodeNoSuchEntityException "NoSuchEntity"
1240//   The request was rejected because it referenced a resource entity that does
1241//   not exist. The error message describes the resource.
1242//
1243//   * ErrCodePasswordPolicyViolationException "PasswordPolicyViolation"
1244//   The request was rejected because the provided password did not meet the requirements
1245//   imposed by the account password policy.
1246//
1247//   * ErrCodeLimitExceededException "LimitExceeded"
1248//   The request was rejected because it attempted to create resources beyond
1249//   the current Amazon Web Services account limits. The error message describes
1250//   the limit exceeded.
1251//
1252//   * ErrCodeServiceFailureException "ServiceFailure"
1253//   The request processing has failed because of an unknown error, exception
1254//   or failure.
1255//
1256// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateLoginProfile
1257func (c *IAM) CreateLoginProfile(input *CreateLoginProfileInput) (*CreateLoginProfileOutput, error) {
1258	req, out := c.CreateLoginProfileRequest(input)
1259	return out, req.Send()
1260}
1261
1262// CreateLoginProfileWithContext is the same as CreateLoginProfile with the addition of
1263// the ability to pass a context and additional request options.
1264//
1265// See CreateLoginProfile for details on how to use this API operation.
1266//
1267// The context must be non-nil and will be used for request cancellation. If
1268// the context is nil a panic will occur. In the future the SDK may create
1269// sub-contexts for http.Requests. See https://golang.org/pkg/context/
1270// for more information on using Contexts.
1271func (c *IAM) CreateLoginProfileWithContext(ctx aws.Context, input *CreateLoginProfileInput, opts ...request.Option) (*CreateLoginProfileOutput, error) {
1272	req, out := c.CreateLoginProfileRequest(input)
1273	req.SetContext(ctx)
1274	req.ApplyOptions(opts...)
1275	return out, req.Send()
1276}
1277
1278const opCreateOpenIDConnectProvider = "CreateOpenIDConnectProvider"
1279
1280// CreateOpenIDConnectProviderRequest generates a "aws/request.Request" representing the
1281// client's request for the CreateOpenIDConnectProvider operation. The "output" return
1282// value will be populated with the request's response once the request completes
1283// successfully.
1284//
1285// Use "Send" method on the returned Request to send the API call to the service.
1286// the "output" return value is not valid until after Send returns without error.
1287//
1288// See CreateOpenIDConnectProvider for more information on using the CreateOpenIDConnectProvider
1289// API call, and error handling.
1290//
1291// This method is useful when you want to inject custom logic or configuration
1292// into the SDK's request lifecycle. Such as custom headers, or retry logic.
1293//
1294//
1295//    // Example sending a request using the CreateOpenIDConnectProviderRequest method.
1296//    req, resp := client.CreateOpenIDConnectProviderRequest(params)
1297//
1298//    err := req.Send()
1299//    if err == nil { // resp is now filled
1300//        fmt.Println(resp)
1301//    }
1302//
1303// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateOpenIDConnectProvider
1304func (c *IAM) CreateOpenIDConnectProviderRequest(input *CreateOpenIDConnectProviderInput) (req *request.Request, output *CreateOpenIDConnectProviderOutput) {
1305	op := &request.Operation{
1306		Name:       opCreateOpenIDConnectProvider,
1307		HTTPMethod: "POST",
1308		HTTPPath:   "/",
1309	}
1310
1311	if input == nil {
1312		input = &CreateOpenIDConnectProviderInput{}
1313	}
1314
1315	output = &CreateOpenIDConnectProviderOutput{}
1316	req = c.newRequest(op, input, output)
1317	return
1318}
1319
1320// CreateOpenIDConnectProvider API operation for AWS Identity and Access Management.
1321//
1322// Creates an IAM entity to describe an identity provider (IdP) that supports
1323// OpenID Connect (OIDC) (http://openid.net/connect/).
1324//
1325// The OIDC provider that you create with this operation can be used as a principal
1326// in a role's trust policy. Such a policy establishes a trust relationship
1327// between Amazon Web Services and the OIDC provider.
1328//
1329// If you are using an OIDC identity provider from Google, Facebook, or Amazon
1330// Cognito, you don't need to create a separate IAM identity provider. These
1331// OIDC identity providers are already built-in to Amazon Web Services and are
1332// available for your use. Instead, you can move directly to creating new roles
1333// using your identity provider. To learn more, see Creating a role for web
1334// identity or OpenID connect federation (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_create_for-idp_oidc.html)
1335// in the IAM User Guide.
1336//
1337// When you create the IAM OIDC provider, you specify the following:
1338//
1339//    * The URL of the OIDC identity provider (IdP) to trust
1340//
1341//    * A list of client IDs (also known as audiences) that identify the application
1342//    or applications allowed to authenticate using the OIDC provider
1343//
1344//    * A list of thumbprints of one or more server certificates that the IdP
1345//    uses
1346//
1347// You get all of this information from the OIDC IdP you want to use to access
1348// Amazon Web Services.
1349//
1350// Amazon Web Services secures communication with some OIDC identity providers
1351// (IdPs) through our library of trusted certificate authorities (CAs) instead
1352// of using a certificate thumbprint to verify your IdP server certificate.
1353// These OIDC IdPs include Google, and those that use an Amazon S3 bucket to
1354// host a JSON Web Key Set (JWKS) endpoint. In these cases, your legacy thumbprint
1355// remains in your configuration, but is no longer used for validation.
1356//
1357// The trust for the OIDC provider is derived from the IAM provider that this
1358// operation creates. Therefore, it is best to limit access to the CreateOpenIDConnectProvider
1359// operation to highly privileged users.
1360//
1361// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
1362// with awserr.Error's Code and Message methods to get detailed information about
1363// the error.
1364//
1365// See the AWS API reference guide for AWS Identity and Access Management's
1366// API operation CreateOpenIDConnectProvider for usage and error information.
1367//
1368// Returned Error Codes:
1369//   * ErrCodeInvalidInputException "InvalidInput"
1370//   The request was rejected because an invalid or out-of-range value was supplied
1371//   for an input parameter.
1372//
1373//   * ErrCodeEntityAlreadyExistsException "EntityAlreadyExists"
1374//   The request was rejected because it attempted to create a resource that already
1375//   exists.
1376//
1377//   * ErrCodeLimitExceededException "LimitExceeded"
1378//   The request was rejected because it attempted to create resources beyond
1379//   the current Amazon Web Services account limits. The error message describes
1380//   the limit exceeded.
1381//
1382//   * ErrCodeConcurrentModificationException "ConcurrentModification"
1383//   The request was rejected because multiple requests to change this object
1384//   were submitted simultaneously. Wait a few minutes and submit your request
1385//   again.
1386//
1387//   * ErrCodeServiceFailureException "ServiceFailure"
1388//   The request processing has failed because of an unknown error, exception
1389//   or failure.
1390//
1391// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateOpenIDConnectProvider
1392func (c *IAM) CreateOpenIDConnectProvider(input *CreateOpenIDConnectProviderInput) (*CreateOpenIDConnectProviderOutput, error) {
1393	req, out := c.CreateOpenIDConnectProviderRequest(input)
1394	return out, req.Send()
1395}
1396
1397// CreateOpenIDConnectProviderWithContext is the same as CreateOpenIDConnectProvider with the addition of
1398// the ability to pass a context and additional request options.
1399//
1400// See CreateOpenIDConnectProvider for details on how to use this API operation.
1401//
1402// The context must be non-nil and will be used for request cancellation. If
1403// the context is nil a panic will occur. In the future the SDK may create
1404// sub-contexts for http.Requests. See https://golang.org/pkg/context/
1405// for more information on using Contexts.
1406func (c *IAM) CreateOpenIDConnectProviderWithContext(ctx aws.Context, input *CreateOpenIDConnectProviderInput, opts ...request.Option) (*CreateOpenIDConnectProviderOutput, error) {
1407	req, out := c.CreateOpenIDConnectProviderRequest(input)
1408	req.SetContext(ctx)
1409	req.ApplyOptions(opts...)
1410	return out, req.Send()
1411}
1412
1413const opCreatePolicy = "CreatePolicy"
1414
1415// CreatePolicyRequest generates a "aws/request.Request" representing the
1416// client's request for the CreatePolicy operation. The "output" return
1417// value will be populated with the request's response once the request completes
1418// successfully.
1419//
1420// Use "Send" method on the returned Request to send the API call to the service.
1421// the "output" return value is not valid until after Send returns without error.
1422//
1423// See CreatePolicy for more information on using the CreatePolicy
1424// API call, and error handling.
1425//
1426// This method is useful when you want to inject custom logic or configuration
1427// into the SDK's request lifecycle. Such as custom headers, or retry logic.
1428//
1429//
1430//    // Example sending a request using the CreatePolicyRequest method.
1431//    req, resp := client.CreatePolicyRequest(params)
1432//
1433//    err := req.Send()
1434//    if err == nil { // resp is now filled
1435//        fmt.Println(resp)
1436//    }
1437//
1438// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreatePolicy
1439func (c *IAM) CreatePolicyRequest(input *CreatePolicyInput) (req *request.Request, output *CreatePolicyOutput) {
1440	op := &request.Operation{
1441		Name:       opCreatePolicy,
1442		HTTPMethod: "POST",
1443		HTTPPath:   "/",
1444	}
1445
1446	if input == nil {
1447		input = &CreatePolicyInput{}
1448	}
1449
1450	output = &CreatePolicyOutput{}
1451	req = c.newRequest(op, input, output)
1452	return
1453}
1454
1455// CreatePolicy API operation for AWS Identity and Access Management.
1456//
1457// Creates a new managed policy for your Amazon Web Services account.
1458//
1459// This operation creates a policy version with a version identifier of v1 and
1460// sets v1 as the policy's default version. For more information about policy
1461// versions, see Versioning for managed policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-versions.html)
1462// in the IAM User Guide.
1463//
1464// As a best practice, you can validate your IAM policies. To learn more, see
1465// Validating IAM policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_policy-validator.html)
1466// in the IAM User Guide.
1467//
1468// For more information about managed policies in general, see Managed policies
1469// and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
1470// in the IAM User Guide.
1471//
1472// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
1473// with awserr.Error's Code and Message methods to get detailed information about
1474// the error.
1475//
1476// See the AWS API reference guide for AWS Identity and Access Management's
1477// API operation CreatePolicy for usage and error information.
1478//
1479// Returned Error Codes:
1480//   * ErrCodeInvalidInputException "InvalidInput"
1481//   The request was rejected because an invalid or out-of-range value was supplied
1482//   for an input parameter.
1483//
1484//   * ErrCodeLimitExceededException "LimitExceeded"
1485//   The request was rejected because it attempted to create resources beyond
1486//   the current Amazon Web Services account limits. The error message describes
1487//   the limit exceeded.
1488//
1489//   * ErrCodeEntityAlreadyExistsException "EntityAlreadyExists"
1490//   The request was rejected because it attempted to create a resource that already
1491//   exists.
1492//
1493//   * ErrCodeMalformedPolicyDocumentException "MalformedPolicyDocument"
1494//   The request was rejected because the policy document was malformed. The error
1495//   message describes the specific error.
1496//
1497//   * ErrCodeConcurrentModificationException "ConcurrentModification"
1498//   The request was rejected because multiple requests to change this object
1499//   were submitted simultaneously. Wait a few minutes and submit your request
1500//   again.
1501//
1502//   * ErrCodeServiceFailureException "ServiceFailure"
1503//   The request processing has failed because of an unknown error, exception
1504//   or failure.
1505//
1506// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreatePolicy
1507func (c *IAM) CreatePolicy(input *CreatePolicyInput) (*CreatePolicyOutput, error) {
1508	req, out := c.CreatePolicyRequest(input)
1509	return out, req.Send()
1510}
1511
1512// CreatePolicyWithContext is the same as CreatePolicy with the addition of
1513// the ability to pass a context and additional request options.
1514//
1515// See CreatePolicy for details on how to use this API operation.
1516//
1517// The context must be non-nil and will be used for request cancellation. If
1518// the context is nil a panic will occur. In the future the SDK may create
1519// sub-contexts for http.Requests. See https://golang.org/pkg/context/
1520// for more information on using Contexts.
1521func (c *IAM) CreatePolicyWithContext(ctx aws.Context, input *CreatePolicyInput, opts ...request.Option) (*CreatePolicyOutput, error) {
1522	req, out := c.CreatePolicyRequest(input)
1523	req.SetContext(ctx)
1524	req.ApplyOptions(opts...)
1525	return out, req.Send()
1526}
1527
1528const opCreatePolicyVersion = "CreatePolicyVersion"
1529
1530// CreatePolicyVersionRequest generates a "aws/request.Request" representing the
1531// client's request for the CreatePolicyVersion operation. The "output" return
1532// value will be populated with the request's response once the request completes
1533// successfully.
1534//
1535// Use "Send" method on the returned Request to send the API call to the service.
1536// the "output" return value is not valid until after Send returns without error.
1537//
1538// See CreatePolicyVersion for more information on using the CreatePolicyVersion
1539// API call, and error handling.
1540//
1541// This method is useful when you want to inject custom logic or configuration
1542// into the SDK's request lifecycle. Such as custom headers, or retry logic.
1543//
1544//
1545//    // Example sending a request using the CreatePolicyVersionRequest method.
1546//    req, resp := client.CreatePolicyVersionRequest(params)
1547//
1548//    err := req.Send()
1549//    if err == nil { // resp is now filled
1550//        fmt.Println(resp)
1551//    }
1552//
1553// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreatePolicyVersion
1554func (c *IAM) CreatePolicyVersionRequest(input *CreatePolicyVersionInput) (req *request.Request, output *CreatePolicyVersionOutput) {
1555	op := &request.Operation{
1556		Name:       opCreatePolicyVersion,
1557		HTTPMethod: "POST",
1558		HTTPPath:   "/",
1559	}
1560
1561	if input == nil {
1562		input = &CreatePolicyVersionInput{}
1563	}
1564
1565	output = &CreatePolicyVersionOutput{}
1566	req = c.newRequest(op, input, output)
1567	return
1568}
1569
1570// CreatePolicyVersion API operation for AWS Identity and Access Management.
1571//
1572// Creates a new version of the specified managed policy. To update a managed
1573// policy, you create a new policy version. A managed policy can have up to
1574// five versions. If the policy has five versions, you must delete an existing
1575// version using DeletePolicyVersion before you create a new version.
1576//
1577// Optionally, you can set the new version as the policy's default version.
1578// The default version is the version that is in effect for the IAM users, groups,
1579// and roles to which the policy is attached.
1580//
1581// For more information about managed policy versions, see Versioning for managed
1582// policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-versions.html)
1583// in the IAM User Guide.
1584//
1585// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
1586// with awserr.Error's Code and Message methods to get detailed information about
1587// the error.
1588//
1589// See the AWS API reference guide for AWS Identity and Access Management's
1590// API operation CreatePolicyVersion for usage and error information.
1591//
1592// Returned Error Codes:
1593//   * ErrCodeNoSuchEntityException "NoSuchEntity"
1594//   The request was rejected because it referenced a resource entity that does
1595//   not exist. The error message describes the resource.
1596//
1597//   * ErrCodeMalformedPolicyDocumentException "MalformedPolicyDocument"
1598//   The request was rejected because the policy document was malformed. The error
1599//   message describes the specific error.
1600//
1601//   * ErrCodeInvalidInputException "InvalidInput"
1602//   The request was rejected because an invalid or out-of-range value was supplied
1603//   for an input parameter.
1604//
1605//   * ErrCodeLimitExceededException "LimitExceeded"
1606//   The request was rejected because it attempted to create resources beyond
1607//   the current Amazon Web Services account limits. The error message describes
1608//   the limit exceeded.
1609//
1610//   * ErrCodeServiceFailureException "ServiceFailure"
1611//   The request processing has failed because of an unknown error, exception
1612//   or failure.
1613//
1614// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreatePolicyVersion
1615func (c *IAM) CreatePolicyVersion(input *CreatePolicyVersionInput) (*CreatePolicyVersionOutput, error) {
1616	req, out := c.CreatePolicyVersionRequest(input)
1617	return out, req.Send()
1618}
1619
1620// CreatePolicyVersionWithContext is the same as CreatePolicyVersion with the addition of
1621// the ability to pass a context and additional request options.
1622//
1623// See CreatePolicyVersion for details on how to use this API operation.
1624//
1625// The context must be non-nil and will be used for request cancellation. If
1626// the context is nil a panic will occur. In the future the SDK may create
1627// sub-contexts for http.Requests. See https://golang.org/pkg/context/
1628// for more information on using Contexts.
1629func (c *IAM) CreatePolicyVersionWithContext(ctx aws.Context, input *CreatePolicyVersionInput, opts ...request.Option) (*CreatePolicyVersionOutput, error) {
1630	req, out := c.CreatePolicyVersionRequest(input)
1631	req.SetContext(ctx)
1632	req.ApplyOptions(opts...)
1633	return out, req.Send()
1634}
1635
1636const opCreateRole = "CreateRole"
1637
1638// CreateRoleRequest generates a "aws/request.Request" representing the
1639// client's request for the CreateRole operation. The "output" return
1640// value will be populated with the request's response once the request completes
1641// successfully.
1642//
1643// Use "Send" method on the returned Request to send the API call to the service.
1644// the "output" return value is not valid until after Send returns without error.
1645//
1646// See CreateRole for more information on using the CreateRole
1647// API call, and error handling.
1648//
1649// This method is useful when you want to inject custom logic or configuration
1650// into the SDK's request lifecycle. Such as custom headers, or retry logic.
1651//
1652//
1653//    // Example sending a request using the CreateRoleRequest method.
1654//    req, resp := client.CreateRoleRequest(params)
1655//
1656//    err := req.Send()
1657//    if err == nil { // resp is now filled
1658//        fmt.Println(resp)
1659//    }
1660//
1661// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateRole
1662func (c *IAM) CreateRoleRequest(input *CreateRoleInput) (req *request.Request, output *CreateRoleOutput) {
1663	op := &request.Operation{
1664		Name:       opCreateRole,
1665		HTTPMethod: "POST",
1666		HTTPPath:   "/",
1667	}
1668
1669	if input == nil {
1670		input = &CreateRoleInput{}
1671	}
1672
1673	output = &CreateRoleOutput{}
1674	req = c.newRequest(op, input, output)
1675	return
1676}
1677
1678// CreateRole API operation for AWS Identity and Access Management.
1679//
1680// Creates a new role for your Amazon Web Services account. For more information
1681// about roles, see IAM roles (https://docs.aws.amazon.com/IAM/latest/UserGuide/WorkingWithRoles.html).
1682// For information about quotas for role names and the number of roles you can
1683// create, see IAM and STS quotas (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html)
1684// in the IAM User Guide.
1685//
1686// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
1687// with awserr.Error's Code and Message methods to get detailed information about
1688// the error.
1689//
1690// See the AWS API reference guide for AWS Identity and Access Management's
1691// API operation CreateRole for usage and error information.
1692//
1693// Returned Error Codes:
1694//   * ErrCodeLimitExceededException "LimitExceeded"
1695//   The request was rejected because it attempted to create resources beyond
1696//   the current Amazon Web Services account limits. The error message describes
1697//   the limit exceeded.
1698//
1699//   * ErrCodeInvalidInputException "InvalidInput"
1700//   The request was rejected because an invalid or out-of-range value was supplied
1701//   for an input parameter.
1702//
1703//   * ErrCodeEntityAlreadyExistsException "EntityAlreadyExists"
1704//   The request was rejected because it attempted to create a resource that already
1705//   exists.
1706//
1707//   * ErrCodeMalformedPolicyDocumentException "MalformedPolicyDocument"
1708//   The request was rejected because the policy document was malformed. The error
1709//   message describes the specific error.
1710//
1711//   * ErrCodeConcurrentModificationException "ConcurrentModification"
1712//   The request was rejected because multiple requests to change this object
1713//   were submitted simultaneously. Wait a few minutes and submit your request
1714//   again.
1715//
1716//   * ErrCodeServiceFailureException "ServiceFailure"
1717//   The request processing has failed because of an unknown error, exception
1718//   or failure.
1719//
1720// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateRole
1721func (c *IAM) CreateRole(input *CreateRoleInput) (*CreateRoleOutput, error) {
1722	req, out := c.CreateRoleRequest(input)
1723	return out, req.Send()
1724}
1725
1726// CreateRoleWithContext is the same as CreateRole with the addition of
1727// the ability to pass a context and additional request options.
1728//
1729// See CreateRole for details on how to use this API operation.
1730//
1731// The context must be non-nil and will be used for request cancellation. If
1732// the context is nil a panic will occur. In the future the SDK may create
1733// sub-contexts for http.Requests. See https://golang.org/pkg/context/
1734// for more information on using Contexts.
1735func (c *IAM) CreateRoleWithContext(ctx aws.Context, input *CreateRoleInput, opts ...request.Option) (*CreateRoleOutput, error) {
1736	req, out := c.CreateRoleRequest(input)
1737	req.SetContext(ctx)
1738	req.ApplyOptions(opts...)
1739	return out, req.Send()
1740}
1741
1742const opCreateSAMLProvider = "CreateSAMLProvider"
1743
1744// CreateSAMLProviderRequest generates a "aws/request.Request" representing the
1745// client's request for the CreateSAMLProvider operation. The "output" return
1746// value will be populated with the request's response once the request completes
1747// successfully.
1748//
1749// Use "Send" method on the returned Request to send the API call to the service.
1750// the "output" return value is not valid until after Send returns without error.
1751//
1752// See CreateSAMLProvider for more information on using the CreateSAMLProvider
1753// API call, and error handling.
1754//
1755// This method is useful when you want to inject custom logic or configuration
1756// into the SDK's request lifecycle. Such as custom headers, or retry logic.
1757//
1758//
1759//    // Example sending a request using the CreateSAMLProviderRequest method.
1760//    req, resp := client.CreateSAMLProviderRequest(params)
1761//
1762//    err := req.Send()
1763//    if err == nil { // resp is now filled
1764//        fmt.Println(resp)
1765//    }
1766//
1767// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateSAMLProvider
1768func (c *IAM) CreateSAMLProviderRequest(input *CreateSAMLProviderInput) (req *request.Request, output *CreateSAMLProviderOutput) {
1769	op := &request.Operation{
1770		Name:       opCreateSAMLProvider,
1771		HTTPMethod: "POST",
1772		HTTPPath:   "/",
1773	}
1774
1775	if input == nil {
1776		input = &CreateSAMLProviderInput{}
1777	}
1778
1779	output = &CreateSAMLProviderOutput{}
1780	req = c.newRequest(op, input, output)
1781	return
1782}
1783
1784// CreateSAMLProvider API operation for AWS Identity and Access Management.
1785//
1786// Creates an IAM resource that describes an identity provider (IdP) that supports
1787// SAML 2.0.
1788//
1789// The SAML provider resource that you create with this operation can be used
1790// as a principal in an IAM role's trust policy. Such a policy can enable federated
1791// users who sign in using the SAML IdP to assume the role. You can create an
1792// IAM role that supports Web-based single sign-on (SSO) to the Amazon Web Services
1793// Management Console or one that supports API access to Amazon Web Services.
1794//
1795// When you create the SAML provider resource, you upload a SAML metadata document
1796// that you get from your IdP. That document includes the issuer's name, expiration
1797// information, and keys that can be used to validate the SAML authentication
1798// response (assertions) that the IdP sends. You must generate the metadata
1799// document using the identity management software that is used as your organization's
1800// IdP.
1801//
1802// This operation requires Signature Version 4 (https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html).
1803//
1804// For more information, see Enabling SAML 2.0 federated users to access the
1805// Amazon Web Services Management Console (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_enable-console-saml.html)
1806// and About SAML 2.0-based federation (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_saml.html)
1807// in the IAM User Guide.
1808//
1809// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
1810// with awserr.Error's Code and Message methods to get detailed information about
1811// the error.
1812//
1813// See the AWS API reference guide for AWS Identity and Access Management's
1814// API operation CreateSAMLProvider for usage and error information.
1815//
1816// Returned Error Codes:
1817//   * ErrCodeInvalidInputException "InvalidInput"
1818//   The request was rejected because an invalid or out-of-range value was supplied
1819//   for an input parameter.
1820//
1821//   * ErrCodeEntityAlreadyExistsException "EntityAlreadyExists"
1822//   The request was rejected because it attempted to create a resource that already
1823//   exists.
1824//
1825//   * ErrCodeLimitExceededException "LimitExceeded"
1826//   The request was rejected because it attempted to create resources beyond
1827//   the current Amazon Web Services account limits. The error message describes
1828//   the limit exceeded.
1829//
1830//   * ErrCodeConcurrentModificationException "ConcurrentModification"
1831//   The request was rejected because multiple requests to change this object
1832//   were submitted simultaneously. Wait a few minutes and submit your request
1833//   again.
1834//
1835//   * ErrCodeServiceFailureException "ServiceFailure"
1836//   The request processing has failed because of an unknown error, exception
1837//   or failure.
1838//
1839// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateSAMLProvider
1840func (c *IAM) CreateSAMLProvider(input *CreateSAMLProviderInput) (*CreateSAMLProviderOutput, error) {
1841	req, out := c.CreateSAMLProviderRequest(input)
1842	return out, req.Send()
1843}
1844
1845// CreateSAMLProviderWithContext is the same as CreateSAMLProvider with the addition of
1846// the ability to pass a context and additional request options.
1847//
1848// See CreateSAMLProvider for details on how to use this API operation.
1849//
1850// The context must be non-nil and will be used for request cancellation. If
1851// the context is nil a panic will occur. In the future the SDK may create
1852// sub-contexts for http.Requests. See https://golang.org/pkg/context/
1853// for more information on using Contexts.
1854func (c *IAM) CreateSAMLProviderWithContext(ctx aws.Context, input *CreateSAMLProviderInput, opts ...request.Option) (*CreateSAMLProviderOutput, error) {
1855	req, out := c.CreateSAMLProviderRequest(input)
1856	req.SetContext(ctx)
1857	req.ApplyOptions(opts...)
1858	return out, req.Send()
1859}
1860
1861const opCreateServiceLinkedRole = "CreateServiceLinkedRole"
1862
1863// CreateServiceLinkedRoleRequest generates a "aws/request.Request" representing the
1864// client's request for the CreateServiceLinkedRole operation. The "output" return
1865// value will be populated with the request's response once the request completes
1866// successfully.
1867//
1868// Use "Send" method on the returned Request to send the API call to the service.
1869// the "output" return value is not valid until after Send returns without error.
1870//
1871// See CreateServiceLinkedRole for more information on using the CreateServiceLinkedRole
1872// API call, and error handling.
1873//
1874// This method is useful when you want to inject custom logic or configuration
1875// into the SDK's request lifecycle. Such as custom headers, or retry logic.
1876//
1877//
1878//    // Example sending a request using the CreateServiceLinkedRoleRequest method.
1879//    req, resp := client.CreateServiceLinkedRoleRequest(params)
1880//
1881//    err := req.Send()
1882//    if err == nil { // resp is now filled
1883//        fmt.Println(resp)
1884//    }
1885//
1886// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateServiceLinkedRole
1887func (c *IAM) CreateServiceLinkedRoleRequest(input *CreateServiceLinkedRoleInput) (req *request.Request, output *CreateServiceLinkedRoleOutput) {
1888	op := &request.Operation{
1889		Name:       opCreateServiceLinkedRole,
1890		HTTPMethod: "POST",
1891		HTTPPath:   "/",
1892	}
1893
1894	if input == nil {
1895		input = &CreateServiceLinkedRoleInput{}
1896	}
1897
1898	output = &CreateServiceLinkedRoleOutput{}
1899	req = c.newRequest(op, input, output)
1900	return
1901}
1902
1903// CreateServiceLinkedRole API operation for AWS Identity and Access Management.
1904//
1905// Creates an IAM role that is linked to a specific Amazon Web Services service.
1906// The service controls the attached policies and when the role can be deleted.
1907// This helps ensure that the service is not broken by an unexpectedly changed
1908// or deleted role, which could put your Amazon Web Services resources into
1909// an unknown state. Allowing the service to control the role helps improve
1910// service stability and proper cleanup when a service and its role are no longer
1911// needed. For more information, see Using service-linked roles (https://docs.aws.amazon.com/IAM/latest/UserGuide/using-service-linked-roles.html)
1912// in the IAM User Guide.
1913//
1914// To attach a policy to this service-linked role, you must make the request
1915// using the Amazon Web Services service that depends on this role.
1916//
1917// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
1918// with awserr.Error's Code and Message methods to get detailed information about
1919// the error.
1920//
1921// See the AWS API reference guide for AWS Identity and Access Management's
1922// API operation CreateServiceLinkedRole for usage and error information.
1923//
1924// Returned Error Codes:
1925//   * ErrCodeInvalidInputException "InvalidInput"
1926//   The request was rejected because an invalid or out-of-range value was supplied
1927//   for an input parameter.
1928//
1929//   * ErrCodeLimitExceededException "LimitExceeded"
1930//   The request was rejected because it attempted to create resources beyond
1931//   the current Amazon Web Services account limits. The error message describes
1932//   the limit exceeded.
1933//
1934//   * ErrCodeNoSuchEntityException "NoSuchEntity"
1935//   The request was rejected because it referenced a resource entity that does
1936//   not exist. The error message describes the resource.
1937//
1938//   * ErrCodeServiceFailureException "ServiceFailure"
1939//   The request processing has failed because of an unknown error, exception
1940//   or failure.
1941//
1942// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateServiceLinkedRole
1943func (c *IAM) CreateServiceLinkedRole(input *CreateServiceLinkedRoleInput) (*CreateServiceLinkedRoleOutput, error) {
1944	req, out := c.CreateServiceLinkedRoleRequest(input)
1945	return out, req.Send()
1946}
1947
1948// CreateServiceLinkedRoleWithContext is the same as CreateServiceLinkedRole with the addition of
1949// the ability to pass a context and additional request options.
1950//
1951// See CreateServiceLinkedRole for details on how to use this API operation.
1952//
1953// The context must be non-nil and will be used for request cancellation. If
1954// the context is nil a panic will occur. In the future the SDK may create
1955// sub-contexts for http.Requests. See https://golang.org/pkg/context/
1956// for more information on using Contexts.
1957func (c *IAM) CreateServiceLinkedRoleWithContext(ctx aws.Context, input *CreateServiceLinkedRoleInput, opts ...request.Option) (*CreateServiceLinkedRoleOutput, error) {
1958	req, out := c.CreateServiceLinkedRoleRequest(input)
1959	req.SetContext(ctx)
1960	req.ApplyOptions(opts...)
1961	return out, req.Send()
1962}
1963
1964const opCreateServiceSpecificCredential = "CreateServiceSpecificCredential"
1965
1966// CreateServiceSpecificCredentialRequest generates a "aws/request.Request" representing the
1967// client's request for the CreateServiceSpecificCredential operation. The "output" return
1968// value will be populated with the request's response once the request completes
1969// successfully.
1970//
1971// Use "Send" method on the returned Request to send the API call to the service.
1972// the "output" return value is not valid until after Send returns without error.
1973//
1974// See CreateServiceSpecificCredential for more information on using the CreateServiceSpecificCredential
1975// API call, and error handling.
1976//
1977// This method is useful when you want to inject custom logic or configuration
1978// into the SDK's request lifecycle. Such as custom headers, or retry logic.
1979//
1980//
1981//    // Example sending a request using the CreateServiceSpecificCredentialRequest method.
1982//    req, resp := client.CreateServiceSpecificCredentialRequest(params)
1983//
1984//    err := req.Send()
1985//    if err == nil { // resp is now filled
1986//        fmt.Println(resp)
1987//    }
1988//
1989// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateServiceSpecificCredential
1990func (c *IAM) CreateServiceSpecificCredentialRequest(input *CreateServiceSpecificCredentialInput) (req *request.Request, output *CreateServiceSpecificCredentialOutput) {
1991	op := &request.Operation{
1992		Name:       opCreateServiceSpecificCredential,
1993		HTTPMethod: "POST",
1994		HTTPPath:   "/",
1995	}
1996
1997	if input == nil {
1998		input = &CreateServiceSpecificCredentialInput{}
1999	}
2000
2001	output = &CreateServiceSpecificCredentialOutput{}
2002	req = c.newRequest(op, input, output)
2003	return
2004}
2005
2006// CreateServiceSpecificCredential API operation for AWS Identity and Access Management.
2007//
2008// Generates a set of credentials consisting of a user name and password that
2009// can be used to access the service specified in the request. These credentials
2010// are generated by IAM, and can be used only for the specified service.
2011//
2012// You can have a maximum of two sets of service-specific credentials for each
2013// supported service per user.
2014//
2015// You can create service-specific credentials for CodeCommit and Amazon Keyspaces
2016// (for Apache Cassandra).
2017//
2018// You can reset the password to a new service-generated value by calling ResetServiceSpecificCredential.
2019//
2020// For more information about service-specific credentials, see Using IAM with
2021// CodeCommit: Git credentials, SSH keys, and Amazon Web Services access keys
2022// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_ssh-keys.html)
2023// in the IAM User Guide.
2024//
2025// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
2026// with awserr.Error's Code and Message methods to get detailed information about
2027// the error.
2028//
2029// See the AWS API reference guide for AWS Identity and Access Management's
2030// API operation CreateServiceSpecificCredential for usage and error information.
2031//
2032// Returned Error Codes:
2033//   * ErrCodeLimitExceededException "LimitExceeded"
2034//   The request was rejected because it attempted to create resources beyond
2035//   the current Amazon Web Services account limits. The error message describes
2036//   the limit exceeded.
2037//
2038//   * ErrCodeNoSuchEntityException "NoSuchEntity"
2039//   The request was rejected because it referenced a resource entity that does
2040//   not exist. The error message describes the resource.
2041//
2042//   * ErrCodeServiceNotSupportedException "NotSupportedService"
2043//   The specified service does not support service-specific credentials.
2044//
2045// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateServiceSpecificCredential
2046func (c *IAM) CreateServiceSpecificCredential(input *CreateServiceSpecificCredentialInput) (*CreateServiceSpecificCredentialOutput, error) {
2047	req, out := c.CreateServiceSpecificCredentialRequest(input)
2048	return out, req.Send()
2049}
2050
2051// CreateServiceSpecificCredentialWithContext is the same as CreateServiceSpecificCredential with the addition of
2052// the ability to pass a context and additional request options.
2053//
2054// See CreateServiceSpecificCredential for details on how to use this API operation.
2055//
2056// The context must be non-nil and will be used for request cancellation. If
2057// the context is nil a panic will occur. In the future the SDK may create
2058// sub-contexts for http.Requests. See https://golang.org/pkg/context/
2059// for more information on using Contexts.
2060func (c *IAM) CreateServiceSpecificCredentialWithContext(ctx aws.Context, input *CreateServiceSpecificCredentialInput, opts ...request.Option) (*CreateServiceSpecificCredentialOutput, error) {
2061	req, out := c.CreateServiceSpecificCredentialRequest(input)
2062	req.SetContext(ctx)
2063	req.ApplyOptions(opts...)
2064	return out, req.Send()
2065}
2066
2067const opCreateUser = "CreateUser"
2068
2069// CreateUserRequest generates a "aws/request.Request" representing the
2070// client's request for the CreateUser operation. The "output" return
2071// value will be populated with the request's response once the request completes
2072// successfully.
2073//
2074// Use "Send" method on the returned Request to send the API call to the service.
2075// the "output" return value is not valid until after Send returns without error.
2076//
2077// See CreateUser for more information on using the CreateUser
2078// API call, and error handling.
2079//
2080// This method is useful when you want to inject custom logic or configuration
2081// into the SDK's request lifecycle. Such as custom headers, or retry logic.
2082//
2083//
2084//    // Example sending a request using the CreateUserRequest method.
2085//    req, resp := client.CreateUserRequest(params)
2086//
2087//    err := req.Send()
2088//    if err == nil { // resp is now filled
2089//        fmt.Println(resp)
2090//    }
2091//
2092// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateUser
2093func (c *IAM) CreateUserRequest(input *CreateUserInput) (req *request.Request, output *CreateUserOutput) {
2094	op := &request.Operation{
2095		Name:       opCreateUser,
2096		HTTPMethod: "POST",
2097		HTTPPath:   "/",
2098	}
2099
2100	if input == nil {
2101		input = &CreateUserInput{}
2102	}
2103
2104	output = &CreateUserOutput{}
2105	req = c.newRequest(op, input, output)
2106	return
2107}
2108
2109// CreateUser API operation for AWS Identity and Access Management.
2110//
2111// Creates a new IAM user for your Amazon Web Services account.
2112//
2113// For information about quotas for the number of IAM users you can create,
2114// see IAM and STS quotas (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html)
2115// in the IAM User Guide.
2116//
2117// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
2118// with awserr.Error's Code and Message methods to get detailed information about
2119// the error.
2120//
2121// See the AWS API reference guide for AWS Identity and Access Management's
2122// API operation CreateUser for usage and error information.
2123//
2124// Returned Error Codes:
2125//   * ErrCodeLimitExceededException "LimitExceeded"
2126//   The request was rejected because it attempted to create resources beyond
2127//   the current Amazon Web Services account limits. The error message describes
2128//   the limit exceeded.
2129//
2130//   * ErrCodeEntityAlreadyExistsException "EntityAlreadyExists"
2131//   The request was rejected because it attempted to create a resource that already
2132//   exists.
2133//
2134//   * ErrCodeNoSuchEntityException "NoSuchEntity"
2135//   The request was rejected because it referenced a resource entity that does
2136//   not exist. The error message describes the resource.
2137//
2138//   * ErrCodeInvalidInputException "InvalidInput"
2139//   The request was rejected because an invalid or out-of-range value was supplied
2140//   for an input parameter.
2141//
2142//   * ErrCodeConcurrentModificationException "ConcurrentModification"
2143//   The request was rejected because multiple requests to change this object
2144//   were submitted simultaneously. Wait a few minutes and submit your request
2145//   again.
2146//
2147//   * ErrCodeServiceFailureException "ServiceFailure"
2148//   The request processing has failed because of an unknown error, exception
2149//   or failure.
2150//
2151// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateUser
2152func (c *IAM) CreateUser(input *CreateUserInput) (*CreateUserOutput, error) {
2153	req, out := c.CreateUserRequest(input)
2154	return out, req.Send()
2155}
2156
2157// CreateUserWithContext is the same as CreateUser with the addition of
2158// the ability to pass a context and additional request options.
2159//
2160// See CreateUser for details on how to use this API operation.
2161//
2162// The context must be non-nil and will be used for request cancellation. If
2163// the context is nil a panic will occur. In the future the SDK may create
2164// sub-contexts for http.Requests. See https://golang.org/pkg/context/
2165// for more information on using Contexts.
2166func (c *IAM) CreateUserWithContext(ctx aws.Context, input *CreateUserInput, opts ...request.Option) (*CreateUserOutput, error) {
2167	req, out := c.CreateUserRequest(input)
2168	req.SetContext(ctx)
2169	req.ApplyOptions(opts...)
2170	return out, req.Send()
2171}
2172
2173const opCreateVirtualMFADevice = "CreateVirtualMFADevice"
2174
2175// CreateVirtualMFADeviceRequest generates a "aws/request.Request" representing the
2176// client's request for the CreateVirtualMFADevice operation. The "output" return
2177// value will be populated with the request's response once the request completes
2178// successfully.
2179//
2180// Use "Send" method on the returned Request to send the API call to the service.
2181// the "output" return value is not valid until after Send returns without error.
2182//
2183// See CreateVirtualMFADevice for more information on using the CreateVirtualMFADevice
2184// API call, and error handling.
2185//
2186// This method is useful when you want to inject custom logic or configuration
2187// into the SDK's request lifecycle. Such as custom headers, or retry logic.
2188//
2189//
2190//    // Example sending a request using the CreateVirtualMFADeviceRequest method.
2191//    req, resp := client.CreateVirtualMFADeviceRequest(params)
2192//
2193//    err := req.Send()
2194//    if err == nil { // resp is now filled
2195//        fmt.Println(resp)
2196//    }
2197//
2198// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateVirtualMFADevice
2199func (c *IAM) CreateVirtualMFADeviceRequest(input *CreateVirtualMFADeviceInput) (req *request.Request, output *CreateVirtualMFADeviceOutput) {
2200	op := &request.Operation{
2201		Name:       opCreateVirtualMFADevice,
2202		HTTPMethod: "POST",
2203		HTTPPath:   "/",
2204	}
2205
2206	if input == nil {
2207		input = &CreateVirtualMFADeviceInput{}
2208	}
2209
2210	output = &CreateVirtualMFADeviceOutput{}
2211	req = c.newRequest(op, input, output)
2212	return
2213}
2214
2215// CreateVirtualMFADevice API operation for AWS Identity and Access Management.
2216//
2217// Creates a new virtual MFA device for the Amazon Web Services account. After
2218// creating the virtual MFA, use EnableMFADevice to attach the MFA device to
2219// an IAM user. For more information about creating and working with virtual
2220// MFA devices, see Using a virtual MFA device (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_VirtualMFA.html)
2221// in the IAM User Guide.
2222//
2223// For information about the maximum number of MFA devices you can create, see
2224// IAM and STS quotas (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html)
2225// in the IAM User Guide.
2226//
2227// The seed information contained in the QR code and the Base32 string should
2228// be treated like any other secret access information. In other words, protect
2229// the seed information as you would your Amazon Web Services access keys or
2230// your passwords. After you provision your virtual device, you should ensure
2231// that the information is destroyed following secure procedures.
2232//
2233// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
2234// with awserr.Error's Code and Message methods to get detailed information about
2235// the error.
2236//
2237// See the AWS API reference guide for AWS Identity and Access Management's
2238// API operation CreateVirtualMFADevice for usage and error information.
2239//
2240// Returned Error Codes:
2241//   * ErrCodeLimitExceededException "LimitExceeded"
2242//   The request was rejected because it attempted to create resources beyond
2243//   the current Amazon Web Services account limits. The error message describes
2244//   the limit exceeded.
2245//
2246//   * ErrCodeInvalidInputException "InvalidInput"
2247//   The request was rejected because an invalid or out-of-range value was supplied
2248//   for an input parameter.
2249//
2250//   * ErrCodeEntityAlreadyExistsException "EntityAlreadyExists"
2251//   The request was rejected because it attempted to create a resource that already
2252//   exists.
2253//
2254//   * ErrCodeConcurrentModificationException "ConcurrentModification"
2255//   The request was rejected because multiple requests to change this object
2256//   were submitted simultaneously. Wait a few minutes and submit your request
2257//   again.
2258//
2259//   * ErrCodeServiceFailureException "ServiceFailure"
2260//   The request processing has failed because of an unknown error, exception
2261//   or failure.
2262//
2263// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateVirtualMFADevice
2264func (c *IAM) CreateVirtualMFADevice(input *CreateVirtualMFADeviceInput) (*CreateVirtualMFADeviceOutput, error) {
2265	req, out := c.CreateVirtualMFADeviceRequest(input)
2266	return out, req.Send()
2267}
2268
2269// CreateVirtualMFADeviceWithContext is the same as CreateVirtualMFADevice with the addition of
2270// the ability to pass a context and additional request options.
2271//
2272// See CreateVirtualMFADevice for details on how to use this API operation.
2273//
2274// The context must be non-nil and will be used for request cancellation. If
2275// the context is nil a panic will occur. In the future the SDK may create
2276// sub-contexts for http.Requests. See https://golang.org/pkg/context/
2277// for more information on using Contexts.
2278func (c *IAM) CreateVirtualMFADeviceWithContext(ctx aws.Context, input *CreateVirtualMFADeviceInput, opts ...request.Option) (*CreateVirtualMFADeviceOutput, error) {
2279	req, out := c.CreateVirtualMFADeviceRequest(input)
2280	req.SetContext(ctx)
2281	req.ApplyOptions(opts...)
2282	return out, req.Send()
2283}
2284
2285const opDeactivateMFADevice = "DeactivateMFADevice"
2286
2287// DeactivateMFADeviceRequest generates a "aws/request.Request" representing the
2288// client's request for the DeactivateMFADevice operation. The "output" return
2289// value will be populated with the request's response once the request completes
2290// successfully.
2291//
2292// Use "Send" method on the returned Request to send the API call to the service.
2293// the "output" return value is not valid until after Send returns without error.
2294//
2295// See DeactivateMFADevice for more information on using the DeactivateMFADevice
2296// API call, and error handling.
2297//
2298// This method is useful when you want to inject custom logic or configuration
2299// into the SDK's request lifecycle. Such as custom headers, or retry logic.
2300//
2301//
2302//    // Example sending a request using the DeactivateMFADeviceRequest method.
2303//    req, resp := client.DeactivateMFADeviceRequest(params)
2304//
2305//    err := req.Send()
2306//    if err == nil { // resp is now filled
2307//        fmt.Println(resp)
2308//    }
2309//
2310// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeactivateMFADevice
2311func (c *IAM) DeactivateMFADeviceRequest(input *DeactivateMFADeviceInput) (req *request.Request, output *DeactivateMFADeviceOutput) {
2312	op := &request.Operation{
2313		Name:       opDeactivateMFADevice,
2314		HTTPMethod: "POST",
2315		HTTPPath:   "/",
2316	}
2317
2318	if input == nil {
2319		input = &DeactivateMFADeviceInput{}
2320	}
2321
2322	output = &DeactivateMFADeviceOutput{}
2323	req = c.newRequest(op, input, output)
2324	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
2325	return
2326}
2327
2328// DeactivateMFADevice API operation for AWS Identity and Access Management.
2329//
2330// Deactivates the specified MFA device and removes it from association with
2331// the user name for which it was originally enabled.
2332//
2333// For more information about creating and working with virtual MFA devices,
2334// see Enabling a virtual multi-factor authentication (MFA) device (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_VirtualMFA.html)
2335// in the IAM User Guide.
2336//
2337// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
2338// with awserr.Error's Code and Message methods to get detailed information about
2339// the error.
2340//
2341// See the AWS API reference guide for AWS Identity and Access Management's
2342// API operation DeactivateMFADevice for usage and error information.
2343//
2344// Returned Error Codes:
2345//   * ErrCodeEntityTemporarilyUnmodifiableException "EntityTemporarilyUnmodifiable"
2346//   The request was rejected because it referenced an entity that is temporarily
2347//   unmodifiable, such as a user name that was deleted and then recreated. The
2348//   error indicates that the request is likely to succeed if you try again after
2349//   waiting several minutes. The error message describes the entity.
2350//
2351//   * ErrCodeNoSuchEntityException "NoSuchEntity"
2352//   The request was rejected because it referenced a resource entity that does
2353//   not exist. The error message describes the resource.
2354//
2355//   * ErrCodeLimitExceededException "LimitExceeded"
2356//   The request was rejected because it attempted to create resources beyond
2357//   the current Amazon Web Services account limits. The error message describes
2358//   the limit exceeded.
2359//
2360//   * ErrCodeServiceFailureException "ServiceFailure"
2361//   The request processing has failed because of an unknown error, exception
2362//   or failure.
2363//
2364// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeactivateMFADevice
2365func (c *IAM) DeactivateMFADevice(input *DeactivateMFADeviceInput) (*DeactivateMFADeviceOutput, error) {
2366	req, out := c.DeactivateMFADeviceRequest(input)
2367	return out, req.Send()
2368}
2369
2370// DeactivateMFADeviceWithContext is the same as DeactivateMFADevice with the addition of
2371// the ability to pass a context and additional request options.
2372//
2373// See DeactivateMFADevice for details on how to use this API operation.
2374//
2375// The context must be non-nil and will be used for request cancellation. If
2376// the context is nil a panic will occur. In the future the SDK may create
2377// sub-contexts for http.Requests. See https://golang.org/pkg/context/
2378// for more information on using Contexts.
2379func (c *IAM) DeactivateMFADeviceWithContext(ctx aws.Context, input *DeactivateMFADeviceInput, opts ...request.Option) (*DeactivateMFADeviceOutput, error) {
2380	req, out := c.DeactivateMFADeviceRequest(input)
2381	req.SetContext(ctx)
2382	req.ApplyOptions(opts...)
2383	return out, req.Send()
2384}
2385
2386const opDeleteAccessKey = "DeleteAccessKey"
2387
2388// DeleteAccessKeyRequest generates a "aws/request.Request" representing the
2389// client's request for the DeleteAccessKey operation. The "output" return
2390// value will be populated with the request's response once the request completes
2391// successfully.
2392//
2393// Use "Send" method on the returned Request to send the API call to the service.
2394// the "output" return value is not valid until after Send returns without error.
2395//
2396// See DeleteAccessKey for more information on using the DeleteAccessKey
2397// API call, and error handling.
2398//
2399// This method is useful when you want to inject custom logic or configuration
2400// into the SDK's request lifecycle. Such as custom headers, or retry logic.
2401//
2402//
2403//    // Example sending a request using the DeleteAccessKeyRequest method.
2404//    req, resp := client.DeleteAccessKeyRequest(params)
2405//
2406//    err := req.Send()
2407//    if err == nil { // resp is now filled
2408//        fmt.Println(resp)
2409//    }
2410//
2411// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteAccessKey
2412func (c *IAM) DeleteAccessKeyRequest(input *DeleteAccessKeyInput) (req *request.Request, output *DeleteAccessKeyOutput) {
2413	op := &request.Operation{
2414		Name:       opDeleteAccessKey,
2415		HTTPMethod: "POST",
2416		HTTPPath:   "/",
2417	}
2418
2419	if input == nil {
2420		input = &DeleteAccessKeyInput{}
2421	}
2422
2423	output = &DeleteAccessKeyOutput{}
2424	req = c.newRequest(op, input, output)
2425	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
2426	return
2427}
2428
2429// DeleteAccessKey API operation for AWS Identity and Access Management.
2430//
2431// Deletes the access key pair associated with the specified IAM user.
2432//
2433// If you do not specify a user name, IAM determines the user name implicitly
2434// based on the Amazon Web Services access key ID signing the request. This
2435// operation works for access keys under the Amazon Web Services account. Consequently,
2436// you can use this operation to manage Amazon Web Services account root user
2437// credentials even if the Amazon Web Services account has no associated users.
2438//
2439// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
2440// with awserr.Error's Code and Message methods to get detailed information about
2441// the error.
2442//
2443// See the AWS API reference guide for AWS Identity and Access Management's
2444// API operation DeleteAccessKey for usage and error information.
2445//
2446// Returned Error Codes:
2447//   * ErrCodeNoSuchEntityException "NoSuchEntity"
2448//   The request was rejected because it referenced a resource entity that does
2449//   not exist. The error message describes the resource.
2450//
2451//   * ErrCodeLimitExceededException "LimitExceeded"
2452//   The request was rejected because it attempted to create resources beyond
2453//   the current Amazon Web Services account limits. The error message describes
2454//   the limit exceeded.
2455//
2456//   * ErrCodeServiceFailureException "ServiceFailure"
2457//   The request processing has failed because of an unknown error, exception
2458//   or failure.
2459//
2460// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteAccessKey
2461func (c *IAM) DeleteAccessKey(input *DeleteAccessKeyInput) (*DeleteAccessKeyOutput, error) {
2462	req, out := c.DeleteAccessKeyRequest(input)
2463	return out, req.Send()
2464}
2465
2466// DeleteAccessKeyWithContext is the same as DeleteAccessKey with the addition of
2467// the ability to pass a context and additional request options.
2468//
2469// See DeleteAccessKey for details on how to use this API operation.
2470//
2471// The context must be non-nil and will be used for request cancellation. If
2472// the context is nil a panic will occur. In the future the SDK may create
2473// sub-contexts for http.Requests. See https://golang.org/pkg/context/
2474// for more information on using Contexts.
2475func (c *IAM) DeleteAccessKeyWithContext(ctx aws.Context, input *DeleteAccessKeyInput, opts ...request.Option) (*DeleteAccessKeyOutput, error) {
2476	req, out := c.DeleteAccessKeyRequest(input)
2477	req.SetContext(ctx)
2478	req.ApplyOptions(opts...)
2479	return out, req.Send()
2480}
2481
2482const opDeleteAccountAlias = "DeleteAccountAlias"
2483
2484// DeleteAccountAliasRequest generates a "aws/request.Request" representing the
2485// client's request for the DeleteAccountAlias operation. The "output" return
2486// value will be populated with the request's response once the request completes
2487// successfully.
2488//
2489// Use "Send" method on the returned Request to send the API call to the service.
2490// the "output" return value is not valid until after Send returns without error.
2491//
2492// See DeleteAccountAlias for more information on using the DeleteAccountAlias
2493// API call, and error handling.
2494//
2495// This method is useful when you want to inject custom logic or configuration
2496// into the SDK's request lifecycle. Such as custom headers, or retry logic.
2497//
2498//
2499//    // Example sending a request using the DeleteAccountAliasRequest method.
2500//    req, resp := client.DeleteAccountAliasRequest(params)
2501//
2502//    err := req.Send()
2503//    if err == nil { // resp is now filled
2504//        fmt.Println(resp)
2505//    }
2506//
2507// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteAccountAlias
2508func (c *IAM) DeleteAccountAliasRequest(input *DeleteAccountAliasInput) (req *request.Request, output *DeleteAccountAliasOutput) {
2509	op := &request.Operation{
2510		Name:       opDeleteAccountAlias,
2511		HTTPMethod: "POST",
2512		HTTPPath:   "/",
2513	}
2514
2515	if input == nil {
2516		input = &DeleteAccountAliasInput{}
2517	}
2518
2519	output = &DeleteAccountAliasOutput{}
2520	req = c.newRequest(op, input, output)
2521	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
2522	return
2523}
2524
2525// DeleteAccountAlias API operation for AWS Identity and Access Management.
2526//
2527// Deletes the specified Amazon Web Services account alias. For information
2528// about using an Amazon Web Services account alias, see Using an alias for
2529// your Amazon Web Services account ID (https://docs.aws.amazon.com/IAM/latest/UserGuide/AccountAlias.html)
2530// in the IAM User Guide.
2531//
2532// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
2533// with awserr.Error's Code and Message methods to get detailed information about
2534// the error.
2535//
2536// See the AWS API reference guide for AWS Identity and Access Management's
2537// API operation DeleteAccountAlias for usage and error information.
2538//
2539// Returned Error Codes:
2540//   * ErrCodeNoSuchEntityException "NoSuchEntity"
2541//   The request was rejected because it referenced a resource entity that does
2542//   not exist. The error message describes the resource.
2543//
2544//   * ErrCodeLimitExceededException "LimitExceeded"
2545//   The request was rejected because it attempted to create resources beyond
2546//   the current Amazon Web Services account limits. The error message describes
2547//   the limit exceeded.
2548//
2549//   * ErrCodeServiceFailureException "ServiceFailure"
2550//   The request processing has failed because of an unknown error, exception
2551//   or failure.
2552//
2553// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteAccountAlias
2554func (c *IAM) DeleteAccountAlias(input *DeleteAccountAliasInput) (*DeleteAccountAliasOutput, error) {
2555	req, out := c.DeleteAccountAliasRequest(input)
2556	return out, req.Send()
2557}
2558
2559// DeleteAccountAliasWithContext is the same as DeleteAccountAlias with the addition of
2560// the ability to pass a context and additional request options.
2561//
2562// See DeleteAccountAlias for details on how to use this API operation.
2563//
2564// The context must be non-nil and will be used for request cancellation. If
2565// the context is nil a panic will occur. In the future the SDK may create
2566// sub-contexts for http.Requests. See https://golang.org/pkg/context/
2567// for more information on using Contexts.
2568func (c *IAM) DeleteAccountAliasWithContext(ctx aws.Context, input *DeleteAccountAliasInput, opts ...request.Option) (*DeleteAccountAliasOutput, error) {
2569	req, out := c.DeleteAccountAliasRequest(input)
2570	req.SetContext(ctx)
2571	req.ApplyOptions(opts...)
2572	return out, req.Send()
2573}
2574
2575const opDeleteAccountPasswordPolicy = "DeleteAccountPasswordPolicy"
2576
2577// DeleteAccountPasswordPolicyRequest generates a "aws/request.Request" representing the
2578// client's request for the DeleteAccountPasswordPolicy operation. The "output" return
2579// value will be populated with the request's response once the request completes
2580// successfully.
2581//
2582// Use "Send" method on the returned Request to send the API call to the service.
2583// the "output" return value is not valid until after Send returns without error.
2584//
2585// See DeleteAccountPasswordPolicy for more information on using the DeleteAccountPasswordPolicy
2586// API call, and error handling.
2587//
2588// This method is useful when you want to inject custom logic or configuration
2589// into the SDK's request lifecycle. Such as custom headers, or retry logic.
2590//
2591//
2592//    // Example sending a request using the DeleteAccountPasswordPolicyRequest method.
2593//    req, resp := client.DeleteAccountPasswordPolicyRequest(params)
2594//
2595//    err := req.Send()
2596//    if err == nil { // resp is now filled
2597//        fmt.Println(resp)
2598//    }
2599//
2600// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteAccountPasswordPolicy
2601func (c *IAM) DeleteAccountPasswordPolicyRequest(input *DeleteAccountPasswordPolicyInput) (req *request.Request, output *DeleteAccountPasswordPolicyOutput) {
2602	op := &request.Operation{
2603		Name:       opDeleteAccountPasswordPolicy,
2604		HTTPMethod: "POST",
2605		HTTPPath:   "/",
2606	}
2607
2608	if input == nil {
2609		input = &DeleteAccountPasswordPolicyInput{}
2610	}
2611
2612	output = &DeleteAccountPasswordPolicyOutput{}
2613	req = c.newRequest(op, input, output)
2614	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
2615	return
2616}
2617
2618// DeleteAccountPasswordPolicy API operation for AWS Identity and Access Management.
2619//
2620// Deletes the password policy for the Amazon Web Services account. There are
2621// no parameters.
2622//
2623// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
2624// with awserr.Error's Code and Message methods to get detailed information about
2625// the error.
2626//
2627// See the AWS API reference guide for AWS Identity and Access Management's
2628// API operation DeleteAccountPasswordPolicy for usage and error information.
2629//
2630// Returned Error Codes:
2631//   * ErrCodeNoSuchEntityException "NoSuchEntity"
2632//   The request was rejected because it referenced a resource entity that does
2633//   not exist. The error message describes the resource.
2634//
2635//   * ErrCodeLimitExceededException "LimitExceeded"
2636//   The request was rejected because it attempted to create resources beyond
2637//   the current Amazon Web Services account limits. The error message describes
2638//   the limit exceeded.
2639//
2640//   * ErrCodeServiceFailureException "ServiceFailure"
2641//   The request processing has failed because of an unknown error, exception
2642//   or failure.
2643//
2644// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteAccountPasswordPolicy
2645func (c *IAM) DeleteAccountPasswordPolicy(input *DeleteAccountPasswordPolicyInput) (*DeleteAccountPasswordPolicyOutput, error) {
2646	req, out := c.DeleteAccountPasswordPolicyRequest(input)
2647	return out, req.Send()
2648}
2649
2650// DeleteAccountPasswordPolicyWithContext is the same as DeleteAccountPasswordPolicy with the addition of
2651// the ability to pass a context and additional request options.
2652//
2653// See DeleteAccountPasswordPolicy for details on how to use this API operation.
2654//
2655// The context must be non-nil and will be used for request cancellation. If
2656// the context is nil a panic will occur. In the future the SDK may create
2657// sub-contexts for http.Requests. See https://golang.org/pkg/context/
2658// for more information on using Contexts.
2659func (c *IAM) DeleteAccountPasswordPolicyWithContext(ctx aws.Context, input *DeleteAccountPasswordPolicyInput, opts ...request.Option) (*DeleteAccountPasswordPolicyOutput, error) {
2660	req, out := c.DeleteAccountPasswordPolicyRequest(input)
2661	req.SetContext(ctx)
2662	req.ApplyOptions(opts...)
2663	return out, req.Send()
2664}
2665
2666const opDeleteGroup = "DeleteGroup"
2667
2668// DeleteGroupRequest generates a "aws/request.Request" representing the
2669// client's request for the DeleteGroup operation. The "output" return
2670// value will be populated with the request's response once the request completes
2671// successfully.
2672//
2673// Use "Send" method on the returned Request to send the API call to the service.
2674// the "output" return value is not valid until after Send returns without error.
2675//
2676// See DeleteGroup for more information on using the DeleteGroup
2677// API call, and error handling.
2678//
2679// This method is useful when you want to inject custom logic or configuration
2680// into the SDK's request lifecycle. Such as custom headers, or retry logic.
2681//
2682//
2683//    // Example sending a request using the DeleteGroupRequest method.
2684//    req, resp := client.DeleteGroupRequest(params)
2685//
2686//    err := req.Send()
2687//    if err == nil { // resp is now filled
2688//        fmt.Println(resp)
2689//    }
2690//
2691// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteGroup
2692func (c *IAM) DeleteGroupRequest(input *DeleteGroupInput) (req *request.Request, output *DeleteGroupOutput) {
2693	op := &request.Operation{
2694		Name:       opDeleteGroup,
2695		HTTPMethod: "POST",
2696		HTTPPath:   "/",
2697	}
2698
2699	if input == nil {
2700		input = &DeleteGroupInput{}
2701	}
2702
2703	output = &DeleteGroupOutput{}
2704	req = c.newRequest(op, input, output)
2705	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
2706	return
2707}
2708
2709// DeleteGroup API operation for AWS Identity and Access Management.
2710//
2711// Deletes the specified IAM group. The group must not contain any users or
2712// have any attached policies.
2713//
2714// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
2715// with awserr.Error's Code and Message methods to get detailed information about
2716// the error.
2717//
2718// See the AWS API reference guide for AWS Identity and Access Management's
2719// API operation DeleteGroup for usage and error information.
2720//
2721// Returned Error Codes:
2722//   * ErrCodeNoSuchEntityException "NoSuchEntity"
2723//   The request was rejected because it referenced a resource entity that does
2724//   not exist. The error message describes the resource.
2725//
2726//   * ErrCodeDeleteConflictException "DeleteConflict"
2727//   The request was rejected because it attempted to delete a resource that has
2728//   attached subordinate entities. The error message describes these entities.
2729//
2730//   * ErrCodeLimitExceededException "LimitExceeded"
2731//   The request was rejected because it attempted to create resources beyond
2732//   the current Amazon Web Services account limits. The error message describes
2733//   the limit exceeded.
2734//
2735//   * ErrCodeServiceFailureException "ServiceFailure"
2736//   The request processing has failed because of an unknown error, exception
2737//   or failure.
2738//
2739// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteGroup
2740func (c *IAM) DeleteGroup(input *DeleteGroupInput) (*DeleteGroupOutput, error) {
2741	req, out := c.DeleteGroupRequest(input)
2742	return out, req.Send()
2743}
2744
2745// DeleteGroupWithContext is the same as DeleteGroup with the addition of
2746// the ability to pass a context and additional request options.
2747//
2748// See DeleteGroup for details on how to use this API operation.
2749//
2750// The context must be non-nil and will be used for request cancellation. If
2751// the context is nil a panic will occur. In the future the SDK may create
2752// sub-contexts for http.Requests. See https://golang.org/pkg/context/
2753// for more information on using Contexts.
2754func (c *IAM) DeleteGroupWithContext(ctx aws.Context, input *DeleteGroupInput, opts ...request.Option) (*DeleteGroupOutput, error) {
2755	req, out := c.DeleteGroupRequest(input)
2756	req.SetContext(ctx)
2757	req.ApplyOptions(opts...)
2758	return out, req.Send()
2759}
2760
2761const opDeleteGroupPolicy = "DeleteGroupPolicy"
2762
2763// DeleteGroupPolicyRequest generates a "aws/request.Request" representing the
2764// client's request for the DeleteGroupPolicy operation. The "output" return
2765// value will be populated with the request's response once the request completes
2766// successfully.
2767//
2768// Use "Send" method on the returned Request to send the API call to the service.
2769// the "output" return value is not valid until after Send returns without error.
2770//
2771// See DeleteGroupPolicy for more information on using the DeleteGroupPolicy
2772// API call, and error handling.
2773//
2774// This method is useful when you want to inject custom logic or configuration
2775// into the SDK's request lifecycle. Such as custom headers, or retry logic.
2776//
2777//
2778//    // Example sending a request using the DeleteGroupPolicyRequest method.
2779//    req, resp := client.DeleteGroupPolicyRequest(params)
2780//
2781//    err := req.Send()
2782//    if err == nil { // resp is now filled
2783//        fmt.Println(resp)
2784//    }
2785//
2786// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteGroupPolicy
2787func (c *IAM) DeleteGroupPolicyRequest(input *DeleteGroupPolicyInput) (req *request.Request, output *DeleteGroupPolicyOutput) {
2788	op := &request.Operation{
2789		Name:       opDeleteGroupPolicy,
2790		HTTPMethod: "POST",
2791		HTTPPath:   "/",
2792	}
2793
2794	if input == nil {
2795		input = &DeleteGroupPolicyInput{}
2796	}
2797
2798	output = &DeleteGroupPolicyOutput{}
2799	req = c.newRequest(op, input, output)
2800	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
2801	return
2802}
2803
2804// DeleteGroupPolicy API operation for AWS Identity and Access Management.
2805//
2806// Deletes the specified inline policy that is embedded in the specified IAM
2807// group.
2808//
2809// A group can also have managed policies attached to it. To detach a managed
2810// policy from a group, use DetachGroupPolicy. For more information about policies,
2811// refer to Managed policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
2812// in the IAM User Guide.
2813//
2814// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
2815// with awserr.Error's Code and Message methods to get detailed information about
2816// the error.
2817//
2818// See the AWS API reference guide for AWS Identity and Access Management's
2819// API operation DeleteGroupPolicy for usage and error information.
2820//
2821// Returned Error Codes:
2822//   * ErrCodeNoSuchEntityException "NoSuchEntity"
2823//   The request was rejected because it referenced a resource entity that does
2824//   not exist. The error message describes the resource.
2825//
2826//   * ErrCodeLimitExceededException "LimitExceeded"
2827//   The request was rejected because it attempted to create resources beyond
2828//   the current Amazon Web Services account limits. The error message describes
2829//   the limit exceeded.
2830//
2831//   * ErrCodeServiceFailureException "ServiceFailure"
2832//   The request processing has failed because of an unknown error, exception
2833//   or failure.
2834//
2835// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteGroupPolicy
2836func (c *IAM) DeleteGroupPolicy(input *DeleteGroupPolicyInput) (*DeleteGroupPolicyOutput, error) {
2837	req, out := c.DeleteGroupPolicyRequest(input)
2838	return out, req.Send()
2839}
2840
2841// DeleteGroupPolicyWithContext is the same as DeleteGroupPolicy with the addition of
2842// the ability to pass a context and additional request options.
2843//
2844// See DeleteGroupPolicy for details on how to use this API operation.
2845//
2846// The context must be non-nil and will be used for request cancellation. If
2847// the context is nil a panic will occur. In the future the SDK may create
2848// sub-contexts for http.Requests. See https://golang.org/pkg/context/
2849// for more information on using Contexts.
2850func (c *IAM) DeleteGroupPolicyWithContext(ctx aws.Context, input *DeleteGroupPolicyInput, opts ...request.Option) (*DeleteGroupPolicyOutput, error) {
2851	req, out := c.DeleteGroupPolicyRequest(input)
2852	req.SetContext(ctx)
2853	req.ApplyOptions(opts...)
2854	return out, req.Send()
2855}
2856
2857const opDeleteInstanceProfile = "DeleteInstanceProfile"
2858
2859// DeleteInstanceProfileRequest generates a "aws/request.Request" representing the
2860// client's request for the DeleteInstanceProfile operation. The "output" return
2861// value will be populated with the request's response once the request completes
2862// successfully.
2863//
2864// Use "Send" method on the returned Request to send the API call to the service.
2865// the "output" return value is not valid until after Send returns without error.
2866//
2867// See DeleteInstanceProfile for more information on using the DeleteInstanceProfile
2868// API call, and error handling.
2869//
2870// This method is useful when you want to inject custom logic or configuration
2871// into the SDK's request lifecycle. Such as custom headers, or retry logic.
2872//
2873//
2874//    // Example sending a request using the DeleteInstanceProfileRequest method.
2875//    req, resp := client.DeleteInstanceProfileRequest(params)
2876//
2877//    err := req.Send()
2878//    if err == nil { // resp is now filled
2879//        fmt.Println(resp)
2880//    }
2881//
2882// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteInstanceProfile
2883func (c *IAM) DeleteInstanceProfileRequest(input *DeleteInstanceProfileInput) (req *request.Request, output *DeleteInstanceProfileOutput) {
2884	op := &request.Operation{
2885		Name:       opDeleteInstanceProfile,
2886		HTTPMethod: "POST",
2887		HTTPPath:   "/",
2888	}
2889
2890	if input == nil {
2891		input = &DeleteInstanceProfileInput{}
2892	}
2893
2894	output = &DeleteInstanceProfileOutput{}
2895	req = c.newRequest(op, input, output)
2896	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
2897	return
2898}
2899
2900// DeleteInstanceProfile API operation for AWS Identity and Access Management.
2901//
2902// Deletes the specified instance profile. The instance profile must not have
2903// an associated role.
2904//
2905// Make sure that you do not have any Amazon EC2 instances running with the
2906// instance profile you are about to delete. Deleting a role or instance profile
2907// that is associated with a running instance will break any applications running
2908// on the instance.
2909//
2910// For more information about instance profiles, see About instance profiles
2911// (https://docs.aws.amazon.com/IAM/latest/UserGuide/AboutInstanceProfiles.html).
2912//
2913// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
2914// with awserr.Error's Code and Message methods to get detailed information about
2915// the error.
2916//
2917// See the AWS API reference guide for AWS Identity and Access Management's
2918// API operation DeleteInstanceProfile for usage and error information.
2919//
2920// Returned Error Codes:
2921//   * ErrCodeNoSuchEntityException "NoSuchEntity"
2922//   The request was rejected because it referenced a resource entity that does
2923//   not exist. The error message describes the resource.
2924//
2925//   * ErrCodeDeleteConflictException "DeleteConflict"
2926//   The request was rejected because it attempted to delete a resource that has
2927//   attached subordinate entities. The error message describes these entities.
2928//
2929//   * ErrCodeLimitExceededException "LimitExceeded"
2930//   The request was rejected because it attempted to create resources beyond
2931//   the current Amazon Web Services account limits. The error message describes
2932//   the limit exceeded.
2933//
2934//   * ErrCodeServiceFailureException "ServiceFailure"
2935//   The request processing has failed because of an unknown error, exception
2936//   or failure.
2937//
2938// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteInstanceProfile
2939func (c *IAM) DeleteInstanceProfile(input *DeleteInstanceProfileInput) (*DeleteInstanceProfileOutput, error) {
2940	req, out := c.DeleteInstanceProfileRequest(input)
2941	return out, req.Send()
2942}
2943
2944// DeleteInstanceProfileWithContext is the same as DeleteInstanceProfile with the addition of
2945// the ability to pass a context and additional request options.
2946//
2947// See DeleteInstanceProfile for details on how to use this API operation.
2948//
2949// The context must be non-nil and will be used for request cancellation. If
2950// the context is nil a panic will occur. In the future the SDK may create
2951// sub-contexts for http.Requests. See https://golang.org/pkg/context/
2952// for more information on using Contexts.
2953func (c *IAM) DeleteInstanceProfileWithContext(ctx aws.Context, input *DeleteInstanceProfileInput, opts ...request.Option) (*DeleteInstanceProfileOutput, error) {
2954	req, out := c.DeleteInstanceProfileRequest(input)
2955	req.SetContext(ctx)
2956	req.ApplyOptions(opts...)
2957	return out, req.Send()
2958}
2959
2960const opDeleteLoginProfile = "DeleteLoginProfile"
2961
2962// DeleteLoginProfileRequest generates a "aws/request.Request" representing the
2963// client's request for the DeleteLoginProfile operation. The "output" return
2964// value will be populated with the request's response once the request completes
2965// successfully.
2966//
2967// Use "Send" method on the returned Request to send the API call to the service.
2968// the "output" return value is not valid until after Send returns without error.
2969//
2970// See DeleteLoginProfile for more information on using the DeleteLoginProfile
2971// API call, and error handling.
2972//
2973// This method is useful when you want to inject custom logic or configuration
2974// into the SDK's request lifecycle. Such as custom headers, or retry logic.
2975//
2976//
2977//    // Example sending a request using the DeleteLoginProfileRequest method.
2978//    req, resp := client.DeleteLoginProfileRequest(params)
2979//
2980//    err := req.Send()
2981//    if err == nil { // resp is now filled
2982//        fmt.Println(resp)
2983//    }
2984//
2985// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteLoginProfile
2986func (c *IAM) DeleteLoginProfileRequest(input *DeleteLoginProfileInput) (req *request.Request, output *DeleteLoginProfileOutput) {
2987	op := &request.Operation{
2988		Name:       opDeleteLoginProfile,
2989		HTTPMethod: "POST",
2990		HTTPPath:   "/",
2991	}
2992
2993	if input == nil {
2994		input = &DeleteLoginProfileInput{}
2995	}
2996
2997	output = &DeleteLoginProfileOutput{}
2998	req = c.newRequest(op, input, output)
2999	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
3000	return
3001}
3002
3003// DeleteLoginProfile API operation for AWS Identity and Access Management.
3004//
3005// Deletes the password for the specified IAM user, which terminates the user's
3006// ability to access Amazon Web Services services through the Amazon Web Services
3007// Management Console.
3008//
3009// You can use the CLI, the Amazon Web Services API, or the Users page in the
3010// IAM console to delete a password for any IAM user. You can use ChangePassword
3011// to update, but not delete, your own password in the My Security Credentials
3012// page in the Amazon Web Services Management Console.
3013//
3014// Deleting a user's password does not prevent a user from accessing Amazon
3015// Web Services through the command line interface or the API. To prevent all
3016// user access, you must also either make any access keys inactive or delete
3017// them. For more information about making keys inactive or deleting them, see
3018// UpdateAccessKey and DeleteAccessKey.
3019//
3020// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
3021// with awserr.Error's Code and Message methods to get detailed information about
3022// the error.
3023//
3024// See the AWS API reference guide for AWS Identity and Access Management's
3025// API operation DeleteLoginProfile for usage and error information.
3026//
3027// Returned Error Codes:
3028//   * ErrCodeEntityTemporarilyUnmodifiableException "EntityTemporarilyUnmodifiable"
3029//   The request was rejected because it referenced an entity that is temporarily
3030//   unmodifiable, such as a user name that was deleted and then recreated. The
3031//   error indicates that the request is likely to succeed if you try again after
3032//   waiting several minutes. The error message describes the entity.
3033//
3034//   * ErrCodeNoSuchEntityException "NoSuchEntity"
3035//   The request was rejected because it referenced a resource entity that does
3036//   not exist. The error message describes the resource.
3037//
3038//   * ErrCodeLimitExceededException "LimitExceeded"
3039//   The request was rejected because it attempted to create resources beyond
3040//   the current Amazon Web Services account limits. The error message describes
3041//   the limit exceeded.
3042//
3043//   * ErrCodeServiceFailureException "ServiceFailure"
3044//   The request processing has failed because of an unknown error, exception
3045//   or failure.
3046//
3047// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteLoginProfile
3048func (c *IAM) DeleteLoginProfile(input *DeleteLoginProfileInput) (*DeleteLoginProfileOutput, error) {
3049	req, out := c.DeleteLoginProfileRequest(input)
3050	return out, req.Send()
3051}
3052
3053// DeleteLoginProfileWithContext is the same as DeleteLoginProfile with the addition of
3054// the ability to pass a context and additional request options.
3055//
3056// See DeleteLoginProfile for details on how to use this API operation.
3057//
3058// The context must be non-nil and will be used for request cancellation. If
3059// the context is nil a panic will occur. In the future the SDK may create
3060// sub-contexts for http.Requests. See https://golang.org/pkg/context/
3061// for more information on using Contexts.
3062func (c *IAM) DeleteLoginProfileWithContext(ctx aws.Context, input *DeleteLoginProfileInput, opts ...request.Option) (*DeleteLoginProfileOutput, error) {
3063	req, out := c.DeleteLoginProfileRequest(input)
3064	req.SetContext(ctx)
3065	req.ApplyOptions(opts...)
3066	return out, req.Send()
3067}
3068
3069const opDeleteOpenIDConnectProvider = "DeleteOpenIDConnectProvider"
3070
3071// DeleteOpenIDConnectProviderRequest generates a "aws/request.Request" representing the
3072// client's request for the DeleteOpenIDConnectProvider operation. The "output" return
3073// value will be populated with the request's response once the request completes
3074// successfully.
3075//
3076// Use "Send" method on the returned Request to send the API call to the service.
3077// the "output" return value is not valid until after Send returns without error.
3078//
3079// See DeleteOpenIDConnectProvider for more information on using the DeleteOpenIDConnectProvider
3080// API call, and error handling.
3081//
3082// This method is useful when you want to inject custom logic or configuration
3083// into the SDK's request lifecycle. Such as custom headers, or retry logic.
3084//
3085//
3086//    // Example sending a request using the DeleteOpenIDConnectProviderRequest method.
3087//    req, resp := client.DeleteOpenIDConnectProviderRequest(params)
3088//
3089//    err := req.Send()
3090//    if err == nil { // resp is now filled
3091//        fmt.Println(resp)
3092//    }
3093//
3094// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteOpenIDConnectProvider
3095func (c *IAM) DeleteOpenIDConnectProviderRequest(input *DeleteOpenIDConnectProviderInput) (req *request.Request, output *DeleteOpenIDConnectProviderOutput) {
3096	op := &request.Operation{
3097		Name:       opDeleteOpenIDConnectProvider,
3098		HTTPMethod: "POST",
3099		HTTPPath:   "/",
3100	}
3101
3102	if input == nil {
3103		input = &DeleteOpenIDConnectProviderInput{}
3104	}
3105
3106	output = &DeleteOpenIDConnectProviderOutput{}
3107	req = c.newRequest(op, input, output)
3108	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
3109	return
3110}
3111
3112// DeleteOpenIDConnectProvider API operation for AWS Identity and Access Management.
3113//
3114// Deletes an OpenID Connect identity provider (IdP) resource object in IAM.
3115//
3116// Deleting an IAM OIDC provider resource does not update any roles that reference
3117// the provider as a principal in their trust policies. Any attempt to assume
3118// a role that references a deleted provider fails.
3119//
3120// This operation is idempotent; it does not fail or return an error if you
3121// call the operation for a provider that does not exist.
3122//
3123// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
3124// with awserr.Error's Code and Message methods to get detailed information about
3125// the error.
3126//
3127// See the AWS API reference guide for AWS Identity and Access Management's
3128// API operation DeleteOpenIDConnectProvider for usage and error information.
3129//
3130// Returned Error Codes:
3131//   * ErrCodeInvalidInputException "InvalidInput"
3132//   The request was rejected because an invalid or out-of-range value was supplied
3133//   for an input parameter.
3134//
3135//   * ErrCodeNoSuchEntityException "NoSuchEntity"
3136//   The request was rejected because it referenced a resource entity that does
3137//   not exist. The error message describes the resource.
3138//
3139//   * ErrCodeServiceFailureException "ServiceFailure"
3140//   The request processing has failed because of an unknown error, exception
3141//   or failure.
3142//
3143// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteOpenIDConnectProvider
3144func (c *IAM) DeleteOpenIDConnectProvider(input *DeleteOpenIDConnectProviderInput) (*DeleteOpenIDConnectProviderOutput, error) {
3145	req, out := c.DeleteOpenIDConnectProviderRequest(input)
3146	return out, req.Send()
3147}
3148
3149// DeleteOpenIDConnectProviderWithContext is the same as DeleteOpenIDConnectProvider with the addition of
3150// the ability to pass a context and additional request options.
3151//
3152// See DeleteOpenIDConnectProvider for details on how to use this API operation.
3153//
3154// The context must be non-nil and will be used for request cancellation. If
3155// the context is nil a panic will occur. In the future the SDK may create
3156// sub-contexts for http.Requests. See https://golang.org/pkg/context/
3157// for more information on using Contexts.
3158func (c *IAM) DeleteOpenIDConnectProviderWithContext(ctx aws.Context, input *DeleteOpenIDConnectProviderInput, opts ...request.Option) (*DeleteOpenIDConnectProviderOutput, error) {
3159	req, out := c.DeleteOpenIDConnectProviderRequest(input)
3160	req.SetContext(ctx)
3161	req.ApplyOptions(opts...)
3162	return out, req.Send()
3163}
3164
3165const opDeletePolicy = "DeletePolicy"
3166
3167// DeletePolicyRequest generates a "aws/request.Request" representing the
3168// client's request for the DeletePolicy operation. The "output" return
3169// value will be populated with the request's response once the request completes
3170// successfully.
3171//
3172// Use "Send" method on the returned Request to send the API call to the service.
3173// the "output" return value is not valid until after Send returns without error.
3174//
3175// See DeletePolicy for more information on using the DeletePolicy
3176// API call, and error handling.
3177//
3178// This method is useful when you want to inject custom logic or configuration
3179// into the SDK's request lifecycle. Such as custom headers, or retry logic.
3180//
3181//
3182//    // Example sending a request using the DeletePolicyRequest method.
3183//    req, resp := client.DeletePolicyRequest(params)
3184//
3185//    err := req.Send()
3186//    if err == nil { // resp is now filled
3187//        fmt.Println(resp)
3188//    }
3189//
3190// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeletePolicy
3191func (c *IAM) DeletePolicyRequest(input *DeletePolicyInput) (req *request.Request, output *DeletePolicyOutput) {
3192	op := &request.Operation{
3193		Name:       opDeletePolicy,
3194		HTTPMethod: "POST",
3195		HTTPPath:   "/",
3196	}
3197
3198	if input == nil {
3199		input = &DeletePolicyInput{}
3200	}
3201
3202	output = &DeletePolicyOutput{}
3203	req = c.newRequest(op, input, output)
3204	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
3205	return
3206}
3207
3208// DeletePolicy API operation for AWS Identity and Access Management.
3209//
3210// Deletes the specified managed policy.
3211//
3212// Before you can delete a managed policy, you must first detach the policy
3213// from all users, groups, and roles that it is attached to. In addition, you
3214// must delete all the policy's versions. The following steps describe the process
3215// for deleting a managed policy:
3216//
3217//    * Detach the policy from all users, groups, and roles that the policy
3218//    is attached to, using DetachUserPolicy, DetachGroupPolicy, or DetachRolePolicy.
3219//    To list all the users, groups, and roles that a policy is attached to,
3220//    use ListEntitiesForPolicy.
3221//
3222//    * Delete all versions of the policy using DeletePolicyVersion. To list
3223//    the policy's versions, use ListPolicyVersions. You cannot use DeletePolicyVersion
3224//    to delete the version that is marked as the default version. You delete
3225//    the policy's default version in the next step of the process.
3226//
3227//    * Delete the policy (this automatically deletes the policy's default version)
3228//    using this operation.
3229//
3230// For information about managed policies, see Managed policies and inline policies
3231// (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
3232// in the IAM User Guide.
3233//
3234// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
3235// with awserr.Error's Code and Message methods to get detailed information about
3236// the error.
3237//
3238// See the AWS API reference guide for AWS Identity and Access Management's
3239// API operation DeletePolicy for usage and error information.
3240//
3241// Returned Error Codes:
3242//   * ErrCodeNoSuchEntityException "NoSuchEntity"
3243//   The request was rejected because it referenced a resource entity that does
3244//   not exist. The error message describes the resource.
3245//
3246//   * ErrCodeLimitExceededException "LimitExceeded"
3247//   The request was rejected because it attempted to create resources beyond
3248//   the current Amazon Web Services account limits. The error message describes
3249//   the limit exceeded.
3250//
3251//   * ErrCodeInvalidInputException "InvalidInput"
3252//   The request was rejected because an invalid or out-of-range value was supplied
3253//   for an input parameter.
3254//
3255//   * ErrCodeDeleteConflictException "DeleteConflict"
3256//   The request was rejected because it attempted to delete a resource that has
3257//   attached subordinate entities. The error message describes these entities.
3258//
3259//   * ErrCodeServiceFailureException "ServiceFailure"
3260//   The request processing has failed because of an unknown error, exception
3261//   or failure.
3262//
3263// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeletePolicy
3264func (c *IAM) DeletePolicy(input *DeletePolicyInput) (*DeletePolicyOutput, error) {
3265	req, out := c.DeletePolicyRequest(input)
3266	return out, req.Send()
3267}
3268
3269// DeletePolicyWithContext is the same as DeletePolicy with the addition of
3270// the ability to pass a context and additional request options.
3271//
3272// See DeletePolicy for details on how to use this API operation.
3273//
3274// The context must be non-nil and will be used for request cancellation. If
3275// the context is nil a panic will occur. In the future the SDK may create
3276// sub-contexts for http.Requests. See https://golang.org/pkg/context/
3277// for more information on using Contexts.
3278func (c *IAM) DeletePolicyWithContext(ctx aws.Context, input *DeletePolicyInput, opts ...request.Option) (*DeletePolicyOutput, error) {
3279	req, out := c.DeletePolicyRequest(input)
3280	req.SetContext(ctx)
3281	req.ApplyOptions(opts...)
3282	return out, req.Send()
3283}
3284
3285const opDeletePolicyVersion = "DeletePolicyVersion"
3286
3287// DeletePolicyVersionRequest generates a "aws/request.Request" representing the
3288// client's request for the DeletePolicyVersion operation. The "output" return
3289// value will be populated with the request's response once the request completes
3290// successfully.
3291//
3292// Use "Send" method on the returned Request to send the API call to the service.
3293// the "output" return value is not valid until after Send returns without error.
3294//
3295// See DeletePolicyVersion for more information on using the DeletePolicyVersion
3296// API call, and error handling.
3297//
3298// This method is useful when you want to inject custom logic or configuration
3299// into the SDK's request lifecycle. Such as custom headers, or retry logic.
3300//
3301//
3302//    // Example sending a request using the DeletePolicyVersionRequest method.
3303//    req, resp := client.DeletePolicyVersionRequest(params)
3304//
3305//    err := req.Send()
3306//    if err == nil { // resp is now filled
3307//        fmt.Println(resp)
3308//    }
3309//
3310// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeletePolicyVersion
3311func (c *IAM) DeletePolicyVersionRequest(input *DeletePolicyVersionInput) (req *request.Request, output *DeletePolicyVersionOutput) {
3312	op := &request.Operation{
3313		Name:       opDeletePolicyVersion,
3314		HTTPMethod: "POST",
3315		HTTPPath:   "/",
3316	}
3317
3318	if input == nil {
3319		input = &DeletePolicyVersionInput{}
3320	}
3321
3322	output = &DeletePolicyVersionOutput{}
3323	req = c.newRequest(op, input, output)
3324	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
3325	return
3326}
3327
3328// DeletePolicyVersion API operation for AWS Identity and Access Management.
3329//
3330// Deletes the specified version from the specified managed policy.
3331//
3332// You cannot delete the default version from a policy using this operation.
3333// To delete the default version from a policy, use DeletePolicy. To find out
3334// which version of a policy is marked as the default version, use ListPolicyVersions.
3335//
3336// For information about versions for managed policies, see Versioning for managed
3337// policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-versions.html)
3338// in the IAM User Guide.
3339//
3340// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
3341// with awserr.Error's Code and Message methods to get detailed information about
3342// the error.
3343//
3344// See the AWS API reference guide for AWS Identity and Access Management's
3345// API operation DeletePolicyVersion for usage and error information.
3346//
3347// Returned Error Codes:
3348//   * ErrCodeNoSuchEntityException "NoSuchEntity"
3349//   The request was rejected because it referenced a resource entity that does
3350//   not exist. The error message describes the resource.
3351//
3352//   * ErrCodeLimitExceededException "LimitExceeded"
3353//   The request was rejected because it attempted to create resources beyond
3354//   the current Amazon Web Services account limits. The error message describes
3355//   the limit exceeded.
3356//
3357//   * ErrCodeInvalidInputException "InvalidInput"
3358//   The request was rejected because an invalid or out-of-range value was supplied
3359//   for an input parameter.
3360//
3361//   * ErrCodeDeleteConflictException "DeleteConflict"
3362//   The request was rejected because it attempted to delete a resource that has
3363//   attached subordinate entities. The error message describes these entities.
3364//
3365//   * ErrCodeServiceFailureException "ServiceFailure"
3366//   The request processing has failed because of an unknown error, exception
3367//   or failure.
3368//
3369// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeletePolicyVersion
3370func (c *IAM) DeletePolicyVersion(input *DeletePolicyVersionInput) (*DeletePolicyVersionOutput, error) {
3371	req, out := c.DeletePolicyVersionRequest(input)
3372	return out, req.Send()
3373}
3374
3375// DeletePolicyVersionWithContext is the same as DeletePolicyVersion with the addition of
3376// the ability to pass a context and additional request options.
3377//
3378// See DeletePolicyVersion for details on how to use this API operation.
3379//
3380// The context must be non-nil and will be used for request cancellation. If
3381// the context is nil a panic will occur. In the future the SDK may create
3382// sub-contexts for http.Requests. See https://golang.org/pkg/context/
3383// for more information on using Contexts.
3384func (c *IAM) DeletePolicyVersionWithContext(ctx aws.Context, input *DeletePolicyVersionInput, opts ...request.Option) (*DeletePolicyVersionOutput, error) {
3385	req, out := c.DeletePolicyVersionRequest(input)
3386	req.SetContext(ctx)
3387	req.ApplyOptions(opts...)
3388	return out, req.Send()
3389}
3390
3391const opDeleteRole = "DeleteRole"
3392
3393// DeleteRoleRequest generates a "aws/request.Request" representing the
3394// client's request for the DeleteRole operation. The "output" return
3395// value will be populated with the request's response once the request completes
3396// successfully.
3397//
3398// Use "Send" method on the returned Request to send the API call to the service.
3399// the "output" return value is not valid until after Send returns without error.
3400//
3401// See DeleteRole for more information on using the DeleteRole
3402// API call, and error handling.
3403//
3404// This method is useful when you want to inject custom logic or configuration
3405// into the SDK's request lifecycle. Such as custom headers, or retry logic.
3406//
3407//
3408//    // Example sending a request using the DeleteRoleRequest method.
3409//    req, resp := client.DeleteRoleRequest(params)
3410//
3411//    err := req.Send()
3412//    if err == nil { // resp is now filled
3413//        fmt.Println(resp)
3414//    }
3415//
3416// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteRole
3417func (c *IAM) DeleteRoleRequest(input *DeleteRoleInput) (req *request.Request, output *DeleteRoleOutput) {
3418	op := &request.Operation{
3419		Name:       opDeleteRole,
3420		HTTPMethod: "POST",
3421		HTTPPath:   "/",
3422	}
3423
3424	if input == nil {
3425		input = &DeleteRoleInput{}
3426	}
3427
3428	output = &DeleteRoleOutput{}
3429	req = c.newRequest(op, input, output)
3430	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
3431	return
3432}
3433
3434// DeleteRole API operation for AWS Identity and Access Management.
3435//
3436// Deletes the specified role. The role must not have any policies attached.
3437// For more information about roles, see Working with roles (https://docs.aws.amazon.com/IAM/latest/UserGuide/WorkingWithRoles.html).
3438//
3439// Make sure that you do not have any Amazon EC2 instances running with the
3440// role you are about to delete. Deleting a role or instance profile that is
3441// associated with a running instance will break any applications running on
3442// the instance.
3443//
3444// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
3445// with awserr.Error's Code and Message methods to get detailed information about
3446// the error.
3447//
3448// See the AWS API reference guide for AWS Identity and Access Management's
3449// API operation DeleteRole for usage and error information.
3450//
3451// Returned Error Codes:
3452//   * ErrCodeNoSuchEntityException "NoSuchEntity"
3453//   The request was rejected because it referenced a resource entity that does
3454//   not exist. The error message describes the resource.
3455//
3456//   * ErrCodeDeleteConflictException "DeleteConflict"
3457//   The request was rejected because it attempted to delete a resource that has
3458//   attached subordinate entities. The error message describes these entities.
3459//
3460//   * ErrCodeLimitExceededException "LimitExceeded"
3461//   The request was rejected because it attempted to create resources beyond
3462//   the current Amazon Web Services account limits. The error message describes
3463//   the limit exceeded.
3464//
3465//   * ErrCodeUnmodifiableEntityException "UnmodifiableEntity"
3466//   The request was rejected because only the service that depends on the service-linked
3467//   role can modify or delete the role on your behalf. The error message includes
3468//   the name of the service that depends on this service-linked role. You must
3469//   request the change through that service.
3470//
3471//   * ErrCodeConcurrentModificationException "ConcurrentModification"
3472//   The request was rejected because multiple requests to change this object
3473//   were submitted simultaneously. Wait a few minutes and submit your request
3474//   again.
3475//
3476//   * ErrCodeServiceFailureException "ServiceFailure"
3477//   The request processing has failed because of an unknown error, exception
3478//   or failure.
3479//
3480// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteRole
3481func (c *IAM) DeleteRole(input *DeleteRoleInput) (*DeleteRoleOutput, error) {
3482	req, out := c.DeleteRoleRequest(input)
3483	return out, req.Send()
3484}
3485
3486// DeleteRoleWithContext is the same as DeleteRole with the addition of
3487// the ability to pass a context and additional request options.
3488//
3489// See DeleteRole for details on how to use this API operation.
3490//
3491// The context must be non-nil and will be used for request cancellation. If
3492// the context is nil a panic will occur. In the future the SDK may create
3493// sub-contexts for http.Requests. See https://golang.org/pkg/context/
3494// for more information on using Contexts.
3495func (c *IAM) DeleteRoleWithContext(ctx aws.Context, input *DeleteRoleInput, opts ...request.Option) (*DeleteRoleOutput, error) {
3496	req, out := c.DeleteRoleRequest(input)
3497	req.SetContext(ctx)
3498	req.ApplyOptions(opts...)
3499	return out, req.Send()
3500}
3501
3502const opDeleteRolePermissionsBoundary = "DeleteRolePermissionsBoundary"
3503
3504// DeleteRolePermissionsBoundaryRequest generates a "aws/request.Request" representing the
3505// client's request for the DeleteRolePermissionsBoundary operation. The "output" return
3506// value will be populated with the request's response once the request completes
3507// successfully.
3508//
3509// Use "Send" method on the returned Request to send the API call to the service.
3510// the "output" return value is not valid until after Send returns without error.
3511//
3512// See DeleteRolePermissionsBoundary for more information on using the DeleteRolePermissionsBoundary
3513// API call, and error handling.
3514//
3515// This method is useful when you want to inject custom logic or configuration
3516// into the SDK's request lifecycle. Such as custom headers, or retry logic.
3517//
3518//
3519//    // Example sending a request using the DeleteRolePermissionsBoundaryRequest method.
3520//    req, resp := client.DeleteRolePermissionsBoundaryRequest(params)
3521//
3522//    err := req.Send()
3523//    if err == nil { // resp is now filled
3524//        fmt.Println(resp)
3525//    }
3526//
3527// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteRolePermissionsBoundary
3528func (c *IAM) DeleteRolePermissionsBoundaryRequest(input *DeleteRolePermissionsBoundaryInput) (req *request.Request, output *DeleteRolePermissionsBoundaryOutput) {
3529	op := &request.Operation{
3530		Name:       opDeleteRolePermissionsBoundary,
3531		HTTPMethod: "POST",
3532		HTTPPath:   "/",
3533	}
3534
3535	if input == nil {
3536		input = &DeleteRolePermissionsBoundaryInput{}
3537	}
3538
3539	output = &DeleteRolePermissionsBoundaryOutput{}
3540	req = c.newRequest(op, input, output)
3541	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
3542	return
3543}
3544
3545// DeleteRolePermissionsBoundary API operation for AWS Identity and Access Management.
3546//
3547// Deletes the permissions boundary for the specified IAM role.
3548//
3549// Deleting the permissions boundary for a role might increase its permissions.
3550// For example, it might allow anyone who assumes the role to perform all the
3551// actions granted in its permissions policies.
3552//
3553// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
3554// with awserr.Error's Code and Message methods to get detailed information about
3555// the error.
3556//
3557// See the AWS API reference guide for AWS Identity and Access Management's
3558// API operation DeleteRolePermissionsBoundary for usage and error information.
3559//
3560// Returned Error Codes:
3561//   * ErrCodeNoSuchEntityException "NoSuchEntity"
3562//   The request was rejected because it referenced a resource entity that does
3563//   not exist. The error message describes the resource.
3564//
3565//   * ErrCodeUnmodifiableEntityException "UnmodifiableEntity"
3566//   The request was rejected because only the service that depends on the service-linked
3567//   role can modify or delete the role on your behalf. The error message includes
3568//   the name of the service that depends on this service-linked role. You must
3569//   request the change through that service.
3570//
3571//   * ErrCodeServiceFailureException "ServiceFailure"
3572//   The request processing has failed because of an unknown error, exception
3573//   or failure.
3574//
3575// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteRolePermissionsBoundary
3576func (c *IAM) DeleteRolePermissionsBoundary(input *DeleteRolePermissionsBoundaryInput) (*DeleteRolePermissionsBoundaryOutput, error) {
3577	req, out := c.DeleteRolePermissionsBoundaryRequest(input)
3578	return out, req.Send()
3579}
3580
3581// DeleteRolePermissionsBoundaryWithContext is the same as DeleteRolePermissionsBoundary with the addition of
3582// the ability to pass a context and additional request options.
3583//
3584// See DeleteRolePermissionsBoundary for details on how to use this API operation.
3585//
3586// The context must be non-nil and will be used for request cancellation. If
3587// the context is nil a panic will occur. In the future the SDK may create
3588// sub-contexts for http.Requests. See https://golang.org/pkg/context/
3589// for more information on using Contexts.
3590func (c *IAM) DeleteRolePermissionsBoundaryWithContext(ctx aws.Context, input *DeleteRolePermissionsBoundaryInput, opts ...request.Option) (*DeleteRolePermissionsBoundaryOutput, error) {
3591	req, out := c.DeleteRolePermissionsBoundaryRequest(input)
3592	req.SetContext(ctx)
3593	req.ApplyOptions(opts...)
3594	return out, req.Send()
3595}
3596
3597const opDeleteRolePolicy = "DeleteRolePolicy"
3598
3599// DeleteRolePolicyRequest generates a "aws/request.Request" representing the
3600// client's request for the DeleteRolePolicy operation. The "output" return
3601// value will be populated with the request's response once the request completes
3602// successfully.
3603//
3604// Use "Send" method on the returned Request to send the API call to the service.
3605// the "output" return value is not valid until after Send returns without error.
3606//
3607// See DeleteRolePolicy for more information on using the DeleteRolePolicy
3608// API call, and error handling.
3609//
3610// This method is useful when you want to inject custom logic or configuration
3611// into the SDK's request lifecycle. Such as custom headers, or retry logic.
3612//
3613//
3614//    // Example sending a request using the DeleteRolePolicyRequest method.
3615//    req, resp := client.DeleteRolePolicyRequest(params)
3616//
3617//    err := req.Send()
3618//    if err == nil { // resp is now filled
3619//        fmt.Println(resp)
3620//    }
3621//
3622// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteRolePolicy
3623func (c *IAM) DeleteRolePolicyRequest(input *DeleteRolePolicyInput) (req *request.Request, output *DeleteRolePolicyOutput) {
3624	op := &request.Operation{
3625		Name:       opDeleteRolePolicy,
3626		HTTPMethod: "POST",
3627		HTTPPath:   "/",
3628	}
3629
3630	if input == nil {
3631		input = &DeleteRolePolicyInput{}
3632	}
3633
3634	output = &DeleteRolePolicyOutput{}
3635	req = c.newRequest(op, input, output)
3636	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
3637	return
3638}
3639
3640// DeleteRolePolicy API operation for AWS Identity and Access Management.
3641//
3642// Deletes the specified inline policy that is embedded in the specified IAM
3643// role.
3644//
3645// A role can also have managed policies attached to it. To detach a managed
3646// policy from a role, use DetachRolePolicy. For more information about policies,
3647// refer to Managed policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
3648// in the IAM User Guide.
3649//
3650// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
3651// with awserr.Error's Code and Message methods to get detailed information about
3652// the error.
3653//
3654// See the AWS API reference guide for AWS Identity and Access Management's
3655// API operation DeleteRolePolicy for usage and error information.
3656//
3657// Returned Error Codes:
3658//   * ErrCodeNoSuchEntityException "NoSuchEntity"
3659//   The request was rejected because it referenced a resource entity that does
3660//   not exist. The error message describes the resource.
3661//
3662//   * ErrCodeLimitExceededException "LimitExceeded"
3663//   The request was rejected because it attempted to create resources beyond
3664//   the current Amazon Web Services account limits. The error message describes
3665//   the limit exceeded.
3666//
3667//   * ErrCodeUnmodifiableEntityException "UnmodifiableEntity"
3668//   The request was rejected because only the service that depends on the service-linked
3669//   role can modify or delete the role on your behalf. The error message includes
3670//   the name of the service that depends on this service-linked role. You must
3671//   request the change through that service.
3672//
3673//   * ErrCodeServiceFailureException "ServiceFailure"
3674//   The request processing has failed because of an unknown error, exception
3675//   or failure.
3676//
3677// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteRolePolicy
3678func (c *IAM) DeleteRolePolicy(input *DeleteRolePolicyInput) (*DeleteRolePolicyOutput, error) {
3679	req, out := c.DeleteRolePolicyRequest(input)
3680	return out, req.Send()
3681}
3682
3683// DeleteRolePolicyWithContext is the same as DeleteRolePolicy with the addition of
3684// the ability to pass a context and additional request options.
3685//
3686// See DeleteRolePolicy for details on how to use this API operation.
3687//
3688// The context must be non-nil and will be used for request cancellation. If
3689// the context is nil a panic will occur. In the future the SDK may create
3690// sub-contexts for http.Requests. See https://golang.org/pkg/context/
3691// for more information on using Contexts.
3692func (c *IAM) DeleteRolePolicyWithContext(ctx aws.Context, input *DeleteRolePolicyInput, opts ...request.Option) (*DeleteRolePolicyOutput, error) {
3693	req, out := c.DeleteRolePolicyRequest(input)
3694	req.SetContext(ctx)
3695	req.ApplyOptions(opts...)
3696	return out, req.Send()
3697}
3698
3699const opDeleteSAMLProvider = "DeleteSAMLProvider"
3700
3701// DeleteSAMLProviderRequest generates a "aws/request.Request" representing the
3702// client's request for the DeleteSAMLProvider operation. The "output" return
3703// value will be populated with the request's response once the request completes
3704// successfully.
3705//
3706// Use "Send" method on the returned Request to send the API call to the service.
3707// the "output" return value is not valid until after Send returns without error.
3708//
3709// See DeleteSAMLProvider for more information on using the DeleteSAMLProvider
3710// API call, and error handling.
3711//
3712// This method is useful when you want to inject custom logic or configuration
3713// into the SDK's request lifecycle. Such as custom headers, or retry logic.
3714//
3715//
3716//    // Example sending a request using the DeleteSAMLProviderRequest method.
3717//    req, resp := client.DeleteSAMLProviderRequest(params)
3718//
3719//    err := req.Send()
3720//    if err == nil { // resp is now filled
3721//        fmt.Println(resp)
3722//    }
3723//
3724// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteSAMLProvider
3725func (c *IAM) DeleteSAMLProviderRequest(input *DeleteSAMLProviderInput) (req *request.Request, output *DeleteSAMLProviderOutput) {
3726	op := &request.Operation{
3727		Name:       opDeleteSAMLProvider,
3728		HTTPMethod: "POST",
3729		HTTPPath:   "/",
3730	}
3731
3732	if input == nil {
3733		input = &DeleteSAMLProviderInput{}
3734	}
3735
3736	output = &DeleteSAMLProviderOutput{}
3737	req = c.newRequest(op, input, output)
3738	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
3739	return
3740}
3741
3742// DeleteSAMLProvider API operation for AWS Identity and Access Management.
3743//
3744// Deletes a SAML provider resource in IAM.
3745//
3746// Deleting the provider resource from IAM does not update any roles that reference
3747// the SAML provider resource's ARN as a principal in their trust policies.
3748// Any attempt to assume a role that references a non-existent provider resource
3749// ARN fails.
3750//
3751// This operation requires Signature Version 4 (https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html).
3752//
3753// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
3754// with awserr.Error's Code and Message methods to get detailed information about
3755// the error.
3756//
3757// See the AWS API reference guide for AWS Identity and Access Management's
3758// API operation DeleteSAMLProvider for usage and error information.
3759//
3760// Returned Error Codes:
3761//   * ErrCodeInvalidInputException "InvalidInput"
3762//   The request was rejected because an invalid or out-of-range value was supplied
3763//   for an input parameter.
3764//
3765//   * ErrCodeLimitExceededException "LimitExceeded"
3766//   The request was rejected because it attempted to create resources beyond
3767//   the current Amazon Web Services account limits. The error message describes
3768//   the limit exceeded.
3769//
3770//   * ErrCodeNoSuchEntityException "NoSuchEntity"
3771//   The request was rejected because it referenced a resource entity that does
3772//   not exist. The error message describes the resource.
3773//
3774//   * ErrCodeServiceFailureException "ServiceFailure"
3775//   The request processing has failed because of an unknown error, exception
3776//   or failure.
3777//
3778// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteSAMLProvider
3779func (c *IAM) DeleteSAMLProvider(input *DeleteSAMLProviderInput) (*DeleteSAMLProviderOutput, error) {
3780	req, out := c.DeleteSAMLProviderRequest(input)
3781	return out, req.Send()
3782}
3783
3784// DeleteSAMLProviderWithContext is the same as DeleteSAMLProvider with the addition of
3785// the ability to pass a context and additional request options.
3786//
3787// See DeleteSAMLProvider for details on how to use this API operation.
3788//
3789// The context must be non-nil and will be used for request cancellation. If
3790// the context is nil a panic will occur. In the future the SDK may create
3791// sub-contexts for http.Requests. See https://golang.org/pkg/context/
3792// for more information on using Contexts.
3793func (c *IAM) DeleteSAMLProviderWithContext(ctx aws.Context, input *DeleteSAMLProviderInput, opts ...request.Option) (*DeleteSAMLProviderOutput, error) {
3794	req, out := c.DeleteSAMLProviderRequest(input)
3795	req.SetContext(ctx)
3796	req.ApplyOptions(opts...)
3797	return out, req.Send()
3798}
3799
3800const opDeleteSSHPublicKey = "DeleteSSHPublicKey"
3801
3802// DeleteSSHPublicKeyRequest generates a "aws/request.Request" representing the
3803// client's request for the DeleteSSHPublicKey operation. The "output" return
3804// value will be populated with the request's response once the request completes
3805// successfully.
3806//
3807// Use "Send" method on the returned Request to send the API call to the service.
3808// the "output" return value is not valid until after Send returns without error.
3809//
3810// See DeleteSSHPublicKey for more information on using the DeleteSSHPublicKey
3811// API call, and error handling.
3812//
3813// This method is useful when you want to inject custom logic or configuration
3814// into the SDK's request lifecycle. Such as custom headers, or retry logic.
3815//
3816//
3817//    // Example sending a request using the DeleteSSHPublicKeyRequest method.
3818//    req, resp := client.DeleteSSHPublicKeyRequest(params)
3819//
3820//    err := req.Send()
3821//    if err == nil { // resp is now filled
3822//        fmt.Println(resp)
3823//    }
3824//
3825// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteSSHPublicKey
3826func (c *IAM) DeleteSSHPublicKeyRequest(input *DeleteSSHPublicKeyInput) (req *request.Request, output *DeleteSSHPublicKeyOutput) {
3827	op := &request.Operation{
3828		Name:       opDeleteSSHPublicKey,
3829		HTTPMethod: "POST",
3830		HTTPPath:   "/",
3831	}
3832
3833	if input == nil {
3834		input = &DeleteSSHPublicKeyInput{}
3835	}
3836
3837	output = &DeleteSSHPublicKeyOutput{}
3838	req = c.newRequest(op, input, output)
3839	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
3840	return
3841}
3842
3843// DeleteSSHPublicKey API operation for AWS Identity and Access Management.
3844//
3845// Deletes the specified SSH public key.
3846//
3847// The SSH public key deleted by this operation is used only for authenticating
3848// the associated IAM user to an CodeCommit repository. For more information
3849// about using SSH keys to authenticate to an CodeCommit repository, see Set
3850// up CodeCommit for SSH connections (https://docs.aws.amazon.com/codecommit/latest/userguide/setting-up-credentials-ssh.html)
3851// in the CodeCommit User Guide.
3852//
3853// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
3854// with awserr.Error's Code and Message methods to get detailed information about
3855// the error.
3856//
3857// See the AWS API reference guide for AWS Identity and Access Management's
3858// API operation DeleteSSHPublicKey for usage and error information.
3859//
3860// Returned Error Codes:
3861//   * ErrCodeNoSuchEntityException "NoSuchEntity"
3862//   The request was rejected because it referenced a resource entity that does
3863//   not exist. The error message describes the resource.
3864//
3865// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteSSHPublicKey
3866func (c *IAM) DeleteSSHPublicKey(input *DeleteSSHPublicKeyInput) (*DeleteSSHPublicKeyOutput, error) {
3867	req, out := c.DeleteSSHPublicKeyRequest(input)
3868	return out, req.Send()
3869}
3870
3871// DeleteSSHPublicKeyWithContext is the same as DeleteSSHPublicKey with the addition of
3872// the ability to pass a context and additional request options.
3873//
3874// See DeleteSSHPublicKey for details on how to use this API operation.
3875//
3876// The context must be non-nil and will be used for request cancellation. If
3877// the context is nil a panic will occur. In the future the SDK may create
3878// sub-contexts for http.Requests. See https://golang.org/pkg/context/
3879// for more information on using Contexts.
3880func (c *IAM) DeleteSSHPublicKeyWithContext(ctx aws.Context, input *DeleteSSHPublicKeyInput, opts ...request.Option) (*DeleteSSHPublicKeyOutput, error) {
3881	req, out := c.DeleteSSHPublicKeyRequest(input)
3882	req.SetContext(ctx)
3883	req.ApplyOptions(opts...)
3884	return out, req.Send()
3885}
3886
3887const opDeleteServerCertificate = "DeleteServerCertificate"
3888
3889// DeleteServerCertificateRequest generates a "aws/request.Request" representing the
3890// client's request for the DeleteServerCertificate operation. The "output" return
3891// value will be populated with the request's response once the request completes
3892// successfully.
3893//
3894// Use "Send" method on the returned Request to send the API call to the service.
3895// the "output" return value is not valid until after Send returns without error.
3896//
3897// See DeleteServerCertificate for more information on using the DeleteServerCertificate
3898// API call, and error handling.
3899//
3900// This method is useful when you want to inject custom logic or configuration
3901// into the SDK's request lifecycle. Such as custom headers, or retry logic.
3902//
3903//
3904//    // Example sending a request using the DeleteServerCertificateRequest method.
3905//    req, resp := client.DeleteServerCertificateRequest(params)
3906//
3907//    err := req.Send()
3908//    if err == nil { // resp is now filled
3909//        fmt.Println(resp)
3910//    }
3911//
3912// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteServerCertificate
3913func (c *IAM) DeleteServerCertificateRequest(input *DeleteServerCertificateInput) (req *request.Request, output *DeleteServerCertificateOutput) {
3914	op := &request.Operation{
3915		Name:       opDeleteServerCertificate,
3916		HTTPMethod: "POST",
3917		HTTPPath:   "/",
3918	}
3919
3920	if input == nil {
3921		input = &DeleteServerCertificateInput{}
3922	}
3923
3924	output = &DeleteServerCertificateOutput{}
3925	req = c.newRequest(op, input, output)
3926	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
3927	return
3928}
3929
3930// DeleteServerCertificate API operation for AWS Identity and Access Management.
3931//
3932// Deletes the specified server certificate.
3933//
3934// For more information about working with server certificates, see Working
3935// with server certificates (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_server-certs.html)
3936// in the IAM User Guide. This topic also includes a list of Amazon Web Services
3937// services that can use the server certificates that you manage with IAM.
3938//
3939// If you are using a server certificate with Elastic Load Balancing, deleting
3940// the certificate could have implications for your application. If Elastic
3941// Load Balancing doesn't detect the deletion of bound certificates, it may
3942// continue to use the certificates. This could cause Elastic Load Balancing
3943// to stop accepting traffic. We recommend that you remove the reference to
3944// the certificate from Elastic Load Balancing before using this command to
3945// delete the certificate. For more information, see DeleteLoadBalancerListeners
3946// (https://docs.aws.amazon.com/ElasticLoadBalancing/latest/APIReference/API_DeleteLoadBalancerListeners.html)
3947// in the Elastic Load Balancing API Reference.
3948//
3949// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
3950// with awserr.Error's Code and Message methods to get detailed information about
3951// the error.
3952//
3953// See the AWS API reference guide for AWS Identity and Access Management's
3954// API operation DeleteServerCertificate for usage and error information.
3955//
3956// Returned Error Codes:
3957//   * ErrCodeNoSuchEntityException "NoSuchEntity"
3958//   The request was rejected because it referenced a resource entity that does
3959//   not exist. The error message describes the resource.
3960//
3961//   * ErrCodeDeleteConflictException "DeleteConflict"
3962//   The request was rejected because it attempted to delete a resource that has
3963//   attached subordinate entities. The error message describes these entities.
3964//
3965//   * ErrCodeLimitExceededException "LimitExceeded"
3966//   The request was rejected because it attempted to create resources beyond
3967//   the current Amazon Web Services account limits. The error message describes
3968//   the limit exceeded.
3969//
3970//   * ErrCodeServiceFailureException "ServiceFailure"
3971//   The request processing has failed because of an unknown error, exception
3972//   or failure.
3973//
3974// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteServerCertificate
3975func (c *IAM) DeleteServerCertificate(input *DeleteServerCertificateInput) (*DeleteServerCertificateOutput, error) {
3976	req, out := c.DeleteServerCertificateRequest(input)
3977	return out, req.Send()
3978}
3979
3980// DeleteServerCertificateWithContext is the same as DeleteServerCertificate with the addition of
3981// the ability to pass a context and additional request options.
3982//
3983// See DeleteServerCertificate for details on how to use this API operation.
3984//
3985// The context must be non-nil and will be used for request cancellation. If
3986// the context is nil a panic will occur. In the future the SDK may create
3987// sub-contexts for http.Requests. See https://golang.org/pkg/context/
3988// for more information on using Contexts.
3989func (c *IAM) DeleteServerCertificateWithContext(ctx aws.Context, input *DeleteServerCertificateInput, opts ...request.Option) (*DeleteServerCertificateOutput, error) {
3990	req, out := c.DeleteServerCertificateRequest(input)
3991	req.SetContext(ctx)
3992	req.ApplyOptions(opts...)
3993	return out, req.Send()
3994}
3995
3996const opDeleteServiceLinkedRole = "DeleteServiceLinkedRole"
3997
3998// DeleteServiceLinkedRoleRequest generates a "aws/request.Request" representing the
3999// client's request for the DeleteServiceLinkedRole operation. The "output" return
4000// value will be populated with the request's response once the request completes
4001// successfully.
4002//
4003// Use "Send" method on the returned Request to send the API call to the service.
4004// the "output" return value is not valid until after Send returns without error.
4005//
4006// See DeleteServiceLinkedRole for more information on using the DeleteServiceLinkedRole
4007// API call, and error handling.
4008//
4009// This method is useful when you want to inject custom logic or configuration
4010// into the SDK's request lifecycle. Such as custom headers, or retry logic.
4011//
4012//
4013//    // Example sending a request using the DeleteServiceLinkedRoleRequest method.
4014//    req, resp := client.DeleteServiceLinkedRoleRequest(params)
4015//
4016//    err := req.Send()
4017//    if err == nil { // resp is now filled
4018//        fmt.Println(resp)
4019//    }
4020//
4021// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteServiceLinkedRole
4022func (c *IAM) DeleteServiceLinkedRoleRequest(input *DeleteServiceLinkedRoleInput) (req *request.Request, output *DeleteServiceLinkedRoleOutput) {
4023	op := &request.Operation{
4024		Name:       opDeleteServiceLinkedRole,
4025		HTTPMethod: "POST",
4026		HTTPPath:   "/",
4027	}
4028
4029	if input == nil {
4030		input = &DeleteServiceLinkedRoleInput{}
4031	}
4032
4033	output = &DeleteServiceLinkedRoleOutput{}
4034	req = c.newRequest(op, input, output)
4035	return
4036}
4037
4038// DeleteServiceLinkedRole API operation for AWS Identity and Access Management.
4039//
4040// Submits a service-linked role deletion request and returns a DeletionTaskId,
4041// which you can use to check the status of the deletion. Before you call this
4042// operation, confirm that the role has no active sessions and that any resources
4043// used by the role in the linked service are deleted. If you call this operation
4044// more than once for the same service-linked role and an earlier deletion task
4045// is not complete, then the DeletionTaskId of the earlier request is returned.
4046//
4047// If you submit a deletion request for a service-linked role whose linked service
4048// is still accessing a resource, then the deletion task fails. If it fails,
4049// the GetServiceLinkedRoleDeletionStatus operation returns the reason for the
4050// failure, usually including the resources that must be deleted. To delete
4051// the service-linked role, you must first remove those resources from the linked
4052// service and then submit the deletion request again. Resources are specific
4053// to the service that is linked to the role. For more information about removing
4054// resources from a service, see the Amazon Web Services documentation (http://docs.aws.amazon.com/)
4055// for your service.
4056//
4057// For more information about service-linked roles, see Roles terms and concepts:
4058// Amazon Web Services service-linked role (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_terms-and-concepts.html#iam-term-service-linked-role)
4059// in the IAM User Guide.
4060//
4061// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
4062// with awserr.Error's Code and Message methods to get detailed information about
4063// the error.
4064//
4065// See the AWS API reference guide for AWS Identity and Access Management's
4066// API operation DeleteServiceLinkedRole for usage and error information.
4067//
4068// Returned Error Codes:
4069//   * ErrCodeNoSuchEntityException "NoSuchEntity"
4070//   The request was rejected because it referenced a resource entity that does
4071//   not exist. The error message describes the resource.
4072//
4073//   * ErrCodeLimitExceededException "LimitExceeded"
4074//   The request was rejected because it attempted to create resources beyond
4075//   the current Amazon Web Services account limits. The error message describes
4076//   the limit exceeded.
4077//
4078//   * ErrCodeServiceFailureException "ServiceFailure"
4079//   The request processing has failed because of an unknown error, exception
4080//   or failure.
4081//
4082// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteServiceLinkedRole
4083func (c *IAM) DeleteServiceLinkedRole(input *DeleteServiceLinkedRoleInput) (*DeleteServiceLinkedRoleOutput, error) {
4084	req, out := c.DeleteServiceLinkedRoleRequest(input)
4085	return out, req.Send()
4086}
4087
4088// DeleteServiceLinkedRoleWithContext is the same as DeleteServiceLinkedRole with the addition of
4089// the ability to pass a context and additional request options.
4090//
4091// See DeleteServiceLinkedRole for details on how to use this API operation.
4092//
4093// The context must be non-nil and will be used for request cancellation. If
4094// the context is nil a panic will occur. In the future the SDK may create
4095// sub-contexts for http.Requests. See https://golang.org/pkg/context/
4096// for more information on using Contexts.
4097func (c *IAM) DeleteServiceLinkedRoleWithContext(ctx aws.Context, input *DeleteServiceLinkedRoleInput, opts ...request.Option) (*DeleteServiceLinkedRoleOutput, error) {
4098	req, out := c.DeleteServiceLinkedRoleRequest(input)
4099	req.SetContext(ctx)
4100	req.ApplyOptions(opts...)
4101	return out, req.Send()
4102}
4103
4104const opDeleteServiceSpecificCredential = "DeleteServiceSpecificCredential"
4105
4106// DeleteServiceSpecificCredentialRequest generates a "aws/request.Request" representing the
4107// client's request for the DeleteServiceSpecificCredential operation. The "output" return
4108// value will be populated with the request's response once the request completes
4109// successfully.
4110//
4111// Use "Send" method on the returned Request to send the API call to the service.
4112// the "output" return value is not valid until after Send returns without error.
4113//
4114// See DeleteServiceSpecificCredential for more information on using the DeleteServiceSpecificCredential
4115// API call, and error handling.
4116//
4117// This method is useful when you want to inject custom logic or configuration
4118// into the SDK's request lifecycle. Such as custom headers, or retry logic.
4119//
4120//
4121//    // Example sending a request using the DeleteServiceSpecificCredentialRequest method.
4122//    req, resp := client.DeleteServiceSpecificCredentialRequest(params)
4123//
4124//    err := req.Send()
4125//    if err == nil { // resp is now filled
4126//        fmt.Println(resp)
4127//    }
4128//
4129// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteServiceSpecificCredential
4130func (c *IAM) DeleteServiceSpecificCredentialRequest(input *DeleteServiceSpecificCredentialInput) (req *request.Request, output *DeleteServiceSpecificCredentialOutput) {
4131	op := &request.Operation{
4132		Name:       opDeleteServiceSpecificCredential,
4133		HTTPMethod: "POST",
4134		HTTPPath:   "/",
4135	}
4136
4137	if input == nil {
4138		input = &DeleteServiceSpecificCredentialInput{}
4139	}
4140
4141	output = &DeleteServiceSpecificCredentialOutput{}
4142	req = c.newRequest(op, input, output)
4143	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
4144	return
4145}
4146
4147// DeleteServiceSpecificCredential API operation for AWS Identity and Access Management.
4148//
4149// Deletes the specified service-specific credential.
4150//
4151// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
4152// with awserr.Error's Code and Message methods to get detailed information about
4153// the error.
4154//
4155// See the AWS API reference guide for AWS Identity and Access Management's
4156// API operation DeleteServiceSpecificCredential for usage and error information.
4157//
4158// Returned Error Codes:
4159//   * ErrCodeNoSuchEntityException "NoSuchEntity"
4160//   The request was rejected because it referenced a resource entity that does
4161//   not exist. The error message describes the resource.
4162//
4163// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteServiceSpecificCredential
4164func (c *IAM) DeleteServiceSpecificCredential(input *DeleteServiceSpecificCredentialInput) (*DeleteServiceSpecificCredentialOutput, error) {
4165	req, out := c.DeleteServiceSpecificCredentialRequest(input)
4166	return out, req.Send()
4167}
4168
4169// DeleteServiceSpecificCredentialWithContext is the same as DeleteServiceSpecificCredential with the addition of
4170// the ability to pass a context and additional request options.
4171//
4172// See DeleteServiceSpecificCredential for details on how to use this API operation.
4173//
4174// The context must be non-nil and will be used for request cancellation. If
4175// the context is nil a panic will occur. In the future the SDK may create
4176// sub-contexts for http.Requests. See https://golang.org/pkg/context/
4177// for more information on using Contexts.
4178func (c *IAM) DeleteServiceSpecificCredentialWithContext(ctx aws.Context, input *DeleteServiceSpecificCredentialInput, opts ...request.Option) (*DeleteServiceSpecificCredentialOutput, error) {
4179	req, out := c.DeleteServiceSpecificCredentialRequest(input)
4180	req.SetContext(ctx)
4181	req.ApplyOptions(opts...)
4182	return out, req.Send()
4183}
4184
4185const opDeleteSigningCertificate = "DeleteSigningCertificate"
4186
4187// DeleteSigningCertificateRequest generates a "aws/request.Request" representing the
4188// client's request for the DeleteSigningCertificate operation. The "output" return
4189// value will be populated with the request's response once the request completes
4190// successfully.
4191//
4192// Use "Send" method on the returned Request to send the API call to the service.
4193// the "output" return value is not valid until after Send returns without error.
4194//
4195// See DeleteSigningCertificate for more information on using the DeleteSigningCertificate
4196// API call, and error handling.
4197//
4198// This method is useful when you want to inject custom logic or configuration
4199// into the SDK's request lifecycle. Such as custom headers, or retry logic.
4200//
4201//
4202//    // Example sending a request using the DeleteSigningCertificateRequest method.
4203//    req, resp := client.DeleteSigningCertificateRequest(params)
4204//
4205//    err := req.Send()
4206//    if err == nil { // resp is now filled
4207//        fmt.Println(resp)
4208//    }
4209//
4210// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteSigningCertificate
4211func (c *IAM) DeleteSigningCertificateRequest(input *DeleteSigningCertificateInput) (req *request.Request, output *DeleteSigningCertificateOutput) {
4212	op := &request.Operation{
4213		Name:       opDeleteSigningCertificate,
4214		HTTPMethod: "POST",
4215		HTTPPath:   "/",
4216	}
4217
4218	if input == nil {
4219		input = &DeleteSigningCertificateInput{}
4220	}
4221
4222	output = &DeleteSigningCertificateOutput{}
4223	req = c.newRequest(op, input, output)
4224	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
4225	return
4226}
4227
4228// DeleteSigningCertificate API operation for AWS Identity and Access Management.
4229//
4230// Deletes a signing certificate associated with the specified IAM user.
4231//
4232// If you do not specify a user name, IAM determines the user name implicitly
4233// based on the Amazon Web Services access key ID signing the request. This
4234// operation works for access keys under the Amazon Web Services account. Consequently,
4235// you can use this operation to manage Amazon Web Services account root user
4236// credentials even if the Amazon Web Services account has no associated IAM
4237// users.
4238//
4239// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
4240// with awserr.Error's Code and Message methods to get detailed information about
4241// the error.
4242//
4243// See the AWS API reference guide for AWS Identity and Access Management's
4244// API operation DeleteSigningCertificate for usage and error information.
4245//
4246// Returned Error Codes:
4247//   * ErrCodeNoSuchEntityException "NoSuchEntity"
4248//   The request was rejected because it referenced a resource entity that does
4249//   not exist. The error message describes the resource.
4250//
4251//   * ErrCodeLimitExceededException "LimitExceeded"
4252//   The request was rejected because it attempted to create resources beyond
4253//   the current Amazon Web Services account limits. The error message describes
4254//   the limit exceeded.
4255//
4256//   * ErrCodeServiceFailureException "ServiceFailure"
4257//   The request processing has failed because of an unknown error, exception
4258//   or failure.
4259//
4260// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteSigningCertificate
4261func (c *IAM) DeleteSigningCertificate(input *DeleteSigningCertificateInput) (*DeleteSigningCertificateOutput, error) {
4262	req, out := c.DeleteSigningCertificateRequest(input)
4263	return out, req.Send()
4264}
4265
4266// DeleteSigningCertificateWithContext is the same as DeleteSigningCertificate with the addition of
4267// the ability to pass a context and additional request options.
4268//
4269// See DeleteSigningCertificate for details on how to use this API operation.
4270//
4271// The context must be non-nil and will be used for request cancellation. If
4272// the context is nil a panic will occur. In the future the SDK may create
4273// sub-contexts for http.Requests. See https://golang.org/pkg/context/
4274// for more information on using Contexts.
4275func (c *IAM) DeleteSigningCertificateWithContext(ctx aws.Context, input *DeleteSigningCertificateInput, opts ...request.Option) (*DeleteSigningCertificateOutput, error) {
4276	req, out := c.DeleteSigningCertificateRequest(input)
4277	req.SetContext(ctx)
4278	req.ApplyOptions(opts...)
4279	return out, req.Send()
4280}
4281
4282const opDeleteUser = "DeleteUser"
4283
4284// DeleteUserRequest generates a "aws/request.Request" representing the
4285// client's request for the DeleteUser operation. The "output" return
4286// value will be populated with the request's response once the request completes
4287// successfully.
4288//
4289// Use "Send" method on the returned Request to send the API call to the service.
4290// the "output" return value is not valid until after Send returns without error.
4291//
4292// See DeleteUser for more information on using the DeleteUser
4293// API call, and error handling.
4294//
4295// This method is useful when you want to inject custom logic or configuration
4296// into the SDK's request lifecycle. Such as custom headers, or retry logic.
4297//
4298//
4299//    // Example sending a request using the DeleteUserRequest method.
4300//    req, resp := client.DeleteUserRequest(params)
4301//
4302//    err := req.Send()
4303//    if err == nil { // resp is now filled
4304//        fmt.Println(resp)
4305//    }
4306//
4307// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteUser
4308func (c *IAM) DeleteUserRequest(input *DeleteUserInput) (req *request.Request, output *DeleteUserOutput) {
4309	op := &request.Operation{
4310		Name:       opDeleteUser,
4311		HTTPMethod: "POST",
4312		HTTPPath:   "/",
4313	}
4314
4315	if input == nil {
4316		input = &DeleteUserInput{}
4317	}
4318
4319	output = &DeleteUserOutput{}
4320	req = c.newRequest(op, input, output)
4321	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
4322	return
4323}
4324
4325// DeleteUser API operation for AWS Identity and Access Management.
4326//
4327// Deletes the specified IAM user. Unlike the Amazon Web Services Management
4328// Console, when you delete a user programmatically, you must delete the items
4329// attached to the user manually, or the deletion fails. For more information,
4330// see Deleting an IAM user (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_users_manage.html#id_users_deleting_cli).
4331// Before attempting to delete a user, remove the following items:
4332//
4333//    * Password (DeleteLoginProfile)
4334//
4335//    * Access keys (DeleteAccessKey)
4336//
4337//    * Signing certificate (DeleteSigningCertificate)
4338//
4339//    * SSH public key (DeleteSSHPublicKey)
4340//
4341//    * Git credentials (DeleteServiceSpecificCredential)
4342//
4343//    * Multi-factor authentication (MFA) device (DeactivateMFADevice, DeleteVirtualMFADevice)
4344//
4345//    * Inline policies (DeleteUserPolicy)
4346//
4347//    * Attached managed policies (DetachUserPolicy)
4348//
4349//    * Group memberships (RemoveUserFromGroup)
4350//
4351// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
4352// with awserr.Error's Code and Message methods to get detailed information about
4353// the error.
4354//
4355// See the AWS API reference guide for AWS Identity and Access Management's
4356// API operation DeleteUser for usage and error information.
4357//
4358// Returned Error Codes:
4359//   * ErrCodeLimitExceededException "LimitExceeded"
4360//   The request was rejected because it attempted to create resources beyond
4361//   the current Amazon Web Services account limits. The error message describes
4362//   the limit exceeded.
4363//
4364//   * ErrCodeNoSuchEntityException "NoSuchEntity"
4365//   The request was rejected because it referenced a resource entity that does
4366//   not exist. The error message describes the resource.
4367//
4368//   * ErrCodeDeleteConflictException "DeleteConflict"
4369//   The request was rejected because it attempted to delete a resource that has
4370//   attached subordinate entities. The error message describes these entities.
4371//
4372//   * ErrCodeConcurrentModificationException "ConcurrentModification"
4373//   The request was rejected because multiple requests to change this object
4374//   were submitted simultaneously. Wait a few minutes and submit your request
4375//   again.
4376//
4377//   * ErrCodeServiceFailureException "ServiceFailure"
4378//   The request processing has failed because of an unknown error, exception
4379//   or failure.
4380//
4381// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteUser
4382func (c *IAM) DeleteUser(input *DeleteUserInput) (*DeleteUserOutput, error) {
4383	req, out := c.DeleteUserRequest(input)
4384	return out, req.Send()
4385}
4386
4387// DeleteUserWithContext is the same as DeleteUser with the addition of
4388// the ability to pass a context and additional request options.
4389//
4390// See DeleteUser for details on how to use this API operation.
4391//
4392// The context must be non-nil and will be used for request cancellation. If
4393// the context is nil a panic will occur. In the future the SDK may create
4394// sub-contexts for http.Requests. See https://golang.org/pkg/context/
4395// for more information on using Contexts.
4396func (c *IAM) DeleteUserWithContext(ctx aws.Context, input *DeleteUserInput, opts ...request.Option) (*DeleteUserOutput, error) {
4397	req, out := c.DeleteUserRequest(input)
4398	req.SetContext(ctx)
4399	req.ApplyOptions(opts...)
4400	return out, req.Send()
4401}
4402
4403const opDeleteUserPermissionsBoundary = "DeleteUserPermissionsBoundary"
4404
4405// DeleteUserPermissionsBoundaryRequest generates a "aws/request.Request" representing the
4406// client's request for the DeleteUserPermissionsBoundary operation. The "output" return
4407// value will be populated with the request's response once the request completes
4408// successfully.
4409//
4410// Use "Send" method on the returned Request to send the API call to the service.
4411// the "output" return value is not valid until after Send returns without error.
4412//
4413// See DeleteUserPermissionsBoundary for more information on using the DeleteUserPermissionsBoundary
4414// API call, and error handling.
4415//
4416// This method is useful when you want to inject custom logic or configuration
4417// into the SDK's request lifecycle. Such as custom headers, or retry logic.
4418//
4419//
4420//    // Example sending a request using the DeleteUserPermissionsBoundaryRequest method.
4421//    req, resp := client.DeleteUserPermissionsBoundaryRequest(params)
4422//
4423//    err := req.Send()
4424//    if err == nil { // resp is now filled
4425//        fmt.Println(resp)
4426//    }
4427//
4428// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteUserPermissionsBoundary
4429func (c *IAM) DeleteUserPermissionsBoundaryRequest(input *DeleteUserPermissionsBoundaryInput) (req *request.Request, output *DeleteUserPermissionsBoundaryOutput) {
4430	op := &request.Operation{
4431		Name:       opDeleteUserPermissionsBoundary,
4432		HTTPMethod: "POST",
4433		HTTPPath:   "/",
4434	}
4435
4436	if input == nil {
4437		input = &DeleteUserPermissionsBoundaryInput{}
4438	}
4439
4440	output = &DeleteUserPermissionsBoundaryOutput{}
4441	req = c.newRequest(op, input, output)
4442	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
4443	return
4444}
4445
4446// DeleteUserPermissionsBoundary API operation for AWS Identity and Access Management.
4447//
4448// Deletes the permissions boundary for the specified IAM user.
4449//
4450// Deleting the permissions boundary for a user might increase its permissions
4451// by allowing the user to perform all the actions granted in its permissions
4452// policies.
4453//
4454// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
4455// with awserr.Error's Code and Message methods to get detailed information about
4456// the error.
4457//
4458// See the AWS API reference guide for AWS Identity and Access Management's
4459// API operation DeleteUserPermissionsBoundary for usage and error information.
4460//
4461// Returned Error Codes:
4462//   * ErrCodeNoSuchEntityException "NoSuchEntity"
4463//   The request was rejected because it referenced a resource entity that does
4464//   not exist. The error message describes the resource.
4465//
4466//   * ErrCodeServiceFailureException "ServiceFailure"
4467//   The request processing has failed because of an unknown error, exception
4468//   or failure.
4469//
4470// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteUserPermissionsBoundary
4471func (c *IAM) DeleteUserPermissionsBoundary(input *DeleteUserPermissionsBoundaryInput) (*DeleteUserPermissionsBoundaryOutput, error) {
4472	req, out := c.DeleteUserPermissionsBoundaryRequest(input)
4473	return out, req.Send()
4474}
4475
4476// DeleteUserPermissionsBoundaryWithContext is the same as DeleteUserPermissionsBoundary with the addition of
4477// the ability to pass a context and additional request options.
4478//
4479// See DeleteUserPermissionsBoundary for details on how to use this API operation.
4480//
4481// The context must be non-nil and will be used for request cancellation. If
4482// the context is nil a panic will occur. In the future the SDK may create
4483// sub-contexts for http.Requests. See https://golang.org/pkg/context/
4484// for more information on using Contexts.
4485func (c *IAM) DeleteUserPermissionsBoundaryWithContext(ctx aws.Context, input *DeleteUserPermissionsBoundaryInput, opts ...request.Option) (*DeleteUserPermissionsBoundaryOutput, error) {
4486	req, out := c.DeleteUserPermissionsBoundaryRequest(input)
4487	req.SetContext(ctx)
4488	req.ApplyOptions(opts...)
4489	return out, req.Send()
4490}
4491
4492const opDeleteUserPolicy = "DeleteUserPolicy"
4493
4494// DeleteUserPolicyRequest generates a "aws/request.Request" representing the
4495// client's request for the DeleteUserPolicy operation. The "output" return
4496// value will be populated with the request's response once the request completes
4497// successfully.
4498//
4499// Use "Send" method on the returned Request to send the API call to the service.
4500// the "output" return value is not valid until after Send returns without error.
4501//
4502// See DeleteUserPolicy for more information on using the DeleteUserPolicy
4503// API call, and error handling.
4504//
4505// This method is useful when you want to inject custom logic or configuration
4506// into the SDK's request lifecycle. Such as custom headers, or retry logic.
4507//
4508//
4509//    // Example sending a request using the DeleteUserPolicyRequest method.
4510//    req, resp := client.DeleteUserPolicyRequest(params)
4511//
4512//    err := req.Send()
4513//    if err == nil { // resp is now filled
4514//        fmt.Println(resp)
4515//    }
4516//
4517// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteUserPolicy
4518func (c *IAM) DeleteUserPolicyRequest(input *DeleteUserPolicyInput) (req *request.Request, output *DeleteUserPolicyOutput) {
4519	op := &request.Operation{
4520		Name:       opDeleteUserPolicy,
4521		HTTPMethod: "POST",
4522		HTTPPath:   "/",
4523	}
4524
4525	if input == nil {
4526		input = &DeleteUserPolicyInput{}
4527	}
4528
4529	output = &DeleteUserPolicyOutput{}
4530	req = c.newRequest(op, input, output)
4531	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
4532	return
4533}
4534
4535// DeleteUserPolicy API operation for AWS Identity and Access Management.
4536//
4537// Deletes the specified inline policy that is embedded in the specified IAM
4538// user.
4539//
4540// A user can also have managed policies attached to it. To detach a managed
4541// policy from a user, use DetachUserPolicy. For more information about policies,
4542// refer to Managed policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
4543// in the IAM User Guide.
4544//
4545// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
4546// with awserr.Error's Code and Message methods to get detailed information about
4547// the error.
4548//
4549// See the AWS API reference guide for AWS Identity and Access Management's
4550// API operation DeleteUserPolicy for usage and error information.
4551//
4552// Returned Error Codes:
4553//   * ErrCodeNoSuchEntityException "NoSuchEntity"
4554//   The request was rejected because it referenced a resource entity that does
4555//   not exist. The error message describes the resource.
4556//
4557//   * ErrCodeLimitExceededException "LimitExceeded"
4558//   The request was rejected because it attempted to create resources beyond
4559//   the current Amazon Web Services account limits. The error message describes
4560//   the limit exceeded.
4561//
4562//   * ErrCodeServiceFailureException "ServiceFailure"
4563//   The request processing has failed because of an unknown error, exception
4564//   or failure.
4565//
4566// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteUserPolicy
4567func (c *IAM) DeleteUserPolicy(input *DeleteUserPolicyInput) (*DeleteUserPolicyOutput, error) {
4568	req, out := c.DeleteUserPolicyRequest(input)
4569	return out, req.Send()
4570}
4571
4572// DeleteUserPolicyWithContext is the same as DeleteUserPolicy with the addition of
4573// the ability to pass a context and additional request options.
4574//
4575// See DeleteUserPolicy for details on how to use this API operation.
4576//
4577// The context must be non-nil and will be used for request cancellation. If
4578// the context is nil a panic will occur. In the future the SDK may create
4579// sub-contexts for http.Requests. See https://golang.org/pkg/context/
4580// for more information on using Contexts.
4581func (c *IAM) DeleteUserPolicyWithContext(ctx aws.Context, input *DeleteUserPolicyInput, opts ...request.Option) (*DeleteUserPolicyOutput, error) {
4582	req, out := c.DeleteUserPolicyRequest(input)
4583	req.SetContext(ctx)
4584	req.ApplyOptions(opts...)
4585	return out, req.Send()
4586}
4587
4588const opDeleteVirtualMFADevice = "DeleteVirtualMFADevice"
4589
4590// DeleteVirtualMFADeviceRequest generates a "aws/request.Request" representing the
4591// client's request for the DeleteVirtualMFADevice operation. The "output" return
4592// value will be populated with the request's response once the request completes
4593// successfully.
4594//
4595// Use "Send" method on the returned Request to send the API call to the service.
4596// the "output" return value is not valid until after Send returns without error.
4597//
4598// See DeleteVirtualMFADevice for more information on using the DeleteVirtualMFADevice
4599// API call, and error handling.
4600//
4601// This method is useful when you want to inject custom logic or configuration
4602// into the SDK's request lifecycle. Such as custom headers, or retry logic.
4603//
4604//
4605//    // Example sending a request using the DeleteVirtualMFADeviceRequest method.
4606//    req, resp := client.DeleteVirtualMFADeviceRequest(params)
4607//
4608//    err := req.Send()
4609//    if err == nil { // resp is now filled
4610//        fmt.Println(resp)
4611//    }
4612//
4613// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteVirtualMFADevice
4614func (c *IAM) DeleteVirtualMFADeviceRequest(input *DeleteVirtualMFADeviceInput) (req *request.Request, output *DeleteVirtualMFADeviceOutput) {
4615	op := &request.Operation{
4616		Name:       opDeleteVirtualMFADevice,
4617		HTTPMethod: "POST",
4618		HTTPPath:   "/",
4619	}
4620
4621	if input == nil {
4622		input = &DeleteVirtualMFADeviceInput{}
4623	}
4624
4625	output = &DeleteVirtualMFADeviceOutput{}
4626	req = c.newRequest(op, input, output)
4627	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
4628	return
4629}
4630
4631// DeleteVirtualMFADevice API operation for AWS Identity and Access Management.
4632//
4633// Deletes a virtual MFA device.
4634//
4635// You must deactivate a user's virtual MFA device before you can delete it.
4636// For information about deactivating MFA devices, see DeactivateMFADevice.
4637//
4638// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
4639// with awserr.Error's Code and Message methods to get detailed information about
4640// the error.
4641//
4642// See the AWS API reference guide for AWS Identity and Access Management's
4643// API operation DeleteVirtualMFADevice for usage and error information.
4644//
4645// Returned Error Codes:
4646//   * ErrCodeNoSuchEntityException "NoSuchEntity"
4647//   The request was rejected because it referenced a resource entity that does
4648//   not exist. The error message describes the resource.
4649//
4650//   * ErrCodeDeleteConflictException "DeleteConflict"
4651//   The request was rejected because it attempted to delete a resource that has
4652//   attached subordinate entities. The error message describes these entities.
4653//
4654//   * ErrCodeLimitExceededException "LimitExceeded"
4655//   The request was rejected because it attempted to create resources beyond
4656//   the current Amazon Web Services account limits. The error message describes
4657//   the limit exceeded.
4658//
4659//   * ErrCodeServiceFailureException "ServiceFailure"
4660//   The request processing has failed because of an unknown error, exception
4661//   or failure.
4662//
4663// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteVirtualMFADevice
4664func (c *IAM) DeleteVirtualMFADevice(input *DeleteVirtualMFADeviceInput) (*DeleteVirtualMFADeviceOutput, error) {
4665	req, out := c.DeleteVirtualMFADeviceRequest(input)
4666	return out, req.Send()
4667}
4668
4669// DeleteVirtualMFADeviceWithContext is the same as DeleteVirtualMFADevice with the addition of
4670// the ability to pass a context and additional request options.
4671//
4672// See DeleteVirtualMFADevice for details on how to use this API operation.
4673//
4674// The context must be non-nil and will be used for request cancellation. If
4675// the context is nil a panic will occur. In the future the SDK may create
4676// sub-contexts for http.Requests. See https://golang.org/pkg/context/
4677// for more information on using Contexts.
4678func (c *IAM) DeleteVirtualMFADeviceWithContext(ctx aws.Context, input *DeleteVirtualMFADeviceInput, opts ...request.Option) (*DeleteVirtualMFADeviceOutput, error) {
4679	req, out := c.DeleteVirtualMFADeviceRequest(input)
4680	req.SetContext(ctx)
4681	req.ApplyOptions(opts...)
4682	return out, req.Send()
4683}
4684
4685const opDetachGroupPolicy = "DetachGroupPolicy"
4686
4687// DetachGroupPolicyRequest generates a "aws/request.Request" representing the
4688// client's request for the DetachGroupPolicy operation. The "output" return
4689// value will be populated with the request's response once the request completes
4690// successfully.
4691//
4692// Use "Send" method on the returned Request to send the API call to the service.
4693// the "output" return value is not valid until after Send returns without error.
4694//
4695// See DetachGroupPolicy for more information on using the DetachGroupPolicy
4696// API call, and error handling.
4697//
4698// This method is useful when you want to inject custom logic or configuration
4699// into the SDK's request lifecycle. Such as custom headers, or retry logic.
4700//
4701//
4702//    // Example sending a request using the DetachGroupPolicyRequest method.
4703//    req, resp := client.DetachGroupPolicyRequest(params)
4704//
4705//    err := req.Send()
4706//    if err == nil { // resp is now filled
4707//        fmt.Println(resp)
4708//    }
4709//
4710// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DetachGroupPolicy
4711func (c *IAM) DetachGroupPolicyRequest(input *DetachGroupPolicyInput) (req *request.Request, output *DetachGroupPolicyOutput) {
4712	op := &request.Operation{
4713		Name:       opDetachGroupPolicy,
4714		HTTPMethod: "POST",
4715		HTTPPath:   "/",
4716	}
4717
4718	if input == nil {
4719		input = &DetachGroupPolicyInput{}
4720	}
4721
4722	output = &DetachGroupPolicyOutput{}
4723	req = c.newRequest(op, input, output)
4724	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
4725	return
4726}
4727
4728// DetachGroupPolicy API operation for AWS Identity and Access Management.
4729//
4730// Removes the specified managed policy from the specified IAM group.
4731//
4732// A group can also have inline policies embedded with it. To delete an inline
4733// policy, use DeleteGroupPolicy. For information about policies, see Managed
4734// policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
4735// in the IAM User Guide.
4736//
4737// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
4738// with awserr.Error's Code and Message methods to get detailed information about
4739// the error.
4740//
4741// See the AWS API reference guide for AWS Identity and Access Management's
4742// API operation DetachGroupPolicy for usage and error information.
4743//
4744// Returned Error Codes:
4745//   * ErrCodeNoSuchEntityException "NoSuchEntity"
4746//   The request was rejected because it referenced a resource entity that does
4747//   not exist. The error message describes the resource.
4748//
4749//   * ErrCodeLimitExceededException "LimitExceeded"
4750//   The request was rejected because it attempted to create resources beyond
4751//   the current Amazon Web Services account limits. The error message describes
4752//   the limit exceeded.
4753//
4754//   * ErrCodeInvalidInputException "InvalidInput"
4755//   The request was rejected because an invalid or out-of-range value was supplied
4756//   for an input parameter.
4757//
4758//   * ErrCodeServiceFailureException "ServiceFailure"
4759//   The request processing has failed because of an unknown error, exception
4760//   or failure.
4761//
4762// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DetachGroupPolicy
4763func (c *IAM) DetachGroupPolicy(input *DetachGroupPolicyInput) (*DetachGroupPolicyOutput, error) {
4764	req, out := c.DetachGroupPolicyRequest(input)
4765	return out, req.Send()
4766}
4767
4768// DetachGroupPolicyWithContext is the same as DetachGroupPolicy with the addition of
4769// the ability to pass a context and additional request options.
4770//
4771// See DetachGroupPolicy for details on how to use this API operation.
4772//
4773// The context must be non-nil and will be used for request cancellation. If
4774// the context is nil a panic will occur. In the future the SDK may create
4775// sub-contexts for http.Requests. See https://golang.org/pkg/context/
4776// for more information on using Contexts.
4777func (c *IAM) DetachGroupPolicyWithContext(ctx aws.Context, input *DetachGroupPolicyInput, opts ...request.Option) (*DetachGroupPolicyOutput, error) {
4778	req, out := c.DetachGroupPolicyRequest(input)
4779	req.SetContext(ctx)
4780	req.ApplyOptions(opts...)
4781	return out, req.Send()
4782}
4783
4784const opDetachRolePolicy = "DetachRolePolicy"
4785
4786// DetachRolePolicyRequest generates a "aws/request.Request" representing the
4787// client's request for the DetachRolePolicy operation. The "output" return
4788// value will be populated with the request's response once the request completes
4789// successfully.
4790//
4791// Use "Send" method on the returned Request to send the API call to the service.
4792// the "output" return value is not valid until after Send returns without error.
4793//
4794// See DetachRolePolicy for more information on using the DetachRolePolicy
4795// API call, and error handling.
4796//
4797// This method is useful when you want to inject custom logic or configuration
4798// into the SDK's request lifecycle. Such as custom headers, or retry logic.
4799//
4800//
4801//    // Example sending a request using the DetachRolePolicyRequest method.
4802//    req, resp := client.DetachRolePolicyRequest(params)
4803//
4804//    err := req.Send()
4805//    if err == nil { // resp is now filled
4806//        fmt.Println(resp)
4807//    }
4808//
4809// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DetachRolePolicy
4810func (c *IAM) DetachRolePolicyRequest(input *DetachRolePolicyInput) (req *request.Request, output *DetachRolePolicyOutput) {
4811	op := &request.Operation{
4812		Name:       opDetachRolePolicy,
4813		HTTPMethod: "POST",
4814		HTTPPath:   "/",
4815	}
4816
4817	if input == nil {
4818		input = &DetachRolePolicyInput{}
4819	}
4820
4821	output = &DetachRolePolicyOutput{}
4822	req = c.newRequest(op, input, output)
4823	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
4824	return
4825}
4826
4827// DetachRolePolicy API operation for AWS Identity and Access Management.
4828//
4829// Removes the specified managed policy from the specified role.
4830//
4831// A role can also have inline policies embedded with it. To delete an inline
4832// policy, use DeleteRolePolicy. For information about policies, see Managed
4833// policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
4834// in the IAM User Guide.
4835//
4836// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
4837// with awserr.Error's Code and Message methods to get detailed information about
4838// the error.
4839//
4840// See the AWS API reference guide for AWS Identity and Access Management's
4841// API operation DetachRolePolicy for usage and error information.
4842//
4843// Returned Error Codes:
4844//   * ErrCodeNoSuchEntityException "NoSuchEntity"
4845//   The request was rejected because it referenced a resource entity that does
4846//   not exist. The error message describes the resource.
4847//
4848//   * ErrCodeLimitExceededException "LimitExceeded"
4849//   The request was rejected because it attempted to create resources beyond
4850//   the current Amazon Web Services account limits. The error message describes
4851//   the limit exceeded.
4852//
4853//   * ErrCodeInvalidInputException "InvalidInput"
4854//   The request was rejected because an invalid or out-of-range value was supplied
4855//   for an input parameter.
4856//
4857//   * ErrCodeUnmodifiableEntityException "UnmodifiableEntity"
4858//   The request was rejected because only the service that depends on the service-linked
4859//   role can modify or delete the role on your behalf. The error message includes
4860//   the name of the service that depends on this service-linked role. You must
4861//   request the change through that service.
4862//
4863//   * ErrCodeServiceFailureException "ServiceFailure"
4864//   The request processing has failed because of an unknown error, exception
4865//   or failure.
4866//
4867// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DetachRolePolicy
4868func (c *IAM) DetachRolePolicy(input *DetachRolePolicyInput) (*DetachRolePolicyOutput, error) {
4869	req, out := c.DetachRolePolicyRequest(input)
4870	return out, req.Send()
4871}
4872
4873// DetachRolePolicyWithContext is the same as DetachRolePolicy with the addition of
4874// the ability to pass a context and additional request options.
4875//
4876// See DetachRolePolicy for details on how to use this API operation.
4877//
4878// The context must be non-nil and will be used for request cancellation. If
4879// the context is nil a panic will occur. In the future the SDK may create
4880// sub-contexts for http.Requests. See https://golang.org/pkg/context/
4881// for more information on using Contexts.
4882func (c *IAM) DetachRolePolicyWithContext(ctx aws.Context, input *DetachRolePolicyInput, opts ...request.Option) (*DetachRolePolicyOutput, error) {
4883	req, out := c.DetachRolePolicyRequest(input)
4884	req.SetContext(ctx)
4885	req.ApplyOptions(opts...)
4886	return out, req.Send()
4887}
4888
4889const opDetachUserPolicy = "DetachUserPolicy"
4890
4891// DetachUserPolicyRequest generates a "aws/request.Request" representing the
4892// client's request for the DetachUserPolicy operation. The "output" return
4893// value will be populated with the request's response once the request completes
4894// successfully.
4895//
4896// Use "Send" method on the returned Request to send the API call to the service.
4897// the "output" return value is not valid until after Send returns without error.
4898//
4899// See DetachUserPolicy for more information on using the DetachUserPolicy
4900// API call, and error handling.
4901//
4902// This method is useful when you want to inject custom logic or configuration
4903// into the SDK's request lifecycle. Such as custom headers, or retry logic.
4904//
4905//
4906//    // Example sending a request using the DetachUserPolicyRequest method.
4907//    req, resp := client.DetachUserPolicyRequest(params)
4908//
4909//    err := req.Send()
4910//    if err == nil { // resp is now filled
4911//        fmt.Println(resp)
4912//    }
4913//
4914// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DetachUserPolicy
4915func (c *IAM) DetachUserPolicyRequest(input *DetachUserPolicyInput) (req *request.Request, output *DetachUserPolicyOutput) {
4916	op := &request.Operation{
4917		Name:       opDetachUserPolicy,
4918		HTTPMethod: "POST",
4919		HTTPPath:   "/",
4920	}
4921
4922	if input == nil {
4923		input = &DetachUserPolicyInput{}
4924	}
4925
4926	output = &DetachUserPolicyOutput{}
4927	req = c.newRequest(op, input, output)
4928	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
4929	return
4930}
4931
4932// DetachUserPolicy API operation for AWS Identity and Access Management.
4933//
4934// Removes the specified managed policy from the specified user.
4935//
4936// A user can also have inline policies embedded with it. To delete an inline
4937// policy, use DeleteUserPolicy. For information about policies, see Managed
4938// policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
4939// in the IAM User Guide.
4940//
4941// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
4942// with awserr.Error's Code and Message methods to get detailed information about
4943// the error.
4944//
4945// See the AWS API reference guide for AWS Identity and Access Management's
4946// API operation DetachUserPolicy for usage and error information.
4947//
4948// Returned Error Codes:
4949//   * ErrCodeNoSuchEntityException "NoSuchEntity"
4950//   The request was rejected because it referenced a resource entity that does
4951//   not exist. The error message describes the resource.
4952//
4953//   * ErrCodeLimitExceededException "LimitExceeded"
4954//   The request was rejected because it attempted to create resources beyond
4955//   the current Amazon Web Services account limits. The error message describes
4956//   the limit exceeded.
4957//
4958//   * ErrCodeInvalidInputException "InvalidInput"
4959//   The request was rejected because an invalid or out-of-range value was supplied
4960//   for an input parameter.
4961//
4962//   * ErrCodeServiceFailureException "ServiceFailure"
4963//   The request processing has failed because of an unknown error, exception
4964//   or failure.
4965//
4966// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DetachUserPolicy
4967func (c *IAM) DetachUserPolicy(input *DetachUserPolicyInput) (*DetachUserPolicyOutput, error) {
4968	req, out := c.DetachUserPolicyRequest(input)
4969	return out, req.Send()
4970}
4971
4972// DetachUserPolicyWithContext is the same as DetachUserPolicy with the addition of
4973// the ability to pass a context and additional request options.
4974//
4975// See DetachUserPolicy for details on how to use this API operation.
4976//
4977// The context must be non-nil and will be used for request cancellation. If
4978// the context is nil a panic will occur. In the future the SDK may create
4979// sub-contexts for http.Requests. See https://golang.org/pkg/context/
4980// for more information on using Contexts.
4981func (c *IAM) DetachUserPolicyWithContext(ctx aws.Context, input *DetachUserPolicyInput, opts ...request.Option) (*DetachUserPolicyOutput, error) {
4982	req, out := c.DetachUserPolicyRequest(input)
4983	req.SetContext(ctx)
4984	req.ApplyOptions(opts...)
4985	return out, req.Send()
4986}
4987
4988const opEnableMFADevice = "EnableMFADevice"
4989
4990// EnableMFADeviceRequest generates a "aws/request.Request" representing the
4991// client's request for the EnableMFADevice operation. The "output" return
4992// value will be populated with the request's response once the request completes
4993// successfully.
4994//
4995// Use "Send" method on the returned Request to send the API call to the service.
4996// the "output" return value is not valid until after Send returns without error.
4997//
4998// See EnableMFADevice for more information on using the EnableMFADevice
4999// API call, and error handling.
5000//
5001// This method is useful when you want to inject custom logic or configuration
5002// into the SDK's request lifecycle. Such as custom headers, or retry logic.
5003//
5004//
5005//    // Example sending a request using the EnableMFADeviceRequest method.
5006//    req, resp := client.EnableMFADeviceRequest(params)
5007//
5008//    err := req.Send()
5009//    if err == nil { // resp is now filled
5010//        fmt.Println(resp)
5011//    }
5012//
5013// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/EnableMFADevice
5014func (c *IAM) EnableMFADeviceRequest(input *EnableMFADeviceInput) (req *request.Request, output *EnableMFADeviceOutput) {
5015	op := &request.Operation{
5016		Name:       opEnableMFADevice,
5017		HTTPMethod: "POST",
5018		HTTPPath:   "/",
5019	}
5020
5021	if input == nil {
5022		input = &EnableMFADeviceInput{}
5023	}
5024
5025	output = &EnableMFADeviceOutput{}
5026	req = c.newRequest(op, input, output)
5027	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
5028	return
5029}
5030
5031// EnableMFADevice API operation for AWS Identity and Access Management.
5032//
5033// Enables the specified MFA device and associates it with the specified IAM
5034// user. When enabled, the MFA device is required for every subsequent login
5035// by the IAM user associated with the device.
5036//
5037// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
5038// with awserr.Error's Code and Message methods to get detailed information about
5039// the error.
5040//
5041// See the AWS API reference guide for AWS Identity and Access Management's
5042// API operation EnableMFADevice for usage and error information.
5043//
5044// Returned Error Codes:
5045//   * ErrCodeEntityAlreadyExistsException "EntityAlreadyExists"
5046//   The request was rejected because it attempted to create a resource that already
5047//   exists.
5048//
5049//   * ErrCodeEntityTemporarilyUnmodifiableException "EntityTemporarilyUnmodifiable"
5050//   The request was rejected because it referenced an entity that is temporarily
5051//   unmodifiable, such as a user name that was deleted and then recreated. The
5052//   error indicates that the request is likely to succeed if you try again after
5053//   waiting several minutes. The error message describes the entity.
5054//
5055//   * ErrCodeInvalidAuthenticationCodeException "InvalidAuthenticationCode"
5056//   The request was rejected because the authentication code was not recognized.
5057//   The error message describes the specific error.
5058//
5059//   * ErrCodeLimitExceededException "LimitExceeded"
5060//   The request was rejected because it attempted to create resources beyond
5061//   the current Amazon Web Services account limits. The error message describes
5062//   the limit exceeded.
5063//
5064//   * ErrCodeNoSuchEntityException "NoSuchEntity"
5065//   The request was rejected because it referenced a resource entity that does
5066//   not exist. The error message describes the resource.
5067//
5068//   * ErrCodeServiceFailureException "ServiceFailure"
5069//   The request processing has failed because of an unknown error, exception
5070//   or failure.
5071//
5072// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/EnableMFADevice
5073func (c *IAM) EnableMFADevice(input *EnableMFADeviceInput) (*EnableMFADeviceOutput, error) {
5074	req, out := c.EnableMFADeviceRequest(input)
5075	return out, req.Send()
5076}
5077
5078// EnableMFADeviceWithContext is the same as EnableMFADevice with the addition of
5079// the ability to pass a context and additional request options.
5080//
5081// See EnableMFADevice for details on how to use this API operation.
5082//
5083// The context must be non-nil and will be used for request cancellation. If
5084// the context is nil a panic will occur. In the future the SDK may create
5085// sub-contexts for http.Requests. See https://golang.org/pkg/context/
5086// for more information on using Contexts.
5087func (c *IAM) EnableMFADeviceWithContext(ctx aws.Context, input *EnableMFADeviceInput, opts ...request.Option) (*EnableMFADeviceOutput, error) {
5088	req, out := c.EnableMFADeviceRequest(input)
5089	req.SetContext(ctx)
5090	req.ApplyOptions(opts...)
5091	return out, req.Send()
5092}
5093
5094const opGenerateCredentialReport = "GenerateCredentialReport"
5095
5096// GenerateCredentialReportRequest generates a "aws/request.Request" representing the
5097// client's request for the GenerateCredentialReport operation. The "output" return
5098// value will be populated with the request's response once the request completes
5099// successfully.
5100//
5101// Use "Send" method on the returned Request to send the API call to the service.
5102// the "output" return value is not valid until after Send returns without error.
5103//
5104// See GenerateCredentialReport for more information on using the GenerateCredentialReport
5105// API call, and error handling.
5106//
5107// This method is useful when you want to inject custom logic or configuration
5108// into the SDK's request lifecycle. Such as custom headers, or retry logic.
5109//
5110//
5111//    // Example sending a request using the GenerateCredentialReportRequest method.
5112//    req, resp := client.GenerateCredentialReportRequest(params)
5113//
5114//    err := req.Send()
5115//    if err == nil { // resp is now filled
5116//        fmt.Println(resp)
5117//    }
5118//
5119// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GenerateCredentialReport
5120func (c *IAM) GenerateCredentialReportRequest(input *GenerateCredentialReportInput) (req *request.Request, output *GenerateCredentialReportOutput) {
5121	op := &request.Operation{
5122		Name:       opGenerateCredentialReport,
5123		HTTPMethod: "POST",
5124		HTTPPath:   "/",
5125	}
5126
5127	if input == nil {
5128		input = &GenerateCredentialReportInput{}
5129	}
5130
5131	output = &GenerateCredentialReportOutput{}
5132	req = c.newRequest(op, input, output)
5133	return
5134}
5135
5136// GenerateCredentialReport API operation for AWS Identity and Access Management.
5137//
5138// Generates a credential report for the Amazon Web Services account. For more
5139// information about the credential report, see Getting credential reports (https://docs.aws.amazon.com/IAM/latest/UserGuide/credential-reports.html)
5140// in the IAM User Guide.
5141//
5142// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
5143// with awserr.Error's Code and Message methods to get detailed information about
5144// the error.
5145//
5146// See the AWS API reference guide for AWS Identity and Access Management's
5147// API operation GenerateCredentialReport for usage and error information.
5148//
5149// Returned Error Codes:
5150//   * ErrCodeLimitExceededException "LimitExceeded"
5151//   The request was rejected because it attempted to create resources beyond
5152//   the current Amazon Web Services account limits. The error message describes
5153//   the limit exceeded.
5154//
5155//   * ErrCodeServiceFailureException "ServiceFailure"
5156//   The request processing has failed because of an unknown error, exception
5157//   or failure.
5158//
5159// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GenerateCredentialReport
5160func (c *IAM) GenerateCredentialReport(input *GenerateCredentialReportInput) (*GenerateCredentialReportOutput, error) {
5161	req, out := c.GenerateCredentialReportRequest(input)
5162	return out, req.Send()
5163}
5164
5165// GenerateCredentialReportWithContext is the same as GenerateCredentialReport with the addition of
5166// the ability to pass a context and additional request options.
5167//
5168// See GenerateCredentialReport for details on how to use this API operation.
5169//
5170// The context must be non-nil and will be used for request cancellation. If
5171// the context is nil a panic will occur. In the future the SDK may create
5172// sub-contexts for http.Requests. See https://golang.org/pkg/context/
5173// for more information on using Contexts.
5174func (c *IAM) GenerateCredentialReportWithContext(ctx aws.Context, input *GenerateCredentialReportInput, opts ...request.Option) (*GenerateCredentialReportOutput, error) {
5175	req, out := c.GenerateCredentialReportRequest(input)
5176	req.SetContext(ctx)
5177	req.ApplyOptions(opts...)
5178	return out, req.Send()
5179}
5180
5181const opGenerateOrganizationsAccessReport = "GenerateOrganizationsAccessReport"
5182
5183// GenerateOrganizationsAccessReportRequest generates a "aws/request.Request" representing the
5184// client's request for the GenerateOrganizationsAccessReport operation. The "output" return
5185// value will be populated with the request's response once the request completes
5186// successfully.
5187//
5188// Use "Send" method on the returned Request to send the API call to the service.
5189// the "output" return value is not valid until after Send returns without error.
5190//
5191// See GenerateOrganizationsAccessReport for more information on using the GenerateOrganizationsAccessReport
5192// API call, and error handling.
5193//
5194// This method is useful when you want to inject custom logic or configuration
5195// into the SDK's request lifecycle. Such as custom headers, or retry logic.
5196//
5197//
5198//    // Example sending a request using the GenerateOrganizationsAccessReportRequest method.
5199//    req, resp := client.GenerateOrganizationsAccessReportRequest(params)
5200//
5201//    err := req.Send()
5202//    if err == nil { // resp is now filled
5203//        fmt.Println(resp)
5204//    }
5205//
5206// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GenerateOrganizationsAccessReport
5207func (c *IAM) GenerateOrganizationsAccessReportRequest(input *GenerateOrganizationsAccessReportInput) (req *request.Request, output *GenerateOrganizationsAccessReportOutput) {
5208	op := &request.Operation{
5209		Name:       opGenerateOrganizationsAccessReport,
5210		HTTPMethod: "POST",
5211		HTTPPath:   "/",
5212	}
5213
5214	if input == nil {
5215		input = &GenerateOrganizationsAccessReportInput{}
5216	}
5217
5218	output = &GenerateOrganizationsAccessReportOutput{}
5219	req = c.newRequest(op, input, output)
5220	return
5221}
5222
5223// GenerateOrganizationsAccessReport API operation for AWS Identity and Access Management.
5224//
5225// Generates a report for service last accessed data for Organizations. You
5226// can generate a report for any entities (organization root, organizational
5227// unit, or account) or policies in your organization.
5228//
5229// To call this operation, you must be signed in using your Organizations management
5230// account credentials. You can use your long-term IAM user or root user credentials,
5231// or temporary credentials from assuming an IAM role. SCPs must be enabled
5232// for your organization root. You must have the required IAM and Organizations
5233// permissions. For more information, see Refining permissions using service
5234// last accessed data (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html)
5235// in the IAM User Guide.
5236//
5237// You can generate a service last accessed data report for entities by specifying
5238// only the entity's path. This data includes a list of services that are allowed
5239// by any service control policies (SCPs) that apply to the entity.
5240//
5241// You can generate a service last accessed data report for a policy by specifying
5242// an entity's path and an optional Organizations policy ID. This data includes
5243// a list of services that are allowed by the specified SCP.
5244//
5245// For each service in both report types, the data includes the most recent
5246// account activity that the policy allows to account principals in the entity
5247// or the entity's children. For important information about the data, reporting
5248// period, permissions required, troubleshooting, and supported Regions see
5249// Reducing permissions using service last accessed data (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html)
5250// in the IAM User Guide.
5251//
5252// The data includes all attempts to access Amazon Web Services, not just the
5253// successful ones. This includes all attempts that were made using the Amazon
5254// Web Services Management Console, the Amazon Web Services API through any
5255// of the SDKs, or any of the command line tools. An unexpected entry in the
5256// service last accessed data does not mean that an account has been compromised,
5257// because the request might have been denied. Refer to your CloudTrail logs
5258// as the authoritative source for information about all API calls and whether
5259// they were successful or denied access. For more information, see Logging
5260// IAM events with CloudTrail (https://docs.aws.amazon.com/IAM/latest/UserGuide/cloudtrail-integration.html)
5261// in the IAM User Guide.
5262//
5263// This operation returns a JobId. Use this parameter in the GetOrganizationsAccessReport
5264// operation to check the status of the report generation. To check the status
5265// of this request, use the JobId parameter in the GetOrganizationsAccessReport
5266// operation and test the JobStatus response parameter. When the job is complete,
5267// you can retrieve the report.
5268//
5269// To generate a service last accessed data report for entities, specify an
5270// entity path without specifying the optional Organizations policy ID. The
5271// type of entity that you specify determines the data returned in the report.
5272//
5273//    * Root – When you specify the organizations root as the entity, the
5274//    resulting report lists all of the services allowed by SCPs that are attached
5275//    to your root. For each service, the report includes data for all accounts
5276//    in your organization except the management account, because the management
5277//    account is not limited by SCPs.
5278//
5279//    * OU – When you specify an organizational unit (OU) as the entity, the
5280//    resulting report lists all of the services allowed by SCPs that are attached
5281//    to the OU and its parents. For each service, the report includes data
5282//    for all accounts in the OU or its children. This data excludes the management
5283//    account, because the management account is not limited by SCPs.
5284//
5285//    * management account – When you specify the management account, the
5286//    resulting report lists all Amazon Web Services services, because the management
5287//    account is not limited by SCPs. For each service, the report includes
5288//    data for only the management account.
5289//
5290//    * Account – When you specify another account as the entity, the resulting
5291//    report lists all of the services allowed by SCPs that are attached to
5292//    the account and its parents. For each service, the report includes data
5293//    for only the specified account.
5294//
5295// To generate a service last accessed data report for policies, specify an
5296// entity path and the optional Organizations policy ID. The type of entity
5297// that you specify determines the data returned for each service.
5298//
5299//    * Root – When you specify the root entity and a policy ID, the resulting
5300//    report lists all of the services that are allowed by the specified SCP.
5301//    For each service, the report includes data for all accounts in your organization
5302//    to which the SCP applies. This data excludes the management account, because
5303//    the management account is not limited by SCPs. If the SCP is not attached
5304//    to any entities in the organization, then the report will return a list
5305//    of services with no data.
5306//
5307//    * OU – When you specify an OU entity and a policy ID, the resulting
5308//    report lists all of the services that are allowed by the specified SCP.
5309//    For each service, the report includes data for all accounts in the OU
5310//    or its children to which the SCP applies. This means that other accounts
5311//    outside the OU that are affected by the SCP might not be included in the
5312//    data. This data excludes the management account, because the management
5313//    account is not limited by SCPs. If the SCP is not attached to the OU or
5314//    one of its children, the report will return a list of services with no
5315//    data.
5316//
5317//    * management account – When you specify the management account, the
5318//    resulting report lists all Amazon Web Services services, because the management
5319//    account is not limited by SCPs. If you specify a policy ID in the CLI
5320//    or API, the policy is ignored. For each service, the report includes data
5321//    for only the management account.
5322//
5323//    * Account – When you specify another account entity and a policy ID,
5324//    the resulting report lists all of the services that are allowed by the
5325//    specified SCP. For each service, the report includes data for only the
5326//    specified account. This means that other accounts in the organization
5327//    that are affected by the SCP might not be included in the data. If the
5328//    SCP is not attached to the account, the report will return a list of services
5329//    with no data.
5330//
5331// Service last accessed data does not use other policy types when determining
5332// whether a principal could access a service. These other policy types include
5333// identity-based policies, resource-based policies, access control lists, IAM
5334// permissions boundaries, and STS assume role policies. It only applies SCP
5335// logic. For more about the evaluation of policy types, see Evaluating policies
5336// (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluation-logic.html#policy-eval-basics)
5337// in the IAM User Guide.
5338//
5339// For more information about service last accessed data, see Reducing policy
5340// scope by viewing user activity (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html)
5341// in the IAM User Guide.
5342//
5343// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
5344// with awserr.Error's Code and Message methods to get detailed information about
5345// the error.
5346//
5347// See the AWS API reference guide for AWS Identity and Access Management's
5348// API operation GenerateOrganizationsAccessReport for usage and error information.
5349//
5350// Returned Error Codes:
5351//   * ErrCodeReportGenerationLimitExceededException "ReportGenerationLimitExceeded"
5352//   The request failed because the maximum number of concurrent requests for
5353//   this account are already running.
5354//
5355// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GenerateOrganizationsAccessReport
5356func (c *IAM) GenerateOrganizationsAccessReport(input *GenerateOrganizationsAccessReportInput) (*GenerateOrganizationsAccessReportOutput, error) {
5357	req, out := c.GenerateOrganizationsAccessReportRequest(input)
5358	return out, req.Send()
5359}
5360
5361// GenerateOrganizationsAccessReportWithContext is the same as GenerateOrganizationsAccessReport with the addition of
5362// the ability to pass a context and additional request options.
5363//
5364// See GenerateOrganizationsAccessReport for details on how to use this API operation.
5365//
5366// The context must be non-nil and will be used for request cancellation. If
5367// the context is nil a panic will occur. In the future the SDK may create
5368// sub-contexts for http.Requests. See https://golang.org/pkg/context/
5369// for more information on using Contexts.
5370func (c *IAM) GenerateOrganizationsAccessReportWithContext(ctx aws.Context, input *GenerateOrganizationsAccessReportInput, opts ...request.Option) (*GenerateOrganizationsAccessReportOutput, error) {
5371	req, out := c.GenerateOrganizationsAccessReportRequest(input)
5372	req.SetContext(ctx)
5373	req.ApplyOptions(opts...)
5374	return out, req.Send()
5375}
5376
5377const opGenerateServiceLastAccessedDetails = "GenerateServiceLastAccessedDetails"
5378
5379// GenerateServiceLastAccessedDetailsRequest generates a "aws/request.Request" representing the
5380// client's request for the GenerateServiceLastAccessedDetails operation. The "output" return
5381// value will be populated with the request's response once the request completes
5382// successfully.
5383//
5384// Use "Send" method on the returned Request to send the API call to the service.
5385// the "output" return value is not valid until after Send returns without error.
5386//
5387// See GenerateServiceLastAccessedDetails for more information on using the GenerateServiceLastAccessedDetails
5388// API call, and error handling.
5389//
5390// This method is useful when you want to inject custom logic or configuration
5391// into the SDK's request lifecycle. Such as custom headers, or retry logic.
5392//
5393//
5394//    // Example sending a request using the GenerateServiceLastAccessedDetailsRequest method.
5395//    req, resp := client.GenerateServiceLastAccessedDetailsRequest(params)
5396//
5397//    err := req.Send()
5398//    if err == nil { // resp is now filled
5399//        fmt.Println(resp)
5400//    }
5401//
5402// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GenerateServiceLastAccessedDetails
5403func (c *IAM) GenerateServiceLastAccessedDetailsRequest(input *GenerateServiceLastAccessedDetailsInput) (req *request.Request, output *GenerateServiceLastAccessedDetailsOutput) {
5404	op := &request.Operation{
5405		Name:       opGenerateServiceLastAccessedDetails,
5406		HTTPMethod: "POST",
5407		HTTPPath:   "/",
5408	}
5409
5410	if input == nil {
5411		input = &GenerateServiceLastAccessedDetailsInput{}
5412	}
5413
5414	output = &GenerateServiceLastAccessedDetailsOutput{}
5415	req = c.newRequest(op, input, output)
5416	return
5417}
5418
5419// GenerateServiceLastAccessedDetails API operation for AWS Identity and Access Management.
5420//
5421// Generates a report that includes details about when an IAM resource (user,
5422// group, role, or policy) was last used in an attempt to access Amazon Web
5423// Services services. Recent activity usually appears within four hours. IAM
5424// reports activity for the last 365 days, or less if your Region began supporting
5425// this feature within the last year. For more information, see Regions where
5426// data is tracked (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#access-advisor_tracking-period).
5427//
5428// The service last accessed data includes all attempts to access an Amazon
5429// Web Services API, not just the successful ones. This includes all attempts
5430// that were made using the Amazon Web Services Management Console, the Amazon
5431// Web Services API through any of the SDKs, or any of the command line tools.
5432// An unexpected entry in the service last accessed data does not mean that
5433// your account has been compromised, because the request might have been denied.
5434// Refer to your CloudTrail logs as the authoritative source for information
5435// about all API calls and whether they were successful or denied access. For
5436// more information, see Logging IAM events with CloudTrail (https://docs.aws.amazon.com/IAM/latest/UserGuide/cloudtrail-integration.html)
5437// in the IAM User Guide.
5438//
5439// The GenerateServiceLastAccessedDetails operation returns a JobId. Use this
5440// parameter in the following operations to retrieve the following details from
5441// your report:
5442//
5443//    * GetServiceLastAccessedDetails – Use this operation for users, groups,
5444//    roles, or policies to list every Amazon Web Services service that the
5445//    resource could access using permissions policies. For each service, the
5446//    response includes information about the most recent access attempt. The
5447//    JobId returned by GenerateServiceLastAccessedDetail must be used by the
5448//    same role within a session, or by the same user when used to call GetServiceLastAccessedDetail.
5449//
5450//    * GetServiceLastAccessedDetailsWithEntities – Use this operation for
5451//    groups and policies to list information about the associated entities
5452//    (users or roles) that attempted to access a specific Amazon Web Services
5453//    service.
5454//
5455// To check the status of the GenerateServiceLastAccessedDetails request, use
5456// the JobId parameter in the same operations and test the JobStatus response
5457// parameter.
5458//
5459// For additional information about the permissions policies that allow an identity
5460// (user, group, or role) to access specific services, use the ListPoliciesGrantingServiceAccess
5461// operation.
5462//
5463// Service last accessed data does not use other policy types when determining
5464// whether a resource could access a service. These other policy types include
5465// resource-based policies, access control lists, Organizations policies, IAM
5466// permissions boundaries, and STS assume role policies. It only applies permissions
5467// policy logic. For more about the evaluation of policy types, see Evaluating
5468// policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluation-logic.html#policy-eval-basics)
5469// in the IAM User Guide.
5470//
5471// For more information about service and action last accessed data, see Reducing
5472// permissions using service last accessed data (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html)
5473// in the IAM User Guide.
5474//
5475// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
5476// with awserr.Error's Code and Message methods to get detailed information about
5477// the error.
5478//
5479// See the AWS API reference guide for AWS Identity and Access Management's
5480// API operation GenerateServiceLastAccessedDetails for usage and error information.
5481//
5482// Returned Error Codes:
5483//   * ErrCodeNoSuchEntityException "NoSuchEntity"
5484//   The request was rejected because it referenced a resource entity that does
5485//   not exist. The error message describes the resource.
5486//
5487//   * ErrCodeInvalidInputException "InvalidInput"
5488//   The request was rejected because an invalid or out-of-range value was supplied
5489//   for an input parameter.
5490//
5491// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GenerateServiceLastAccessedDetails
5492func (c *IAM) GenerateServiceLastAccessedDetails(input *GenerateServiceLastAccessedDetailsInput) (*GenerateServiceLastAccessedDetailsOutput, error) {
5493	req, out := c.GenerateServiceLastAccessedDetailsRequest(input)
5494	return out, req.Send()
5495}
5496
5497// GenerateServiceLastAccessedDetailsWithContext is the same as GenerateServiceLastAccessedDetails with the addition of
5498// the ability to pass a context and additional request options.
5499//
5500// See GenerateServiceLastAccessedDetails for details on how to use this API operation.
5501//
5502// The context must be non-nil and will be used for request cancellation. If
5503// the context is nil a panic will occur. In the future the SDK may create
5504// sub-contexts for http.Requests. See https://golang.org/pkg/context/
5505// for more information on using Contexts.
5506func (c *IAM) GenerateServiceLastAccessedDetailsWithContext(ctx aws.Context, input *GenerateServiceLastAccessedDetailsInput, opts ...request.Option) (*GenerateServiceLastAccessedDetailsOutput, error) {
5507	req, out := c.GenerateServiceLastAccessedDetailsRequest(input)
5508	req.SetContext(ctx)
5509	req.ApplyOptions(opts...)
5510	return out, req.Send()
5511}
5512
5513const opGetAccessKeyLastUsed = "GetAccessKeyLastUsed"
5514
5515// GetAccessKeyLastUsedRequest generates a "aws/request.Request" representing the
5516// client's request for the GetAccessKeyLastUsed operation. The "output" return
5517// value will be populated with the request's response once the request completes
5518// successfully.
5519//
5520// Use "Send" method on the returned Request to send the API call to the service.
5521// the "output" return value is not valid until after Send returns without error.
5522//
5523// See GetAccessKeyLastUsed for more information on using the GetAccessKeyLastUsed
5524// API call, and error handling.
5525//
5526// This method is useful when you want to inject custom logic or configuration
5527// into the SDK's request lifecycle. Such as custom headers, or retry logic.
5528//
5529//
5530//    // Example sending a request using the GetAccessKeyLastUsedRequest method.
5531//    req, resp := client.GetAccessKeyLastUsedRequest(params)
5532//
5533//    err := req.Send()
5534//    if err == nil { // resp is now filled
5535//        fmt.Println(resp)
5536//    }
5537//
5538// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetAccessKeyLastUsed
5539func (c *IAM) GetAccessKeyLastUsedRequest(input *GetAccessKeyLastUsedInput) (req *request.Request, output *GetAccessKeyLastUsedOutput) {
5540	op := &request.Operation{
5541		Name:       opGetAccessKeyLastUsed,
5542		HTTPMethod: "POST",
5543		HTTPPath:   "/",
5544	}
5545
5546	if input == nil {
5547		input = &GetAccessKeyLastUsedInput{}
5548	}
5549
5550	output = &GetAccessKeyLastUsedOutput{}
5551	req = c.newRequest(op, input, output)
5552	return
5553}
5554
5555// GetAccessKeyLastUsed API operation for AWS Identity and Access Management.
5556//
5557// Retrieves information about when the specified access key was last used.
5558// The information includes the date and time of last use, along with the Amazon
5559// Web Services service and Region that were specified in the last request made
5560// with that key.
5561//
5562// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
5563// with awserr.Error's Code and Message methods to get detailed information about
5564// the error.
5565//
5566// See the AWS API reference guide for AWS Identity and Access Management's
5567// API operation GetAccessKeyLastUsed for usage and error information.
5568//
5569// Returned Error Codes:
5570//   * ErrCodeNoSuchEntityException "NoSuchEntity"
5571//   The request was rejected because it referenced a resource entity that does
5572//   not exist. The error message describes the resource.
5573//
5574// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetAccessKeyLastUsed
5575func (c *IAM) GetAccessKeyLastUsed(input *GetAccessKeyLastUsedInput) (*GetAccessKeyLastUsedOutput, error) {
5576	req, out := c.GetAccessKeyLastUsedRequest(input)
5577	return out, req.Send()
5578}
5579
5580// GetAccessKeyLastUsedWithContext is the same as GetAccessKeyLastUsed with the addition of
5581// the ability to pass a context and additional request options.
5582//
5583// See GetAccessKeyLastUsed for details on how to use this API operation.
5584//
5585// The context must be non-nil and will be used for request cancellation. If
5586// the context is nil a panic will occur. In the future the SDK may create
5587// sub-contexts for http.Requests. See https://golang.org/pkg/context/
5588// for more information on using Contexts.
5589func (c *IAM) GetAccessKeyLastUsedWithContext(ctx aws.Context, input *GetAccessKeyLastUsedInput, opts ...request.Option) (*GetAccessKeyLastUsedOutput, error) {
5590	req, out := c.GetAccessKeyLastUsedRequest(input)
5591	req.SetContext(ctx)
5592	req.ApplyOptions(opts...)
5593	return out, req.Send()
5594}
5595
5596const opGetAccountAuthorizationDetails = "GetAccountAuthorizationDetails"
5597
5598// GetAccountAuthorizationDetailsRequest generates a "aws/request.Request" representing the
5599// client's request for the GetAccountAuthorizationDetails operation. The "output" return
5600// value will be populated with the request's response once the request completes
5601// successfully.
5602//
5603// Use "Send" method on the returned Request to send the API call to the service.
5604// the "output" return value is not valid until after Send returns without error.
5605//
5606// See GetAccountAuthorizationDetails for more information on using the GetAccountAuthorizationDetails
5607// API call, and error handling.
5608//
5609// This method is useful when you want to inject custom logic or configuration
5610// into the SDK's request lifecycle. Such as custom headers, or retry logic.
5611//
5612//
5613//    // Example sending a request using the GetAccountAuthorizationDetailsRequest method.
5614//    req, resp := client.GetAccountAuthorizationDetailsRequest(params)
5615//
5616//    err := req.Send()
5617//    if err == nil { // resp is now filled
5618//        fmt.Println(resp)
5619//    }
5620//
5621// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetAccountAuthorizationDetails
5622func (c *IAM) GetAccountAuthorizationDetailsRequest(input *GetAccountAuthorizationDetailsInput) (req *request.Request, output *GetAccountAuthorizationDetailsOutput) {
5623	op := &request.Operation{
5624		Name:       opGetAccountAuthorizationDetails,
5625		HTTPMethod: "POST",
5626		HTTPPath:   "/",
5627		Paginator: &request.Paginator{
5628			InputTokens:     []string{"Marker"},
5629			OutputTokens:    []string{"Marker"},
5630			LimitToken:      "MaxItems",
5631			TruncationToken: "IsTruncated",
5632		},
5633	}
5634
5635	if input == nil {
5636		input = &GetAccountAuthorizationDetailsInput{}
5637	}
5638
5639	output = &GetAccountAuthorizationDetailsOutput{}
5640	req = c.newRequest(op, input, output)
5641	return
5642}
5643
5644// GetAccountAuthorizationDetails API operation for AWS Identity and Access Management.
5645//
5646// Retrieves information about all IAM users, groups, roles, and policies in
5647// your Amazon Web Services account, including their relationships to one another.
5648// Use this operation to obtain a snapshot of the configuration of IAM permissions
5649// (users, groups, roles, and policies) in your account.
5650//
5651// Policies returned by this operation are URL-encoded compliant with RFC 3986
5652// (https://tools.ietf.org/html/rfc3986). You can use a URL decoding method
5653// to convert the policy back to plain JSON text. For example, if you use Java,
5654// you can use the decode method of the java.net.URLDecoder utility class in
5655// the Java SDK. Other languages and SDKs provide similar functionality.
5656//
5657// You can optionally filter the results using the Filter parameter. You can
5658// paginate the results using the MaxItems and Marker parameters.
5659//
5660// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
5661// with awserr.Error's Code and Message methods to get detailed information about
5662// the error.
5663//
5664// See the AWS API reference guide for AWS Identity and Access Management's
5665// API operation GetAccountAuthorizationDetails for usage and error information.
5666//
5667// Returned Error Codes:
5668//   * ErrCodeServiceFailureException "ServiceFailure"
5669//   The request processing has failed because of an unknown error, exception
5670//   or failure.
5671//
5672// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetAccountAuthorizationDetails
5673func (c *IAM) GetAccountAuthorizationDetails(input *GetAccountAuthorizationDetailsInput) (*GetAccountAuthorizationDetailsOutput, error) {
5674	req, out := c.GetAccountAuthorizationDetailsRequest(input)
5675	return out, req.Send()
5676}
5677
5678// GetAccountAuthorizationDetailsWithContext is the same as GetAccountAuthorizationDetails with the addition of
5679// the ability to pass a context and additional request options.
5680//
5681// See GetAccountAuthorizationDetails for details on how to use this API operation.
5682//
5683// The context must be non-nil and will be used for request cancellation. If
5684// the context is nil a panic will occur. In the future the SDK may create
5685// sub-contexts for http.Requests. See https://golang.org/pkg/context/
5686// for more information on using Contexts.
5687func (c *IAM) GetAccountAuthorizationDetailsWithContext(ctx aws.Context, input *GetAccountAuthorizationDetailsInput, opts ...request.Option) (*GetAccountAuthorizationDetailsOutput, error) {
5688	req, out := c.GetAccountAuthorizationDetailsRequest(input)
5689	req.SetContext(ctx)
5690	req.ApplyOptions(opts...)
5691	return out, req.Send()
5692}
5693
5694// GetAccountAuthorizationDetailsPages iterates over the pages of a GetAccountAuthorizationDetails operation,
5695// calling the "fn" function with the response data for each page. To stop
5696// iterating, return false from the fn function.
5697//
5698// See GetAccountAuthorizationDetails method for more information on how to use this operation.
5699//
5700// Note: This operation can generate multiple requests to a service.
5701//
5702//    // Example iterating over at most 3 pages of a GetAccountAuthorizationDetails operation.
5703//    pageNum := 0
5704//    err := client.GetAccountAuthorizationDetailsPages(params,
5705//        func(page *iam.GetAccountAuthorizationDetailsOutput, lastPage bool) bool {
5706//            pageNum++
5707//            fmt.Println(page)
5708//            return pageNum <= 3
5709//        })
5710//
5711func (c *IAM) GetAccountAuthorizationDetailsPages(input *GetAccountAuthorizationDetailsInput, fn func(*GetAccountAuthorizationDetailsOutput, bool) bool) error {
5712	return c.GetAccountAuthorizationDetailsPagesWithContext(aws.BackgroundContext(), input, fn)
5713}
5714
5715// GetAccountAuthorizationDetailsPagesWithContext same as GetAccountAuthorizationDetailsPages except
5716// it takes a Context and allows setting request options on the pages.
5717//
5718// The context must be non-nil and will be used for request cancellation. If
5719// the context is nil a panic will occur. In the future the SDK may create
5720// sub-contexts for http.Requests. See https://golang.org/pkg/context/
5721// for more information on using Contexts.
5722func (c *IAM) GetAccountAuthorizationDetailsPagesWithContext(ctx aws.Context, input *GetAccountAuthorizationDetailsInput, fn func(*GetAccountAuthorizationDetailsOutput, bool) bool, opts ...request.Option) error {
5723	p := request.Pagination{
5724		NewRequest: func() (*request.Request, error) {
5725			var inCpy *GetAccountAuthorizationDetailsInput
5726			if input != nil {
5727				tmp := *input
5728				inCpy = &tmp
5729			}
5730			req, _ := c.GetAccountAuthorizationDetailsRequest(inCpy)
5731			req.SetContext(ctx)
5732			req.ApplyOptions(opts...)
5733			return req, nil
5734		},
5735	}
5736
5737	for p.Next() {
5738		if !fn(p.Page().(*GetAccountAuthorizationDetailsOutput), !p.HasNextPage()) {
5739			break
5740		}
5741	}
5742
5743	return p.Err()
5744}
5745
5746const opGetAccountPasswordPolicy = "GetAccountPasswordPolicy"
5747
5748// GetAccountPasswordPolicyRequest generates a "aws/request.Request" representing the
5749// client's request for the GetAccountPasswordPolicy operation. The "output" return
5750// value will be populated with the request's response once the request completes
5751// successfully.
5752//
5753// Use "Send" method on the returned Request to send the API call to the service.
5754// the "output" return value is not valid until after Send returns without error.
5755//
5756// See GetAccountPasswordPolicy for more information on using the GetAccountPasswordPolicy
5757// API call, and error handling.
5758//
5759// This method is useful when you want to inject custom logic or configuration
5760// into the SDK's request lifecycle. Such as custom headers, or retry logic.
5761//
5762//
5763//    // Example sending a request using the GetAccountPasswordPolicyRequest method.
5764//    req, resp := client.GetAccountPasswordPolicyRequest(params)
5765//
5766//    err := req.Send()
5767//    if err == nil { // resp is now filled
5768//        fmt.Println(resp)
5769//    }
5770//
5771// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetAccountPasswordPolicy
5772func (c *IAM) GetAccountPasswordPolicyRequest(input *GetAccountPasswordPolicyInput) (req *request.Request, output *GetAccountPasswordPolicyOutput) {
5773	op := &request.Operation{
5774		Name:       opGetAccountPasswordPolicy,
5775		HTTPMethod: "POST",
5776		HTTPPath:   "/",
5777	}
5778
5779	if input == nil {
5780		input = &GetAccountPasswordPolicyInput{}
5781	}
5782
5783	output = &GetAccountPasswordPolicyOutput{}
5784	req = c.newRequest(op, input, output)
5785	return
5786}
5787
5788// GetAccountPasswordPolicy API operation for AWS Identity and Access Management.
5789//
5790// Retrieves the password policy for the Amazon Web Services account. This tells
5791// you the complexity requirements and mandatory rotation periods for the IAM
5792// user passwords in your account. For more information about using a password
5793// policy, see Managing an IAM password policy (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_ManagingPasswordPolicies.html).
5794//
5795// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
5796// with awserr.Error's Code and Message methods to get detailed information about
5797// the error.
5798//
5799// See the AWS API reference guide for AWS Identity and Access Management's
5800// API operation GetAccountPasswordPolicy for usage and error information.
5801//
5802// Returned Error Codes:
5803//   * ErrCodeNoSuchEntityException "NoSuchEntity"
5804//   The request was rejected because it referenced a resource entity that does
5805//   not exist. The error message describes the resource.
5806//
5807//   * ErrCodeServiceFailureException "ServiceFailure"
5808//   The request processing has failed because of an unknown error, exception
5809//   or failure.
5810//
5811// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetAccountPasswordPolicy
5812func (c *IAM) GetAccountPasswordPolicy(input *GetAccountPasswordPolicyInput) (*GetAccountPasswordPolicyOutput, error) {
5813	req, out := c.GetAccountPasswordPolicyRequest(input)
5814	return out, req.Send()
5815}
5816
5817// GetAccountPasswordPolicyWithContext is the same as GetAccountPasswordPolicy with the addition of
5818// the ability to pass a context and additional request options.
5819//
5820// See GetAccountPasswordPolicy for details on how to use this API operation.
5821//
5822// The context must be non-nil and will be used for request cancellation. If
5823// the context is nil a panic will occur. In the future the SDK may create
5824// sub-contexts for http.Requests. See https://golang.org/pkg/context/
5825// for more information on using Contexts.
5826func (c *IAM) GetAccountPasswordPolicyWithContext(ctx aws.Context, input *GetAccountPasswordPolicyInput, opts ...request.Option) (*GetAccountPasswordPolicyOutput, error) {
5827	req, out := c.GetAccountPasswordPolicyRequest(input)
5828	req.SetContext(ctx)
5829	req.ApplyOptions(opts...)
5830	return out, req.Send()
5831}
5832
5833const opGetAccountSummary = "GetAccountSummary"
5834
5835// GetAccountSummaryRequest generates a "aws/request.Request" representing the
5836// client's request for the GetAccountSummary operation. The "output" return
5837// value will be populated with the request's response once the request completes
5838// successfully.
5839//
5840// Use "Send" method on the returned Request to send the API call to the service.
5841// the "output" return value is not valid until after Send returns without error.
5842//
5843// See GetAccountSummary for more information on using the GetAccountSummary
5844// API call, and error handling.
5845//
5846// This method is useful when you want to inject custom logic or configuration
5847// into the SDK's request lifecycle. Such as custom headers, or retry logic.
5848//
5849//
5850//    // Example sending a request using the GetAccountSummaryRequest method.
5851//    req, resp := client.GetAccountSummaryRequest(params)
5852//
5853//    err := req.Send()
5854//    if err == nil { // resp is now filled
5855//        fmt.Println(resp)
5856//    }
5857//
5858// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetAccountSummary
5859func (c *IAM) GetAccountSummaryRequest(input *GetAccountSummaryInput) (req *request.Request, output *GetAccountSummaryOutput) {
5860	op := &request.Operation{
5861		Name:       opGetAccountSummary,
5862		HTTPMethod: "POST",
5863		HTTPPath:   "/",
5864	}
5865
5866	if input == nil {
5867		input = &GetAccountSummaryInput{}
5868	}
5869
5870	output = &GetAccountSummaryOutput{}
5871	req = c.newRequest(op, input, output)
5872	return
5873}
5874
5875// GetAccountSummary API operation for AWS Identity and Access Management.
5876//
5877// Retrieves information about IAM entity usage and IAM quotas in the Amazon
5878// Web Services account.
5879//
5880// For information about IAM quotas, see IAM and STS quotas (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html)
5881// in the IAM User Guide.
5882//
5883// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
5884// with awserr.Error's Code and Message methods to get detailed information about
5885// the error.
5886//
5887// See the AWS API reference guide for AWS Identity and Access Management's
5888// API operation GetAccountSummary for usage and error information.
5889//
5890// Returned Error Codes:
5891//   * ErrCodeServiceFailureException "ServiceFailure"
5892//   The request processing has failed because of an unknown error, exception
5893//   or failure.
5894//
5895// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetAccountSummary
5896func (c *IAM) GetAccountSummary(input *GetAccountSummaryInput) (*GetAccountSummaryOutput, error) {
5897	req, out := c.GetAccountSummaryRequest(input)
5898	return out, req.Send()
5899}
5900
5901// GetAccountSummaryWithContext is the same as GetAccountSummary with the addition of
5902// the ability to pass a context and additional request options.
5903//
5904// See GetAccountSummary for details on how to use this API operation.
5905//
5906// The context must be non-nil and will be used for request cancellation. If
5907// the context is nil a panic will occur. In the future the SDK may create
5908// sub-contexts for http.Requests. See https://golang.org/pkg/context/
5909// for more information on using Contexts.
5910func (c *IAM) GetAccountSummaryWithContext(ctx aws.Context, input *GetAccountSummaryInput, opts ...request.Option) (*GetAccountSummaryOutput, error) {
5911	req, out := c.GetAccountSummaryRequest(input)
5912	req.SetContext(ctx)
5913	req.ApplyOptions(opts...)
5914	return out, req.Send()
5915}
5916
5917const opGetContextKeysForCustomPolicy = "GetContextKeysForCustomPolicy"
5918
5919// GetContextKeysForCustomPolicyRequest generates a "aws/request.Request" representing the
5920// client's request for the GetContextKeysForCustomPolicy operation. The "output" return
5921// value will be populated with the request's response once the request completes
5922// successfully.
5923//
5924// Use "Send" method on the returned Request to send the API call to the service.
5925// the "output" return value is not valid until after Send returns without error.
5926//
5927// See GetContextKeysForCustomPolicy for more information on using the GetContextKeysForCustomPolicy
5928// API call, and error handling.
5929//
5930// This method is useful when you want to inject custom logic or configuration
5931// into the SDK's request lifecycle. Such as custom headers, or retry logic.
5932//
5933//
5934//    // Example sending a request using the GetContextKeysForCustomPolicyRequest method.
5935//    req, resp := client.GetContextKeysForCustomPolicyRequest(params)
5936//
5937//    err := req.Send()
5938//    if err == nil { // resp is now filled
5939//        fmt.Println(resp)
5940//    }
5941//
5942// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetContextKeysForCustomPolicy
5943func (c *IAM) GetContextKeysForCustomPolicyRequest(input *GetContextKeysForCustomPolicyInput) (req *request.Request, output *GetContextKeysForPolicyResponse) {
5944	op := &request.Operation{
5945		Name:       opGetContextKeysForCustomPolicy,
5946		HTTPMethod: "POST",
5947		HTTPPath:   "/",
5948	}
5949
5950	if input == nil {
5951		input = &GetContextKeysForCustomPolicyInput{}
5952	}
5953
5954	output = &GetContextKeysForPolicyResponse{}
5955	req = c.newRequest(op, input, output)
5956	return
5957}
5958
5959// GetContextKeysForCustomPolicy API operation for AWS Identity and Access Management.
5960//
5961// Gets a list of all of the context keys referenced in the input policies.
5962// The policies are supplied as a list of one or more strings. To get the context
5963// keys from policies associated with an IAM user, group, or role, use GetContextKeysForPrincipalPolicy.
5964//
5965// Context keys are variables maintained by Amazon Web Services and its services
5966// that provide details about the context of an API query request. Context keys
5967// can be evaluated by testing against a value specified in an IAM policy. Use
5968// GetContextKeysForCustomPolicy to understand what key names and values you
5969// must supply when you call SimulateCustomPolicy. Note that all parameters
5970// are shown in unencoded form here for clarity but must be URL encoded to be
5971// included as a part of a real HTML request.
5972//
5973// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
5974// with awserr.Error's Code and Message methods to get detailed information about
5975// the error.
5976//
5977// See the AWS API reference guide for AWS Identity and Access Management's
5978// API operation GetContextKeysForCustomPolicy for usage and error information.
5979//
5980// Returned Error Codes:
5981//   * ErrCodeInvalidInputException "InvalidInput"
5982//   The request was rejected because an invalid or out-of-range value was supplied
5983//   for an input parameter.
5984//
5985// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetContextKeysForCustomPolicy
5986func (c *IAM) GetContextKeysForCustomPolicy(input *GetContextKeysForCustomPolicyInput) (*GetContextKeysForPolicyResponse, error) {
5987	req, out := c.GetContextKeysForCustomPolicyRequest(input)
5988	return out, req.Send()
5989}
5990
5991// GetContextKeysForCustomPolicyWithContext is the same as GetContextKeysForCustomPolicy with the addition of
5992// the ability to pass a context and additional request options.
5993//
5994// See GetContextKeysForCustomPolicy for details on how to use this API operation.
5995//
5996// The context must be non-nil and will be used for request cancellation. If
5997// the context is nil a panic will occur. In the future the SDK may create
5998// sub-contexts for http.Requests. See https://golang.org/pkg/context/
5999// for more information on using Contexts.
6000func (c *IAM) GetContextKeysForCustomPolicyWithContext(ctx aws.Context, input *GetContextKeysForCustomPolicyInput, opts ...request.Option) (*GetContextKeysForPolicyResponse, error) {
6001	req, out := c.GetContextKeysForCustomPolicyRequest(input)
6002	req.SetContext(ctx)
6003	req.ApplyOptions(opts...)
6004	return out, req.Send()
6005}
6006
6007const opGetContextKeysForPrincipalPolicy = "GetContextKeysForPrincipalPolicy"
6008
6009// GetContextKeysForPrincipalPolicyRequest generates a "aws/request.Request" representing the
6010// client's request for the GetContextKeysForPrincipalPolicy operation. The "output" return
6011// value will be populated with the request's response once the request completes
6012// successfully.
6013//
6014// Use "Send" method on the returned Request to send the API call to the service.
6015// the "output" return value is not valid until after Send returns without error.
6016//
6017// See GetContextKeysForPrincipalPolicy for more information on using the GetContextKeysForPrincipalPolicy
6018// API call, and error handling.
6019//
6020// This method is useful when you want to inject custom logic or configuration
6021// into the SDK's request lifecycle. Such as custom headers, or retry logic.
6022//
6023//
6024//    // Example sending a request using the GetContextKeysForPrincipalPolicyRequest method.
6025//    req, resp := client.GetContextKeysForPrincipalPolicyRequest(params)
6026//
6027//    err := req.Send()
6028//    if err == nil { // resp is now filled
6029//        fmt.Println(resp)
6030//    }
6031//
6032// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetContextKeysForPrincipalPolicy
6033func (c *IAM) GetContextKeysForPrincipalPolicyRequest(input *GetContextKeysForPrincipalPolicyInput) (req *request.Request, output *GetContextKeysForPolicyResponse) {
6034	op := &request.Operation{
6035		Name:       opGetContextKeysForPrincipalPolicy,
6036		HTTPMethod: "POST",
6037		HTTPPath:   "/",
6038	}
6039
6040	if input == nil {
6041		input = &GetContextKeysForPrincipalPolicyInput{}
6042	}
6043
6044	output = &GetContextKeysForPolicyResponse{}
6045	req = c.newRequest(op, input, output)
6046	return
6047}
6048
6049// GetContextKeysForPrincipalPolicy API operation for AWS Identity and Access Management.
6050//
6051// Gets a list of all of the context keys referenced in all the IAM policies
6052// that are attached to the specified IAM entity. The entity can be an IAM user,
6053// group, or role. If you specify a user, then the request also includes all
6054// of the policies attached to groups that the user is a member of.
6055//
6056// You can optionally include a list of one or more additional policies, specified
6057// as strings. If you want to include only a list of policies by string, use
6058// GetContextKeysForCustomPolicy instead.
6059//
6060// Note: This operation discloses information about the permissions granted
6061// to other users. If you do not want users to see other user's permissions,
6062// then consider allowing them to use GetContextKeysForCustomPolicy instead.
6063//
6064// Context keys are variables maintained by Amazon Web Services and its services
6065// that provide details about the context of an API query request. Context keys
6066// can be evaluated by testing against a value in an IAM policy. Use GetContextKeysForPrincipalPolicy
6067// to understand what key names and values you must supply when you call SimulatePrincipalPolicy.
6068//
6069// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
6070// with awserr.Error's Code and Message methods to get detailed information about
6071// the error.
6072//
6073// See the AWS API reference guide for AWS Identity and Access Management's
6074// API operation GetContextKeysForPrincipalPolicy for usage and error information.
6075//
6076// Returned Error Codes:
6077//   * ErrCodeNoSuchEntityException "NoSuchEntity"
6078//   The request was rejected because it referenced a resource entity that does
6079//   not exist. The error message describes the resource.
6080//
6081//   * ErrCodeInvalidInputException "InvalidInput"
6082//   The request was rejected because an invalid or out-of-range value was supplied
6083//   for an input parameter.
6084//
6085// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetContextKeysForPrincipalPolicy
6086func (c *IAM) GetContextKeysForPrincipalPolicy(input *GetContextKeysForPrincipalPolicyInput) (*GetContextKeysForPolicyResponse, error) {
6087	req, out := c.GetContextKeysForPrincipalPolicyRequest(input)
6088	return out, req.Send()
6089}
6090
6091// GetContextKeysForPrincipalPolicyWithContext is the same as GetContextKeysForPrincipalPolicy with the addition of
6092// the ability to pass a context and additional request options.
6093//
6094// See GetContextKeysForPrincipalPolicy for details on how to use this API operation.
6095//
6096// The context must be non-nil and will be used for request cancellation. If
6097// the context is nil a panic will occur. In the future the SDK may create
6098// sub-contexts for http.Requests. See https://golang.org/pkg/context/
6099// for more information on using Contexts.
6100func (c *IAM) GetContextKeysForPrincipalPolicyWithContext(ctx aws.Context, input *GetContextKeysForPrincipalPolicyInput, opts ...request.Option) (*GetContextKeysForPolicyResponse, error) {
6101	req, out := c.GetContextKeysForPrincipalPolicyRequest(input)
6102	req.SetContext(ctx)
6103	req.ApplyOptions(opts...)
6104	return out, req.Send()
6105}
6106
6107const opGetCredentialReport = "GetCredentialReport"
6108
6109// GetCredentialReportRequest generates a "aws/request.Request" representing the
6110// client's request for the GetCredentialReport operation. The "output" return
6111// value will be populated with the request's response once the request completes
6112// successfully.
6113//
6114// Use "Send" method on the returned Request to send the API call to the service.
6115// the "output" return value is not valid until after Send returns without error.
6116//
6117// See GetCredentialReport for more information on using the GetCredentialReport
6118// API call, and error handling.
6119//
6120// This method is useful when you want to inject custom logic or configuration
6121// into the SDK's request lifecycle. Such as custom headers, or retry logic.
6122//
6123//
6124//    // Example sending a request using the GetCredentialReportRequest method.
6125//    req, resp := client.GetCredentialReportRequest(params)
6126//
6127//    err := req.Send()
6128//    if err == nil { // resp is now filled
6129//        fmt.Println(resp)
6130//    }
6131//
6132// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetCredentialReport
6133func (c *IAM) GetCredentialReportRequest(input *GetCredentialReportInput) (req *request.Request, output *GetCredentialReportOutput) {
6134	op := &request.Operation{
6135		Name:       opGetCredentialReport,
6136		HTTPMethod: "POST",
6137		HTTPPath:   "/",
6138	}
6139
6140	if input == nil {
6141		input = &GetCredentialReportInput{}
6142	}
6143
6144	output = &GetCredentialReportOutput{}
6145	req = c.newRequest(op, input, output)
6146	return
6147}
6148
6149// GetCredentialReport API operation for AWS Identity and Access Management.
6150//
6151// Retrieves a credential report for the Amazon Web Services account. For more
6152// information about the credential report, see Getting credential reports (https://docs.aws.amazon.com/IAM/latest/UserGuide/credential-reports.html)
6153// in the IAM User Guide.
6154//
6155// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
6156// with awserr.Error's Code and Message methods to get detailed information about
6157// the error.
6158//
6159// See the AWS API reference guide for AWS Identity and Access Management's
6160// API operation GetCredentialReport for usage and error information.
6161//
6162// Returned Error Codes:
6163//   * ErrCodeCredentialReportNotPresentException "ReportNotPresent"
6164//   The request was rejected because the credential report does not exist. To
6165//   generate a credential report, use GenerateCredentialReport.
6166//
6167//   * ErrCodeCredentialReportExpiredException "ReportExpired"
6168//   The request was rejected because the most recent credential report has expired.
6169//   To generate a new credential report, use GenerateCredentialReport. For more
6170//   information about credential report expiration, see Getting credential reports
6171//   (https://docs.aws.amazon.com/IAM/latest/UserGuide/credential-reports.html)
6172//   in the IAM User Guide.
6173//
6174//   * ErrCodeCredentialReportNotReadyException "ReportInProgress"
6175//   The request was rejected because the credential report is still being generated.
6176//
6177//   * ErrCodeServiceFailureException "ServiceFailure"
6178//   The request processing has failed because of an unknown error, exception
6179//   or failure.
6180//
6181// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetCredentialReport
6182func (c *IAM) GetCredentialReport(input *GetCredentialReportInput) (*GetCredentialReportOutput, error) {
6183	req, out := c.GetCredentialReportRequest(input)
6184	return out, req.Send()
6185}
6186
6187// GetCredentialReportWithContext is the same as GetCredentialReport with the addition of
6188// the ability to pass a context and additional request options.
6189//
6190// See GetCredentialReport for details on how to use this API operation.
6191//
6192// The context must be non-nil and will be used for request cancellation. If
6193// the context is nil a panic will occur. In the future the SDK may create
6194// sub-contexts for http.Requests. See https://golang.org/pkg/context/
6195// for more information on using Contexts.
6196func (c *IAM) GetCredentialReportWithContext(ctx aws.Context, input *GetCredentialReportInput, opts ...request.Option) (*GetCredentialReportOutput, error) {
6197	req, out := c.GetCredentialReportRequest(input)
6198	req.SetContext(ctx)
6199	req.ApplyOptions(opts...)
6200	return out, req.Send()
6201}
6202
6203const opGetGroup = "GetGroup"
6204
6205// GetGroupRequest generates a "aws/request.Request" representing the
6206// client's request for the GetGroup operation. The "output" return
6207// value will be populated with the request's response once the request completes
6208// successfully.
6209//
6210// Use "Send" method on the returned Request to send the API call to the service.
6211// the "output" return value is not valid until after Send returns without error.
6212//
6213// See GetGroup for more information on using the GetGroup
6214// API call, and error handling.
6215//
6216// This method is useful when you want to inject custom logic or configuration
6217// into the SDK's request lifecycle. Such as custom headers, or retry logic.
6218//
6219//
6220//    // Example sending a request using the GetGroupRequest method.
6221//    req, resp := client.GetGroupRequest(params)
6222//
6223//    err := req.Send()
6224//    if err == nil { // resp is now filled
6225//        fmt.Println(resp)
6226//    }
6227//
6228// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetGroup
6229func (c *IAM) GetGroupRequest(input *GetGroupInput) (req *request.Request, output *GetGroupOutput) {
6230	op := &request.Operation{
6231		Name:       opGetGroup,
6232		HTTPMethod: "POST",
6233		HTTPPath:   "/",
6234		Paginator: &request.Paginator{
6235			InputTokens:     []string{"Marker"},
6236			OutputTokens:    []string{"Marker"},
6237			LimitToken:      "MaxItems",
6238			TruncationToken: "IsTruncated",
6239		},
6240	}
6241
6242	if input == nil {
6243		input = &GetGroupInput{}
6244	}
6245
6246	output = &GetGroupOutput{}
6247	req = c.newRequest(op, input, output)
6248	return
6249}
6250
6251// GetGroup API operation for AWS Identity and Access Management.
6252//
6253// Returns a list of IAM users that are in the specified IAM group. You can
6254// paginate the results using the MaxItems and Marker parameters.
6255//
6256// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
6257// with awserr.Error's Code and Message methods to get detailed information about
6258// the error.
6259//
6260// See the AWS API reference guide for AWS Identity and Access Management's
6261// API operation GetGroup for usage and error information.
6262//
6263// Returned Error Codes:
6264//   * ErrCodeNoSuchEntityException "NoSuchEntity"
6265//   The request was rejected because it referenced a resource entity that does
6266//   not exist. The error message describes the resource.
6267//
6268//   * ErrCodeServiceFailureException "ServiceFailure"
6269//   The request processing has failed because of an unknown error, exception
6270//   or failure.
6271//
6272// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetGroup
6273func (c *IAM) GetGroup(input *GetGroupInput) (*GetGroupOutput, error) {
6274	req, out := c.GetGroupRequest(input)
6275	return out, req.Send()
6276}
6277
6278// GetGroupWithContext is the same as GetGroup with the addition of
6279// the ability to pass a context and additional request options.
6280//
6281// See GetGroup for details on how to use this API operation.
6282//
6283// The context must be non-nil and will be used for request cancellation. If
6284// the context is nil a panic will occur. In the future the SDK may create
6285// sub-contexts for http.Requests. See https://golang.org/pkg/context/
6286// for more information on using Contexts.
6287func (c *IAM) GetGroupWithContext(ctx aws.Context, input *GetGroupInput, opts ...request.Option) (*GetGroupOutput, error) {
6288	req, out := c.GetGroupRequest(input)
6289	req.SetContext(ctx)
6290	req.ApplyOptions(opts...)
6291	return out, req.Send()
6292}
6293
6294// GetGroupPages iterates over the pages of a GetGroup operation,
6295// calling the "fn" function with the response data for each page. To stop
6296// iterating, return false from the fn function.
6297//
6298// See GetGroup method for more information on how to use this operation.
6299//
6300// Note: This operation can generate multiple requests to a service.
6301//
6302//    // Example iterating over at most 3 pages of a GetGroup operation.
6303//    pageNum := 0
6304//    err := client.GetGroupPages(params,
6305//        func(page *iam.GetGroupOutput, lastPage bool) bool {
6306//            pageNum++
6307//            fmt.Println(page)
6308//            return pageNum <= 3
6309//        })
6310//
6311func (c *IAM) GetGroupPages(input *GetGroupInput, fn func(*GetGroupOutput, bool) bool) error {
6312	return c.GetGroupPagesWithContext(aws.BackgroundContext(), input, fn)
6313}
6314
6315// GetGroupPagesWithContext same as GetGroupPages except
6316// it takes a Context and allows setting request options on the pages.
6317//
6318// The context must be non-nil and will be used for request cancellation. If
6319// the context is nil a panic will occur. In the future the SDK may create
6320// sub-contexts for http.Requests. See https://golang.org/pkg/context/
6321// for more information on using Contexts.
6322func (c *IAM) GetGroupPagesWithContext(ctx aws.Context, input *GetGroupInput, fn func(*GetGroupOutput, bool) bool, opts ...request.Option) error {
6323	p := request.Pagination{
6324		NewRequest: func() (*request.Request, error) {
6325			var inCpy *GetGroupInput
6326			if input != nil {
6327				tmp := *input
6328				inCpy = &tmp
6329			}
6330			req, _ := c.GetGroupRequest(inCpy)
6331			req.SetContext(ctx)
6332			req.ApplyOptions(opts...)
6333			return req, nil
6334		},
6335	}
6336
6337	for p.Next() {
6338		if !fn(p.Page().(*GetGroupOutput), !p.HasNextPage()) {
6339			break
6340		}
6341	}
6342
6343	return p.Err()
6344}
6345
6346const opGetGroupPolicy = "GetGroupPolicy"
6347
6348// GetGroupPolicyRequest generates a "aws/request.Request" representing the
6349// client's request for the GetGroupPolicy operation. The "output" return
6350// value will be populated with the request's response once the request completes
6351// successfully.
6352//
6353// Use "Send" method on the returned Request to send the API call to the service.
6354// the "output" return value is not valid until after Send returns without error.
6355//
6356// See GetGroupPolicy for more information on using the GetGroupPolicy
6357// API call, and error handling.
6358//
6359// This method is useful when you want to inject custom logic or configuration
6360// into the SDK's request lifecycle. Such as custom headers, or retry logic.
6361//
6362//
6363//    // Example sending a request using the GetGroupPolicyRequest method.
6364//    req, resp := client.GetGroupPolicyRequest(params)
6365//
6366//    err := req.Send()
6367//    if err == nil { // resp is now filled
6368//        fmt.Println(resp)
6369//    }
6370//
6371// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetGroupPolicy
6372func (c *IAM) GetGroupPolicyRequest(input *GetGroupPolicyInput) (req *request.Request, output *GetGroupPolicyOutput) {
6373	op := &request.Operation{
6374		Name:       opGetGroupPolicy,
6375		HTTPMethod: "POST",
6376		HTTPPath:   "/",
6377	}
6378
6379	if input == nil {
6380		input = &GetGroupPolicyInput{}
6381	}
6382
6383	output = &GetGroupPolicyOutput{}
6384	req = c.newRequest(op, input, output)
6385	return
6386}
6387
6388// GetGroupPolicy API operation for AWS Identity and Access Management.
6389//
6390// Retrieves the specified inline policy document that is embedded in the specified
6391// IAM group.
6392//
6393// Policies returned by this operation are URL-encoded compliant with RFC 3986
6394// (https://tools.ietf.org/html/rfc3986). You can use a URL decoding method
6395// to convert the policy back to plain JSON text. For example, if you use Java,
6396// you can use the decode method of the java.net.URLDecoder utility class in
6397// the Java SDK. Other languages and SDKs provide similar functionality.
6398//
6399// An IAM group can also have managed policies attached to it. To retrieve a
6400// managed policy document that is attached to a group, use GetPolicy to determine
6401// the policy's default version, then use GetPolicyVersion to retrieve the policy
6402// document.
6403//
6404// For more information about policies, see Managed policies and inline policies
6405// (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
6406// in the IAM User Guide.
6407//
6408// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
6409// with awserr.Error's Code and Message methods to get detailed information about
6410// the error.
6411//
6412// See the AWS API reference guide for AWS Identity and Access Management's
6413// API operation GetGroupPolicy for usage and error information.
6414//
6415// Returned Error Codes:
6416//   * ErrCodeNoSuchEntityException "NoSuchEntity"
6417//   The request was rejected because it referenced a resource entity that does
6418//   not exist. The error message describes the resource.
6419//
6420//   * ErrCodeServiceFailureException "ServiceFailure"
6421//   The request processing has failed because of an unknown error, exception
6422//   or failure.
6423//
6424// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetGroupPolicy
6425func (c *IAM) GetGroupPolicy(input *GetGroupPolicyInput) (*GetGroupPolicyOutput, error) {
6426	req, out := c.GetGroupPolicyRequest(input)
6427	return out, req.Send()
6428}
6429
6430// GetGroupPolicyWithContext is the same as GetGroupPolicy with the addition of
6431// the ability to pass a context and additional request options.
6432//
6433// See GetGroupPolicy for details on how to use this API operation.
6434//
6435// The context must be non-nil and will be used for request cancellation. If
6436// the context is nil a panic will occur. In the future the SDK may create
6437// sub-contexts for http.Requests. See https://golang.org/pkg/context/
6438// for more information on using Contexts.
6439func (c *IAM) GetGroupPolicyWithContext(ctx aws.Context, input *GetGroupPolicyInput, opts ...request.Option) (*GetGroupPolicyOutput, error) {
6440	req, out := c.GetGroupPolicyRequest(input)
6441	req.SetContext(ctx)
6442	req.ApplyOptions(opts...)
6443	return out, req.Send()
6444}
6445
6446const opGetInstanceProfile = "GetInstanceProfile"
6447
6448// GetInstanceProfileRequest generates a "aws/request.Request" representing the
6449// client's request for the GetInstanceProfile operation. The "output" return
6450// value will be populated with the request's response once the request completes
6451// successfully.
6452//
6453// Use "Send" method on the returned Request to send the API call to the service.
6454// the "output" return value is not valid until after Send returns without error.
6455//
6456// See GetInstanceProfile for more information on using the GetInstanceProfile
6457// API call, and error handling.
6458//
6459// This method is useful when you want to inject custom logic or configuration
6460// into the SDK's request lifecycle. Such as custom headers, or retry logic.
6461//
6462//
6463//    // Example sending a request using the GetInstanceProfileRequest method.
6464//    req, resp := client.GetInstanceProfileRequest(params)
6465//
6466//    err := req.Send()
6467//    if err == nil { // resp is now filled
6468//        fmt.Println(resp)
6469//    }
6470//
6471// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetInstanceProfile
6472func (c *IAM) GetInstanceProfileRequest(input *GetInstanceProfileInput) (req *request.Request, output *GetInstanceProfileOutput) {
6473	op := &request.Operation{
6474		Name:       opGetInstanceProfile,
6475		HTTPMethod: "POST",
6476		HTTPPath:   "/",
6477	}
6478
6479	if input == nil {
6480		input = &GetInstanceProfileInput{}
6481	}
6482
6483	output = &GetInstanceProfileOutput{}
6484	req = c.newRequest(op, input, output)
6485	return
6486}
6487
6488// GetInstanceProfile API operation for AWS Identity and Access Management.
6489//
6490// Retrieves information about the specified instance profile, including the
6491// instance profile's path, GUID, ARN, and role. For more information about
6492// instance profiles, see About instance profiles (https://docs.aws.amazon.com/IAM/latest/UserGuide/AboutInstanceProfiles.html)
6493// in the IAM User Guide.
6494//
6495// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
6496// with awserr.Error's Code and Message methods to get detailed information about
6497// the error.
6498//
6499// See the AWS API reference guide for AWS Identity and Access Management's
6500// API operation GetInstanceProfile for usage and error information.
6501//
6502// Returned Error Codes:
6503//   * ErrCodeNoSuchEntityException "NoSuchEntity"
6504//   The request was rejected because it referenced a resource entity that does
6505//   not exist. The error message describes the resource.
6506//
6507//   * ErrCodeServiceFailureException "ServiceFailure"
6508//   The request processing has failed because of an unknown error, exception
6509//   or failure.
6510//
6511// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetInstanceProfile
6512func (c *IAM) GetInstanceProfile(input *GetInstanceProfileInput) (*GetInstanceProfileOutput, error) {
6513	req, out := c.GetInstanceProfileRequest(input)
6514	return out, req.Send()
6515}
6516
6517// GetInstanceProfileWithContext is the same as GetInstanceProfile with the addition of
6518// the ability to pass a context and additional request options.
6519//
6520// See GetInstanceProfile for details on how to use this API operation.
6521//
6522// The context must be non-nil and will be used for request cancellation. If
6523// the context is nil a panic will occur. In the future the SDK may create
6524// sub-contexts for http.Requests. See https://golang.org/pkg/context/
6525// for more information on using Contexts.
6526func (c *IAM) GetInstanceProfileWithContext(ctx aws.Context, input *GetInstanceProfileInput, opts ...request.Option) (*GetInstanceProfileOutput, error) {
6527	req, out := c.GetInstanceProfileRequest(input)
6528	req.SetContext(ctx)
6529	req.ApplyOptions(opts...)
6530	return out, req.Send()
6531}
6532
6533const opGetLoginProfile = "GetLoginProfile"
6534
6535// GetLoginProfileRequest generates a "aws/request.Request" representing the
6536// client's request for the GetLoginProfile operation. The "output" return
6537// value will be populated with the request's response once the request completes
6538// successfully.
6539//
6540// Use "Send" method on the returned Request to send the API call to the service.
6541// the "output" return value is not valid until after Send returns without error.
6542//
6543// See GetLoginProfile for more information on using the GetLoginProfile
6544// API call, and error handling.
6545//
6546// This method is useful when you want to inject custom logic or configuration
6547// into the SDK's request lifecycle. Such as custom headers, or retry logic.
6548//
6549//
6550//    // Example sending a request using the GetLoginProfileRequest method.
6551//    req, resp := client.GetLoginProfileRequest(params)
6552//
6553//    err := req.Send()
6554//    if err == nil { // resp is now filled
6555//        fmt.Println(resp)
6556//    }
6557//
6558// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetLoginProfile
6559func (c *IAM) GetLoginProfileRequest(input *GetLoginProfileInput) (req *request.Request, output *GetLoginProfileOutput) {
6560	op := &request.Operation{
6561		Name:       opGetLoginProfile,
6562		HTTPMethod: "POST",
6563		HTTPPath:   "/",
6564	}
6565
6566	if input == nil {
6567		input = &GetLoginProfileInput{}
6568	}
6569
6570	output = &GetLoginProfileOutput{}
6571	req = c.newRequest(op, input, output)
6572	return
6573}
6574
6575// GetLoginProfile API operation for AWS Identity and Access Management.
6576//
6577// Retrieves the user name for the specified IAM user. A login profile is created
6578// when you create a password for the user to access the Amazon Web Services
6579// Management Console. If the user does not exist or does not have a password,
6580// the operation returns a 404 (NoSuchEntity) error.
6581//
6582// If you create an IAM user with access to the console, the CreateDate reflects
6583// the date you created the initial password for the user.
6584//
6585// If you create an IAM user with programmatic access, and then later add a
6586// password for the user to access the Amazon Web Services Management Console,
6587// the CreateDate reflects the initial password creation date. A user with programmatic
6588// access does not have a login profile unless you create a password for the
6589// user to access the Amazon Web Services Management Console.
6590//
6591// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
6592// with awserr.Error's Code and Message methods to get detailed information about
6593// the error.
6594//
6595// See the AWS API reference guide for AWS Identity and Access Management's
6596// API operation GetLoginProfile for usage and error information.
6597//
6598// Returned Error Codes:
6599//   * ErrCodeNoSuchEntityException "NoSuchEntity"
6600//   The request was rejected because it referenced a resource entity that does
6601//   not exist. The error message describes the resource.
6602//
6603//   * ErrCodeServiceFailureException "ServiceFailure"
6604//   The request processing has failed because of an unknown error, exception
6605//   or failure.
6606//
6607// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetLoginProfile
6608func (c *IAM) GetLoginProfile(input *GetLoginProfileInput) (*GetLoginProfileOutput, error) {
6609	req, out := c.GetLoginProfileRequest(input)
6610	return out, req.Send()
6611}
6612
6613// GetLoginProfileWithContext is the same as GetLoginProfile with the addition of
6614// the ability to pass a context and additional request options.
6615//
6616// See GetLoginProfile for details on how to use this API operation.
6617//
6618// The context must be non-nil and will be used for request cancellation. If
6619// the context is nil a panic will occur. In the future the SDK may create
6620// sub-contexts for http.Requests. See https://golang.org/pkg/context/
6621// for more information on using Contexts.
6622func (c *IAM) GetLoginProfileWithContext(ctx aws.Context, input *GetLoginProfileInput, opts ...request.Option) (*GetLoginProfileOutput, error) {
6623	req, out := c.GetLoginProfileRequest(input)
6624	req.SetContext(ctx)
6625	req.ApplyOptions(opts...)
6626	return out, req.Send()
6627}
6628
6629const opGetOpenIDConnectProvider = "GetOpenIDConnectProvider"
6630
6631// GetOpenIDConnectProviderRequest generates a "aws/request.Request" representing the
6632// client's request for the GetOpenIDConnectProvider operation. The "output" return
6633// value will be populated with the request's response once the request completes
6634// successfully.
6635//
6636// Use "Send" method on the returned Request to send the API call to the service.
6637// the "output" return value is not valid until after Send returns without error.
6638//
6639// See GetOpenIDConnectProvider for more information on using the GetOpenIDConnectProvider
6640// API call, and error handling.
6641//
6642// This method is useful when you want to inject custom logic or configuration
6643// into the SDK's request lifecycle. Such as custom headers, or retry logic.
6644//
6645//
6646//    // Example sending a request using the GetOpenIDConnectProviderRequest method.
6647//    req, resp := client.GetOpenIDConnectProviderRequest(params)
6648//
6649//    err := req.Send()
6650//    if err == nil { // resp is now filled
6651//        fmt.Println(resp)
6652//    }
6653//
6654// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetOpenIDConnectProvider
6655func (c *IAM) GetOpenIDConnectProviderRequest(input *GetOpenIDConnectProviderInput) (req *request.Request, output *GetOpenIDConnectProviderOutput) {
6656	op := &request.Operation{
6657		Name:       opGetOpenIDConnectProvider,
6658		HTTPMethod: "POST",
6659		HTTPPath:   "/",
6660	}
6661
6662	if input == nil {
6663		input = &GetOpenIDConnectProviderInput{}
6664	}
6665
6666	output = &GetOpenIDConnectProviderOutput{}
6667	req = c.newRequest(op, input, output)
6668	return
6669}
6670
6671// GetOpenIDConnectProvider API operation for AWS Identity and Access Management.
6672//
6673// Returns information about the specified OpenID Connect (OIDC) provider resource
6674// object in IAM.
6675//
6676// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
6677// with awserr.Error's Code and Message methods to get detailed information about
6678// the error.
6679//
6680// See the AWS API reference guide for AWS Identity and Access Management's
6681// API operation GetOpenIDConnectProvider for usage and error information.
6682//
6683// Returned Error Codes:
6684//   * ErrCodeInvalidInputException "InvalidInput"
6685//   The request was rejected because an invalid or out-of-range value was supplied
6686//   for an input parameter.
6687//
6688//   * ErrCodeNoSuchEntityException "NoSuchEntity"
6689//   The request was rejected because it referenced a resource entity that does
6690//   not exist. The error message describes the resource.
6691//
6692//   * ErrCodeServiceFailureException "ServiceFailure"
6693//   The request processing has failed because of an unknown error, exception
6694//   or failure.
6695//
6696// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetOpenIDConnectProvider
6697func (c *IAM) GetOpenIDConnectProvider(input *GetOpenIDConnectProviderInput) (*GetOpenIDConnectProviderOutput, error) {
6698	req, out := c.GetOpenIDConnectProviderRequest(input)
6699	return out, req.Send()
6700}
6701
6702// GetOpenIDConnectProviderWithContext is the same as GetOpenIDConnectProvider with the addition of
6703// the ability to pass a context and additional request options.
6704//
6705// See GetOpenIDConnectProvider for details on how to use this API operation.
6706//
6707// The context must be non-nil and will be used for request cancellation. If
6708// the context is nil a panic will occur. In the future the SDK may create
6709// sub-contexts for http.Requests. See https://golang.org/pkg/context/
6710// for more information on using Contexts.
6711func (c *IAM) GetOpenIDConnectProviderWithContext(ctx aws.Context, input *GetOpenIDConnectProviderInput, opts ...request.Option) (*GetOpenIDConnectProviderOutput, error) {
6712	req, out := c.GetOpenIDConnectProviderRequest(input)
6713	req.SetContext(ctx)
6714	req.ApplyOptions(opts...)
6715	return out, req.Send()
6716}
6717
6718const opGetOrganizationsAccessReport = "GetOrganizationsAccessReport"
6719
6720// GetOrganizationsAccessReportRequest generates a "aws/request.Request" representing the
6721// client's request for the GetOrganizationsAccessReport operation. The "output" return
6722// value will be populated with the request's response once the request completes
6723// successfully.
6724//
6725// Use "Send" method on the returned Request to send the API call to the service.
6726// the "output" return value is not valid until after Send returns without error.
6727//
6728// See GetOrganizationsAccessReport for more information on using the GetOrganizationsAccessReport
6729// API call, and error handling.
6730//
6731// This method is useful when you want to inject custom logic or configuration
6732// into the SDK's request lifecycle. Such as custom headers, or retry logic.
6733//
6734//
6735//    // Example sending a request using the GetOrganizationsAccessReportRequest method.
6736//    req, resp := client.GetOrganizationsAccessReportRequest(params)
6737//
6738//    err := req.Send()
6739//    if err == nil { // resp is now filled
6740//        fmt.Println(resp)
6741//    }
6742//
6743// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetOrganizationsAccessReport
6744func (c *IAM) GetOrganizationsAccessReportRequest(input *GetOrganizationsAccessReportInput) (req *request.Request, output *GetOrganizationsAccessReportOutput) {
6745	op := &request.Operation{
6746		Name:       opGetOrganizationsAccessReport,
6747		HTTPMethod: "POST",
6748		HTTPPath:   "/",
6749	}
6750
6751	if input == nil {
6752		input = &GetOrganizationsAccessReportInput{}
6753	}
6754
6755	output = &GetOrganizationsAccessReportOutput{}
6756	req = c.newRequest(op, input, output)
6757	return
6758}
6759
6760// GetOrganizationsAccessReport API operation for AWS Identity and Access Management.
6761//
6762// Retrieves the service last accessed data report for Organizations that was
6763// previously generated using the GenerateOrganizationsAccessReport operation.
6764// This operation retrieves the status of your report job and the report contents.
6765//
6766// Depending on the parameters that you passed when you generated the report,
6767// the data returned could include different information. For details, see GenerateOrganizationsAccessReport.
6768//
6769// To call this operation, you must be signed in to the management account in
6770// your organization. SCPs must be enabled for your organization root. You must
6771// have permissions to perform this operation. For more information, see Refining
6772// permissions using service last accessed data (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html)
6773// in the IAM User Guide.
6774//
6775// For each service that principals in an account (root users, IAM users, or
6776// IAM roles) could access using SCPs, the operation returns details about the
6777// most recent access attempt. If there was no attempt, the service is listed
6778// without details about the most recent attempt to access the service. If the
6779// operation fails, it returns the reason that it failed.
6780//
6781// By default, the list is sorted by service namespace.
6782//
6783// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
6784// with awserr.Error's Code and Message methods to get detailed information about
6785// the error.
6786//
6787// See the AWS API reference guide for AWS Identity and Access Management's
6788// API operation GetOrganizationsAccessReport for usage and error information.
6789//
6790// Returned Error Codes:
6791//   * ErrCodeNoSuchEntityException "NoSuchEntity"
6792//   The request was rejected because it referenced a resource entity that does
6793//   not exist. The error message describes the resource.
6794//
6795// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetOrganizationsAccessReport
6796func (c *IAM) GetOrganizationsAccessReport(input *GetOrganizationsAccessReportInput) (*GetOrganizationsAccessReportOutput, error) {
6797	req, out := c.GetOrganizationsAccessReportRequest(input)
6798	return out, req.Send()
6799}
6800
6801// GetOrganizationsAccessReportWithContext is the same as GetOrganizationsAccessReport with the addition of
6802// the ability to pass a context and additional request options.
6803//
6804// See GetOrganizationsAccessReport for details on how to use this API operation.
6805//
6806// The context must be non-nil and will be used for request cancellation. If
6807// the context is nil a panic will occur. In the future the SDK may create
6808// sub-contexts for http.Requests. See https://golang.org/pkg/context/
6809// for more information on using Contexts.
6810func (c *IAM) GetOrganizationsAccessReportWithContext(ctx aws.Context, input *GetOrganizationsAccessReportInput, opts ...request.Option) (*GetOrganizationsAccessReportOutput, error) {
6811	req, out := c.GetOrganizationsAccessReportRequest(input)
6812	req.SetContext(ctx)
6813	req.ApplyOptions(opts...)
6814	return out, req.Send()
6815}
6816
6817const opGetPolicy = "GetPolicy"
6818
6819// GetPolicyRequest generates a "aws/request.Request" representing the
6820// client's request for the GetPolicy operation. The "output" return
6821// value will be populated with the request's response once the request completes
6822// successfully.
6823//
6824// Use "Send" method on the returned Request to send the API call to the service.
6825// the "output" return value is not valid until after Send returns without error.
6826//
6827// See GetPolicy for more information on using the GetPolicy
6828// API call, and error handling.
6829//
6830// This method is useful when you want to inject custom logic or configuration
6831// into the SDK's request lifecycle. Such as custom headers, or retry logic.
6832//
6833//
6834//    // Example sending a request using the GetPolicyRequest method.
6835//    req, resp := client.GetPolicyRequest(params)
6836//
6837//    err := req.Send()
6838//    if err == nil { // resp is now filled
6839//        fmt.Println(resp)
6840//    }
6841//
6842// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetPolicy
6843func (c *IAM) GetPolicyRequest(input *GetPolicyInput) (req *request.Request, output *GetPolicyOutput) {
6844	op := &request.Operation{
6845		Name:       opGetPolicy,
6846		HTTPMethod: "POST",
6847		HTTPPath:   "/",
6848	}
6849
6850	if input == nil {
6851		input = &GetPolicyInput{}
6852	}
6853
6854	output = &GetPolicyOutput{}
6855	req = c.newRequest(op, input, output)
6856	return
6857}
6858
6859// GetPolicy API operation for AWS Identity and Access Management.
6860//
6861// Retrieves information about the specified managed policy, including the policy's
6862// default version and the total number of IAM users, groups, and roles to which
6863// the policy is attached. To retrieve the list of the specific users, groups,
6864// and roles that the policy is attached to, use ListEntitiesForPolicy. This
6865// operation returns metadata about the policy. To retrieve the actual policy
6866// document for a specific version of the policy, use GetPolicyVersion.
6867//
6868// This operation retrieves information about managed policies. To retrieve
6869// information about an inline policy that is embedded with an IAM user, group,
6870// or role, use GetUserPolicy, GetGroupPolicy, or GetRolePolicy.
6871//
6872// For more information about policies, see Managed policies and inline policies
6873// (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
6874// in the IAM User Guide.
6875//
6876// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
6877// with awserr.Error's Code and Message methods to get detailed information about
6878// the error.
6879//
6880// See the AWS API reference guide for AWS Identity and Access Management's
6881// API operation GetPolicy for usage and error information.
6882//
6883// Returned Error Codes:
6884//   * ErrCodeNoSuchEntityException "NoSuchEntity"
6885//   The request was rejected because it referenced a resource entity that does
6886//   not exist. The error message describes the resource.
6887//
6888//   * ErrCodeInvalidInputException "InvalidInput"
6889//   The request was rejected because an invalid or out-of-range value was supplied
6890//   for an input parameter.
6891//
6892//   * ErrCodeServiceFailureException "ServiceFailure"
6893//   The request processing has failed because of an unknown error, exception
6894//   or failure.
6895//
6896// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetPolicy
6897func (c *IAM) GetPolicy(input *GetPolicyInput) (*GetPolicyOutput, error) {
6898	req, out := c.GetPolicyRequest(input)
6899	return out, req.Send()
6900}
6901
6902// GetPolicyWithContext is the same as GetPolicy with the addition of
6903// the ability to pass a context and additional request options.
6904//
6905// See GetPolicy for details on how to use this API operation.
6906//
6907// The context must be non-nil and will be used for request cancellation. If
6908// the context is nil a panic will occur. In the future the SDK may create
6909// sub-contexts for http.Requests. See https://golang.org/pkg/context/
6910// for more information on using Contexts.
6911func (c *IAM) GetPolicyWithContext(ctx aws.Context, input *GetPolicyInput, opts ...request.Option) (*GetPolicyOutput, error) {
6912	req, out := c.GetPolicyRequest(input)
6913	req.SetContext(ctx)
6914	req.ApplyOptions(opts...)
6915	return out, req.Send()
6916}
6917
6918const opGetPolicyVersion = "GetPolicyVersion"
6919
6920// GetPolicyVersionRequest generates a "aws/request.Request" representing the
6921// client's request for the GetPolicyVersion operation. The "output" return
6922// value will be populated with the request's response once the request completes
6923// successfully.
6924//
6925// Use "Send" method on the returned Request to send the API call to the service.
6926// the "output" return value is not valid until after Send returns without error.
6927//
6928// See GetPolicyVersion for more information on using the GetPolicyVersion
6929// API call, and error handling.
6930//
6931// This method is useful when you want to inject custom logic or configuration
6932// into the SDK's request lifecycle. Such as custom headers, or retry logic.
6933//
6934//
6935//    // Example sending a request using the GetPolicyVersionRequest method.
6936//    req, resp := client.GetPolicyVersionRequest(params)
6937//
6938//    err := req.Send()
6939//    if err == nil { // resp is now filled
6940//        fmt.Println(resp)
6941//    }
6942//
6943// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetPolicyVersion
6944func (c *IAM) GetPolicyVersionRequest(input *GetPolicyVersionInput) (req *request.Request, output *GetPolicyVersionOutput) {
6945	op := &request.Operation{
6946		Name:       opGetPolicyVersion,
6947		HTTPMethod: "POST",
6948		HTTPPath:   "/",
6949	}
6950
6951	if input == nil {
6952		input = &GetPolicyVersionInput{}
6953	}
6954
6955	output = &GetPolicyVersionOutput{}
6956	req = c.newRequest(op, input, output)
6957	return
6958}
6959
6960// GetPolicyVersion API operation for AWS Identity and Access Management.
6961//
6962// Retrieves information about the specified version of the specified managed
6963// policy, including the policy document.
6964//
6965// Policies returned by this operation are URL-encoded compliant with RFC 3986
6966// (https://tools.ietf.org/html/rfc3986). You can use a URL decoding method
6967// to convert the policy back to plain JSON text. For example, if you use Java,
6968// you can use the decode method of the java.net.URLDecoder utility class in
6969// the Java SDK. Other languages and SDKs provide similar functionality.
6970//
6971// To list the available versions for a policy, use ListPolicyVersions.
6972//
6973// This operation retrieves information about managed policies. To retrieve
6974// information about an inline policy that is embedded in a user, group, or
6975// role, use GetUserPolicy, GetGroupPolicy, or GetRolePolicy.
6976//
6977// For more information about the types of policies, see Managed policies and
6978// inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
6979// in the IAM User Guide.
6980//
6981// For more information about managed policy versions, see Versioning for managed
6982// policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-versions.html)
6983// in the IAM User Guide.
6984//
6985// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
6986// with awserr.Error's Code and Message methods to get detailed information about
6987// the error.
6988//
6989// See the AWS API reference guide for AWS Identity and Access Management's
6990// API operation GetPolicyVersion for usage and error information.
6991//
6992// Returned Error Codes:
6993//   * ErrCodeNoSuchEntityException "NoSuchEntity"
6994//   The request was rejected because it referenced a resource entity that does
6995//   not exist. The error message describes the resource.
6996//
6997//   * ErrCodeInvalidInputException "InvalidInput"
6998//   The request was rejected because an invalid or out-of-range value was supplied
6999//   for an input parameter.
7000//
7001//   * ErrCodeServiceFailureException "ServiceFailure"
7002//   The request processing has failed because of an unknown error, exception
7003//   or failure.
7004//
7005// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetPolicyVersion
7006func (c *IAM) GetPolicyVersion(input *GetPolicyVersionInput) (*GetPolicyVersionOutput, error) {
7007	req, out := c.GetPolicyVersionRequest(input)
7008	return out, req.Send()
7009}
7010
7011// GetPolicyVersionWithContext is the same as GetPolicyVersion with the addition of
7012// the ability to pass a context and additional request options.
7013//
7014// See GetPolicyVersion for details on how to use this API operation.
7015//
7016// The context must be non-nil and will be used for request cancellation. If
7017// the context is nil a panic will occur. In the future the SDK may create
7018// sub-contexts for http.Requests. See https://golang.org/pkg/context/
7019// for more information on using Contexts.
7020func (c *IAM) GetPolicyVersionWithContext(ctx aws.Context, input *GetPolicyVersionInput, opts ...request.Option) (*GetPolicyVersionOutput, error) {
7021	req, out := c.GetPolicyVersionRequest(input)
7022	req.SetContext(ctx)
7023	req.ApplyOptions(opts...)
7024	return out, req.Send()
7025}
7026
7027const opGetRole = "GetRole"
7028
7029// GetRoleRequest generates a "aws/request.Request" representing the
7030// client's request for the GetRole operation. The "output" return
7031// value will be populated with the request's response once the request completes
7032// successfully.
7033//
7034// Use "Send" method on the returned Request to send the API call to the service.
7035// the "output" return value is not valid until after Send returns without error.
7036//
7037// See GetRole for more information on using the GetRole
7038// API call, and error handling.
7039//
7040// This method is useful when you want to inject custom logic or configuration
7041// into the SDK's request lifecycle. Such as custom headers, or retry logic.
7042//
7043//
7044//    // Example sending a request using the GetRoleRequest method.
7045//    req, resp := client.GetRoleRequest(params)
7046//
7047//    err := req.Send()
7048//    if err == nil { // resp is now filled
7049//        fmt.Println(resp)
7050//    }
7051//
7052// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetRole
7053func (c *IAM) GetRoleRequest(input *GetRoleInput) (req *request.Request, output *GetRoleOutput) {
7054	op := &request.Operation{
7055		Name:       opGetRole,
7056		HTTPMethod: "POST",
7057		HTTPPath:   "/",
7058	}
7059
7060	if input == nil {
7061		input = &GetRoleInput{}
7062	}
7063
7064	output = &GetRoleOutput{}
7065	req = c.newRequest(op, input, output)
7066	return
7067}
7068
7069// GetRole API operation for AWS Identity and Access Management.
7070//
7071// Retrieves information about the specified role, including the role's path,
7072// GUID, ARN, and the role's trust policy that grants permission to assume the
7073// role. For more information about roles, see Working with roles (https://docs.aws.amazon.com/IAM/latest/UserGuide/WorkingWithRoles.html).
7074//
7075// Policies returned by this operation are URL-encoded compliant with RFC 3986
7076// (https://tools.ietf.org/html/rfc3986). You can use a URL decoding method
7077// to convert the policy back to plain JSON text. For example, if you use Java,
7078// you can use the decode method of the java.net.URLDecoder utility class in
7079// the Java SDK. Other languages and SDKs provide similar functionality.
7080//
7081// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
7082// with awserr.Error's Code and Message methods to get detailed information about
7083// the error.
7084//
7085// See the AWS API reference guide for AWS Identity and Access Management's
7086// API operation GetRole for usage and error information.
7087//
7088// Returned Error Codes:
7089//   * ErrCodeNoSuchEntityException "NoSuchEntity"
7090//   The request was rejected because it referenced a resource entity that does
7091//   not exist. The error message describes the resource.
7092//
7093//   * ErrCodeServiceFailureException "ServiceFailure"
7094//   The request processing has failed because of an unknown error, exception
7095//   or failure.
7096//
7097// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetRole
7098func (c *IAM) GetRole(input *GetRoleInput) (*GetRoleOutput, error) {
7099	req, out := c.GetRoleRequest(input)
7100	return out, req.Send()
7101}
7102
7103// GetRoleWithContext is the same as GetRole with the addition of
7104// the ability to pass a context and additional request options.
7105//
7106// See GetRole for details on how to use this API operation.
7107//
7108// The context must be non-nil and will be used for request cancellation. If
7109// the context is nil a panic will occur. In the future the SDK may create
7110// sub-contexts for http.Requests. See https://golang.org/pkg/context/
7111// for more information on using Contexts.
7112func (c *IAM) GetRoleWithContext(ctx aws.Context, input *GetRoleInput, opts ...request.Option) (*GetRoleOutput, error) {
7113	req, out := c.GetRoleRequest(input)
7114	req.SetContext(ctx)
7115	req.ApplyOptions(opts...)
7116	return out, req.Send()
7117}
7118
7119const opGetRolePolicy = "GetRolePolicy"
7120
7121// GetRolePolicyRequest generates a "aws/request.Request" representing the
7122// client's request for the GetRolePolicy operation. The "output" return
7123// value will be populated with the request's response once the request completes
7124// successfully.
7125//
7126// Use "Send" method on the returned Request to send the API call to the service.
7127// the "output" return value is not valid until after Send returns without error.
7128//
7129// See GetRolePolicy for more information on using the GetRolePolicy
7130// API call, and error handling.
7131//
7132// This method is useful when you want to inject custom logic or configuration
7133// into the SDK's request lifecycle. Such as custom headers, or retry logic.
7134//
7135//
7136//    // Example sending a request using the GetRolePolicyRequest method.
7137//    req, resp := client.GetRolePolicyRequest(params)
7138//
7139//    err := req.Send()
7140//    if err == nil { // resp is now filled
7141//        fmt.Println(resp)
7142//    }
7143//
7144// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetRolePolicy
7145func (c *IAM) GetRolePolicyRequest(input *GetRolePolicyInput) (req *request.Request, output *GetRolePolicyOutput) {
7146	op := &request.Operation{
7147		Name:       opGetRolePolicy,
7148		HTTPMethod: "POST",
7149		HTTPPath:   "/",
7150	}
7151
7152	if input == nil {
7153		input = &GetRolePolicyInput{}
7154	}
7155
7156	output = &GetRolePolicyOutput{}
7157	req = c.newRequest(op, input, output)
7158	return
7159}
7160
7161// GetRolePolicy API operation for AWS Identity and Access Management.
7162//
7163// Retrieves the specified inline policy document that is embedded with the
7164// specified IAM role.
7165//
7166// Policies returned by this operation are URL-encoded compliant with RFC 3986
7167// (https://tools.ietf.org/html/rfc3986). You can use a URL decoding method
7168// to convert the policy back to plain JSON text. For example, if you use Java,
7169// you can use the decode method of the java.net.URLDecoder utility class in
7170// the Java SDK. Other languages and SDKs provide similar functionality.
7171//
7172// An IAM role can also have managed policies attached to it. To retrieve a
7173// managed policy document that is attached to a role, use GetPolicy to determine
7174// the policy's default version, then use GetPolicyVersion to retrieve the policy
7175// document.
7176//
7177// For more information about policies, see Managed policies and inline policies
7178// (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
7179// in the IAM User Guide.
7180//
7181// For more information about roles, see Using roles to delegate permissions
7182// and federate identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/roles-toplevel.html).
7183//
7184// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
7185// with awserr.Error's Code and Message methods to get detailed information about
7186// the error.
7187//
7188// See the AWS API reference guide for AWS Identity and Access Management's
7189// API operation GetRolePolicy for usage and error information.
7190//
7191// Returned Error Codes:
7192//   * ErrCodeNoSuchEntityException "NoSuchEntity"
7193//   The request was rejected because it referenced a resource entity that does
7194//   not exist. The error message describes the resource.
7195//
7196//   * ErrCodeServiceFailureException "ServiceFailure"
7197//   The request processing has failed because of an unknown error, exception
7198//   or failure.
7199//
7200// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetRolePolicy
7201func (c *IAM) GetRolePolicy(input *GetRolePolicyInput) (*GetRolePolicyOutput, error) {
7202	req, out := c.GetRolePolicyRequest(input)
7203	return out, req.Send()
7204}
7205
7206// GetRolePolicyWithContext is the same as GetRolePolicy with the addition of
7207// the ability to pass a context and additional request options.
7208//
7209// See GetRolePolicy for details on how to use this API operation.
7210//
7211// The context must be non-nil and will be used for request cancellation. If
7212// the context is nil a panic will occur. In the future the SDK may create
7213// sub-contexts for http.Requests. See https://golang.org/pkg/context/
7214// for more information on using Contexts.
7215func (c *IAM) GetRolePolicyWithContext(ctx aws.Context, input *GetRolePolicyInput, opts ...request.Option) (*GetRolePolicyOutput, error) {
7216	req, out := c.GetRolePolicyRequest(input)
7217	req.SetContext(ctx)
7218	req.ApplyOptions(opts...)
7219	return out, req.Send()
7220}
7221
7222const opGetSAMLProvider = "GetSAMLProvider"
7223
7224// GetSAMLProviderRequest generates a "aws/request.Request" representing the
7225// client's request for the GetSAMLProvider operation. The "output" return
7226// value will be populated with the request's response once the request completes
7227// successfully.
7228//
7229// Use "Send" method on the returned Request to send the API call to the service.
7230// the "output" return value is not valid until after Send returns without error.
7231//
7232// See GetSAMLProvider for more information on using the GetSAMLProvider
7233// API call, and error handling.
7234//
7235// This method is useful when you want to inject custom logic or configuration
7236// into the SDK's request lifecycle. Such as custom headers, or retry logic.
7237//
7238//
7239//    // Example sending a request using the GetSAMLProviderRequest method.
7240//    req, resp := client.GetSAMLProviderRequest(params)
7241//
7242//    err := req.Send()
7243//    if err == nil { // resp is now filled
7244//        fmt.Println(resp)
7245//    }
7246//
7247// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetSAMLProvider
7248func (c *IAM) GetSAMLProviderRequest(input *GetSAMLProviderInput) (req *request.Request, output *GetSAMLProviderOutput) {
7249	op := &request.Operation{
7250		Name:       opGetSAMLProvider,
7251		HTTPMethod: "POST",
7252		HTTPPath:   "/",
7253	}
7254
7255	if input == nil {
7256		input = &GetSAMLProviderInput{}
7257	}
7258
7259	output = &GetSAMLProviderOutput{}
7260	req = c.newRequest(op, input, output)
7261	return
7262}
7263
7264// GetSAMLProvider API operation for AWS Identity and Access Management.
7265//
7266// Returns the SAML provider metadocument that was uploaded when the IAM SAML
7267// provider resource object was created or updated.
7268//
7269// This operation requires Signature Version 4 (https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html).
7270//
7271// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
7272// with awserr.Error's Code and Message methods to get detailed information about
7273// the error.
7274//
7275// See the AWS API reference guide for AWS Identity and Access Management's
7276// API operation GetSAMLProvider for usage and error information.
7277//
7278// Returned Error Codes:
7279//   * ErrCodeNoSuchEntityException "NoSuchEntity"
7280//   The request was rejected because it referenced a resource entity that does
7281//   not exist. The error message describes the resource.
7282//
7283//   * ErrCodeInvalidInputException "InvalidInput"
7284//   The request was rejected because an invalid or out-of-range value was supplied
7285//   for an input parameter.
7286//
7287//   * ErrCodeServiceFailureException "ServiceFailure"
7288//   The request processing has failed because of an unknown error, exception
7289//   or failure.
7290//
7291// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetSAMLProvider
7292func (c *IAM) GetSAMLProvider(input *GetSAMLProviderInput) (*GetSAMLProviderOutput, error) {
7293	req, out := c.GetSAMLProviderRequest(input)
7294	return out, req.Send()
7295}
7296
7297// GetSAMLProviderWithContext is the same as GetSAMLProvider with the addition of
7298// the ability to pass a context and additional request options.
7299//
7300// See GetSAMLProvider for details on how to use this API operation.
7301//
7302// The context must be non-nil and will be used for request cancellation. If
7303// the context is nil a panic will occur. In the future the SDK may create
7304// sub-contexts for http.Requests. See https://golang.org/pkg/context/
7305// for more information on using Contexts.
7306func (c *IAM) GetSAMLProviderWithContext(ctx aws.Context, input *GetSAMLProviderInput, opts ...request.Option) (*GetSAMLProviderOutput, error) {
7307	req, out := c.GetSAMLProviderRequest(input)
7308	req.SetContext(ctx)
7309	req.ApplyOptions(opts...)
7310	return out, req.Send()
7311}
7312
7313const opGetSSHPublicKey = "GetSSHPublicKey"
7314
7315// GetSSHPublicKeyRequest generates a "aws/request.Request" representing the
7316// client's request for the GetSSHPublicKey operation. The "output" return
7317// value will be populated with the request's response once the request completes
7318// successfully.
7319//
7320// Use "Send" method on the returned Request to send the API call to the service.
7321// the "output" return value is not valid until after Send returns without error.
7322//
7323// See GetSSHPublicKey for more information on using the GetSSHPublicKey
7324// API call, and error handling.
7325//
7326// This method is useful when you want to inject custom logic or configuration
7327// into the SDK's request lifecycle. Such as custom headers, or retry logic.
7328//
7329//
7330//    // Example sending a request using the GetSSHPublicKeyRequest method.
7331//    req, resp := client.GetSSHPublicKeyRequest(params)
7332//
7333//    err := req.Send()
7334//    if err == nil { // resp is now filled
7335//        fmt.Println(resp)
7336//    }
7337//
7338// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetSSHPublicKey
7339func (c *IAM) GetSSHPublicKeyRequest(input *GetSSHPublicKeyInput) (req *request.Request, output *GetSSHPublicKeyOutput) {
7340	op := &request.Operation{
7341		Name:       opGetSSHPublicKey,
7342		HTTPMethod: "POST",
7343		HTTPPath:   "/",
7344	}
7345
7346	if input == nil {
7347		input = &GetSSHPublicKeyInput{}
7348	}
7349
7350	output = &GetSSHPublicKeyOutput{}
7351	req = c.newRequest(op, input, output)
7352	return
7353}
7354
7355// GetSSHPublicKey API operation for AWS Identity and Access Management.
7356//
7357// Retrieves the specified SSH public key, including metadata about the key.
7358//
7359// The SSH public key retrieved by this operation is used only for authenticating
7360// the associated IAM user to an CodeCommit repository. For more information
7361// about using SSH keys to authenticate to an CodeCommit repository, see Set
7362// up CodeCommit for SSH connections (https://docs.aws.amazon.com/codecommit/latest/userguide/setting-up-credentials-ssh.html)
7363// in the CodeCommit User Guide.
7364//
7365// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
7366// with awserr.Error's Code and Message methods to get detailed information about
7367// the error.
7368//
7369// See the AWS API reference guide for AWS Identity and Access Management's
7370// API operation GetSSHPublicKey for usage and error information.
7371//
7372// Returned Error Codes:
7373//   * ErrCodeNoSuchEntityException "NoSuchEntity"
7374//   The request was rejected because it referenced a resource entity that does
7375//   not exist. The error message describes the resource.
7376//
7377//   * ErrCodeUnrecognizedPublicKeyEncodingException "UnrecognizedPublicKeyEncoding"
7378//   The request was rejected because the public key encoding format is unsupported
7379//   or unrecognized.
7380//
7381// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetSSHPublicKey
7382func (c *IAM) GetSSHPublicKey(input *GetSSHPublicKeyInput) (*GetSSHPublicKeyOutput, error) {
7383	req, out := c.GetSSHPublicKeyRequest(input)
7384	return out, req.Send()
7385}
7386
7387// GetSSHPublicKeyWithContext is the same as GetSSHPublicKey with the addition of
7388// the ability to pass a context and additional request options.
7389//
7390// See GetSSHPublicKey for details on how to use this API operation.
7391//
7392// The context must be non-nil and will be used for request cancellation. If
7393// the context is nil a panic will occur. In the future the SDK may create
7394// sub-contexts for http.Requests. See https://golang.org/pkg/context/
7395// for more information on using Contexts.
7396func (c *IAM) GetSSHPublicKeyWithContext(ctx aws.Context, input *GetSSHPublicKeyInput, opts ...request.Option) (*GetSSHPublicKeyOutput, error) {
7397	req, out := c.GetSSHPublicKeyRequest(input)
7398	req.SetContext(ctx)
7399	req.ApplyOptions(opts...)
7400	return out, req.Send()
7401}
7402
7403const opGetServerCertificate = "GetServerCertificate"
7404
7405// GetServerCertificateRequest generates a "aws/request.Request" representing the
7406// client's request for the GetServerCertificate operation. The "output" return
7407// value will be populated with the request's response once the request completes
7408// successfully.
7409//
7410// Use "Send" method on the returned Request to send the API call to the service.
7411// the "output" return value is not valid until after Send returns without error.
7412//
7413// See GetServerCertificate for more information on using the GetServerCertificate
7414// API call, and error handling.
7415//
7416// This method is useful when you want to inject custom logic or configuration
7417// into the SDK's request lifecycle. Such as custom headers, or retry logic.
7418//
7419//
7420//    // Example sending a request using the GetServerCertificateRequest method.
7421//    req, resp := client.GetServerCertificateRequest(params)
7422//
7423//    err := req.Send()
7424//    if err == nil { // resp is now filled
7425//        fmt.Println(resp)
7426//    }
7427//
7428// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetServerCertificate
7429func (c *IAM) GetServerCertificateRequest(input *GetServerCertificateInput) (req *request.Request, output *GetServerCertificateOutput) {
7430	op := &request.Operation{
7431		Name:       opGetServerCertificate,
7432		HTTPMethod: "POST",
7433		HTTPPath:   "/",
7434	}
7435
7436	if input == nil {
7437		input = &GetServerCertificateInput{}
7438	}
7439
7440	output = &GetServerCertificateOutput{}
7441	req = c.newRequest(op, input, output)
7442	return
7443}
7444
7445// GetServerCertificate API operation for AWS Identity and Access Management.
7446//
7447// Retrieves information about the specified server certificate stored in IAM.
7448//
7449// For more information about working with server certificates, see Working
7450// with server certificates (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_server-certs.html)
7451// in the IAM User Guide. This topic includes a list of Amazon Web Services
7452// services that can use the server certificates that you manage with IAM.
7453//
7454// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
7455// with awserr.Error's Code and Message methods to get detailed information about
7456// the error.
7457//
7458// See the AWS API reference guide for AWS Identity and Access Management's
7459// API operation GetServerCertificate for usage and error information.
7460//
7461// Returned Error Codes:
7462//   * ErrCodeNoSuchEntityException "NoSuchEntity"
7463//   The request was rejected because it referenced a resource entity that does
7464//   not exist. The error message describes the resource.
7465//
7466//   * ErrCodeServiceFailureException "ServiceFailure"
7467//   The request processing has failed because of an unknown error, exception
7468//   or failure.
7469//
7470// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetServerCertificate
7471func (c *IAM) GetServerCertificate(input *GetServerCertificateInput) (*GetServerCertificateOutput, error) {
7472	req, out := c.GetServerCertificateRequest(input)
7473	return out, req.Send()
7474}
7475
7476// GetServerCertificateWithContext is the same as GetServerCertificate with the addition of
7477// the ability to pass a context and additional request options.
7478//
7479// See GetServerCertificate for details on how to use this API operation.
7480//
7481// The context must be non-nil and will be used for request cancellation. If
7482// the context is nil a panic will occur. In the future the SDK may create
7483// sub-contexts for http.Requests. See https://golang.org/pkg/context/
7484// for more information on using Contexts.
7485func (c *IAM) GetServerCertificateWithContext(ctx aws.Context, input *GetServerCertificateInput, opts ...request.Option) (*GetServerCertificateOutput, error) {
7486	req, out := c.GetServerCertificateRequest(input)
7487	req.SetContext(ctx)
7488	req.ApplyOptions(opts...)
7489	return out, req.Send()
7490}
7491
7492const opGetServiceLastAccessedDetails = "GetServiceLastAccessedDetails"
7493
7494// GetServiceLastAccessedDetailsRequest generates a "aws/request.Request" representing the
7495// client's request for the GetServiceLastAccessedDetails operation. The "output" return
7496// value will be populated with the request's response once the request completes
7497// successfully.
7498//
7499// Use "Send" method on the returned Request to send the API call to the service.
7500// the "output" return value is not valid until after Send returns without error.
7501//
7502// See GetServiceLastAccessedDetails for more information on using the GetServiceLastAccessedDetails
7503// API call, and error handling.
7504//
7505// This method is useful when you want to inject custom logic or configuration
7506// into the SDK's request lifecycle. Such as custom headers, or retry logic.
7507//
7508//
7509//    // Example sending a request using the GetServiceLastAccessedDetailsRequest method.
7510//    req, resp := client.GetServiceLastAccessedDetailsRequest(params)
7511//
7512//    err := req.Send()
7513//    if err == nil { // resp is now filled
7514//        fmt.Println(resp)
7515//    }
7516//
7517// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetServiceLastAccessedDetails
7518func (c *IAM) GetServiceLastAccessedDetailsRequest(input *GetServiceLastAccessedDetailsInput) (req *request.Request, output *GetServiceLastAccessedDetailsOutput) {
7519	op := &request.Operation{
7520		Name:       opGetServiceLastAccessedDetails,
7521		HTTPMethod: "POST",
7522		HTTPPath:   "/",
7523	}
7524
7525	if input == nil {
7526		input = &GetServiceLastAccessedDetailsInput{}
7527	}
7528
7529	output = &GetServiceLastAccessedDetailsOutput{}
7530	req = c.newRequest(op, input, output)
7531	return
7532}
7533
7534// GetServiceLastAccessedDetails API operation for AWS Identity and Access Management.
7535//
7536// Retrieves a service last accessed report that was created using the GenerateServiceLastAccessedDetails
7537// operation. You can use the JobId parameter in GetServiceLastAccessedDetails
7538// to retrieve the status of your report job. When the report is complete, you
7539// can retrieve the generated report. The report includes a list of Amazon Web
7540// Services services that the resource (user, group, role, or managed policy)
7541// can access.
7542//
7543// Service last accessed data does not use other policy types when determining
7544// whether a resource could access a service. These other policy types include
7545// resource-based policies, access control lists, Organizations policies, IAM
7546// permissions boundaries, and STS assume role policies. It only applies permissions
7547// policy logic. For more about the evaluation of policy types, see Evaluating
7548// policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluation-logic.html#policy-eval-basics)
7549// in the IAM User Guide.
7550//
7551// For each service that the resource could access using permissions policies,
7552// the operation returns details about the most recent access attempt. If there
7553// was no attempt, the service is listed without details about the most recent
7554// attempt to access the service. If the operation fails, the GetServiceLastAccessedDetails
7555// operation returns the reason that it failed.
7556//
7557// The GetServiceLastAccessedDetails operation returns a list of services. This
7558// list includes the number of entities that have attempted to access the service
7559// and the date and time of the last attempt. It also returns the ARN of the
7560// following entity, depending on the resource ARN that you used to generate
7561// the report:
7562//
7563//    * User – Returns the user ARN that you used to generate the report
7564//
7565//    * Group – Returns the ARN of the group member (user) that last attempted
7566//    to access the service
7567//
7568//    * Role – Returns the role ARN that you used to generate the report
7569//
7570//    * Policy – Returns the ARN of the user or role that last used the policy
7571//    to attempt to access the service
7572//
7573// By default, the list is sorted by service namespace.
7574//
7575// If you specified ACTION_LEVEL granularity when you generated the report,
7576// this operation returns service and action last accessed data. This includes
7577// the most recent access attempt for each tracked action within a service.
7578// Otherwise, this operation returns only service data.
7579//
7580// For more information about service and action last accessed data, see Reducing
7581// permissions using service last accessed data (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html)
7582// in the IAM User Guide.
7583//
7584// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
7585// with awserr.Error's Code and Message methods to get detailed information about
7586// the error.
7587//
7588// See the AWS API reference guide for AWS Identity and Access Management's
7589// API operation GetServiceLastAccessedDetails for usage and error information.
7590//
7591// Returned Error Codes:
7592//   * ErrCodeNoSuchEntityException "NoSuchEntity"
7593//   The request was rejected because it referenced a resource entity that does
7594//   not exist. The error message describes the resource.
7595//
7596//   * ErrCodeInvalidInputException "InvalidInput"
7597//   The request was rejected because an invalid or out-of-range value was supplied
7598//   for an input parameter.
7599//
7600// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetServiceLastAccessedDetails
7601func (c *IAM) GetServiceLastAccessedDetails(input *GetServiceLastAccessedDetailsInput) (*GetServiceLastAccessedDetailsOutput, error) {
7602	req, out := c.GetServiceLastAccessedDetailsRequest(input)
7603	return out, req.Send()
7604}
7605
7606// GetServiceLastAccessedDetailsWithContext is the same as GetServiceLastAccessedDetails with the addition of
7607// the ability to pass a context and additional request options.
7608//
7609// See GetServiceLastAccessedDetails for details on how to use this API operation.
7610//
7611// The context must be non-nil and will be used for request cancellation. If
7612// the context is nil a panic will occur. In the future the SDK may create
7613// sub-contexts for http.Requests. See https://golang.org/pkg/context/
7614// for more information on using Contexts.
7615func (c *IAM) GetServiceLastAccessedDetailsWithContext(ctx aws.Context, input *GetServiceLastAccessedDetailsInput, opts ...request.Option) (*GetServiceLastAccessedDetailsOutput, error) {
7616	req, out := c.GetServiceLastAccessedDetailsRequest(input)
7617	req.SetContext(ctx)
7618	req.ApplyOptions(opts...)
7619	return out, req.Send()
7620}
7621
7622const opGetServiceLastAccessedDetailsWithEntities = "GetServiceLastAccessedDetailsWithEntities"
7623
7624// GetServiceLastAccessedDetailsWithEntitiesRequest generates a "aws/request.Request" representing the
7625// client's request for the GetServiceLastAccessedDetailsWithEntities operation. The "output" return
7626// value will be populated with the request's response once the request completes
7627// successfully.
7628//
7629// Use "Send" method on the returned Request to send the API call to the service.
7630// the "output" return value is not valid until after Send returns without error.
7631//
7632// See GetServiceLastAccessedDetailsWithEntities for more information on using the GetServiceLastAccessedDetailsWithEntities
7633// API call, and error handling.
7634//
7635// This method is useful when you want to inject custom logic or configuration
7636// into the SDK's request lifecycle. Such as custom headers, or retry logic.
7637//
7638//
7639//    // Example sending a request using the GetServiceLastAccessedDetailsWithEntitiesRequest method.
7640//    req, resp := client.GetServiceLastAccessedDetailsWithEntitiesRequest(params)
7641//
7642//    err := req.Send()
7643//    if err == nil { // resp is now filled
7644//        fmt.Println(resp)
7645//    }
7646//
7647// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetServiceLastAccessedDetailsWithEntities
7648func (c *IAM) GetServiceLastAccessedDetailsWithEntitiesRequest(input *GetServiceLastAccessedDetailsWithEntitiesInput) (req *request.Request, output *GetServiceLastAccessedDetailsWithEntitiesOutput) {
7649	op := &request.Operation{
7650		Name:       opGetServiceLastAccessedDetailsWithEntities,
7651		HTTPMethod: "POST",
7652		HTTPPath:   "/",
7653	}
7654
7655	if input == nil {
7656		input = &GetServiceLastAccessedDetailsWithEntitiesInput{}
7657	}
7658
7659	output = &GetServiceLastAccessedDetailsWithEntitiesOutput{}
7660	req = c.newRequest(op, input, output)
7661	return
7662}
7663
7664// GetServiceLastAccessedDetailsWithEntities API operation for AWS Identity and Access Management.
7665//
7666// After you generate a group or policy report using the GenerateServiceLastAccessedDetails
7667// operation, you can use the JobId parameter in GetServiceLastAccessedDetailsWithEntities.
7668// This operation retrieves the status of your report job and a list of entities
7669// that could have used group or policy permissions to access the specified
7670// service.
7671//
7672//    * Group – For a group report, this operation returns a list of users
7673//    in the group that could have used the group’s policies in an attempt
7674//    to access the service.
7675//
7676//    * Policy – For a policy report, this operation returns a list of entities
7677//    (users or roles) that could have used the policy in an attempt to access
7678//    the service.
7679//
7680// You can also use this operation for user or role reports to retrieve details
7681// about those entities.
7682//
7683// If the operation fails, the GetServiceLastAccessedDetailsWithEntities operation
7684// returns the reason that it failed.
7685//
7686// By default, the list of associated entities is sorted by date, with the most
7687// recent access listed first.
7688//
7689// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
7690// with awserr.Error's Code and Message methods to get detailed information about
7691// the error.
7692//
7693// See the AWS API reference guide for AWS Identity and Access Management's
7694// API operation GetServiceLastAccessedDetailsWithEntities for usage and error information.
7695//
7696// Returned Error Codes:
7697//   * ErrCodeNoSuchEntityException "NoSuchEntity"
7698//   The request was rejected because it referenced a resource entity that does
7699//   not exist. The error message describes the resource.
7700//
7701//   * ErrCodeInvalidInputException "InvalidInput"
7702//   The request was rejected because an invalid or out-of-range value was supplied
7703//   for an input parameter.
7704//
7705// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetServiceLastAccessedDetailsWithEntities
7706func (c *IAM) GetServiceLastAccessedDetailsWithEntities(input *GetServiceLastAccessedDetailsWithEntitiesInput) (*GetServiceLastAccessedDetailsWithEntitiesOutput, error) {
7707	req, out := c.GetServiceLastAccessedDetailsWithEntitiesRequest(input)
7708	return out, req.Send()
7709}
7710
7711// GetServiceLastAccessedDetailsWithEntitiesWithContext is the same as GetServiceLastAccessedDetailsWithEntities with the addition of
7712// the ability to pass a context and additional request options.
7713//
7714// See GetServiceLastAccessedDetailsWithEntities for details on how to use this API operation.
7715//
7716// The context must be non-nil and will be used for request cancellation. If
7717// the context is nil a panic will occur. In the future the SDK may create
7718// sub-contexts for http.Requests. See https://golang.org/pkg/context/
7719// for more information on using Contexts.
7720func (c *IAM) GetServiceLastAccessedDetailsWithEntitiesWithContext(ctx aws.Context, input *GetServiceLastAccessedDetailsWithEntitiesInput, opts ...request.Option) (*GetServiceLastAccessedDetailsWithEntitiesOutput, error) {
7721	req, out := c.GetServiceLastAccessedDetailsWithEntitiesRequest(input)
7722	req.SetContext(ctx)
7723	req.ApplyOptions(opts...)
7724	return out, req.Send()
7725}
7726
7727const opGetServiceLinkedRoleDeletionStatus = "GetServiceLinkedRoleDeletionStatus"
7728
7729// GetServiceLinkedRoleDeletionStatusRequest generates a "aws/request.Request" representing the
7730// client's request for the GetServiceLinkedRoleDeletionStatus operation. The "output" return
7731// value will be populated with the request's response once the request completes
7732// successfully.
7733//
7734// Use "Send" method on the returned Request to send the API call to the service.
7735// the "output" return value is not valid until after Send returns without error.
7736//
7737// See GetServiceLinkedRoleDeletionStatus for more information on using the GetServiceLinkedRoleDeletionStatus
7738// API call, and error handling.
7739//
7740// This method is useful when you want to inject custom logic or configuration
7741// into the SDK's request lifecycle. Such as custom headers, or retry logic.
7742//
7743//
7744//    // Example sending a request using the GetServiceLinkedRoleDeletionStatusRequest method.
7745//    req, resp := client.GetServiceLinkedRoleDeletionStatusRequest(params)
7746//
7747//    err := req.Send()
7748//    if err == nil { // resp is now filled
7749//        fmt.Println(resp)
7750//    }
7751//
7752// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetServiceLinkedRoleDeletionStatus
7753func (c *IAM) GetServiceLinkedRoleDeletionStatusRequest(input *GetServiceLinkedRoleDeletionStatusInput) (req *request.Request, output *GetServiceLinkedRoleDeletionStatusOutput) {
7754	op := &request.Operation{
7755		Name:       opGetServiceLinkedRoleDeletionStatus,
7756		HTTPMethod: "POST",
7757		HTTPPath:   "/",
7758	}
7759
7760	if input == nil {
7761		input = &GetServiceLinkedRoleDeletionStatusInput{}
7762	}
7763
7764	output = &GetServiceLinkedRoleDeletionStatusOutput{}
7765	req = c.newRequest(op, input, output)
7766	return
7767}
7768
7769// GetServiceLinkedRoleDeletionStatus API operation for AWS Identity and Access Management.
7770//
7771// Retrieves the status of your service-linked role deletion. After you use
7772// DeleteServiceLinkedRole to submit a service-linked role for deletion, you
7773// can use the DeletionTaskId parameter in GetServiceLinkedRoleDeletionStatus
7774// to check the status of the deletion. If the deletion fails, this operation
7775// returns the reason that it failed, if that information is returned by the
7776// service.
7777//
7778// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
7779// with awserr.Error's Code and Message methods to get detailed information about
7780// the error.
7781//
7782// See the AWS API reference guide for AWS Identity and Access Management's
7783// API operation GetServiceLinkedRoleDeletionStatus for usage and error information.
7784//
7785// Returned Error Codes:
7786//   * ErrCodeNoSuchEntityException "NoSuchEntity"
7787//   The request was rejected because it referenced a resource entity that does
7788//   not exist. The error message describes the resource.
7789//
7790//   * ErrCodeInvalidInputException "InvalidInput"
7791//   The request was rejected because an invalid or out-of-range value was supplied
7792//   for an input parameter.
7793//
7794//   * ErrCodeServiceFailureException "ServiceFailure"
7795//   The request processing has failed because of an unknown error, exception
7796//   or failure.
7797//
7798// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetServiceLinkedRoleDeletionStatus
7799func (c *IAM) GetServiceLinkedRoleDeletionStatus(input *GetServiceLinkedRoleDeletionStatusInput) (*GetServiceLinkedRoleDeletionStatusOutput, error) {
7800	req, out := c.GetServiceLinkedRoleDeletionStatusRequest(input)
7801	return out, req.Send()
7802}
7803
7804// GetServiceLinkedRoleDeletionStatusWithContext is the same as GetServiceLinkedRoleDeletionStatus with the addition of
7805// the ability to pass a context and additional request options.
7806//
7807// See GetServiceLinkedRoleDeletionStatus for details on how to use this API operation.
7808//
7809// The context must be non-nil and will be used for request cancellation. If
7810// the context is nil a panic will occur. In the future the SDK may create
7811// sub-contexts for http.Requests. See https://golang.org/pkg/context/
7812// for more information on using Contexts.
7813func (c *IAM) GetServiceLinkedRoleDeletionStatusWithContext(ctx aws.Context, input *GetServiceLinkedRoleDeletionStatusInput, opts ...request.Option) (*GetServiceLinkedRoleDeletionStatusOutput, error) {
7814	req, out := c.GetServiceLinkedRoleDeletionStatusRequest(input)
7815	req.SetContext(ctx)
7816	req.ApplyOptions(opts...)
7817	return out, req.Send()
7818}
7819
7820const opGetUser = "GetUser"
7821
7822// GetUserRequest generates a "aws/request.Request" representing the
7823// client's request for the GetUser operation. The "output" return
7824// value will be populated with the request's response once the request completes
7825// successfully.
7826//
7827// Use "Send" method on the returned Request to send the API call to the service.
7828// the "output" return value is not valid until after Send returns without error.
7829//
7830// See GetUser for more information on using the GetUser
7831// API call, and error handling.
7832//
7833// This method is useful when you want to inject custom logic or configuration
7834// into the SDK's request lifecycle. Such as custom headers, or retry logic.
7835//
7836//
7837//    // Example sending a request using the GetUserRequest method.
7838//    req, resp := client.GetUserRequest(params)
7839//
7840//    err := req.Send()
7841//    if err == nil { // resp is now filled
7842//        fmt.Println(resp)
7843//    }
7844//
7845// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetUser
7846func (c *IAM) GetUserRequest(input *GetUserInput) (req *request.Request, output *GetUserOutput) {
7847	op := &request.Operation{
7848		Name:       opGetUser,
7849		HTTPMethod: "POST",
7850		HTTPPath:   "/",
7851	}
7852
7853	if input == nil {
7854		input = &GetUserInput{}
7855	}
7856
7857	output = &GetUserOutput{}
7858	req = c.newRequest(op, input, output)
7859	return
7860}
7861
7862// GetUser API operation for AWS Identity and Access Management.
7863//
7864// Retrieves information about the specified IAM user, including the user's
7865// creation date, path, unique ID, and ARN.
7866//
7867// If you do not specify a user name, IAM determines the user name implicitly
7868// based on the Amazon Web Services access key ID used to sign the request to
7869// this operation.
7870//
7871// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
7872// with awserr.Error's Code and Message methods to get detailed information about
7873// the error.
7874//
7875// See the AWS API reference guide for AWS Identity and Access Management's
7876// API operation GetUser for usage and error information.
7877//
7878// Returned Error Codes:
7879//   * ErrCodeNoSuchEntityException "NoSuchEntity"
7880//   The request was rejected because it referenced a resource entity that does
7881//   not exist. The error message describes the resource.
7882//
7883//   * ErrCodeServiceFailureException "ServiceFailure"
7884//   The request processing has failed because of an unknown error, exception
7885//   or failure.
7886//
7887// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetUser
7888func (c *IAM) GetUser(input *GetUserInput) (*GetUserOutput, error) {
7889	req, out := c.GetUserRequest(input)
7890	return out, req.Send()
7891}
7892
7893// GetUserWithContext is the same as GetUser with the addition of
7894// the ability to pass a context and additional request options.
7895//
7896// See GetUser for details on how to use this API operation.
7897//
7898// The context must be non-nil and will be used for request cancellation. If
7899// the context is nil a panic will occur. In the future the SDK may create
7900// sub-contexts for http.Requests. See https://golang.org/pkg/context/
7901// for more information on using Contexts.
7902func (c *IAM) GetUserWithContext(ctx aws.Context, input *GetUserInput, opts ...request.Option) (*GetUserOutput, error) {
7903	req, out := c.GetUserRequest(input)
7904	req.SetContext(ctx)
7905	req.ApplyOptions(opts...)
7906	return out, req.Send()
7907}
7908
7909const opGetUserPolicy = "GetUserPolicy"
7910
7911// GetUserPolicyRequest generates a "aws/request.Request" representing the
7912// client's request for the GetUserPolicy operation. The "output" return
7913// value will be populated with the request's response once the request completes
7914// successfully.
7915//
7916// Use "Send" method on the returned Request to send the API call to the service.
7917// the "output" return value is not valid until after Send returns without error.
7918//
7919// See GetUserPolicy for more information on using the GetUserPolicy
7920// API call, and error handling.
7921//
7922// This method is useful when you want to inject custom logic or configuration
7923// into the SDK's request lifecycle. Such as custom headers, or retry logic.
7924//
7925//
7926//    // Example sending a request using the GetUserPolicyRequest method.
7927//    req, resp := client.GetUserPolicyRequest(params)
7928//
7929//    err := req.Send()
7930//    if err == nil { // resp is now filled
7931//        fmt.Println(resp)
7932//    }
7933//
7934// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetUserPolicy
7935func (c *IAM) GetUserPolicyRequest(input *GetUserPolicyInput) (req *request.Request, output *GetUserPolicyOutput) {
7936	op := &request.Operation{
7937		Name:       opGetUserPolicy,
7938		HTTPMethod: "POST",
7939		HTTPPath:   "/",
7940	}
7941
7942	if input == nil {
7943		input = &GetUserPolicyInput{}
7944	}
7945
7946	output = &GetUserPolicyOutput{}
7947	req = c.newRequest(op, input, output)
7948	return
7949}
7950
7951// GetUserPolicy API operation for AWS Identity and Access Management.
7952//
7953// Retrieves the specified inline policy document that is embedded in the specified
7954// IAM user.
7955//
7956// Policies returned by this operation are URL-encoded compliant with RFC 3986
7957// (https://tools.ietf.org/html/rfc3986). You can use a URL decoding method
7958// to convert the policy back to plain JSON text. For example, if you use Java,
7959// you can use the decode method of the java.net.URLDecoder utility class in
7960// the Java SDK. Other languages and SDKs provide similar functionality.
7961//
7962// An IAM user can also have managed policies attached to it. To retrieve a
7963// managed policy document that is attached to a user, use GetPolicy to determine
7964// the policy's default version. Then use GetPolicyVersion to retrieve the policy
7965// document.
7966//
7967// For more information about policies, see Managed policies and inline policies
7968// (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
7969// in the IAM User Guide.
7970//
7971// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
7972// with awserr.Error's Code and Message methods to get detailed information about
7973// the error.
7974//
7975// See the AWS API reference guide for AWS Identity and Access Management's
7976// API operation GetUserPolicy for usage and error information.
7977//
7978// Returned Error Codes:
7979//   * ErrCodeNoSuchEntityException "NoSuchEntity"
7980//   The request was rejected because it referenced a resource entity that does
7981//   not exist. The error message describes the resource.
7982//
7983//   * ErrCodeServiceFailureException "ServiceFailure"
7984//   The request processing has failed because of an unknown error, exception
7985//   or failure.
7986//
7987// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetUserPolicy
7988func (c *IAM) GetUserPolicy(input *GetUserPolicyInput) (*GetUserPolicyOutput, error) {
7989	req, out := c.GetUserPolicyRequest(input)
7990	return out, req.Send()
7991}
7992
7993// GetUserPolicyWithContext is the same as GetUserPolicy with the addition of
7994// the ability to pass a context and additional request options.
7995//
7996// See GetUserPolicy for details on how to use this API operation.
7997//
7998// The context must be non-nil and will be used for request cancellation. If
7999// the context is nil a panic will occur. In the future the SDK may create
8000// sub-contexts for http.Requests. See https://golang.org/pkg/context/
8001// for more information on using Contexts.
8002func (c *IAM) GetUserPolicyWithContext(ctx aws.Context, input *GetUserPolicyInput, opts ...request.Option) (*GetUserPolicyOutput, error) {
8003	req, out := c.GetUserPolicyRequest(input)
8004	req.SetContext(ctx)
8005	req.ApplyOptions(opts...)
8006	return out, req.Send()
8007}
8008
8009const opListAccessKeys = "ListAccessKeys"
8010
8011// ListAccessKeysRequest generates a "aws/request.Request" representing the
8012// client's request for the ListAccessKeys operation. The "output" return
8013// value will be populated with the request's response once the request completes
8014// successfully.
8015//
8016// Use "Send" method on the returned Request to send the API call to the service.
8017// the "output" return value is not valid until after Send returns without error.
8018//
8019// See ListAccessKeys for more information on using the ListAccessKeys
8020// API call, and error handling.
8021//
8022// This method is useful when you want to inject custom logic or configuration
8023// into the SDK's request lifecycle. Such as custom headers, or retry logic.
8024//
8025//
8026//    // Example sending a request using the ListAccessKeysRequest method.
8027//    req, resp := client.ListAccessKeysRequest(params)
8028//
8029//    err := req.Send()
8030//    if err == nil { // resp is now filled
8031//        fmt.Println(resp)
8032//    }
8033//
8034// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListAccessKeys
8035func (c *IAM) ListAccessKeysRequest(input *ListAccessKeysInput) (req *request.Request, output *ListAccessKeysOutput) {
8036	op := &request.Operation{
8037		Name:       opListAccessKeys,
8038		HTTPMethod: "POST",
8039		HTTPPath:   "/",
8040		Paginator: &request.Paginator{
8041			InputTokens:     []string{"Marker"},
8042			OutputTokens:    []string{"Marker"},
8043			LimitToken:      "MaxItems",
8044			TruncationToken: "IsTruncated",
8045		},
8046	}
8047
8048	if input == nil {
8049		input = &ListAccessKeysInput{}
8050	}
8051
8052	output = &ListAccessKeysOutput{}
8053	req = c.newRequest(op, input, output)
8054	return
8055}
8056
8057// ListAccessKeys API operation for AWS Identity and Access Management.
8058//
8059// Returns information about the access key IDs associated with the specified
8060// IAM user. If there is none, the operation returns an empty list.
8061//
8062// Although each user is limited to a small number of keys, you can still paginate
8063// the results using the MaxItems and Marker parameters.
8064//
8065// If the UserName field is not specified, the user name is determined implicitly
8066// based on the Amazon Web Services access key ID used to sign the request.
8067// This operation works for access keys under the Amazon Web Services account.
8068// Consequently, you can use this operation to manage Amazon Web Services account
8069// root user credentials even if the Amazon Web Services account has no associated
8070// users.
8071//
8072// To ensure the security of your Amazon Web Services account, the secret access
8073// key is accessible only during key and user creation.
8074//
8075// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
8076// with awserr.Error's Code and Message methods to get detailed information about
8077// the error.
8078//
8079// See the AWS API reference guide for AWS Identity and Access Management's
8080// API operation ListAccessKeys for usage and error information.
8081//
8082// Returned Error Codes:
8083//   * ErrCodeNoSuchEntityException "NoSuchEntity"
8084//   The request was rejected because it referenced a resource entity that does
8085//   not exist. The error message describes the resource.
8086//
8087//   * ErrCodeServiceFailureException "ServiceFailure"
8088//   The request processing has failed because of an unknown error, exception
8089//   or failure.
8090//
8091// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListAccessKeys
8092func (c *IAM) ListAccessKeys(input *ListAccessKeysInput) (*ListAccessKeysOutput, error) {
8093	req, out := c.ListAccessKeysRequest(input)
8094	return out, req.Send()
8095}
8096
8097// ListAccessKeysWithContext is the same as ListAccessKeys with the addition of
8098// the ability to pass a context and additional request options.
8099//
8100// See ListAccessKeys for details on how to use this API operation.
8101//
8102// The context must be non-nil and will be used for request cancellation. If
8103// the context is nil a panic will occur. In the future the SDK may create
8104// sub-contexts for http.Requests. See https://golang.org/pkg/context/
8105// for more information on using Contexts.
8106func (c *IAM) ListAccessKeysWithContext(ctx aws.Context, input *ListAccessKeysInput, opts ...request.Option) (*ListAccessKeysOutput, error) {
8107	req, out := c.ListAccessKeysRequest(input)
8108	req.SetContext(ctx)
8109	req.ApplyOptions(opts...)
8110	return out, req.Send()
8111}
8112
8113// ListAccessKeysPages iterates over the pages of a ListAccessKeys operation,
8114// calling the "fn" function with the response data for each page. To stop
8115// iterating, return false from the fn function.
8116//
8117// See ListAccessKeys method for more information on how to use this operation.
8118//
8119// Note: This operation can generate multiple requests to a service.
8120//
8121//    // Example iterating over at most 3 pages of a ListAccessKeys operation.
8122//    pageNum := 0
8123//    err := client.ListAccessKeysPages(params,
8124//        func(page *iam.ListAccessKeysOutput, lastPage bool) bool {
8125//            pageNum++
8126//            fmt.Println(page)
8127//            return pageNum <= 3
8128//        })
8129//
8130func (c *IAM) ListAccessKeysPages(input *ListAccessKeysInput, fn func(*ListAccessKeysOutput, bool) bool) error {
8131	return c.ListAccessKeysPagesWithContext(aws.BackgroundContext(), input, fn)
8132}
8133
8134// ListAccessKeysPagesWithContext same as ListAccessKeysPages except
8135// it takes a Context and allows setting request options on the pages.
8136//
8137// The context must be non-nil and will be used for request cancellation. If
8138// the context is nil a panic will occur. In the future the SDK may create
8139// sub-contexts for http.Requests. See https://golang.org/pkg/context/
8140// for more information on using Contexts.
8141func (c *IAM) ListAccessKeysPagesWithContext(ctx aws.Context, input *ListAccessKeysInput, fn func(*ListAccessKeysOutput, bool) bool, opts ...request.Option) error {
8142	p := request.Pagination{
8143		NewRequest: func() (*request.Request, error) {
8144			var inCpy *ListAccessKeysInput
8145			if input != nil {
8146				tmp := *input
8147				inCpy = &tmp
8148			}
8149			req, _ := c.ListAccessKeysRequest(inCpy)
8150			req.SetContext(ctx)
8151			req.ApplyOptions(opts...)
8152			return req, nil
8153		},
8154	}
8155
8156	for p.Next() {
8157		if !fn(p.Page().(*ListAccessKeysOutput), !p.HasNextPage()) {
8158			break
8159		}
8160	}
8161
8162	return p.Err()
8163}
8164
8165const opListAccountAliases = "ListAccountAliases"
8166
8167// ListAccountAliasesRequest generates a "aws/request.Request" representing the
8168// client's request for the ListAccountAliases operation. The "output" return
8169// value will be populated with the request's response once the request completes
8170// successfully.
8171//
8172// Use "Send" method on the returned Request to send the API call to the service.
8173// the "output" return value is not valid until after Send returns without error.
8174//
8175// See ListAccountAliases for more information on using the ListAccountAliases
8176// API call, and error handling.
8177//
8178// This method is useful when you want to inject custom logic or configuration
8179// into the SDK's request lifecycle. Such as custom headers, or retry logic.
8180//
8181//
8182//    // Example sending a request using the ListAccountAliasesRequest method.
8183//    req, resp := client.ListAccountAliasesRequest(params)
8184//
8185//    err := req.Send()
8186//    if err == nil { // resp is now filled
8187//        fmt.Println(resp)
8188//    }
8189//
8190// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListAccountAliases
8191func (c *IAM) ListAccountAliasesRequest(input *ListAccountAliasesInput) (req *request.Request, output *ListAccountAliasesOutput) {
8192	op := &request.Operation{
8193		Name:       opListAccountAliases,
8194		HTTPMethod: "POST",
8195		HTTPPath:   "/",
8196		Paginator: &request.Paginator{
8197			InputTokens:     []string{"Marker"},
8198			OutputTokens:    []string{"Marker"},
8199			LimitToken:      "MaxItems",
8200			TruncationToken: "IsTruncated",
8201		},
8202	}
8203
8204	if input == nil {
8205		input = &ListAccountAliasesInput{}
8206	}
8207
8208	output = &ListAccountAliasesOutput{}
8209	req = c.newRequest(op, input, output)
8210	return
8211}
8212
8213// ListAccountAliases API operation for AWS Identity and Access Management.
8214//
8215// Lists the account alias associated with the Amazon Web Services account (Note:
8216// you can have only one). For information about using an Amazon Web Services
8217// account alias, see Using an alias for your Amazon Web Services account ID
8218// (https://docs.aws.amazon.com/IAM/latest/UserGuide/AccountAlias.html) in the
8219// IAM User Guide.
8220//
8221// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
8222// with awserr.Error's Code and Message methods to get detailed information about
8223// the error.
8224//
8225// See the AWS API reference guide for AWS Identity and Access Management's
8226// API operation ListAccountAliases for usage and error information.
8227//
8228// Returned Error Codes:
8229//   * ErrCodeServiceFailureException "ServiceFailure"
8230//   The request processing has failed because of an unknown error, exception
8231//   or failure.
8232//
8233// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListAccountAliases
8234func (c *IAM) ListAccountAliases(input *ListAccountAliasesInput) (*ListAccountAliasesOutput, error) {
8235	req, out := c.ListAccountAliasesRequest(input)
8236	return out, req.Send()
8237}
8238
8239// ListAccountAliasesWithContext is the same as ListAccountAliases with the addition of
8240// the ability to pass a context and additional request options.
8241//
8242// See ListAccountAliases for details on how to use this API operation.
8243//
8244// The context must be non-nil and will be used for request cancellation. If
8245// the context is nil a panic will occur. In the future the SDK may create
8246// sub-contexts for http.Requests. See https://golang.org/pkg/context/
8247// for more information on using Contexts.
8248func (c *IAM) ListAccountAliasesWithContext(ctx aws.Context, input *ListAccountAliasesInput, opts ...request.Option) (*ListAccountAliasesOutput, error) {
8249	req, out := c.ListAccountAliasesRequest(input)
8250	req.SetContext(ctx)
8251	req.ApplyOptions(opts...)
8252	return out, req.Send()
8253}
8254
8255// ListAccountAliasesPages iterates over the pages of a ListAccountAliases operation,
8256// calling the "fn" function with the response data for each page. To stop
8257// iterating, return false from the fn function.
8258//
8259// See ListAccountAliases method for more information on how to use this operation.
8260//
8261// Note: This operation can generate multiple requests to a service.
8262//
8263//    // Example iterating over at most 3 pages of a ListAccountAliases operation.
8264//    pageNum := 0
8265//    err := client.ListAccountAliasesPages(params,
8266//        func(page *iam.ListAccountAliasesOutput, lastPage bool) bool {
8267//            pageNum++
8268//            fmt.Println(page)
8269//            return pageNum <= 3
8270//        })
8271//
8272func (c *IAM) ListAccountAliasesPages(input *ListAccountAliasesInput, fn func(*ListAccountAliasesOutput, bool) bool) error {
8273	return c.ListAccountAliasesPagesWithContext(aws.BackgroundContext(), input, fn)
8274}
8275
8276// ListAccountAliasesPagesWithContext same as ListAccountAliasesPages except
8277// it takes a Context and allows setting request options on the pages.
8278//
8279// The context must be non-nil and will be used for request cancellation. If
8280// the context is nil a panic will occur. In the future the SDK may create
8281// sub-contexts for http.Requests. See https://golang.org/pkg/context/
8282// for more information on using Contexts.
8283func (c *IAM) ListAccountAliasesPagesWithContext(ctx aws.Context, input *ListAccountAliasesInput, fn func(*ListAccountAliasesOutput, bool) bool, opts ...request.Option) error {
8284	p := request.Pagination{
8285		NewRequest: func() (*request.Request, error) {
8286			var inCpy *ListAccountAliasesInput
8287			if input != nil {
8288				tmp := *input
8289				inCpy = &tmp
8290			}
8291			req, _ := c.ListAccountAliasesRequest(inCpy)
8292			req.SetContext(ctx)
8293			req.ApplyOptions(opts...)
8294			return req, nil
8295		},
8296	}
8297
8298	for p.Next() {
8299		if !fn(p.Page().(*ListAccountAliasesOutput), !p.HasNextPage()) {
8300			break
8301		}
8302	}
8303
8304	return p.Err()
8305}
8306
8307const opListAttachedGroupPolicies = "ListAttachedGroupPolicies"
8308
8309// ListAttachedGroupPoliciesRequest generates a "aws/request.Request" representing the
8310// client's request for the ListAttachedGroupPolicies operation. The "output" return
8311// value will be populated with the request's response once the request completes
8312// successfully.
8313//
8314// Use "Send" method on the returned Request to send the API call to the service.
8315// the "output" return value is not valid until after Send returns without error.
8316//
8317// See ListAttachedGroupPolicies for more information on using the ListAttachedGroupPolicies
8318// API call, and error handling.
8319//
8320// This method is useful when you want to inject custom logic or configuration
8321// into the SDK's request lifecycle. Such as custom headers, or retry logic.
8322//
8323//
8324//    // Example sending a request using the ListAttachedGroupPoliciesRequest method.
8325//    req, resp := client.ListAttachedGroupPoliciesRequest(params)
8326//
8327//    err := req.Send()
8328//    if err == nil { // resp is now filled
8329//        fmt.Println(resp)
8330//    }
8331//
8332// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListAttachedGroupPolicies
8333func (c *IAM) ListAttachedGroupPoliciesRequest(input *ListAttachedGroupPoliciesInput) (req *request.Request, output *ListAttachedGroupPoliciesOutput) {
8334	op := &request.Operation{
8335		Name:       opListAttachedGroupPolicies,
8336		HTTPMethod: "POST",
8337		HTTPPath:   "/",
8338		Paginator: &request.Paginator{
8339			InputTokens:     []string{"Marker"},
8340			OutputTokens:    []string{"Marker"},
8341			LimitToken:      "MaxItems",
8342			TruncationToken: "IsTruncated",
8343		},
8344	}
8345
8346	if input == nil {
8347		input = &ListAttachedGroupPoliciesInput{}
8348	}
8349
8350	output = &ListAttachedGroupPoliciesOutput{}
8351	req = c.newRequest(op, input, output)
8352	return
8353}
8354
8355// ListAttachedGroupPolicies API operation for AWS Identity and Access Management.
8356//
8357// Lists all managed policies that are attached to the specified IAM group.
8358//
8359// An IAM group can also have inline policies embedded with it. To list the
8360// inline policies for a group, use ListGroupPolicies. For information about
8361// policies, see Managed policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
8362// in the IAM User Guide.
8363//
8364// You can paginate the results using the MaxItems and Marker parameters. You
8365// can use the PathPrefix parameter to limit the list of policies to only those
8366// matching the specified path prefix. If there are no policies attached to
8367// the specified group (or none that match the specified path prefix), the operation
8368// returns an empty list.
8369//
8370// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
8371// with awserr.Error's Code and Message methods to get detailed information about
8372// the error.
8373//
8374// See the AWS API reference guide for AWS Identity and Access Management's
8375// API operation ListAttachedGroupPolicies for usage and error information.
8376//
8377// Returned Error Codes:
8378//   * ErrCodeNoSuchEntityException "NoSuchEntity"
8379//   The request was rejected because it referenced a resource entity that does
8380//   not exist. The error message describes the resource.
8381//
8382//   * ErrCodeInvalidInputException "InvalidInput"
8383//   The request was rejected because an invalid or out-of-range value was supplied
8384//   for an input parameter.
8385//
8386//   * ErrCodeServiceFailureException "ServiceFailure"
8387//   The request processing has failed because of an unknown error, exception
8388//   or failure.
8389//
8390// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListAttachedGroupPolicies
8391func (c *IAM) ListAttachedGroupPolicies(input *ListAttachedGroupPoliciesInput) (*ListAttachedGroupPoliciesOutput, error) {
8392	req, out := c.ListAttachedGroupPoliciesRequest(input)
8393	return out, req.Send()
8394}
8395
8396// ListAttachedGroupPoliciesWithContext is the same as ListAttachedGroupPolicies with the addition of
8397// the ability to pass a context and additional request options.
8398//
8399// See ListAttachedGroupPolicies for details on how to use this API operation.
8400//
8401// The context must be non-nil and will be used for request cancellation. If
8402// the context is nil a panic will occur. In the future the SDK may create
8403// sub-contexts for http.Requests. See https://golang.org/pkg/context/
8404// for more information on using Contexts.
8405func (c *IAM) ListAttachedGroupPoliciesWithContext(ctx aws.Context, input *ListAttachedGroupPoliciesInput, opts ...request.Option) (*ListAttachedGroupPoliciesOutput, error) {
8406	req, out := c.ListAttachedGroupPoliciesRequest(input)
8407	req.SetContext(ctx)
8408	req.ApplyOptions(opts...)
8409	return out, req.Send()
8410}
8411
8412// ListAttachedGroupPoliciesPages iterates over the pages of a ListAttachedGroupPolicies operation,
8413// calling the "fn" function with the response data for each page. To stop
8414// iterating, return false from the fn function.
8415//
8416// See ListAttachedGroupPolicies method for more information on how to use this operation.
8417//
8418// Note: This operation can generate multiple requests to a service.
8419//
8420//    // Example iterating over at most 3 pages of a ListAttachedGroupPolicies operation.
8421//    pageNum := 0
8422//    err := client.ListAttachedGroupPoliciesPages(params,
8423//        func(page *iam.ListAttachedGroupPoliciesOutput, lastPage bool) bool {
8424//            pageNum++
8425//            fmt.Println(page)
8426//            return pageNum <= 3
8427//        })
8428//
8429func (c *IAM) ListAttachedGroupPoliciesPages(input *ListAttachedGroupPoliciesInput, fn func(*ListAttachedGroupPoliciesOutput, bool) bool) error {
8430	return c.ListAttachedGroupPoliciesPagesWithContext(aws.BackgroundContext(), input, fn)
8431}
8432
8433// ListAttachedGroupPoliciesPagesWithContext same as ListAttachedGroupPoliciesPages except
8434// it takes a Context and allows setting request options on the pages.
8435//
8436// The context must be non-nil and will be used for request cancellation. If
8437// the context is nil a panic will occur. In the future the SDK may create
8438// sub-contexts for http.Requests. See https://golang.org/pkg/context/
8439// for more information on using Contexts.
8440func (c *IAM) ListAttachedGroupPoliciesPagesWithContext(ctx aws.Context, input *ListAttachedGroupPoliciesInput, fn func(*ListAttachedGroupPoliciesOutput, bool) bool, opts ...request.Option) error {
8441	p := request.Pagination{
8442		NewRequest: func() (*request.Request, error) {
8443			var inCpy *ListAttachedGroupPoliciesInput
8444			if input != nil {
8445				tmp := *input
8446				inCpy = &tmp
8447			}
8448			req, _ := c.ListAttachedGroupPoliciesRequest(inCpy)
8449			req.SetContext(ctx)
8450			req.ApplyOptions(opts...)
8451			return req, nil
8452		},
8453	}
8454
8455	for p.Next() {
8456		if !fn(p.Page().(*ListAttachedGroupPoliciesOutput), !p.HasNextPage()) {
8457			break
8458		}
8459	}
8460
8461	return p.Err()
8462}
8463
8464const opListAttachedRolePolicies = "ListAttachedRolePolicies"
8465
8466// ListAttachedRolePoliciesRequest generates a "aws/request.Request" representing the
8467// client's request for the ListAttachedRolePolicies operation. The "output" return
8468// value will be populated with the request's response once the request completes
8469// successfully.
8470//
8471// Use "Send" method on the returned Request to send the API call to the service.
8472// the "output" return value is not valid until after Send returns without error.
8473//
8474// See ListAttachedRolePolicies for more information on using the ListAttachedRolePolicies
8475// API call, and error handling.
8476//
8477// This method is useful when you want to inject custom logic or configuration
8478// into the SDK's request lifecycle. Such as custom headers, or retry logic.
8479//
8480//
8481//    // Example sending a request using the ListAttachedRolePoliciesRequest method.
8482//    req, resp := client.ListAttachedRolePoliciesRequest(params)
8483//
8484//    err := req.Send()
8485//    if err == nil { // resp is now filled
8486//        fmt.Println(resp)
8487//    }
8488//
8489// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListAttachedRolePolicies
8490func (c *IAM) ListAttachedRolePoliciesRequest(input *ListAttachedRolePoliciesInput) (req *request.Request, output *ListAttachedRolePoliciesOutput) {
8491	op := &request.Operation{
8492		Name:       opListAttachedRolePolicies,
8493		HTTPMethod: "POST",
8494		HTTPPath:   "/",
8495		Paginator: &request.Paginator{
8496			InputTokens:     []string{"Marker"},
8497			OutputTokens:    []string{"Marker"},
8498			LimitToken:      "MaxItems",
8499			TruncationToken: "IsTruncated",
8500		},
8501	}
8502
8503	if input == nil {
8504		input = &ListAttachedRolePoliciesInput{}
8505	}
8506
8507	output = &ListAttachedRolePoliciesOutput{}
8508	req = c.newRequest(op, input, output)
8509	return
8510}
8511
8512// ListAttachedRolePolicies API operation for AWS Identity and Access Management.
8513//
8514// Lists all managed policies that are attached to the specified IAM role.
8515//
8516// An IAM role can also have inline policies embedded with it. To list the inline
8517// policies for a role, use ListRolePolicies. For information about policies,
8518// see Managed policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
8519// in the IAM User Guide.
8520//
8521// You can paginate the results using the MaxItems and Marker parameters. You
8522// can use the PathPrefix parameter to limit the list of policies to only those
8523// matching the specified path prefix. If there are no policies attached to
8524// the specified role (or none that match the specified path prefix), the operation
8525// returns an empty list.
8526//
8527// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
8528// with awserr.Error's Code and Message methods to get detailed information about
8529// the error.
8530//
8531// See the AWS API reference guide for AWS Identity and Access Management's
8532// API operation ListAttachedRolePolicies for usage and error information.
8533//
8534// Returned Error Codes:
8535//   * ErrCodeNoSuchEntityException "NoSuchEntity"
8536//   The request was rejected because it referenced a resource entity that does
8537//   not exist. The error message describes the resource.
8538//
8539//   * ErrCodeInvalidInputException "InvalidInput"
8540//   The request was rejected because an invalid or out-of-range value was supplied
8541//   for an input parameter.
8542//
8543//   * ErrCodeServiceFailureException "ServiceFailure"
8544//   The request processing has failed because of an unknown error, exception
8545//   or failure.
8546//
8547// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListAttachedRolePolicies
8548func (c *IAM) ListAttachedRolePolicies(input *ListAttachedRolePoliciesInput) (*ListAttachedRolePoliciesOutput, error) {
8549	req, out := c.ListAttachedRolePoliciesRequest(input)
8550	return out, req.Send()
8551}
8552
8553// ListAttachedRolePoliciesWithContext is the same as ListAttachedRolePolicies with the addition of
8554// the ability to pass a context and additional request options.
8555//
8556// See ListAttachedRolePolicies for details on how to use this API operation.
8557//
8558// The context must be non-nil and will be used for request cancellation. If
8559// the context is nil a panic will occur. In the future the SDK may create
8560// sub-contexts for http.Requests. See https://golang.org/pkg/context/
8561// for more information on using Contexts.
8562func (c *IAM) ListAttachedRolePoliciesWithContext(ctx aws.Context, input *ListAttachedRolePoliciesInput, opts ...request.Option) (*ListAttachedRolePoliciesOutput, error) {
8563	req, out := c.ListAttachedRolePoliciesRequest(input)
8564	req.SetContext(ctx)
8565	req.ApplyOptions(opts...)
8566	return out, req.Send()
8567}
8568
8569// ListAttachedRolePoliciesPages iterates over the pages of a ListAttachedRolePolicies operation,
8570// calling the "fn" function with the response data for each page. To stop
8571// iterating, return false from the fn function.
8572//
8573// See ListAttachedRolePolicies method for more information on how to use this operation.
8574//
8575// Note: This operation can generate multiple requests to a service.
8576//
8577//    // Example iterating over at most 3 pages of a ListAttachedRolePolicies operation.
8578//    pageNum := 0
8579//    err := client.ListAttachedRolePoliciesPages(params,
8580//        func(page *iam.ListAttachedRolePoliciesOutput, lastPage bool) bool {
8581//            pageNum++
8582//            fmt.Println(page)
8583//            return pageNum <= 3
8584//        })
8585//
8586func (c *IAM) ListAttachedRolePoliciesPages(input *ListAttachedRolePoliciesInput, fn func(*ListAttachedRolePoliciesOutput, bool) bool) error {
8587	return c.ListAttachedRolePoliciesPagesWithContext(aws.BackgroundContext(), input, fn)
8588}
8589
8590// ListAttachedRolePoliciesPagesWithContext same as ListAttachedRolePoliciesPages except
8591// it takes a Context and allows setting request options on the pages.
8592//
8593// The context must be non-nil and will be used for request cancellation. If
8594// the context is nil a panic will occur. In the future the SDK may create
8595// sub-contexts for http.Requests. See https://golang.org/pkg/context/
8596// for more information on using Contexts.
8597func (c *IAM) ListAttachedRolePoliciesPagesWithContext(ctx aws.Context, input *ListAttachedRolePoliciesInput, fn func(*ListAttachedRolePoliciesOutput, bool) bool, opts ...request.Option) error {
8598	p := request.Pagination{
8599		NewRequest: func() (*request.Request, error) {
8600			var inCpy *ListAttachedRolePoliciesInput
8601			if input != nil {
8602				tmp := *input
8603				inCpy = &tmp
8604			}
8605			req, _ := c.ListAttachedRolePoliciesRequest(inCpy)
8606			req.SetContext(ctx)
8607			req.ApplyOptions(opts...)
8608			return req, nil
8609		},
8610	}
8611
8612	for p.Next() {
8613		if !fn(p.Page().(*ListAttachedRolePoliciesOutput), !p.HasNextPage()) {
8614			break
8615		}
8616	}
8617
8618	return p.Err()
8619}
8620
8621const opListAttachedUserPolicies = "ListAttachedUserPolicies"
8622
8623// ListAttachedUserPoliciesRequest generates a "aws/request.Request" representing the
8624// client's request for the ListAttachedUserPolicies operation. The "output" return
8625// value will be populated with the request's response once the request completes
8626// successfully.
8627//
8628// Use "Send" method on the returned Request to send the API call to the service.
8629// the "output" return value is not valid until after Send returns without error.
8630//
8631// See ListAttachedUserPolicies for more information on using the ListAttachedUserPolicies
8632// API call, and error handling.
8633//
8634// This method is useful when you want to inject custom logic or configuration
8635// into the SDK's request lifecycle. Such as custom headers, or retry logic.
8636//
8637//
8638//    // Example sending a request using the ListAttachedUserPoliciesRequest method.
8639//    req, resp := client.ListAttachedUserPoliciesRequest(params)
8640//
8641//    err := req.Send()
8642//    if err == nil { // resp is now filled
8643//        fmt.Println(resp)
8644//    }
8645//
8646// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListAttachedUserPolicies
8647func (c *IAM) ListAttachedUserPoliciesRequest(input *ListAttachedUserPoliciesInput) (req *request.Request, output *ListAttachedUserPoliciesOutput) {
8648	op := &request.Operation{
8649		Name:       opListAttachedUserPolicies,
8650		HTTPMethod: "POST",
8651		HTTPPath:   "/",
8652		Paginator: &request.Paginator{
8653			InputTokens:     []string{"Marker"},
8654			OutputTokens:    []string{"Marker"},
8655			LimitToken:      "MaxItems",
8656			TruncationToken: "IsTruncated",
8657		},
8658	}
8659
8660	if input == nil {
8661		input = &ListAttachedUserPoliciesInput{}
8662	}
8663
8664	output = &ListAttachedUserPoliciesOutput{}
8665	req = c.newRequest(op, input, output)
8666	return
8667}
8668
8669// ListAttachedUserPolicies API operation for AWS Identity and Access Management.
8670//
8671// Lists all managed policies that are attached to the specified IAM user.
8672//
8673// An IAM user can also have inline policies embedded with it. To list the inline
8674// policies for a user, use ListUserPolicies. For information about policies,
8675// see Managed policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
8676// in the IAM User Guide.
8677//
8678// You can paginate the results using the MaxItems and Marker parameters. You
8679// can use the PathPrefix parameter to limit the list of policies to only those
8680// matching the specified path prefix. If there are no policies attached to
8681// the specified group (or none that match the specified path prefix), the operation
8682// returns an empty list.
8683//
8684// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
8685// with awserr.Error's Code and Message methods to get detailed information about
8686// the error.
8687//
8688// See the AWS API reference guide for AWS Identity and Access Management's
8689// API operation ListAttachedUserPolicies for usage and error information.
8690//
8691// Returned Error Codes:
8692//   * ErrCodeNoSuchEntityException "NoSuchEntity"
8693//   The request was rejected because it referenced a resource entity that does
8694//   not exist. The error message describes the resource.
8695//
8696//   * ErrCodeInvalidInputException "InvalidInput"
8697//   The request was rejected because an invalid or out-of-range value was supplied
8698//   for an input parameter.
8699//
8700//   * ErrCodeServiceFailureException "ServiceFailure"
8701//   The request processing has failed because of an unknown error, exception
8702//   or failure.
8703//
8704// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListAttachedUserPolicies
8705func (c *IAM) ListAttachedUserPolicies(input *ListAttachedUserPoliciesInput) (*ListAttachedUserPoliciesOutput, error) {
8706	req, out := c.ListAttachedUserPoliciesRequest(input)
8707	return out, req.Send()
8708}
8709
8710// ListAttachedUserPoliciesWithContext is the same as ListAttachedUserPolicies with the addition of
8711// the ability to pass a context and additional request options.
8712//
8713// See ListAttachedUserPolicies for details on how to use this API operation.
8714//
8715// The context must be non-nil and will be used for request cancellation. If
8716// the context is nil a panic will occur. In the future the SDK may create
8717// sub-contexts for http.Requests. See https://golang.org/pkg/context/
8718// for more information on using Contexts.
8719func (c *IAM) ListAttachedUserPoliciesWithContext(ctx aws.Context, input *ListAttachedUserPoliciesInput, opts ...request.Option) (*ListAttachedUserPoliciesOutput, error) {
8720	req, out := c.ListAttachedUserPoliciesRequest(input)
8721	req.SetContext(ctx)
8722	req.ApplyOptions(opts...)
8723	return out, req.Send()
8724}
8725
8726// ListAttachedUserPoliciesPages iterates over the pages of a ListAttachedUserPolicies operation,
8727// calling the "fn" function with the response data for each page. To stop
8728// iterating, return false from the fn function.
8729//
8730// See ListAttachedUserPolicies method for more information on how to use this operation.
8731//
8732// Note: This operation can generate multiple requests to a service.
8733//
8734//    // Example iterating over at most 3 pages of a ListAttachedUserPolicies operation.
8735//    pageNum := 0
8736//    err := client.ListAttachedUserPoliciesPages(params,
8737//        func(page *iam.ListAttachedUserPoliciesOutput, lastPage bool) bool {
8738//            pageNum++
8739//            fmt.Println(page)
8740//            return pageNum <= 3
8741//        })
8742//
8743func (c *IAM) ListAttachedUserPoliciesPages(input *ListAttachedUserPoliciesInput, fn func(*ListAttachedUserPoliciesOutput, bool) bool) error {
8744	return c.ListAttachedUserPoliciesPagesWithContext(aws.BackgroundContext(), input, fn)
8745}
8746
8747// ListAttachedUserPoliciesPagesWithContext same as ListAttachedUserPoliciesPages except
8748// it takes a Context and allows setting request options on the pages.
8749//
8750// The context must be non-nil and will be used for request cancellation. If
8751// the context is nil a panic will occur. In the future the SDK may create
8752// sub-contexts for http.Requests. See https://golang.org/pkg/context/
8753// for more information on using Contexts.
8754func (c *IAM) ListAttachedUserPoliciesPagesWithContext(ctx aws.Context, input *ListAttachedUserPoliciesInput, fn func(*ListAttachedUserPoliciesOutput, bool) bool, opts ...request.Option) error {
8755	p := request.Pagination{
8756		NewRequest: func() (*request.Request, error) {
8757			var inCpy *ListAttachedUserPoliciesInput
8758			if input != nil {
8759				tmp := *input
8760				inCpy = &tmp
8761			}
8762			req, _ := c.ListAttachedUserPoliciesRequest(inCpy)
8763			req.SetContext(ctx)
8764			req.ApplyOptions(opts...)
8765			return req, nil
8766		},
8767	}
8768
8769	for p.Next() {
8770		if !fn(p.Page().(*ListAttachedUserPoliciesOutput), !p.HasNextPage()) {
8771			break
8772		}
8773	}
8774
8775	return p.Err()
8776}
8777
8778const opListEntitiesForPolicy = "ListEntitiesForPolicy"
8779
8780// ListEntitiesForPolicyRequest generates a "aws/request.Request" representing the
8781// client's request for the ListEntitiesForPolicy operation. The "output" return
8782// value will be populated with the request's response once the request completes
8783// successfully.
8784//
8785// Use "Send" method on the returned Request to send the API call to the service.
8786// the "output" return value is not valid until after Send returns without error.
8787//
8788// See ListEntitiesForPolicy for more information on using the ListEntitiesForPolicy
8789// API call, and error handling.
8790//
8791// This method is useful when you want to inject custom logic or configuration
8792// into the SDK's request lifecycle. Such as custom headers, or retry logic.
8793//
8794//
8795//    // Example sending a request using the ListEntitiesForPolicyRequest method.
8796//    req, resp := client.ListEntitiesForPolicyRequest(params)
8797//
8798//    err := req.Send()
8799//    if err == nil { // resp is now filled
8800//        fmt.Println(resp)
8801//    }
8802//
8803// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListEntitiesForPolicy
8804func (c *IAM) ListEntitiesForPolicyRequest(input *ListEntitiesForPolicyInput) (req *request.Request, output *ListEntitiesForPolicyOutput) {
8805	op := &request.Operation{
8806		Name:       opListEntitiesForPolicy,
8807		HTTPMethod: "POST",
8808		HTTPPath:   "/",
8809		Paginator: &request.Paginator{
8810			InputTokens:     []string{"Marker"},
8811			OutputTokens:    []string{"Marker"},
8812			LimitToken:      "MaxItems",
8813			TruncationToken: "IsTruncated",
8814		},
8815	}
8816
8817	if input == nil {
8818		input = &ListEntitiesForPolicyInput{}
8819	}
8820
8821	output = &ListEntitiesForPolicyOutput{}
8822	req = c.newRequest(op, input, output)
8823	return
8824}
8825
8826// ListEntitiesForPolicy API operation for AWS Identity and Access Management.
8827//
8828// Lists all IAM users, groups, and roles that the specified managed policy
8829// is attached to.
8830//
8831// You can use the optional EntityFilter parameter to limit the results to a
8832// particular type of entity (users, groups, or roles). For example, to list
8833// only the roles that are attached to the specified policy, set EntityFilter
8834// to Role.
8835//
8836// You can paginate the results using the MaxItems and Marker parameters.
8837//
8838// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
8839// with awserr.Error's Code and Message methods to get detailed information about
8840// the error.
8841//
8842// See the AWS API reference guide for AWS Identity and Access Management's
8843// API operation ListEntitiesForPolicy for usage and error information.
8844//
8845// Returned Error Codes:
8846//   * ErrCodeNoSuchEntityException "NoSuchEntity"
8847//   The request was rejected because it referenced a resource entity that does
8848//   not exist. The error message describes the resource.
8849//
8850//   * ErrCodeInvalidInputException "InvalidInput"
8851//   The request was rejected because an invalid or out-of-range value was supplied
8852//   for an input parameter.
8853//
8854//   * ErrCodeServiceFailureException "ServiceFailure"
8855//   The request processing has failed because of an unknown error, exception
8856//   or failure.
8857//
8858// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListEntitiesForPolicy
8859func (c *IAM) ListEntitiesForPolicy(input *ListEntitiesForPolicyInput) (*ListEntitiesForPolicyOutput, error) {
8860	req, out := c.ListEntitiesForPolicyRequest(input)
8861	return out, req.Send()
8862}
8863
8864// ListEntitiesForPolicyWithContext is the same as ListEntitiesForPolicy with the addition of
8865// the ability to pass a context and additional request options.
8866//
8867// See ListEntitiesForPolicy for details on how to use this API operation.
8868//
8869// The context must be non-nil and will be used for request cancellation. If
8870// the context is nil a panic will occur. In the future the SDK may create
8871// sub-contexts for http.Requests. See https://golang.org/pkg/context/
8872// for more information on using Contexts.
8873func (c *IAM) ListEntitiesForPolicyWithContext(ctx aws.Context, input *ListEntitiesForPolicyInput, opts ...request.Option) (*ListEntitiesForPolicyOutput, error) {
8874	req, out := c.ListEntitiesForPolicyRequest(input)
8875	req.SetContext(ctx)
8876	req.ApplyOptions(opts...)
8877	return out, req.Send()
8878}
8879
8880// ListEntitiesForPolicyPages iterates over the pages of a ListEntitiesForPolicy operation,
8881// calling the "fn" function with the response data for each page. To stop
8882// iterating, return false from the fn function.
8883//
8884// See ListEntitiesForPolicy method for more information on how to use this operation.
8885//
8886// Note: This operation can generate multiple requests to a service.
8887//
8888//    // Example iterating over at most 3 pages of a ListEntitiesForPolicy operation.
8889//    pageNum := 0
8890//    err := client.ListEntitiesForPolicyPages(params,
8891//        func(page *iam.ListEntitiesForPolicyOutput, lastPage bool) bool {
8892//            pageNum++
8893//            fmt.Println(page)
8894//            return pageNum <= 3
8895//        })
8896//
8897func (c *IAM) ListEntitiesForPolicyPages(input *ListEntitiesForPolicyInput, fn func(*ListEntitiesForPolicyOutput, bool) bool) error {
8898	return c.ListEntitiesForPolicyPagesWithContext(aws.BackgroundContext(), input, fn)
8899}
8900
8901// ListEntitiesForPolicyPagesWithContext same as ListEntitiesForPolicyPages except
8902// it takes a Context and allows setting request options on the pages.
8903//
8904// The context must be non-nil and will be used for request cancellation. If
8905// the context is nil a panic will occur. In the future the SDK may create
8906// sub-contexts for http.Requests. See https://golang.org/pkg/context/
8907// for more information on using Contexts.
8908func (c *IAM) ListEntitiesForPolicyPagesWithContext(ctx aws.Context, input *ListEntitiesForPolicyInput, fn func(*ListEntitiesForPolicyOutput, bool) bool, opts ...request.Option) error {
8909	p := request.Pagination{
8910		NewRequest: func() (*request.Request, error) {
8911			var inCpy *ListEntitiesForPolicyInput
8912			if input != nil {
8913				tmp := *input
8914				inCpy = &tmp
8915			}
8916			req, _ := c.ListEntitiesForPolicyRequest(inCpy)
8917			req.SetContext(ctx)
8918			req.ApplyOptions(opts...)
8919			return req, nil
8920		},
8921	}
8922
8923	for p.Next() {
8924		if !fn(p.Page().(*ListEntitiesForPolicyOutput), !p.HasNextPage()) {
8925			break
8926		}
8927	}
8928
8929	return p.Err()
8930}
8931
8932const opListGroupPolicies = "ListGroupPolicies"
8933
8934// ListGroupPoliciesRequest generates a "aws/request.Request" representing the
8935// client's request for the ListGroupPolicies operation. The "output" return
8936// value will be populated with the request's response once the request completes
8937// successfully.
8938//
8939// Use "Send" method on the returned Request to send the API call to the service.
8940// the "output" return value is not valid until after Send returns without error.
8941//
8942// See ListGroupPolicies for more information on using the ListGroupPolicies
8943// API call, and error handling.
8944//
8945// This method is useful when you want to inject custom logic or configuration
8946// into the SDK's request lifecycle. Such as custom headers, or retry logic.
8947//
8948//
8949//    // Example sending a request using the ListGroupPoliciesRequest method.
8950//    req, resp := client.ListGroupPoliciesRequest(params)
8951//
8952//    err := req.Send()
8953//    if err == nil { // resp is now filled
8954//        fmt.Println(resp)
8955//    }
8956//
8957// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListGroupPolicies
8958func (c *IAM) ListGroupPoliciesRequest(input *ListGroupPoliciesInput) (req *request.Request, output *ListGroupPoliciesOutput) {
8959	op := &request.Operation{
8960		Name:       opListGroupPolicies,
8961		HTTPMethod: "POST",
8962		HTTPPath:   "/",
8963		Paginator: &request.Paginator{
8964			InputTokens:     []string{"Marker"},
8965			OutputTokens:    []string{"Marker"},
8966			LimitToken:      "MaxItems",
8967			TruncationToken: "IsTruncated",
8968		},
8969	}
8970
8971	if input == nil {
8972		input = &ListGroupPoliciesInput{}
8973	}
8974
8975	output = &ListGroupPoliciesOutput{}
8976	req = c.newRequest(op, input, output)
8977	return
8978}
8979
8980// ListGroupPolicies API operation for AWS Identity and Access Management.
8981//
8982// Lists the names of the inline policies that are embedded in the specified
8983// IAM group.
8984//
8985// An IAM group can also have managed policies attached to it. To list the managed
8986// policies that are attached to a group, use ListAttachedGroupPolicies. For
8987// more information about policies, see Managed policies and inline policies
8988// (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
8989// in the IAM User Guide.
8990//
8991// You can paginate the results using the MaxItems and Marker parameters. If
8992// there are no inline policies embedded with the specified group, the operation
8993// returns an empty list.
8994//
8995// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
8996// with awserr.Error's Code and Message methods to get detailed information about
8997// the error.
8998//
8999// See the AWS API reference guide for AWS Identity and Access Management's
9000// API operation ListGroupPolicies for usage and error information.
9001//
9002// Returned Error Codes:
9003//   * ErrCodeNoSuchEntityException "NoSuchEntity"
9004//   The request was rejected because it referenced a resource entity that does
9005//   not exist. The error message describes the resource.
9006//
9007//   * ErrCodeServiceFailureException "ServiceFailure"
9008//   The request processing has failed because of an unknown error, exception
9009//   or failure.
9010//
9011// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListGroupPolicies
9012func (c *IAM) ListGroupPolicies(input *ListGroupPoliciesInput) (*ListGroupPoliciesOutput, error) {
9013	req, out := c.ListGroupPoliciesRequest(input)
9014	return out, req.Send()
9015}
9016
9017// ListGroupPoliciesWithContext is the same as ListGroupPolicies with the addition of
9018// the ability to pass a context and additional request options.
9019//
9020// See ListGroupPolicies for details on how to use this API operation.
9021//
9022// The context must be non-nil and will be used for request cancellation. If
9023// the context is nil a panic will occur. In the future the SDK may create
9024// sub-contexts for http.Requests. See https://golang.org/pkg/context/
9025// for more information on using Contexts.
9026func (c *IAM) ListGroupPoliciesWithContext(ctx aws.Context, input *ListGroupPoliciesInput, opts ...request.Option) (*ListGroupPoliciesOutput, error) {
9027	req, out := c.ListGroupPoliciesRequest(input)
9028	req.SetContext(ctx)
9029	req.ApplyOptions(opts...)
9030	return out, req.Send()
9031}
9032
9033// ListGroupPoliciesPages iterates over the pages of a ListGroupPolicies operation,
9034// calling the "fn" function with the response data for each page. To stop
9035// iterating, return false from the fn function.
9036//
9037// See ListGroupPolicies method for more information on how to use this operation.
9038//
9039// Note: This operation can generate multiple requests to a service.
9040//
9041//    // Example iterating over at most 3 pages of a ListGroupPolicies operation.
9042//    pageNum := 0
9043//    err := client.ListGroupPoliciesPages(params,
9044//        func(page *iam.ListGroupPoliciesOutput, lastPage bool) bool {
9045//            pageNum++
9046//            fmt.Println(page)
9047//            return pageNum <= 3
9048//        })
9049//
9050func (c *IAM) ListGroupPoliciesPages(input *ListGroupPoliciesInput, fn func(*ListGroupPoliciesOutput, bool) bool) error {
9051	return c.ListGroupPoliciesPagesWithContext(aws.BackgroundContext(), input, fn)
9052}
9053
9054// ListGroupPoliciesPagesWithContext same as ListGroupPoliciesPages except
9055// it takes a Context and allows setting request options on the pages.
9056//
9057// The context must be non-nil and will be used for request cancellation. If
9058// the context is nil a panic will occur. In the future the SDK may create
9059// sub-contexts for http.Requests. See https://golang.org/pkg/context/
9060// for more information on using Contexts.
9061func (c *IAM) ListGroupPoliciesPagesWithContext(ctx aws.Context, input *ListGroupPoliciesInput, fn func(*ListGroupPoliciesOutput, bool) bool, opts ...request.Option) error {
9062	p := request.Pagination{
9063		NewRequest: func() (*request.Request, error) {
9064			var inCpy *ListGroupPoliciesInput
9065			if input != nil {
9066				tmp := *input
9067				inCpy = &tmp
9068			}
9069			req, _ := c.ListGroupPoliciesRequest(inCpy)
9070			req.SetContext(ctx)
9071			req.ApplyOptions(opts...)
9072			return req, nil
9073		},
9074	}
9075
9076	for p.Next() {
9077		if !fn(p.Page().(*ListGroupPoliciesOutput), !p.HasNextPage()) {
9078			break
9079		}
9080	}
9081
9082	return p.Err()
9083}
9084
9085const opListGroups = "ListGroups"
9086
9087// ListGroupsRequest generates a "aws/request.Request" representing the
9088// client's request for the ListGroups operation. The "output" return
9089// value will be populated with the request's response once the request completes
9090// successfully.
9091//
9092// Use "Send" method on the returned Request to send the API call to the service.
9093// the "output" return value is not valid until after Send returns without error.
9094//
9095// See ListGroups for more information on using the ListGroups
9096// API call, and error handling.
9097//
9098// This method is useful when you want to inject custom logic or configuration
9099// into the SDK's request lifecycle. Such as custom headers, or retry logic.
9100//
9101//
9102//    // Example sending a request using the ListGroupsRequest method.
9103//    req, resp := client.ListGroupsRequest(params)
9104//
9105//    err := req.Send()
9106//    if err == nil { // resp is now filled
9107//        fmt.Println(resp)
9108//    }
9109//
9110// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListGroups
9111func (c *IAM) ListGroupsRequest(input *ListGroupsInput) (req *request.Request, output *ListGroupsOutput) {
9112	op := &request.Operation{
9113		Name:       opListGroups,
9114		HTTPMethod: "POST",
9115		HTTPPath:   "/",
9116		Paginator: &request.Paginator{
9117			InputTokens:     []string{"Marker"},
9118			OutputTokens:    []string{"Marker"},
9119			LimitToken:      "MaxItems",
9120			TruncationToken: "IsTruncated",
9121		},
9122	}
9123
9124	if input == nil {
9125		input = &ListGroupsInput{}
9126	}
9127
9128	output = &ListGroupsOutput{}
9129	req = c.newRequest(op, input, output)
9130	return
9131}
9132
9133// ListGroups API operation for AWS Identity and Access Management.
9134//
9135// Lists the IAM groups that have the specified path prefix.
9136//
9137// You can paginate the results using the MaxItems and Marker parameters.
9138//
9139// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
9140// with awserr.Error's Code and Message methods to get detailed information about
9141// the error.
9142//
9143// See the AWS API reference guide for AWS Identity and Access Management's
9144// API operation ListGroups for usage and error information.
9145//
9146// Returned Error Codes:
9147//   * ErrCodeServiceFailureException "ServiceFailure"
9148//   The request processing has failed because of an unknown error, exception
9149//   or failure.
9150//
9151// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListGroups
9152func (c *IAM) ListGroups(input *ListGroupsInput) (*ListGroupsOutput, error) {
9153	req, out := c.ListGroupsRequest(input)
9154	return out, req.Send()
9155}
9156
9157// ListGroupsWithContext is the same as ListGroups with the addition of
9158// the ability to pass a context and additional request options.
9159//
9160// See ListGroups for details on how to use this API operation.
9161//
9162// The context must be non-nil and will be used for request cancellation. If
9163// the context is nil a panic will occur. In the future the SDK may create
9164// sub-contexts for http.Requests. See https://golang.org/pkg/context/
9165// for more information on using Contexts.
9166func (c *IAM) ListGroupsWithContext(ctx aws.Context, input *ListGroupsInput, opts ...request.Option) (*ListGroupsOutput, error) {
9167	req, out := c.ListGroupsRequest(input)
9168	req.SetContext(ctx)
9169	req.ApplyOptions(opts...)
9170	return out, req.Send()
9171}
9172
9173// ListGroupsPages iterates over the pages of a ListGroups operation,
9174// calling the "fn" function with the response data for each page. To stop
9175// iterating, return false from the fn function.
9176//
9177// See ListGroups method for more information on how to use this operation.
9178//
9179// Note: This operation can generate multiple requests to a service.
9180//
9181//    // Example iterating over at most 3 pages of a ListGroups operation.
9182//    pageNum := 0
9183//    err := client.ListGroupsPages(params,
9184//        func(page *iam.ListGroupsOutput, lastPage bool) bool {
9185//            pageNum++
9186//            fmt.Println(page)
9187//            return pageNum <= 3
9188//        })
9189//
9190func (c *IAM) ListGroupsPages(input *ListGroupsInput, fn func(*ListGroupsOutput, bool) bool) error {
9191	return c.ListGroupsPagesWithContext(aws.BackgroundContext(), input, fn)
9192}
9193
9194// ListGroupsPagesWithContext same as ListGroupsPages except
9195// it takes a Context and allows setting request options on the pages.
9196//
9197// The context must be non-nil and will be used for request cancellation. If
9198// the context is nil a panic will occur. In the future the SDK may create
9199// sub-contexts for http.Requests. See https://golang.org/pkg/context/
9200// for more information on using Contexts.
9201func (c *IAM) ListGroupsPagesWithContext(ctx aws.Context, input *ListGroupsInput, fn func(*ListGroupsOutput, bool) bool, opts ...request.Option) error {
9202	p := request.Pagination{
9203		NewRequest: func() (*request.Request, error) {
9204			var inCpy *ListGroupsInput
9205			if input != nil {
9206				tmp := *input
9207				inCpy = &tmp
9208			}
9209			req, _ := c.ListGroupsRequest(inCpy)
9210			req.SetContext(ctx)
9211			req.ApplyOptions(opts...)
9212			return req, nil
9213		},
9214	}
9215
9216	for p.Next() {
9217		if !fn(p.Page().(*ListGroupsOutput), !p.HasNextPage()) {
9218			break
9219		}
9220	}
9221
9222	return p.Err()
9223}
9224
9225const opListGroupsForUser = "ListGroupsForUser"
9226
9227// ListGroupsForUserRequest generates a "aws/request.Request" representing the
9228// client's request for the ListGroupsForUser operation. The "output" return
9229// value will be populated with the request's response once the request completes
9230// successfully.
9231//
9232// Use "Send" method on the returned Request to send the API call to the service.
9233// the "output" return value is not valid until after Send returns without error.
9234//
9235// See ListGroupsForUser for more information on using the ListGroupsForUser
9236// API call, and error handling.
9237//
9238// This method is useful when you want to inject custom logic or configuration
9239// into the SDK's request lifecycle. Such as custom headers, or retry logic.
9240//
9241//
9242//    // Example sending a request using the ListGroupsForUserRequest method.
9243//    req, resp := client.ListGroupsForUserRequest(params)
9244//
9245//    err := req.Send()
9246//    if err == nil { // resp is now filled
9247//        fmt.Println(resp)
9248//    }
9249//
9250// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListGroupsForUser
9251func (c *IAM) ListGroupsForUserRequest(input *ListGroupsForUserInput) (req *request.Request, output *ListGroupsForUserOutput) {
9252	op := &request.Operation{
9253		Name:       opListGroupsForUser,
9254		HTTPMethod: "POST",
9255		HTTPPath:   "/",
9256		Paginator: &request.Paginator{
9257			InputTokens:     []string{"Marker"},
9258			OutputTokens:    []string{"Marker"},
9259			LimitToken:      "MaxItems",
9260			TruncationToken: "IsTruncated",
9261		},
9262	}
9263
9264	if input == nil {
9265		input = &ListGroupsForUserInput{}
9266	}
9267
9268	output = &ListGroupsForUserOutput{}
9269	req = c.newRequest(op, input, output)
9270	return
9271}
9272
9273// ListGroupsForUser API operation for AWS Identity and Access Management.
9274//
9275// Lists the IAM groups that the specified IAM user belongs to.
9276//
9277// You can paginate the results using the MaxItems and Marker parameters.
9278//
9279// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
9280// with awserr.Error's Code and Message methods to get detailed information about
9281// the error.
9282//
9283// See the AWS API reference guide for AWS Identity and Access Management's
9284// API operation ListGroupsForUser for usage and error information.
9285//
9286// Returned Error Codes:
9287//   * ErrCodeNoSuchEntityException "NoSuchEntity"
9288//   The request was rejected because it referenced a resource entity that does
9289//   not exist. The error message describes the resource.
9290//
9291//   * ErrCodeServiceFailureException "ServiceFailure"
9292//   The request processing has failed because of an unknown error, exception
9293//   or failure.
9294//
9295// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListGroupsForUser
9296func (c *IAM) ListGroupsForUser(input *ListGroupsForUserInput) (*ListGroupsForUserOutput, error) {
9297	req, out := c.ListGroupsForUserRequest(input)
9298	return out, req.Send()
9299}
9300
9301// ListGroupsForUserWithContext is the same as ListGroupsForUser with the addition of
9302// the ability to pass a context and additional request options.
9303//
9304// See ListGroupsForUser for details on how to use this API operation.
9305//
9306// The context must be non-nil and will be used for request cancellation. If
9307// the context is nil a panic will occur. In the future the SDK may create
9308// sub-contexts for http.Requests. See https://golang.org/pkg/context/
9309// for more information on using Contexts.
9310func (c *IAM) ListGroupsForUserWithContext(ctx aws.Context, input *ListGroupsForUserInput, opts ...request.Option) (*ListGroupsForUserOutput, error) {
9311	req, out := c.ListGroupsForUserRequest(input)
9312	req.SetContext(ctx)
9313	req.ApplyOptions(opts...)
9314	return out, req.Send()
9315}
9316
9317// ListGroupsForUserPages iterates over the pages of a ListGroupsForUser operation,
9318// calling the "fn" function with the response data for each page. To stop
9319// iterating, return false from the fn function.
9320//
9321// See ListGroupsForUser method for more information on how to use this operation.
9322//
9323// Note: This operation can generate multiple requests to a service.
9324//
9325//    // Example iterating over at most 3 pages of a ListGroupsForUser operation.
9326//    pageNum := 0
9327//    err := client.ListGroupsForUserPages(params,
9328//        func(page *iam.ListGroupsForUserOutput, lastPage bool) bool {
9329//            pageNum++
9330//            fmt.Println(page)
9331//            return pageNum <= 3
9332//        })
9333//
9334func (c *IAM) ListGroupsForUserPages(input *ListGroupsForUserInput, fn func(*ListGroupsForUserOutput, bool) bool) error {
9335	return c.ListGroupsForUserPagesWithContext(aws.BackgroundContext(), input, fn)
9336}
9337
9338// ListGroupsForUserPagesWithContext same as ListGroupsForUserPages except
9339// it takes a Context and allows setting request options on the pages.
9340//
9341// The context must be non-nil and will be used for request cancellation. If
9342// the context is nil a panic will occur. In the future the SDK may create
9343// sub-contexts for http.Requests. See https://golang.org/pkg/context/
9344// for more information on using Contexts.
9345func (c *IAM) ListGroupsForUserPagesWithContext(ctx aws.Context, input *ListGroupsForUserInput, fn func(*ListGroupsForUserOutput, bool) bool, opts ...request.Option) error {
9346	p := request.Pagination{
9347		NewRequest: func() (*request.Request, error) {
9348			var inCpy *ListGroupsForUserInput
9349			if input != nil {
9350				tmp := *input
9351				inCpy = &tmp
9352			}
9353			req, _ := c.ListGroupsForUserRequest(inCpy)
9354			req.SetContext(ctx)
9355			req.ApplyOptions(opts...)
9356			return req, nil
9357		},
9358	}
9359
9360	for p.Next() {
9361		if !fn(p.Page().(*ListGroupsForUserOutput), !p.HasNextPage()) {
9362			break
9363		}
9364	}
9365
9366	return p.Err()
9367}
9368
9369const opListInstanceProfileTags = "ListInstanceProfileTags"
9370
9371// ListInstanceProfileTagsRequest generates a "aws/request.Request" representing the
9372// client's request for the ListInstanceProfileTags operation. The "output" return
9373// value will be populated with the request's response once the request completes
9374// successfully.
9375//
9376// Use "Send" method on the returned Request to send the API call to the service.
9377// the "output" return value is not valid until after Send returns without error.
9378//
9379// See ListInstanceProfileTags for more information on using the ListInstanceProfileTags
9380// API call, and error handling.
9381//
9382// This method is useful when you want to inject custom logic or configuration
9383// into the SDK's request lifecycle. Such as custom headers, or retry logic.
9384//
9385//
9386//    // Example sending a request using the ListInstanceProfileTagsRequest method.
9387//    req, resp := client.ListInstanceProfileTagsRequest(params)
9388//
9389//    err := req.Send()
9390//    if err == nil { // resp is now filled
9391//        fmt.Println(resp)
9392//    }
9393//
9394// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListInstanceProfileTags
9395func (c *IAM) ListInstanceProfileTagsRequest(input *ListInstanceProfileTagsInput) (req *request.Request, output *ListInstanceProfileTagsOutput) {
9396	op := &request.Operation{
9397		Name:       opListInstanceProfileTags,
9398		HTTPMethod: "POST",
9399		HTTPPath:   "/",
9400	}
9401
9402	if input == nil {
9403		input = &ListInstanceProfileTagsInput{}
9404	}
9405
9406	output = &ListInstanceProfileTagsOutput{}
9407	req = c.newRequest(op, input, output)
9408	return
9409}
9410
9411// ListInstanceProfileTags API operation for AWS Identity and Access Management.
9412//
9413// Lists the tags that are attached to the specified IAM instance profile. The
9414// returned list of tags is sorted by tag key. For more information about tagging,
9415// see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
9416// in the IAM User Guide.
9417//
9418// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
9419// with awserr.Error's Code and Message methods to get detailed information about
9420// the error.
9421//
9422// See the AWS API reference guide for AWS Identity and Access Management's
9423// API operation ListInstanceProfileTags for usage and error information.
9424//
9425// Returned Error Codes:
9426//   * ErrCodeNoSuchEntityException "NoSuchEntity"
9427//   The request was rejected because it referenced a resource entity that does
9428//   not exist. The error message describes the resource.
9429//
9430//   * ErrCodeServiceFailureException "ServiceFailure"
9431//   The request processing has failed because of an unknown error, exception
9432//   or failure.
9433//
9434// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListInstanceProfileTags
9435func (c *IAM) ListInstanceProfileTags(input *ListInstanceProfileTagsInput) (*ListInstanceProfileTagsOutput, error) {
9436	req, out := c.ListInstanceProfileTagsRequest(input)
9437	return out, req.Send()
9438}
9439
9440// ListInstanceProfileTagsWithContext is the same as ListInstanceProfileTags with the addition of
9441// the ability to pass a context and additional request options.
9442//
9443// See ListInstanceProfileTags for details on how to use this API operation.
9444//
9445// The context must be non-nil and will be used for request cancellation. If
9446// the context is nil a panic will occur. In the future the SDK may create
9447// sub-contexts for http.Requests. See https://golang.org/pkg/context/
9448// for more information on using Contexts.
9449func (c *IAM) ListInstanceProfileTagsWithContext(ctx aws.Context, input *ListInstanceProfileTagsInput, opts ...request.Option) (*ListInstanceProfileTagsOutput, error) {
9450	req, out := c.ListInstanceProfileTagsRequest(input)
9451	req.SetContext(ctx)
9452	req.ApplyOptions(opts...)
9453	return out, req.Send()
9454}
9455
9456const opListInstanceProfiles = "ListInstanceProfiles"
9457
9458// ListInstanceProfilesRequest generates a "aws/request.Request" representing the
9459// client's request for the ListInstanceProfiles operation. The "output" return
9460// value will be populated with the request's response once the request completes
9461// successfully.
9462//
9463// Use "Send" method on the returned Request to send the API call to the service.
9464// the "output" return value is not valid until after Send returns without error.
9465//
9466// See ListInstanceProfiles for more information on using the ListInstanceProfiles
9467// API call, and error handling.
9468//
9469// This method is useful when you want to inject custom logic or configuration
9470// into the SDK's request lifecycle. Such as custom headers, or retry logic.
9471//
9472//
9473//    // Example sending a request using the ListInstanceProfilesRequest method.
9474//    req, resp := client.ListInstanceProfilesRequest(params)
9475//
9476//    err := req.Send()
9477//    if err == nil { // resp is now filled
9478//        fmt.Println(resp)
9479//    }
9480//
9481// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListInstanceProfiles
9482func (c *IAM) ListInstanceProfilesRequest(input *ListInstanceProfilesInput) (req *request.Request, output *ListInstanceProfilesOutput) {
9483	op := &request.Operation{
9484		Name:       opListInstanceProfiles,
9485		HTTPMethod: "POST",
9486		HTTPPath:   "/",
9487		Paginator: &request.Paginator{
9488			InputTokens:     []string{"Marker"},
9489			OutputTokens:    []string{"Marker"},
9490			LimitToken:      "MaxItems",
9491			TruncationToken: "IsTruncated",
9492		},
9493	}
9494
9495	if input == nil {
9496		input = &ListInstanceProfilesInput{}
9497	}
9498
9499	output = &ListInstanceProfilesOutput{}
9500	req = c.newRequest(op, input, output)
9501	return
9502}
9503
9504// ListInstanceProfiles API operation for AWS Identity and Access Management.
9505//
9506// Lists the instance profiles that have the specified path prefix. If there
9507// are none, the operation returns an empty list. For more information about
9508// instance profiles, see About instance profiles (https://docs.aws.amazon.com/IAM/latest/UserGuide/AboutInstanceProfiles.html).
9509//
9510// IAM resource-listing operations return a subset of the available attributes
9511// for the resource. For example, this operation does not return tags, even
9512// though they are an attribute of the returned object. To view all of the information
9513// for an instance profile, see GetInstanceProfile.
9514//
9515// You can paginate the results using the MaxItems and Marker parameters.
9516//
9517// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
9518// with awserr.Error's Code and Message methods to get detailed information about
9519// the error.
9520//
9521// See the AWS API reference guide for AWS Identity and Access Management's
9522// API operation ListInstanceProfiles for usage and error information.
9523//
9524// Returned Error Codes:
9525//   * ErrCodeServiceFailureException "ServiceFailure"
9526//   The request processing has failed because of an unknown error, exception
9527//   or failure.
9528//
9529// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListInstanceProfiles
9530func (c *IAM) ListInstanceProfiles(input *ListInstanceProfilesInput) (*ListInstanceProfilesOutput, error) {
9531	req, out := c.ListInstanceProfilesRequest(input)
9532	return out, req.Send()
9533}
9534
9535// ListInstanceProfilesWithContext is the same as ListInstanceProfiles with the addition of
9536// the ability to pass a context and additional request options.
9537//
9538// See ListInstanceProfiles for details on how to use this API operation.
9539//
9540// The context must be non-nil and will be used for request cancellation. If
9541// the context is nil a panic will occur. In the future the SDK may create
9542// sub-contexts for http.Requests. See https://golang.org/pkg/context/
9543// for more information on using Contexts.
9544func (c *IAM) ListInstanceProfilesWithContext(ctx aws.Context, input *ListInstanceProfilesInput, opts ...request.Option) (*ListInstanceProfilesOutput, error) {
9545	req, out := c.ListInstanceProfilesRequest(input)
9546	req.SetContext(ctx)
9547	req.ApplyOptions(opts...)
9548	return out, req.Send()
9549}
9550
9551// ListInstanceProfilesPages iterates over the pages of a ListInstanceProfiles operation,
9552// calling the "fn" function with the response data for each page. To stop
9553// iterating, return false from the fn function.
9554//
9555// See ListInstanceProfiles method for more information on how to use this operation.
9556//
9557// Note: This operation can generate multiple requests to a service.
9558//
9559//    // Example iterating over at most 3 pages of a ListInstanceProfiles operation.
9560//    pageNum := 0
9561//    err := client.ListInstanceProfilesPages(params,
9562//        func(page *iam.ListInstanceProfilesOutput, lastPage bool) bool {
9563//            pageNum++
9564//            fmt.Println(page)
9565//            return pageNum <= 3
9566//        })
9567//
9568func (c *IAM) ListInstanceProfilesPages(input *ListInstanceProfilesInput, fn func(*ListInstanceProfilesOutput, bool) bool) error {
9569	return c.ListInstanceProfilesPagesWithContext(aws.BackgroundContext(), input, fn)
9570}
9571
9572// ListInstanceProfilesPagesWithContext same as ListInstanceProfilesPages except
9573// it takes a Context and allows setting request options on the pages.
9574//
9575// The context must be non-nil and will be used for request cancellation. If
9576// the context is nil a panic will occur. In the future the SDK may create
9577// sub-contexts for http.Requests. See https://golang.org/pkg/context/
9578// for more information on using Contexts.
9579func (c *IAM) ListInstanceProfilesPagesWithContext(ctx aws.Context, input *ListInstanceProfilesInput, fn func(*ListInstanceProfilesOutput, bool) bool, opts ...request.Option) error {
9580	p := request.Pagination{
9581		NewRequest: func() (*request.Request, error) {
9582			var inCpy *ListInstanceProfilesInput
9583			if input != nil {
9584				tmp := *input
9585				inCpy = &tmp
9586			}
9587			req, _ := c.ListInstanceProfilesRequest(inCpy)
9588			req.SetContext(ctx)
9589			req.ApplyOptions(opts...)
9590			return req, nil
9591		},
9592	}
9593
9594	for p.Next() {
9595		if !fn(p.Page().(*ListInstanceProfilesOutput), !p.HasNextPage()) {
9596			break
9597		}
9598	}
9599
9600	return p.Err()
9601}
9602
9603const opListInstanceProfilesForRole = "ListInstanceProfilesForRole"
9604
9605// ListInstanceProfilesForRoleRequest generates a "aws/request.Request" representing the
9606// client's request for the ListInstanceProfilesForRole operation. The "output" return
9607// value will be populated with the request's response once the request completes
9608// successfully.
9609//
9610// Use "Send" method on the returned Request to send the API call to the service.
9611// the "output" return value is not valid until after Send returns without error.
9612//
9613// See ListInstanceProfilesForRole for more information on using the ListInstanceProfilesForRole
9614// API call, and error handling.
9615//
9616// This method is useful when you want to inject custom logic or configuration
9617// into the SDK's request lifecycle. Such as custom headers, or retry logic.
9618//
9619//
9620//    // Example sending a request using the ListInstanceProfilesForRoleRequest method.
9621//    req, resp := client.ListInstanceProfilesForRoleRequest(params)
9622//
9623//    err := req.Send()
9624//    if err == nil { // resp is now filled
9625//        fmt.Println(resp)
9626//    }
9627//
9628// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListInstanceProfilesForRole
9629func (c *IAM) ListInstanceProfilesForRoleRequest(input *ListInstanceProfilesForRoleInput) (req *request.Request, output *ListInstanceProfilesForRoleOutput) {
9630	op := &request.Operation{
9631		Name:       opListInstanceProfilesForRole,
9632		HTTPMethod: "POST",
9633		HTTPPath:   "/",
9634		Paginator: &request.Paginator{
9635			InputTokens:     []string{"Marker"},
9636			OutputTokens:    []string{"Marker"},
9637			LimitToken:      "MaxItems",
9638			TruncationToken: "IsTruncated",
9639		},
9640	}
9641
9642	if input == nil {
9643		input = &ListInstanceProfilesForRoleInput{}
9644	}
9645
9646	output = &ListInstanceProfilesForRoleOutput{}
9647	req = c.newRequest(op, input, output)
9648	return
9649}
9650
9651// ListInstanceProfilesForRole API operation for AWS Identity and Access Management.
9652//
9653// Lists the instance profiles that have the specified associated IAM role.
9654// If there are none, the operation returns an empty list. For more information
9655// about instance profiles, go to About instance profiles (https://docs.aws.amazon.com/IAM/latest/UserGuide/AboutInstanceProfiles.html).
9656//
9657// You can paginate the results using the MaxItems and Marker parameters.
9658//
9659// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
9660// with awserr.Error's Code and Message methods to get detailed information about
9661// the error.
9662//
9663// See the AWS API reference guide for AWS Identity and Access Management's
9664// API operation ListInstanceProfilesForRole for usage and error information.
9665//
9666// Returned Error Codes:
9667//   * ErrCodeNoSuchEntityException "NoSuchEntity"
9668//   The request was rejected because it referenced a resource entity that does
9669//   not exist. The error message describes the resource.
9670//
9671//   * ErrCodeServiceFailureException "ServiceFailure"
9672//   The request processing has failed because of an unknown error, exception
9673//   or failure.
9674//
9675// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListInstanceProfilesForRole
9676func (c *IAM) ListInstanceProfilesForRole(input *ListInstanceProfilesForRoleInput) (*ListInstanceProfilesForRoleOutput, error) {
9677	req, out := c.ListInstanceProfilesForRoleRequest(input)
9678	return out, req.Send()
9679}
9680
9681// ListInstanceProfilesForRoleWithContext is the same as ListInstanceProfilesForRole with the addition of
9682// the ability to pass a context and additional request options.
9683//
9684// See ListInstanceProfilesForRole for details on how to use this API operation.
9685//
9686// The context must be non-nil and will be used for request cancellation. If
9687// the context is nil a panic will occur. In the future the SDK may create
9688// sub-contexts for http.Requests. See https://golang.org/pkg/context/
9689// for more information on using Contexts.
9690func (c *IAM) ListInstanceProfilesForRoleWithContext(ctx aws.Context, input *ListInstanceProfilesForRoleInput, opts ...request.Option) (*ListInstanceProfilesForRoleOutput, error) {
9691	req, out := c.ListInstanceProfilesForRoleRequest(input)
9692	req.SetContext(ctx)
9693	req.ApplyOptions(opts...)
9694	return out, req.Send()
9695}
9696
9697// ListInstanceProfilesForRolePages iterates over the pages of a ListInstanceProfilesForRole operation,
9698// calling the "fn" function with the response data for each page. To stop
9699// iterating, return false from the fn function.
9700//
9701// See ListInstanceProfilesForRole method for more information on how to use this operation.
9702//
9703// Note: This operation can generate multiple requests to a service.
9704//
9705//    // Example iterating over at most 3 pages of a ListInstanceProfilesForRole operation.
9706//    pageNum := 0
9707//    err := client.ListInstanceProfilesForRolePages(params,
9708//        func(page *iam.ListInstanceProfilesForRoleOutput, lastPage bool) bool {
9709//            pageNum++
9710//            fmt.Println(page)
9711//            return pageNum <= 3
9712//        })
9713//
9714func (c *IAM) ListInstanceProfilesForRolePages(input *ListInstanceProfilesForRoleInput, fn func(*ListInstanceProfilesForRoleOutput, bool) bool) error {
9715	return c.ListInstanceProfilesForRolePagesWithContext(aws.BackgroundContext(), input, fn)
9716}
9717
9718// ListInstanceProfilesForRolePagesWithContext same as ListInstanceProfilesForRolePages except
9719// it takes a Context and allows setting request options on the pages.
9720//
9721// The context must be non-nil and will be used for request cancellation. If
9722// the context is nil a panic will occur. In the future the SDK may create
9723// sub-contexts for http.Requests. See https://golang.org/pkg/context/
9724// for more information on using Contexts.
9725func (c *IAM) ListInstanceProfilesForRolePagesWithContext(ctx aws.Context, input *ListInstanceProfilesForRoleInput, fn func(*ListInstanceProfilesForRoleOutput, bool) bool, opts ...request.Option) error {
9726	p := request.Pagination{
9727		NewRequest: func() (*request.Request, error) {
9728			var inCpy *ListInstanceProfilesForRoleInput
9729			if input != nil {
9730				tmp := *input
9731				inCpy = &tmp
9732			}
9733			req, _ := c.ListInstanceProfilesForRoleRequest(inCpy)
9734			req.SetContext(ctx)
9735			req.ApplyOptions(opts...)
9736			return req, nil
9737		},
9738	}
9739
9740	for p.Next() {
9741		if !fn(p.Page().(*ListInstanceProfilesForRoleOutput), !p.HasNextPage()) {
9742			break
9743		}
9744	}
9745
9746	return p.Err()
9747}
9748
9749const opListMFADeviceTags = "ListMFADeviceTags"
9750
9751// ListMFADeviceTagsRequest generates a "aws/request.Request" representing the
9752// client's request for the ListMFADeviceTags operation. The "output" return
9753// value will be populated with the request's response once the request completes
9754// successfully.
9755//
9756// Use "Send" method on the returned Request to send the API call to the service.
9757// the "output" return value is not valid until after Send returns without error.
9758//
9759// See ListMFADeviceTags for more information on using the ListMFADeviceTags
9760// API call, and error handling.
9761//
9762// This method is useful when you want to inject custom logic or configuration
9763// into the SDK's request lifecycle. Such as custom headers, or retry logic.
9764//
9765//
9766//    // Example sending a request using the ListMFADeviceTagsRequest method.
9767//    req, resp := client.ListMFADeviceTagsRequest(params)
9768//
9769//    err := req.Send()
9770//    if err == nil { // resp is now filled
9771//        fmt.Println(resp)
9772//    }
9773//
9774// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListMFADeviceTags
9775func (c *IAM) ListMFADeviceTagsRequest(input *ListMFADeviceTagsInput) (req *request.Request, output *ListMFADeviceTagsOutput) {
9776	op := &request.Operation{
9777		Name:       opListMFADeviceTags,
9778		HTTPMethod: "POST",
9779		HTTPPath:   "/",
9780	}
9781
9782	if input == nil {
9783		input = &ListMFADeviceTagsInput{}
9784	}
9785
9786	output = &ListMFADeviceTagsOutput{}
9787	req = c.newRequest(op, input, output)
9788	return
9789}
9790
9791// ListMFADeviceTags API operation for AWS Identity and Access Management.
9792//
9793// Lists the tags that are attached to the specified IAM virtual multi-factor
9794// authentication (MFA) device. The returned list of tags is sorted by tag key.
9795// For more information about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
9796// in the IAM User Guide.
9797//
9798// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
9799// with awserr.Error's Code and Message methods to get detailed information about
9800// the error.
9801//
9802// See the AWS API reference guide for AWS Identity and Access Management's
9803// API operation ListMFADeviceTags for usage and error information.
9804//
9805// Returned Error Codes:
9806//   * ErrCodeNoSuchEntityException "NoSuchEntity"
9807//   The request was rejected because it referenced a resource entity that does
9808//   not exist. The error message describes the resource.
9809//
9810//   * ErrCodeInvalidInputException "InvalidInput"
9811//   The request was rejected because an invalid or out-of-range value was supplied
9812//   for an input parameter.
9813//
9814//   * ErrCodeServiceFailureException "ServiceFailure"
9815//   The request processing has failed because of an unknown error, exception
9816//   or failure.
9817//
9818// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListMFADeviceTags
9819func (c *IAM) ListMFADeviceTags(input *ListMFADeviceTagsInput) (*ListMFADeviceTagsOutput, error) {
9820	req, out := c.ListMFADeviceTagsRequest(input)
9821	return out, req.Send()
9822}
9823
9824// ListMFADeviceTagsWithContext is the same as ListMFADeviceTags with the addition of
9825// the ability to pass a context and additional request options.
9826//
9827// See ListMFADeviceTags for details on how to use this API operation.
9828//
9829// The context must be non-nil and will be used for request cancellation. If
9830// the context is nil a panic will occur. In the future the SDK may create
9831// sub-contexts for http.Requests. See https://golang.org/pkg/context/
9832// for more information on using Contexts.
9833func (c *IAM) ListMFADeviceTagsWithContext(ctx aws.Context, input *ListMFADeviceTagsInput, opts ...request.Option) (*ListMFADeviceTagsOutput, error) {
9834	req, out := c.ListMFADeviceTagsRequest(input)
9835	req.SetContext(ctx)
9836	req.ApplyOptions(opts...)
9837	return out, req.Send()
9838}
9839
9840const opListMFADevices = "ListMFADevices"
9841
9842// ListMFADevicesRequest generates a "aws/request.Request" representing the
9843// client's request for the ListMFADevices operation. The "output" return
9844// value will be populated with the request's response once the request completes
9845// successfully.
9846//
9847// Use "Send" method on the returned Request to send the API call to the service.
9848// the "output" return value is not valid until after Send returns without error.
9849//
9850// See ListMFADevices for more information on using the ListMFADevices
9851// API call, and error handling.
9852//
9853// This method is useful when you want to inject custom logic or configuration
9854// into the SDK's request lifecycle. Such as custom headers, or retry logic.
9855//
9856//
9857//    // Example sending a request using the ListMFADevicesRequest method.
9858//    req, resp := client.ListMFADevicesRequest(params)
9859//
9860//    err := req.Send()
9861//    if err == nil { // resp is now filled
9862//        fmt.Println(resp)
9863//    }
9864//
9865// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListMFADevices
9866func (c *IAM) ListMFADevicesRequest(input *ListMFADevicesInput) (req *request.Request, output *ListMFADevicesOutput) {
9867	op := &request.Operation{
9868		Name:       opListMFADevices,
9869		HTTPMethod: "POST",
9870		HTTPPath:   "/",
9871		Paginator: &request.Paginator{
9872			InputTokens:     []string{"Marker"},
9873			OutputTokens:    []string{"Marker"},
9874			LimitToken:      "MaxItems",
9875			TruncationToken: "IsTruncated",
9876		},
9877	}
9878
9879	if input == nil {
9880		input = &ListMFADevicesInput{}
9881	}
9882
9883	output = &ListMFADevicesOutput{}
9884	req = c.newRequest(op, input, output)
9885	return
9886}
9887
9888// ListMFADevices API operation for AWS Identity and Access Management.
9889//
9890// Lists the MFA devices for an IAM user. If the request includes a IAM user
9891// name, then this operation lists all the MFA devices associated with the specified
9892// user. If you do not specify a user name, IAM determines the user name implicitly
9893// based on the Amazon Web Services access key ID signing the request for this
9894// operation.
9895//
9896// You can paginate the results using the MaxItems and Marker parameters.
9897//
9898// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
9899// with awserr.Error's Code and Message methods to get detailed information about
9900// the error.
9901//
9902// See the AWS API reference guide for AWS Identity and Access Management's
9903// API operation ListMFADevices for usage and error information.
9904//
9905// Returned Error Codes:
9906//   * ErrCodeNoSuchEntityException "NoSuchEntity"
9907//   The request was rejected because it referenced a resource entity that does
9908//   not exist. The error message describes the resource.
9909//
9910//   * ErrCodeServiceFailureException "ServiceFailure"
9911//   The request processing has failed because of an unknown error, exception
9912//   or failure.
9913//
9914// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListMFADevices
9915func (c *IAM) ListMFADevices(input *ListMFADevicesInput) (*ListMFADevicesOutput, error) {
9916	req, out := c.ListMFADevicesRequest(input)
9917	return out, req.Send()
9918}
9919
9920// ListMFADevicesWithContext is the same as ListMFADevices with the addition of
9921// the ability to pass a context and additional request options.
9922//
9923// See ListMFADevices for details on how to use this API operation.
9924//
9925// The context must be non-nil and will be used for request cancellation. If
9926// the context is nil a panic will occur. In the future the SDK may create
9927// sub-contexts for http.Requests. See https://golang.org/pkg/context/
9928// for more information on using Contexts.
9929func (c *IAM) ListMFADevicesWithContext(ctx aws.Context, input *ListMFADevicesInput, opts ...request.Option) (*ListMFADevicesOutput, error) {
9930	req, out := c.ListMFADevicesRequest(input)
9931	req.SetContext(ctx)
9932	req.ApplyOptions(opts...)
9933	return out, req.Send()
9934}
9935
9936// ListMFADevicesPages iterates over the pages of a ListMFADevices operation,
9937// calling the "fn" function with the response data for each page. To stop
9938// iterating, return false from the fn function.
9939//
9940// See ListMFADevices method for more information on how to use this operation.
9941//
9942// Note: This operation can generate multiple requests to a service.
9943//
9944//    // Example iterating over at most 3 pages of a ListMFADevices operation.
9945//    pageNum := 0
9946//    err := client.ListMFADevicesPages(params,
9947//        func(page *iam.ListMFADevicesOutput, lastPage bool) bool {
9948//            pageNum++
9949//            fmt.Println(page)
9950//            return pageNum <= 3
9951//        })
9952//
9953func (c *IAM) ListMFADevicesPages(input *ListMFADevicesInput, fn func(*ListMFADevicesOutput, bool) bool) error {
9954	return c.ListMFADevicesPagesWithContext(aws.BackgroundContext(), input, fn)
9955}
9956
9957// ListMFADevicesPagesWithContext same as ListMFADevicesPages except
9958// it takes a Context and allows setting request options on the pages.
9959//
9960// The context must be non-nil and will be used for request cancellation. If
9961// the context is nil a panic will occur. In the future the SDK may create
9962// sub-contexts for http.Requests. See https://golang.org/pkg/context/
9963// for more information on using Contexts.
9964func (c *IAM) ListMFADevicesPagesWithContext(ctx aws.Context, input *ListMFADevicesInput, fn func(*ListMFADevicesOutput, bool) bool, opts ...request.Option) error {
9965	p := request.Pagination{
9966		NewRequest: func() (*request.Request, error) {
9967			var inCpy *ListMFADevicesInput
9968			if input != nil {
9969				tmp := *input
9970				inCpy = &tmp
9971			}
9972			req, _ := c.ListMFADevicesRequest(inCpy)
9973			req.SetContext(ctx)
9974			req.ApplyOptions(opts...)
9975			return req, nil
9976		},
9977	}
9978
9979	for p.Next() {
9980		if !fn(p.Page().(*ListMFADevicesOutput), !p.HasNextPage()) {
9981			break
9982		}
9983	}
9984
9985	return p.Err()
9986}
9987
9988const opListOpenIDConnectProviderTags = "ListOpenIDConnectProviderTags"
9989
9990// ListOpenIDConnectProviderTagsRequest generates a "aws/request.Request" representing the
9991// client's request for the ListOpenIDConnectProviderTags operation. The "output" return
9992// value will be populated with the request's response once the request completes
9993// successfully.
9994//
9995// Use "Send" method on the returned Request to send the API call to the service.
9996// the "output" return value is not valid until after Send returns without error.
9997//
9998// See ListOpenIDConnectProviderTags for more information on using the ListOpenIDConnectProviderTags
9999// API call, and error handling.
10000//
10001// This method is useful when you want to inject custom logic or configuration
10002// into the SDK's request lifecycle. Such as custom headers, or retry logic.
10003//
10004//
10005//    // Example sending a request using the ListOpenIDConnectProviderTagsRequest method.
10006//    req, resp := client.ListOpenIDConnectProviderTagsRequest(params)
10007//
10008//    err := req.Send()
10009//    if err == nil { // resp is now filled
10010//        fmt.Println(resp)
10011//    }
10012//
10013// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListOpenIDConnectProviderTags
10014func (c *IAM) ListOpenIDConnectProviderTagsRequest(input *ListOpenIDConnectProviderTagsInput) (req *request.Request, output *ListOpenIDConnectProviderTagsOutput) {
10015	op := &request.Operation{
10016		Name:       opListOpenIDConnectProviderTags,
10017		HTTPMethod: "POST",
10018		HTTPPath:   "/",
10019	}
10020
10021	if input == nil {
10022		input = &ListOpenIDConnectProviderTagsInput{}
10023	}
10024
10025	output = &ListOpenIDConnectProviderTagsOutput{}
10026	req = c.newRequest(op, input, output)
10027	return
10028}
10029
10030// ListOpenIDConnectProviderTags API operation for AWS Identity and Access Management.
10031//
10032// Lists the tags that are attached to the specified OpenID Connect (OIDC)-compatible
10033// identity provider. The returned list of tags is sorted by tag key. For more
10034// information, see About web identity federation (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_oidc.html).
10035//
10036// For more information about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
10037// in the IAM User Guide.
10038//
10039// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
10040// with awserr.Error's Code and Message methods to get detailed information about
10041// the error.
10042//
10043// See the AWS API reference guide for AWS Identity and Access Management's
10044// API operation ListOpenIDConnectProviderTags for usage and error information.
10045//
10046// Returned Error Codes:
10047//   * ErrCodeNoSuchEntityException "NoSuchEntity"
10048//   The request was rejected because it referenced a resource entity that does
10049//   not exist. The error message describes the resource.
10050//
10051//   * ErrCodeServiceFailureException "ServiceFailure"
10052//   The request processing has failed because of an unknown error, exception
10053//   or failure.
10054//
10055//   * ErrCodeInvalidInputException "InvalidInput"
10056//   The request was rejected because an invalid or out-of-range value was supplied
10057//   for an input parameter.
10058//
10059// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListOpenIDConnectProviderTags
10060func (c *IAM) ListOpenIDConnectProviderTags(input *ListOpenIDConnectProviderTagsInput) (*ListOpenIDConnectProviderTagsOutput, error) {
10061	req, out := c.ListOpenIDConnectProviderTagsRequest(input)
10062	return out, req.Send()
10063}
10064
10065// ListOpenIDConnectProviderTagsWithContext is the same as ListOpenIDConnectProviderTags with the addition of
10066// the ability to pass a context and additional request options.
10067//
10068// See ListOpenIDConnectProviderTags for details on how to use this API operation.
10069//
10070// The context must be non-nil and will be used for request cancellation. If
10071// the context is nil a panic will occur. In the future the SDK may create
10072// sub-contexts for http.Requests. See https://golang.org/pkg/context/
10073// for more information on using Contexts.
10074func (c *IAM) ListOpenIDConnectProviderTagsWithContext(ctx aws.Context, input *ListOpenIDConnectProviderTagsInput, opts ...request.Option) (*ListOpenIDConnectProviderTagsOutput, error) {
10075	req, out := c.ListOpenIDConnectProviderTagsRequest(input)
10076	req.SetContext(ctx)
10077	req.ApplyOptions(opts...)
10078	return out, req.Send()
10079}
10080
10081const opListOpenIDConnectProviders = "ListOpenIDConnectProviders"
10082
10083// ListOpenIDConnectProvidersRequest generates a "aws/request.Request" representing the
10084// client's request for the ListOpenIDConnectProviders operation. The "output" return
10085// value will be populated with the request's response once the request completes
10086// successfully.
10087//
10088// Use "Send" method on the returned Request to send the API call to the service.
10089// the "output" return value is not valid until after Send returns without error.
10090//
10091// See ListOpenIDConnectProviders for more information on using the ListOpenIDConnectProviders
10092// API call, and error handling.
10093//
10094// This method is useful when you want to inject custom logic or configuration
10095// into the SDK's request lifecycle. Such as custom headers, or retry logic.
10096//
10097//
10098//    // Example sending a request using the ListOpenIDConnectProvidersRequest method.
10099//    req, resp := client.ListOpenIDConnectProvidersRequest(params)
10100//
10101//    err := req.Send()
10102//    if err == nil { // resp is now filled
10103//        fmt.Println(resp)
10104//    }
10105//
10106// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListOpenIDConnectProviders
10107func (c *IAM) ListOpenIDConnectProvidersRequest(input *ListOpenIDConnectProvidersInput) (req *request.Request, output *ListOpenIDConnectProvidersOutput) {
10108	op := &request.Operation{
10109		Name:       opListOpenIDConnectProviders,
10110		HTTPMethod: "POST",
10111		HTTPPath:   "/",
10112	}
10113
10114	if input == nil {
10115		input = &ListOpenIDConnectProvidersInput{}
10116	}
10117
10118	output = &ListOpenIDConnectProvidersOutput{}
10119	req = c.newRequest(op, input, output)
10120	return
10121}
10122
10123// ListOpenIDConnectProviders API operation for AWS Identity and Access Management.
10124//
10125// Lists information about the IAM OpenID Connect (OIDC) provider resource objects
10126// defined in the Amazon Web Services account.
10127//
10128// IAM resource-listing operations return a subset of the available attributes
10129// for the resource. For example, this operation does not return tags, even
10130// though they are an attribute of the returned object. To view all of the information
10131// for an OIDC provider, see GetOpenIDConnectProvider.
10132//
10133// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
10134// with awserr.Error's Code and Message methods to get detailed information about
10135// the error.
10136//
10137// See the AWS API reference guide for AWS Identity and Access Management's
10138// API operation ListOpenIDConnectProviders for usage and error information.
10139//
10140// Returned Error Codes:
10141//   * ErrCodeServiceFailureException "ServiceFailure"
10142//   The request processing has failed because of an unknown error, exception
10143//   or failure.
10144//
10145// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListOpenIDConnectProviders
10146func (c *IAM) ListOpenIDConnectProviders(input *ListOpenIDConnectProvidersInput) (*ListOpenIDConnectProvidersOutput, error) {
10147	req, out := c.ListOpenIDConnectProvidersRequest(input)
10148	return out, req.Send()
10149}
10150
10151// ListOpenIDConnectProvidersWithContext is the same as ListOpenIDConnectProviders with the addition of
10152// the ability to pass a context and additional request options.
10153//
10154// See ListOpenIDConnectProviders for details on how to use this API operation.
10155//
10156// The context must be non-nil and will be used for request cancellation. If
10157// the context is nil a panic will occur. In the future the SDK may create
10158// sub-contexts for http.Requests. See https://golang.org/pkg/context/
10159// for more information on using Contexts.
10160func (c *IAM) ListOpenIDConnectProvidersWithContext(ctx aws.Context, input *ListOpenIDConnectProvidersInput, opts ...request.Option) (*ListOpenIDConnectProvidersOutput, error) {
10161	req, out := c.ListOpenIDConnectProvidersRequest(input)
10162	req.SetContext(ctx)
10163	req.ApplyOptions(opts...)
10164	return out, req.Send()
10165}
10166
10167const opListPolicies = "ListPolicies"
10168
10169// ListPoliciesRequest generates a "aws/request.Request" representing the
10170// client's request for the ListPolicies operation. The "output" return
10171// value will be populated with the request's response once the request completes
10172// successfully.
10173//
10174// Use "Send" method on the returned Request to send the API call to the service.
10175// the "output" return value is not valid until after Send returns without error.
10176//
10177// See ListPolicies for more information on using the ListPolicies
10178// API call, and error handling.
10179//
10180// This method is useful when you want to inject custom logic or configuration
10181// into the SDK's request lifecycle. Such as custom headers, or retry logic.
10182//
10183//
10184//    // Example sending a request using the ListPoliciesRequest method.
10185//    req, resp := client.ListPoliciesRequest(params)
10186//
10187//    err := req.Send()
10188//    if err == nil { // resp is now filled
10189//        fmt.Println(resp)
10190//    }
10191//
10192// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListPolicies
10193func (c *IAM) ListPoliciesRequest(input *ListPoliciesInput) (req *request.Request, output *ListPoliciesOutput) {
10194	op := &request.Operation{
10195		Name:       opListPolicies,
10196		HTTPMethod: "POST",
10197		HTTPPath:   "/",
10198		Paginator: &request.Paginator{
10199			InputTokens:     []string{"Marker"},
10200			OutputTokens:    []string{"Marker"},
10201			LimitToken:      "MaxItems",
10202			TruncationToken: "IsTruncated",
10203		},
10204	}
10205
10206	if input == nil {
10207		input = &ListPoliciesInput{}
10208	}
10209
10210	output = &ListPoliciesOutput{}
10211	req = c.newRequest(op, input, output)
10212	return
10213}
10214
10215// ListPolicies API operation for AWS Identity and Access Management.
10216//
10217// Lists all the managed policies that are available in your Amazon Web Services
10218// account, including your own customer-defined managed policies and all Amazon
10219// Web Services managed policies.
10220//
10221// You can filter the list of policies that is returned using the optional OnlyAttached,
10222// Scope, and PathPrefix parameters. For example, to list only the customer
10223// managed policies in your Amazon Web Services account, set Scope to Local.
10224// To list only Amazon Web Services managed policies, set Scope to AWS.
10225//
10226// You can paginate the results using the MaxItems and Marker parameters.
10227//
10228// For more information about managed policies, see Managed policies and inline
10229// policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
10230// in the IAM User Guide.
10231//
10232// IAM resource-listing operations return a subset of the available attributes
10233// for the resource. For example, this operation does not return tags, even
10234// though they are an attribute of the returned object. To view all of the information
10235// for a customer manged policy, see GetPolicy.
10236//
10237// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
10238// with awserr.Error's Code and Message methods to get detailed information about
10239// the error.
10240//
10241// See the AWS API reference guide for AWS Identity and Access Management's
10242// API operation ListPolicies for usage and error information.
10243//
10244// Returned Error Codes:
10245//   * ErrCodeServiceFailureException "ServiceFailure"
10246//   The request processing has failed because of an unknown error, exception
10247//   or failure.
10248//
10249// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListPolicies
10250func (c *IAM) ListPolicies(input *ListPoliciesInput) (*ListPoliciesOutput, error) {
10251	req, out := c.ListPoliciesRequest(input)
10252	return out, req.Send()
10253}
10254
10255// ListPoliciesWithContext is the same as ListPolicies with the addition of
10256// the ability to pass a context and additional request options.
10257//
10258// See ListPolicies for details on how to use this API operation.
10259//
10260// The context must be non-nil and will be used for request cancellation. If
10261// the context is nil a panic will occur. In the future the SDK may create
10262// sub-contexts for http.Requests. See https://golang.org/pkg/context/
10263// for more information on using Contexts.
10264func (c *IAM) ListPoliciesWithContext(ctx aws.Context, input *ListPoliciesInput, opts ...request.Option) (*ListPoliciesOutput, error) {
10265	req, out := c.ListPoliciesRequest(input)
10266	req.SetContext(ctx)
10267	req.ApplyOptions(opts...)
10268	return out, req.Send()
10269}
10270
10271// ListPoliciesPages iterates over the pages of a ListPolicies operation,
10272// calling the "fn" function with the response data for each page. To stop
10273// iterating, return false from the fn function.
10274//
10275// See ListPolicies method for more information on how to use this operation.
10276//
10277// Note: This operation can generate multiple requests to a service.
10278//
10279//    // Example iterating over at most 3 pages of a ListPolicies operation.
10280//    pageNum := 0
10281//    err := client.ListPoliciesPages(params,
10282//        func(page *iam.ListPoliciesOutput, lastPage bool) bool {
10283//            pageNum++
10284//            fmt.Println(page)
10285//            return pageNum <= 3
10286//        })
10287//
10288func (c *IAM) ListPoliciesPages(input *ListPoliciesInput, fn func(*ListPoliciesOutput, bool) bool) error {
10289	return c.ListPoliciesPagesWithContext(aws.BackgroundContext(), input, fn)
10290}
10291
10292// ListPoliciesPagesWithContext same as ListPoliciesPages except
10293// it takes a Context and allows setting request options on the pages.
10294//
10295// The context must be non-nil and will be used for request cancellation. If
10296// the context is nil a panic will occur. In the future the SDK may create
10297// sub-contexts for http.Requests. See https://golang.org/pkg/context/
10298// for more information on using Contexts.
10299func (c *IAM) ListPoliciesPagesWithContext(ctx aws.Context, input *ListPoliciesInput, fn func(*ListPoliciesOutput, bool) bool, opts ...request.Option) error {
10300	p := request.Pagination{
10301		NewRequest: func() (*request.Request, error) {
10302			var inCpy *ListPoliciesInput
10303			if input != nil {
10304				tmp := *input
10305				inCpy = &tmp
10306			}
10307			req, _ := c.ListPoliciesRequest(inCpy)
10308			req.SetContext(ctx)
10309			req.ApplyOptions(opts...)
10310			return req, nil
10311		},
10312	}
10313
10314	for p.Next() {
10315		if !fn(p.Page().(*ListPoliciesOutput), !p.HasNextPage()) {
10316			break
10317		}
10318	}
10319
10320	return p.Err()
10321}
10322
10323const opListPoliciesGrantingServiceAccess = "ListPoliciesGrantingServiceAccess"
10324
10325// ListPoliciesGrantingServiceAccessRequest generates a "aws/request.Request" representing the
10326// client's request for the ListPoliciesGrantingServiceAccess operation. The "output" return
10327// value will be populated with the request's response once the request completes
10328// successfully.
10329//
10330// Use "Send" method on the returned Request to send the API call to the service.
10331// the "output" return value is not valid until after Send returns without error.
10332//
10333// See ListPoliciesGrantingServiceAccess for more information on using the ListPoliciesGrantingServiceAccess
10334// API call, and error handling.
10335//
10336// This method is useful when you want to inject custom logic or configuration
10337// into the SDK's request lifecycle. Such as custom headers, or retry logic.
10338//
10339//
10340//    // Example sending a request using the ListPoliciesGrantingServiceAccessRequest method.
10341//    req, resp := client.ListPoliciesGrantingServiceAccessRequest(params)
10342//
10343//    err := req.Send()
10344//    if err == nil { // resp is now filled
10345//        fmt.Println(resp)
10346//    }
10347//
10348// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListPoliciesGrantingServiceAccess
10349func (c *IAM) ListPoliciesGrantingServiceAccessRequest(input *ListPoliciesGrantingServiceAccessInput) (req *request.Request, output *ListPoliciesGrantingServiceAccessOutput) {
10350	op := &request.Operation{
10351		Name:       opListPoliciesGrantingServiceAccess,
10352		HTTPMethod: "POST",
10353		HTTPPath:   "/",
10354	}
10355
10356	if input == nil {
10357		input = &ListPoliciesGrantingServiceAccessInput{}
10358	}
10359
10360	output = &ListPoliciesGrantingServiceAccessOutput{}
10361	req = c.newRequest(op, input, output)
10362	return
10363}
10364
10365// ListPoliciesGrantingServiceAccess API operation for AWS Identity and Access Management.
10366//
10367// Retrieves a list of policies that the IAM identity (user, group, or role)
10368// can use to access each specified service.
10369//
10370// This operation does not use other policy types when determining whether a
10371// resource could access a service. These other policy types include resource-based
10372// policies, access control lists, Organizations policies, IAM permissions boundaries,
10373// and STS assume role policies. It only applies permissions policy logic. For
10374// more about the evaluation of policy types, see Evaluating policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluation-logic.html#policy-eval-basics)
10375// in the IAM User Guide.
10376//
10377// The list of policies returned by the operation depends on the ARN of the
10378// identity that you provide.
10379//
10380//    * User – The list of policies includes the managed and inline policies
10381//    that are attached to the user directly. The list also includes any additional
10382//    managed and inline policies that are attached to the group to which the
10383//    user belongs.
10384//
10385//    * Group – The list of policies includes only the managed and inline
10386//    policies that are attached to the group directly. Policies that are attached
10387//    to the group’s user are not included.
10388//
10389//    * Role – The list of policies includes only the managed and inline policies
10390//    that are attached to the role.
10391//
10392// For each managed policy, this operation returns the ARN and policy name.
10393// For each inline policy, it returns the policy name and the entity to which
10394// it is attached. Inline policies do not have an ARN. For more information
10395// about these policy types, see Managed policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_managed-vs-inline.html)
10396// in the IAM User Guide.
10397//
10398// Policies that are attached to users and roles as permissions boundaries are
10399// not returned. To view which managed policy is currently used to set the permissions
10400// boundary for a user or role, use the GetUser or GetRole operations.
10401//
10402// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
10403// with awserr.Error's Code and Message methods to get detailed information about
10404// the error.
10405//
10406// See the AWS API reference guide for AWS Identity and Access Management's
10407// API operation ListPoliciesGrantingServiceAccess for usage and error information.
10408//
10409// Returned Error Codes:
10410//   * ErrCodeNoSuchEntityException "NoSuchEntity"
10411//   The request was rejected because it referenced a resource entity that does
10412//   not exist. The error message describes the resource.
10413//
10414//   * ErrCodeInvalidInputException "InvalidInput"
10415//   The request was rejected because an invalid or out-of-range value was supplied
10416//   for an input parameter.
10417//
10418// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListPoliciesGrantingServiceAccess
10419func (c *IAM) ListPoliciesGrantingServiceAccess(input *ListPoliciesGrantingServiceAccessInput) (*ListPoliciesGrantingServiceAccessOutput, error) {
10420	req, out := c.ListPoliciesGrantingServiceAccessRequest(input)
10421	return out, req.Send()
10422}
10423
10424// ListPoliciesGrantingServiceAccessWithContext is the same as ListPoliciesGrantingServiceAccess with the addition of
10425// the ability to pass a context and additional request options.
10426//
10427// See ListPoliciesGrantingServiceAccess for details on how to use this API operation.
10428//
10429// The context must be non-nil and will be used for request cancellation. If
10430// the context is nil a panic will occur. In the future the SDK may create
10431// sub-contexts for http.Requests. See https://golang.org/pkg/context/
10432// for more information on using Contexts.
10433func (c *IAM) ListPoliciesGrantingServiceAccessWithContext(ctx aws.Context, input *ListPoliciesGrantingServiceAccessInput, opts ...request.Option) (*ListPoliciesGrantingServiceAccessOutput, error) {
10434	req, out := c.ListPoliciesGrantingServiceAccessRequest(input)
10435	req.SetContext(ctx)
10436	req.ApplyOptions(opts...)
10437	return out, req.Send()
10438}
10439
10440const opListPolicyTags = "ListPolicyTags"
10441
10442// ListPolicyTagsRequest generates a "aws/request.Request" representing the
10443// client's request for the ListPolicyTags operation. The "output" return
10444// value will be populated with the request's response once the request completes
10445// successfully.
10446//
10447// Use "Send" method on the returned Request to send the API call to the service.
10448// the "output" return value is not valid until after Send returns without error.
10449//
10450// See ListPolicyTags for more information on using the ListPolicyTags
10451// API call, and error handling.
10452//
10453// This method is useful when you want to inject custom logic or configuration
10454// into the SDK's request lifecycle. Such as custom headers, or retry logic.
10455//
10456//
10457//    // Example sending a request using the ListPolicyTagsRequest method.
10458//    req, resp := client.ListPolicyTagsRequest(params)
10459//
10460//    err := req.Send()
10461//    if err == nil { // resp is now filled
10462//        fmt.Println(resp)
10463//    }
10464//
10465// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListPolicyTags
10466func (c *IAM) ListPolicyTagsRequest(input *ListPolicyTagsInput) (req *request.Request, output *ListPolicyTagsOutput) {
10467	op := &request.Operation{
10468		Name:       opListPolicyTags,
10469		HTTPMethod: "POST",
10470		HTTPPath:   "/",
10471	}
10472
10473	if input == nil {
10474		input = &ListPolicyTagsInput{}
10475	}
10476
10477	output = &ListPolicyTagsOutput{}
10478	req = c.newRequest(op, input, output)
10479	return
10480}
10481
10482// ListPolicyTags API operation for AWS Identity and Access Management.
10483//
10484// Lists the tags that are attached to the specified IAM customer managed policy.
10485// The returned list of tags is sorted by tag key. For more information about
10486// tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
10487// in the IAM User Guide.
10488//
10489// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
10490// with awserr.Error's Code and Message methods to get detailed information about
10491// the error.
10492//
10493// See the AWS API reference guide for AWS Identity and Access Management's
10494// API operation ListPolicyTags for usage and error information.
10495//
10496// Returned Error Codes:
10497//   * ErrCodeNoSuchEntityException "NoSuchEntity"
10498//   The request was rejected because it referenced a resource entity that does
10499//   not exist. The error message describes the resource.
10500//
10501//   * ErrCodeServiceFailureException "ServiceFailure"
10502//   The request processing has failed because of an unknown error, exception
10503//   or failure.
10504//
10505//   * ErrCodeInvalidInputException "InvalidInput"
10506//   The request was rejected because an invalid or out-of-range value was supplied
10507//   for an input parameter.
10508//
10509// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListPolicyTags
10510func (c *IAM) ListPolicyTags(input *ListPolicyTagsInput) (*ListPolicyTagsOutput, error) {
10511	req, out := c.ListPolicyTagsRequest(input)
10512	return out, req.Send()
10513}
10514
10515// ListPolicyTagsWithContext is the same as ListPolicyTags with the addition of
10516// the ability to pass a context and additional request options.
10517//
10518// See ListPolicyTags for details on how to use this API operation.
10519//
10520// The context must be non-nil and will be used for request cancellation. If
10521// the context is nil a panic will occur. In the future the SDK may create
10522// sub-contexts for http.Requests. See https://golang.org/pkg/context/
10523// for more information on using Contexts.
10524func (c *IAM) ListPolicyTagsWithContext(ctx aws.Context, input *ListPolicyTagsInput, opts ...request.Option) (*ListPolicyTagsOutput, error) {
10525	req, out := c.ListPolicyTagsRequest(input)
10526	req.SetContext(ctx)
10527	req.ApplyOptions(opts...)
10528	return out, req.Send()
10529}
10530
10531const opListPolicyVersions = "ListPolicyVersions"
10532
10533// ListPolicyVersionsRequest generates a "aws/request.Request" representing the
10534// client's request for the ListPolicyVersions operation. The "output" return
10535// value will be populated with the request's response once the request completes
10536// successfully.
10537//
10538// Use "Send" method on the returned Request to send the API call to the service.
10539// the "output" return value is not valid until after Send returns without error.
10540//
10541// See ListPolicyVersions for more information on using the ListPolicyVersions
10542// API call, and error handling.
10543//
10544// This method is useful when you want to inject custom logic or configuration
10545// into the SDK's request lifecycle. Such as custom headers, or retry logic.
10546//
10547//
10548//    // Example sending a request using the ListPolicyVersionsRequest method.
10549//    req, resp := client.ListPolicyVersionsRequest(params)
10550//
10551//    err := req.Send()
10552//    if err == nil { // resp is now filled
10553//        fmt.Println(resp)
10554//    }
10555//
10556// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListPolicyVersions
10557func (c *IAM) ListPolicyVersionsRequest(input *ListPolicyVersionsInput) (req *request.Request, output *ListPolicyVersionsOutput) {
10558	op := &request.Operation{
10559		Name:       opListPolicyVersions,
10560		HTTPMethod: "POST",
10561		HTTPPath:   "/",
10562		Paginator: &request.Paginator{
10563			InputTokens:     []string{"Marker"},
10564			OutputTokens:    []string{"Marker"},
10565			LimitToken:      "MaxItems",
10566			TruncationToken: "IsTruncated",
10567		},
10568	}
10569
10570	if input == nil {
10571		input = &ListPolicyVersionsInput{}
10572	}
10573
10574	output = &ListPolicyVersionsOutput{}
10575	req = c.newRequest(op, input, output)
10576	return
10577}
10578
10579// ListPolicyVersions API operation for AWS Identity and Access Management.
10580//
10581// Lists information about the versions of the specified managed policy, including
10582// the version that is currently set as the policy's default version.
10583//
10584// For more information about managed policies, see Managed policies and inline
10585// policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
10586// in the IAM User Guide.
10587//
10588// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
10589// with awserr.Error's Code and Message methods to get detailed information about
10590// the error.
10591//
10592// See the AWS API reference guide for AWS Identity and Access Management's
10593// API operation ListPolicyVersions for usage and error information.
10594//
10595// Returned Error Codes:
10596//   * ErrCodeNoSuchEntityException "NoSuchEntity"
10597//   The request was rejected because it referenced a resource entity that does
10598//   not exist. The error message describes the resource.
10599//
10600//   * ErrCodeInvalidInputException "InvalidInput"
10601//   The request was rejected because an invalid or out-of-range value was supplied
10602//   for an input parameter.
10603//
10604//   * ErrCodeServiceFailureException "ServiceFailure"
10605//   The request processing has failed because of an unknown error, exception
10606//   or failure.
10607//
10608// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListPolicyVersions
10609func (c *IAM) ListPolicyVersions(input *ListPolicyVersionsInput) (*ListPolicyVersionsOutput, error) {
10610	req, out := c.ListPolicyVersionsRequest(input)
10611	return out, req.Send()
10612}
10613
10614// ListPolicyVersionsWithContext is the same as ListPolicyVersions with the addition of
10615// the ability to pass a context and additional request options.
10616//
10617// See ListPolicyVersions for details on how to use this API operation.
10618//
10619// The context must be non-nil and will be used for request cancellation. If
10620// the context is nil a panic will occur. In the future the SDK may create
10621// sub-contexts for http.Requests. See https://golang.org/pkg/context/
10622// for more information on using Contexts.
10623func (c *IAM) ListPolicyVersionsWithContext(ctx aws.Context, input *ListPolicyVersionsInput, opts ...request.Option) (*ListPolicyVersionsOutput, error) {
10624	req, out := c.ListPolicyVersionsRequest(input)
10625	req.SetContext(ctx)
10626	req.ApplyOptions(opts...)
10627	return out, req.Send()
10628}
10629
10630// ListPolicyVersionsPages iterates over the pages of a ListPolicyVersions operation,
10631// calling the "fn" function with the response data for each page. To stop
10632// iterating, return false from the fn function.
10633//
10634// See ListPolicyVersions method for more information on how to use this operation.
10635//
10636// Note: This operation can generate multiple requests to a service.
10637//
10638//    // Example iterating over at most 3 pages of a ListPolicyVersions operation.
10639//    pageNum := 0
10640//    err := client.ListPolicyVersionsPages(params,
10641//        func(page *iam.ListPolicyVersionsOutput, lastPage bool) bool {
10642//            pageNum++
10643//            fmt.Println(page)
10644//            return pageNum <= 3
10645//        })
10646//
10647func (c *IAM) ListPolicyVersionsPages(input *ListPolicyVersionsInput, fn func(*ListPolicyVersionsOutput, bool) bool) error {
10648	return c.ListPolicyVersionsPagesWithContext(aws.BackgroundContext(), input, fn)
10649}
10650
10651// ListPolicyVersionsPagesWithContext same as ListPolicyVersionsPages except
10652// it takes a Context and allows setting request options on the pages.
10653//
10654// The context must be non-nil and will be used for request cancellation. If
10655// the context is nil a panic will occur. In the future the SDK may create
10656// sub-contexts for http.Requests. See https://golang.org/pkg/context/
10657// for more information on using Contexts.
10658func (c *IAM) ListPolicyVersionsPagesWithContext(ctx aws.Context, input *ListPolicyVersionsInput, fn func(*ListPolicyVersionsOutput, bool) bool, opts ...request.Option) error {
10659	p := request.Pagination{
10660		NewRequest: func() (*request.Request, error) {
10661			var inCpy *ListPolicyVersionsInput
10662			if input != nil {
10663				tmp := *input
10664				inCpy = &tmp
10665			}
10666			req, _ := c.ListPolicyVersionsRequest(inCpy)
10667			req.SetContext(ctx)
10668			req.ApplyOptions(opts...)
10669			return req, nil
10670		},
10671	}
10672
10673	for p.Next() {
10674		if !fn(p.Page().(*ListPolicyVersionsOutput), !p.HasNextPage()) {
10675			break
10676		}
10677	}
10678
10679	return p.Err()
10680}
10681
10682const opListRolePolicies = "ListRolePolicies"
10683
10684// ListRolePoliciesRequest generates a "aws/request.Request" representing the
10685// client's request for the ListRolePolicies operation. The "output" return
10686// value will be populated with the request's response once the request completes
10687// successfully.
10688//
10689// Use "Send" method on the returned Request to send the API call to the service.
10690// the "output" return value is not valid until after Send returns without error.
10691//
10692// See ListRolePolicies for more information on using the ListRolePolicies
10693// API call, and error handling.
10694//
10695// This method is useful when you want to inject custom logic or configuration
10696// into the SDK's request lifecycle. Such as custom headers, or retry logic.
10697//
10698//
10699//    // Example sending a request using the ListRolePoliciesRequest method.
10700//    req, resp := client.ListRolePoliciesRequest(params)
10701//
10702//    err := req.Send()
10703//    if err == nil { // resp is now filled
10704//        fmt.Println(resp)
10705//    }
10706//
10707// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListRolePolicies
10708func (c *IAM) ListRolePoliciesRequest(input *ListRolePoliciesInput) (req *request.Request, output *ListRolePoliciesOutput) {
10709	op := &request.Operation{
10710		Name:       opListRolePolicies,
10711		HTTPMethod: "POST",
10712		HTTPPath:   "/",
10713		Paginator: &request.Paginator{
10714			InputTokens:     []string{"Marker"},
10715			OutputTokens:    []string{"Marker"},
10716			LimitToken:      "MaxItems",
10717			TruncationToken: "IsTruncated",
10718		},
10719	}
10720
10721	if input == nil {
10722		input = &ListRolePoliciesInput{}
10723	}
10724
10725	output = &ListRolePoliciesOutput{}
10726	req = c.newRequest(op, input, output)
10727	return
10728}
10729
10730// ListRolePolicies API operation for AWS Identity and Access Management.
10731//
10732// Lists the names of the inline policies that are embedded in the specified
10733// IAM role.
10734//
10735// An IAM role can also have managed policies attached to it. To list the managed
10736// policies that are attached to a role, use ListAttachedRolePolicies. For more
10737// information about policies, see Managed policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
10738// in the IAM User Guide.
10739//
10740// You can paginate the results using the MaxItems and Marker parameters. If
10741// there are no inline policies embedded with the specified role, the operation
10742// returns an empty list.
10743//
10744// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
10745// with awserr.Error's Code and Message methods to get detailed information about
10746// the error.
10747//
10748// See the AWS API reference guide for AWS Identity and Access Management's
10749// API operation ListRolePolicies for usage and error information.
10750//
10751// Returned Error Codes:
10752//   * ErrCodeNoSuchEntityException "NoSuchEntity"
10753//   The request was rejected because it referenced a resource entity that does
10754//   not exist. The error message describes the resource.
10755//
10756//   * ErrCodeServiceFailureException "ServiceFailure"
10757//   The request processing has failed because of an unknown error, exception
10758//   or failure.
10759//
10760// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListRolePolicies
10761func (c *IAM) ListRolePolicies(input *ListRolePoliciesInput) (*ListRolePoliciesOutput, error) {
10762	req, out := c.ListRolePoliciesRequest(input)
10763	return out, req.Send()
10764}
10765
10766// ListRolePoliciesWithContext is the same as ListRolePolicies with the addition of
10767// the ability to pass a context and additional request options.
10768//
10769// See ListRolePolicies for details on how to use this API operation.
10770//
10771// The context must be non-nil and will be used for request cancellation. If
10772// the context is nil a panic will occur. In the future the SDK may create
10773// sub-contexts for http.Requests. See https://golang.org/pkg/context/
10774// for more information on using Contexts.
10775func (c *IAM) ListRolePoliciesWithContext(ctx aws.Context, input *ListRolePoliciesInput, opts ...request.Option) (*ListRolePoliciesOutput, error) {
10776	req, out := c.ListRolePoliciesRequest(input)
10777	req.SetContext(ctx)
10778	req.ApplyOptions(opts...)
10779	return out, req.Send()
10780}
10781
10782// ListRolePoliciesPages iterates over the pages of a ListRolePolicies operation,
10783// calling the "fn" function with the response data for each page. To stop
10784// iterating, return false from the fn function.
10785//
10786// See ListRolePolicies method for more information on how to use this operation.
10787//
10788// Note: This operation can generate multiple requests to a service.
10789//
10790//    // Example iterating over at most 3 pages of a ListRolePolicies operation.
10791//    pageNum := 0
10792//    err := client.ListRolePoliciesPages(params,
10793//        func(page *iam.ListRolePoliciesOutput, lastPage bool) bool {
10794//            pageNum++
10795//            fmt.Println(page)
10796//            return pageNum <= 3
10797//        })
10798//
10799func (c *IAM) ListRolePoliciesPages(input *ListRolePoliciesInput, fn func(*ListRolePoliciesOutput, bool) bool) error {
10800	return c.ListRolePoliciesPagesWithContext(aws.BackgroundContext(), input, fn)
10801}
10802
10803// ListRolePoliciesPagesWithContext same as ListRolePoliciesPages except
10804// it takes a Context and allows setting request options on the pages.
10805//
10806// The context must be non-nil and will be used for request cancellation. If
10807// the context is nil a panic will occur. In the future the SDK may create
10808// sub-contexts for http.Requests. See https://golang.org/pkg/context/
10809// for more information on using Contexts.
10810func (c *IAM) ListRolePoliciesPagesWithContext(ctx aws.Context, input *ListRolePoliciesInput, fn func(*ListRolePoliciesOutput, bool) bool, opts ...request.Option) error {
10811	p := request.Pagination{
10812		NewRequest: func() (*request.Request, error) {
10813			var inCpy *ListRolePoliciesInput
10814			if input != nil {
10815				tmp := *input
10816				inCpy = &tmp
10817			}
10818			req, _ := c.ListRolePoliciesRequest(inCpy)
10819			req.SetContext(ctx)
10820			req.ApplyOptions(opts...)
10821			return req, nil
10822		},
10823	}
10824
10825	for p.Next() {
10826		if !fn(p.Page().(*ListRolePoliciesOutput), !p.HasNextPage()) {
10827			break
10828		}
10829	}
10830
10831	return p.Err()
10832}
10833
10834const opListRoleTags = "ListRoleTags"
10835
10836// ListRoleTagsRequest generates a "aws/request.Request" representing the
10837// client's request for the ListRoleTags operation. The "output" return
10838// value will be populated with the request's response once the request completes
10839// successfully.
10840//
10841// Use "Send" method on the returned Request to send the API call to the service.
10842// the "output" return value is not valid until after Send returns without error.
10843//
10844// See ListRoleTags for more information on using the ListRoleTags
10845// API call, and error handling.
10846//
10847// This method is useful when you want to inject custom logic or configuration
10848// into the SDK's request lifecycle. Such as custom headers, or retry logic.
10849//
10850//
10851//    // Example sending a request using the ListRoleTagsRequest method.
10852//    req, resp := client.ListRoleTagsRequest(params)
10853//
10854//    err := req.Send()
10855//    if err == nil { // resp is now filled
10856//        fmt.Println(resp)
10857//    }
10858//
10859// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListRoleTags
10860func (c *IAM) ListRoleTagsRequest(input *ListRoleTagsInput) (req *request.Request, output *ListRoleTagsOutput) {
10861	op := &request.Operation{
10862		Name:       opListRoleTags,
10863		HTTPMethod: "POST",
10864		HTTPPath:   "/",
10865	}
10866
10867	if input == nil {
10868		input = &ListRoleTagsInput{}
10869	}
10870
10871	output = &ListRoleTagsOutput{}
10872	req = c.newRequest(op, input, output)
10873	return
10874}
10875
10876// ListRoleTags API operation for AWS Identity and Access Management.
10877//
10878// Lists the tags that are attached to the specified role. The returned list
10879// of tags is sorted by tag key. For more information about tagging, see Tagging
10880// IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
10881// in the IAM User Guide.
10882//
10883// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
10884// with awserr.Error's Code and Message methods to get detailed information about
10885// the error.
10886//
10887// See the AWS API reference guide for AWS Identity and Access Management's
10888// API operation ListRoleTags for usage and error information.
10889//
10890// Returned Error Codes:
10891//   * ErrCodeNoSuchEntityException "NoSuchEntity"
10892//   The request was rejected because it referenced a resource entity that does
10893//   not exist. The error message describes the resource.
10894//
10895//   * ErrCodeServiceFailureException "ServiceFailure"
10896//   The request processing has failed because of an unknown error, exception
10897//   or failure.
10898//
10899// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListRoleTags
10900func (c *IAM) ListRoleTags(input *ListRoleTagsInput) (*ListRoleTagsOutput, error) {
10901	req, out := c.ListRoleTagsRequest(input)
10902	return out, req.Send()
10903}
10904
10905// ListRoleTagsWithContext is the same as ListRoleTags with the addition of
10906// the ability to pass a context and additional request options.
10907//
10908// See ListRoleTags for details on how to use this API operation.
10909//
10910// The context must be non-nil and will be used for request cancellation. If
10911// the context is nil a panic will occur. In the future the SDK may create
10912// sub-contexts for http.Requests. See https://golang.org/pkg/context/
10913// for more information on using Contexts.
10914func (c *IAM) ListRoleTagsWithContext(ctx aws.Context, input *ListRoleTagsInput, opts ...request.Option) (*ListRoleTagsOutput, error) {
10915	req, out := c.ListRoleTagsRequest(input)
10916	req.SetContext(ctx)
10917	req.ApplyOptions(opts...)
10918	return out, req.Send()
10919}
10920
10921const opListRoles = "ListRoles"
10922
10923// ListRolesRequest generates a "aws/request.Request" representing the
10924// client's request for the ListRoles operation. The "output" return
10925// value will be populated with the request's response once the request completes
10926// successfully.
10927//
10928// Use "Send" method on the returned Request to send the API call to the service.
10929// the "output" return value is not valid until after Send returns without error.
10930//
10931// See ListRoles for more information on using the ListRoles
10932// API call, and error handling.
10933//
10934// This method is useful when you want to inject custom logic or configuration
10935// into the SDK's request lifecycle. Such as custom headers, or retry logic.
10936//
10937//
10938//    // Example sending a request using the ListRolesRequest method.
10939//    req, resp := client.ListRolesRequest(params)
10940//
10941//    err := req.Send()
10942//    if err == nil { // resp is now filled
10943//        fmt.Println(resp)
10944//    }
10945//
10946// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListRoles
10947func (c *IAM) ListRolesRequest(input *ListRolesInput) (req *request.Request, output *ListRolesOutput) {
10948	op := &request.Operation{
10949		Name:       opListRoles,
10950		HTTPMethod: "POST",
10951		HTTPPath:   "/",
10952		Paginator: &request.Paginator{
10953			InputTokens:     []string{"Marker"},
10954			OutputTokens:    []string{"Marker"},
10955			LimitToken:      "MaxItems",
10956			TruncationToken: "IsTruncated",
10957		},
10958	}
10959
10960	if input == nil {
10961		input = &ListRolesInput{}
10962	}
10963
10964	output = &ListRolesOutput{}
10965	req = c.newRequest(op, input, output)
10966	return
10967}
10968
10969// ListRoles API operation for AWS Identity and Access Management.
10970//
10971// Lists the IAM roles that have the specified path prefix. If there are none,
10972// the operation returns an empty list. For more information about roles, see
10973// Working with roles (https://docs.aws.amazon.com/IAM/latest/UserGuide/WorkingWithRoles.html).
10974//
10975// IAM resource-listing operations return a subset of the available attributes
10976// for the resource. For example, this operation does not return tags, even
10977// though they are an attribute of the returned object. To view all of the information
10978// for a role, see GetRole.
10979//
10980// You can paginate the results using the MaxItems and Marker parameters.
10981//
10982// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
10983// with awserr.Error's Code and Message methods to get detailed information about
10984// the error.
10985//
10986// See the AWS API reference guide for AWS Identity and Access Management's
10987// API operation ListRoles for usage and error information.
10988//
10989// Returned Error Codes:
10990//   * ErrCodeServiceFailureException "ServiceFailure"
10991//   The request processing has failed because of an unknown error, exception
10992//   or failure.
10993//
10994// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListRoles
10995func (c *IAM) ListRoles(input *ListRolesInput) (*ListRolesOutput, error) {
10996	req, out := c.ListRolesRequest(input)
10997	return out, req.Send()
10998}
10999
11000// ListRolesWithContext is the same as ListRoles with the addition of
11001// the ability to pass a context and additional request options.
11002//
11003// See ListRoles for details on how to use this API operation.
11004//
11005// The context must be non-nil and will be used for request cancellation. If
11006// the context is nil a panic will occur. In the future the SDK may create
11007// sub-contexts for http.Requests. See https://golang.org/pkg/context/
11008// for more information on using Contexts.
11009func (c *IAM) ListRolesWithContext(ctx aws.Context, input *ListRolesInput, opts ...request.Option) (*ListRolesOutput, error) {
11010	req, out := c.ListRolesRequest(input)
11011	req.SetContext(ctx)
11012	req.ApplyOptions(opts...)
11013	return out, req.Send()
11014}
11015
11016// ListRolesPages iterates over the pages of a ListRoles operation,
11017// calling the "fn" function with the response data for each page. To stop
11018// iterating, return false from the fn function.
11019//
11020// See ListRoles method for more information on how to use this operation.
11021//
11022// Note: This operation can generate multiple requests to a service.
11023//
11024//    // Example iterating over at most 3 pages of a ListRoles operation.
11025//    pageNum := 0
11026//    err := client.ListRolesPages(params,
11027//        func(page *iam.ListRolesOutput, lastPage bool) bool {
11028//            pageNum++
11029//            fmt.Println(page)
11030//            return pageNum <= 3
11031//        })
11032//
11033func (c *IAM) ListRolesPages(input *ListRolesInput, fn func(*ListRolesOutput, bool) bool) error {
11034	return c.ListRolesPagesWithContext(aws.BackgroundContext(), input, fn)
11035}
11036
11037// ListRolesPagesWithContext same as ListRolesPages except
11038// it takes a Context and allows setting request options on the pages.
11039//
11040// The context must be non-nil and will be used for request cancellation. If
11041// the context is nil a panic will occur. In the future the SDK may create
11042// sub-contexts for http.Requests. See https://golang.org/pkg/context/
11043// for more information on using Contexts.
11044func (c *IAM) ListRolesPagesWithContext(ctx aws.Context, input *ListRolesInput, fn func(*ListRolesOutput, bool) bool, opts ...request.Option) error {
11045	p := request.Pagination{
11046		NewRequest: func() (*request.Request, error) {
11047			var inCpy *ListRolesInput
11048			if input != nil {
11049				tmp := *input
11050				inCpy = &tmp
11051			}
11052			req, _ := c.ListRolesRequest(inCpy)
11053			req.SetContext(ctx)
11054			req.ApplyOptions(opts...)
11055			return req, nil
11056		},
11057	}
11058
11059	for p.Next() {
11060		if !fn(p.Page().(*ListRolesOutput), !p.HasNextPage()) {
11061			break
11062		}
11063	}
11064
11065	return p.Err()
11066}
11067
11068const opListSAMLProviderTags = "ListSAMLProviderTags"
11069
11070// ListSAMLProviderTagsRequest generates a "aws/request.Request" representing the
11071// client's request for the ListSAMLProviderTags operation. The "output" return
11072// value will be populated with the request's response once the request completes
11073// successfully.
11074//
11075// Use "Send" method on the returned Request to send the API call to the service.
11076// the "output" return value is not valid until after Send returns without error.
11077//
11078// See ListSAMLProviderTags for more information on using the ListSAMLProviderTags
11079// API call, and error handling.
11080//
11081// This method is useful when you want to inject custom logic or configuration
11082// into the SDK's request lifecycle. Such as custom headers, or retry logic.
11083//
11084//
11085//    // Example sending a request using the ListSAMLProviderTagsRequest method.
11086//    req, resp := client.ListSAMLProviderTagsRequest(params)
11087//
11088//    err := req.Send()
11089//    if err == nil { // resp is now filled
11090//        fmt.Println(resp)
11091//    }
11092//
11093// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListSAMLProviderTags
11094func (c *IAM) ListSAMLProviderTagsRequest(input *ListSAMLProviderTagsInput) (req *request.Request, output *ListSAMLProviderTagsOutput) {
11095	op := &request.Operation{
11096		Name:       opListSAMLProviderTags,
11097		HTTPMethod: "POST",
11098		HTTPPath:   "/",
11099	}
11100
11101	if input == nil {
11102		input = &ListSAMLProviderTagsInput{}
11103	}
11104
11105	output = &ListSAMLProviderTagsOutput{}
11106	req = c.newRequest(op, input, output)
11107	return
11108}
11109
11110// ListSAMLProviderTags API operation for AWS Identity and Access Management.
11111//
11112// Lists the tags that are attached to the specified Security Assertion Markup
11113// Language (SAML) identity provider. The returned list of tags is sorted by
11114// tag key. For more information, see About SAML 2.0-based federation (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_saml.html).
11115//
11116// For more information about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
11117// in the IAM User Guide.
11118//
11119// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
11120// with awserr.Error's Code and Message methods to get detailed information about
11121// the error.
11122//
11123// See the AWS API reference guide for AWS Identity and Access Management's
11124// API operation ListSAMLProviderTags for usage and error information.
11125//
11126// Returned Error Codes:
11127//   * ErrCodeNoSuchEntityException "NoSuchEntity"
11128//   The request was rejected because it referenced a resource entity that does
11129//   not exist. The error message describes the resource.
11130//
11131//   * ErrCodeServiceFailureException "ServiceFailure"
11132//   The request processing has failed because of an unknown error, exception
11133//   or failure.
11134//
11135//   * ErrCodeInvalidInputException "InvalidInput"
11136//   The request was rejected because an invalid or out-of-range value was supplied
11137//   for an input parameter.
11138//
11139// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListSAMLProviderTags
11140func (c *IAM) ListSAMLProviderTags(input *ListSAMLProviderTagsInput) (*ListSAMLProviderTagsOutput, error) {
11141	req, out := c.ListSAMLProviderTagsRequest(input)
11142	return out, req.Send()
11143}
11144
11145// ListSAMLProviderTagsWithContext is the same as ListSAMLProviderTags with the addition of
11146// the ability to pass a context and additional request options.
11147//
11148// See ListSAMLProviderTags for details on how to use this API operation.
11149//
11150// The context must be non-nil and will be used for request cancellation. If
11151// the context is nil a panic will occur. In the future the SDK may create
11152// sub-contexts for http.Requests. See https://golang.org/pkg/context/
11153// for more information on using Contexts.
11154func (c *IAM) ListSAMLProviderTagsWithContext(ctx aws.Context, input *ListSAMLProviderTagsInput, opts ...request.Option) (*ListSAMLProviderTagsOutput, error) {
11155	req, out := c.ListSAMLProviderTagsRequest(input)
11156	req.SetContext(ctx)
11157	req.ApplyOptions(opts...)
11158	return out, req.Send()
11159}
11160
11161const opListSAMLProviders = "ListSAMLProviders"
11162
11163// ListSAMLProvidersRequest generates a "aws/request.Request" representing the
11164// client's request for the ListSAMLProviders operation. The "output" return
11165// value will be populated with the request's response once the request completes
11166// successfully.
11167//
11168// Use "Send" method on the returned Request to send the API call to the service.
11169// the "output" return value is not valid until after Send returns without error.
11170//
11171// See ListSAMLProviders for more information on using the ListSAMLProviders
11172// API call, and error handling.
11173//
11174// This method is useful when you want to inject custom logic or configuration
11175// into the SDK's request lifecycle. Such as custom headers, or retry logic.
11176//
11177//
11178//    // Example sending a request using the ListSAMLProvidersRequest method.
11179//    req, resp := client.ListSAMLProvidersRequest(params)
11180//
11181//    err := req.Send()
11182//    if err == nil { // resp is now filled
11183//        fmt.Println(resp)
11184//    }
11185//
11186// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListSAMLProviders
11187func (c *IAM) ListSAMLProvidersRequest(input *ListSAMLProvidersInput) (req *request.Request, output *ListSAMLProvidersOutput) {
11188	op := &request.Operation{
11189		Name:       opListSAMLProviders,
11190		HTTPMethod: "POST",
11191		HTTPPath:   "/",
11192	}
11193
11194	if input == nil {
11195		input = &ListSAMLProvidersInput{}
11196	}
11197
11198	output = &ListSAMLProvidersOutput{}
11199	req = c.newRequest(op, input, output)
11200	return
11201}
11202
11203// ListSAMLProviders API operation for AWS Identity and Access Management.
11204//
11205// Lists the SAML provider resource objects defined in IAM in the account. IAM
11206// resource-listing operations return a subset of the available attributes for
11207// the resource. For example, this operation does not return tags, even though
11208// they are an attribute of the returned object. To view all of the information
11209// for a SAML provider, see GetSAMLProvider.
11210//
11211// This operation requires Signature Version 4 (https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html).
11212//
11213// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
11214// with awserr.Error's Code and Message methods to get detailed information about
11215// the error.
11216//
11217// See the AWS API reference guide for AWS Identity and Access Management's
11218// API operation ListSAMLProviders for usage and error information.
11219//
11220// Returned Error Codes:
11221//   * ErrCodeServiceFailureException "ServiceFailure"
11222//   The request processing has failed because of an unknown error, exception
11223//   or failure.
11224//
11225// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListSAMLProviders
11226func (c *IAM) ListSAMLProviders(input *ListSAMLProvidersInput) (*ListSAMLProvidersOutput, error) {
11227	req, out := c.ListSAMLProvidersRequest(input)
11228	return out, req.Send()
11229}
11230
11231// ListSAMLProvidersWithContext is the same as ListSAMLProviders with the addition of
11232// the ability to pass a context and additional request options.
11233//
11234// See ListSAMLProviders for details on how to use this API operation.
11235//
11236// The context must be non-nil and will be used for request cancellation. If
11237// the context is nil a panic will occur. In the future the SDK may create
11238// sub-contexts for http.Requests. See https://golang.org/pkg/context/
11239// for more information on using Contexts.
11240func (c *IAM) ListSAMLProvidersWithContext(ctx aws.Context, input *ListSAMLProvidersInput, opts ...request.Option) (*ListSAMLProvidersOutput, error) {
11241	req, out := c.ListSAMLProvidersRequest(input)
11242	req.SetContext(ctx)
11243	req.ApplyOptions(opts...)
11244	return out, req.Send()
11245}
11246
11247const opListSSHPublicKeys = "ListSSHPublicKeys"
11248
11249// ListSSHPublicKeysRequest generates a "aws/request.Request" representing the
11250// client's request for the ListSSHPublicKeys operation. The "output" return
11251// value will be populated with the request's response once the request completes
11252// successfully.
11253//
11254// Use "Send" method on the returned Request to send the API call to the service.
11255// the "output" return value is not valid until after Send returns without error.
11256//
11257// See ListSSHPublicKeys for more information on using the ListSSHPublicKeys
11258// API call, and error handling.
11259//
11260// This method is useful when you want to inject custom logic or configuration
11261// into the SDK's request lifecycle. Such as custom headers, or retry logic.
11262//
11263//
11264//    // Example sending a request using the ListSSHPublicKeysRequest method.
11265//    req, resp := client.ListSSHPublicKeysRequest(params)
11266//
11267//    err := req.Send()
11268//    if err == nil { // resp is now filled
11269//        fmt.Println(resp)
11270//    }
11271//
11272// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListSSHPublicKeys
11273func (c *IAM) ListSSHPublicKeysRequest(input *ListSSHPublicKeysInput) (req *request.Request, output *ListSSHPublicKeysOutput) {
11274	op := &request.Operation{
11275		Name:       opListSSHPublicKeys,
11276		HTTPMethod: "POST",
11277		HTTPPath:   "/",
11278		Paginator: &request.Paginator{
11279			InputTokens:     []string{"Marker"},
11280			OutputTokens:    []string{"Marker"},
11281			LimitToken:      "MaxItems",
11282			TruncationToken: "IsTruncated",
11283		},
11284	}
11285
11286	if input == nil {
11287		input = &ListSSHPublicKeysInput{}
11288	}
11289
11290	output = &ListSSHPublicKeysOutput{}
11291	req = c.newRequest(op, input, output)
11292	return
11293}
11294
11295// ListSSHPublicKeys API operation for AWS Identity and Access Management.
11296//
11297// Returns information about the SSH public keys associated with the specified
11298// IAM user. If none exists, the operation returns an empty list.
11299//
11300// The SSH public keys returned by this operation are used only for authenticating
11301// the IAM user to an CodeCommit repository. For more information about using
11302// SSH keys to authenticate to an CodeCommit repository, see Set up CodeCommit
11303// for SSH connections (https://docs.aws.amazon.com/codecommit/latest/userguide/setting-up-credentials-ssh.html)
11304// in the CodeCommit User Guide.
11305//
11306// Although each user is limited to a small number of keys, you can still paginate
11307// the results using the MaxItems and Marker parameters.
11308//
11309// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
11310// with awserr.Error's Code and Message methods to get detailed information about
11311// the error.
11312//
11313// See the AWS API reference guide for AWS Identity and Access Management's
11314// API operation ListSSHPublicKeys for usage and error information.
11315//
11316// Returned Error Codes:
11317//   * ErrCodeNoSuchEntityException "NoSuchEntity"
11318//   The request was rejected because it referenced a resource entity that does
11319//   not exist. The error message describes the resource.
11320//
11321// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListSSHPublicKeys
11322func (c *IAM) ListSSHPublicKeys(input *ListSSHPublicKeysInput) (*ListSSHPublicKeysOutput, error) {
11323	req, out := c.ListSSHPublicKeysRequest(input)
11324	return out, req.Send()
11325}
11326
11327// ListSSHPublicKeysWithContext is the same as ListSSHPublicKeys with the addition of
11328// the ability to pass a context and additional request options.
11329//
11330// See ListSSHPublicKeys for details on how to use this API operation.
11331//
11332// The context must be non-nil and will be used for request cancellation. If
11333// the context is nil a panic will occur. In the future the SDK may create
11334// sub-contexts for http.Requests. See https://golang.org/pkg/context/
11335// for more information on using Contexts.
11336func (c *IAM) ListSSHPublicKeysWithContext(ctx aws.Context, input *ListSSHPublicKeysInput, opts ...request.Option) (*ListSSHPublicKeysOutput, error) {
11337	req, out := c.ListSSHPublicKeysRequest(input)
11338	req.SetContext(ctx)
11339	req.ApplyOptions(opts...)
11340	return out, req.Send()
11341}
11342
11343// ListSSHPublicKeysPages iterates over the pages of a ListSSHPublicKeys operation,
11344// calling the "fn" function with the response data for each page. To stop
11345// iterating, return false from the fn function.
11346//
11347// See ListSSHPublicKeys method for more information on how to use this operation.
11348//
11349// Note: This operation can generate multiple requests to a service.
11350//
11351//    // Example iterating over at most 3 pages of a ListSSHPublicKeys operation.
11352//    pageNum := 0
11353//    err := client.ListSSHPublicKeysPages(params,
11354//        func(page *iam.ListSSHPublicKeysOutput, lastPage bool) bool {
11355//            pageNum++
11356//            fmt.Println(page)
11357//            return pageNum <= 3
11358//        })
11359//
11360func (c *IAM) ListSSHPublicKeysPages(input *ListSSHPublicKeysInput, fn func(*ListSSHPublicKeysOutput, bool) bool) error {
11361	return c.ListSSHPublicKeysPagesWithContext(aws.BackgroundContext(), input, fn)
11362}
11363
11364// ListSSHPublicKeysPagesWithContext same as ListSSHPublicKeysPages except
11365// it takes a Context and allows setting request options on the pages.
11366//
11367// The context must be non-nil and will be used for request cancellation. If
11368// the context is nil a panic will occur. In the future the SDK may create
11369// sub-contexts for http.Requests. See https://golang.org/pkg/context/
11370// for more information on using Contexts.
11371func (c *IAM) ListSSHPublicKeysPagesWithContext(ctx aws.Context, input *ListSSHPublicKeysInput, fn func(*ListSSHPublicKeysOutput, bool) bool, opts ...request.Option) error {
11372	p := request.Pagination{
11373		NewRequest: func() (*request.Request, error) {
11374			var inCpy *ListSSHPublicKeysInput
11375			if input != nil {
11376				tmp := *input
11377				inCpy = &tmp
11378			}
11379			req, _ := c.ListSSHPublicKeysRequest(inCpy)
11380			req.SetContext(ctx)
11381			req.ApplyOptions(opts...)
11382			return req, nil
11383		},
11384	}
11385
11386	for p.Next() {
11387		if !fn(p.Page().(*ListSSHPublicKeysOutput), !p.HasNextPage()) {
11388			break
11389		}
11390	}
11391
11392	return p.Err()
11393}
11394
11395const opListServerCertificateTags = "ListServerCertificateTags"
11396
11397// ListServerCertificateTagsRequest generates a "aws/request.Request" representing the
11398// client's request for the ListServerCertificateTags operation. The "output" return
11399// value will be populated with the request's response once the request completes
11400// successfully.
11401//
11402// Use "Send" method on the returned Request to send the API call to the service.
11403// the "output" return value is not valid until after Send returns without error.
11404//
11405// See ListServerCertificateTags for more information on using the ListServerCertificateTags
11406// API call, and error handling.
11407//
11408// This method is useful when you want to inject custom logic or configuration
11409// into the SDK's request lifecycle. Such as custom headers, or retry logic.
11410//
11411//
11412//    // Example sending a request using the ListServerCertificateTagsRequest method.
11413//    req, resp := client.ListServerCertificateTagsRequest(params)
11414//
11415//    err := req.Send()
11416//    if err == nil { // resp is now filled
11417//        fmt.Println(resp)
11418//    }
11419//
11420// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListServerCertificateTags
11421func (c *IAM) ListServerCertificateTagsRequest(input *ListServerCertificateTagsInput) (req *request.Request, output *ListServerCertificateTagsOutput) {
11422	op := &request.Operation{
11423		Name:       opListServerCertificateTags,
11424		HTTPMethod: "POST",
11425		HTTPPath:   "/",
11426	}
11427
11428	if input == nil {
11429		input = &ListServerCertificateTagsInput{}
11430	}
11431
11432	output = &ListServerCertificateTagsOutput{}
11433	req = c.newRequest(op, input, output)
11434	return
11435}
11436
11437// ListServerCertificateTags API operation for AWS Identity and Access Management.
11438//
11439// Lists the tags that are attached to the specified IAM server certificate.
11440// The returned list of tags is sorted by tag key. For more information about
11441// tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
11442// in the IAM User Guide.
11443//
11444// For certificates in a Region supported by Certificate Manager (ACM), we recommend
11445// that you don't use IAM server certificates. Instead, use ACM to provision,
11446// manage, and deploy your server certificates. For more information about IAM
11447// server certificates, Working with server certificates (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_server-certs.html)
11448// in the IAM User Guide.
11449//
11450// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
11451// with awserr.Error's Code and Message methods to get detailed information about
11452// the error.
11453//
11454// See the AWS API reference guide for AWS Identity and Access Management's
11455// API operation ListServerCertificateTags for usage and error information.
11456//
11457// Returned Error Codes:
11458//   * ErrCodeNoSuchEntityException "NoSuchEntity"
11459//   The request was rejected because it referenced a resource entity that does
11460//   not exist. The error message describes the resource.
11461//
11462//   * ErrCodeServiceFailureException "ServiceFailure"
11463//   The request processing has failed because of an unknown error, exception
11464//   or failure.
11465//
11466// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListServerCertificateTags
11467func (c *IAM) ListServerCertificateTags(input *ListServerCertificateTagsInput) (*ListServerCertificateTagsOutput, error) {
11468	req, out := c.ListServerCertificateTagsRequest(input)
11469	return out, req.Send()
11470}
11471
11472// ListServerCertificateTagsWithContext is the same as ListServerCertificateTags with the addition of
11473// the ability to pass a context and additional request options.
11474//
11475// See ListServerCertificateTags for details on how to use this API operation.
11476//
11477// The context must be non-nil and will be used for request cancellation. If
11478// the context is nil a panic will occur. In the future the SDK may create
11479// sub-contexts for http.Requests. See https://golang.org/pkg/context/
11480// for more information on using Contexts.
11481func (c *IAM) ListServerCertificateTagsWithContext(ctx aws.Context, input *ListServerCertificateTagsInput, opts ...request.Option) (*ListServerCertificateTagsOutput, error) {
11482	req, out := c.ListServerCertificateTagsRequest(input)
11483	req.SetContext(ctx)
11484	req.ApplyOptions(opts...)
11485	return out, req.Send()
11486}
11487
11488const opListServerCertificates = "ListServerCertificates"
11489
11490// ListServerCertificatesRequest generates a "aws/request.Request" representing the
11491// client's request for the ListServerCertificates operation. The "output" return
11492// value will be populated with the request's response once the request completes
11493// successfully.
11494//
11495// Use "Send" method on the returned Request to send the API call to the service.
11496// the "output" return value is not valid until after Send returns without error.
11497//
11498// See ListServerCertificates for more information on using the ListServerCertificates
11499// API call, and error handling.
11500//
11501// This method is useful when you want to inject custom logic or configuration
11502// into the SDK's request lifecycle. Such as custom headers, or retry logic.
11503//
11504//
11505//    // Example sending a request using the ListServerCertificatesRequest method.
11506//    req, resp := client.ListServerCertificatesRequest(params)
11507//
11508//    err := req.Send()
11509//    if err == nil { // resp is now filled
11510//        fmt.Println(resp)
11511//    }
11512//
11513// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListServerCertificates
11514func (c *IAM) ListServerCertificatesRequest(input *ListServerCertificatesInput) (req *request.Request, output *ListServerCertificatesOutput) {
11515	op := &request.Operation{
11516		Name:       opListServerCertificates,
11517		HTTPMethod: "POST",
11518		HTTPPath:   "/",
11519		Paginator: &request.Paginator{
11520			InputTokens:     []string{"Marker"},
11521			OutputTokens:    []string{"Marker"},
11522			LimitToken:      "MaxItems",
11523			TruncationToken: "IsTruncated",
11524		},
11525	}
11526
11527	if input == nil {
11528		input = &ListServerCertificatesInput{}
11529	}
11530
11531	output = &ListServerCertificatesOutput{}
11532	req = c.newRequest(op, input, output)
11533	return
11534}
11535
11536// ListServerCertificates API operation for AWS Identity and Access Management.
11537//
11538// Lists the server certificates stored in IAM that have the specified path
11539// prefix. If none exist, the operation returns an empty list.
11540//
11541// You can paginate the results using the MaxItems and Marker parameters.
11542//
11543// For more information about working with server certificates, see Working
11544// with server certificates (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_server-certs.html)
11545// in the IAM User Guide. This topic also includes a list of Amazon Web Services
11546// services that can use the server certificates that you manage with IAM.
11547//
11548// IAM resource-listing operations return a subset of the available attributes
11549// for the resource. For example, this operation does not return tags, even
11550// though they are an attribute of the returned object. To view all of the information
11551// for a servercertificate, see GetServerCertificate.
11552//
11553// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
11554// with awserr.Error's Code and Message methods to get detailed information about
11555// the error.
11556//
11557// See the AWS API reference guide for AWS Identity and Access Management's
11558// API operation ListServerCertificates for usage and error information.
11559//
11560// Returned Error Codes:
11561//   * ErrCodeServiceFailureException "ServiceFailure"
11562//   The request processing has failed because of an unknown error, exception
11563//   or failure.
11564//
11565// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListServerCertificates
11566func (c *IAM) ListServerCertificates(input *ListServerCertificatesInput) (*ListServerCertificatesOutput, error) {
11567	req, out := c.ListServerCertificatesRequest(input)
11568	return out, req.Send()
11569}
11570
11571// ListServerCertificatesWithContext is the same as ListServerCertificates with the addition of
11572// the ability to pass a context and additional request options.
11573//
11574// See ListServerCertificates for details on how to use this API operation.
11575//
11576// The context must be non-nil and will be used for request cancellation. If
11577// the context is nil a panic will occur. In the future the SDK may create
11578// sub-contexts for http.Requests. See https://golang.org/pkg/context/
11579// for more information on using Contexts.
11580func (c *IAM) ListServerCertificatesWithContext(ctx aws.Context, input *ListServerCertificatesInput, opts ...request.Option) (*ListServerCertificatesOutput, error) {
11581	req, out := c.ListServerCertificatesRequest(input)
11582	req.SetContext(ctx)
11583	req.ApplyOptions(opts...)
11584	return out, req.Send()
11585}
11586
11587// ListServerCertificatesPages iterates over the pages of a ListServerCertificates operation,
11588// calling the "fn" function with the response data for each page. To stop
11589// iterating, return false from the fn function.
11590//
11591// See ListServerCertificates method for more information on how to use this operation.
11592//
11593// Note: This operation can generate multiple requests to a service.
11594//
11595//    // Example iterating over at most 3 pages of a ListServerCertificates operation.
11596//    pageNum := 0
11597//    err := client.ListServerCertificatesPages(params,
11598//        func(page *iam.ListServerCertificatesOutput, lastPage bool) bool {
11599//            pageNum++
11600//            fmt.Println(page)
11601//            return pageNum <= 3
11602//        })
11603//
11604func (c *IAM) ListServerCertificatesPages(input *ListServerCertificatesInput, fn func(*ListServerCertificatesOutput, bool) bool) error {
11605	return c.ListServerCertificatesPagesWithContext(aws.BackgroundContext(), input, fn)
11606}
11607
11608// ListServerCertificatesPagesWithContext same as ListServerCertificatesPages except
11609// it takes a Context and allows setting request options on the pages.
11610//
11611// The context must be non-nil and will be used for request cancellation. If
11612// the context is nil a panic will occur. In the future the SDK may create
11613// sub-contexts for http.Requests. See https://golang.org/pkg/context/
11614// for more information on using Contexts.
11615func (c *IAM) ListServerCertificatesPagesWithContext(ctx aws.Context, input *ListServerCertificatesInput, fn func(*ListServerCertificatesOutput, bool) bool, opts ...request.Option) error {
11616	p := request.Pagination{
11617		NewRequest: func() (*request.Request, error) {
11618			var inCpy *ListServerCertificatesInput
11619			if input != nil {
11620				tmp := *input
11621				inCpy = &tmp
11622			}
11623			req, _ := c.ListServerCertificatesRequest(inCpy)
11624			req.SetContext(ctx)
11625			req.ApplyOptions(opts...)
11626			return req, nil
11627		},
11628	}
11629
11630	for p.Next() {
11631		if !fn(p.Page().(*ListServerCertificatesOutput), !p.HasNextPage()) {
11632			break
11633		}
11634	}
11635
11636	return p.Err()
11637}
11638
11639const opListServiceSpecificCredentials = "ListServiceSpecificCredentials"
11640
11641// ListServiceSpecificCredentialsRequest generates a "aws/request.Request" representing the
11642// client's request for the ListServiceSpecificCredentials operation. The "output" return
11643// value will be populated with the request's response once the request completes
11644// successfully.
11645//
11646// Use "Send" method on the returned Request to send the API call to the service.
11647// the "output" return value is not valid until after Send returns without error.
11648//
11649// See ListServiceSpecificCredentials for more information on using the ListServiceSpecificCredentials
11650// API call, and error handling.
11651//
11652// This method is useful when you want to inject custom logic or configuration
11653// into the SDK's request lifecycle. Such as custom headers, or retry logic.
11654//
11655//
11656//    // Example sending a request using the ListServiceSpecificCredentialsRequest method.
11657//    req, resp := client.ListServiceSpecificCredentialsRequest(params)
11658//
11659//    err := req.Send()
11660//    if err == nil { // resp is now filled
11661//        fmt.Println(resp)
11662//    }
11663//
11664// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListServiceSpecificCredentials
11665func (c *IAM) ListServiceSpecificCredentialsRequest(input *ListServiceSpecificCredentialsInput) (req *request.Request, output *ListServiceSpecificCredentialsOutput) {
11666	op := &request.Operation{
11667		Name:       opListServiceSpecificCredentials,
11668		HTTPMethod: "POST",
11669		HTTPPath:   "/",
11670	}
11671
11672	if input == nil {
11673		input = &ListServiceSpecificCredentialsInput{}
11674	}
11675
11676	output = &ListServiceSpecificCredentialsOutput{}
11677	req = c.newRequest(op, input, output)
11678	return
11679}
11680
11681// ListServiceSpecificCredentials API operation for AWS Identity and Access Management.
11682//
11683// Returns information about the service-specific credentials associated with
11684// the specified IAM user. If none exists, the operation returns an empty list.
11685// The service-specific credentials returned by this operation are used only
11686// for authenticating the IAM user to a specific service. For more information
11687// about using service-specific credentials to authenticate to an Amazon Web
11688// Services service, see Set up service-specific credentials (https://docs.aws.amazon.com/codecommit/latest/userguide/setting-up-gc.html)
11689// in the CodeCommit User Guide.
11690//
11691// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
11692// with awserr.Error's Code and Message methods to get detailed information about
11693// the error.
11694//
11695// See the AWS API reference guide for AWS Identity and Access Management's
11696// API operation ListServiceSpecificCredentials for usage and error information.
11697//
11698// Returned Error Codes:
11699//   * ErrCodeNoSuchEntityException "NoSuchEntity"
11700//   The request was rejected because it referenced a resource entity that does
11701//   not exist. The error message describes the resource.
11702//
11703//   * ErrCodeServiceNotSupportedException "NotSupportedService"
11704//   The specified service does not support service-specific credentials.
11705//
11706// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListServiceSpecificCredentials
11707func (c *IAM) ListServiceSpecificCredentials(input *ListServiceSpecificCredentialsInput) (*ListServiceSpecificCredentialsOutput, error) {
11708	req, out := c.ListServiceSpecificCredentialsRequest(input)
11709	return out, req.Send()
11710}
11711
11712// ListServiceSpecificCredentialsWithContext is the same as ListServiceSpecificCredentials with the addition of
11713// the ability to pass a context and additional request options.
11714//
11715// See ListServiceSpecificCredentials for details on how to use this API operation.
11716//
11717// The context must be non-nil and will be used for request cancellation. If
11718// the context is nil a panic will occur. In the future the SDK may create
11719// sub-contexts for http.Requests. See https://golang.org/pkg/context/
11720// for more information on using Contexts.
11721func (c *IAM) ListServiceSpecificCredentialsWithContext(ctx aws.Context, input *ListServiceSpecificCredentialsInput, opts ...request.Option) (*ListServiceSpecificCredentialsOutput, error) {
11722	req, out := c.ListServiceSpecificCredentialsRequest(input)
11723	req.SetContext(ctx)
11724	req.ApplyOptions(opts...)
11725	return out, req.Send()
11726}
11727
11728const opListSigningCertificates = "ListSigningCertificates"
11729
11730// ListSigningCertificatesRequest generates a "aws/request.Request" representing the
11731// client's request for the ListSigningCertificates operation. The "output" return
11732// value will be populated with the request's response once the request completes
11733// successfully.
11734//
11735// Use "Send" method on the returned Request to send the API call to the service.
11736// the "output" return value is not valid until after Send returns without error.
11737//
11738// See ListSigningCertificates for more information on using the ListSigningCertificates
11739// API call, and error handling.
11740//
11741// This method is useful when you want to inject custom logic or configuration
11742// into the SDK's request lifecycle. Such as custom headers, or retry logic.
11743//
11744//
11745//    // Example sending a request using the ListSigningCertificatesRequest method.
11746//    req, resp := client.ListSigningCertificatesRequest(params)
11747//
11748//    err := req.Send()
11749//    if err == nil { // resp is now filled
11750//        fmt.Println(resp)
11751//    }
11752//
11753// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListSigningCertificates
11754func (c *IAM) ListSigningCertificatesRequest(input *ListSigningCertificatesInput) (req *request.Request, output *ListSigningCertificatesOutput) {
11755	op := &request.Operation{
11756		Name:       opListSigningCertificates,
11757		HTTPMethod: "POST",
11758		HTTPPath:   "/",
11759		Paginator: &request.Paginator{
11760			InputTokens:     []string{"Marker"},
11761			OutputTokens:    []string{"Marker"},
11762			LimitToken:      "MaxItems",
11763			TruncationToken: "IsTruncated",
11764		},
11765	}
11766
11767	if input == nil {
11768		input = &ListSigningCertificatesInput{}
11769	}
11770
11771	output = &ListSigningCertificatesOutput{}
11772	req = c.newRequest(op, input, output)
11773	return
11774}
11775
11776// ListSigningCertificates API operation for AWS Identity and Access Management.
11777//
11778// Returns information about the signing certificates associated with the specified
11779// IAM user. If none exists, the operation returns an empty list.
11780//
11781// Although each user is limited to a small number of signing certificates,
11782// you can still paginate the results using the MaxItems and Marker parameters.
11783//
11784// If the UserName field is not specified, the user name is determined implicitly
11785// based on the Amazon Web Services access key ID used to sign the request for
11786// this operation. This operation works for access keys under the Amazon Web
11787// Services account. Consequently, you can use this operation to manage Amazon
11788// Web Services account root user credentials even if the Amazon Web Services
11789// account has no associated users.
11790//
11791// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
11792// with awserr.Error's Code and Message methods to get detailed information about
11793// the error.
11794//
11795// See the AWS API reference guide for AWS Identity and Access Management's
11796// API operation ListSigningCertificates for usage and error information.
11797//
11798// Returned Error Codes:
11799//   * ErrCodeNoSuchEntityException "NoSuchEntity"
11800//   The request was rejected because it referenced a resource entity that does
11801//   not exist. The error message describes the resource.
11802//
11803//   * ErrCodeServiceFailureException "ServiceFailure"
11804//   The request processing has failed because of an unknown error, exception
11805//   or failure.
11806//
11807// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListSigningCertificates
11808func (c *IAM) ListSigningCertificates(input *ListSigningCertificatesInput) (*ListSigningCertificatesOutput, error) {
11809	req, out := c.ListSigningCertificatesRequest(input)
11810	return out, req.Send()
11811}
11812
11813// ListSigningCertificatesWithContext is the same as ListSigningCertificates with the addition of
11814// the ability to pass a context and additional request options.
11815//
11816// See ListSigningCertificates for details on how to use this API operation.
11817//
11818// The context must be non-nil and will be used for request cancellation. If
11819// the context is nil a panic will occur. In the future the SDK may create
11820// sub-contexts for http.Requests. See https://golang.org/pkg/context/
11821// for more information on using Contexts.
11822func (c *IAM) ListSigningCertificatesWithContext(ctx aws.Context, input *ListSigningCertificatesInput, opts ...request.Option) (*ListSigningCertificatesOutput, error) {
11823	req, out := c.ListSigningCertificatesRequest(input)
11824	req.SetContext(ctx)
11825	req.ApplyOptions(opts...)
11826	return out, req.Send()
11827}
11828
11829// ListSigningCertificatesPages iterates over the pages of a ListSigningCertificates operation,
11830// calling the "fn" function with the response data for each page. To stop
11831// iterating, return false from the fn function.
11832//
11833// See ListSigningCertificates method for more information on how to use this operation.
11834//
11835// Note: This operation can generate multiple requests to a service.
11836//
11837//    // Example iterating over at most 3 pages of a ListSigningCertificates operation.
11838//    pageNum := 0
11839//    err := client.ListSigningCertificatesPages(params,
11840//        func(page *iam.ListSigningCertificatesOutput, lastPage bool) bool {
11841//            pageNum++
11842//            fmt.Println(page)
11843//            return pageNum <= 3
11844//        })
11845//
11846func (c *IAM) ListSigningCertificatesPages(input *ListSigningCertificatesInput, fn func(*ListSigningCertificatesOutput, bool) bool) error {
11847	return c.ListSigningCertificatesPagesWithContext(aws.BackgroundContext(), input, fn)
11848}
11849
11850// ListSigningCertificatesPagesWithContext same as ListSigningCertificatesPages except
11851// it takes a Context and allows setting request options on the pages.
11852//
11853// The context must be non-nil and will be used for request cancellation. If
11854// the context is nil a panic will occur. In the future the SDK may create
11855// sub-contexts for http.Requests. See https://golang.org/pkg/context/
11856// for more information on using Contexts.
11857func (c *IAM) ListSigningCertificatesPagesWithContext(ctx aws.Context, input *ListSigningCertificatesInput, fn func(*ListSigningCertificatesOutput, bool) bool, opts ...request.Option) error {
11858	p := request.Pagination{
11859		NewRequest: func() (*request.Request, error) {
11860			var inCpy *ListSigningCertificatesInput
11861			if input != nil {
11862				tmp := *input
11863				inCpy = &tmp
11864			}
11865			req, _ := c.ListSigningCertificatesRequest(inCpy)
11866			req.SetContext(ctx)
11867			req.ApplyOptions(opts...)
11868			return req, nil
11869		},
11870	}
11871
11872	for p.Next() {
11873		if !fn(p.Page().(*ListSigningCertificatesOutput), !p.HasNextPage()) {
11874			break
11875		}
11876	}
11877
11878	return p.Err()
11879}
11880
11881const opListUserPolicies = "ListUserPolicies"
11882
11883// ListUserPoliciesRequest generates a "aws/request.Request" representing the
11884// client's request for the ListUserPolicies operation. The "output" return
11885// value will be populated with the request's response once the request completes
11886// successfully.
11887//
11888// Use "Send" method on the returned Request to send the API call to the service.
11889// the "output" return value is not valid until after Send returns without error.
11890//
11891// See ListUserPolicies for more information on using the ListUserPolicies
11892// API call, and error handling.
11893//
11894// This method is useful when you want to inject custom logic or configuration
11895// into the SDK's request lifecycle. Such as custom headers, or retry logic.
11896//
11897//
11898//    // Example sending a request using the ListUserPoliciesRequest method.
11899//    req, resp := client.ListUserPoliciesRequest(params)
11900//
11901//    err := req.Send()
11902//    if err == nil { // resp is now filled
11903//        fmt.Println(resp)
11904//    }
11905//
11906// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListUserPolicies
11907func (c *IAM) ListUserPoliciesRequest(input *ListUserPoliciesInput) (req *request.Request, output *ListUserPoliciesOutput) {
11908	op := &request.Operation{
11909		Name:       opListUserPolicies,
11910		HTTPMethod: "POST",
11911		HTTPPath:   "/",
11912		Paginator: &request.Paginator{
11913			InputTokens:     []string{"Marker"},
11914			OutputTokens:    []string{"Marker"},
11915			LimitToken:      "MaxItems",
11916			TruncationToken: "IsTruncated",
11917		},
11918	}
11919
11920	if input == nil {
11921		input = &ListUserPoliciesInput{}
11922	}
11923
11924	output = &ListUserPoliciesOutput{}
11925	req = c.newRequest(op, input, output)
11926	return
11927}
11928
11929// ListUserPolicies API operation for AWS Identity and Access Management.
11930//
11931// Lists the names of the inline policies embedded in the specified IAM user.
11932//
11933// An IAM user can also have managed policies attached to it. To list the managed
11934// policies that are attached to a user, use ListAttachedUserPolicies. For more
11935// information about policies, see Managed policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
11936// in the IAM User Guide.
11937//
11938// You can paginate the results using the MaxItems and Marker parameters. If
11939// there are no inline policies embedded with the specified user, the operation
11940// returns an empty list.
11941//
11942// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
11943// with awserr.Error's Code and Message methods to get detailed information about
11944// the error.
11945//
11946// See the AWS API reference guide for AWS Identity and Access Management's
11947// API operation ListUserPolicies for usage and error information.
11948//
11949// Returned Error Codes:
11950//   * ErrCodeNoSuchEntityException "NoSuchEntity"
11951//   The request was rejected because it referenced a resource entity that does
11952//   not exist. The error message describes the resource.
11953//
11954//   * ErrCodeServiceFailureException "ServiceFailure"
11955//   The request processing has failed because of an unknown error, exception
11956//   or failure.
11957//
11958// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListUserPolicies
11959func (c *IAM) ListUserPolicies(input *ListUserPoliciesInput) (*ListUserPoliciesOutput, error) {
11960	req, out := c.ListUserPoliciesRequest(input)
11961	return out, req.Send()
11962}
11963
11964// ListUserPoliciesWithContext is the same as ListUserPolicies with the addition of
11965// the ability to pass a context and additional request options.
11966//
11967// See ListUserPolicies for details on how to use this API operation.
11968//
11969// The context must be non-nil and will be used for request cancellation. If
11970// the context is nil a panic will occur. In the future the SDK may create
11971// sub-contexts for http.Requests. See https://golang.org/pkg/context/
11972// for more information on using Contexts.
11973func (c *IAM) ListUserPoliciesWithContext(ctx aws.Context, input *ListUserPoliciesInput, opts ...request.Option) (*ListUserPoliciesOutput, error) {
11974	req, out := c.ListUserPoliciesRequest(input)
11975	req.SetContext(ctx)
11976	req.ApplyOptions(opts...)
11977	return out, req.Send()
11978}
11979
11980// ListUserPoliciesPages iterates over the pages of a ListUserPolicies operation,
11981// calling the "fn" function with the response data for each page. To stop
11982// iterating, return false from the fn function.
11983//
11984// See ListUserPolicies method for more information on how to use this operation.
11985//
11986// Note: This operation can generate multiple requests to a service.
11987//
11988//    // Example iterating over at most 3 pages of a ListUserPolicies operation.
11989//    pageNum := 0
11990//    err := client.ListUserPoliciesPages(params,
11991//        func(page *iam.ListUserPoliciesOutput, lastPage bool) bool {
11992//            pageNum++
11993//            fmt.Println(page)
11994//            return pageNum <= 3
11995//        })
11996//
11997func (c *IAM) ListUserPoliciesPages(input *ListUserPoliciesInput, fn func(*ListUserPoliciesOutput, bool) bool) error {
11998	return c.ListUserPoliciesPagesWithContext(aws.BackgroundContext(), input, fn)
11999}
12000
12001// ListUserPoliciesPagesWithContext same as ListUserPoliciesPages except
12002// it takes a Context and allows setting request options on the pages.
12003//
12004// The context must be non-nil and will be used for request cancellation. If
12005// the context is nil a panic will occur. In the future the SDK may create
12006// sub-contexts for http.Requests. See https://golang.org/pkg/context/
12007// for more information on using Contexts.
12008func (c *IAM) ListUserPoliciesPagesWithContext(ctx aws.Context, input *ListUserPoliciesInput, fn func(*ListUserPoliciesOutput, bool) bool, opts ...request.Option) error {
12009	p := request.Pagination{
12010		NewRequest: func() (*request.Request, error) {
12011			var inCpy *ListUserPoliciesInput
12012			if input != nil {
12013				tmp := *input
12014				inCpy = &tmp
12015			}
12016			req, _ := c.ListUserPoliciesRequest(inCpy)
12017			req.SetContext(ctx)
12018			req.ApplyOptions(opts...)
12019			return req, nil
12020		},
12021	}
12022
12023	for p.Next() {
12024		if !fn(p.Page().(*ListUserPoliciesOutput), !p.HasNextPage()) {
12025			break
12026		}
12027	}
12028
12029	return p.Err()
12030}
12031
12032const opListUserTags = "ListUserTags"
12033
12034// ListUserTagsRequest generates a "aws/request.Request" representing the
12035// client's request for the ListUserTags operation. The "output" return
12036// value will be populated with the request's response once the request completes
12037// successfully.
12038//
12039// Use "Send" method on the returned Request to send the API call to the service.
12040// the "output" return value is not valid until after Send returns without error.
12041//
12042// See ListUserTags for more information on using the ListUserTags
12043// API call, and error handling.
12044//
12045// This method is useful when you want to inject custom logic or configuration
12046// into the SDK's request lifecycle. Such as custom headers, or retry logic.
12047//
12048//
12049//    // Example sending a request using the ListUserTagsRequest method.
12050//    req, resp := client.ListUserTagsRequest(params)
12051//
12052//    err := req.Send()
12053//    if err == nil { // resp is now filled
12054//        fmt.Println(resp)
12055//    }
12056//
12057// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListUserTags
12058func (c *IAM) ListUserTagsRequest(input *ListUserTagsInput) (req *request.Request, output *ListUserTagsOutput) {
12059	op := &request.Operation{
12060		Name:       opListUserTags,
12061		HTTPMethod: "POST",
12062		HTTPPath:   "/",
12063		Paginator: &request.Paginator{
12064			InputTokens:     []string{"Marker"},
12065			OutputTokens:    []string{"Marker"},
12066			LimitToken:      "MaxItems",
12067			TruncationToken: "IsTruncated",
12068		},
12069	}
12070
12071	if input == nil {
12072		input = &ListUserTagsInput{}
12073	}
12074
12075	output = &ListUserTagsOutput{}
12076	req = c.newRequest(op, input, output)
12077	return
12078}
12079
12080// ListUserTags API operation for AWS Identity and Access Management.
12081//
12082// Lists the tags that are attached to the specified IAM user. The returned
12083// list of tags is sorted by tag key. For more information about tagging, see
12084// Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
12085// in the IAM User Guide.
12086//
12087// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
12088// with awserr.Error's Code and Message methods to get detailed information about
12089// the error.
12090//
12091// See the AWS API reference guide for AWS Identity and Access Management's
12092// API operation ListUserTags for usage and error information.
12093//
12094// Returned Error Codes:
12095//   * ErrCodeNoSuchEntityException "NoSuchEntity"
12096//   The request was rejected because it referenced a resource entity that does
12097//   not exist. The error message describes the resource.
12098//
12099//   * ErrCodeServiceFailureException "ServiceFailure"
12100//   The request processing has failed because of an unknown error, exception
12101//   or failure.
12102//
12103// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListUserTags
12104func (c *IAM) ListUserTags(input *ListUserTagsInput) (*ListUserTagsOutput, error) {
12105	req, out := c.ListUserTagsRequest(input)
12106	return out, req.Send()
12107}
12108
12109// ListUserTagsWithContext is the same as ListUserTags with the addition of
12110// the ability to pass a context and additional request options.
12111//
12112// See ListUserTags for details on how to use this API operation.
12113//
12114// The context must be non-nil and will be used for request cancellation. If
12115// the context is nil a panic will occur. In the future the SDK may create
12116// sub-contexts for http.Requests. See https://golang.org/pkg/context/
12117// for more information on using Contexts.
12118func (c *IAM) ListUserTagsWithContext(ctx aws.Context, input *ListUserTagsInput, opts ...request.Option) (*ListUserTagsOutput, error) {
12119	req, out := c.ListUserTagsRequest(input)
12120	req.SetContext(ctx)
12121	req.ApplyOptions(opts...)
12122	return out, req.Send()
12123}
12124
12125// ListUserTagsPages iterates over the pages of a ListUserTags operation,
12126// calling the "fn" function with the response data for each page. To stop
12127// iterating, return false from the fn function.
12128//
12129// See ListUserTags method for more information on how to use this operation.
12130//
12131// Note: This operation can generate multiple requests to a service.
12132//
12133//    // Example iterating over at most 3 pages of a ListUserTags operation.
12134//    pageNum := 0
12135//    err := client.ListUserTagsPages(params,
12136//        func(page *iam.ListUserTagsOutput, lastPage bool) bool {
12137//            pageNum++
12138//            fmt.Println(page)
12139//            return pageNum <= 3
12140//        })
12141//
12142func (c *IAM) ListUserTagsPages(input *ListUserTagsInput, fn func(*ListUserTagsOutput, bool) bool) error {
12143	return c.ListUserTagsPagesWithContext(aws.BackgroundContext(), input, fn)
12144}
12145
12146// ListUserTagsPagesWithContext same as ListUserTagsPages except
12147// it takes a Context and allows setting request options on the pages.
12148//
12149// The context must be non-nil and will be used for request cancellation. If
12150// the context is nil a panic will occur. In the future the SDK may create
12151// sub-contexts for http.Requests. See https://golang.org/pkg/context/
12152// for more information on using Contexts.
12153func (c *IAM) ListUserTagsPagesWithContext(ctx aws.Context, input *ListUserTagsInput, fn func(*ListUserTagsOutput, bool) bool, opts ...request.Option) error {
12154	p := request.Pagination{
12155		NewRequest: func() (*request.Request, error) {
12156			var inCpy *ListUserTagsInput
12157			if input != nil {
12158				tmp := *input
12159				inCpy = &tmp
12160			}
12161			req, _ := c.ListUserTagsRequest(inCpy)
12162			req.SetContext(ctx)
12163			req.ApplyOptions(opts...)
12164			return req, nil
12165		},
12166	}
12167
12168	for p.Next() {
12169		if !fn(p.Page().(*ListUserTagsOutput), !p.HasNextPage()) {
12170			break
12171		}
12172	}
12173
12174	return p.Err()
12175}
12176
12177const opListUsers = "ListUsers"
12178
12179// ListUsersRequest generates a "aws/request.Request" representing the
12180// client's request for the ListUsers operation. The "output" return
12181// value will be populated with the request's response once the request completes
12182// successfully.
12183//
12184// Use "Send" method on the returned Request to send the API call to the service.
12185// the "output" return value is not valid until after Send returns without error.
12186//
12187// See ListUsers for more information on using the ListUsers
12188// API call, and error handling.
12189//
12190// This method is useful when you want to inject custom logic or configuration
12191// into the SDK's request lifecycle. Such as custom headers, or retry logic.
12192//
12193//
12194//    // Example sending a request using the ListUsersRequest method.
12195//    req, resp := client.ListUsersRequest(params)
12196//
12197//    err := req.Send()
12198//    if err == nil { // resp is now filled
12199//        fmt.Println(resp)
12200//    }
12201//
12202// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListUsers
12203func (c *IAM) ListUsersRequest(input *ListUsersInput) (req *request.Request, output *ListUsersOutput) {
12204	op := &request.Operation{
12205		Name:       opListUsers,
12206		HTTPMethod: "POST",
12207		HTTPPath:   "/",
12208		Paginator: &request.Paginator{
12209			InputTokens:     []string{"Marker"},
12210			OutputTokens:    []string{"Marker"},
12211			LimitToken:      "MaxItems",
12212			TruncationToken: "IsTruncated",
12213		},
12214	}
12215
12216	if input == nil {
12217		input = &ListUsersInput{}
12218	}
12219
12220	output = &ListUsersOutput{}
12221	req = c.newRequest(op, input, output)
12222	return
12223}
12224
12225// ListUsers API operation for AWS Identity and Access Management.
12226//
12227// Lists the IAM users that have the specified path prefix. If no path prefix
12228// is specified, the operation returns all users in the Amazon Web Services
12229// account. If there are none, the operation returns an empty list.
12230//
12231// IAM resource-listing operations return a subset of the available attributes
12232// for the resource. For example, this operation does not return tags, even
12233// though they are an attribute of the returned object. To view all of the information
12234// for a user, see GetUser.
12235//
12236// You can paginate the results using the MaxItems and Marker parameters.
12237//
12238// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
12239// with awserr.Error's Code and Message methods to get detailed information about
12240// the error.
12241//
12242// See the AWS API reference guide for AWS Identity and Access Management's
12243// API operation ListUsers for usage and error information.
12244//
12245// Returned Error Codes:
12246//   * ErrCodeServiceFailureException "ServiceFailure"
12247//   The request processing has failed because of an unknown error, exception
12248//   or failure.
12249//
12250// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListUsers
12251func (c *IAM) ListUsers(input *ListUsersInput) (*ListUsersOutput, error) {
12252	req, out := c.ListUsersRequest(input)
12253	return out, req.Send()
12254}
12255
12256// ListUsersWithContext is the same as ListUsers with the addition of
12257// the ability to pass a context and additional request options.
12258//
12259// See ListUsers for details on how to use this API operation.
12260//
12261// The context must be non-nil and will be used for request cancellation. If
12262// the context is nil a panic will occur. In the future the SDK may create
12263// sub-contexts for http.Requests. See https://golang.org/pkg/context/
12264// for more information on using Contexts.
12265func (c *IAM) ListUsersWithContext(ctx aws.Context, input *ListUsersInput, opts ...request.Option) (*ListUsersOutput, error) {
12266	req, out := c.ListUsersRequest(input)
12267	req.SetContext(ctx)
12268	req.ApplyOptions(opts...)
12269	return out, req.Send()
12270}
12271
12272// ListUsersPages iterates over the pages of a ListUsers operation,
12273// calling the "fn" function with the response data for each page. To stop
12274// iterating, return false from the fn function.
12275//
12276// See ListUsers method for more information on how to use this operation.
12277//
12278// Note: This operation can generate multiple requests to a service.
12279//
12280//    // Example iterating over at most 3 pages of a ListUsers operation.
12281//    pageNum := 0
12282//    err := client.ListUsersPages(params,
12283//        func(page *iam.ListUsersOutput, lastPage bool) bool {
12284//            pageNum++
12285//            fmt.Println(page)
12286//            return pageNum <= 3
12287//        })
12288//
12289func (c *IAM) ListUsersPages(input *ListUsersInput, fn func(*ListUsersOutput, bool) bool) error {
12290	return c.ListUsersPagesWithContext(aws.BackgroundContext(), input, fn)
12291}
12292
12293// ListUsersPagesWithContext same as ListUsersPages except
12294// it takes a Context and allows setting request options on the pages.
12295//
12296// The context must be non-nil and will be used for request cancellation. If
12297// the context is nil a panic will occur. In the future the SDK may create
12298// sub-contexts for http.Requests. See https://golang.org/pkg/context/
12299// for more information on using Contexts.
12300func (c *IAM) ListUsersPagesWithContext(ctx aws.Context, input *ListUsersInput, fn func(*ListUsersOutput, bool) bool, opts ...request.Option) error {
12301	p := request.Pagination{
12302		NewRequest: func() (*request.Request, error) {
12303			var inCpy *ListUsersInput
12304			if input != nil {
12305				tmp := *input
12306				inCpy = &tmp
12307			}
12308			req, _ := c.ListUsersRequest(inCpy)
12309			req.SetContext(ctx)
12310			req.ApplyOptions(opts...)
12311			return req, nil
12312		},
12313	}
12314
12315	for p.Next() {
12316		if !fn(p.Page().(*ListUsersOutput), !p.HasNextPage()) {
12317			break
12318		}
12319	}
12320
12321	return p.Err()
12322}
12323
12324const opListVirtualMFADevices = "ListVirtualMFADevices"
12325
12326// ListVirtualMFADevicesRequest generates a "aws/request.Request" representing the
12327// client's request for the ListVirtualMFADevices operation. The "output" return
12328// value will be populated with the request's response once the request completes
12329// successfully.
12330//
12331// Use "Send" method on the returned Request to send the API call to the service.
12332// the "output" return value is not valid until after Send returns without error.
12333//
12334// See ListVirtualMFADevices for more information on using the ListVirtualMFADevices
12335// API call, and error handling.
12336//
12337// This method is useful when you want to inject custom logic or configuration
12338// into the SDK's request lifecycle. Such as custom headers, or retry logic.
12339//
12340//
12341//    // Example sending a request using the ListVirtualMFADevicesRequest method.
12342//    req, resp := client.ListVirtualMFADevicesRequest(params)
12343//
12344//    err := req.Send()
12345//    if err == nil { // resp is now filled
12346//        fmt.Println(resp)
12347//    }
12348//
12349// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListVirtualMFADevices
12350func (c *IAM) ListVirtualMFADevicesRequest(input *ListVirtualMFADevicesInput) (req *request.Request, output *ListVirtualMFADevicesOutput) {
12351	op := &request.Operation{
12352		Name:       opListVirtualMFADevices,
12353		HTTPMethod: "POST",
12354		HTTPPath:   "/",
12355		Paginator: &request.Paginator{
12356			InputTokens:     []string{"Marker"},
12357			OutputTokens:    []string{"Marker"},
12358			LimitToken:      "MaxItems",
12359			TruncationToken: "IsTruncated",
12360		},
12361	}
12362
12363	if input == nil {
12364		input = &ListVirtualMFADevicesInput{}
12365	}
12366
12367	output = &ListVirtualMFADevicesOutput{}
12368	req = c.newRequest(op, input, output)
12369	return
12370}
12371
12372// ListVirtualMFADevices API operation for AWS Identity and Access Management.
12373//
12374// Lists the virtual MFA devices defined in the Amazon Web Services account
12375// by assignment status. If you do not specify an assignment status, the operation
12376// returns a list of all virtual MFA devices. Assignment status can be Assigned,
12377// Unassigned, or Any.
12378//
12379// IAM resource-listing operations return a subset of the available attributes
12380// for the resource. For example, this operation does not return tags, even
12381// though they are an attribute of the returned object. To view all of the information
12382// for a virtual MFA device, see ListVirtualMFADevices.
12383//
12384// You can paginate the results using the MaxItems and Marker parameters.
12385//
12386// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
12387// with awserr.Error's Code and Message methods to get detailed information about
12388// the error.
12389//
12390// See the AWS API reference guide for AWS Identity and Access Management's
12391// API operation ListVirtualMFADevices for usage and error information.
12392// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListVirtualMFADevices
12393func (c *IAM) ListVirtualMFADevices(input *ListVirtualMFADevicesInput) (*ListVirtualMFADevicesOutput, error) {
12394	req, out := c.ListVirtualMFADevicesRequest(input)
12395	return out, req.Send()
12396}
12397
12398// ListVirtualMFADevicesWithContext is the same as ListVirtualMFADevices with the addition of
12399// the ability to pass a context and additional request options.
12400//
12401// See ListVirtualMFADevices for details on how to use this API operation.
12402//
12403// The context must be non-nil and will be used for request cancellation. If
12404// the context is nil a panic will occur. In the future the SDK may create
12405// sub-contexts for http.Requests. See https://golang.org/pkg/context/
12406// for more information on using Contexts.
12407func (c *IAM) ListVirtualMFADevicesWithContext(ctx aws.Context, input *ListVirtualMFADevicesInput, opts ...request.Option) (*ListVirtualMFADevicesOutput, error) {
12408	req, out := c.ListVirtualMFADevicesRequest(input)
12409	req.SetContext(ctx)
12410	req.ApplyOptions(opts...)
12411	return out, req.Send()
12412}
12413
12414// ListVirtualMFADevicesPages iterates over the pages of a ListVirtualMFADevices operation,
12415// calling the "fn" function with the response data for each page. To stop
12416// iterating, return false from the fn function.
12417//
12418// See ListVirtualMFADevices method for more information on how to use this operation.
12419//
12420// Note: This operation can generate multiple requests to a service.
12421//
12422//    // Example iterating over at most 3 pages of a ListVirtualMFADevices operation.
12423//    pageNum := 0
12424//    err := client.ListVirtualMFADevicesPages(params,
12425//        func(page *iam.ListVirtualMFADevicesOutput, lastPage bool) bool {
12426//            pageNum++
12427//            fmt.Println(page)
12428//            return pageNum <= 3
12429//        })
12430//
12431func (c *IAM) ListVirtualMFADevicesPages(input *ListVirtualMFADevicesInput, fn func(*ListVirtualMFADevicesOutput, bool) bool) error {
12432	return c.ListVirtualMFADevicesPagesWithContext(aws.BackgroundContext(), input, fn)
12433}
12434
12435// ListVirtualMFADevicesPagesWithContext same as ListVirtualMFADevicesPages except
12436// it takes a Context and allows setting request options on the pages.
12437//
12438// The context must be non-nil and will be used for request cancellation. If
12439// the context is nil a panic will occur. In the future the SDK may create
12440// sub-contexts for http.Requests. See https://golang.org/pkg/context/
12441// for more information on using Contexts.
12442func (c *IAM) ListVirtualMFADevicesPagesWithContext(ctx aws.Context, input *ListVirtualMFADevicesInput, fn func(*ListVirtualMFADevicesOutput, bool) bool, opts ...request.Option) error {
12443	p := request.Pagination{
12444		NewRequest: func() (*request.Request, error) {
12445			var inCpy *ListVirtualMFADevicesInput
12446			if input != nil {
12447				tmp := *input
12448				inCpy = &tmp
12449			}
12450			req, _ := c.ListVirtualMFADevicesRequest(inCpy)
12451			req.SetContext(ctx)
12452			req.ApplyOptions(opts...)
12453			return req, nil
12454		},
12455	}
12456
12457	for p.Next() {
12458		if !fn(p.Page().(*ListVirtualMFADevicesOutput), !p.HasNextPage()) {
12459			break
12460		}
12461	}
12462
12463	return p.Err()
12464}
12465
12466const opPutGroupPolicy = "PutGroupPolicy"
12467
12468// PutGroupPolicyRequest generates a "aws/request.Request" representing the
12469// client's request for the PutGroupPolicy operation. The "output" return
12470// value will be populated with the request's response once the request completes
12471// successfully.
12472//
12473// Use "Send" method on the returned Request to send the API call to the service.
12474// the "output" return value is not valid until after Send returns without error.
12475//
12476// See PutGroupPolicy for more information on using the PutGroupPolicy
12477// API call, and error handling.
12478//
12479// This method is useful when you want to inject custom logic or configuration
12480// into the SDK's request lifecycle. Such as custom headers, or retry logic.
12481//
12482//
12483//    // Example sending a request using the PutGroupPolicyRequest method.
12484//    req, resp := client.PutGroupPolicyRequest(params)
12485//
12486//    err := req.Send()
12487//    if err == nil { // resp is now filled
12488//        fmt.Println(resp)
12489//    }
12490//
12491// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/PutGroupPolicy
12492func (c *IAM) PutGroupPolicyRequest(input *PutGroupPolicyInput) (req *request.Request, output *PutGroupPolicyOutput) {
12493	op := &request.Operation{
12494		Name:       opPutGroupPolicy,
12495		HTTPMethod: "POST",
12496		HTTPPath:   "/",
12497	}
12498
12499	if input == nil {
12500		input = &PutGroupPolicyInput{}
12501	}
12502
12503	output = &PutGroupPolicyOutput{}
12504	req = c.newRequest(op, input, output)
12505	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
12506	return
12507}
12508
12509// PutGroupPolicy API operation for AWS Identity and Access Management.
12510//
12511// Adds or updates an inline policy document that is embedded in the specified
12512// IAM group.
12513//
12514// A user can also have managed policies attached to it. To attach a managed
12515// policy to a group, use AttachGroupPolicy. To create a new managed policy,
12516// use CreatePolicy. For information about policies, see Managed policies and
12517// inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
12518// in the IAM User Guide.
12519//
12520// For information about the maximum number of inline policies that you can
12521// embed in a group, see IAM and STS quotas (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html)
12522// in the IAM User Guide.
12523//
12524// Because policy documents can be large, you should use POST rather than GET
12525// when calling PutGroupPolicy. For general information about using the Query
12526// API with IAM, see Making query requests (https://docs.aws.amazon.com/IAM/latest/UserGuide/IAM_UsingQueryAPI.html)
12527// in the IAM User Guide.
12528//
12529// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
12530// with awserr.Error's Code and Message methods to get detailed information about
12531// the error.
12532//
12533// See the AWS API reference guide for AWS Identity and Access Management's
12534// API operation PutGroupPolicy for usage and error information.
12535//
12536// Returned Error Codes:
12537//   * ErrCodeLimitExceededException "LimitExceeded"
12538//   The request was rejected because it attempted to create resources beyond
12539//   the current Amazon Web Services account limits. The error message describes
12540//   the limit exceeded.
12541//
12542//   * ErrCodeMalformedPolicyDocumentException "MalformedPolicyDocument"
12543//   The request was rejected because the policy document was malformed. The error
12544//   message describes the specific error.
12545//
12546//   * ErrCodeNoSuchEntityException "NoSuchEntity"
12547//   The request was rejected because it referenced a resource entity that does
12548//   not exist. The error message describes the resource.
12549//
12550//   * ErrCodeServiceFailureException "ServiceFailure"
12551//   The request processing has failed because of an unknown error, exception
12552//   or failure.
12553//
12554// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/PutGroupPolicy
12555func (c *IAM) PutGroupPolicy(input *PutGroupPolicyInput) (*PutGroupPolicyOutput, error) {
12556	req, out := c.PutGroupPolicyRequest(input)
12557	return out, req.Send()
12558}
12559
12560// PutGroupPolicyWithContext is the same as PutGroupPolicy with the addition of
12561// the ability to pass a context and additional request options.
12562//
12563// See PutGroupPolicy for details on how to use this API operation.
12564//
12565// The context must be non-nil and will be used for request cancellation. If
12566// the context is nil a panic will occur. In the future the SDK may create
12567// sub-contexts for http.Requests. See https://golang.org/pkg/context/
12568// for more information on using Contexts.
12569func (c *IAM) PutGroupPolicyWithContext(ctx aws.Context, input *PutGroupPolicyInput, opts ...request.Option) (*PutGroupPolicyOutput, error) {
12570	req, out := c.PutGroupPolicyRequest(input)
12571	req.SetContext(ctx)
12572	req.ApplyOptions(opts...)
12573	return out, req.Send()
12574}
12575
12576const opPutRolePermissionsBoundary = "PutRolePermissionsBoundary"
12577
12578// PutRolePermissionsBoundaryRequest generates a "aws/request.Request" representing the
12579// client's request for the PutRolePermissionsBoundary operation. The "output" return
12580// value will be populated with the request's response once the request completes
12581// successfully.
12582//
12583// Use "Send" method on the returned Request to send the API call to the service.
12584// the "output" return value is not valid until after Send returns without error.
12585//
12586// See PutRolePermissionsBoundary for more information on using the PutRolePermissionsBoundary
12587// API call, and error handling.
12588//
12589// This method is useful when you want to inject custom logic or configuration
12590// into the SDK's request lifecycle. Such as custom headers, or retry logic.
12591//
12592//
12593//    // Example sending a request using the PutRolePermissionsBoundaryRequest method.
12594//    req, resp := client.PutRolePermissionsBoundaryRequest(params)
12595//
12596//    err := req.Send()
12597//    if err == nil { // resp is now filled
12598//        fmt.Println(resp)
12599//    }
12600//
12601// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/PutRolePermissionsBoundary
12602func (c *IAM) PutRolePermissionsBoundaryRequest(input *PutRolePermissionsBoundaryInput) (req *request.Request, output *PutRolePermissionsBoundaryOutput) {
12603	op := &request.Operation{
12604		Name:       opPutRolePermissionsBoundary,
12605		HTTPMethod: "POST",
12606		HTTPPath:   "/",
12607	}
12608
12609	if input == nil {
12610		input = &PutRolePermissionsBoundaryInput{}
12611	}
12612
12613	output = &PutRolePermissionsBoundaryOutput{}
12614	req = c.newRequest(op, input, output)
12615	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
12616	return
12617}
12618
12619// PutRolePermissionsBoundary API operation for AWS Identity and Access Management.
12620//
12621// Adds or updates the policy that is specified as the IAM role's permissions
12622// boundary. You can use an Amazon Web Services managed policy or a customer
12623// managed policy to set the boundary for a role. Use the boundary to control
12624// the maximum permissions that the role can have. Setting a permissions boundary
12625// is an advanced feature that can affect the permissions for the role.
12626//
12627// You cannot set the boundary for a service-linked role.
12628//
12629// Policies used as permissions boundaries do not provide permissions. You must
12630// also attach a permissions policy to the role. To learn how the effective
12631// permissions for a role are evaluated, see IAM JSON policy evaluation logic
12632// (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluation-logic.html)
12633// in the IAM User Guide.
12634//
12635// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
12636// with awserr.Error's Code and Message methods to get detailed information about
12637// the error.
12638//
12639// See the AWS API reference guide for AWS Identity and Access Management's
12640// API operation PutRolePermissionsBoundary for usage and error information.
12641//
12642// Returned Error Codes:
12643//   * ErrCodeNoSuchEntityException "NoSuchEntity"
12644//   The request was rejected because it referenced a resource entity that does
12645//   not exist. The error message describes the resource.
12646//
12647//   * ErrCodeInvalidInputException "InvalidInput"
12648//   The request was rejected because an invalid or out-of-range value was supplied
12649//   for an input parameter.
12650//
12651//   * ErrCodeUnmodifiableEntityException "UnmodifiableEntity"
12652//   The request was rejected because only the service that depends on the service-linked
12653//   role can modify or delete the role on your behalf. The error message includes
12654//   the name of the service that depends on this service-linked role. You must
12655//   request the change through that service.
12656//
12657//   * ErrCodePolicyNotAttachableException "PolicyNotAttachable"
12658//   The request failed because Amazon Web Services service role policies can
12659//   only be attached to the service-linked role for that service.
12660//
12661//   * ErrCodeServiceFailureException "ServiceFailure"
12662//   The request processing has failed because of an unknown error, exception
12663//   or failure.
12664//
12665// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/PutRolePermissionsBoundary
12666func (c *IAM) PutRolePermissionsBoundary(input *PutRolePermissionsBoundaryInput) (*PutRolePermissionsBoundaryOutput, error) {
12667	req, out := c.PutRolePermissionsBoundaryRequest(input)
12668	return out, req.Send()
12669}
12670
12671// PutRolePermissionsBoundaryWithContext is the same as PutRolePermissionsBoundary with the addition of
12672// the ability to pass a context and additional request options.
12673//
12674// See PutRolePermissionsBoundary for details on how to use this API operation.
12675//
12676// The context must be non-nil and will be used for request cancellation. If
12677// the context is nil a panic will occur. In the future the SDK may create
12678// sub-contexts for http.Requests. See https://golang.org/pkg/context/
12679// for more information on using Contexts.
12680func (c *IAM) PutRolePermissionsBoundaryWithContext(ctx aws.Context, input *PutRolePermissionsBoundaryInput, opts ...request.Option) (*PutRolePermissionsBoundaryOutput, error) {
12681	req, out := c.PutRolePermissionsBoundaryRequest(input)
12682	req.SetContext(ctx)
12683	req.ApplyOptions(opts...)
12684	return out, req.Send()
12685}
12686
12687const opPutRolePolicy = "PutRolePolicy"
12688
12689// PutRolePolicyRequest generates a "aws/request.Request" representing the
12690// client's request for the PutRolePolicy operation. The "output" return
12691// value will be populated with the request's response once the request completes
12692// successfully.
12693//
12694// Use "Send" method on the returned Request to send the API call to the service.
12695// the "output" return value is not valid until after Send returns without error.
12696//
12697// See PutRolePolicy for more information on using the PutRolePolicy
12698// API call, and error handling.
12699//
12700// This method is useful when you want to inject custom logic or configuration
12701// into the SDK's request lifecycle. Such as custom headers, or retry logic.
12702//
12703//
12704//    // Example sending a request using the PutRolePolicyRequest method.
12705//    req, resp := client.PutRolePolicyRequest(params)
12706//
12707//    err := req.Send()
12708//    if err == nil { // resp is now filled
12709//        fmt.Println(resp)
12710//    }
12711//
12712// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/PutRolePolicy
12713func (c *IAM) PutRolePolicyRequest(input *PutRolePolicyInput) (req *request.Request, output *PutRolePolicyOutput) {
12714	op := &request.Operation{
12715		Name:       opPutRolePolicy,
12716		HTTPMethod: "POST",
12717		HTTPPath:   "/",
12718	}
12719
12720	if input == nil {
12721		input = &PutRolePolicyInput{}
12722	}
12723
12724	output = &PutRolePolicyOutput{}
12725	req = c.newRequest(op, input, output)
12726	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
12727	return
12728}
12729
12730// PutRolePolicy API operation for AWS Identity and Access Management.
12731//
12732// Adds or updates an inline policy document that is embedded in the specified
12733// IAM role.
12734//
12735// When you embed an inline policy in a role, the inline policy is used as part
12736// of the role's access (permissions) policy. The role's trust policy is created
12737// at the same time as the role, using CreateRole. You can update a role's trust
12738// policy using UpdateAssumeRolePolicy. For more information about IAM roles,
12739// see Using roles to delegate permissions and federate identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/roles-toplevel.html).
12740//
12741// A role can also have a managed policy attached to it. To attach a managed
12742// policy to a role, use AttachRolePolicy. To create a new managed policy, use
12743// CreatePolicy. For information about policies, see Managed policies and inline
12744// policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
12745// in the IAM User Guide.
12746//
12747// For information about the maximum number of inline policies that you can
12748// embed with a role, see IAM and STS quotas (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html)
12749// in the IAM User Guide.
12750//
12751// Because policy documents can be large, you should use POST rather than GET
12752// when calling PutRolePolicy. For general information about using the Query
12753// API with IAM, see Making query requests (https://docs.aws.amazon.com/IAM/latest/UserGuide/IAM_UsingQueryAPI.html)
12754// in the IAM User Guide.
12755//
12756// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
12757// with awserr.Error's Code and Message methods to get detailed information about
12758// the error.
12759//
12760// See the AWS API reference guide for AWS Identity and Access Management's
12761// API operation PutRolePolicy for usage and error information.
12762//
12763// Returned Error Codes:
12764//   * ErrCodeLimitExceededException "LimitExceeded"
12765//   The request was rejected because it attempted to create resources beyond
12766//   the current Amazon Web Services account limits. The error message describes
12767//   the limit exceeded.
12768//
12769//   * ErrCodeMalformedPolicyDocumentException "MalformedPolicyDocument"
12770//   The request was rejected because the policy document was malformed. The error
12771//   message describes the specific error.
12772//
12773//   * ErrCodeNoSuchEntityException "NoSuchEntity"
12774//   The request was rejected because it referenced a resource entity that does
12775//   not exist. The error message describes the resource.
12776//
12777//   * ErrCodeUnmodifiableEntityException "UnmodifiableEntity"
12778//   The request was rejected because only the service that depends on the service-linked
12779//   role can modify or delete the role on your behalf. The error message includes
12780//   the name of the service that depends on this service-linked role. You must
12781//   request the change through that service.
12782//
12783//   * ErrCodeServiceFailureException "ServiceFailure"
12784//   The request processing has failed because of an unknown error, exception
12785//   or failure.
12786//
12787// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/PutRolePolicy
12788func (c *IAM) PutRolePolicy(input *PutRolePolicyInput) (*PutRolePolicyOutput, error) {
12789	req, out := c.PutRolePolicyRequest(input)
12790	return out, req.Send()
12791}
12792
12793// PutRolePolicyWithContext is the same as PutRolePolicy with the addition of
12794// the ability to pass a context and additional request options.
12795//
12796// See PutRolePolicy for details on how to use this API operation.
12797//
12798// The context must be non-nil and will be used for request cancellation. If
12799// the context is nil a panic will occur. In the future the SDK may create
12800// sub-contexts for http.Requests. See https://golang.org/pkg/context/
12801// for more information on using Contexts.
12802func (c *IAM) PutRolePolicyWithContext(ctx aws.Context, input *PutRolePolicyInput, opts ...request.Option) (*PutRolePolicyOutput, error) {
12803	req, out := c.PutRolePolicyRequest(input)
12804	req.SetContext(ctx)
12805	req.ApplyOptions(opts...)
12806	return out, req.Send()
12807}
12808
12809const opPutUserPermissionsBoundary = "PutUserPermissionsBoundary"
12810
12811// PutUserPermissionsBoundaryRequest generates a "aws/request.Request" representing the
12812// client's request for the PutUserPermissionsBoundary operation. The "output" return
12813// value will be populated with the request's response once the request completes
12814// successfully.
12815//
12816// Use "Send" method on the returned Request to send the API call to the service.
12817// the "output" return value is not valid until after Send returns without error.
12818//
12819// See PutUserPermissionsBoundary for more information on using the PutUserPermissionsBoundary
12820// API call, and error handling.
12821//
12822// This method is useful when you want to inject custom logic or configuration
12823// into the SDK's request lifecycle. Such as custom headers, or retry logic.
12824//
12825//
12826//    // Example sending a request using the PutUserPermissionsBoundaryRequest method.
12827//    req, resp := client.PutUserPermissionsBoundaryRequest(params)
12828//
12829//    err := req.Send()
12830//    if err == nil { // resp is now filled
12831//        fmt.Println(resp)
12832//    }
12833//
12834// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/PutUserPermissionsBoundary
12835func (c *IAM) PutUserPermissionsBoundaryRequest(input *PutUserPermissionsBoundaryInput) (req *request.Request, output *PutUserPermissionsBoundaryOutput) {
12836	op := &request.Operation{
12837		Name:       opPutUserPermissionsBoundary,
12838		HTTPMethod: "POST",
12839		HTTPPath:   "/",
12840	}
12841
12842	if input == nil {
12843		input = &PutUserPermissionsBoundaryInput{}
12844	}
12845
12846	output = &PutUserPermissionsBoundaryOutput{}
12847	req = c.newRequest(op, input, output)
12848	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
12849	return
12850}
12851
12852// PutUserPermissionsBoundary API operation for AWS Identity and Access Management.
12853//
12854// Adds or updates the policy that is specified as the IAM user's permissions
12855// boundary. You can use an Amazon Web Services managed policy or a customer
12856// managed policy to set the boundary for a user. Use the boundary to control
12857// the maximum permissions that the user can have. Setting a permissions boundary
12858// is an advanced feature that can affect the permissions for the user.
12859//
12860// Policies that are used as permissions boundaries do not provide permissions.
12861// You must also attach a permissions policy to the user. To learn how the effective
12862// permissions for a user are evaluated, see IAM JSON policy evaluation logic
12863// (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluation-logic.html)
12864// in the IAM User Guide.
12865//
12866// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
12867// with awserr.Error's Code and Message methods to get detailed information about
12868// the error.
12869//
12870// See the AWS API reference guide for AWS Identity and Access Management's
12871// API operation PutUserPermissionsBoundary for usage and error information.
12872//
12873// Returned Error Codes:
12874//   * ErrCodeNoSuchEntityException "NoSuchEntity"
12875//   The request was rejected because it referenced a resource entity that does
12876//   not exist. The error message describes the resource.
12877//
12878//   * ErrCodeInvalidInputException "InvalidInput"
12879//   The request was rejected because an invalid or out-of-range value was supplied
12880//   for an input parameter.
12881//
12882//   * ErrCodePolicyNotAttachableException "PolicyNotAttachable"
12883//   The request failed because Amazon Web Services service role policies can
12884//   only be attached to the service-linked role for that service.
12885//
12886//   * ErrCodeServiceFailureException "ServiceFailure"
12887//   The request processing has failed because of an unknown error, exception
12888//   or failure.
12889//
12890// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/PutUserPermissionsBoundary
12891func (c *IAM) PutUserPermissionsBoundary(input *PutUserPermissionsBoundaryInput) (*PutUserPermissionsBoundaryOutput, error) {
12892	req, out := c.PutUserPermissionsBoundaryRequest(input)
12893	return out, req.Send()
12894}
12895
12896// PutUserPermissionsBoundaryWithContext is the same as PutUserPermissionsBoundary with the addition of
12897// the ability to pass a context and additional request options.
12898//
12899// See PutUserPermissionsBoundary for details on how to use this API operation.
12900//
12901// The context must be non-nil and will be used for request cancellation. If
12902// the context is nil a panic will occur. In the future the SDK may create
12903// sub-contexts for http.Requests. See https://golang.org/pkg/context/
12904// for more information on using Contexts.
12905func (c *IAM) PutUserPermissionsBoundaryWithContext(ctx aws.Context, input *PutUserPermissionsBoundaryInput, opts ...request.Option) (*PutUserPermissionsBoundaryOutput, error) {
12906	req, out := c.PutUserPermissionsBoundaryRequest(input)
12907	req.SetContext(ctx)
12908	req.ApplyOptions(opts...)
12909	return out, req.Send()
12910}
12911
12912const opPutUserPolicy = "PutUserPolicy"
12913
12914// PutUserPolicyRequest generates a "aws/request.Request" representing the
12915// client's request for the PutUserPolicy operation. The "output" return
12916// value will be populated with the request's response once the request completes
12917// successfully.
12918//
12919// Use "Send" method on the returned Request to send the API call to the service.
12920// the "output" return value is not valid until after Send returns without error.
12921//
12922// See PutUserPolicy for more information on using the PutUserPolicy
12923// API call, and error handling.
12924//
12925// This method is useful when you want to inject custom logic or configuration
12926// into the SDK's request lifecycle. Such as custom headers, or retry logic.
12927//
12928//
12929//    // Example sending a request using the PutUserPolicyRequest method.
12930//    req, resp := client.PutUserPolicyRequest(params)
12931//
12932//    err := req.Send()
12933//    if err == nil { // resp is now filled
12934//        fmt.Println(resp)
12935//    }
12936//
12937// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/PutUserPolicy
12938func (c *IAM) PutUserPolicyRequest(input *PutUserPolicyInput) (req *request.Request, output *PutUserPolicyOutput) {
12939	op := &request.Operation{
12940		Name:       opPutUserPolicy,
12941		HTTPMethod: "POST",
12942		HTTPPath:   "/",
12943	}
12944
12945	if input == nil {
12946		input = &PutUserPolicyInput{}
12947	}
12948
12949	output = &PutUserPolicyOutput{}
12950	req = c.newRequest(op, input, output)
12951	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
12952	return
12953}
12954
12955// PutUserPolicy API operation for AWS Identity and Access Management.
12956//
12957// Adds or updates an inline policy document that is embedded in the specified
12958// IAM user.
12959//
12960// An IAM user can also have a managed policy attached to it. To attach a managed
12961// policy to a user, use AttachUserPolicy. To create a new managed policy, use
12962// CreatePolicy. For information about policies, see Managed policies and inline
12963// policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
12964// in the IAM User Guide.
12965//
12966// For information about the maximum number of inline policies that you can
12967// embed in a user, see IAM and STS quotas (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html)
12968// in the IAM User Guide.
12969//
12970// Because policy documents can be large, you should use POST rather than GET
12971// when calling PutUserPolicy. For general information about using the Query
12972// API with IAM, see Making query requests (https://docs.aws.amazon.com/IAM/latest/UserGuide/IAM_UsingQueryAPI.html)
12973// in the IAM User Guide.
12974//
12975// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
12976// with awserr.Error's Code and Message methods to get detailed information about
12977// the error.
12978//
12979// See the AWS API reference guide for AWS Identity and Access Management's
12980// API operation PutUserPolicy for usage and error information.
12981//
12982// Returned Error Codes:
12983//   * ErrCodeLimitExceededException "LimitExceeded"
12984//   The request was rejected because it attempted to create resources beyond
12985//   the current Amazon Web Services account limits. The error message describes
12986//   the limit exceeded.
12987//
12988//   * ErrCodeMalformedPolicyDocumentException "MalformedPolicyDocument"
12989//   The request was rejected because the policy document was malformed. The error
12990//   message describes the specific error.
12991//
12992//   * ErrCodeNoSuchEntityException "NoSuchEntity"
12993//   The request was rejected because it referenced a resource entity that does
12994//   not exist. The error message describes the resource.
12995//
12996//   * ErrCodeServiceFailureException "ServiceFailure"
12997//   The request processing has failed because of an unknown error, exception
12998//   or failure.
12999//
13000// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/PutUserPolicy
13001func (c *IAM) PutUserPolicy(input *PutUserPolicyInput) (*PutUserPolicyOutput, error) {
13002	req, out := c.PutUserPolicyRequest(input)
13003	return out, req.Send()
13004}
13005
13006// PutUserPolicyWithContext is the same as PutUserPolicy with the addition of
13007// the ability to pass a context and additional request options.
13008//
13009// See PutUserPolicy for details on how to use this API operation.
13010//
13011// The context must be non-nil and will be used for request cancellation. If
13012// the context is nil a panic will occur. In the future the SDK may create
13013// sub-contexts for http.Requests. See https://golang.org/pkg/context/
13014// for more information on using Contexts.
13015func (c *IAM) PutUserPolicyWithContext(ctx aws.Context, input *PutUserPolicyInput, opts ...request.Option) (*PutUserPolicyOutput, error) {
13016	req, out := c.PutUserPolicyRequest(input)
13017	req.SetContext(ctx)
13018	req.ApplyOptions(opts...)
13019	return out, req.Send()
13020}
13021
13022const opRemoveClientIDFromOpenIDConnectProvider = "RemoveClientIDFromOpenIDConnectProvider"
13023
13024// RemoveClientIDFromOpenIDConnectProviderRequest generates a "aws/request.Request" representing the
13025// client's request for the RemoveClientIDFromOpenIDConnectProvider operation. The "output" return
13026// value will be populated with the request's response once the request completes
13027// successfully.
13028//
13029// Use "Send" method on the returned Request to send the API call to the service.
13030// the "output" return value is not valid until after Send returns without error.
13031//
13032// See RemoveClientIDFromOpenIDConnectProvider for more information on using the RemoveClientIDFromOpenIDConnectProvider
13033// API call, and error handling.
13034//
13035// This method is useful when you want to inject custom logic or configuration
13036// into the SDK's request lifecycle. Such as custom headers, or retry logic.
13037//
13038//
13039//    // Example sending a request using the RemoveClientIDFromOpenIDConnectProviderRequest method.
13040//    req, resp := client.RemoveClientIDFromOpenIDConnectProviderRequest(params)
13041//
13042//    err := req.Send()
13043//    if err == nil { // resp is now filled
13044//        fmt.Println(resp)
13045//    }
13046//
13047// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/RemoveClientIDFromOpenIDConnectProvider
13048func (c *IAM) RemoveClientIDFromOpenIDConnectProviderRequest(input *RemoveClientIDFromOpenIDConnectProviderInput) (req *request.Request, output *RemoveClientIDFromOpenIDConnectProviderOutput) {
13049	op := &request.Operation{
13050		Name:       opRemoveClientIDFromOpenIDConnectProvider,
13051		HTTPMethod: "POST",
13052		HTTPPath:   "/",
13053	}
13054
13055	if input == nil {
13056		input = &RemoveClientIDFromOpenIDConnectProviderInput{}
13057	}
13058
13059	output = &RemoveClientIDFromOpenIDConnectProviderOutput{}
13060	req = c.newRequest(op, input, output)
13061	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
13062	return
13063}
13064
13065// RemoveClientIDFromOpenIDConnectProvider API operation for AWS Identity and Access Management.
13066//
13067// Removes the specified client ID (also known as audience) from the list of
13068// client IDs registered for the specified IAM OpenID Connect (OIDC) provider
13069// resource object.
13070//
13071// This operation is idempotent; it does not fail or return an error if you
13072// try to remove a client ID that does not exist.
13073//
13074// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
13075// with awserr.Error's Code and Message methods to get detailed information about
13076// the error.
13077//
13078// See the AWS API reference guide for AWS Identity and Access Management's
13079// API operation RemoveClientIDFromOpenIDConnectProvider for usage and error information.
13080//
13081// Returned Error Codes:
13082//   * ErrCodeInvalidInputException "InvalidInput"
13083//   The request was rejected because an invalid or out-of-range value was supplied
13084//   for an input parameter.
13085//
13086//   * ErrCodeNoSuchEntityException "NoSuchEntity"
13087//   The request was rejected because it referenced a resource entity that does
13088//   not exist. The error message describes the resource.
13089//
13090//   * ErrCodeServiceFailureException "ServiceFailure"
13091//   The request processing has failed because of an unknown error, exception
13092//   or failure.
13093//
13094// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/RemoveClientIDFromOpenIDConnectProvider
13095func (c *IAM) RemoveClientIDFromOpenIDConnectProvider(input *RemoveClientIDFromOpenIDConnectProviderInput) (*RemoveClientIDFromOpenIDConnectProviderOutput, error) {
13096	req, out := c.RemoveClientIDFromOpenIDConnectProviderRequest(input)
13097	return out, req.Send()
13098}
13099
13100// RemoveClientIDFromOpenIDConnectProviderWithContext is the same as RemoveClientIDFromOpenIDConnectProvider with the addition of
13101// the ability to pass a context and additional request options.
13102//
13103// See RemoveClientIDFromOpenIDConnectProvider for details on how to use this API operation.
13104//
13105// The context must be non-nil and will be used for request cancellation. If
13106// the context is nil a panic will occur. In the future the SDK may create
13107// sub-contexts for http.Requests. See https://golang.org/pkg/context/
13108// for more information on using Contexts.
13109func (c *IAM) RemoveClientIDFromOpenIDConnectProviderWithContext(ctx aws.Context, input *RemoveClientIDFromOpenIDConnectProviderInput, opts ...request.Option) (*RemoveClientIDFromOpenIDConnectProviderOutput, error) {
13110	req, out := c.RemoveClientIDFromOpenIDConnectProviderRequest(input)
13111	req.SetContext(ctx)
13112	req.ApplyOptions(opts...)
13113	return out, req.Send()
13114}
13115
13116const opRemoveRoleFromInstanceProfile = "RemoveRoleFromInstanceProfile"
13117
13118// RemoveRoleFromInstanceProfileRequest generates a "aws/request.Request" representing the
13119// client's request for the RemoveRoleFromInstanceProfile operation. The "output" return
13120// value will be populated with the request's response once the request completes
13121// successfully.
13122//
13123// Use "Send" method on the returned Request to send the API call to the service.
13124// the "output" return value is not valid until after Send returns without error.
13125//
13126// See RemoveRoleFromInstanceProfile for more information on using the RemoveRoleFromInstanceProfile
13127// API call, and error handling.
13128//
13129// This method is useful when you want to inject custom logic or configuration
13130// into the SDK's request lifecycle. Such as custom headers, or retry logic.
13131//
13132//
13133//    // Example sending a request using the RemoveRoleFromInstanceProfileRequest method.
13134//    req, resp := client.RemoveRoleFromInstanceProfileRequest(params)
13135//
13136//    err := req.Send()
13137//    if err == nil { // resp is now filled
13138//        fmt.Println(resp)
13139//    }
13140//
13141// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/RemoveRoleFromInstanceProfile
13142func (c *IAM) RemoveRoleFromInstanceProfileRequest(input *RemoveRoleFromInstanceProfileInput) (req *request.Request, output *RemoveRoleFromInstanceProfileOutput) {
13143	op := &request.Operation{
13144		Name:       opRemoveRoleFromInstanceProfile,
13145		HTTPMethod: "POST",
13146		HTTPPath:   "/",
13147	}
13148
13149	if input == nil {
13150		input = &RemoveRoleFromInstanceProfileInput{}
13151	}
13152
13153	output = &RemoveRoleFromInstanceProfileOutput{}
13154	req = c.newRequest(op, input, output)
13155	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
13156	return
13157}
13158
13159// RemoveRoleFromInstanceProfile API operation for AWS Identity and Access Management.
13160//
13161// Removes the specified IAM role from the specified EC2 instance profile.
13162//
13163// Make sure that you do not have any Amazon EC2 instances running with the
13164// role you are about to remove from the instance profile. Removing a role from
13165// an instance profile that is associated with a running instance might break
13166// any applications running on the instance.
13167//
13168// For more information about IAM roles, see Working with roles (https://docs.aws.amazon.com/IAM/latest/UserGuide/WorkingWithRoles.html).
13169// For more information about instance profiles, see About instance profiles
13170// (https://docs.aws.amazon.com/IAM/latest/UserGuide/AboutInstanceProfiles.html).
13171//
13172// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
13173// with awserr.Error's Code and Message methods to get detailed information about
13174// the error.
13175//
13176// See the AWS API reference guide for AWS Identity and Access Management's
13177// API operation RemoveRoleFromInstanceProfile for usage and error information.
13178//
13179// Returned Error Codes:
13180//   * ErrCodeNoSuchEntityException "NoSuchEntity"
13181//   The request was rejected because it referenced a resource entity that does
13182//   not exist. The error message describes the resource.
13183//
13184//   * ErrCodeLimitExceededException "LimitExceeded"
13185//   The request was rejected because it attempted to create resources beyond
13186//   the current Amazon Web Services account limits. The error message describes
13187//   the limit exceeded.
13188//
13189//   * ErrCodeUnmodifiableEntityException "UnmodifiableEntity"
13190//   The request was rejected because only the service that depends on the service-linked
13191//   role can modify or delete the role on your behalf. The error message includes
13192//   the name of the service that depends on this service-linked role. You must
13193//   request the change through that service.
13194//
13195//   * ErrCodeServiceFailureException "ServiceFailure"
13196//   The request processing has failed because of an unknown error, exception
13197//   or failure.
13198//
13199// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/RemoveRoleFromInstanceProfile
13200func (c *IAM) RemoveRoleFromInstanceProfile(input *RemoveRoleFromInstanceProfileInput) (*RemoveRoleFromInstanceProfileOutput, error) {
13201	req, out := c.RemoveRoleFromInstanceProfileRequest(input)
13202	return out, req.Send()
13203}
13204
13205// RemoveRoleFromInstanceProfileWithContext is the same as RemoveRoleFromInstanceProfile with the addition of
13206// the ability to pass a context and additional request options.
13207//
13208// See RemoveRoleFromInstanceProfile for details on how to use this API operation.
13209//
13210// The context must be non-nil and will be used for request cancellation. If
13211// the context is nil a panic will occur. In the future the SDK may create
13212// sub-contexts for http.Requests. See https://golang.org/pkg/context/
13213// for more information on using Contexts.
13214func (c *IAM) RemoveRoleFromInstanceProfileWithContext(ctx aws.Context, input *RemoveRoleFromInstanceProfileInput, opts ...request.Option) (*RemoveRoleFromInstanceProfileOutput, error) {
13215	req, out := c.RemoveRoleFromInstanceProfileRequest(input)
13216	req.SetContext(ctx)
13217	req.ApplyOptions(opts...)
13218	return out, req.Send()
13219}
13220
13221const opRemoveUserFromGroup = "RemoveUserFromGroup"
13222
13223// RemoveUserFromGroupRequest generates a "aws/request.Request" representing the
13224// client's request for the RemoveUserFromGroup operation. The "output" return
13225// value will be populated with the request's response once the request completes
13226// successfully.
13227//
13228// Use "Send" method on the returned Request to send the API call to the service.
13229// the "output" return value is not valid until after Send returns without error.
13230//
13231// See RemoveUserFromGroup for more information on using the RemoveUserFromGroup
13232// API call, and error handling.
13233//
13234// This method is useful when you want to inject custom logic or configuration
13235// into the SDK's request lifecycle. Such as custom headers, or retry logic.
13236//
13237//
13238//    // Example sending a request using the RemoveUserFromGroupRequest method.
13239//    req, resp := client.RemoveUserFromGroupRequest(params)
13240//
13241//    err := req.Send()
13242//    if err == nil { // resp is now filled
13243//        fmt.Println(resp)
13244//    }
13245//
13246// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/RemoveUserFromGroup
13247func (c *IAM) RemoveUserFromGroupRequest(input *RemoveUserFromGroupInput) (req *request.Request, output *RemoveUserFromGroupOutput) {
13248	op := &request.Operation{
13249		Name:       opRemoveUserFromGroup,
13250		HTTPMethod: "POST",
13251		HTTPPath:   "/",
13252	}
13253
13254	if input == nil {
13255		input = &RemoveUserFromGroupInput{}
13256	}
13257
13258	output = &RemoveUserFromGroupOutput{}
13259	req = c.newRequest(op, input, output)
13260	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
13261	return
13262}
13263
13264// RemoveUserFromGroup API operation for AWS Identity and Access Management.
13265//
13266// Removes the specified user from the specified group.
13267//
13268// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
13269// with awserr.Error's Code and Message methods to get detailed information about
13270// the error.
13271//
13272// See the AWS API reference guide for AWS Identity and Access Management's
13273// API operation RemoveUserFromGroup for usage and error information.
13274//
13275// Returned Error Codes:
13276//   * ErrCodeNoSuchEntityException "NoSuchEntity"
13277//   The request was rejected because it referenced a resource entity that does
13278//   not exist. The error message describes the resource.
13279//
13280//   * ErrCodeLimitExceededException "LimitExceeded"
13281//   The request was rejected because it attempted to create resources beyond
13282//   the current Amazon Web Services account limits. The error message describes
13283//   the limit exceeded.
13284//
13285//   * ErrCodeServiceFailureException "ServiceFailure"
13286//   The request processing has failed because of an unknown error, exception
13287//   or failure.
13288//
13289// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/RemoveUserFromGroup
13290func (c *IAM) RemoveUserFromGroup(input *RemoveUserFromGroupInput) (*RemoveUserFromGroupOutput, error) {
13291	req, out := c.RemoveUserFromGroupRequest(input)
13292	return out, req.Send()
13293}
13294
13295// RemoveUserFromGroupWithContext is the same as RemoveUserFromGroup with the addition of
13296// the ability to pass a context and additional request options.
13297//
13298// See RemoveUserFromGroup for details on how to use this API operation.
13299//
13300// The context must be non-nil and will be used for request cancellation. If
13301// the context is nil a panic will occur. In the future the SDK may create
13302// sub-contexts for http.Requests. See https://golang.org/pkg/context/
13303// for more information on using Contexts.
13304func (c *IAM) RemoveUserFromGroupWithContext(ctx aws.Context, input *RemoveUserFromGroupInput, opts ...request.Option) (*RemoveUserFromGroupOutput, error) {
13305	req, out := c.RemoveUserFromGroupRequest(input)
13306	req.SetContext(ctx)
13307	req.ApplyOptions(opts...)
13308	return out, req.Send()
13309}
13310
13311const opResetServiceSpecificCredential = "ResetServiceSpecificCredential"
13312
13313// ResetServiceSpecificCredentialRequest generates a "aws/request.Request" representing the
13314// client's request for the ResetServiceSpecificCredential operation. The "output" return
13315// value will be populated with the request's response once the request completes
13316// successfully.
13317//
13318// Use "Send" method on the returned Request to send the API call to the service.
13319// the "output" return value is not valid until after Send returns without error.
13320//
13321// See ResetServiceSpecificCredential for more information on using the ResetServiceSpecificCredential
13322// API call, and error handling.
13323//
13324// This method is useful when you want to inject custom logic or configuration
13325// into the SDK's request lifecycle. Such as custom headers, or retry logic.
13326//
13327//
13328//    // Example sending a request using the ResetServiceSpecificCredentialRequest method.
13329//    req, resp := client.ResetServiceSpecificCredentialRequest(params)
13330//
13331//    err := req.Send()
13332//    if err == nil { // resp is now filled
13333//        fmt.Println(resp)
13334//    }
13335//
13336// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ResetServiceSpecificCredential
13337func (c *IAM) ResetServiceSpecificCredentialRequest(input *ResetServiceSpecificCredentialInput) (req *request.Request, output *ResetServiceSpecificCredentialOutput) {
13338	op := &request.Operation{
13339		Name:       opResetServiceSpecificCredential,
13340		HTTPMethod: "POST",
13341		HTTPPath:   "/",
13342	}
13343
13344	if input == nil {
13345		input = &ResetServiceSpecificCredentialInput{}
13346	}
13347
13348	output = &ResetServiceSpecificCredentialOutput{}
13349	req = c.newRequest(op, input, output)
13350	return
13351}
13352
13353// ResetServiceSpecificCredential API operation for AWS Identity and Access Management.
13354//
13355// Resets the password for a service-specific credential. The new password is
13356// Amazon Web Services generated and cryptographically strong. It cannot be
13357// configured by the user. Resetting the password immediately invalidates the
13358// previous password associated with this user.
13359//
13360// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
13361// with awserr.Error's Code and Message methods to get detailed information about
13362// the error.
13363//
13364// See the AWS API reference guide for AWS Identity and Access Management's
13365// API operation ResetServiceSpecificCredential for usage and error information.
13366//
13367// Returned Error Codes:
13368//   * ErrCodeNoSuchEntityException "NoSuchEntity"
13369//   The request was rejected because it referenced a resource entity that does
13370//   not exist. The error message describes the resource.
13371//
13372// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ResetServiceSpecificCredential
13373func (c *IAM) ResetServiceSpecificCredential(input *ResetServiceSpecificCredentialInput) (*ResetServiceSpecificCredentialOutput, error) {
13374	req, out := c.ResetServiceSpecificCredentialRequest(input)
13375	return out, req.Send()
13376}
13377
13378// ResetServiceSpecificCredentialWithContext is the same as ResetServiceSpecificCredential with the addition of
13379// the ability to pass a context and additional request options.
13380//
13381// See ResetServiceSpecificCredential for details on how to use this API operation.
13382//
13383// The context must be non-nil and will be used for request cancellation. If
13384// the context is nil a panic will occur. In the future the SDK may create
13385// sub-contexts for http.Requests. See https://golang.org/pkg/context/
13386// for more information on using Contexts.
13387func (c *IAM) ResetServiceSpecificCredentialWithContext(ctx aws.Context, input *ResetServiceSpecificCredentialInput, opts ...request.Option) (*ResetServiceSpecificCredentialOutput, error) {
13388	req, out := c.ResetServiceSpecificCredentialRequest(input)
13389	req.SetContext(ctx)
13390	req.ApplyOptions(opts...)
13391	return out, req.Send()
13392}
13393
13394const opResyncMFADevice = "ResyncMFADevice"
13395
13396// ResyncMFADeviceRequest generates a "aws/request.Request" representing the
13397// client's request for the ResyncMFADevice operation. The "output" return
13398// value will be populated with the request's response once the request completes
13399// successfully.
13400//
13401// Use "Send" method on the returned Request to send the API call to the service.
13402// the "output" return value is not valid until after Send returns without error.
13403//
13404// See ResyncMFADevice for more information on using the ResyncMFADevice
13405// API call, and error handling.
13406//
13407// This method is useful when you want to inject custom logic or configuration
13408// into the SDK's request lifecycle. Such as custom headers, or retry logic.
13409//
13410//
13411//    // Example sending a request using the ResyncMFADeviceRequest method.
13412//    req, resp := client.ResyncMFADeviceRequest(params)
13413//
13414//    err := req.Send()
13415//    if err == nil { // resp is now filled
13416//        fmt.Println(resp)
13417//    }
13418//
13419// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ResyncMFADevice
13420func (c *IAM) ResyncMFADeviceRequest(input *ResyncMFADeviceInput) (req *request.Request, output *ResyncMFADeviceOutput) {
13421	op := &request.Operation{
13422		Name:       opResyncMFADevice,
13423		HTTPMethod: "POST",
13424		HTTPPath:   "/",
13425	}
13426
13427	if input == nil {
13428		input = &ResyncMFADeviceInput{}
13429	}
13430
13431	output = &ResyncMFADeviceOutput{}
13432	req = c.newRequest(op, input, output)
13433	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
13434	return
13435}
13436
13437// ResyncMFADevice API operation for AWS Identity and Access Management.
13438//
13439// Synchronizes the specified MFA device with its IAM resource object on the
13440// Amazon Web Services servers.
13441//
13442// For more information about creating and working with virtual MFA devices,
13443// see Using a virtual MFA device (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_VirtualMFA.html)
13444// in the IAM User Guide.
13445//
13446// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
13447// with awserr.Error's Code and Message methods to get detailed information about
13448// the error.
13449//
13450// See the AWS API reference guide for AWS Identity and Access Management's
13451// API operation ResyncMFADevice for usage and error information.
13452//
13453// Returned Error Codes:
13454//   * ErrCodeInvalidAuthenticationCodeException "InvalidAuthenticationCode"
13455//   The request was rejected because the authentication code was not recognized.
13456//   The error message describes the specific error.
13457//
13458//   * ErrCodeNoSuchEntityException "NoSuchEntity"
13459//   The request was rejected because it referenced a resource entity that does
13460//   not exist. The error message describes the resource.
13461//
13462//   * ErrCodeLimitExceededException "LimitExceeded"
13463//   The request was rejected because it attempted to create resources beyond
13464//   the current Amazon Web Services account limits. The error message describes
13465//   the limit exceeded.
13466//
13467//   * ErrCodeServiceFailureException "ServiceFailure"
13468//   The request processing has failed because of an unknown error, exception
13469//   or failure.
13470//
13471// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ResyncMFADevice
13472func (c *IAM) ResyncMFADevice(input *ResyncMFADeviceInput) (*ResyncMFADeviceOutput, error) {
13473	req, out := c.ResyncMFADeviceRequest(input)
13474	return out, req.Send()
13475}
13476
13477// ResyncMFADeviceWithContext is the same as ResyncMFADevice with the addition of
13478// the ability to pass a context and additional request options.
13479//
13480// See ResyncMFADevice for details on how to use this API operation.
13481//
13482// The context must be non-nil and will be used for request cancellation. If
13483// the context is nil a panic will occur. In the future the SDK may create
13484// sub-contexts for http.Requests. See https://golang.org/pkg/context/
13485// for more information on using Contexts.
13486func (c *IAM) ResyncMFADeviceWithContext(ctx aws.Context, input *ResyncMFADeviceInput, opts ...request.Option) (*ResyncMFADeviceOutput, error) {
13487	req, out := c.ResyncMFADeviceRequest(input)
13488	req.SetContext(ctx)
13489	req.ApplyOptions(opts...)
13490	return out, req.Send()
13491}
13492
13493const opSetDefaultPolicyVersion = "SetDefaultPolicyVersion"
13494
13495// SetDefaultPolicyVersionRequest generates a "aws/request.Request" representing the
13496// client's request for the SetDefaultPolicyVersion operation. The "output" return
13497// value will be populated with the request's response once the request completes
13498// successfully.
13499//
13500// Use "Send" method on the returned Request to send the API call to the service.
13501// the "output" return value is not valid until after Send returns without error.
13502//
13503// See SetDefaultPolicyVersion for more information on using the SetDefaultPolicyVersion
13504// API call, and error handling.
13505//
13506// This method is useful when you want to inject custom logic or configuration
13507// into the SDK's request lifecycle. Such as custom headers, or retry logic.
13508//
13509//
13510//    // Example sending a request using the SetDefaultPolicyVersionRequest method.
13511//    req, resp := client.SetDefaultPolicyVersionRequest(params)
13512//
13513//    err := req.Send()
13514//    if err == nil { // resp is now filled
13515//        fmt.Println(resp)
13516//    }
13517//
13518// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/SetDefaultPolicyVersion
13519func (c *IAM) SetDefaultPolicyVersionRequest(input *SetDefaultPolicyVersionInput) (req *request.Request, output *SetDefaultPolicyVersionOutput) {
13520	op := &request.Operation{
13521		Name:       opSetDefaultPolicyVersion,
13522		HTTPMethod: "POST",
13523		HTTPPath:   "/",
13524	}
13525
13526	if input == nil {
13527		input = &SetDefaultPolicyVersionInput{}
13528	}
13529
13530	output = &SetDefaultPolicyVersionOutput{}
13531	req = c.newRequest(op, input, output)
13532	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
13533	return
13534}
13535
13536// SetDefaultPolicyVersion API operation for AWS Identity and Access Management.
13537//
13538// Sets the specified version of the specified policy as the policy's default
13539// (operative) version.
13540//
13541// This operation affects all users, groups, and roles that the policy is attached
13542// to. To list the users, groups, and roles that the policy is attached to,
13543// use ListEntitiesForPolicy.
13544//
13545// For information about managed policies, see Managed policies and inline policies
13546// (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
13547// in the IAM User Guide.
13548//
13549// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
13550// with awserr.Error's Code and Message methods to get detailed information about
13551// the error.
13552//
13553// See the AWS API reference guide for AWS Identity and Access Management's
13554// API operation SetDefaultPolicyVersion for usage and error information.
13555//
13556// Returned Error Codes:
13557//   * ErrCodeNoSuchEntityException "NoSuchEntity"
13558//   The request was rejected because it referenced a resource entity that does
13559//   not exist. The error message describes the resource.
13560//
13561//   * ErrCodeInvalidInputException "InvalidInput"
13562//   The request was rejected because an invalid or out-of-range value was supplied
13563//   for an input parameter.
13564//
13565//   * ErrCodeLimitExceededException "LimitExceeded"
13566//   The request was rejected because it attempted to create resources beyond
13567//   the current Amazon Web Services account limits. The error message describes
13568//   the limit exceeded.
13569//
13570//   * ErrCodeServiceFailureException "ServiceFailure"
13571//   The request processing has failed because of an unknown error, exception
13572//   or failure.
13573//
13574// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/SetDefaultPolicyVersion
13575func (c *IAM) SetDefaultPolicyVersion(input *SetDefaultPolicyVersionInput) (*SetDefaultPolicyVersionOutput, error) {
13576	req, out := c.SetDefaultPolicyVersionRequest(input)
13577	return out, req.Send()
13578}
13579
13580// SetDefaultPolicyVersionWithContext is the same as SetDefaultPolicyVersion with the addition of
13581// the ability to pass a context and additional request options.
13582//
13583// See SetDefaultPolicyVersion for details on how to use this API operation.
13584//
13585// The context must be non-nil and will be used for request cancellation. If
13586// the context is nil a panic will occur. In the future the SDK may create
13587// sub-contexts for http.Requests. See https://golang.org/pkg/context/
13588// for more information on using Contexts.
13589func (c *IAM) SetDefaultPolicyVersionWithContext(ctx aws.Context, input *SetDefaultPolicyVersionInput, opts ...request.Option) (*SetDefaultPolicyVersionOutput, error) {
13590	req, out := c.SetDefaultPolicyVersionRequest(input)
13591	req.SetContext(ctx)
13592	req.ApplyOptions(opts...)
13593	return out, req.Send()
13594}
13595
13596const opSetSecurityTokenServicePreferences = "SetSecurityTokenServicePreferences"
13597
13598// SetSecurityTokenServicePreferencesRequest generates a "aws/request.Request" representing the
13599// client's request for the SetSecurityTokenServicePreferences operation. The "output" return
13600// value will be populated with the request's response once the request completes
13601// successfully.
13602//
13603// Use "Send" method on the returned Request to send the API call to the service.
13604// the "output" return value is not valid until after Send returns without error.
13605//
13606// See SetSecurityTokenServicePreferences for more information on using the SetSecurityTokenServicePreferences
13607// API call, and error handling.
13608//
13609// This method is useful when you want to inject custom logic or configuration
13610// into the SDK's request lifecycle. Such as custom headers, or retry logic.
13611//
13612//
13613//    // Example sending a request using the SetSecurityTokenServicePreferencesRequest method.
13614//    req, resp := client.SetSecurityTokenServicePreferencesRequest(params)
13615//
13616//    err := req.Send()
13617//    if err == nil { // resp is now filled
13618//        fmt.Println(resp)
13619//    }
13620//
13621// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/SetSecurityTokenServicePreferences
13622func (c *IAM) SetSecurityTokenServicePreferencesRequest(input *SetSecurityTokenServicePreferencesInput) (req *request.Request, output *SetSecurityTokenServicePreferencesOutput) {
13623	op := &request.Operation{
13624		Name:       opSetSecurityTokenServicePreferences,
13625		HTTPMethod: "POST",
13626		HTTPPath:   "/",
13627	}
13628
13629	if input == nil {
13630		input = &SetSecurityTokenServicePreferencesInput{}
13631	}
13632
13633	output = &SetSecurityTokenServicePreferencesOutput{}
13634	req = c.newRequest(op, input, output)
13635	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
13636	return
13637}
13638
13639// SetSecurityTokenServicePreferences API operation for AWS Identity and Access Management.
13640//
13641// Sets the specified version of the global endpoint token as the token version
13642// used for the Amazon Web Services account.
13643//
13644// By default, Security Token Service (STS) is available as a global service,
13645// and all STS requests go to a single endpoint at https://sts.amazonaws.com.
13646// Amazon Web Services recommends using Regional STS endpoints to reduce latency,
13647// build in redundancy, and increase session token availability. For information
13648// about Regional endpoints for STS, see Security Token Service endpoints and
13649// quotas (https://docs.aws.amazon.com/general/latest/gr/sts.html) in the Amazon
13650// Web Services General Reference.
13651//
13652// If you make an STS call to the global endpoint, the resulting session tokens
13653// might be valid in some Regions but not others. It depends on the version
13654// that is set in this operation. Version 1 tokens are valid only in Amazon
13655// Web Services Regions that are available by default. These tokens do not work
13656// in manually enabled Regions, such as Asia Pacific (Hong Kong). Version 2
13657// tokens are valid in all Regions. However, version 2 tokens are longer and
13658// might affect systems where you temporarily store tokens. For information,
13659// see Activating and deactivating STS in an Amazon Web Services Region (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html)
13660// in the IAM User Guide.
13661//
13662// To view the current session token version, see the GlobalEndpointTokenVersion
13663// entry in the response of the GetAccountSummary operation.
13664//
13665// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
13666// with awserr.Error's Code and Message methods to get detailed information about
13667// the error.
13668//
13669// See the AWS API reference guide for AWS Identity and Access Management's
13670// API operation SetSecurityTokenServicePreferences for usage and error information.
13671//
13672// Returned Error Codes:
13673//   * ErrCodeServiceFailureException "ServiceFailure"
13674//   The request processing has failed because of an unknown error, exception
13675//   or failure.
13676//
13677// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/SetSecurityTokenServicePreferences
13678func (c *IAM) SetSecurityTokenServicePreferences(input *SetSecurityTokenServicePreferencesInput) (*SetSecurityTokenServicePreferencesOutput, error) {
13679	req, out := c.SetSecurityTokenServicePreferencesRequest(input)
13680	return out, req.Send()
13681}
13682
13683// SetSecurityTokenServicePreferencesWithContext is the same as SetSecurityTokenServicePreferences with the addition of
13684// the ability to pass a context and additional request options.
13685//
13686// See SetSecurityTokenServicePreferences for details on how to use this API operation.
13687//
13688// The context must be non-nil and will be used for request cancellation. If
13689// the context is nil a panic will occur. In the future the SDK may create
13690// sub-contexts for http.Requests. See https://golang.org/pkg/context/
13691// for more information on using Contexts.
13692func (c *IAM) SetSecurityTokenServicePreferencesWithContext(ctx aws.Context, input *SetSecurityTokenServicePreferencesInput, opts ...request.Option) (*SetSecurityTokenServicePreferencesOutput, error) {
13693	req, out := c.SetSecurityTokenServicePreferencesRequest(input)
13694	req.SetContext(ctx)
13695	req.ApplyOptions(opts...)
13696	return out, req.Send()
13697}
13698
13699const opSimulateCustomPolicy = "SimulateCustomPolicy"
13700
13701// SimulateCustomPolicyRequest generates a "aws/request.Request" representing the
13702// client's request for the SimulateCustomPolicy operation. The "output" return
13703// value will be populated with the request's response once the request completes
13704// successfully.
13705//
13706// Use "Send" method on the returned Request to send the API call to the service.
13707// the "output" return value is not valid until after Send returns without error.
13708//
13709// See SimulateCustomPolicy for more information on using the SimulateCustomPolicy
13710// API call, and error handling.
13711//
13712// This method is useful when you want to inject custom logic or configuration
13713// into the SDK's request lifecycle. Such as custom headers, or retry logic.
13714//
13715//
13716//    // Example sending a request using the SimulateCustomPolicyRequest method.
13717//    req, resp := client.SimulateCustomPolicyRequest(params)
13718//
13719//    err := req.Send()
13720//    if err == nil { // resp is now filled
13721//        fmt.Println(resp)
13722//    }
13723//
13724// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/SimulateCustomPolicy
13725func (c *IAM) SimulateCustomPolicyRequest(input *SimulateCustomPolicyInput) (req *request.Request, output *SimulatePolicyResponse) {
13726	op := &request.Operation{
13727		Name:       opSimulateCustomPolicy,
13728		HTTPMethod: "POST",
13729		HTTPPath:   "/",
13730		Paginator: &request.Paginator{
13731			InputTokens:     []string{"Marker"},
13732			OutputTokens:    []string{"Marker"},
13733			LimitToken:      "MaxItems",
13734			TruncationToken: "IsTruncated",
13735		},
13736	}
13737
13738	if input == nil {
13739		input = &SimulateCustomPolicyInput{}
13740	}
13741
13742	output = &SimulatePolicyResponse{}
13743	req = c.newRequest(op, input, output)
13744	return
13745}
13746
13747// SimulateCustomPolicy API operation for AWS Identity and Access Management.
13748//
13749// Simulate how a set of IAM policies and optionally a resource-based policy
13750// works with a list of API operations and Amazon Web Services resources to
13751// determine the policies' effective permissions. The policies are provided
13752// as strings.
13753//
13754// The simulation does not perform the API operations; it only checks the authorization
13755// to determine if the simulated policies allow or deny the operations. You
13756// can simulate resources that don't exist in your account.
13757//
13758// If you want to simulate existing policies that are attached to an IAM user,
13759// group, or role, use SimulatePrincipalPolicy instead.
13760//
13761// Context keys are variables that are maintained by Amazon Web Services and
13762// its services and which provide details about the context of an API query
13763// request. You can use the Condition element of an IAM policy to evaluate context
13764// keys. To get the list of context keys that the policies require for correct
13765// simulation, use GetContextKeysForCustomPolicy.
13766//
13767// If the output is long, you can use MaxItems and Marker parameters to paginate
13768// the results.
13769//
13770// For more information about using the policy simulator, see Testing IAM policies
13771// with the IAM policy simulator (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_testing-policies.html)in
13772// the IAM User Guide.
13773//
13774// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
13775// with awserr.Error's Code and Message methods to get detailed information about
13776// the error.
13777//
13778// See the AWS API reference guide for AWS Identity and Access Management's
13779// API operation SimulateCustomPolicy for usage and error information.
13780//
13781// Returned Error Codes:
13782//   * ErrCodeInvalidInputException "InvalidInput"
13783//   The request was rejected because an invalid or out-of-range value was supplied
13784//   for an input parameter.
13785//
13786//   * ErrCodePolicyEvaluationException "PolicyEvaluation"
13787//   The request failed because a provided policy could not be successfully evaluated.
13788//   An additional detailed message indicates the source of the failure.
13789//
13790// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/SimulateCustomPolicy
13791func (c *IAM) SimulateCustomPolicy(input *SimulateCustomPolicyInput) (*SimulatePolicyResponse, error) {
13792	req, out := c.SimulateCustomPolicyRequest(input)
13793	return out, req.Send()
13794}
13795
13796// SimulateCustomPolicyWithContext is the same as SimulateCustomPolicy with the addition of
13797// the ability to pass a context and additional request options.
13798//
13799// See SimulateCustomPolicy for details on how to use this API operation.
13800//
13801// The context must be non-nil and will be used for request cancellation. If
13802// the context is nil a panic will occur. In the future the SDK may create
13803// sub-contexts for http.Requests. See https://golang.org/pkg/context/
13804// for more information on using Contexts.
13805func (c *IAM) SimulateCustomPolicyWithContext(ctx aws.Context, input *SimulateCustomPolicyInput, opts ...request.Option) (*SimulatePolicyResponse, error) {
13806	req, out := c.SimulateCustomPolicyRequest(input)
13807	req.SetContext(ctx)
13808	req.ApplyOptions(opts...)
13809	return out, req.Send()
13810}
13811
13812// SimulateCustomPolicyPages iterates over the pages of a SimulateCustomPolicy operation,
13813// calling the "fn" function with the response data for each page. To stop
13814// iterating, return false from the fn function.
13815//
13816// See SimulateCustomPolicy method for more information on how to use this operation.
13817//
13818// Note: This operation can generate multiple requests to a service.
13819//
13820//    // Example iterating over at most 3 pages of a SimulateCustomPolicy operation.
13821//    pageNum := 0
13822//    err := client.SimulateCustomPolicyPages(params,
13823//        func(page *iam.SimulatePolicyResponse, lastPage bool) bool {
13824//            pageNum++
13825//            fmt.Println(page)
13826//            return pageNum <= 3
13827//        })
13828//
13829func (c *IAM) SimulateCustomPolicyPages(input *SimulateCustomPolicyInput, fn func(*SimulatePolicyResponse, bool) bool) error {
13830	return c.SimulateCustomPolicyPagesWithContext(aws.BackgroundContext(), input, fn)
13831}
13832
13833// SimulateCustomPolicyPagesWithContext same as SimulateCustomPolicyPages except
13834// it takes a Context and allows setting request options on the pages.
13835//
13836// The context must be non-nil and will be used for request cancellation. If
13837// the context is nil a panic will occur. In the future the SDK may create
13838// sub-contexts for http.Requests. See https://golang.org/pkg/context/
13839// for more information on using Contexts.
13840func (c *IAM) SimulateCustomPolicyPagesWithContext(ctx aws.Context, input *SimulateCustomPolicyInput, fn func(*SimulatePolicyResponse, bool) bool, opts ...request.Option) error {
13841	p := request.Pagination{
13842		NewRequest: func() (*request.Request, error) {
13843			var inCpy *SimulateCustomPolicyInput
13844			if input != nil {
13845				tmp := *input
13846				inCpy = &tmp
13847			}
13848			req, _ := c.SimulateCustomPolicyRequest(inCpy)
13849			req.SetContext(ctx)
13850			req.ApplyOptions(opts...)
13851			return req, nil
13852		},
13853	}
13854
13855	for p.Next() {
13856		if !fn(p.Page().(*SimulatePolicyResponse), !p.HasNextPage()) {
13857			break
13858		}
13859	}
13860
13861	return p.Err()
13862}
13863
13864const opSimulatePrincipalPolicy = "SimulatePrincipalPolicy"
13865
13866// SimulatePrincipalPolicyRequest generates a "aws/request.Request" representing the
13867// client's request for the SimulatePrincipalPolicy operation. The "output" return
13868// value will be populated with the request's response once the request completes
13869// successfully.
13870//
13871// Use "Send" method on the returned Request to send the API call to the service.
13872// the "output" return value is not valid until after Send returns without error.
13873//
13874// See SimulatePrincipalPolicy for more information on using the SimulatePrincipalPolicy
13875// API call, and error handling.
13876//
13877// This method is useful when you want to inject custom logic or configuration
13878// into the SDK's request lifecycle. Such as custom headers, or retry logic.
13879//
13880//
13881//    // Example sending a request using the SimulatePrincipalPolicyRequest method.
13882//    req, resp := client.SimulatePrincipalPolicyRequest(params)
13883//
13884//    err := req.Send()
13885//    if err == nil { // resp is now filled
13886//        fmt.Println(resp)
13887//    }
13888//
13889// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/SimulatePrincipalPolicy
13890func (c *IAM) SimulatePrincipalPolicyRequest(input *SimulatePrincipalPolicyInput) (req *request.Request, output *SimulatePolicyResponse) {
13891	op := &request.Operation{
13892		Name:       opSimulatePrincipalPolicy,
13893		HTTPMethod: "POST",
13894		HTTPPath:   "/",
13895		Paginator: &request.Paginator{
13896			InputTokens:     []string{"Marker"},
13897			OutputTokens:    []string{"Marker"},
13898			LimitToken:      "MaxItems",
13899			TruncationToken: "IsTruncated",
13900		},
13901	}
13902
13903	if input == nil {
13904		input = &SimulatePrincipalPolicyInput{}
13905	}
13906
13907	output = &SimulatePolicyResponse{}
13908	req = c.newRequest(op, input, output)
13909	return
13910}
13911
13912// SimulatePrincipalPolicy API operation for AWS Identity and Access Management.
13913//
13914// Simulate how a set of IAM policies attached to an IAM entity works with a
13915// list of API operations and Amazon Web Services resources to determine the
13916// policies' effective permissions. The entity can be an IAM user, group, or
13917// role. If you specify a user, then the simulation also includes all of the
13918// policies that are attached to groups that the user belongs to. You can simulate
13919// resources that don't exist in your account.
13920//
13921// You can optionally include a list of one or more additional policies specified
13922// as strings to include in the simulation. If you want to simulate only policies
13923// specified as strings, use SimulateCustomPolicy instead.
13924//
13925// You can also optionally include one resource-based policy to be evaluated
13926// with each of the resources included in the simulation.
13927//
13928// The simulation does not perform the API operations; it only checks the authorization
13929// to determine if the simulated policies allow or deny the operations.
13930//
13931// Note: This operation discloses information about the permissions granted
13932// to other users. If you do not want users to see other user's permissions,
13933// then consider allowing them to use SimulateCustomPolicy instead.
13934//
13935// Context keys are variables maintained by Amazon Web Services and its services
13936// that provide details about the context of an API query request. You can use
13937// the Condition element of an IAM policy to evaluate context keys. To get the
13938// list of context keys that the policies require for correct simulation, use
13939// GetContextKeysForPrincipalPolicy.
13940//
13941// If the output is long, you can use the MaxItems and Marker parameters to
13942// paginate the results.
13943//
13944// For more information about using the policy simulator, see Testing IAM policies
13945// with the IAM policy simulator (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_testing-policies.html)in
13946// the IAM User Guide.
13947//
13948// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
13949// with awserr.Error's Code and Message methods to get detailed information about
13950// the error.
13951//
13952// See the AWS API reference guide for AWS Identity and Access Management's
13953// API operation SimulatePrincipalPolicy for usage and error information.
13954//
13955// Returned Error Codes:
13956//   * ErrCodeNoSuchEntityException "NoSuchEntity"
13957//   The request was rejected because it referenced a resource entity that does
13958//   not exist. The error message describes the resource.
13959//
13960//   * ErrCodeInvalidInputException "InvalidInput"
13961//   The request was rejected because an invalid or out-of-range value was supplied
13962//   for an input parameter.
13963//
13964//   * ErrCodePolicyEvaluationException "PolicyEvaluation"
13965//   The request failed because a provided policy could not be successfully evaluated.
13966//   An additional detailed message indicates the source of the failure.
13967//
13968// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/SimulatePrincipalPolicy
13969func (c *IAM) SimulatePrincipalPolicy(input *SimulatePrincipalPolicyInput) (*SimulatePolicyResponse, error) {
13970	req, out := c.SimulatePrincipalPolicyRequest(input)
13971	return out, req.Send()
13972}
13973
13974// SimulatePrincipalPolicyWithContext is the same as SimulatePrincipalPolicy with the addition of
13975// the ability to pass a context and additional request options.
13976//
13977// See SimulatePrincipalPolicy for details on how to use this API operation.
13978//
13979// The context must be non-nil and will be used for request cancellation. If
13980// the context is nil a panic will occur. In the future the SDK may create
13981// sub-contexts for http.Requests. See https://golang.org/pkg/context/
13982// for more information on using Contexts.
13983func (c *IAM) SimulatePrincipalPolicyWithContext(ctx aws.Context, input *SimulatePrincipalPolicyInput, opts ...request.Option) (*SimulatePolicyResponse, error) {
13984	req, out := c.SimulatePrincipalPolicyRequest(input)
13985	req.SetContext(ctx)
13986	req.ApplyOptions(opts...)
13987	return out, req.Send()
13988}
13989
13990// SimulatePrincipalPolicyPages iterates over the pages of a SimulatePrincipalPolicy operation,
13991// calling the "fn" function with the response data for each page. To stop
13992// iterating, return false from the fn function.
13993//
13994// See SimulatePrincipalPolicy method for more information on how to use this operation.
13995//
13996// Note: This operation can generate multiple requests to a service.
13997//
13998//    // Example iterating over at most 3 pages of a SimulatePrincipalPolicy operation.
13999//    pageNum := 0
14000//    err := client.SimulatePrincipalPolicyPages(params,
14001//        func(page *iam.SimulatePolicyResponse, lastPage bool) bool {
14002//            pageNum++
14003//            fmt.Println(page)
14004//            return pageNum <= 3
14005//        })
14006//
14007func (c *IAM) SimulatePrincipalPolicyPages(input *SimulatePrincipalPolicyInput, fn func(*SimulatePolicyResponse, bool) bool) error {
14008	return c.SimulatePrincipalPolicyPagesWithContext(aws.BackgroundContext(), input, fn)
14009}
14010
14011// SimulatePrincipalPolicyPagesWithContext same as SimulatePrincipalPolicyPages except
14012// it takes a Context and allows setting request options on the pages.
14013//
14014// The context must be non-nil and will be used for request cancellation. If
14015// the context is nil a panic will occur. In the future the SDK may create
14016// sub-contexts for http.Requests. See https://golang.org/pkg/context/
14017// for more information on using Contexts.
14018func (c *IAM) SimulatePrincipalPolicyPagesWithContext(ctx aws.Context, input *SimulatePrincipalPolicyInput, fn func(*SimulatePolicyResponse, bool) bool, opts ...request.Option) error {
14019	p := request.Pagination{
14020		NewRequest: func() (*request.Request, error) {
14021			var inCpy *SimulatePrincipalPolicyInput
14022			if input != nil {
14023				tmp := *input
14024				inCpy = &tmp
14025			}
14026			req, _ := c.SimulatePrincipalPolicyRequest(inCpy)
14027			req.SetContext(ctx)
14028			req.ApplyOptions(opts...)
14029			return req, nil
14030		},
14031	}
14032
14033	for p.Next() {
14034		if !fn(p.Page().(*SimulatePolicyResponse), !p.HasNextPage()) {
14035			break
14036		}
14037	}
14038
14039	return p.Err()
14040}
14041
14042const opTagInstanceProfile = "TagInstanceProfile"
14043
14044// TagInstanceProfileRequest generates a "aws/request.Request" representing the
14045// client's request for the TagInstanceProfile operation. The "output" return
14046// value will be populated with the request's response once the request completes
14047// successfully.
14048//
14049// Use "Send" method on the returned Request to send the API call to the service.
14050// the "output" return value is not valid until after Send returns without error.
14051//
14052// See TagInstanceProfile for more information on using the TagInstanceProfile
14053// API call, and error handling.
14054//
14055// This method is useful when you want to inject custom logic or configuration
14056// into the SDK's request lifecycle. Such as custom headers, or retry logic.
14057//
14058//
14059//    // Example sending a request using the TagInstanceProfileRequest method.
14060//    req, resp := client.TagInstanceProfileRequest(params)
14061//
14062//    err := req.Send()
14063//    if err == nil { // resp is now filled
14064//        fmt.Println(resp)
14065//    }
14066//
14067// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/TagInstanceProfile
14068func (c *IAM) TagInstanceProfileRequest(input *TagInstanceProfileInput) (req *request.Request, output *TagInstanceProfileOutput) {
14069	op := &request.Operation{
14070		Name:       opTagInstanceProfile,
14071		HTTPMethod: "POST",
14072		HTTPPath:   "/",
14073	}
14074
14075	if input == nil {
14076		input = &TagInstanceProfileInput{}
14077	}
14078
14079	output = &TagInstanceProfileOutput{}
14080	req = c.newRequest(op, input, output)
14081	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
14082	return
14083}
14084
14085// TagInstanceProfile API operation for AWS Identity and Access Management.
14086//
14087// Adds one or more tags to an IAM instance profile. If a tag with the same
14088// key name already exists, then that tag is overwritten with the new value.
14089//
14090// Each tag consists of a key name and an associated value. By assigning tags
14091// to your resources, you can do the following:
14092//
14093//    * Administrative grouping and discovery - Attach tags to resources to
14094//    aid in organization and search. For example, you could search for all
14095//    resources with the key name Project and the value MyImportantProject.
14096//    Or search for all resources with the key name Cost Center and the value
14097//    41200.
14098//
14099//    * Access control - Include tags in IAM user-based and resource-based policies.
14100//    You can use tags to restrict access to only an IAM instance profile that
14101//    has a specified tag attached. For examples of policies that show how to
14102//    use tags to control access, see Control access using IAM tags (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_tags.html)
14103//    in the IAM User Guide.
14104//
14105//    * If any one of the tags is invalid or if you exceed the allowed maximum
14106//    number of tags, then the entire request fails and the resource is not
14107//    created. For more information about tagging, see Tagging IAM resources
14108//    (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the
14109//    IAM User Guide.
14110//
14111//    * Amazon Web Services always interprets the tag Value as a single string.
14112//    If you need to store an array, you can store comma-separated values in
14113//    the string. However, you must interpret the value in your code.
14114//
14115// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
14116// with awserr.Error's Code and Message methods to get detailed information about
14117// the error.
14118//
14119// See the AWS API reference guide for AWS Identity and Access Management's
14120// API operation TagInstanceProfile for usage and error information.
14121//
14122// Returned Error Codes:
14123//   * ErrCodeNoSuchEntityException "NoSuchEntity"
14124//   The request was rejected because it referenced a resource entity that does
14125//   not exist. The error message describes the resource.
14126//
14127//   * ErrCodeInvalidInputException "InvalidInput"
14128//   The request was rejected because an invalid or out-of-range value was supplied
14129//   for an input parameter.
14130//
14131//   * ErrCodeLimitExceededException "LimitExceeded"
14132//   The request was rejected because it attempted to create resources beyond
14133//   the current Amazon Web Services account limits. The error message describes
14134//   the limit exceeded.
14135//
14136//   * ErrCodeConcurrentModificationException "ConcurrentModification"
14137//   The request was rejected because multiple requests to change this object
14138//   were submitted simultaneously. Wait a few minutes and submit your request
14139//   again.
14140//
14141//   * ErrCodeServiceFailureException "ServiceFailure"
14142//   The request processing has failed because of an unknown error, exception
14143//   or failure.
14144//
14145// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/TagInstanceProfile
14146func (c *IAM) TagInstanceProfile(input *TagInstanceProfileInput) (*TagInstanceProfileOutput, error) {
14147	req, out := c.TagInstanceProfileRequest(input)
14148	return out, req.Send()
14149}
14150
14151// TagInstanceProfileWithContext is the same as TagInstanceProfile with the addition of
14152// the ability to pass a context and additional request options.
14153//
14154// See TagInstanceProfile for details on how to use this API operation.
14155//
14156// The context must be non-nil and will be used for request cancellation. If
14157// the context is nil a panic will occur. In the future the SDK may create
14158// sub-contexts for http.Requests. See https://golang.org/pkg/context/
14159// for more information on using Contexts.
14160func (c *IAM) TagInstanceProfileWithContext(ctx aws.Context, input *TagInstanceProfileInput, opts ...request.Option) (*TagInstanceProfileOutput, error) {
14161	req, out := c.TagInstanceProfileRequest(input)
14162	req.SetContext(ctx)
14163	req.ApplyOptions(opts...)
14164	return out, req.Send()
14165}
14166
14167const opTagMFADevice = "TagMFADevice"
14168
14169// TagMFADeviceRequest generates a "aws/request.Request" representing the
14170// client's request for the TagMFADevice operation. The "output" return
14171// value will be populated with the request's response once the request completes
14172// successfully.
14173//
14174// Use "Send" method on the returned Request to send the API call to the service.
14175// the "output" return value is not valid until after Send returns without error.
14176//
14177// See TagMFADevice for more information on using the TagMFADevice
14178// API call, and error handling.
14179//
14180// This method is useful when you want to inject custom logic or configuration
14181// into the SDK's request lifecycle. Such as custom headers, or retry logic.
14182//
14183//
14184//    // Example sending a request using the TagMFADeviceRequest method.
14185//    req, resp := client.TagMFADeviceRequest(params)
14186//
14187//    err := req.Send()
14188//    if err == nil { // resp is now filled
14189//        fmt.Println(resp)
14190//    }
14191//
14192// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/TagMFADevice
14193func (c *IAM) TagMFADeviceRequest(input *TagMFADeviceInput) (req *request.Request, output *TagMFADeviceOutput) {
14194	op := &request.Operation{
14195		Name:       opTagMFADevice,
14196		HTTPMethod: "POST",
14197		HTTPPath:   "/",
14198	}
14199
14200	if input == nil {
14201		input = &TagMFADeviceInput{}
14202	}
14203
14204	output = &TagMFADeviceOutput{}
14205	req = c.newRequest(op, input, output)
14206	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
14207	return
14208}
14209
14210// TagMFADevice API operation for AWS Identity and Access Management.
14211//
14212// Adds one or more tags to an IAM virtual multi-factor authentication (MFA)
14213// device. If a tag with the same key name already exists, then that tag is
14214// overwritten with the new value.
14215//
14216// A tag consists of a key name and an associated value. By assigning tags to
14217// your resources, you can do the following:
14218//
14219//    * Administrative grouping and discovery - Attach tags to resources to
14220//    aid in organization and search. For example, you could search for all
14221//    resources with the key name Project and the value MyImportantProject.
14222//    Or search for all resources with the key name Cost Center and the value
14223//    41200.
14224//
14225//    * Access control - Include tags in IAM user-based and resource-based policies.
14226//    You can use tags to restrict access to only an IAM virtual MFA device
14227//    that has a specified tag attached. For examples of policies that show
14228//    how to use tags to control access, see Control access using IAM tags (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_tags.html)
14229//    in the IAM User Guide.
14230//
14231//    * If any one of the tags is invalid or if you exceed the allowed maximum
14232//    number of tags, then the entire request fails and the resource is not
14233//    created. For more information about tagging, see Tagging IAM resources
14234//    (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the
14235//    IAM User Guide.
14236//
14237//    * Amazon Web Services always interprets the tag Value as a single string.
14238//    If you need to store an array, you can store comma-separated values in
14239//    the string. However, you must interpret the value in your code.
14240//
14241// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
14242// with awserr.Error's Code and Message methods to get detailed information about
14243// the error.
14244//
14245// See the AWS API reference guide for AWS Identity and Access Management's
14246// API operation TagMFADevice for usage and error information.
14247//
14248// Returned Error Codes:
14249//   * ErrCodeInvalidInputException "InvalidInput"
14250//   The request was rejected because an invalid or out-of-range value was supplied
14251//   for an input parameter.
14252//
14253//   * ErrCodeNoSuchEntityException "NoSuchEntity"
14254//   The request was rejected because it referenced a resource entity that does
14255//   not exist. The error message describes the resource.
14256//
14257//   * ErrCodeLimitExceededException "LimitExceeded"
14258//   The request was rejected because it attempted to create resources beyond
14259//   the current Amazon Web Services account limits. The error message describes
14260//   the limit exceeded.
14261//
14262//   * ErrCodeConcurrentModificationException "ConcurrentModification"
14263//   The request was rejected because multiple requests to change this object
14264//   were submitted simultaneously. Wait a few minutes and submit your request
14265//   again.
14266//
14267//   * ErrCodeServiceFailureException "ServiceFailure"
14268//   The request processing has failed because of an unknown error, exception
14269//   or failure.
14270//
14271// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/TagMFADevice
14272func (c *IAM) TagMFADevice(input *TagMFADeviceInput) (*TagMFADeviceOutput, error) {
14273	req, out := c.TagMFADeviceRequest(input)
14274	return out, req.Send()
14275}
14276
14277// TagMFADeviceWithContext is the same as TagMFADevice with the addition of
14278// the ability to pass a context and additional request options.
14279//
14280// See TagMFADevice for details on how to use this API operation.
14281//
14282// The context must be non-nil and will be used for request cancellation. If
14283// the context is nil a panic will occur. In the future the SDK may create
14284// sub-contexts for http.Requests. See https://golang.org/pkg/context/
14285// for more information on using Contexts.
14286func (c *IAM) TagMFADeviceWithContext(ctx aws.Context, input *TagMFADeviceInput, opts ...request.Option) (*TagMFADeviceOutput, error) {
14287	req, out := c.TagMFADeviceRequest(input)
14288	req.SetContext(ctx)
14289	req.ApplyOptions(opts...)
14290	return out, req.Send()
14291}
14292
14293const opTagOpenIDConnectProvider = "TagOpenIDConnectProvider"
14294
14295// TagOpenIDConnectProviderRequest generates a "aws/request.Request" representing the
14296// client's request for the TagOpenIDConnectProvider operation. The "output" return
14297// value will be populated with the request's response once the request completes
14298// successfully.
14299//
14300// Use "Send" method on the returned Request to send the API call to the service.
14301// the "output" return value is not valid until after Send returns without error.
14302//
14303// See TagOpenIDConnectProvider for more information on using the TagOpenIDConnectProvider
14304// API call, and error handling.
14305//
14306// This method is useful when you want to inject custom logic or configuration
14307// into the SDK's request lifecycle. Such as custom headers, or retry logic.
14308//
14309//
14310//    // Example sending a request using the TagOpenIDConnectProviderRequest method.
14311//    req, resp := client.TagOpenIDConnectProviderRequest(params)
14312//
14313//    err := req.Send()
14314//    if err == nil { // resp is now filled
14315//        fmt.Println(resp)
14316//    }
14317//
14318// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/TagOpenIDConnectProvider
14319func (c *IAM) TagOpenIDConnectProviderRequest(input *TagOpenIDConnectProviderInput) (req *request.Request, output *TagOpenIDConnectProviderOutput) {
14320	op := &request.Operation{
14321		Name:       opTagOpenIDConnectProvider,
14322		HTTPMethod: "POST",
14323		HTTPPath:   "/",
14324	}
14325
14326	if input == nil {
14327		input = &TagOpenIDConnectProviderInput{}
14328	}
14329
14330	output = &TagOpenIDConnectProviderOutput{}
14331	req = c.newRequest(op, input, output)
14332	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
14333	return
14334}
14335
14336// TagOpenIDConnectProvider API operation for AWS Identity and Access Management.
14337//
14338// Adds one or more tags to an OpenID Connect (OIDC)-compatible identity provider.
14339// For more information about these providers, see About web identity federation
14340// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_oidc.html).
14341// If a tag with the same key name already exists, then that tag is overwritten
14342// with the new value.
14343//
14344// A tag consists of a key name and an associated value. By assigning tags to
14345// your resources, you can do the following:
14346//
14347//    * Administrative grouping and discovery - Attach tags to resources to
14348//    aid in organization and search. For example, you could search for all
14349//    resources with the key name Project and the value MyImportantProject.
14350//    Or search for all resources with the key name Cost Center and the value
14351//    41200.
14352//
14353//    * Access control - Include tags in IAM user-based and resource-based policies.
14354//    You can use tags to restrict access to only an OIDC provider that has
14355//    a specified tag attached. For examples of policies that show how to use
14356//    tags to control access, see Control access using IAM tags (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_tags.html)
14357//    in the IAM User Guide.
14358//
14359//    * If any one of the tags is invalid or if you exceed the allowed maximum
14360//    number of tags, then the entire request fails and the resource is not
14361//    created. For more information about tagging, see Tagging IAM resources
14362//    (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the
14363//    IAM User Guide.
14364//
14365//    * Amazon Web Services always interprets the tag Value as a single string.
14366//    If you need to store an array, you can store comma-separated values in
14367//    the string. However, you must interpret the value in your code.
14368//
14369// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
14370// with awserr.Error's Code and Message methods to get detailed information about
14371// the error.
14372//
14373// See the AWS API reference guide for AWS Identity and Access Management's
14374// API operation TagOpenIDConnectProvider for usage and error information.
14375//
14376// Returned Error Codes:
14377//   * ErrCodeNoSuchEntityException "NoSuchEntity"
14378//   The request was rejected because it referenced a resource entity that does
14379//   not exist. The error message describes the resource.
14380//
14381//   * ErrCodeLimitExceededException "LimitExceeded"
14382//   The request was rejected because it attempted to create resources beyond
14383//   the current Amazon Web Services account limits. The error message describes
14384//   the limit exceeded.
14385//
14386//   * ErrCodeInvalidInputException "InvalidInput"
14387//   The request was rejected because an invalid or out-of-range value was supplied
14388//   for an input parameter.
14389//
14390//   * ErrCodeConcurrentModificationException "ConcurrentModification"
14391//   The request was rejected because multiple requests to change this object
14392//   were submitted simultaneously. Wait a few minutes and submit your request
14393//   again.
14394//
14395//   * ErrCodeServiceFailureException "ServiceFailure"
14396//   The request processing has failed because of an unknown error, exception
14397//   or failure.
14398//
14399// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/TagOpenIDConnectProvider
14400func (c *IAM) TagOpenIDConnectProvider(input *TagOpenIDConnectProviderInput) (*TagOpenIDConnectProviderOutput, error) {
14401	req, out := c.TagOpenIDConnectProviderRequest(input)
14402	return out, req.Send()
14403}
14404
14405// TagOpenIDConnectProviderWithContext is the same as TagOpenIDConnectProvider with the addition of
14406// the ability to pass a context and additional request options.
14407//
14408// See TagOpenIDConnectProvider for details on how to use this API operation.
14409//
14410// The context must be non-nil and will be used for request cancellation. If
14411// the context is nil a panic will occur. In the future the SDK may create
14412// sub-contexts for http.Requests. See https://golang.org/pkg/context/
14413// for more information on using Contexts.
14414func (c *IAM) TagOpenIDConnectProviderWithContext(ctx aws.Context, input *TagOpenIDConnectProviderInput, opts ...request.Option) (*TagOpenIDConnectProviderOutput, error) {
14415	req, out := c.TagOpenIDConnectProviderRequest(input)
14416	req.SetContext(ctx)
14417	req.ApplyOptions(opts...)
14418	return out, req.Send()
14419}
14420
14421const opTagPolicy = "TagPolicy"
14422
14423// TagPolicyRequest generates a "aws/request.Request" representing the
14424// client's request for the TagPolicy operation. The "output" return
14425// value will be populated with the request's response once the request completes
14426// successfully.
14427//
14428// Use "Send" method on the returned Request to send the API call to the service.
14429// the "output" return value is not valid until after Send returns without error.
14430//
14431// See TagPolicy for more information on using the TagPolicy
14432// API call, and error handling.
14433//
14434// This method is useful when you want to inject custom logic or configuration
14435// into the SDK's request lifecycle. Such as custom headers, or retry logic.
14436//
14437//
14438//    // Example sending a request using the TagPolicyRequest method.
14439//    req, resp := client.TagPolicyRequest(params)
14440//
14441//    err := req.Send()
14442//    if err == nil { // resp is now filled
14443//        fmt.Println(resp)
14444//    }
14445//
14446// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/TagPolicy
14447func (c *IAM) TagPolicyRequest(input *TagPolicyInput) (req *request.Request, output *TagPolicyOutput) {
14448	op := &request.Operation{
14449		Name:       opTagPolicy,
14450		HTTPMethod: "POST",
14451		HTTPPath:   "/",
14452	}
14453
14454	if input == nil {
14455		input = &TagPolicyInput{}
14456	}
14457
14458	output = &TagPolicyOutput{}
14459	req = c.newRequest(op, input, output)
14460	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
14461	return
14462}
14463
14464// TagPolicy API operation for AWS Identity and Access Management.
14465//
14466// Adds one or more tags to an IAM customer managed policy. If a tag with the
14467// same key name already exists, then that tag is overwritten with the new value.
14468//
14469// A tag consists of a key name and an associated value. By assigning tags to
14470// your resources, you can do the following:
14471//
14472//    * Administrative grouping and discovery - Attach tags to resources to
14473//    aid in organization and search. For example, you could search for all
14474//    resources with the key name Project and the value MyImportantProject.
14475//    Or search for all resources with the key name Cost Center and the value
14476//    41200.
14477//
14478//    * Access control - Include tags in IAM user-based and resource-based policies.
14479//    You can use tags to restrict access to only an IAM customer managed policy
14480//    that has a specified tag attached. For examples of policies that show
14481//    how to use tags to control access, see Control access using IAM tags (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_tags.html)
14482//    in the IAM User Guide.
14483//
14484//    * If any one of the tags is invalid or if you exceed the allowed maximum
14485//    number of tags, then the entire request fails and the resource is not
14486//    created. For more information about tagging, see Tagging IAM resources
14487//    (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the
14488//    IAM User Guide.
14489//
14490//    * Amazon Web Services always interprets the tag Value as a single string.
14491//    If you need to store an array, you can store comma-separated values in
14492//    the string. However, you must interpret the value in your code.
14493//
14494// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
14495// with awserr.Error's Code and Message methods to get detailed information about
14496// the error.
14497//
14498// See the AWS API reference guide for AWS Identity and Access Management's
14499// API operation TagPolicy for usage and error information.
14500//
14501// Returned Error Codes:
14502//   * ErrCodeNoSuchEntityException "NoSuchEntity"
14503//   The request was rejected because it referenced a resource entity that does
14504//   not exist. The error message describes the resource.
14505//
14506//   * ErrCodeLimitExceededException "LimitExceeded"
14507//   The request was rejected because it attempted to create resources beyond
14508//   the current Amazon Web Services account limits. The error message describes
14509//   the limit exceeded.
14510//
14511//   * ErrCodeInvalidInputException "InvalidInput"
14512//   The request was rejected because an invalid or out-of-range value was supplied
14513//   for an input parameter.
14514//
14515//   * ErrCodeConcurrentModificationException "ConcurrentModification"
14516//   The request was rejected because multiple requests to change this object
14517//   were submitted simultaneously. Wait a few minutes and submit your request
14518//   again.
14519//
14520//   * ErrCodeServiceFailureException "ServiceFailure"
14521//   The request processing has failed because of an unknown error, exception
14522//   or failure.
14523//
14524// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/TagPolicy
14525func (c *IAM) TagPolicy(input *TagPolicyInput) (*TagPolicyOutput, error) {
14526	req, out := c.TagPolicyRequest(input)
14527	return out, req.Send()
14528}
14529
14530// TagPolicyWithContext is the same as TagPolicy with the addition of
14531// the ability to pass a context and additional request options.
14532//
14533// See TagPolicy for details on how to use this API operation.
14534//
14535// The context must be non-nil and will be used for request cancellation. If
14536// the context is nil a panic will occur. In the future the SDK may create
14537// sub-contexts for http.Requests. See https://golang.org/pkg/context/
14538// for more information on using Contexts.
14539func (c *IAM) TagPolicyWithContext(ctx aws.Context, input *TagPolicyInput, opts ...request.Option) (*TagPolicyOutput, error) {
14540	req, out := c.TagPolicyRequest(input)
14541	req.SetContext(ctx)
14542	req.ApplyOptions(opts...)
14543	return out, req.Send()
14544}
14545
14546const opTagRole = "TagRole"
14547
14548// TagRoleRequest generates a "aws/request.Request" representing the
14549// client's request for the TagRole operation. The "output" return
14550// value will be populated with the request's response once the request completes
14551// successfully.
14552//
14553// Use "Send" method on the returned Request to send the API call to the service.
14554// the "output" return value is not valid until after Send returns without error.
14555//
14556// See TagRole for more information on using the TagRole
14557// API call, and error handling.
14558//
14559// This method is useful when you want to inject custom logic or configuration
14560// into the SDK's request lifecycle. Such as custom headers, or retry logic.
14561//
14562//
14563//    // Example sending a request using the TagRoleRequest method.
14564//    req, resp := client.TagRoleRequest(params)
14565//
14566//    err := req.Send()
14567//    if err == nil { // resp is now filled
14568//        fmt.Println(resp)
14569//    }
14570//
14571// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/TagRole
14572func (c *IAM) TagRoleRequest(input *TagRoleInput) (req *request.Request, output *TagRoleOutput) {
14573	op := &request.Operation{
14574		Name:       opTagRole,
14575		HTTPMethod: "POST",
14576		HTTPPath:   "/",
14577	}
14578
14579	if input == nil {
14580		input = &TagRoleInput{}
14581	}
14582
14583	output = &TagRoleOutput{}
14584	req = c.newRequest(op, input, output)
14585	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
14586	return
14587}
14588
14589// TagRole API operation for AWS Identity and Access Management.
14590//
14591// Adds one or more tags to an IAM role. The role can be a regular role or a
14592// service-linked role. If a tag with the same key name already exists, then
14593// that tag is overwritten with the new value.
14594//
14595// A tag consists of a key name and an associated value. By assigning tags to
14596// your resources, you can do the following:
14597//
14598//    * Administrative grouping and discovery - Attach tags to resources to
14599//    aid in organization and search. For example, you could search for all
14600//    resources with the key name Project and the value MyImportantProject.
14601//    Or search for all resources with the key name Cost Center and the value
14602//    41200.
14603//
14604//    * Access control - Include tags in IAM user-based and resource-based policies.
14605//    You can use tags to restrict access to only an IAM role that has a specified
14606//    tag attached. You can also restrict access to only those resources that
14607//    have a certain tag attached. For examples of policies that show how to
14608//    use tags to control access, see Control access using IAM tags (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_tags.html)
14609//    in the IAM User Guide.
14610//
14611//    * Cost allocation - Use tags to help track which individuals and teams
14612//    are using which Amazon Web Services resources.
14613//
14614//    * If any one of the tags is invalid or if you exceed the allowed maximum
14615//    number of tags, then the entire request fails and the resource is not
14616//    created. For more information about tagging, see Tagging IAM resources
14617//    (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the
14618//    IAM User Guide.
14619//
14620//    * Amazon Web Services always interprets the tag Value as a single string.
14621//    If you need to store an array, you can store comma-separated values in
14622//    the string. However, you must interpret the value in your code.
14623//
14624// For more information about tagging, see Tagging IAM identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
14625// in the IAM User Guide.
14626//
14627// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
14628// with awserr.Error's Code and Message methods to get detailed information about
14629// the error.
14630//
14631// See the AWS API reference guide for AWS Identity and Access Management's
14632// API operation TagRole for usage and error information.
14633//
14634// Returned Error Codes:
14635//   * ErrCodeNoSuchEntityException "NoSuchEntity"
14636//   The request was rejected because it referenced a resource entity that does
14637//   not exist. The error message describes the resource.
14638//
14639//   * ErrCodeLimitExceededException "LimitExceeded"
14640//   The request was rejected because it attempted to create resources beyond
14641//   the current Amazon Web Services account limits. The error message describes
14642//   the limit exceeded.
14643//
14644//   * ErrCodeInvalidInputException "InvalidInput"
14645//   The request was rejected because an invalid or out-of-range value was supplied
14646//   for an input parameter.
14647//
14648//   * ErrCodeConcurrentModificationException "ConcurrentModification"
14649//   The request was rejected because multiple requests to change this object
14650//   were submitted simultaneously. Wait a few minutes and submit your request
14651//   again.
14652//
14653//   * ErrCodeServiceFailureException "ServiceFailure"
14654//   The request processing has failed because of an unknown error, exception
14655//   or failure.
14656//
14657// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/TagRole
14658func (c *IAM) TagRole(input *TagRoleInput) (*TagRoleOutput, error) {
14659	req, out := c.TagRoleRequest(input)
14660	return out, req.Send()
14661}
14662
14663// TagRoleWithContext is the same as TagRole with the addition of
14664// the ability to pass a context and additional request options.
14665//
14666// See TagRole for details on how to use this API operation.
14667//
14668// The context must be non-nil and will be used for request cancellation. If
14669// the context is nil a panic will occur. In the future the SDK may create
14670// sub-contexts for http.Requests. See https://golang.org/pkg/context/
14671// for more information on using Contexts.
14672func (c *IAM) TagRoleWithContext(ctx aws.Context, input *TagRoleInput, opts ...request.Option) (*TagRoleOutput, error) {
14673	req, out := c.TagRoleRequest(input)
14674	req.SetContext(ctx)
14675	req.ApplyOptions(opts...)
14676	return out, req.Send()
14677}
14678
14679const opTagSAMLProvider = "TagSAMLProvider"
14680
14681// TagSAMLProviderRequest generates a "aws/request.Request" representing the
14682// client's request for the TagSAMLProvider operation. The "output" return
14683// value will be populated with the request's response once the request completes
14684// successfully.
14685//
14686// Use "Send" method on the returned Request to send the API call to the service.
14687// the "output" return value is not valid until after Send returns without error.
14688//
14689// See TagSAMLProvider for more information on using the TagSAMLProvider
14690// API call, and error handling.
14691//
14692// This method is useful when you want to inject custom logic or configuration
14693// into the SDK's request lifecycle. Such as custom headers, or retry logic.
14694//
14695//
14696//    // Example sending a request using the TagSAMLProviderRequest method.
14697//    req, resp := client.TagSAMLProviderRequest(params)
14698//
14699//    err := req.Send()
14700//    if err == nil { // resp is now filled
14701//        fmt.Println(resp)
14702//    }
14703//
14704// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/TagSAMLProvider
14705func (c *IAM) TagSAMLProviderRequest(input *TagSAMLProviderInput) (req *request.Request, output *TagSAMLProviderOutput) {
14706	op := &request.Operation{
14707		Name:       opTagSAMLProvider,
14708		HTTPMethod: "POST",
14709		HTTPPath:   "/",
14710	}
14711
14712	if input == nil {
14713		input = &TagSAMLProviderInput{}
14714	}
14715
14716	output = &TagSAMLProviderOutput{}
14717	req = c.newRequest(op, input, output)
14718	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
14719	return
14720}
14721
14722// TagSAMLProvider API operation for AWS Identity and Access Management.
14723//
14724// Adds one or more tags to a Security Assertion Markup Language (SAML) identity
14725// provider. For more information about these providers, see About SAML 2.0-based
14726// federation (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_saml.html).
14727// If a tag with the same key name already exists, then that tag is overwritten
14728// with the new value.
14729//
14730// A tag consists of a key name and an associated value. By assigning tags to
14731// your resources, you can do the following:
14732//
14733//    * Administrative grouping and discovery - Attach tags to resources to
14734//    aid in organization and search. For example, you could search for all
14735//    resources with the key name Project and the value MyImportantProject.
14736//    Or search for all resources with the key name Cost Center and the value
14737//    41200.
14738//
14739//    * Access control - Include tags in IAM user-based and resource-based policies.
14740//    You can use tags to restrict access to only a SAML identity provider that
14741//    has a specified tag attached. For examples of policies that show how to
14742//    use tags to control access, see Control access using IAM tags (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_tags.html)
14743//    in the IAM User Guide.
14744//
14745//    * If any one of the tags is invalid or if you exceed the allowed maximum
14746//    number of tags, then the entire request fails and the resource is not
14747//    created. For more information about tagging, see Tagging IAM resources
14748//    (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the
14749//    IAM User Guide.
14750//
14751//    * Amazon Web Services always interprets the tag Value as a single string.
14752//    If you need to store an array, you can store comma-separated values in
14753//    the string. However, you must interpret the value in your code.
14754//
14755// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
14756// with awserr.Error's Code and Message methods to get detailed information about
14757// the error.
14758//
14759// See the AWS API reference guide for AWS Identity and Access Management's
14760// API operation TagSAMLProvider for usage and error information.
14761//
14762// Returned Error Codes:
14763//   * ErrCodeNoSuchEntityException "NoSuchEntity"
14764//   The request was rejected because it referenced a resource entity that does
14765//   not exist. The error message describes the resource.
14766//
14767//   * ErrCodeLimitExceededException "LimitExceeded"
14768//   The request was rejected because it attempted to create resources beyond
14769//   the current Amazon Web Services account limits. The error message describes
14770//   the limit exceeded.
14771//
14772//   * ErrCodeInvalidInputException "InvalidInput"
14773//   The request was rejected because an invalid or out-of-range value was supplied
14774//   for an input parameter.
14775//
14776//   * ErrCodeConcurrentModificationException "ConcurrentModification"
14777//   The request was rejected because multiple requests to change this object
14778//   were submitted simultaneously. Wait a few minutes and submit your request
14779//   again.
14780//
14781//   * ErrCodeServiceFailureException "ServiceFailure"
14782//   The request processing has failed because of an unknown error, exception
14783//   or failure.
14784//
14785// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/TagSAMLProvider
14786func (c *IAM) TagSAMLProvider(input *TagSAMLProviderInput) (*TagSAMLProviderOutput, error) {
14787	req, out := c.TagSAMLProviderRequest(input)
14788	return out, req.Send()
14789}
14790
14791// TagSAMLProviderWithContext is the same as TagSAMLProvider with the addition of
14792// the ability to pass a context and additional request options.
14793//
14794// See TagSAMLProvider for details on how to use this API operation.
14795//
14796// The context must be non-nil and will be used for request cancellation. If
14797// the context is nil a panic will occur. In the future the SDK may create
14798// sub-contexts for http.Requests. See https://golang.org/pkg/context/
14799// for more information on using Contexts.
14800func (c *IAM) TagSAMLProviderWithContext(ctx aws.Context, input *TagSAMLProviderInput, opts ...request.Option) (*TagSAMLProviderOutput, error) {
14801	req, out := c.TagSAMLProviderRequest(input)
14802	req.SetContext(ctx)
14803	req.ApplyOptions(opts...)
14804	return out, req.Send()
14805}
14806
14807const opTagServerCertificate = "TagServerCertificate"
14808
14809// TagServerCertificateRequest generates a "aws/request.Request" representing the
14810// client's request for the TagServerCertificate operation. The "output" return
14811// value will be populated with the request's response once the request completes
14812// successfully.
14813//
14814// Use "Send" method on the returned Request to send the API call to the service.
14815// the "output" return value is not valid until after Send returns without error.
14816//
14817// See TagServerCertificate for more information on using the TagServerCertificate
14818// API call, and error handling.
14819//
14820// This method is useful when you want to inject custom logic or configuration
14821// into the SDK's request lifecycle. Such as custom headers, or retry logic.
14822//
14823//
14824//    // Example sending a request using the TagServerCertificateRequest method.
14825//    req, resp := client.TagServerCertificateRequest(params)
14826//
14827//    err := req.Send()
14828//    if err == nil { // resp is now filled
14829//        fmt.Println(resp)
14830//    }
14831//
14832// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/TagServerCertificate
14833func (c *IAM) TagServerCertificateRequest(input *TagServerCertificateInput) (req *request.Request, output *TagServerCertificateOutput) {
14834	op := &request.Operation{
14835		Name:       opTagServerCertificate,
14836		HTTPMethod: "POST",
14837		HTTPPath:   "/",
14838	}
14839
14840	if input == nil {
14841		input = &TagServerCertificateInput{}
14842	}
14843
14844	output = &TagServerCertificateOutput{}
14845	req = c.newRequest(op, input, output)
14846	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
14847	return
14848}
14849
14850// TagServerCertificate API operation for AWS Identity and Access Management.
14851//
14852// Adds one or more tags to an IAM server certificate. If a tag with the same
14853// key name already exists, then that tag is overwritten with the new value.
14854//
14855// For certificates in a Region supported by Certificate Manager (ACM), we recommend
14856// that you don't use IAM server certificates. Instead, use ACM to provision,
14857// manage, and deploy your server certificates. For more information about IAM
14858// server certificates, Working with server certificates (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_server-certs.html)
14859// in the IAM User Guide.
14860//
14861// A tag consists of a key name and an associated value. By assigning tags to
14862// your resources, you can do the following:
14863//
14864//    * Administrative grouping and discovery - Attach tags to resources to
14865//    aid in organization and search. For example, you could search for all
14866//    resources with the key name Project and the value MyImportantProject.
14867//    Or search for all resources with the key name Cost Center and the value
14868//    41200.
14869//
14870//    * Access control - Include tags in IAM user-based and resource-based policies.
14871//    You can use tags to restrict access to only a server certificate that
14872//    has a specified tag attached. For examples of policies that show how to
14873//    use tags to control access, see Control access using IAM tags (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_tags.html)
14874//    in the IAM User Guide.
14875//
14876//    * Cost allocation - Use tags to help track which individuals and teams
14877//    are using which Amazon Web Services resources.
14878//
14879//    * If any one of the tags is invalid or if you exceed the allowed maximum
14880//    number of tags, then the entire request fails and the resource is not
14881//    created. For more information about tagging, see Tagging IAM resources
14882//    (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the
14883//    IAM User Guide.
14884//
14885//    * Amazon Web Services always interprets the tag Value as a single string.
14886//    If you need to store an array, you can store comma-separated values in
14887//    the string. However, you must interpret the value in your code.
14888//
14889// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
14890// with awserr.Error's Code and Message methods to get detailed information about
14891// the error.
14892//
14893// See the AWS API reference guide for AWS Identity and Access Management's
14894// API operation TagServerCertificate for usage and error information.
14895//
14896// Returned Error Codes:
14897//   * ErrCodeNoSuchEntityException "NoSuchEntity"
14898//   The request was rejected because it referenced a resource entity that does
14899//   not exist. The error message describes the resource.
14900//
14901//   * ErrCodeInvalidInputException "InvalidInput"
14902//   The request was rejected because an invalid or out-of-range value was supplied
14903//   for an input parameter.
14904//
14905//   * ErrCodeLimitExceededException "LimitExceeded"
14906//   The request was rejected because it attempted to create resources beyond
14907//   the current Amazon Web Services account limits. The error message describes
14908//   the limit exceeded.
14909//
14910//   * ErrCodeConcurrentModificationException "ConcurrentModification"
14911//   The request was rejected because multiple requests to change this object
14912//   were submitted simultaneously. Wait a few minutes and submit your request
14913//   again.
14914//
14915//   * ErrCodeServiceFailureException "ServiceFailure"
14916//   The request processing has failed because of an unknown error, exception
14917//   or failure.
14918//
14919// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/TagServerCertificate
14920func (c *IAM) TagServerCertificate(input *TagServerCertificateInput) (*TagServerCertificateOutput, error) {
14921	req, out := c.TagServerCertificateRequest(input)
14922	return out, req.Send()
14923}
14924
14925// TagServerCertificateWithContext is the same as TagServerCertificate with the addition of
14926// the ability to pass a context and additional request options.
14927//
14928// See TagServerCertificate for details on how to use this API operation.
14929//
14930// The context must be non-nil and will be used for request cancellation. If
14931// the context is nil a panic will occur. In the future the SDK may create
14932// sub-contexts for http.Requests. See https://golang.org/pkg/context/
14933// for more information on using Contexts.
14934func (c *IAM) TagServerCertificateWithContext(ctx aws.Context, input *TagServerCertificateInput, opts ...request.Option) (*TagServerCertificateOutput, error) {
14935	req, out := c.TagServerCertificateRequest(input)
14936	req.SetContext(ctx)
14937	req.ApplyOptions(opts...)
14938	return out, req.Send()
14939}
14940
14941const opTagUser = "TagUser"
14942
14943// TagUserRequest generates a "aws/request.Request" representing the
14944// client's request for the TagUser operation. The "output" return
14945// value will be populated with the request's response once the request completes
14946// successfully.
14947//
14948// Use "Send" method on the returned Request to send the API call to the service.
14949// the "output" return value is not valid until after Send returns without error.
14950//
14951// See TagUser for more information on using the TagUser
14952// API call, and error handling.
14953//
14954// This method is useful when you want to inject custom logic or configuration
14955// into the SDK's request lifecycle. Such as custom headers, or retry logic.
14956//
14957//
14958//    // Example sending a request using the TagUserRequest method.
14959//    req, resp := client.TagUserRequest(params)
14960//
14961//    err := req.Send()
14962//    if err == nil { // resp is now filled
14963//        fmt.Println(resp)
14964//    }
14965//
14966// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/TagUser
14967func (c *IAM) TagUserRequest(input *TagUserInput) (req *request.Request, output *TagUserOutput) {
14968	op := &request.Operation{
14969		Name:       opTagUser,
14970		HTTPMethod: "POST",
14971		HTTPPath:   "/",
14972	}
14973
14974	if input == nil {
14975		input = &TagUserInput{}
14976	}
14977
14978	output = &TagUserOutput{}
14979	req = c.newRequest(op, input, output)
14980	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
14981	return
14982}
14983
14984// TagUser API operation for AWS Identity and Access Management.
14985//
14986// Adds one or more tags to an IAM user. If a tag with the same key name already
14987// exists, then that tag is overwritten with the new value.
14988//
14989// A tag consists of a key name and an associated value. By assigning tags to
14990// your resources, you can do the following:
14991//
14992//    * Administrative grouping and discovery - Attach tags to resources to
14993//    aid in organization and search. For example, you could search for all
14994//    resources with the key name Project and the value MyImportantProject.
14995//    Or search for all resources with the key name Cost Center and the value
14996//    41200.
14997//
14998//    * Access control - Include tags in IAM user-based and resource-based policies.
14999//    You can use tags to restrict access to only an IAM requesting user that
15000//    has a specified tag attached. You can also restrict access to only those
15001//    resources that have a certain tag attached. For examples of policies that
15002//    show how to use tags to control access, see Control access using IAM tags
15003//    (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_tags.html) in
15004//    the IAM User Guide.
15005//
15006//    * Cost allocation - Use tags to help track which individuals and teams
15007//    are using which Amazon Web Services resources.
15008//
15009//    * If any one of the tags is invalid or if you exceed the allowed maximum
15010//    number of tags, then the entire request fails and the resource is not
15011//    created. For more information about tagging, see Tagging IAM resources
15012//    (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the
15013//    IAM User Guide.
15014//
15015//    * Amazon Web Services always interprets the tag Value as a single string.
15016//    If you need to store an array, you can store comma-separated values in
15017//    the string. However, you must interpret the value in your code.
15018//
15019// For more information about tagging, see Tagging IAM identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
15020// in the IAM User Guide.
15021//
15022// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
15023// with awserr.Error's Code and Message methods to get detailed information about
15024// the error.
15025//
15026// See the AWS API reference guide for AWS Identity and Access Management's
15027// API operation TagUser for usage and error information.
15028//
15029// Returned Error Codes:
15030//   * ErrCodeNoSuchEntityException "NoSuchEntity"
15031//   The request was rejected because it referenced a resource entity that does
15032//   not exist. The error message describes the resource.
15033//
15034//   * ErrCodeLimitExceededException "LimitExceeded"
15035//   The request was rejected because it attempted to create resources beyond
15036//   the current Amazon Web Services account limits. The error message describes
15037//   the limit exceeded.
15038//
15039//   * ErrCodeInvalidInputException "InvalidInput"
15040//   The request was rejected because an invalid or out-of-range value was supplied
15041//   for an input parameter.
15042//
15043//   * ErrCodeConcurrentModificationException "ConcurrentModification"
15044//   The request was rejected because multiple requests to change this object
15045//   were submitted simultaneously. Wait a few minutes and submit your request
15046//   again.
15047//
15048//   * ErrCodeServiceFailureException "ServiceFailure"
15049//   The request processing has failed because of an unknown error, exception
15050//   or failure.
15051//
15052// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/TagUser
15053func (c *IAM) TagUser(input *TagUserInput) (*TagUserOutput, error) {
15054	req, out := c.TagUserRequest(input)
15055	return out, req.Send()
15056}
15057
15058// TagUserWithContext is the same as TagUser with the addition of
15059// the ability to pass a context and additional request options.
15060//
15061// See TagUser for details on how to use this API operation.
15062//
15063// The context must be non-nil and will be used for request cancellation. If
15064// the context is nil a panic will occur. In the future the SDK may create
15065// sub-contexts for http.Requests. See https://golang.org/pkg/context/
15066// for more information on using Contexts.
15067func (c *IAM) TagUserWithContext(ctx aws.Context, input *TagUserInput, opts ...request.Option) (*TagUserOutput, error) {
15068	req, out := c.TagUserRequest(input)
15069	req.SetContext(ctx)
15070	req.ApplyOptions(opts...)
15071	return out, req.Send()
15072}
15073
15074const opUntagInstanceProfile = "UntagInstanceProfile"
15075
15076// UntagInstanceProfileRequest generates a "aws/request.Request" representing the
15077// client's request for the UntagInstanceProfile operation. The "output" return
15078// value will be populated with the request's response once the request completes
15079// successfully.
15080//
15081// Use "Send" method on the returned Request to send the API call to the service.
15082// the "output" return value is not valid until after Send returns without error.
15083//
15084// See UntagInstanceProfile for more information on using the UntagInstanceProfile
15085// API call, and error handling.
15086//
15087// This method is useful when you want to inject custom logic or configuration
15088// into the SDK's request lifecycle. Such as custom headers, or retry logic.
15089//
15090//
15091//    // Example sending a request using the UntagInstanceProfileRequest method.
15092//    req, resp := client.UntagInstanceProfileRequest(params)
15093//
15094//    err := req.Send()
15095//    if err == nil { // resp is now filled
15096//        fmt.Println(resp)
15097//    }
15098//
15099// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UntagInstanceProfile
15100func (c *IAM) UntagInstanceProfileRequest(input *UntagInstanceProfileInput) (req *request.Request, output *UntagInstanceProfileOutput) {
15101	op := &request.Operation{
15102		Name:       opUntagInstanceProfile,
15103		HTTPMethod: "POST",
15104		HTTPPath:   "/",
15105	}
15106
15107	if input == nil {
15108		input = &UntagInstanceProfileInput{}
15109	}
15110
15111	output = &UntagInstanceProfileOutput{}
15112	req = c.newRequest(op, input, output)
15113	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
15114	return
15115}
15116
15117// UntagInstanceProfile API operation for AWS Identity and Access Management.
15118//
15119// Removes the specified tags from the IAM instance profile. For more information
15120// about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
15121// in the IAM User Guide.
15122//
15123// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
15124// with awserr.Error's Code and Message methods to get detailed information about
15125// the error.
15126//
15127// See the AWS API reference guide for AWS Identity and Access Management's
15128// API operation UntagInstanceProfile for usage and error information.
15129//
15130// Returned Error Codes:
15131//   * ErrCodeNoSuchEntityException "NoSuchEntity"
15132//   The request was rejected because it referenced a resource entity that does
15133//   not exist. The error message describes the resource.
15134//
15135//   * ErrCodeInvalidInputException "InvalidInput"
15136//   The request was rejected because an invalid or out-of-range value was supplied
15137//   for an input parameter.
15138//
15139//   * ErrCodeConcurrentModificationException "ConcurrentModification"
15140//   The request was rejected because multiple requests to change this object
15141//   were submitted simultaneously. Wait a few minutes and submit your request
15142//   again.
15143//
15144//   * ErrCodeServiceFailureException "ServiceFailure"
15145//   The request processing has failed because of an unknown error, exception
15146//   or failure.
15147//
15148// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UntagInstanceProfile
15149func (c *IAM) UntagInstanceProfile(input *UntagInstanceProfileInput) (*UntagInstanceProfileOutput, error) {
15150	req, out := c.UntagInstanceProfileRequest(input)
15151	return out, req.Send()
15152}
15153
15154// UntagInstanceProfileWithContext is the same as UntagInstanceProfile with the addition of
15155// the ability to pass a context and additional request options.
15156//
15157// See UntagInstanceProfile for details on how to use this API operation.
15158//
15159// The context must be non-nil and will be used for request cancellation. If
15160// the context is nil a panic will occur. In the future the SDK may create
15161// sub-contexts for http.Requests. See https://golang.org/pkg/context/
15162// for more information on using Contexts.
15163func (c *IAM) UntagInstanceProfileWithContext(ctx aws.Context, input *UntagInstanceProfileInput, opts ...request.Option) (*UntagInstanceProfileOutput, error) {
15164	req, out := c.UntagInstanceProfileRequest(input)
15165	req.SetContext(ctx)
15166	req.ApplyOptions(opts...)
15167	return out, req.Send()
15168}
15169
15170const opUntagMFADevice = "UntagMFADevice"
15171
15172// UntagMFADeviceRequest generates a "aws/request.Request" representing the
15173// client's request for the UntagMFADevice operation. The "output" return
15174// value will be populated with the request's response once the request completes
15175// successfully.
15176//
15177// Use "Send" method on the returned Request to send the API call to the service.
15178// the "output" return value is not valid until after Send returns without error.
15179//
15180// See UntagMFADevice for more information on using the UntagMFADevice
15181// API call, and error handling.
15182//
15183// This method is useful when you want to inject custom logic or configuration
15184// into the SDK's request lifecycle. Such as custom headers, or retry logic.
15185//
15186//
15187//    // Example sending a request using the UntagMFADeviceRequest method.
15188//    req, resp := client.UntagMFADeviceRequest(params)
15189//
15190//    err := req.Send()
15191//    if err == nil { // resp is now filled
15192//        fmt.Println(resp)
15193//    }
15194//
15195// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UntagMFADevice
15196func (c *IAM) UntagMFADeviceRequest(input *UntagMFADeviceInput) (req *request.Request, output *UntagMFADeviceOutput) {
15197	op := &request.Operation{
15198		Name:       opUntagMFADevice,
15199		HTTPMethod: "POST",
15200		HTTPPath:   "/",
15201	}
15202
15203	if input == nil {
15204		input = &UntagMFADeviceInput{}
15205	}
15206
15207	output = &UntagMFADeviceOutput{}
15208	req = c.newRequest(op, input, output)
15209	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
15210	return
15211}
15212
15213// UntagMFADevice API operation for AWS Identity and Access Management.
15214//
15215// Removes the specified tags from the IAM virtual multi-factor authentication
15216// (MFA) device. For more information about tagging, see Tagging IAM resources
15217// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the IAM
15218// User Guide.
15219//
15220// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
15221// with awserr.Error's Code and Message methods to get detailed information about
15222// the error.
15223//
15224// See the AWS API reference guide for AWS Identity and Access Management's
15225// API operation UntagMFADevice for usage and error information.
15226//
15227// Returned Error Codes:
15228//   * ErrCodeNoSuchEntityException "NoSuchEntity"
15229//   The request was rejected because it referenced a resource entity that does
15230//   not exist. The error message describes the resource.
15231//
15232//   * ErrCodeInvalidInputException "InvalidInput"
15233//   The request was rejected because an invalid or out-of-range value was supplied
15234//   for an input parameter.
15235//
15236//   * ErrCodeConcurrentModificationException "ConcurrentModification"
15237//   The request was rejected because multiple requests to change this object
15238//   were submitted simultaneously. Wait a few minutes and submit your request
15239//   again.
15240//
15241//   * ErrCodeServiceFailureException "ServiceFailure"
15242//   The request processing has failed because of an unknown error, exception
15243//   or failure.
15244//
15245// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UntagMFADevice
15246func (c *IAM) UntagMFADevice(input *UntagMFADeviceInput) (*UntagMFADeviceOutput, error) {
15247	req, out := c.UntagMFADeviceRequest(input)
15248	return out, req.Send()
15249}
15250
15251// UntagMFADeviceWithContext is the same as UntagMFADevice with the addition of
15252// the ability to pass a context and additional request options.
15253//
15254// See UntagMFADevice for details on how to use this API operation.
15255//
15256// The context must be non-nil and will be used for request cancellation. If
15257// the context is nil a panic will occur. In the future the SDK may create
15258// sub-contexts for http.Requests. See https://golang.org/pkg/context/
15259// for more information on using Contexts.
15260func (c *IAM) UntagMFADeviceWithContext(ctx aws.Context, input *UntagMFADeviceInput, opts ...request.Option) (*UntagMFADeviceOutput, error) {
15261	req, out := c.UntagMFADeviceRequest(input)
15262	req.SetContext(ctx)
15263	req.ApplyOptions(opts...)
15264	return out, req.Send()
15265}
15266
15267const opUntagOpenIDConnectProvider = "UntagOpenIDConnectProvider"
15268
15269// UntagOpenIDConnectProviderRequest generates a "aws/request.Request" representing the
15270// client's request for the UntagOpenIDConnectProvider operation. The "output" return
15271// value will be populated with the request's response once the request completes
15272// successfully.
15273//
15274// Use "Send" method on the returned Request to send the API call to the service.
15275// the "output" return value is not valid until after Send returns without error.
15276//
15277// See UntagOpenIDConnectProvider for more information on using the UntagOpenIDConnectProvider
15278// API call, and error handling.
15279//
15280// This method is useful when you want to inject custom logic or configuration
15281// into the SDK's request lifecycle. Such as custom headers, or retry logic.
15282//
15283//
15284//    // Example sending a request using the UntagOpenIDConnectProviderRequest method.
15285//    req, resp := client.UntagOpenIDConnectProviderRequest(params)
15286//
15287//    err := req.Send()
15288//    if err == nil { // resp is now filled
15289//        fmt.Println(resp)
15290//    }
15291//
15292// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UntagOpenIDConnectProvider
15293func (c *IAM) UntagOpenIDConnectProviderRequest(input *UntagOpenIDConnectProviderInput) (req *request.Request, output *UntagOpenIDConnectProviderOutput) {
15294	op := &request.Operation{
15295		Name:       opUntagOpenIDConnectProvider,
15296		HTTPMethod: "POST",
15297		HTTPPath:   "/",
15298	}
15299
15300	if input == nil {
15301		input = &UntagOpenIDConnectProviderInput{}
15302	}
15303
15304	output = &UntagOpenIDConnectProviderOutput{}
15305	req = c.newRequest(op, input, output)
15306	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
15307	return
15308}
15309
15310// UntagOpenIDConnectProvider API operation for AWS Identity and Access Management.
15311//
15312// Removes the specified tags from the specified OpenID Connect (OIDC)-compatible
15313// identity provider in IAM. For more information about OIDC providers, see
15314// About web identity federation (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_oidc.html).
15315// For more information about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
15316// in the IAM User Guide.
15317//
15318// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
15319// with awserr.Error's Code and Message methods to get detailed information about
15320// the error.
15321//
15322// See the AWS API reference guide for AWS Identity and Access Management's
15323// API operation UntagOpenIDConnectProvider for usage and error information.
15324//
15325// Returned Error Codes:
15326//   * ErrCodeNoSuchEntityException "NoSuchEntity"
15327//   The request was rejected because it referenced a resource entity that does
15328//   not exist. The error message describes the resource.
15329//
15330//   * ErrCodeInvalidInputException "InvalidInput"
15331//   The request was rejected because an invalid or out-of-range value was supplied
15332//   for an input parameter.
15333//
15334//   * ErrCodeConcurrentModificationException "ConcurrentModification"
15335//   The request was rejected because multiple requests to change this object
15336//   were submitted simultaneously. Wait a few minutes and submit your request
15337//   again.
15338//
15339//   * ErrCodeServiceFailureException "ServiceFailure"
15340//   The request processing has failed because of an unknown error, exception
15341//   or failure.
15342//
15343// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UntagOpenIDConnectProvider
15344func (c *IAM) UntagOpenIDConnectProvider(input *UntagOpenIDConnectProviderInput) (*UntagOpenIDConnectProviderOutput, error) {
15345	req, out := c.UntagOpenIDConnectProviderRequest(input)
15346	return out, req.Send()
15347}
15348
15349// UntagOpenIDConnectProviderWithContext is the same as UntagOpenIDConnectProvider with the addition of
15350// the ability to pass a context and additional request options.
15351//
15352// See UntagOpenIDConnectProvider for details on how to use this API operation.
15353//
15354// The context must be non-nil and will be used for request cancellation. If
15355// the context is nil a panic will occur. In the future the SDK may create
15356// sub-contexts for http.Requests. See https://golang.org/pkg/context/
15357// for more information on using Contexts.
15358func (c *IAM) UntagOpenIDConnectProviderWithContext(ctx aws.Context, input *UntagOpenIDConnectProviderInput, opts ...request.Option) (*UntagOpenIDConnectProviderOutput, error) {
15359	req, out := c.UntagOpenIDConnectProviderRequest(input)
15360	req.SetContext(ctx)
15361	req.ApplyOptions(opts...)
15362	return out, req.Send()
15363}
15364
15365const opUntagPolicy = "UntagPolicy"
15366
15367// UntagPolicyRequest generates a "aws/request.Request" representing the
15368// client's request for the UntagPolicy operation. The "output" return
15369// value will be populated with the request's response once the request completes
15370// successfully.
15371//
15372// Use "Send" method on the returned Request to send the API call to the service.
15373// the "output" return value is not valid until after Send returns without error.
15374//
15375// See UntagPolicy for more information on using the UntagPolicy
15376// API call, and error handling.
15377//
15378// This method is useful when you want to inject custom logic or configuration
15379// into the SDK's request lifecycle. Such as custom headers, or retry logic.
15380//
15381//
15382//    // Example sending a request using the UntagPolicyRequest method.
15383//    req, resp := client.UntagPolicyRequest(params)
15384//
15385//    err := req.Send()
15386//    if err == nil { // resp is now filled
15387//        fmt.Println(resp)
15388//    }
15389//
15390// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UntagPolicy
15391func (c *IAM) UntagPolicyRequest(input *UntagPolicyInput) (req *request.Request, output *UntagPolicyOutput) {
15392	op := &request.Operation{
15393		Name:       opUntagPolicy,
15394		HTTPMethod: "POST",
15395		HTTPPath:   "/",
15396	}
15397
15398	if input == nil {
15399		input = &UntagPolicyInput{}
15400	}
15401
15402	output = &UntagPolicyOutput{}
15403	req = c.newRequest(op, input, output)
15404	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
15405	return
15406}
15407
15408// UntagPolicy API operation for AWS Identity and Access Management.
15409//
15410// Removes the specified tags from the customer managed policy. For more information
15411// about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
15412// in the IAM User Guide.
15413//
15414// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
15415// with awserr.Error's Code and Message methods to get detailed information about
15416// the error.
15417//
15418// See the AWS API reference guide for AWS Identity and Access Management's
15419// API operation UntagPolicy for usage and error information.
15420//
15421// Returned Error Codes:
15422//   * ErrCodeNoSuchEntityException "NoSuchEntity"
15423//   The request was rejected because it referenced a resource entity that does
15424//   not exist. The error message describes the resource.
15425//
15426//   * ErrCodeInvalidInputException "InvalidInput"
15427//   The request was rejected because an invalid or out-of-range value was supplied
15428//   for an input parameter.
15429//
15430//   * ErrCodeConcurrentModificationException "ConcurrentModification"
15431//   The request was rejected because multiple requests to change this object
15432//   were submitted simultaneously. Wait a few minutes and submit your request
15433//   again.
15434//
15435//   * ErrCodeServiceFailureException "ServiceFailure"
15436//   The request processing has failed because of an unknown error, exception
15437//   or failure.
15438//
15439// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UntagPolicy
15440func (c *IAM) UntagPolicy(input *UntagPolicyInput) (*UntagPolicyOutput, error) {
15441	req, out := c.UntagPolicyRequest(input)
15442	return out, req.Send()
15443}
15444
15445// UntagPolicyWithContext is the same as UntagPolicy with the addition of
15446// the ability to pass a context and additional request options.
15447//
15448// See UntagPolicy for details on how to use this API operation.
15449//
15450// The context must be non-nil and will be used for request cancellation. If
15451// the context is nil a panic will occur. In the future the SDK may create
15452// sub-contexts for http.Requests. See https://golang.org/pkg/context/
15453// for more information on using Contexts.
15454func (c *IAM) UntagPolicyWithContext(ctx aws.Context, input *UntagPolicyInput, opts ...request.Option) (*UntagPolicyOutput, error) {
15455	req, out := c.UntagPolicyRequest(input)
15456	req.SetContext(ctx)
15457	req.ApplyOptions(opts...)
15458	return out, req.Send()
15459}
15460
15461const opUntagRole = "UntagRole"
15462
15463// UntagRoleRequest generates a "aws/request.Request" representing the
15464// client's request for the UntagRole operation. The "output" return
15465// value will be populated with the request's response once the request completes
15466// successfully.
15467//
15468// Use "Send" method on the returned Request to send the API call to the service.
15469// the "output" return value is not valid until after Send returns without error.
15470//
15471// See UntagRole for more information on using the UntagRole
15472// API call, and error handling.
15473//
15474// This method is useful when you want to inject custom logic or configuration
15475// into the SDK's request lifecycle. Such as custom headers, or retry logic.
15476//
15477//
15478//    // Example sending a request using the UntagRoleRequest method.
15479//    req, resp := client.UntagRoleRequest(params)
15480//
15481//    err := req.Send()
15482//    if err == nil { // resp is now filled
15483//        fmt.Println(resp)
15484//    }
15485//
15486// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UntagRole
15487func (c *IAM) UntagRoleRequest(input *UntagRoleInput) (req *request.Request, output *UntagRoleOutput) {
15488	op := &request.Operation{
15489		Name:       opUntagRole,
15490		HTTPMethod: "POST",
15491		HTTPPath:   "/",
15492	}
15493
15494	if input == nil {
15495		input = &UntagRoleInput{}
15496	}
15497
15498	output = &UntagRoleOutput{}
15499	req = c.newRequest(op, input, output)
15500	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
15501	return
15502}
15503
15504// UntagRole API operation for AWS Identity and Access Management.
15505//
15506// Removes the specified tags from the role. For more information about tagging,
15507// see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
15508// in the IAM User Guide.
15509//
15510// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
15511// with awserr.Error's Code and Message methods to get detailed information about
15512// the error.
15513//
15514// See the AWS API reference guide for AWS Identity and Access Management's
15515// API operation UntagRole for usage and error information.
15516//
15517// Returned Error Codes:
15518//   * ErrCodeNoSuchEntityException "NoSuchEntity"
15519//   The request was rejected because it referenced a resource entity that does
15520//   not exist. The error message describes the resource.
15521//
15522//   * ErrCodeConcurrentModificationException "ConcurrentModification"
15523//   The request was rejected because multiple requests to change this object
15524//   were submitted simultaneously. Wait a few minutes and submit your request
15525//   again.
15526//
15527//   * ErrCodeServiceFailureException "ServiceFailure"
15528//   The request processing has failed because of an unknown error, exception
15529//   or failure.
15530//
15531// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UntagRole
15532func (c *IAM) UntagRole(input *UntagRoleInput) (*UntagRoleOutput, error) {
15533	req, out := c.UntagRoleRequest(input)
15534	return out, req.Send()
15535}
15536
15537// UntagRoleWithContext is the same as UntagRole with the addition of
15538// the ability to pass a context and additional request options.
15539//
15540// See UntagRole for details on how to use this API operation.
15541//
15542// The context must be non-nil and will be used for request cancellation. If
15543// the context is nil a panic will occur. In the future the SDK may create
15544// sub-contexts for http.Requests. See https://golang.org/pkg/context/
15545// for more information on using Contexts.
15546func (c *IAM) UntagRoleWithContext(ctx aws.Context, input *UntagRoleInput, opts ...request.Option) (*UntagRoleOutput, error) {
15547	req, out := c.UntagRoleRequest(input)
15548	req.SetContext(ctx)
15549	req.ApplyOptions(opts...)
15550	return out, req.Send()
15551}
15552
15553const opUntagSAMLProvider = "UntagSAMLProvider"
15554
15555// UntagSAMLProviderRequest generates a "aws/request.Request" representing the
15556// client's request for the UntagSAMLProvider operation. The "output" return
15557// value will be populated with the request's response once the request completes
15558// successfully.
15559//
15560// Use "Send" method on the returned Request to send the API call to the service.
15561// the "output" return value is not valid until after Send returns without error.
15562//
15563// See UntagSAMLProvider for more information on using the UntagSAMLProvider
15564// API call, and error handling.
15565//
15566// This method is useful when you want to inject custom logic or configuration
15567// into the SDK's request lifecycle. Such as custom headers, or retry logic.
15568//
15569//
15570//    // Example sending a request using the UntagSAMLProviderRequest method.
15571//    req, resp := client.UntagSAMLProviderRequest(params)
15572//
15573//    err := req.Send()
15574//    if err == nil { // resp is now filled
15575//        fmt.Println(resp)
15576//    }
15577//
15578// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UntagSAMLProvider
15579func (c *IAM) UntagSAMLProviderRequest(input *UntagSAMLProviderInput) (req *request.Request, output *UntagSAMLProviderOutput) {
15580	op := &request.Operation{
15581		Name:       opUntagSAMLProvider,
15582		HTTPMethod: "POST",
15583		HTTPPath:   "/",
15584	}
15585
15586	if input == nil {
15587		input = &UntagSAMLProviderInput{}
15588	}
15589
15590	output = &UntagSAMLProviderOutput{}
15591	req = c.newRequest(op, input, output)
15592	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
15593	return
15594}
15595
15596// UntagSAMLProvider API operation for AWS Identity and Access Management.
15597//
15598// Removes the specified tags from the specified Security Assertion Markup Language
15599// (SAML) identity provider in IAM. For more information about these providers,
15600// see About web identity federation (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_oidc.html).
15601// For more information about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
15602// in the IAM User Guide.
15603//
15604// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
15605// with awserr.Error's Code and Message methods to get detailed information about
15606// the error.
15607//
15608// See the AWS API reference guide for AWS Identity and Access Management's
15609// API operation UntagSAMLProvider for usage and error information.
15610//
15611// Returned Error Codes:
15612//   * ErrCodeNoSuchEntityException "NoSuchEntity"
15613//   The request was rejected because it referenced a resource entity that does
15614//   not exist. The error message describes the resource.
15615//
15616//   * ErrCodeInvalidInputException "InvalidInput"
15617//   The request was rejected because an invalid or out-of-range value was supplied
15618//   for an input parameter.
15619//
15620//   * ErrCodeConcurrentModificationException "ConcurrentModification"
15621//   The request was rejected because multiple requests to change this object
15622//   were submitted simultaneously. Wait a few minutes and submit your request
15623//   again.
15624//
15625//   * ErrCodeServiceFailureException "ServiceFailure"
15626//   The request processing has failed because of an unknown error, exception
15627//   or failure.
15628//
15629// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UntagSAMLProvider
15630func (c *IAM) UntagSAMLProvider(input *UntagSAMLProviderInput) (*UntagSAMLProviderOutput, error) {
15631	req, out := c.UntagSAMLProviderRequest(input)
15632	return out, req.Send()
15633}
15634
15635// UntagSAMLProviderWithContext is the same as UntagSAMLProvider with the addition of
15636// the ability to pass a context and additional request options.
15637//
15638// See UntagSAMLProvider for details on how to use this API operation.
15639//
15640// The context must be non-nil and will be used for request cancellation. If
15641// the context is nil a panic will occur. In the future the SDK may create
15642// sub-contexts for http.Requests. See https://golang.org/pkg/context/
15643// for more information on using Contexts.
15644func (c *IAM) UntagSAMLProviderWithContext(ctx aws.Context, input *UntagSAMLProviderInput, opts ...request.Option) (*UntagSAMLProviderOutput, error) {
15645	req, out := c.UntagSAMLProviderRequest(input)
15646	req.SetContext(ctx)
15647	req.ApplyOptions(opts...)
15648	return out, req.Send()
15649}
15650
15651const opUntagServerCertificate = "UntagServerCertificate"
15652
15653// UntagServerCertificateRequest generates a "aws/request.Request" representing the
15654// client's request for the UntagServerCertificate operation. The "output" return
15655// value will be populated with the request's response once the request completes
15656// successfully.
15657//
15658// Use "Send" method on the returned Request to send the API call to the service.
15659// the "output" return value is not valid until after Send returns without error.
15660//
15661// See UntagServerCertificate for more information on using the UntagServerCertificate
15662// API call, and error handling.
15663//
15664// This method is useful when you want to inject custom logic or configuration
15665// into the SDK's request lifecycle. Such as custom headers, or retry logic.
15666//
15667//
15668//    // Example sending a request using the UntagServerCertificateRequest method.
15669//    req, resp := client.UntagServerCertificateRequest(params)
15670//
15671//    err := req.Send()
15672//    if err == nil { // resp is now filled
15673//        fmt.Println(resp)
15674//    }
15675//
15676// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UntagServerCertificate
15677func (c *IAM) UntagServerCertificateRequest(input *UntagServerCertificateInput) (req *request.Request, output *UntagServerCertificateOutput) {
15678	op := &request.Operation{
15679		Name:       opUntagServerCertificate,
15680		HTTPMethod: "POST",
15681		HTTPPath:   "/",
15682	}
15683
15684	if input == nil {
15685		input = &UntagServerCertificateInput{}
15686	}
15687
15688	output = &UntagServerCertificateOutput{}
15689	req = c.newRequest(op, input, output)
15690	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
15691	return
15692}
15693
15694// UntagServerCertificate API operation for AWS Identity and Access Management.
15695//
15696// Removes the specified tags from the IAM server certificate. For more information
15697// about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
15698// in the IAM User Guide.
15699//
15700// For certificates in a Region supported by Certificate Manager (ACM), we recommend
15701// that you don't use IAM server certificates. Instead, use ACM to provision,
15702// manage, and deploy your server certificates. For more information about IAM
15703// server certificates, Working with server certificates (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_server-certs.html)
15704// in the IAM User Guide.
15705//
15706// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
15707// with awserr.Error's Code and Message methods to get detailed information about
15708// the error.
15709//
15710// See the AWS API reference guide for AWS Identity and Access Management's
15711// API operation UntagServerCertificate for usage and error information.
15712//
15713// Returned Error Codes:
15714//   * ErrCodeNoSuchEntityException "NoSuchEntity"
15715//   The request was rejected because it referenced a resource entity that does
15716//   not exist. The error message describes the resource.
15717//
15718//   * ErrCodeInvalidInputException "InvalidInput"
15719//   The request was rejected because an invalid or out-of-range value was supplied
15720//   for an input parameter.
15721//
15722//   * ErrCodeConcurrentModificationException "ConcurrentModification"
15723//   The request was rejected because multiple requests to change this object
15724//   were submitted simultaneously. Wait a few minutes and submit your request
15725//   again.
15726//
15727//   * ErrCodeServiceFailureException "ServiceFailure"
15728//   The request processing has failed because of an unknown error, exception
15729//   or failure.
15730//
15731// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UntagServerCertificate
15732func (c *IAM) UntagServerCertificate(input *UntagServerCertificateInput) (*UntagServerCertificateOutput, error) {
15733	req, out := c.UntagServerCertificateRequest(input)
15734	return out, req.Send()
15735}
15736
15737// UntagServerCertificateWithContext is the same as UntagServerCertificate with the addition of
15738// the ability to pass a context and additional request options.
15739//
15740// See UntagServerCertificate for details on how to use this API operation.
15741//
15742// The context must be non-nil and will be used for request cancellation. If
15743// the context is nil a panic will occur. In the future the SDK may create
15744// sub-contexts for http.Requests. See https://golang.org/pkg/context/
15745// for more information on using Contexts.
15746func (c *IAM) UntagServerCertificateWithContext(ctx aws.Context, input *UntagServerCertificateInput, opts ...request.Option) (*UntagServerCertificateOutput, error) {
15747	req, out := c.UntagServerCertificateRequest(input)
15748	req.SetContext(ctx)
15749	req.ApplyOptions(opts...)
15750	return out, req.Send()
15751}
15752
15753const opUntagUser = "UntagUser"
15754
15755// UntagUserRequest generates a "aws/request.Request" representing the
15756// client's request for the UntagUser operation. The "output" return
15757// value will be populated with the request's response once the request completes
15758// successfully.
15759//
15760// Use "Send" method on the returned Request to send the API call to the service.
15761// the "output" return value is not valid until after Send returns without error.
15762//
15763// See UntagUser for more information on using the UntagUser
15764// API call, and error handling.
15765//
15766// This method is useful when you want to inject custom logic or configuration
15767// into the SDK's request lifecycle. Such as custom headers, or retry logic.
15768//
15769//
15770//    // Example sending a request using the UntagUserRequest method.
15771//    req, resp := client.UntagUserRequest(params)
15772//
15773//    err := req.Send()
15774//    if err == nil { // resp is now filled
15775//        fmt.Println(resp)
15776//    }
15777//
15778// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UntagUser
15779func (c *IAM) UntagUserRequest(input *UntagUserInput) (req *request.Request, output *UntagUserOutput) {
15780	op := &request.Operation{
15781		Name:       opUntagUser,
15782		HTTPMethod: "POST",
15783		HTTPPath:   "/",
15784	}
15785
15786	if input == nil {
15787		input = &UntagUserInput{}
15788	}
15789
15790	output = &UntagUserOutput{}
15791	req = c.newRequest(op, input, output)
15792	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
15793	return
15794}
15795
15796// UntagUser API operation for AWS Identity and Access Management.
15797//
15798// Removes the specified tags from the user. For more information about tagging,
15799// see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
15800// in the IAM User Guide.
15801//
15802// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
15803// with awserr.Error's Code and Message methods to get detailed information about
15804// the error.
15805//
15806// See the AWS API reference guide for AWS Identity and Access Management's
15807// API operation UntagUser for usage and error information.
15808//
15809// Returned Error Codes:
15810//   * ErrCodeNoSuchEntityException "NoSuchEntity"
15811//   The request was rejected because it referenced a resource entity that does
15812//   not exist. The error message describes the resource.
15813//
15814//   * ErrCodeConcurrentModificationException "ConcurrentModification"
15815//   The request was rejected because multiple requests to change this object
15816//   were submitted simultaneously. Wait a few minutes and submit your request
15817//   again.
15818//
15819//   * ErrCodeServiceFailureException "ServiceFailure"
15820//   The request processing has failed because of an unknown error, exception
15821//   or failure.
15822//
15823// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UntagUser
15824func (c *IAM) UntagUser(input *UntagUserInput) (*UntagUserOutput, error) {
15825	req, out := c.UntagUserRequest(input)
15826	return out, req.Send()
15827}
15828
15829// UntagUserWithContext is the same as UntagUser with the addition of
15830// the ability to pass a context and additional request options.
15831//
15832// See UntagUser for details on how to use this API operation.
15833//
15834// The context must be non-nil and will be used for request cancellation. If
15835// the context is nil a panic will occur. In the future the SDK may create
15836// sub-contexts for http.Requests. See https://golang.org/pkg/context/
15837// for more information on using Contexts.
15838func (c *IAM) UntagUserWithContext(ctx aws.Context, input *UntagUserInput, opts ...request.Option) (*UntagUserOutput, error) {
15839	req, out := c.UntagUserRequest(input)
15840	req.SetContext(ctx)
15841	req.ApplyOptions(opts...)
15842	return out, req.Send()
15843}
15844
15845const opUpdateAccessKey = "UpdateAccessKey"
15846
15847// UpdateAccessKeyRequest generates a "aws/request.Request" representing the
15848// client's request for the UpdateAccessKey operation. The "output" return
15849// value will be populated with the request's response once the request completes
15850// successfully.
15851//
15852// Use "Send" method on the returned Request to send the API call to the service.
15853// the "output" return value is not valid until after Send returns without error.
15854//
15855// See UpdateAccessKey for more information on using the UpdateAccessKey
15856// API call, and error handling.
15857//
15858// This method is useful when you want to inject custom logic or configuration
15859// into the SDK's request lifecycle. Such as custom headers, or retry logic.
15860//
15861//
15862//    // Example sending a request using the UpdateAccessKeyRequest method.
15863//    req, resp := client.UpdateAccessKeyRequest(params)
15864//
15865//    err := req.Send()
15866//    if err == nil { // resp is now filled
15867//        fmt.Println(resp)
15868//    }
15869//
15870// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateAccessKey
15871func (c *IAM) UpdateAccessKeyRequest(input *UpdateAccessKeyInput) (req *request.Request, output *UpdateAccessKeyOutput) {
15872	op := &request.Operation{
15873		Name:       opUpdateAccessKey,
15874		HTTPMethod: "POST",
15875		HTTPPath:   "/",
15876	}
15877
15878	if input == nil {
15879		input = &UpdateAccessKeyInput{}
15880	}
15881
15882	output = &UpdateAccessKeyOutput{}
15883	req = c.newRequest(op, input, output)
15884	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
15885	return
15886}
15887
15888// UpdateAccessKey API operation for AWS Identity and Access Management.
15889//
15890// Changes the status of the specified access key from Active to Inactive, or
15891// vice versa. This operation can be used to disable a user's key as part of
15892// a key rotation workflow.
15893//
15894// If the UserName is not specified, the user name is determined implicitly
15895// based on the Amazon Web Services access key ID used to sign the request.
15896// This operation works for access keys under the Amazon Web Services account.
15897// Consequently, you can use this operation to manage Amazon Web Services account
15898// root user credentials even if the Amazon Web Services account has no associated
15899// users.
15900//
15901// For information about rotating keys, see Managing keys and certificates (https://docs.aws.amazon.com/IAM/latest/UserGuide/ManagingCredentials.html)
15902// in the IAM User Guide.
15903//
15904// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
15905// with awserr.Error's Code and Message methods to get detailed information about
15906// the error.
15907//
15908// See the AWS API reference guide for AWS Identity and Access Management's
15909// API operation UpdateAccessKey for usage and error information.
15910//
15911// Returned Error Codes:
15912//   * ErrCodeNoSuchEntityException "NoSuchEntity"
15913//   The request was rejected because it referenced a resource entity that does
15914//   not exist. The error message describes the resource.
15915//
15916//   * ErrCodeLimitExceededException "LimitExceeded"
15917//   The request was rejected because it attempted to create resources beyond
15918//   the current Amazon Web Services account limits. The error message describes
15919//   the limit exceeded.
15920//
15921//   * ErrCodeServiceFailureException "ServiceFailure"
15922//   The request processing has failed because of an unknown error, exception
15923//   or failure.
15924//
15925// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateAccessKey
15926func (c *IAM) UpdateAccessKey(input *UpdateAccessKeyInput) (*UpdateAccessKeyOutput, error) {
15927	req, out := c.UpdateAccessKeyRequest(input)
15928	return out, req.Send()
15929}
15930
15931// UpdateAccessKeyWithContext is the same as UpdateAccessKey with the addition of
15932// the ability to pass a context and additional request options.
15933//
15934// See UpdateAccessKey for details on how to use this API operation.
15935//
15936// The context must be non-nil and will be used for request cancellation. If
15937// the context is nil a panic will occur. In the future the SDK may create
15938// sub-contexts for http.Requests. See https://golang.org/pkg/context/
15939// for more information on using Contexts.
15940func (c *IAM) UpdateAccessKeyWithContext(ctx aws.Context, input *UpdateAccessKeyInput, opts ...request.Option) (*UpdateAccessKeyOutput, error) {
15941	req, out := c.UpdateAccessKeyRequest(input)
15942	req.SetContext(ctx)
15943	req.ApplyOptions(opts...)
15944	return out, req.Send()
15945}
15946
15947const opUpdateAccountPasswordPolicy = "UpdateAccountPasswordPolicy"
15948
15949// UpdateAccountPasswordPolicyRequest generates a "aws/request.Request" representing the
15950// client's request for the UpdateAccountPasswordPolicy operation. The "output" return
15951// value will be populated with the request's response once the request completes
15952// successfully.
15953//
15954// Use "Send" method on the returned Request to send the API call to the service.
15955// the "output" return value is not valid until after Send returns without error.
15956//
15957// See UpdateAccountPasswordPolicy for more information on using the UpdateAccountPasswordPolicy
15958// API call, and error handling.
15959//
15960// This method is useful when you want to inject custom logic or configuration
15961// into the SDK's request lifecycle. Such as custom headers, or retry logic.
15962//
15963//
15964//    // Example sending a request using the UpdateAccountPasswordPolicyRequest method.
15965//    req, resp := client.UpdateAccountPasswordPolicyRequest(params)
15966//
15967//    err := req.Send()
15968//    if err == nil { // resp is now filled
15969//        fmt.Println(resp)
15970//    }
15971//
15972// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateAccountPasswordPolicy
15973func (c *IAM) UpdateAccountPasswordPolicyRequest(input *UpdateAccountPasswordPolicyInput) (req *request.Request, output *UpdateAccountPasswordPolicyOutput) {
15974	op := &request.Operation{
15975		Name:       opUpdateAccountPasswordPolicy,
15976		HTTPMethod: "POST",
15977		HTTPPath:   "/",
15978	}
15979
15980	if input == nil {
15981		input = &UpdateAccountPasswordPolicyInput{}
15982	}
15983
15984	output = &UpdateAccountPasswordPolicyOutput{}
15985	req = c.newRequest(op, input, output)
15986	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
15987	return
15988}
15989
15990// UpdateAccountPasswordPolicy API operation for AWS Identity and Access Management.
15991//
15992// Updates the password policy settings for the Amazon Web Services account.
15993//
15994//    * This operation does not support partial updates. No parameters are required,
15995//    but if you do not specify a parameter, that parameter's value reverts
15996//    to its default value. See the Request Parameters section for each parameter's
15997//    default value. Also note that some parameters do not allow the default
15998//    parameter to be explicitly set. Instead, to invoke the default value,
15999//    do not include that parameter when you invoke the operation.
16000//
16001// For more information about using a password policy, see Managing an IAM password
16002// policy (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_ManagingPasswordPolicies.html)
16003// in the IAM User Guide.
16004//
16005// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
16006// with awserr.Error's Code and Message methods to get detailed information about
16007// the error.
16008//
16009// See the AWS API reference guide for AWS Identity and Access Management's
16010// API operation UpdateAccountPasswordPolicy for usage and error information.
16011//
16012// Returned Error Codes:
16013//   * ErrCodeNoSuchEntityException "NoSuchEntity"
16014//   The request was rejected because it referenced a resource entity that does
16015//   not exist. The error message describes the resource.
16016//
16017//   * ErrCodeMalformedPolicyDocumentException "MalformedPolicyDocument"
16018//   The request was rejected because the policy document was malformed. The error
16019//   message describes the specific error.
16020//
16021//   * ErrCodeLimitExceededException "LimitExceeded"
16022//   The request was rejected because it attempted to create resources beyond
16023//   the current Amazon Web Services account limits. The error message describes
16024//   the limit exceeded.
16025//
16026//   * ErrCodeServiceFailureException "ServiceFailure"
16027//   The request processing has failed because of an unknown error, exception
16028//   or failure.
16029//
16030// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateAccountPasswordPolicy
16031func (c *IAM) UpdateAccountPasswordPolicy(input *UpdateAccountPasswordPolicyInput) (*UpdateAccountPasswordPolicyOutput, error) {
16032	req, out := c.UpdateAccountPasswordPolicyRequest(input)
16033	return out, req.Send()
16034}
16035
16036// UpdateAccountPasswordPolicyWithContext is the same as UpdateAccountPasswordPolicy with the addition of
16037// the ability to pass a context and additional request options.
16038//
16039// See UpdateAccountPasswordPolicy for details on how to use this API operation.
16040//
16041// The context must be non-nil and will be used for request cancellation. If
16042// the context is nil a panic will occur. In the future the SDK may create
16043// sub-contexts for http.Requests. See https://golang.org/pkg/context/
16044// for more information on using Contexts.
16045func (c *IAM) UpdateAccountPasswordPolicyWithContext(ctx aws.Context, input *UpdateAccountPasswordPolicyInput, opts ...request.Option) (*UpdateAccountPasswordPolicyOutput, error) {
16046	req, out := c.UpdateAccountPasswordPolicyRequest(input)
16047	req.SetContext(ctx)
16048	req.ApplyOptions(opts...)
16049	return out, req.Send()
16050}
16051
16052const opUpdateAssumeRolePolicy = "UpdateAssumeRolePolicy"
16053
16054// UpdateAssumeRolePolicyRequest generates a "aws/request.Request" representing the
16055// client's request for the UpdateAssumeRolePolicy operation. The "output" return
16056// value will be populated with the request's response once the request completes
16057// successfully.
16058//
16059// Use "Send" method on the returned Request to send the API call to the service.
16060// the "output" return value is not valid until after Send returns without error.
16061//
16062// See UpdateAssumeRolePolicy for more information on using the UpdateAssumeRolePolicy
16063// API call, and error handling.
16064//
16065// This method is useful when you want to inject custom logic or configuration
16066// into the SDK's request lifecycle. Such as custom headers, or retry logic.
16067//
16068//
16069//    // Example sending a request using the UpdateAssumeRolePolicyRequest method.
16070//    req, resp := client.UpdateAssumeRolePolicyRequest(params)
16071//
16072//    err := req.Send()
16073//    if err == nil { // resp is now filled
16074//        fmt.Println(resp)
16075//    }
16076//
16077// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateAssumeRolePolicy
16078func (c *IAM) UpdateAssumeRolePolicyRequest(input *UpdateAssumeRolePolicyInput) (req *request.Request, output *UpdateAssumeRolePolicyOutput) {
16079	op := &request.Operation{
16080		Name:       opUpdateAssumeRolePolicy,
16081		HTTPMethod: "POST",
16082		HTTPPath:   "/",
16083	}
16084
16085	if input == nil {
16086		input = &UpdateAssumeRolePolicyInput{}
16087	}
16088
16089	output = &UpdateAssumeRolePolicyOutput{}
16090	req = c.newRequest(op, input, output)
16091	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
16092	return
16093}
16094
16095// UpdateAssumeRolePolicy API operation for AWS Identity and Access Management.
16096//
16097// Updates the policy that grants an IAM entity permission to assume a role.
16098// This is typically referred to as the "role trust policy". For more information
16099// about roles, see Using roles to delegate permissions and federate identities
16100// (https://docs.aws.amazon.com/IAM/latest/UserGuide/roles-toplevel.html).
16101//
16102// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
16103// with awserr.Error's Code and Message methods to get detailed information about
16104// the error.
16105//
16106// See the AWS API reference guide for AWS Identity and Access Management's
16107// API operation UpdateAssumeRolePolicy for usage and error information.
16108//
16109// Returned Error Codes:
16110//   * ErrCodeNoSuchEntityException "NoSuchEntity"
16111//   The request was rejected because it referenced a resource entity that does
16112//   not exist. The error message describes the resource.
16113//
16114//   * ErrCodeMalformedPolicyDocumentException "MalformedPolicyDocument"
16115//   The request was rejected because the policy document was malformed. The error
16116//   message describes the specific error.
16117//
16118//   * ErrCodeLimitExceededException "LimitExceeded"
16119//   The request was rejected because it attempted to create resources beyond
16120//   the current Amazon Web Services account limits. The error message describes
16121//   the limit exceeded.
16122//
16123//   * ErrCodeUnmodifiableEntityException "UnmodifiableEntity"
16124//   The request was rejected because only the service that depends on the service-linked
16125//   role can modify or delete the role on your behalf. The error message includes
16126//   the name of the service that depends on this service-linked role. You must
16127//   request the change through that service.
16128//
16129//   * ErrCodeServiceFailureException "ServiceFailure"
16130//   The request processing has failed because of an unknown error, exception
16131//   or failure.
16132//
16133// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateAssumeRolePolicy
16134func (c *IAM) UpdateAssumeRolePolicy(input *UpdateAssumeRolePolicyInput) (*UpdateAssumeRolePolicyOutput, error) {
16135	req, out := c.UpdateAssumeRolePolicyRequest(input)
16136	return out, req.Send()
16137}
16138
16139// UpdateAssumeRolePolicyWithContext is the same as UpdateAssumeRolePolicy with the addition of
16140// the ability to pass a context and additional request options.
16141//
16142// See UpdateAssumeRolePolicy for details on how to use this API operation.
16143//
16144// The context must be non-nil and will be used for request cancellation. If
16145// the context is nil a panic will occur. In the future the SDK may create
16146// sub-contexts for http.Requests. See https://golang.org/pkg/context/
16147// for more information on using Contexts.
16148func (c *IAM) UpdateAssumeRolePolicyWithContext(ctx aws.Context, input *UpdateAssumeRolePolicyInput, opts ...request.Option) (*UpdateAssumeRolePolicyOutput, error) {
16149	req, out := c.UpdateAssumeRolePolicyRequest(input)
16150	req.SetContext(ctx)
16151	req.ApplyOptions(opts...)
16152	return out, req.Send()
16153}
16154
16155const opUpdateGroup = "UpdateGroup"
16156
16157// UpdateGroupRequest generates a "aws/request.Request" representing the
16158// client's request for the UpdateGroup operation. The "output" return
16159// value will be populated with the request's response once the request completes
16160// successfully.
16161//
16162// Use "Send" method on the returned Request to send the API call to the service.
16163// the "output" return value is not valid until after Send returns without error.
16164//
16165// See UpdateGroup for more information on using the UpdateGroup
16166// API call, and error handling.
16167//
16168// This method is useful when you want to inject custom logic or configuration
16169// into the SDK's request lifecycle. Such as custom headers, or retry logic.
16170//
16171//
16172//    // Example sending a request using the UpdateGroupRequest method.
16173//    req, resp := client.UpdateGroupRequest(params)
16174//
16175//    err := req.Send()
16176//    if err == nil { // resp is now filled
16177//        fmt.Println(resp)
16178//    }
16179//
16180// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateGroup
16181func (c *IAM) UpdateGroupRequest(input *UpdateGroupInput) (req *request.Request, output *UpdateGroupOutput) {
16182	op := &request.Operation{
16183		Name:       opUpdateGroup,
16184		HTTPMethod: "POST",
16185		HTTPPath:   "/",
16186	}
16187
16188	if input == nil {
16189		input = &UpdateGroupInput{}
16190	}
16191
16192	output = &UpdateGroupOutput{}
16193	req = c.newRequest(op, input, output)
16194	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
16195	return
16196}
16197
16198// UpdateGroup API operation for AWS Identity and Access Management.
16199//
16200// Updates the name and/or the path of the specified IAM group.
16201//
16202// You should understand the implications of changing a group's path or name.
16203// For more information, see Renaming users and groups (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_WorkingWithGroupsAndUsers.html)
16204// in the IAM User Guide.
16205//
16206// The person making the request (the principal), must have permission to change
16207// the role group with the old name and the new name. For example, to change
16208// the group named Managers to MGRs, the principal must have a policy that allows
16209// them to update both groups. If the principal has permission to update the
16210// Managers group, but not the MGRs group, then the update fails. For more information
16211// about permissions, see Access management (https://docs.aws.amazon.com/IAM/latest/UserGuide/access.html).
16212//
16213// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
16214// with awserr.Error's Code and Message methods to get detailed information about
16215// the error.
16216//
16217// See the AWS API reference guide for AWS Identity and Access Management's
16218// API operation UpdateGroup for usage and error information.
16219//
16220// Returned Error Codes:
16221//   * ErrCodeNoSuchEntityException "NoSuchEntity"
16222//   The request was rejected because it referenced a resource entity that does
16223//   not exist. The error message describes the resource.
16224//
16225//   * ErrCodeEntityAlreadyExistsException "EntityAlreadyExists"
16226//   The request was rejected because it attempted to create a resource that already
16227//   exists.
16228//
16229//   * ErrCodeLimitExceededException "LimitExceeded"
16230//   The request was rejected because it attempted to create resources beyond
16231//   the current Amazon Web Services account limits. The error message describes
16232//   the limit exceeded.
16233//
16234//   * ErrCodeServiceFailureException "ServiceFailure"
16235//   The request processing has failed because of an unknown error, exception
16236//   or failure.
16237//
16238// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateGroup
16239func (c *IAM) UpdateGroup(input *UpdateGroupInput) (*UpdateGroupOutput, error) {
16240	req, out := c.UpdateGroupRequest(input)
16241	return out, req.Send()
16242}
16243
16244// UpdateGroupWithContext is the same as UpdateGroup with the addition of
16245// the ability to pass a context and additional request options.
16246//
16247// See UpdateGroup for details on how to use this API operation.
16248//
16249// The context must be non-nil and will be used for request cancellation. If
16250// the context is nil a panic will occur. In the future the SDK may create
16251// sub-contexts for http.Requests. See https://golang.org/pkg/context/
16252// for more information on using Contexts.
16253func (c *IAM) UpdateGroupWithContext(ctx aws.Context, input *UpdateGroupInput, opts ...request.Option) (*UpdateGroupOutput, error) {
16254	req, out := c.UpdateGroupRequest(input)
16255	req.SetContext(ctx)
16256	req.ApplyOptions(opts...)
16257	return out, req.Send()
16258}
16259
16260const opUpdateLoginProfile = "UpdateLoginProfile"
16261
16262// UpdateLoginProfileRequest generates a "aws/request.Request" representing the
16263// client's request for the UpdateLoginProfile operation. The "output" return
16264// value will be populated with the request's response once the request completes
16265// successfully.
16266//
16267// Use "Send" method on the returned Request to send the API call to the service.
16268// the "output" return value is not valid until after Send returns without error.
16269//
16270// See UpdateLoginProfile for more information on using the UpdateLoginProfile
16271// API call, and error handling.
16272//
16273// This method is useful when you want to inject custom logic or configuration
16274// into the SDK's request lifecycle. Such as custom headers, or retry logic.
16275//
16276//
16277//    // Example sending a request using the UpdateLoginProfileRequest method.
16278//    req, resp := client.UpdateLoginProfileRequest(params)
16279//
16280//    err := req.Send()
16281//    if err == nil { // resp is now filled
16282//        fmt.Println(resp)
16283//    }
16284//
16285// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateLoginProfile
16286func (c *IAM) UpdateLoginProfileRequest(input *UpdateLoginProfileInput) (req *request.Request, output *UpdateLoginProfileOutput) {
16287	op := &request.Operation{
16288		Name:       opUpdateLoginProfile,
16289		HTTPMethod: "POST",
16290		HTTPPath:   "/",
16291	}
16292
16293	if input == nil {
16294		input = &UpdateLoginProfileInput{}
16295	}
16296
16297	output = &UpdateLoginProfileOutput{}
16298	req = c.newRequest(op, input, output)
16299	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
16300	return
16301}
16302
16303// UpdateLoginProfile API operation for AWS Identity and Access Management.
16304//
16305// Changes the password for the specified IAM user. You can use the CLI, the
16306// Amazon Web Services API, or the Users page in the IAM console to change the
16307// password for any IAM user. Use ChangePassword to change your own password
16308// in the My Security Credentials page in the Amazon Web Services Management
16309// Console.
16310//
16311// For more information about modifying passwords, see Managing passwords (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_ManagingLogins.html)
16312// in the IAM User Guide.
16313//
16314// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
16315// with awserr.Error's Code and Message methods to get detailed information about
16316// the error.
16317//
16318// See the AWS API reference guide for AWS Identity and Access Management's
16319// API operation UpdateLoginProfile for usage and error information.
16320//
16321// Returned Error Codes:
16322//   * ErrCodeEntityTemporarilyUnmodifiableException "EntityTemporarilyUnmodifiable"
16323//   The request was rejected because it referenced an entity that is temporarily
16324//   unmodifiable, such as a user name that was deleted and then recreated. The
16325//   error indicates that the request is likely to succeed if you try again after
16326//   waiting several minutes. The error message describes the entity.
16327//
16328//   * ErrCodeNoSuchEntityException "NoSuchEntity"
16329//   The request was rejected because it referenced a resource entity that does
16330//   not exist. The error message describes the resource.
16331//
16332//   * ErrCodePasswordPolicyViolationException "PasswordPolicyViolation"
16333//   The request was rejected because the provided password did not meet the requirements
16334//   imposed by the account password policy.
16335//
16336//   * ErrCodeLimitExceededException "LimitExceeded"
16337//   The request was rejected because it attempted to create resources beyond
16338//   the current Amazon Web Services account limits. The error message describes
16339//   the limit exceeded.
16340//
16341//   * ErrCodeServiceFailureException "ServiceFailure"
16342//   The request processing has failed because of an unknown error, exception
16343//   or failure.
16344//
16345// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateLoginProfile
16346func (c *IAM) UpdateLoginProfile(input *UpdateLoginProfileInput) (*UpdateLoginProfileOutput, error) {
16347	req, out := c.UpdateLoginProfileRequest(input)
16348	return out, req.Send()
16349}
16350
16351// UpdateLoginProfileWithContext is the same as UpdateLoginProfile with the addition of
16352// the ability to pass a context and additional request options.
16353//
16354// See UpdateLoginProfile for details on how to use this API operation.
16355//
16356// The context must be non-nil and will be used for request cancellation. If
16357// the context is nil a panic will occur. In the future the SDK may create
16358// sub-contexts for http.Requests. See https://golang.org/pkg/context/
16359// for more information on using Contexts.
16360func (c *IAM) UpdateLoginProfileWithContext(ctx aws.Context, input *UpdateLoginProfileInput, opts ...request.Option) (*UpdateLoginProfileOutput, error) {
16361	req, out := c.UpdateLoginProfileRequest(input)
16362	req.SetContext(ctx)
16363	req.ApplyOptions(opts...)
16364	return out, req.Send()
16365}
16366
16367const opUpdateOpenIDConnectProviderThumbprint = "UpdateOpenIDConnectProviderThumbprint"
16368
16369// UpdateOpenIDConnectProviderThumbprintRequest generates a "aws/request.Request" representing the
16370// client's request for the UpdateOpenIDConnectProviderThumbprint operation. The "output" return
16371// value will be populated with the request's response once the request completes
16372// successfully.
16373//
16374// Use "Send" method on the returned Request to send the API call to the service.
16375// the "output" return value is not valid until after Send returns without error.
16376//
16377// See UpdateOpenIDConnectProviderThumbprint for more information on using the UpdateOpenIDConnectProviderThumbprint
16378// API call, and error handling.
16379//
16380// This method is useful when you want to inject custom logic or configuration
16381// into the SDK's request lifecycle. Such as custom headers, or retry logic.
16382//
16383//
16384//    // Example sending a request using the UpdateOpenIDConnectProviderThumbprintRequest method.
16385//    req, resp := client.UpdateOpenIDConnectProviderThumbprintRequest(params)
16386//
16387//    err := req.Send()
16388//    if err == nil { // resp is now filled
16389//        fmt.Println(resp)
16390//    }
16391//
16392// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateOpenIDConnectProviderThumbprint
16393func (c *IAM) UpdateOpenIDConnectProviderThumbprintRequest(input *UpdateOpenIDConnectProviderThumbprintInput) (req *request.Request, output *UpdateOpenIDConnectProviderThumbprintOutput) {
16394	op := &request.Operation{
16395		Name:       opUpdateOpenIDConnectProviderThumbprint,
16396		HTTPMethod: "POST",
16397		HTTPPath:   "/",
16398	}
16399
16400	if input == nil {
16401		input = &UpdateOpenIDConnectProviderThumbprintInput{}
16402	}
16403
16404	output = &UpdateOpenIDConnectProviderThumbprintOutput{}
16405	req = c.newRequest(op, input, output)
16406	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
16407	return
16408}
16409
16410// UpdateOpenIDConnectProviderThumbprint API operation for AWS Identity and Access Management.
16411//
16412// Replaces the existing list of server certificate thumbprints associated with
16413// an OpenID Connect (OIDC) provider resource object with a new list of thumbprints.
16414//
16415// The list that you pass with this operation completely replaces the existing
16416// list of thumbprints. (The lists are not merged.)
16417//
16418// Typically, you need to update a thumbprint only when the identity provider
16419// certificate changes, which occurs rarely. However, if the provider's certificate
16420// does change, any attempt to assume an IAM role that specifies the OIDC provider
16421// as a principal fails until the certificate thumbprint is updated.
16422//
16423// Amazon Web Services secures communication with some OIDC identity providers
16424// (IdPs) through our library of trusted certificate authorities (CAs) instead
16425// of using a certificate thumbprint to verify your IdP server certificate.
16426// These OIDC IdPs include Google, and those that use an Amazon S3 bucket to
16427// host a JSON Web Key Set (JWKS) endpoint. In these cases, your legacy thumbprint
16428// remains in your configuration, but is no longer used for validation.
16429//
16430// Trust for the OIDC provider is derived from the provider certificate and
16431// is validated by the thumbprint. Therefore, it is best to limit access to
16432// the UpdateOpenIDConnectProviderThumbprint operation to highly privileged
16433// users.
16434//
16435// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
16436// with awserr.Error's Code and Message methods to get detailed information about
16437// the error.
16438//
16439// See the AWS API reference guide for AWS Identity and Access Management's
16440// API operation UpdateOpenIDConnectProviderThumbprint for usage and error information.
16441//
16442// Returned Error Codes:
16443//   * ErrCodeInvalidInputException "InvalidInput"
16444//   The request was rejected because an invalid or out-of-range value was supplied
16445//   for an input parameter.
16446//
16447//   * ErrCodeNoSuchEntityException "NoSuchEntity"
16448//   The request was rejected because it referenced a resource entity that does
16449//   not exist. The error message describes the resource.
16450//
16451//   * ErrCodeServiceFailureException "ServiceFailure"
16452//   The request processing has failed because of an unknown error, exception
16453//   or failure.
16454//
16455// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateOpenIDConnectProviderThumbprint
16456func (c *IAM) UpdateOpenIDConnectProviderThumbprint(input *UpdateOpenIDConnectProviderThumbprintInput) (*UpdateOpenIDConnectProviderThumbprintOutput, error) {
16457	req, out := c.UpdateOpenIDConnectProviderThumbprintRequest(input)
16458	return out, req.Send()
16459}
16460
16461// UpdateOpenIDConnectProviderThumbprintWithContext is the same as UpdateOpenIDConnectProviderThumbprint with the addition of
16462// the ability to pass a context and additional request options.
16463//
16464// See UpdateOpenIDConnectProviderThumbprint for details on how to use this API operation.
16465//
16466// The context must be non-nil and will be used for request cancellation. If
16467// the context is nil a panic will occur. In the future the SDK may create
16468// sub-contexts for http.Requests. See https://golang.org/pkg/context/
16469// for more information on using Contexts.
16470func (c *IAM) UpdateOpenIDConnectProviderThumbprintWithContext(ctx aws.Context, input *UpdateOpenIDConnectProviderThumbprintInput, opts ...request.Option) (*UpdateOpenIDConnectProviderThumbprintOutput, error) {
16471	req, out := c.UpdateOpenIDConnectProviderThumbprintRequest(input)
16472	req.SetContext(ctx)
16473	req.ApplyOptions(opts...)
16474	return out, req.Send()
16475}
16476
16477const opUpdateRole = "UpdateRole"
16478
16479// UpdateRoleRequest generates a "aws/request.Request" representing the
16480// client's request for the UpdateRole operation. The "output" return
16481// value will be populated with the request's response once the request completes
16482// successfully.
16483//
16484// Use "Send" method on the returned Request to send the API call to the service.
16485// the "output" return value is not valid until after Send returns without error.
16486//
16487// See UpdateRole for more information on using the UpdateRole
16488// API call, and error handling.
16489//
16490// This method is useful when you want to inject custom logic or configuration
16491// into the SDK's request lifecycle. Such as custom headers, or retry logic.
16492//
16493//
16494//    // Example sending a request using the UpdateRoleRequest method.
16495//    req, resp := client.UpdateRoleRequest(params)
16496//
16497//    err := req.Send()
16498//    if err == nil { // resp is now filled
16499//        fmt.Println(resp)
16500//    }
16501//
16502// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateRole
16503func (c *IAM) UpdateRoleRequest(input *UpdateRoleInput) (req *request.Request, output *UpdateRoleOutput) {
16504	op := &request.Operation{
16505		Name:       opUpdateRole,
16506		HTTPMethod: "POST",
16507		HTTPPath:   "/",
16508	}
16509
16510	if input == nil {
16511		input = &UpdateRoleInput{}
16512	}
16513
16514	output = &UpdateRoleOutput{}
16515	req = c.newRequest(op, input, output)
16516	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
16517	return
16518}
16519
16520// UpdateRole API operation for AWS Identity and Access Management.
16521//
16522// Updates the description or maximum session duration setting of a role.
16523//
16524// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
16525// with awserr.Error's Code and Message methods to get detailed information about
16526// the error.
16527//
16528// See the AWS API reference guide for AWS Identity and Access Management's
16529// API operation UpdateRole for usage and error information.
16530//
16531// Returned Error Codes:
16532//   * ErrCodeUnmodifiableEntityException "UnmodifiableEntity"
16533//   The request was rejected because only the service that depends on the service-linked
16534//   role can modify or delete the role on your behalf. The error message includes
16535//   the name of the service that depends on this service-linked role. You must
16536//   request the change through that service.
16537//
16538//   * ErrCodeNoSuchEntityException "NoSuchEntity"
16539//   The request was rejected because it referenced a resource entity that does
16540//   not exist. The error message describes the resource.
16541//
16542//   * ErrCodeServiceFailureException "ServiceFailure"
16543//   The request processing has failed because of an unknown error, exception
16544//   or failure.
16545//
16546// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateRole
16547func (c *IAM) UpdateRole(input *UpdateRoleInput) (*UpdateRoleOutput, error) {
16548	req, out := c.UpdateRoleRequest(input)
16549	return out, req.Send()
16550}
16551
16552// UpdateRoleWithContext is the same as UpdateRole with the addition of
16553// the ability to pass a context and additional request options.
16554//
16555// See UpdateRole for details on how to use this API operation.
16556//
16557// The context must be non-nil and will be used for request cancellation. If
16558// the context is nil a panic will occur. In the future the SDK may create
16559// sub-contexts for http.Requests. See https://golang.org/pkg/context/
16560// for more information on using Contexts.
16561func (c *IAM) UpdateRoleWithContext(ctx aws.Context, input *UpdateRoleInput, opts ...request.Option) (*UpdateRoleOutput, error) {
16562	req, out := c.UpdateRoleRequest(input)
16563	req.SetContext(ctx)
16564	req.ApplyOptions(opts...)
16565	return out, req.Send()
16566}
16567
16568const opUpdateRoleDescription = "UpdateRoleDescription"
16569
16570// UpdateRoleDescriptionRequest generates a "aws/request.Request" representing the
16571// client's request for the UpdateRoleDescription operation. The "output" return
16572// value will be populated with the request's response once the request completes
16573// successfully.
16574//
16575// Use "Send" method on the returned Request to send the API call to the service.
16576// the "output" return value is not valid until after Send returns without error.
16577//
16578// See UpdateRoleDescription for more information on using the UpdateRoleDescription
16579// API call, and error handling.
16580//
16581// This method is useful when you want to inject custom logic or configuration
16582// into the SDK's request lifecycle. Such as custom headers, or retry logic.
16583//
16584//
16585//    // Example sending a request using the UpdateRoleDescriptionRequest method.
16586//    req, resp := client.UpdateRoleDescriptionRequest(params)
16587//
16588//    err := req.Send()
16589//    if err == nil { // resp is now filled
16590//        fmt.Println(resp)
16591//    }
16592//
16593// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateRoleDescription
16594func (c *IAM) UpdateRoleDescriptionRequest(input *UpdateRoleDescriptionInput) (req *request.Request, output *UpdateRoleDescriptionOutput) {
16595	op := &request.Operation{
16596		Name:       opUpdateRoleDescription,
16597		HTTPMethod: "POST",
16598		HTTPPath:   "/",
16599	}
16600
16601	if input == nil {
16602		input = &UpdateRoleDescriptionInput{}
16603	}
16604
16605	output = &UpdateRoleDescriptionOutput{}
16606	req = c.newRequest(op, input, output)
16607	return
16608}
16609
16610// UpdateRoleDescription API operation for AWS Identity and Access Management.
16611//
16612// Use UpdateRole instead.
16613//
16614// Modifies only the description of a role. This operation performs the same
16615// function as the Description parameter in the UpdateRole operation.
16616//
16617// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
16618// with awserr.Error's Code and Message methods to get detailed information about
16619// the error.
16620//
16621// See the AWS API reference guide for AWS Identity and Access Management's
16622// API operation UpdateRoleDescription for usage and error information.
16623//
16624// Returned Error Codes:
16625//   * ErrCodeNoSuchEntityException "NoSuchEntity"
16626//   The request was rejected because it referenced a resource entity that does
16627//   not exist. The error message describes the resource.
16628//
16629//   * ErrCodeUnmodifiableEntityException "UnmodifiableEntity"
16630//   The request was rejected because only the service that depends on the service-linked
16631//   role can modify or delete the role on your behalf. The error message includes
16632//   the name of the service that depends on this service-linked role. You must
16633//   request the change through that service.
16634//
16635//   * ErrCodeServiceFailureException "ServiceFailure"
16636//   The request processing has failed because of an unknown error, exception
16637//   or failure.
16638//
16639// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateRoleDescription
16640func (c *IAM) UpdateRoleDescription(input *UpdateRoleDescriptionInput) (*UpdateRoleDescriptionOutput, error) {
16641	req, out := c.UpdateRoleDescriptionRequest(input)
16642	return out, req.Send()
16643}
16644
16645// UpdateRoleDescriptionWithContext is the same as UpdateRoleDescription with the addition of
16646// the ability to pass a context and additional request options.
16647//
16648// See UpdateRoleDescription for details on how to use this API operation.
16649//
16650// The context must be non-nil and will be used for request cancellation. If
16651// the context is nil a panic will occur. In the future the SDK may create
16652// sub-contexts for http.Requests. See https://golang.org/pkg/context/
16653// for more information on using Contexts.
16654func (c *IAM) UpdateRoleDescriptionWithContext(ctx aws.Context, input *UpdateRoleDescriptionInput, opts ...request.Option) (*UpdateRoleDescriptionOutput, error) {
16655	req, out := c.UpdateRoleDescriptionRequest(input)
16656	req.SetContext(ctx)
16657	req.ApplyOptions(opts...)
16658	return out, req.Send()
16659}
16660
16661const opUpdateSAMLProvider = "UpdateSAMLProvider"
16662
16663// UpdateSAMLProviderRequest generates a "aws/request.Request" representing the
16664// client's request for the UpdateSAMLProvider operation. The "output" return
16665// value will be populated with the request's response once the request completes
16666// successfully.
16667//
16668// Use "Send" method on the returned Request to send the API call to the service.
16669// the "output" return value is not valid until after Send returns without error.
16670//
16671// See UpdateSAMLProvider for more information on using the UpdateSAMLProvider
16672// API call, and error handling.
16673//
16674// This method is useful when you want to inject custom logic or configuration
16675// into the SDK's request lifecycle. Such as custom headers, or retry logic.
16676//
16677//
16678//    // Example sending a request using the UpdateSAMLProviderRequest method.
16679//    req, resp := client.UpdateSAMLProviderRequest(params)
16680//
16681//    err := req.Send()
16682//    if err == nil { // resp is now filled
16683//        fmt.Println(resp)
16684//    }
16685//
16686// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateSAMLProvider
16687func (c *IAM) UpdateSAMLProviderRequest(input *UpdateSAMLProviderInput) (req *request.Request, output *UpdateSAMLProviderOutput) {
16688	op := &request.Operation{
16689		Name:       opUpdateSAMLProvider,
16690		HTTPMethod: "POST",
16691		HTTPPath:   "/",
16692	}
16693
16694	if input == nil {
16695		input = &UpdateSAMLProviderInput{}
16696	}
16697
16698	output = &UpdateSAMLProviderOutput{}
16699	req = c.newRequest(op, input, output)
16700	return
16701}
16702
16703// UpdateSAMLProvider API operation for AWS Identity and Access Management.
16704//
16705// Updates the metadata document for an existing SAML provider resource object.
16706//
16707// This operation requires Signature Version 4 (https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html).
16708//
16709// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
16710// with awserr.Error's Code and Message methods to get detailed information about
16711// the error.
16712//
16713// See the AWS API reference guide for AWS Identity and Access Management's
16714// API operation UpdateSAMLProvider for usage and error information.
16715//
16716// Returned Error Codes:
16717//   * ErrCodeNoSuchEntityException "NoSuchEntity"
16718//   The request was rejected because it referenced a resource entity that does
16719//   not exist. The error message describes the resource.
16720//
16721//   * ErrCodeInvalidInputException "InvalidInput"
16722//   The request was rejected because an invalid or out-of-range value was supplied
16723//   for an input parameter.
16724//
16725//   * ErrCodeLimitExceededException "LimitExceeded"
16726//   The request was rejected because it attempted to create resources beyond
16727//   the current Amazon Web Services account limits. The error message describes
16728//   the limit exceeded.
16729//
16730//   * ErrCodeServiceFailureException "ServiceFailure"
16731//   The request processing has failed because of an unknown error, exception
16732//   or failure.
16733//
16734// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateSAMLProvider
16735func (c *IAM) UpdateSAMLProvider(input *UpdateSAMLProviderInput) (*UpdateSAMLProviderOutput, error) {
16736	req, out := c.UpdateSAMLProviderRequest(input)
16737	return out, req.Send()
16738}
16739
16740// UpdateSAMLProviderWithContext is the same as UpdateSAMLProvider with the addition of
16741// the ability to pass a context and additional request options.
16742//
16743// See UpdateSAMLProvider for details on how to use this API operation.
16744//
16745// The context must be non-nil and will be used for request cancellation. If
16746// the context is nil a panic will occur. In the future the SDK may create
16747// sub-contexts for http.Requests. See https://golang.org/pkg/context/
16748// for more information on using Contexts.
16749func (c *IAM) UpdateSAMLProviderWithContext(ctx aws.Context, input *UpdateSAMLProviderInput, opts ...request.Option) (*UpdateSAMLProviderOutput, error) {
16750	req, out := c.UpdateSAMLProviderRequest(input)
16751	req.SetContext(ctx)
16752	req.ApplyOptions(opts...)
16753	return out, req.Send()
16754}
16755
16756const opUpdateSSHPublicKey = "UpdateSSHPublicKey"
16757
16758// UpdateSSHPublicKeyRequest generates a "aws/request.Request" representing the
16759// client's request for the UpdateSSHPublicKey operation. The "output" return
16760// value will be populated with the request's response once the request completes
16761// successfully.
16762//
16763// Use "Send" method on the returned Request to send the API call to the service.
16764// the "output" return value is not valid until after Send returns without error.
16765//
16766// See UpdateSSHPublicKey for more information on using the UpdateSSHPublicKey
16767// API call, and error handling.
16768//
16769// This method is useful when you want to inject custom logic or configuration
16770// into the SDK's request lifecycle. Such as custom headers, or retry logic.
16771//
16772//
16773//    // Example sending a request using the UpdateSSHPublicKeyRequest method.
16774//    req, resp := client.UpdateSSHPublicKeyRequest(params)
16775//
16776//    err := req.Send()
16777//    if err == nil { // resp is now filled
16778//        fmt.Println(resp)
16779//    }
16780//
16781// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateSSHPublicKey
16782func (c *IAM) UpdateSSHPublicKeyRequest(input *UpdateSSHPublicKeyInput) (req *request.Request, output *UpdateSSHPublicKeyOutput) {
16783	op := &request.Operation{
16784		Name:       opUpdateSSHPublicKey,
16785		HTTPMethod: "POST",
16786		HTTPPath:   "/",
16787	}
16788
16789	if input == nil {
16790		input = &UpdateSSHPublicKeyInput{}
16791	}
16792
16793	output = &UpdateSSHPublicKeyOutput{}
16794	req = c.newRequest(op, input, output)
16795	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
16796	return
16797}
16798
16799// UpdateSSHPublicKey API operation for AWS Identity and Access Management.
16800//
16801// Sets the status of an IAM user's SSH public key to active or inactive. SSH
16802// public keys that are inactive cannot be used for authentication. This operation
16803// can be used to disable a user's SSH public key as part of a key rotation
16804// work flow.
16805//
16806// The SSH public key affected by this operation is used only for authenticating
16807// the associated IAM user to an CodeCommit repository. For more information
16808// about using SSH keys to authenticate to an CodeCommit repository, see Set
16809// up CodeCommit for SSH connections (https://docs.aws.amazon.com/codecommit/latest/userguide/setting-up-credentials-ssh.html)
16810// in the CodeCommit User Guide.
16811//
16812// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
16813// with awserr.Error's Code and Message methods to get detailed information about
16814// the error.
16815//
16816// See the AWS API reference guide for AWS Identity and Access Management's
16817// API operation UpdateSSHPublicKey for usage and error information.
16818//
16819// Returned Error Codes:
16820//   * ErrCodeNoSuchEntityException "NoSuchEntity"
16821//   The request was rejected because it referenced a resource entity that does
16822//   not exist. The error message describes the resource.
16823//
16824// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateSSHPublicKey
16825func (c *IAM) UpdateSSHPublicKey(input *UpdateSSHPublicKeyInput) (*UpdateSSHPublicKeyOutput, error) {
16826	req, out := c.UpdateSSHPublicKeyRequest(input)
16827	return out, req.Send()
16828}
16829
16830// UpdateSSHPublicKeyWithContext is the same as UpdateSSHPublicKey with the addition of
16831// the ability to pass a context and additional request options.
16832//
16833// See UpdateSSHPublicKey for details on how to use this API operation.
16834//
16835// The context must be non-nil and will be used for request cancellation. If
16836// the context is nil a panic will occur. In the future the SDK may create
16837// sub-contexts for http.Requests. See https://golang.org/pkg/context/
16838// for more information on using Contexts.
16839func (c *IAM) UpdateSSHPublicKeyWithContext(ctx aws.Context, input *UpdateSSHPublicKeyInput, opts ...request.Option) (*UpdateSSHPublicKeyOutput, error) {
16840	req, out := c.UpdateSSHPublicKeyRequest(input)
16841	req.SetContext(ctx)
16842	req.ApplyOptions(opts...)
16843	return out, req.Send()
16844}
16845
16846const opUpdateServerCertificate = "UpdateServerCertificate"
16847
16848// UpdateServerCertificateRequest generates a "aws/request.Request" representing the
16849// client's request for the UpdateServerCertificate operation. The "output" return
16850// value will be populated with the request's response once the request completes
16851// successfully.
16852//
16853// Use "Send" method on the returned Request to send the API call to the service.
16854// the "output" return value is not valid until after Send returns without error.
16855//
16856// See UpdateServerCertificate for more information on using the UpdateServerCertificate
16857// API call, and error handling.
16858//
16859// This method is useful when you want to inject custom logic or configuration
16860// into the SDK's request lifecycle. Such as custom headers, or retry logic.
16861//
16862//
16863//    // Example sending a request using the UpdateServerCertificateRequest method.
16864//    req, resp := client.UpdateServerCertificateRequest(params)
16865//
16866//    err := req.Send()
16867//    if err == nil { // resp is now filled
16868//        fmt.Println(resp)
16869//    }
16870//
16871// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateServerCertificate
16872func (c *IAM) UpdateServerCertificateRequest(input *UpdateServerCertificateInput) (req *request.Request, output *UpdateServerCertificateOutput) {
16873	op := &request.Operation{
16874		Name:       opUpdateServerCertificate,
16875		HTTPMethod: "POST",
16876		HTTPPath:   "/",
16877	}
16878
16879	if input == nil {
16880		input = &UpdateServerCertificateInput{}
16881	}
16882
16883	output = &UpdateServerCertificateOutput{}
16884	req = c.newRequest(op, input, output)
16885	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
16886	return
16887}
16888
16889// UpdateServerCertificate API operation for AWS Identity and Access Management.
16890//
16891// Updates the name and/or the path of the specified server certificate stored
16892// in IAM.
16893//
16894// For more information about working with server certificates, see Working
16895// with server certificates (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_server-certs.html)
16896// in the IAM User Guide. This topic also includes a list of Amazon Web Services
16897// services that can use the server certificates that you manage with IAM.
16898//
16899// You should understand the implications of changing a server certificate's
16900// path or name. For more information, see Renaming a server certificate (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_server-certs_manage.html#RenamingServerCerts)
16901// in the IAM User Guide.
16902//
16903// The person making the request (the principal), must have permission to change
16904// the server certificate with the old name and the new name. For example, to
16905// change the certificate named ProductionCert to ProdCert, the principal must
16906// have a policy that allows them to update both certificates. If the principal
16907// has permission to update the ProductionCert group, but not the ProdCert certificate,
16908// then the update fails. For more information about permissions, see Access
16909// management (https://docs.aws.amazon.com/IAM/latest/UserGuide/access.html)
16910// in the IAM User Guide.
16911//
16912// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
16913// with awserr.Error's Code and Message methods to get detailed information about
16914// the error.
16915//
16916// See the AWS API reference guide for AWS Identity and Access Management's
16917// API operation UpdateServerCertificate for usage and error information.
16918//
16919// Returned Error Codes:
16920//   * ErrCodeNoSuchEntityException "NoSuchEntity"
16921//   The request was rejected because it referenced a resource entity that does
16922//   not exist. The error message describes the resource.
16923//
16924//   * ErrCodeEntityAlreadyExistsException "EntityAlreadyExists"
16925//   The request was rejected because it attempted to create a resource that already
16926//   exists.
16927//
16928//   * ErrCodeLimitExceededException "LimitExceeded"
16929//   The request was rejected because it attempted to create resources beyond
16930//   the current Amazon Web Services account limits. The error message describes
16931//   the limit exceeded.
16932//
16933//   * ErrCodeServiceFailureException "ServiceFailure"
16934//   The request processing has failed because of an unknown error, exception
16935//   or failure.
16936//
16937// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateServerCertificate
16938func (c *IAM) UpdateServerCertificate(input *UpdateServerCertificateInput) (*UpdateServerCertificateOutput, error) {
16939	req, out := c.UpdateServerCertificateRequest(input)
16940	return out, req.Send()
16941}
16942
16943// UpdateServerCertificateWithContext is the same as UpdateServerCertificate with the addition of
16944// the ability to pass a context and additional request options.
16945//
16946// See UpdateServerCertificate for details on how to use this API operation.
16947//
16948// The context must be non-nil and will be used for request cancellation. If
16949// the context is nil a panic will occur. In the future the SDK may create
16950// sub-contexts for http.Requests. See https://golang.org/pkg/context/
16951// for more information on using Contexts.
16952func (c *IAM) UpdateServerCertificateWithContext(ctx aws.Context, input *UpdateServerCertificateInput, opts ...request.Option) (*UpdateServerCertificateOutput, error) {
16953	req, out := c.UpdateServerCertificateRequest(input)
16954	req.SetContext(ctx)
16955	req.ApplyOptions(opts...)
16956	return out, req.Send()
16957}
16958
16959const opUpdateServiceSpecificCredential = "UpdateServiceSpecificCredential"
16960
16961// UpdateServiceSpecificCredentialRequest generates a "aws/request.Request" representing the
16962// client's request for the UpdateServiceSpecificCredential operation. The "output" return
16963// value will be populated with the request's response once the request completes
16964// successfully.
16965//
16966// Use "Send" method on the returned Request to send the API call to the service.
16967// the "output" return value is not valid until after Send returns without error.
16968//
16969// See UpdateServiceSpecificCredential for more information on using the UpdateServiceSpecificCredential
16970// API call, and error handling.
16971//
16972// This method is useful when you want to inject custom logic or configuration
16973// into the SDK's request lifecycle. Such as custom headers, or retry logic.
16974//
16975//
16976//    // Example sending a request using the UpdateServiceSpecificCredentialRequest method.
16977//    req, resp := client.UpdateServiceSpecificCredentialRequest(params)
16978//
16979//    err := req.Send()
16980//    if err == nil { // resp is now filled
16981//        fmt.Println(resp)
16982//    }
16983//
16984// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateServiceSpecificCredential
16985func (c *IAM) UpdateServiceSpecificCredentialRequest(input *UpdateServiceSpecificCredentialInput) (req *request.Request, output *UpdateServiceSpecificCredentialOutput) {
16986	op := &request.Operation{
16987		Name:       opUpdateServiceSpecificCredential,
16988		HTTPMethod: "POST",
16989		HTTPPath:   "/",
16990	}
16991
16992	if input == nil {
16993		input = &UpdateServiceSpecificCredentialInput{}
16994	}
16995
16996	output = &UpdateServiceSpecificCredentialOutput{}
16997	req = c.newRequest(op, input, output)
16998	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
16999	return
17000}
17001
17002// UpdateServiceSpecificCredential API operation for AWS Identity and Access Management.
17003//
17004// Sets the status of a service-specific credential to Active or Inactive. Service-specific
17005// credentials that are inactive cannot be used for authentication to the service.
17006// This operation can be used to disable a user's service-specific credential
17007// as part of a credential rotation work flow.
17008//
17009// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
17010// with awserr.Error's Code and Message methods to get detailed information about
17011// the error.
17012//
17013// See the AWS API reference guide for AWS Identity and Access Management's
17014// API operation UpdateServiceSpecificCredential for usage and error information.
17015//
17016// Returned Error Codes:
17017//   * ErrCodeNoSuchEntityException "NoSuchEntity"
17018//   The request was rejected because it referenced a resource entity that does
17019//   not exist. The error message describes the resource.
17020//
17021// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateServiceSpecificCredential
17022func (c *IAM) UpdateServiceSpecificCredential(input *UpdateServiceSpecificCredentialInput) (*UpdateServiceSpecificCredentialOutput, error) {
17023	req, out := c.UpdateServiceSpecificCredentialRequest(input)
17024	return out, req.Send()
17025}
17026
17027// UpdateServiceSpecificCredentialWithContext is the same as UpdateServiceSpecificCredential with the addition of
17028// the ability to pass a context and additional request options.
17029//
17030// See UpdateServiceSpecificCredential for details on how to use this API operation.
17031//
17032// The context must be non-nil and will be used for request cancellation. If
17033// the context is nil a panic will occur. In the future the SDK may create
17034// sub-contexts for http.Requests. See https://golang.org/pkg/context/
17035// for more information on using Contexts.
17036func (c *IAM) UpdateServiceSpecificCredentialWithContext(ctx aws.Context, input *UpdateServiceSpecificCredentialInput, opts ...request.Option) (*UpdateServiceSpecificCredentialOutput, error) {
17037	req, out := c.UpdateServiceSpecificCredentialRequest(input)
17038	req.SetContext(ctx)
17039	req.ApplyOptions(opts...)
17040	return out, req.Send()
17041}
17042
17043const opUpdateSigningCertificate = "UpdateSigningCertificate"
17044
17045// UpdateSigningCertificateRequest generates a "aws/request.Request" representing the
17046// client's request for the UpdateSigningCertificate operation. The "output" return
17047// value will be populated with the request's response once the request completes
17048// successfully.
17049//
17050// Use "Send" method on the returned Request to send the API call to the service.
17051// the "output" return value is not valid until after Send returns without error.
17052//
17053// See UpdateSigningCertificate for more information on using the UpdateSigningCertificate
17054// API call, and error handling.
17055//
17056// This method is useful when you want to inject custom logic or configuration
17057// into the SDK's request lifecycle. Such as custom headers, or retry logic.
17058//
17059//
17060//    // Example sending a request using the UpdateSigningCertificateRequest method.
17061//    req, resp := client.UpdateSigningCertificateRequest(params)
17062//
17063//    err := req.Send()
17064//    if err == nil { // resp is now filled
17065//        fmt.Println(resp)
17066//    }
17067//
17068// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateSigningCertificate
17069func (c *IAM) UpdateSigningCertificateRequest(input *UpdateSigningCertificateInput) (req *request.Request, output *UpdateSigningCertificateOutput) {
17070	op := &request.Operation{
17071		Name:       opUpdateSigningCertificate,
17072		HTTPMethod: "POST",
17073		HTTPPath:   "/",
17074	}
17075
17076	if input == nil {
17077		input = &UpdateSigningCertificateInput{}
17078	}
17079
17080	output = &UpdateSigningCertificateOutput{}
17081	req = c.newRequest(op, input, output)
17082	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
17083	return
17084}
17085
17086// UpdateSigningCertificate API operation for AWS Identity and Access Management.
17087//
17088// Changes the status of the specified user signing certificate from active
17089// to disabled, or vice versa. This operation can be used to disable an IAM
17090// user's signing certificate as part of a certificate rotation work flow.
17091//
17092// If the UserName field is not specified, the user name is determined implicitly
17093// based on the Amazon Web Services access key ID used to sign the request.
17094// This operation works for access keys under the Amazon Web Services account.
17095// Consequently, you can use this operation to manage Amazon Web Services account
17096// root user credentials even if the Amazon Web Services account has no associated
17097// users.
17098//
17099// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
17100// with awserr.Error's Code and Message methods to get detailed information about
17101// the error.
17102//
17103// See the AWS API reference guide for AWS Identity and Access Management's
17104// API operation UpdateSigningCertificate for usage and error information.
17105//
17106// Returned Error Codes:
17107//   * ErrCodeNoSuchEntityException "NoSuchEntity"
17108//   The request was rejected because it referenced a resource entity that does
17109//   not exist. The error message describes the resource.
17110//
17111//   * ErrCodeLimitExceededException "LimitExceeded"
17112//   The request was rejected because it attempted to create resources beyond
17113//   the current Amazon Web Services account limits. The error message describes
17114//   the limit exceeded.
17115//
17116//   * ErrCodeServiceFailureException "ServiceFailure"
17117//   The request processing has failed because of an unknown error, exception
17118//   or failure.
17119//
17120// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateSigningCertificate
17121func (c *IAM) UpdateSigningCertificate(input *UpdateSigningCertificateInput) (*UpdateSigningCertificateOutput, error) {
17122	req, out := c.UpdateSigningCertificateRequest(input)
17123	return out, req.Send()
17124}
17125
17126// UpdateSigningCertificateWithContext is the same as UpdateSigningCertificate with the addition of
17127// the ability to pass a context and additional request options.
17128//
17129// See UpdateSigningCertificate for details on how to use this API operation.
17130//
17131// The context must be non-nil and will be used for request cancellation. If
17132// the context is nil a panic will occur. In the future the SDK may create
17133// sub-contexts for http.Requests. See https://golang.org/pkg/context/
17134// for more information on using Contexts.
17135func (c *IAM) UpdateSigningCertificateWithContext(ctx aws.Context, input *UpdateSigningCertificateInput, opts ...request.Option) (*UpdateSigningCertificateOutput, error) {
17136	req, out := c.UpdateSigningCertificateRequest(input)
17137	req.SetContext(ctx)
17138	req.ApplyOptions(opts...)
17139	return out, req.Send()
17140}
17141
17142const opUpdateUser = "UpdateUser"
17143
17144// UpdateUserRequest generates a "aws/request.Request" representing the
17145// client's request for the UpdateUser operation. The "output" return
17146// value will be populated with the request's response once the request completes
17147// successfully.
17148//
17149// Use "Send" method on the returned Request to send the API call to the service.
17150// the "output" return value is not valid until after Send returns without error.
17151//
17152// See UpdateUser for more information on using the UpdateUser
17153// API call, and error handling.
17154//
17155// This method is useful when you want to inject custom logic or configuration
17156// into the SDK's request lifecycle. Such as custom headers, or retry logic.
17157//
17158//
17159//    // Example sending a request using the UpdateUserRequest method.
17160//    req, resp := client.UpdateUserRequest(params)
17161//
17162//    err := req.Send()
17163//    if err == nil { // resp is now filled
17164//        fmt.Println(resp)
17165//    }
17166//
17167// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateUser
17168func (c *IAM) UpdateUserRequest(input *UpdateUserInput) (req *request.Request, output *UpdateUserOutput) {
17169	op := &request.Operation{
17170		Name:       opUpdateUser,
17171		HTTPMethod: "POST",
17172		HTTPPath:   "/",
17173	}
17174
17175	if input == nil {
17176		input = &UpdateUserInput{}
17177	}
17178
17179	output = &UpdateUserOutput{}
17180	req = c.newRequest(op, input, output)
17181	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
17182	return
17183}
17184
17185// UpdateUser API operation for AWS Identity and Access Management.
17186//
17187// Updates the name and/or the path of the specified IAM user.
17188//
17189// You should understand the implications of changing an IAM user's path or
17190// name. For more information, see Renaming an IAM user (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_users_manage.html#id_users_renaming)
17191// and Renaming an IAM group (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_groups_manage_rename.html)
17192// in the IAM User Guide.
17193//
17194// To change a user name, the requester must have appropriate permissions on
17195// both the source object and the target object. For example, to change Bob
17196// to Robert, the entity making the request must have permission on Bob and
17197// Robert, or must have permission on all (*). For more information about permissions,
17198// see Permissions and policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/PermissionsAndPolicies.html).
17199//
17200// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
17201// with awserr.Error's Code and Message methods to get detailed information about
17202// the error.
17203//
17204// See the AWS API reference guide for AWS Identity and Access Management's
17205// API operation UpdateUser for usage and error information.
17206//
17207// Returned Error Codes:
17208//   * ErrCodeNoSuchEntityException "NoSuchEntity"
17209//   The request was rejected because it referenced a resource entity that does
17210//   not exist. The error message describes the resource.
17211//
17212//   * ErrCodeLimitExceededException "LimitExceeded"
17213//   The request was rejected because it attempted to create resources beyond
17214//   the current Amazon Web Services account limits. The error message describes
17215//   the limit exceeded.
17216//
17217//   * ErrCodeEntityAlreadyExistsException "EntityAlreadyExists"
17218//   The request was rejected because it attempted to create a resource that already
17219//   exists.
17220//
17221//   * ErrCodeEntityTemporarilyUnmodifiableException "EntityTemporarilyUnmodifiable"
17222//   The request was rejected because it referenced an entity that is temporarily
17223//   unmodifiable, such as a user name that was deleted and then recreated. The
17224//   error indicates that the request is likely to succeed if you try again after
17225//   waiting several minutes. The error message describes the entity.
17226//
17227//   * ErrCodeConcurrentModificationException "ConcurrentModification"
17228//   The request was rejected because multiple requests to change this object
17229//   were submitted simultaneously. Wait a few minutes and submit your request
17230//   again.
17231//
17232//   * ErrCodeServiceFailureException "ServiceFailure"
17233//   The request processing has failed because of an unknown error, exception
17234//   or failure.
17235//
17236// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateUser
17237func (c *IAM) UpdateUser(input *UpdateUserInput) (*UpdateUserOutput, error) {
17238	req, out := c.UpdateUserRequest(input)
17239	return out, req.Send()
17240}
17241
17242// UpdateUserWithContext is the same as UpdateUser with the addition of
17243// the ability to pass a context and additional request options.
17244//
17245// See UpdateUser for details on how to use this API operation.
17246//
17247// The context must be non-nil and will be used for request cancellation. If
17248// the context is nil a panic will occur. In the future the SDK may create
17249// sub-contexts for http.Requests. See https://golang.org/pkg/context/
17250// for more information on using Contexts.
17251func (c *IAM) UpdateUserWithContext(ctx aws.Context, input *UpdateUserInput, opts ...request.Option) (*UpdateUserOutput, error) {
17252	req, out := c.UpdateUserRequest(input)
17253	req.SetContext(ctx)
17254	req.ApplyOptions(opts...)
17255	return out, req.Send()
17256}
17257
17258const opUploadSSHPublicKey = "UploadSSHPublicKey"
17259
17260// UploadSSHPublicKeyRequest generates a "aws/request.Request" representing the
17261// client's request for the UploadSSHPublicKey operation. The "output" return
17262// value will be populated with the request's response once the request completes
17263// successfully.
17264//
17265// Use "Send" method on the returned Request to send the API call to the service.
17266// the "output" return value is not valid until after Send returns without error.
17267//
17268// See UploadSSHPublicKey for more information on using the UploadSSHPublicKey
17269// API call, and error handling.
17270//
17271// This method is useful when you want to inject custom logic or configuration
17272// into the SDK's request lifecycle. Such as custom headers, or retry logic.
17273//
17274//
17275//    // Example sending a request using the UploadSSHPublicKeyRequest method.
17276//    req, resp := client.UploadSSHPublicKeyRequest(params)
17277//
17278//    err := req.Send()
17279//    if err == nil { // resp is now filled
17280//        fmt.Println(resp)
17281//    }
17282//
17283// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UploadSSHPublicKey
17284func (c *IAM) UploadSSHPublicKeyRequest(input *UploadSSHPublicKeyInput) (req *request.Request, output *UploadSSHPublicKeyOutput) {
17285	op := &request.Operation{
17286		Name:       opUploadSSHPublicKey,
17287		HTTPMethod: "POST",
17288		HTTPPath:   "/",
17289	}
17290
17291	if input == nil {
17292		input = &UploadSSHPublicKeyInput{}
17293	}
17294
17295	output = &UploadSSHPublicKeyOutput{}
17296	req = c.newRequest(op, input, output)
17297	return
17298}
17299
17300// UploadSSHPublicKey API operation for AWS Identity and Access Management.
17301//
17302// Uploads an SSH public key and associates it with the specified IAM user.
17303//
17304// The SSH public key uploaded by this operation can be used only for authenticating
17305// the associated IAM user to an CodeCommit repository. For more information
17306// about using SSH keys to authenticate to an CodeCommit repository, see Set
17307// up CodeCommit for SSH connections (https://docs.aws.amazon.com/codecommit/latest/userguide/setting-up-credentials-ssh.html)
17308// in the CodeCommit User Guide.
17309//
17310// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
17311// with awserr.Error's Code and Message methods to get detailed information about
17312// the error.
17313//
17314// See the AWS API reference guide for AWS Identity and Access Management's
17315// API operation UploadSSHPublicKey for usage and error information.
17316//
17317// Returned Error Codes:
17318//   * ErrCodeLimitExceededException "LimitExceeded"
17319//   The request was rejected because it attempted to create resources beyond
17320//   the current Amazon Web Services account limits. The error message describes
17321//   the limit exceeded.
17322//
17323//   * ErrCodeNoSuchEntityException "NoSuchEntity"
17324//   The request was rejected because it referenced a resource entity that does
17325//   not exist. The error message describes the resource.
17326//
17327//   * ErrCodeInvalidPublicKeyException "InvalidPublicKey"
17328//   The request was rejected because the public key is malformed or otherwise
17329//   invalid.
17330//
17331//   * ErrCodeDuplicateSSHPublicKeyException "DuplicateSSHPublicKey"
17332//   The request was rejected because the SSH public key is already associated
17333//   with the specified IAM user.
17334//
17335//   * ErrCodeUnrecognizedPublicKeyEncodingException "UnrecognizedPublicKeyEncoding"
17336//   The request was rejected because the public key encoding format is unsupported
17337//   or unrecognized.
17338//
17339// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UploadSSHPublicKey
17340func (c *IAM) UploadSSHPublicKey(input *UploadSSHPublicKeyInput) (*UploadSSHPublicKeyOutput, error) {
17341	req, out := c.UploadSSHPublicKeyRequest(input)
17342	return out, req.Send()
17343}
17344
17345// UploadSSHPublicKeyWithContext is the same as UploadSSHPublicKey with the addition of
17346// the ability to pass a context and additional request options.
17347//
17348// See UploadSSHPublicKey for details on how to use this API operation.
17349//
17350// The context must be non-nil and will be used for request cancellation. If
17351// the context is nil a panic will occur. In the future the SDK may create
17352// sub-contexts for http.Requests. See https://golang.org/pkg/context/
17353// for more information on using Contexts.
17354func (c *IAM) UploadSSHPublicKeyWithContext(ctx aws.Context, input *UploadSSHPublicKeyInput, opts ...request.Option) (*UploadSSHPublicKeyOutput, error) {
17355	req, out := c.UploadSSHPublicKeyRequest(input)
17356	req.SetContext(ctx)
17357	req.ApplyOptions(opts...)
17358	return out, req.Send()
17359}
17360
17361const opUploadServerCertificate = "UploadServerCertificate"
17362
17363// UploadServerCertificateRequest generates a "aws/request.Request" representing the
17364// client's request for the UploadServerCertificate operation. The "output" return
17365// value will be populated with the request's response once the request completes
17366// successfully.
17367//
17368// Use "Send" method on the returned Request to send the API call to the service.
17369// the "output" return value is not valid until after Send returns without error.
17370//
17371// See UploadServerCertificate for more information on using the UploadServerCertificate
17372// API call, and error handling.
17373//
17374// This method is useful when you want to inject custom logic or configuration
17375// into the SDK's request lifecycle. Such as custom headers, or retry logic.
17376//
17377//
17378//    // Example sending a request using the UploadServerCertificateRequest method.
17379//    req, resp := client.UploadServerCertificateRequest(params)
17380//
17381//    err := req.Send()
17382//    if err == nil { // resp is now filled
17383//        fmt.Println(resp)
17384//    }
17385//
17386// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UploadServerCertificate
17387func (c *IAM) UploadServerCertificateRequest(input *UploadServerCertificateInput) (req *request.Request, output *UploadServerCertificateOutput) {
17388	op := &request.Operation{
17389		Name:       opUploadServerCertificate,
17390		HTTPMethod: "POST",
17391		HTTPPath:   "/",
17392	}
17393
17394	if input == nil {
17395		input = &UploadServerCertificateInput{}
17396	}
17397
17398	output = &UploadServerCertificateOutput{}
17399	req = c.newRequest(op, input, output)
17400	return
17401}
17402
17403// UploadServerCertificate API operation for AWS Identity and Access Management.
17404//
17405// Uploads a server certificate entity for the Amazon Web Services account.
17406// The server certificate entity includes a public key certificate, a private
17407// key, and an optional certificate chain, which should all be PEM-encoded.
17408//
17409// We recommend that you use Certificate Manager (https://docs.aws.amazon.com/acm/)
17410// to provision, manage, and deploy your server certificates. With ACM you can
17411// request a certificate, deploy it to Amazon Web Services resources, and let
17412// ACM handle certificate renewals for you. Certificates provided by ACM are
17413// free. For more information about using ACM, see the Certificate Manager User
17414// Guide (https://docs.aws.amazon.com/acm/latest/userguide/).
17415//
17416// For more information about working with server certificates, see Working
17417// with server certificates (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_server-certs.html)
17418// in the IAM User Guide. This topic includes a list of Amazon Web Services
17419// services that can use the server certificates that you manage with IAM.
17420//
17421// For information about the number of server certificates you can upload, see
17422// IAM and STS quotas (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html)
17423// in the IAM User Guide.
17424//
17425// Because the body of the public key certificate, private key, and the certificate
17426// chain can be large, you should use POST rather than GET when calling UploadServerCertificate.
17427// For information about setting up signatures and authorization through the
17428// API, see Signing Amazon Web Services API requests (https://docs.aws.amazon.com/general/latest/gr/signing_aws_api_requests.html)
17429// in the Amazon Web Services General Reference. For general information about
17430// using the Query API with IAM, see Calling the API by making HTTP query requests
17431// (https://docs.aws.amazon.com/IAM/latest/UserGuide/programming.html) in the
17432// IAM User Guide.
17433//
17434// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
17435// with awserr.Error's Code and Message methods to get detailed information about
17436// the error.
17437//
17438// See the AWS API reference guide for AWS Identity and Access Management's
17439// API operation UploadServerCertificate for usage and error information.
17440//
17441// Returned Error Codes:
17442//   * ErrCodeLimitExceededException "LimitExceeded"
17443//   The request was rejected because it attempted to create resources beyond
17444//   the current Amazon Web Services account limits. The error message describes
17445//   the limit exceeded.
17446//
17447//   * ErrCodeInvalidInputException "InvalidInput"
17448//   The request was rejected because an invalid or out-of-range value was supplied
17449//   for an input parameter.
17450//
17451//   * ErrCodeEntityAlreadyExistsException "EntityAlreadyExists"
17452//   The request was rejected because it attempted to create a resource that already
17453//   exists.
17454//
17455//   * ErrCodeMalformedCertificateException "MalformedCertificate"
17456//   The request was rejected because the certificate was malformed or expired.
17457//   The error message describes the specific error.
17458//
17459//   * ErrCodeKeyPairMismatchException "KeyPairMismatch"
17460//   The request was rejected because the public key certificate and the private
17461//   key do not match.
17462//
17463//   * ErrCodeConcurrentModificationException "ConcurrentModification"
17464//   The request was rejected because multiple requests to change this object
17465//   were submitted simultaneously. Wait a few minutes and submit your request
17466//   again.
17467//
17468//   * ErrCodeServiceFailureException "ServiceFailure"
17469//   The request processing has failed because of an unknown error, exception
17470//   or failure.
17471//
17472// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UploadServerCertificate
17473func (c *IAM) UploadServerCertificate(input *UploadServerCertificateInput) (*UploadServerCertificateOutput, error) {
17474	req, out := c.UploadServerCertificateRequest(input)
17475	return out, req.Send()
17476}
17477
17478// UploadServerCertificateWithContext is the same as UploadServerCertificate with the addition of
17479// the ability to pass a context and additional request options.
17480//
17481// See UploadServerCertificate for details on how to use this API operation.
17482//
17483// The context must be non-nil and will be used for request cancellation. If
17484// the context is nil a panic will occur. In the future the SDK may create
17485// sub-contexts for http.Requests. See https://golang.org/pkg/context/
17486// for more information on using Contexts.
17487func (c *IAM) UploadServerCertificateWithContext(ctx aws.Context, input *UploadServerCertificateInput, opts ...request.Option) (*UploadServerCertificateOutput, error) {
17488	req, out := c.UploadServerCertificateRequest(input)
17489	req.SetContext(ctx)
17490	req.ApplyOptions(opts...)
17491	return out, req.Send()
17492}
17493
17494const opUploadSigningCertificate = "UploadSigningCertificate"
17495
17496// UploadSigningCertificateRequest generates a "aws/request.Request" representing the
17497// client's request for the UploadSigningCertificate operation. The "output" return
17498// value will be populated with the request's response once the request completes
17499// successfully.
17500//
17501// Use "Send" method on the returned Request to send the API call to the service.
17502// the "output" return value is not valid until after Send returns without error.
17503//
17504// See UploadSigningCertificate for more information on using the UploadSigningCertificate
17505// API call, and error handling.
17506//
17507// This method is useful when you want to inject custom logic or configuration
17508// into the SDK's request lifecycle. Such as custom headers, or retry logic.
17509//
17510//
17511//    // Example sending a request using the UploadSigningCertificateRequest method.
17512//    req, resp := client.UploadSigningCertificateRequest(params)
17513//
17514//    err := req.Send()
17515//    if err == nil { // resp is now filled
17516//        fmt.Println(resp)
17517//    }
17518//
17519// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UploadSigningCertificate
17520func (c *IAM) UploadSigningCertificateRequest(input *UploadSigningCertificateInput) (req *request.Request, output *UploadSigningCertificateOutput) {
17521	op := &request.Operation{
17522		Name:       opUploadSigningCertificate,
17523		HTTPMethod: "POST",
17524		HTTPPath:   "/",
17525	}
17526
17527	if input == nil {
17528		input = &UploadSigningCertificateInput{}
17529	}
17530
17531	output = &UploadSigningCertificateOutput{}
17532	req = c.newRequest(op, input, output)
17533	return
17534}
17535
17536// UploadSigningCertificate API operation for AWS Identity and Access Management.
17537//
17538// Uploads an X.509 signing certificate and associates it with the specified
17539// IAM user. Some Amazon Web Services services require you to use certificates
17540// to validate requests that are signed with a corresponding private key. When
17541// you upload the certificate, its default status is Active.
17542//
17543// For information about when you would use an X.509 signing certificate, see
17544// Managing server certificates in IAM (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_server-certs.html)
17545// in the IAM User Guide.
17546//
17547// If the UserName is not specified, the IAM user name is determined implicitly
17548// based on the Amazon Web Services access key ID used to sign the request.
17549// This operation works for access keys under the Amazon Web Services account.
17550// Consequently, you can use this operation to manage Amazon Web Services account
17551// root user credentials even if the Amazon Web Services account has no associated
17552// users.
17553//
17554// Because the body of an X.509 certificate can be large, you should use POST
17555// rather than GET when calling UploadSigningCertificate. For information about
17556// setting up signatures and authorization through the API, see Signing Amazon
17557// Web Services API requests (https://docs.aws.amazon.com/general/latest/gr/signing_aws_api_requests.html)
17558// in the Amazon Web Services General Reference. For general information about
17559// using the Query API with IAM, see Making query requests (https://docs.aws.amazon.com/IAM/latest/UserGuide/IAM_UsingQueryAPI.html)
17560// in the IAM User Guide.
17561//
17562// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
17563// with awserr.Error's Code and Message methods to get detailed information about
17564// the error.
17565//
17566// See the AWS API reference guide for AWS Identity and Access Management's
17567// API operation UploadSigningCertificate for usage and error information.
17568//
17569// Returned Error Codes:
17570//   * ErrCodeLimitExceededException "LimitExceeded"
17571//   The request was rejected because it attempted to create resources beyond
17572//   the current Amazon Web Services account limits. The error message describes
17573//   the limit exceeded.
17574//
17575//   * ErrCodeEntityAlreadyExistsException "EntityAlreadyExists"
17576//   The request was rejected because it attempted to create a resource that already
17577//   exists.
17578//
17579//   * ErrCodeMalformedCertificateException "MalformedCertificate"
17580//   The request was rejected because the certificate was malformed or expired.
17581//   The error message describes the specific error.
17582//
17583//   * ErrCodeInvalidCertificateException "InvalidCertificate"
17584//   The request was rejected because the certificate is invalid.
17585//
17586//   * ErrCodeDuplicateCertificateException "DuplicateCertificate"
17587//   The request was rejected because the same certificate is associated with
17588//   an IAM user in the account.
17589//
17590//   * ErrCodeNoSuchEntityException "NoSuchEntity"
17591//   The request was rejected because it referenced a resource entity that does
17592//   not exist. The error message describes the resource.
17593//
17594//   * ErrCodeServiceFailureException "ServiceFailure"
17595//   The request processing has failed because of an unknown error, exception
17596//   or failure.
17597//
17598// See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UploadSigningCertificate
17599func (c *IAM) UploadSigningCertificate(input *UploadSigningCertificateInput) (*UploadSigningCertificateOutput, error) {
17600	req, out := c.UploadSigningCertificateRequest(input)
17601	return out, req.Send()
17602}
17603
17604// UploadSigningCertificateWithContext is the same as UploadSigningCertificate with the addition of
17605// the ability to pass a context and additional request options.
17606//
17607// See UploadSigningCertificate for details on how to use this API operation.
17608//
17609// The context must be non-nil and will be used for request cancellation. If
17610// the context is nil a panic will occur. In the future the SDK may create
17611// sub-contexts for http.Requests. See https://golang.org/pkg/context/
17612// for more information on using Contexts.
17613func (c *IAM) UploadSigningCertificateWithContext(ctx aws.Context, input *UploadSigningCertificateInput, opts ...request.Option) (*UploadSigningCertificateOutput, error) {
17614	req, out := c.UploadSigningCertificateRequest(input)
17615	req.SetContext(ctx)
17616	req.ApplyOptions(opts...)
17617	return out, req.Send()
17618}
17619
17620// An object that contains details about when a principal in the reported Organizations
17621// entity last attempted to access an Amazon Web Services service. A principal
17622// can be an IAM user, an IAM role, or the Amazon Web Services account root
17623// user within the reported Organizations entity.
17624//
17625// This data type is a response element in the GetOrganizationsAccessReport
17626// operation.
17627type AccessDetail struct {
17628	_ struct{} `type:"structure"`
17629
17630	// The path of the Organizations entity (root, organizational unit, or account)
17631	// from which an authenticated principal last attempted to access the service.
17632	// Amazon Web Services does not report unauthenticated requests.
17633	//
17634	// This field is null if no principals (IAM users, IAM roles, or root users)
17635	// in the reported Organizations entity attempted to access the service within
17636	// the reporting period (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#service-last-accessed-reporting-period).
17637	EntityPath *string `min:"19" type:"string"`
17638
17639	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
17640	// when an authenticated principal most recently attempted to access the service.
17641	// Amazon Web Services does not report unauthenticated requests.
17642	//
17643	// This field is null if no principals in the reported Organizations entity
17644	// attempted to access the service within the reporting period (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#service-last-accessed-reporting-period).
17645	LastAuthenticatedTime *time.Time `type:"timestamp"`
17646
17647	// The Region where the last service access attempt occurred.
17648	//
17649	// This field is null if no principals in the reported Organizations entity
17650	// attempted to access the service within the reporting period (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#service-last-accessed-reporting-period).
17651	Region *string `type:"string"`
17652
17653	// The name of the service in which access was attempted.
17654	//
17655	// ServiceName is a required field
17656	ServiceName *string `type:"string" required:"true"`
17657
17658	// The namespace of the service in which access was attempted.
17659	//
17660	// To learn the service namespace of a service, see Actions, resources, and
17661	// condition keys for Amazon Web Services services (https://docs.aws.amazon.com/service-authorization/latest/reference/reference_policies_actions-resources-contextkeys.html)
17662	// in the Service Authorization Reference. Choose the name of the service to
17663	// view details for that service. In the first paragraph, find the service prefix.
17664	// For example, (service prefix: a4b). For more information about service namespaces,
17665	// see Amazon Web Services service namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html#genref-aws-service-namespaces)
17666	// in the Amazon Web Services General Reference.
17667	//
17668	// ServiceNamespace is a required field
17669	ServiceNamespace *string `min:"1" type:"string" required:"true"`
17670
17671	// The number of accounts with authenticated principals (root users, IAM users,
17672	// and IAM roles) that attempted to access the service in the reporting period.
17673	TotalAuthenticatedEntities *int64 `type:"integer"`
17674}
17675
17676// String returns the string representation.
17677//
17678// API parameter values that are decorated as "sensitive" in the API will not
17679// be included in the string output. The member name will be present, but the
17680// value will be replaced with "sensitive".
17681func (s AccessDetail) String() string {
17682	return awsutil.Prettify(s)
17683}
17684
17685// GoString returns the string representation.
17686//
17687// API parameter values that are decorated as "sensitive" in the API will not
17688// be included in the string output. The member name will be present, but the
17689// value will be replaced with "sensitive".
17690func (s AccessDetail) GoString() string {
17691	return s.String()
17692}
17693
17694// SetEntityPath sets the EntityPath field's value.
17695func (s *AccessDetail) SetEntityPath(v string) *AccessDetail {
17696	s.EntityPath = &v
17697	return s
17698}
17699
17700// SetLastAuthenticatedTime sets the LastAuthenticatedTime field's value.
17701func (s *AccessDetail) SetLastAuthenticatedTime(v time.Time) *AccessDetail {
17702	s.LastAuthenticatedTime = &v
17703	return s
17704}
17705
17706// SetRegion sets the Region field's value.
17707func (s *AccessDetail) SetRegion(v string) *AccessDetail {
17708	s.Region = &v
17709	return s
17710}
17711
17712// SetServiceName sets the ServiceName field's value.
17713func (s *AccessDetail) SetServiceName(v string) *AccessDetail {
17714	s.ServiceName = &v
17715	return s
17716}
17717
17718// SetServiceNamespace sets the ServiceNamespace field's value.
17719func (s *AccessDetail) SetServiceNamespace(v string) *AccessDetail {
17720	s.ServiceNamespace = &v
17721	return s
17722}
17723
17724// SetTotalAuthenticatedEntities sets the TotalAuthenticatedEntities field's value.
17725func (s *AccessDetail) SetTotalAuthenticatedEntities(v int64) *AccessDetail {
17726	s.TotalAuthenticatedEntities = &v
17727	return s
17728}
17729
17730// Contains information about an Amazon Web Services access key.
17731//
17732// This data type is used as a response element in the CreateAccessKey and ListAccessKeys
17733// operations.
17734//
17735// The SecretAccessKey value is returned only in response to CreateAccessKey.
17736// You can get a secret access key only when you first create an access key;
17737// you cannot recover the secret access key later. If you lose a secret access
17738// key, you must create a new access key.
17739type AccessKey struct {
17740	_ struct{} `type:"structure"`
17741
17742	// The ID for this access key.
17743	//
17744	// AccessKeyId is a required field
17745	AccessKeyId *string `min:"16" type:"string" required:"true"`
17746
17747	// The date when the access key was created.
17748	CreateDate *time.Time `type:"timestamp"`
17749
17750	// The secret key used to sign requests.
17751	//
17752	// SecretAccessKey is a sensitive parameter and its value will be
17753	// replaced with "sensitive" in string returned by AccessKey's
17754	// String and GoString methods.
17755	//
17756	// SecretAccessKey is a required field
17757	SecretAccessKey *string `type:"string" required:"true" sensitive:"true"`
17758
17759	// The status of the access key. Active means that the key is valid for API
17760	// calls, while Inactive means it is not.
17761	//
17762	// Status is a required field
17763	Status *string `type:"string" required:"true" enum:"StatusType"`
17764
17765	// The name of the IAM user that the access key is associated with.
17766	//
17767	// UserName is a required field
17768	UserName *string `min:"1" type:"string" required:"true"`
17769}
17770
17771// String returns the string representation.
17772//
17773// API parameter values that are decorated as "sensitive" in the API will not
17774// be included in the string output. The member name will be present, but the
17775// value will be replaced with "sensitive".
17776func (s AccessKey) String() string {
17777	return awsutil.Prettify(s)
17778}
17779
17780// GoString returns the string representation.
17781//
17782// API parameter values that are decorated as "sensitive" in the API will not
17783// be included in the string output. The member name will be present, but the
17784// value will be replaced with "sensitive".
17785func (s AccessKey) GoString() string {
17786	return s.String()
17787}
17788
17789// SetAccessKeyId sets the AccessKeyId field's value.
17790func (s *AccessKey) SetAccessKeyId(v string) *AccessKey {
17791	s.AccessKeyId = &v
17792	return s
17793}
17794
17795// SetCreateDate sets the CreateDate field's value.
17796func (s *AccessKey) SetCreateDate(v time.Time) *AccessKey {
17797	s.CreateDate = &v
17798	return s
17799}
17800
17801// SetSecretAccessKey sets the SecretAccessKey field's value.
17802func (s *AccessKey) SetSecretAccessKey(v string) *AccessKey {
17803	s.SecretAccessKey = &v
17804	return s
17805}
17806
17807// SetStatus sets the Status field's value.
17808func (s *AccessKey) SetStatus(v string) *AccessKey {
17809	s.Status = &v
17810	return s
17811}
17812
17813// SetUserName sets the UserName field's value.
17814func (s *AccessKey) SetUserName(v string) *AccessKey {
17815	s.UserName = &v
17816	return s
17817}
17818
17819// Contains information about the last time an Amazon Web Services access key
17820// was used since IAM began tracking this information on April 22, 2015.
17821//
17822// This data type is used as a response element in the GetAccessKeyLastUsed
17823// operation.
17824type AccessKeyLastUsed struct {
17825	_ struct{} `type:"structure"`
17826
17827	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
17828	// when the access key was most recently used. This field is null in the following
17829	// situations:
17830	//
17831	//    * The user does not have an access key.
17832	//
17833	//    * An access key exists but has not been used since IAM began tracking
17834	//    this information.
17835	//
17836	//    * There is no sign-in data associated with the user.
17837	//
17838	// LastUsedDate is a required field
17839	LastUsedDate *time.Time `type:"timestamp" required:"true"`
17840
17841	// The Amazon Web Services Region where this access key was most recently used.
17842	// The value for this field is "N/A" in the following situations:
17843	//
17844	//    * The user does not have an access key.
17845	//
17846	//    * An access key exists but has not been used since IAM began tracking
17847	//    this information.
17848	//
17849	//    * There is no sign-in data associated with the user.
17850	//
17851	// For more information about Amazon Web Services Regions, see Regions and endpoints
17852	// (https://docs.aws.amazon.com/general/latest/gr/rande.html) in the Amazon
17853	// Web Services General Reference.
17854	//
17855	// Region is a required field
17856	Region *string `type:"string" required:"true"`
17857
17858	// The name of the Amazon Web Services service with which this access key was
17859	// most recently used. The value of this field is "N/A" in the following situations:
17860	//
17861	//    * The user does not have an access key.
17862	//
17863	//    * An access key exists but has not been used since IAM started tracking
17864	//    this information.
17865	//
17866	//    * There is no sign-in data associated with the user.
17867	//
17868	// ServiceName is a required field
17869	ServiceName *string `type:"string" required:"true"`
17870}
17871
17872// String returns the string representation.
17873//
17874// API parameter values that are decorated as "sensitive" in the API will not
17875// be included in the string output. The member name will be present, but the
17876// value will be replaced with "sensitive".
17877func (s AccessKeyLastUsed) String() string {
17878	return awsutil.Prettify(s)
17879}
17880
17881// GoString returns the string representation.
17882//
17883// API parameter values that are decorated as "sensitive" in the API will not
17884// be included in the string output. The member name will be present, but the
17885// value will be replaced with "sensitive".
17886func (s AccessKeyLastUsed) GoString() string {
17887	return s.String()
17888}
17889
17890// SetLastUsedDate sets the LastUsedDate field's value.
17891func (s *AccessKeyLastUsed) SetLastUsedDate(v time.Time) *AccessKeyLastUsed {
17892	s.LastUsedDate = &v
17893	return s
17894}
17895
17896// SetRegion sets the Region field's value.
17897func (s *AccessKeyLastUsed) SetRegion(v string) *AccessKeyLastUsed {
17898	s.Region = &v
17899	return s
17900}
17901
17902// SetServiceName sets the ServiceName field's value.
17903func (s *AccessKeyLastUsed) SetServiceName(v string) *AccessKeyLastUsed {
17904	s.ServiceName = &v
17905	return s
17906}
17907
17908// Contains information about an Amazon Web Services access key, without its
17909// secret key.
17910//
17911// This data type is used as a response element in the ListAccessKeys operation.
17912type AccessKeyMetadata struct {
17913	_ struct{} `type:"structure"`
17914
17915	// The ID for this access key.
17916	AccessKeyId *string `min:"16" type:"string"`
17917
17918	// The date when the access key was created.
17919	CreateDate *time.Time `type:"timestamp"`
17920
17921	// The status of the access key. Active means that the key is valid for API
17922	// calls; Inactive means it is not.
17923	Status *string `type:"string" enum:"StatusType"`
17924
17925	// The name of the IAM user that the key is associated with.
17926	UserName *string `min:"1" type:"string"`
17927}
17928
17929// String returns the string representation.
17930//
17931// API parameter values that are decorated as "sensitive" in the API will not
17932// be included in the string output. The member name will be present, but the
17933// value will be replaced with "sensitive".
17934func (s AccessKeyMetadata) String() string {
17935	return awsutil.Prettify(s)
17936}
17937
17938// GoString returns the string representation.
17939//
17940// API parameter values that are decorated as "sensitive" in the API will not
17941// be included in the string output. The member name will be present, but the
17942// value will be replaced with "sensitive".
17943func (s AccessKeyMetadata) GoString() string {
17944	return s.String()
17945}
17946
17947// SetAccessKeyId sets the AccessKeyId field's value.
17948func (s *AccessKeyMetadata) SetAccessKeyId(v string) *AccessKeyMetadata {
17949	s.AccessKeyId = &v
17950	return s
17951}
17952
17953// SetCreateDate sets the CreateDate field's value.
17954func (s *AccessKeyMetadata) SetCreateDate(v time.Time) *AccessKeyMetadata {
17955	s.CreateDate = &v
17956	return s
17957}
17958
17959// SetStatus sets the Status field's value.
17960func (s *AccessKeyMetadata) SetStatus(v string) *AccessKeyMetadata {
17961	s.Status = &v
17962	return s
17963}
17964
17965// SetUserName sets the UserName field's value.
17966func (s *AccessKeyMetadata) SetUserName(v string) *AccessKeyMetadata {
17967	s.UserName = &v
17968	return s
17969}
17970
17971type AddClientIDToOpenIDConnectProviderInput struct {
17972	_ struct{} `type:"structure"`
17973
17974	// The client ID (also known as audience) to add to the IAM OpenID Connect provider
17975	// resource.
17976	//
17977	// ClientID is a required field
17978	ClientID *string `min:"1" type:"string" required:"true"`
17979
17980	// The Amazon Resource Name (ARN) of the IAM OpenID Connect (OIDC) provider
17981	// resource to add the client ID to. You can get a list of OIDC provider ARNs
17982	// by using the ListOpenIDConnectProviders operation.
17983	//
17984	// OpenIDConnectProviderArn is a required field
17985	OpenIDConnectProviderArn *string `min:"20" type:"string" required:"true"`
17986}
17987
17988// String returns the string representation.
17989//
17990// API parameter values that are decorated as "sensitive" in the API will not
17991// be included in the string output. The member name will be present, but the
17992// value will be replaced with "sensitive".
17993func (s AddClientIDToOpenIDConnectProviderInput) String() string {
17994	return awsutil.Prettify(s)
17995}
17996
17997// GoString returns the string representation.
17998//
17999// API parameter values that are decorated as "sensitive" in the API will not
18000// be included in the string output. The member name will be present, but the
18001// value will be replaced with "sensitive".
18002func (s AddClientIDToOpenIDConnectProviderInput) GoString() string {
18003	return s.String()
18004}
18005
18006// Validate inspects the fields of the type to determine if they are valid.
18007func (s *AddClientIDToOpenIDConnectProviderInput) Validate() error {
18008	invalidParams := request.ErrInvalidParams{Context: "AddClientIDToOpenIDConnectProviderInput"}
18009	if s.ClientID == nil {
18010		invalidParams.Add(request.NewErrParamRequired("ClientID"))
18011	}
18012	if s.ClientID != nil && len(*s.ClientID) < 1 {
18013		invalidParams.Add(request.NewErrParamMinLen("ClientID", 1))
18014	}
18015	if s.OpenIDConnectProviderArn == nil {
18016		invalidParams.Add(request.NewErrParamRequired("OpenIDConnectProviderArn"))
18017	}
18018	if s.OpenIDConnectProviderArn != nil && len(*s.OpenIDConnectProviderArn) < 20 {
18019		invalidParams.Add(request.NewErrParamMinLen("OpenIDConnectProviderArn", 20))
18020	}
18021
18022	if invalidParams.Len() > 0 {
18023		return invalidParams
18024	}
18025	return nil
18026}
18027
18028// SetClientID sets the ClientID field's value.
18029func (s *AddClientIDToOpenIDConnectProviderInput) SetClientID(v string) *AddClientIDToOpenIDConnectProviderInput {
18030	s.ClientID = &v
18031	return s
18032}
18033
18034// SetOpenIDConnectProviderArn sets the OpenIDConnectProviderArn field's value.
18035func (s *AddClientIDToOpenIDConnectProviderInput) SetOpenIDConnectProviderArn(v string) *AddClientIDToOpenIDConnectProviderInput {
18036	s.OpenIDConnectProviderArn = &v
18037	return s
18038}
18039
18040type AddClientIDToOpenIDConnectProviderOutput struct {
18041	_ struct{} `type:"structure"`
18042}
18043
18044// String returns the string representation.
18045//
18046// API parameter values that are decorated as "sensitive" in the API will not
18047// be included in the string output. The member name will be present, but the
18048// value will be replaced with "sensitive".
18049func (s AddClientIDToOpenIDConnectProviderOutput) String() string {
18050	return awsutil.Prettify(s)
18051}
18052
18053// GoString returns the string representation.
18054//
18055// API parameter values that are decorated as "sensitive" in the API will not
18056// be included in the string output. The member name will be present, but the
18057// value will be replaced with "sensitive".
18058func (s AddClientIDToOpenIDConnectProviderOutput) GoString() string {
18059	return s.String()
18060}
18061
18062type AddRoleToInstanceProfileInput struct {
18063	_ struct{} `type:"structure"`
18064
18065	// The name of the instance profile to update.
18066	//
18067	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
18068	// a string of characters consisting of upper and lowercase alphanumeric characters
18069	// with no spaces. You can also include any of the following characters: _+=,.@-
18070	//
18071	// InstanceProfileName is a required field
18072	InstanceProfileName *string `min:"1" type:"string" required:"true"`
18073
18074	// The name of the role to add.
18075	//
18076	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
18077	// a string of characters consisting of upper and lowercase alphanumeric characters
18078	// with no spaces. You can also include any of the following characters: _+=,.@-
18079	//
18080	// RoleName is a required field
18081	RoleName *string `min:"1" type:"string" required:"true"`
18082}
18083
18084// String returns the string representation.
18085//
18086// API parameter values that are decorated as "sensitive" in the API will not
18087// be included in the string output. The member name will be present, but the
18088// value will be replaced with "sensitive".
18089func (s AddRoleToInstanceProfileInput) String() string {
18090	return awsutil.Prettify(s)
18091}
18092
18093// GoString returns the string representation.
18094//
18095// API parameter values that are decorated as "sensitive" in the API will not
18096// be included in the string output. The member name will be present, but the
18097// value will be replaced with "sensitive".
18098func (s AddRoleToInstanceProfileInput) GoString() string {
18099	return s.String()
18100}
18101
18102// Validate inspects the fields of the type to determine if they are valid.
18103func (s *AddRoleToInstanceProfileInput) Validate() error {
18104	invalidParams := request.ErrInvalidParams{Context: "AddRoleToInstanceProfileInput"}
18105	if s.InstanceProfileName == nil {
18106		invalidParams.Add(request.NewErrParamRequired("InstanceProfileName"))
18107	}
18108	if s.InstanceProfileName != nil && len(*s.InstanceProfileName) < 1 {
18109		invalidParams.Add(request.NewErrParamMinLen("InstanceProfileName", 1))
18110	}
18111	if s.RoleName == nil {
18112		invalidParams.Add(request.NewErrParamRequired("RoleName"))
18113	}
18114	if s.RoleName != nil && len(*s.RoleName) < 1 {
18115		invalidParams.Add(request.NewErrParamMinLen("RoleName", 1))
18116	}
18117
18118	if invalidParams.Len() > 0 {
18119		return invalidParams
18120	}
18121	return nil
18122}
18123
18124// SetInstanceProfileName sets the InstanceProfileName field's value.
18125func (s *AddRoleToInstanceProfileInput) SetInstanceProfileName(v string) *AddRoleToInstanceProfileInput {
18126	s.InstanceProfileName = &v
18127	return s
18128}
18129
18130// SetRoleName sets the RoleName field's value.
18131func (s *AddRoleToInstanceProfileInput) SetRoleName(v string) *AddRoleToInstanceProfileInput {
18132	s.RoleName = &v
18133	return s
18134}
18135
18136type AddRoleToInstanceProfileOutput struct {
18137	_ struct{} `type:"structure"`
18138}
18139
18140// String returns the string representation.
18141//
18142// API parameter values that are decorated as "sensitive" in the API will not
18143// be included in the string output. The member name will be present, but the
18144// value will be replaced with "sensitive".
18145func (s AddRoleToInstanceProfileOutput) String() string {
18146	return awsutil.Prettify(s)
18147}
18148
18149// GoString returns the string representation.
18150//
18151// API parameter values that are decorated as "sensitive" in the API will not
18152// be included in the string output. The member name will be present, but the
18153// value will be replaced with "sensitive".
18154func (s AddRoleToInstanceProfileOutput) GoString() string {
18155	return s.String()
18156}
18157
18158type AddUserToGroupInput struct {
18159	_ struct{} `type:"structure"`
18160
18161	// The name of the group to update.
18162	//
18163	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
18164	// a string of characters consisting of upper and lowercase alphanumeric characters
18165	// with no spaces. You can also include any of the following characters: _+=,.@-
18166	//
18167	// GroupName is a required field
18168	GroupName *string `min:"1" type:"string" required:"true"`
18169
18170	// The name of the user to add.
18171	//
18172	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
18173	// a string of characters consisting of upper and lowercase alphanumeric characters
18174	// with no spaces. You can also include any of the following characters: _+=,.@-
18175	//
18176	// UserName is a required field
18177	UserName *string `min:"1" type:"string" required:"true"`
18178}
18179
18180// String returns the string representation.
18181//
18182// API parameter values that are decorated as "sensitive" in the API will not
18183// be included in the string output. The member name will be present, but the
18184// value will be replaced with "sensitive".
18185func (s AddUserToGroupInput) String() string {
18186	return awsutil.Prettify(s)
18187}
18188
18189// GoString returns the string representation.
18190//
18191// API parameter values that are decorated as "sensitive" in the API will not
18192// be included in the string output. The member name will be present, but the
18193// value will be replaced with "sensitive".
18194func (s AddUserToGroupInput) GoString() string {
18195	return s.String()
18196}
18197
18198// Validate inspects the fields of the type to determine if they are valid.
18199func (s *AddUserToGroupInput) Validate() error {
18200	invalidParams := request.ErrInvalidParams{Context: "AddUserToGroupInput"}
18201	if s.GroupName == nil {
18202		invalidParams.Add(request.NewErrParamRequired("GroupName"))
18203	}
18204	if s.GroupName != nil && len(*s.GroupName) < 1 {
18205		invalidParams.Add(request.NewErrParamMinLen("GroupName", 1))
18206	}
18207	if s.UserName == nil {
18208		invalidParams.Add(request.NewErrParamRequired("UserName"))
18209	}
18210	if s.UserName != nil && len(*s.UserName) < 1 {
18211		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
18212	}
18213
18214	if invalidParams.Len() > 0 {
18215		return invalidParams
18216	}
18217	return nil
18218}
18219
18220// SetGroupName sets the GroupName field's value.
18221func (s *AddUserToGroupInput) SetGroupName(v string) *AddUserToGroupInput {
18222	s.GroupName = &v
18223	return s
18224}
18225
18226// SetUserName sets the UserName field's value.
18227func (s *AddUserToGroupInput) SetUserName(v string) *AddUserToGroupInput {
18228	s.UserName = &v
18229	return s
18230}
18231
18232type AddUserToGroupOutput struct {
18233	_ struct{} `type:"structure"`
18234}
18235
18236// String returns the string representation.
18237//
18238// API parameter values that are decorated as "sensitive" in the API will not
18239// be included in the string output. The member name will be present, but the
18240// value will be replaced with "sensitive".
18241func (s AddUserToGroupOutput) String() string {
18242	return awsutil.Prettify(s)
18243}
18244
18245// GoString returns the string representation.
18246//
18247// API parameter values that are decorated as "sensitive" in the API will not
18248// be included in the string output. The member name will be present, but the
18249// value will be replaced with "sensitive".
18250func (s AddUserToGroupOutput) GoString() string {
18251	return s.String()
18252}
18253
18254type AttachGroupPolicyInput struct {
18255	_ struct{} `type:"structure"`
18256
18257	// The name (friendly name, not ARN) of the group to attach the policy to.
18258	//
18259	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
18260	// a string of characters consisting of upper and lowercase alphanumeric characters
18261	// with no spaces. You can also include any of the following characters: _+=,.@-
18262	//
18263	// GroupName is a required field
18264	GroupName *string `min:"1" type:"string" required:"true"`
18265
18266	// The Amazon Resource Name (ARN) of the IAM policy you want to attach.
18267	//
18268	// For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
18269	// in the Amazon Web Services General Reference.
18270	//
18271	// PolicyArn is a required field
18272	PolicyArn *string `min:"20" type:"string" required:"true"`
18273}
18274
18275// String returns the string representation.
18276//
18277// API parameter values that are decorated as "sensitive" in the API will not
18278// be included in the string output. The member name will be present, but the
18279// value will be replaced with "sensitive".
18280func (s AttachGroupPolicyInput) String() string {
18281	return awsutil.Prettify(s)
18282}
18283
18284// GoString returns the string representation.
18285//
18286// API parameter values that are decorated as "sensitive" in the API will not
18287// be included in the string output. The member name will be present, but the
18288// value will be replaced with "sensitive".
18289func (s AttachGroupPolicyInput) GoString() string {
18290	return s.String()
18291}
18292
18293// Validate inspects the fields of the type to determine if they are valid.
18294func (s *AttachGroupPolicyInput) Validate() error {
18295	invalidParams := request.ErrInvalidParams{Context: "AttachGroupPolicyInput"}
18296	if s.GroupName == nil {
18297		invalidParams.Add(request.NewErrParamRequired("GroupName"))
18298	}
18299	if s.GroupName != nil && len(*s.GroupName) < 1 {
18300		invalidParams.Add(request.NewErrParamMinLen("GroupName", 1))
18301	}
18302	if s.PolicyArn == nil {
18303		invalidParams.Add(request.NewErrParamRequired("PolicyArn"))
18304	}
18305	if s.PolicyArn != nil && len(*s.PolicyArn) < 20 {
18306		invalidParams.Add(request.NewErrParamMinLen("PolicyArn", 20))
18307	}
18308
18309	if invalidParams.Len() > 0 {
18310		return invalidParams
18311	}
18312	return nil
18313}
18314
18315// SetGroupName sets the GroupName field's value.
18316func (s *AttachGroupPolicyInput) SetGroupName(v string) *AttachGroupPolicyInput {
18317	s.GroupName = &v
18318	return s
18319}
18320
18321// SetPolicyArn sets the PolicyArn field's value.
18322func (s *AttachGroupPolicyInput) SetPolicyArn(v string) *AttachGroupPolicyInput {
18323	s.PolicyArn = &v
18324	return s
18325}
18326
18327type AttachGroupPolicyOutput struct {
18328	_ struct{} `type:"structure"`
18329}
18330
18331// String returns the string representation.
18332//
18333// API parameter values that are decorated as "sensitive" in the API will not
18334// be included in the string output. The member name will be present, but the
18335// value will be replaced with "sensitive".
18336func (s AttachGroupPolicyOutput) String() string {
18337	return awsutil.Prettify(s)
18338}
18339
18340// GoString returns the string representation.
18341//
18342// API parameter values that are decorated as "sensitive" in the API will not
18343// be included in the string output. The member name will be present, but the
18344// value will be replaced with "sensitive".
18345func (s AttachGroupPolicyOutput) GoString() string {
18346	return s.String()
18347}
18348
18349type AttachRolePolicyInput struct {
18350	_ struct{} `type:"structure"`
18351
18352	// The Amazon Resource Name (ARN) of the IAM policy you want to attach.
18353	//
18354	// For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
18355	// in the Amazon Web Services General Reference.
18356	//
18357	// PolicyArn is a required field
18358	PolicyArn *string `min:"20" type:"string" required:"true"`
18359
18360	// The name (friendly name, not ARN) of the role to attach the policy to.
18361	//
18362	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
18363	// a string of characters consisting of upper and lowercase alphanumeric characters
18364	// with no spaces. You can also include any of the following characters: _+=,.@-
18365	//
18366	// RoleName is a required field
18367	RoleName *string `min:"1" type:"string" required:"true"`
18368}
18369
18370// String returns the string representation.
18371//
18372// API parameter values that are decorated as "sensitive" in the API will not
18373// be included in the string output. The member name will be present, but the
18374// value will be replaced with "sensitive".
18375func (s AttachRolePolicyInput) String() string {
18376	return awsutil.Prettify(s)
18377}
18378
18379// GoString returns the string representation.
18380//
18381// API parameter values that are decorated as "sensitive" in the API will not
18382// be included in the string output. The member name will be present, but the
18383// value will be replaced with "sensitive".
18384func (s AttachRolePolicyInput) GoString() string {
18385	return s.String()
18386}
18387
18388// Validate inspects the fields of the type to determine if they are valid.
18389func (s *AttachRolePolicyInput) Validate() error {
18390	invalidParams := request.ErrInvalidParams{Context: "AttachRolePolicyInput"}
18391	if s.PolicyArn == nil {
18392		invalidParams.Add(request.NewErrParamRequired("PolicyArn"))
18393	}
18394	if s.PolicyArn != nil && len(*s.PolicyArn) < 20 {
18395		invalidParams.Add(request.NewErrParamMinLen("PolicyArn", 20))
18396	}
18397	if s.RoleName == nil {
18398		invalidParams.Add(request.NewErrParamRequired("RoleName"))
18399	}
18400	if s.RoleName != nil && len(*s.RoleName) < 1 {
18401		invalidParams.Add(request.NewErrParamMinLen("RoleName", 1))
18402	}
18403
18404	if invalidParams.Len() > 0 {
18405		return invalidParams
18406	}
18407	return nil
18408}
18409
18410// SetPolicyArn sets the PolicyArn field's value.
18411func (s *AttachRolePolicyInput) SetPolicyArn(v string) *AttachRolePolicyInput {
18412	s.PolicyArn = &v
18413	return s
18414}
18415
18416// SetRoleName sets the RoleName field's value.
18417func (s *AttachRolePolicyInput) SetRoleName(v string) *AttachRolePolicyInput {
18418	s.RoleName = &v
18419	return s
18420}
18421
18422type AttachRolePolicyOutput struct {
18423	_ struct{} `type:"structure"`
18424}
18425
18426// String returns the string representation.
18427//
18428// API parameter values that are decorated as "sensitive" in the API will not
18429// be included in the string output. The member name will be present, but the
18430// value will be replaced with "sensitive".
18431func (s AttachRolePolicyOutput) String() string {
18432	return awsutil.Prettify(s)
18433}
18434
18435// GoString returns the string representation.
18436//
18437// API parameter values that are decorated as "sensitive" in the API will not
18438// be included in the string output. The member name will be present, but the
18439// value will be replaced with "sensitive".
18440func (s AttachRolePolicyOutput) GoString() string {
18441	return s.String()
18442}
18443
18444type AttachUserPolicyInput struct {
18445	_ struct{} `type:"structure"`
18446
18447	// The Amazon Resource Name (ARN) of the IAM policy you want to attach.
18448	//
18449	// For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
18450	// in the Amazon Web Services General Reference.
18451	//
18452	// PolicyArn is a required field
18453	PolicyArn *string `min:"20" type:"string" required:"true"`
18454
18455	// The name (friendly name, not ARN) of the IAM user to attach the policy to.
18456	//
18457	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
18458	// a string of characters consisting of upper and lowercase alphanumeric characters
18459	// with no spaces. You can also include any of the following characters: _+=,.@-
18460	//
18461	// UserName is a required field
18462	UserName *string `min:"1" type:"string" required:"true"`
18463}
18464
18465// String returns the string representation.
18466//
18467// API parameter values that are decorated as "sensitive" in the API will not
18468// be included in the string output. The member name will be present, but the
18469// value will be replaced with "sensitive".
18470func (s AttachUserPolicyInput) String() string {
18471	return awsutil.Prettify(s)
18472}
18473
18474// GoString returns the string representation.
18475//
18476// API parameter values that are decorated as "sensitive" in the API will not
18477// be included in the string output. The member name will be present, but the
18478// value will be replaced with "sensitive".
18479func (s AttachUserPolicyInput) GoString() string {
18480	return s.String()
18481}
18482
18483// Validate inspects the fields of the type to determine if they are valid.
18484func (s *AttachUserPolicyInput) Validate() error {
18485	invalidParams := request.ErrInvalidParams{Context: "AttachUserPolicyInput"}
18486	if s.PolicyArn == nil {
18487		invalidParams.Add(request.NewErrParamRequired("PolicyArn"))
18488	}
18489	if s.PolicyArn != nil && len(*s.PolicyArn) < 20 {
18490		invalidParams.Add(request.NewErrParamMinLen("PolicyArn", 20))
18491	}
18492	if s.UserName == nil {
18493		invalidParams.Add(request.NewErrParamRequired("UserName"))
18494	}
18495	if s.UserName != nil && len(*s.UserName) < 1 {
18496		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
18497	}
18498
18499	if invalidParams.Len() > 0 {
18500		return invalidParams
18501	}
18502	return nil
18503}
18504
18505// SetPolicyArn sets the PolicyArn field's value.
18506func (s *AttachUserPolicyInput) SetPolicyArn(v string) *AttachUserPolicyInput {
18507	s.PolicyArn = &v
18508	return s
18509}
18510
18511// SetUserName sets the UserName field's value.
18512func (s *AttachUserPolicyInput) SetUserName(v string) *AttachUserPolicyInput {
18513	s.UserName = &v
18514	return s
18515}
18516
18517type AttachUserPolicyOutput struct {
18518	_ struct{} `type:"structure"`
18519}
18520
18521// String returns the string representation.
18522//
18523// API parameter values that are decorated as "sensitive" in the API will not
18524// be included in the string output. The member name will be present, but the
18525// value will be replaced with "sensitive".
18526func (s AttachUserPolicyOutput) String() string {
18527	return awsutil.Prettify(s)
18528}
18529
18530// GoString returns the string representation.
18531//
18532// API parameter values that are decorated as "sensitive" in the API will not
18533// be included in the string output. The member name will be present, but the
18534// value will be replaced with "sensitive".
18535func (s AttachUserPolicyOutput) GoString() string {
18536	return s.String()
18537}
18538
18539// Contains information about an attached permissions boundary.
18540//
18541// An attached permissions boundary is a managed policy that has been attached
18542// to a user or role to set the permissions boundary.
18543//
18544// For more information about permissions boundaries, see Permissions boundaries
18545// for IAM identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html)
18546// in the IAM User Guide.
18547type AttachedPermissionsBoundary struct {
18548	_ struct{} `type:"structure"`
18549
18550	// The ARN of the policy used to set the permissions boundary for the user or
18551	// role.
18552	PermissionsBoundaryArn *string `min:"20" type:"string"`
18553
18554	// The permissions boundary usage type that indicates what type of IAM resource
18555	// is used as the permissions boundary for an entity. This data type can only
18556	// have a value of Policy.
18557	PermissionsBoundaryType *string `type:"string" enum:"PermissionsBoundaryAttachmentType"`
18558}
18559
18560// String returns the string representation.
18561//
18562// API parameter values that are decorated as "sensitive" in the API will not
18563// be included in the string output. The member name will be present, but the
18564// value will be replaced with "sensitive".
18565func (s AttachedPermissionsBoundary) String() string {
18566	return awsutil.Prettify(s)
18567}
18568
18569// GoString returns the string representation.
18570//
18571// API parameter values that are decorated as "sensitive" in the API will not
18572// be included in the string output. The member name will be present, but the
18573// value will be replaced with "sensitive".
18574func (s AttachedPermissionsBoundary) GoString() string {
18575	return s.String()
18576}
18577
18578// SetPermissionsBoundaryArn sets the PermissionsBoundaryArn field's value.
18579func (s *AttachedPermissionsBoundary) SetPermissionsBoundaryArn(v string) *AttachedPermissionsBoundary {
18580	s.PermissionsBoundaryArn = &v
18581	return s
18582}
18583
18584// SetPermissionsBoundaryType sets the PermissionsBoundaryType field's value.
18585func (s *AttachedPermissionsBoundary) SetPermissionsBoundaryType(v string) *AttachedPermissionsBoundary {
18586	s.PermissionsBoundaryType = &v
18587	return s
18588}
18589
18590// Contains information about an attached policy.
18591//
18592// An attached policy is a managed policy that has been attached to a user,
18593// group, or role. This data type is used as a response element in the ListAttachedGroupPolicies,
18594// ListAttachedRolePolicies, ListAttachedUserPolicies, and GetAccountAuthorizationDetails
18595// operations.
18596//
18597// For more information about managed policies, refer to Managed policies and
18598// inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
18599// in the IAM User Guide.
18600type AttachedPolicy struct {
18601	_ struct{} `type:"structure"`
18602
18603	// The Amazon Resource Name (ARN). ARNs are unique identifiers for Amazon Web
18604	// Services resources.
18605	//
18606	// For more information about ARNs, go to Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
18607	// in the Amazon Web Services General Reference.
18608	PolicyArn *string `min:"20" type:"string"`
18609
18610	// The friendly name of the attached policy.
18611	PolicyName *string `min:"1" type:"string"`
18612}
18613
18614// String returns the string representation.
18615//
18616// API parameter values that are decorated as "sensitive" in the API will not
18617// be included in the string output. The member name will be present, but the
18618// value will be replaced with "sensitive".
18619func (s AttachedPolicy) String() string {
18620	return awsutil.Prettify(s)
18621}
18622
18623// GoString returns the string representation.
18624//
18625// API parameter values that are decorated as "sensitive" in the API will not
18626// be included in the string output. The member name will be present, but the
18627// value will be replaced with "sensitive".
18628func (s AttachedPolicy) GoString() string {
18629	return s.String()
18630}
18631
18632// SetPolicyArn sets the PolicyArn field's value.
18633func (s *AttachedPolicy) SetPolicyArn(v string) *AttachedPolicy {
18634	s.PolicyArn = &v
18635	return s
18636}
18637
18638// SetPolicyName sets the PolicyName field's value.
18639func (s *AttachedPolicy) SetPolicyName(v string) *AttachedPolicy {
18640	s.PolicyName = &v
18641	return s
18642}
18643
18644type ChangePasswordInput struct {
18645	_ struct{} `type:"structure"`
18646
18647	// The new password. The new password must conform to the Amazon Web Services
18648	// account's password policy, if one exists.
18649	//
18650	// The regex pattern (http://wikipedia.org/wiki/regex) that is used to validate
18651	// this parameter is a string of characters. That string can include almost
18652	// any printable ASCII character from the space (\u0020) through the end of
18653	// the ASCII character range (\u00FF). You can also include the tab (\u0009),
18654	// line feed (\u000A), and carriage return (\u000D) characters. Any of these
18655	// characters are valid in a password. However, many tools, such as the Amazon
18656	// Web Services Management Console, might restrict the ability to type certain
18657	// characters because they have special meaning within that tool.
18658	//
18659	// NewPassword is a sensitive parameter and its value will be
18660	// replaced with "sensitive" in string returned by ChangePasswordInput's
18661	// String and GoString methods.
18662	//
18663	// NewPassword is a required field
18664	NewPassword *string `min:"1" type:"string" required:"true" sensitive:"true"`
18665
18666	// The IAM user's current password.
18667	//
18668	// OldPassword is a sensitive parameter and its value will be
18669	// replaced with "sensitive" in string returned by ChangePasswordInput's
18670	// String and GoString methods.
18671	//
18672	// OldPassword is a required field
18673	OldPassword *string `min:"1" type:"string" required:"true" sensitive:"true"`
18674}
18675
18676// String returns the string representation.
18677//
18678// API parameter values that are decorated as "sensitive" in the API will not
18679// be included in the string output. The member name will be present, but the
18680// value will be replaced with "sensitive".
18681func (s ChangePasswordInput) String() string {
18682	return awsutil.Prettify(s)
18683}
18684
18685// GoString returns the string representation.
18686//
18687// API parameter values that are decorated as "sensitive" in the API will not
18688// be included in the string output. The member name will be present, but the
18689// value will be replaced with "sensitive".
18690func (s ChangePasswordInput) GoString() string {
18691	return s.String()
18692}
18693
18694// Validate inspects the fields of the type to determine if they are valid.
18695func (s *ChangePasswordInput) Validate() error {
18696	invalidParams := request.ErrInvalidParams{Context: "ChangePasswordInput"}
18697	if s.NewPassword == nil {
18698		invalidParams.Add(request.NewErrParamRequired("NewPassword"))
18699	}
18700	if s.NewPassword != nil && len(*s.NewPassword) < 1 {
18701		invalidParams.Add(request.NewErrParamMinLen("NewPassword", 1))
18702	}
18703	if s.OldPassword == nil {
18704		invalidParams.Add(request.NewErrParamRequired("OldPassword"))
18705	}
18706	if s.OldPassword != nil && len(*s.OldPassword) < 1 {
18707		invalidParams.Add(request.NewErrParamMinLen("OldPassword", 1))
18708	}
18709
18710	if invalidParams.Len() > 0 {
18711		return invalidParams
18712	}
18713	return nil
18714}
18715
18716// SetNewPassword sets the NewPassword field's value.
18717func (s *ChangePasswordInput) SetNewPassword(v string) *ChangePasswordInput {
18718	s.NewPassword = &v
18719	return s
18720}
18721
18722// SetOldPassword sets the OldPassword field's value.
18723func (s *ChangePasswordInput) SetOldPassword(v string) *ChangePasswordInput {
18724	s.OldPassword = &v
18725	return s
18726}
18727
18728type ChangePasswordOutput struct {
18729	_ struct{} `type:"structure"`
18730}
18731
18732// String returns the string representation.
18733//
18734// API parameter values that are decorated as "sensitive" in the API will not
18735// be included in the string output. The member name will be present, but the
18736// value will be replaced with "sensitive".
18737func (s ChangePasswordOutput) String() string {
18738	return awsutil.Prettify(s)
18739}
18740
18741// GoString returns the string representation.
18742//
18743// API parameter values that are decorated as "sensitive" in the API will not
18744// be included in the string output. The member name will be present, but the
18745// value will be replaced with "sensitive".
18746func (s ChangePasswordOutput) GoString() string {
18747	return s.String()
18748}
18749
18750// Contains information about a condition context key. It includes the name
18751// of the key and specifies the value (or values, if the context key supports
18752// multiple values) to use in the simulation. This information is used when
18753// evaluating the Condition elements of the input policies.
18754//
18755// This data type is used as an input parameter to SimulateCustomPolicy and
18756// SimulatePrincipalPolicy.
18757type ContextEntry struct {
18758	_ struct{} `type:"structure"`
18759
18760	// The full name of a condition context key, including the service prefix. For
18761	// example, aws:SourceIp or s3:VersionId.
18762	ContextKeyName *string `min:"5" type:"string"`
18763
18764	// The data type of the value (or values) specified in the ContextKeyValues
18765	// parameter.
18766	ContextKeyType *string `type:"string" enum:"ContextKeyTypeEnum"`
18767
18768	// The value (or values, if the condition context key supports multiple values)
18769	// to provide to the simulation when the key is referenced by a Condition element
18770	// in an input policy.
18771	ContextKeyValues []*string `type:"list"`
18772}
18773
18774// String returns the string representation.
18775//
18776// API parameter values that are decorated as "sensitive" in the API will not
18777// be included in the string output. The member name will be present, but the
18778// value will be replaced with "sensitive".
18779func (s ContextEntry) String() string {
18780	return awsutil.Prettify(s)
18781}
18782
18783// GoString returns the string representation.
18784//
18785// API parameter values that are decorated as "sensitive" in the API will not
18786// be included in the string output. The member name will be present, but the
18787// value will be replaced with "sensitive".
18788func (s ContextEntry) GoString() string {
18789	return s.String()
18790}
18791
18792// Validate inspects the fields of the type to determine if they are valid.
18793func (s *ContextEntry) Validate() error {
18794	invalidParams := request.ErrInvalidParams{Context: "ContextEntry"}
18795	if s.ContextKeyName != nil && len(*s.ContextKeyName) < 5 {
18796		invalidParams.Add(request.NewErrParamMinLen("ContextKeyName", 5))
18797	}
18798
18799	if invalidParams.Len() > 0 {
18800		return invalidParams
18801	}
18802	return nil
18803}
18804
18805// SetContextKeyName sets the ContextKeyName field's value.
18806func (s *ContextEntry) SetContextKeyName(v string) *ContextEntry {
18807	s.ContextKeyName = &v
18808	return s
18809}
18810
18811// SetContextKeyType sets the ContextKeyType field's value.
18812func (s *ContextEntry) SetContextKeyType(v string) *ContextEntry {
18813	s.ContextKeyType = &v
18814	return s
18815}
18816
18817// SetContextKeyValues sets the ContextKeyValues field's value.
18818func (s *ContextEntry) SetContextKeyValues(v []*string) *ContextEntry {
18819	s.ContextKeyValues = v
18820	return s
18821}
18822
18823type CreateAccessKeyInput struct {
18824	_ struct{} `type:"structure"`
18825
18826	// The name of the IAM user that the new key will belong to.
18827	//
18828	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
18829	// a string of characters consisting of upper and lowercase alphanumeric characters
18830	// with no spaces. You can also include any of the following characters: _+=,.@-
18831	UserName *string `min:"1" type:"string"`
18832}
18833
18834// String returns the string representation.
18835//
18836// API parameter values that are decorated as "sensitive" in the API will not
18837// be included in the string output. The member name will be present, but the
18838// value will be replaced with "sensitive".
18839func (s CreateAccessKeyInput) String() string {
18840	return awsutil.Prettify(s)
18841}
18842
18843// GoString returns the string representation.
18844//
18845// API parameter values that are decorated as "sensitive" in the API will not
18846// be included in the string output. The member name will be present, but the
18847// value will be replaced with "sensitive".
18848func (s CreateAccessKeyInput) GoString() string {
18849	return s.String()
18850}
18851
18852// Validate inspects the fields of the type to determine if they are valid.
18853func (s *CreateAccessKeyInput) Validate() error {
18854	invalidParams := request.ErrInvalidParams{Context: "CreateAccessKeyInput"}
18855	if s.UserName != nil && len(*s.UserName) < 1 {
18856		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
18857	}
18858
18859	if invalidParams.Len() > 0 {
18860		return invalidParams
18861	}
18862	return nil
18863}
18864
18865// SetUserName sets the UserName field's value.
18866func (s *CreateAccessKeyInput) SetUserName(v string) *CreateAccessKeyInput {
18867	s.UserName = &v
18868	return s
18869}
18870
18871// Contains the response to a successful CreateAccessKey request.
18872type CreateAccessKeyOutput struct {
18873	_ struct{} `type:"structure"`
18874
18875	// A structure with details about the access key.
18876	//
18877	// AccessKey is a required field
18878	AccessKey *AccessKey `type:"structure" required:"true"`
18879}
18880
18881// String returns the string representation.
18882//
18883// API parameter values that are decorated as "sensitive" in the API will not
18884// be included in the string output. The member name will be present, but the
18885// value will be replaced with "sensitive".
18886func (s CreateAccessKeyOutput) String() string {
18887	return awsutil.Prettify(s)
18888}
18889
18890// GoString returns the string representation.
18891//
18892// API parameter values that are decorated as "sensitive" in the API will not
18893// be included in the string output. The member name will be present, but the
18894// value will be replaced with "sensitive".
18895func (s CreateAccessKeyOutput) GoString() string {
18896	return s.String()
18897}
18898
18899// SetAccessKey sets the AccessKey field's value.
18900func (s *CreateAccessKeyOutput) SetAccessKey(v *AccessKey) *CreateAccessKeyOutput {
18901	s.AccessKey = v
18902	return s
18903}
18904
18905type CreateAccountAliasInput struct {
18906	_ struct{} `type:"structure"`
18907
18908	// The account alias to create.
18909	//
18910	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
18911	// a string of characters consisting of lowercase letters, digits, and dashes.
18912	// You cannot start or finish with a dash, nor can you have two dashes in a
18913	// row.
18914	//
18915	// AccountAlias is a required field
18916	AccountAlias *string `min:"3" type:"string" required:"true"`
18917}
18918
18919// String returns the string representation.
18920//
18921// API parameter values that are decorated as "sensitive" in the API will not
18922// be included in the string output. The member name will be present, but the
18923// value will be replaced with "sensitive".
18924func (s CreateAccountAliasInput) String() string {
18925	return awsutil.Prettify(s)
18926}
18927
18928// GoString returns the string representation.
18929//
18930// API parameter values that are decorated as "sensitive" in the API will not
18931// be included in the string output. The member name will be present, but the
18932// value will be replaced with "sensitive".
18933func (s CreateAccountAliasInput) GoString() string {
18934	return s.String()
18935}
18936
18937// Validate inspects the fields of the type to determine if they are valid.
18938func (s *CreateAccountAliasInput) Validate() error {
18939	invalidParams := request.ErrInvalidParams{Context: "CreateAccountAliasInput"}
18940	if s.AccountAlias == nil {
18941		invalidParams.Add(request.NewErrParamRequired("AccountAlias"))
18942	}
18943	if s.AccountAlias != nil && len(*s.AccountAlias) < 3 {
18944		invalidParams.Add(request.NewErrParamMinLen("AccountAlias", 3))
18945	}
18946
18947	if invalidParams.Len() > 0 {
18948		return invalidParams
18949	}
18950	return nil
18951}
18952
18953// SetAccountAlias sets the AccountAlias field's value.
18954func (s *CreateAccountAliasInput) SetAccountAlias(v string) *CreateAccountAliasInput {
18955	s.AccountAlias = &v
18956	return s
18957}
18958
18959type CreateAccountAliasOutput struct {
18960	_ struct{} `type:"structure"`
18961}
18962
18963// String returns the string representation.
18964//
18965// API parameter values that are decorated as "sensitive" in the API will not
18966// be included in the string output. The member name will be present, but the
18967// value will be replaced with "sensitive".
18968func (s CreateAccountAliasOutput) String() string {
18969	return awsutil.Prettify(s)
18970}
18971
18972// GoString returns the string representation.
18973//
18974// API parameter values that are decorated as "sensitive" in the API will not
18975// be included in the string output. The member name will be present, but the
18976// value will be replaced with "sensitive".
18977func (s CreateAccountAliasOutput) GoString() string {
18978	return s.String()
18979}
18980
18981type CreateGroupInput struct {
18982	_ struct{} `type:"structure"`
18983
18984	// The name of the group to create. Do not include the path in this value.
18985	//
18986	// IAM user, group, role, and policy names must be unique within the account.
18987	// Names are not distinguished by case. For example, you cannot create resources
18988	// named both "MyResource" and "myresource".
18989	//
18990	// GroupName is a required field
18991	GroupName *string `min:"1" type:"string" required:"true"`
18992
18993	// The path to the group. For more information about paths, see IAM identifiers
18994	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
18995	// in the IAM User Guide.
18996	//
18997	// This parameter is optional. If it is not included, it defaults to a slash
18998	// (/).
18999	//
19000	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
19001	// a string of characters consisting of either a forward slash (/) by itself
19002	// or a string that must begin and end with forward slashes. In addition, it
19003	// can contain any ASCII character from the ! (\u0021) through the DEL character
19004	// (\u007F), including most punctuation characters, digits, and upper and lowercased
19005	// letters.
19006	Path *string `min:"1" type:"string"`
19007}
19008
19009// String returns the string representation.
19010//
19011// API parameter values that are decorated as "sensitive" in the API will not
19012// be included in the string output. The member name will be present, but the
19013// value will be replaced with "sensitive".
19014func (s CreateGroupInput) String() string {
19015	return awsutil.Prettify(s)
19016}
19017
19018// GoString returns the string representation.
19019//
19020// API parameter values that are decorated as "sensitive" in the API will not
19021// be included in the string output. The member name will be present, but the
19022// value will be replaced with "sensitive".
19023func (s CreateGroupInput) GoString() string {
19024	return s.String()
19025}
19026
19027// Validate inspects the fields of the type to determine if they are valid.
19028func (s *CreateGroupInput) Validate() error {
19029	invalidParams := request.ErrInvalidParams{Context: "CreateGroupInput"}
19030	if s.GroupName == nil {
19031		invalidParams.Add(request.NewErrParamRequired("GroupName"))
19032	}
19033	if s.GroupName != nil && len(*s.GroupName) < 1 {
19034		invalidParams.Add(request.NewErrParamMinLen("GroupName", 1))
19035	}
19036	if s.Path != nil && len(*s.Path) < 1 {
19037		invalidParams.Add(request.NewErrParamMinLen("Path", 1))
19038	}
19039
19040	if invalidParams.Len() > 0 {
19041		return invalidParams
19042	}
19043	return nil
19044}
19045
19046// SetGroupName sets the GroupName field's value.
19047func (s *CreateGroupInput) SetGroupName(v string) *CreateGroupInput {
19048	s.GroupName = &v
19049	return s
19050}
19051
19052// SetPath sets the Path field's value.
19053func (s *CreateGroupInput) SetPath(v string) *CreateGroupInput {
19054	s.Path = &v
19055	return s
19056}
19057
19058// Contains the response to a successful CreateGroup request.
19059type CreateGroupOutput struct {
19060	_ struct{} `type:"structure"`
19061
19062	// A structure containing details about the new group.
19063	//
19064	// Group is a required field
19065	Group *Group `type:"structure" required:"true"`
19066}
19067
19068// String returns the string representation.
19069//
19070// API parameter values that are decorated as "sensitive" in the API will not
19071// be included in the string output. The member name will be present, but the
19072// value will be replaced with "sensitive".
19073func (s CreateGroupOutput) String() string {
19074	return awsutil.Prettify(s)
19075}
19076
19077// GoString returns the string representation.
19078//
19079// API parameter values that are decorated as "sensitive" in the API will not
19080// be included in the string output. The member name will be present, but the
19081// value will be replaced with "sensitive".
19082func (s CreateGroupOutput) GoString() string {
19083	return s.String()
19084}
19085
19086// SetGroup sets the Group field's value.
19087func (s *CreateGroupOutput) SetGroup(v *Group) *CreateGroupOutput {
19088	s.Group = v
19089	return s
19090}
19091
19092type CreateInstanceProfileInput struct {
19093	_ struct{} `type:"structure"`
19094
19095	// The name of the instance profile to create.
19096	//
19097	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
19098	// a string of characters consisting of upper and lowercase alphanumeric characters
19099	// with no spaces. You can also include any of the following characters: _+=,.@-
19100	//
19101	// InstanceProfileName is a required field
19102	InstanceProfileName *string `min:"1" type:"string" required:"true"`
19103
19104	// The path to the instance profile. For more information about paths, see IAM
19105	// Identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
19106	// in the IAM User Guide.
19107	//
19108	// This parameter is optional. If it is not included, it defaults to a slash
19109	// (/).
19110	//
19111	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
19112	// a string of characters consisting of either a forward slash (/) by itself
19113	// or a string that must begin and end with forward slashes. In addition, it
19114	// can contain any ASCII character from the ! (\u0021) through the DEL character
19115	// (\u007F), including most punctuation characters, digits, and upper and lowercased
19116	// letters.
19117	Path *string `min:"1" type:"string"`
19118
19119	// A list of tags that you want to attach to the newly created IAM instance
19120	// profile. Each tag consists of a key name and an associated value. For more
19121	// information about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
19122	// in the IAM User Guide.
19123	//
19124	// If any one of the tags is invalid or if you exceed the allowed maximum number
19125	// of tags, then the entire request fails and the resource is not created.
19126	Tags []*Tag `type:"list"`
19127}
19128
19129// String returns the string representation.
19130//
19131// API parameter values that are decorated as "sensitive" in the API will not
19132// be included in the string output. The member name will be present, but the
19133// value will be replaced with "sensitive".
19134func (s CreateInstanceProfileInput) String() string {
19135	return awsutil.Prettify(s)
19136}
19137
19138// GoString returns the string representation.
19139//
19140// API parameter values that are decorated as "sensitive" in the API will not
19141// be included in the string output. The member name will be present, but the
19142// value will be replaced with "sensitive".
19143func (s CreateInstanceProfileInput) GoString() string {
19144	return s.String()
19145}
19146
19147// Validate inspects the fields of the type to determine if they are valid.
19148func (s *CreateInstanceProfileInput) Validate() error {
19149	invalidParams := request.ErrInvalidParams{Context: "CreateInstanceProfileInput"}
19150	if s.InstanceProfileName == nil {
19151		invalidParams.Add(request.NewErrParamRequired("InstanceProfileName"))
19152	}
19153	if s.InstanceProfileName != nil && len(*s.InstanceProfileName) < 1 {
19154		invalidParams.Add(request.NewErrParamMinLen("InstanceProfileName", 1))
19155	}
19156	if s.Path != nil && len(*s.Path) < 1 {
19157		invalidParams.Add(request.NewErrParamMinLen("Path", 1))
19158	}
19159	if s.Tags != nil {
19160		for i, v := range s.Tags {
19161			if v == nil {
19162				continue
19163			}
19164			if err := v.Validate(); err != nil {
19165				invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Tags", i), err.(request.ErrInvalidParams))
19166			}
19167		}
19168	}
19169
19170	if invalidParams.Len() > 0 {
19171		return invalidParams
19172	}
19173	return nil
19174}
19175
19176// SetInstanceProfileName sets the InstanceProfileName field's value.
19177func (s *CreateInstanceProfileInput) SetInstanceProfileName(v string) *CreateInstanceProfileInput {
19178	s.InstanceProfileName = &v
19179	return s
19180}
19181
19182// SetPath sets the Path field's value.
19183func (s *CreateInstanceProfileInput) SetPath(v string) *CreateInstanceProfileInput {
19184	s.Path = &v
19185	return s
19186}
19187
19188// SetTags sets the Tags field's value.
19189func (s *CreateInstanceProfileInput) SetTags(v []*Tag) *CreateInstanceProfileInput {
19190	s.Tags = v
19191	return s
19192}
19193
19194// Contains the response to a successful CreateInstanceProfile request.
19195type CreateInstanceProfileOutput struct {
19196	_ struct{} `type:"structure"`
19197
19198	// A structure containing details about the new instance profile.
19199	//
19200	// InstanceProfile is a required field
19201	InstanceProfile *InstanceProfile `type:"structure" required:"true"`
19202}
19203
19204// String returns the string representation.
19205//
19206// API parameter values that are decorated as "sensitive" in the API will not
19207// be included in the string output. The member name will be present, but the
19208// value will be replaced with "sensitive".
19209func (s CreateInstanceProfileOutput) String() string {
19210	return awsutil.Prettify(s)
19211}
19212
19213// GoString returns the string representation.
19214//
19215// API parameter values that are decorated as "sensitive" in the API will not
19216// be included in the string output. The member name will be present, but the
19217// value will be replaced with "sensitive".
19218func (s CreateInstanceProfileOutput) GoString() string {
19219	return s.String()
19220}
19221
19222// SetInstanceProfile sets the InstanceProfile field's value.
19223func (s *CreateInstanceProfileOutput) SetInstanceProfile(v *InstanceProfile) *CreateInstanceProfileOutput {
19224	s.InstanceProfile = v
19225	return s
19226}
19227
19228type CreateLoginProfileInput struct {
19229	_ struct{} `type:"structure"`
19230
19231	// The new password for the user.
19232	//
19233	// The regex pattern (http://wikipedia.org/wiki/regex) that is used to validate
19234	// this parameter is a string of characters. That string can include almost
19235	// any printable ASCII character from the space (\u0020) through the end of
19236	// the ASCII character range (\u00FF). You can also include the tab (\u0009),
19237	// line feed (\u000A), and carriage return (\u000D) characters. Any of these
19238	// characters are valid in a password. However, many tools, such as the Amazon
19239	// Web Services Management Console, might restrict the ability to type certain
19240	// characters because they have special meaning within that tool.
19241	//
19242	// Password is a sensitive parameter and its value will be
19243	// replaced with "sensitive" in string returned by CreateLoginProfileInput's
19244	// String and GoString methods.
19245	//
19246	// Password is a required field
19247	Password *string `min:"1" type:"string" required:"true" sensitive:"true"`
19248
19249	// Specifies whether the user is required to set a new password on next sign-in.
19250	PasswordResetRequired *bool `type:"boolean"`
19251
19252	// The name of the IAM user to create a password for. The user must already
19253	// exist.
19254	//
19255	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
19256	// a string of characters consisting of upper and lowercase alphanumeric characters
19257	// with no spaces. You can also include any of the following characters: _+=,.@-
19258	//
19259	// UserName is a required field
19260	UserName *string `min:"1" type:"string" required:"true"`
19261}
19262
19263// String returns the string representation.
19264//
19265// API parameter values that are decorated as "sensitive" in the API will not
19266// be included in the string output. The member name will be present, but the
19267// value will be replaced with "sensitive".
19268func (s CreateLoginProfileInput) String() string {
19269	return awsutil.Prettify(s)
19270}
19271
19272// GoString returns the string representation.
19273//
19274// API parameter values that are decorated as "sensitive" in the API will not
19275// be included in the string output. The member name will be present, but the
19276// value will be replaced with "sensitive".
19277func (s CreateLoginProfileInput) GoString() string {
19278	return s.String()
19279}
19280
19281// Validate inspects the fields of the type to determine if they are valid.
19282func (s *CreateLoginProfileInput) Validate() error {
19283	invalidParams := request.ErrInvalidParams{Context: "CreateLoginProfileInput"}
19284	if s.Password == nil {
19285		invalidParams.Add(request.NewErrParamRequired("Password"))
19286	}
19287	if s.Password != nil && len(*s.Password) < 1 {
19288		invalidParams.Add(request.NewErrParamMinLen("Password", 1))
19289	}
19290	if s.UserName == nil {
19291		invalidParams.Add(request.NewErrParamRequired("UserName"))
19292	}
19293	if s.UserName != nil && len(*s.UserName) < 1 {
19294		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
19295	}
19296
19297	if invalidParams.Len() > 0 {
19298		return invalidParams
19299	}
19300	return nil
19301}
19302
19303// SetPassword sets the Password field's value.
19304func (s *CreateLoginProfileInput) SetPassword(v string) *CreateLoginProfileInput {
19305	s.Password = &v
19306	return s
19307}
19308
19309// SetPasswordResetRequired sets the PasswordResetRequired field's value.
19310func (s *CreateLoginProfileInput) SetPasswordResetRequired(v bool) *CreateLoginProfileInput {
19311	s.PasswordResetRequired = &v
19312	return s
19313}
19314
19315// SetUserName sets the UserName field's value.
19316func (s *CreateLoginProfileInput) SetUserName(v string) *CreateLoginProfileInput {
19317	s.UserName = &v
19318	return s
19319}
19320
19321// Contains the response to a successful CreateLoginProfile request.
19322type CreateLoginProfileOutput struct {
19323	_ struct{} `type:"structure"`
19324
19325	// A structure containing the user name and password create date.
19326	//
19327	// LoginProfile is a required field
19328	LoginProfile *LoginProfile `type:"structure" required:"true"`
19329}
19330
19331// String returns the string representation.
19332//
19333// API parameter values that are decorated as "sensitive" in the API will not
19334// be included in the string output. The member name will be present, but the
19335// value will be replaced with "sensitive".
19336func (s CreateLoginProfileOutput) String() string {
19337	return awsutil.Prettify(s)
19338}
19339
19340// GoString returns the string representation.
19341//
19342// API parameter values that are decorated as "sensitive" in the API will not
19343// be included in the string output. The member name will be present, but the
19344// value will be replaced with "sensitive".
19345func (s CreateLoginProfileOutput) GoString() string {
19346	return s.String()
19347}
19348
19349// SetLoginProfile sets the LoginProfile field's value.
19350func (s *CreateLoginProfileOutput) SetLoginProfile(v *LoginProfile) *CreateLoginProfileOutput {
19351	s.LoginProfile = v
19352	return s
19353}
19354
19355type CreateOpenIDConnectProviderInput struct {
19356	_ struct{} `type:"structure"`
19357
19358	// Provides a list of client IDs, also known as audiences. When a mobile or
19359	// web app registers with an OpenID Connect provider, they establish a value
19360	// that identifies the application. This is the value that's sent as the client_id
19361	// parameter on OAuth requests.
19362	//
19363	// You can register multiple client IDs with the same provider. For example,
19364	// you might have multiple applications that use the same OIDC provider. You
19365	// cannot register more than 100 client IDs with a single IAM OIDC provider.
19366	//
19367	// There is no defined format for a client ID. The CreateOpenIDConnectProviderRequest
19368	// operation accepts client IDs up to 255 characters long.
19369	ClientIDList []*string `type:"list"`
19370
19371	// A list of tags that you want to attach to the new IAM OpenID Connect (OIDC)
19372	// provider. Each tag consists of a key name and an associated value. For more
19373	// information about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
19374	// in the IAM User Guide.
19375	//
19376	// If any one of the tags is invalid or if you exceed the allowed maximum number
19377	// of tags, then the entire request fails and the resource is not created.
19378	Tags []*Tag `type:"list"`
19379
19380	// A list of server certificate thumbprints for the OpenID Connect (OIDC) identity
19381	// provider's server certificates. Typically this list includes only one entry.
19382	// However, IAM lets you have up to five thumbprints for an OIDC provider. This
19383	// lets you maintain multiple thumbprints if the identity provider is rotating
19384	// certificates.
19385	//
19386	// The server certificate thumbprint is the hex-encoded SHA-1 hash value of
19387	// the X.509 certificate used by the domain where the OpenID Connect provider
19388	// makes its keys available. It is always a 40-character string.
19389	//
19390	// You must provide at least one thumbprint when creating an IAM OIDC provider.
19391	// For example, assume that the OIDC provider is server.example.com and the
19392	// provider stores its keys at https://keys.server.example.com/openid-connect.
19393	// In that case, the thumbprint string would be the hex-encoded SHA-1 hash value
19394	// of the certificate used by https://keys.server.example.com.
19395	//
19396	// For more information about obtaining the OIDC provider thumbprint, see Obtaining
19397	// the thumbprint for an OpenID Connect provider (https://docs.aws.amazon.com/IAM/latest/UserGuide/identity-providers-oidc-obtain-thumbprint.html)
19398	// in the IAM User Guide.
19399	//
19400	// ThumbprintList is a required field
19401	ThumbprintList []*string `type:"list" required:"true"`
19402
19403	// The URL of the identity provider. The URL must begin with https:// and should
19404	// correspond to the iss claim in the provider's OpenID Connect ID tokens. Per
19405	// the OIDC standard, path components are allowed but query parameters are not.
19406	// Typically the URL consists of only a hostname, like https://server.example.org
19407	// or https://example.com. The URL should not contain a port number.
19408	//
19409	// You cannot register the same provider multiple times in a single Amazon Web
19410	// Services account. If you try to submit a URL that has already been used for
19411	// an OpenID Connect provider in the Amazon Web Services account, you will get
19412	// an error.
19413	//
19414	// Url is a required field
19415	Url *string `min:"1" type:"string" required:"true"`
19416}
19417
19418// String returns the string representation.
19419//
19420// API parameter values that are decorated as "sensitive" in the API will not
19421// be included in the string output. The member name will be present, but the
19422// value will be replaced with "sensitive".
19423func (s CreateOpenIDConnectProviderInput) String() string {
19424	return awsutil.Prettify(s)
19425}
19426
19427// GoString returns the string representation.
19428//
19429// API parameter values that are decorated as "sensitive" in the API will not
19430// be included in the string output. The member name will be present, but the
19431// value will be replaced with "sensitive".
19432func (s CreateOpenIDConnectProviderInput) GoString() string {
19433	return s.String()
19434}
19435
19436// Validate inspects the fields of the type to determine if they are valid.
19437func (s *CreateOpenIDConnectProviderInput) Validate() error {
19438	invalidParams := request.ErrInvalidParams{Context: "CreateOpenIDConnectProviderInput"}
19439	if s.ThumbprintList == nil {
19440		invalidParams.Add(request.NewErrParamRequired("ThumbprintList"))
19441	}
19442	if s.Url == nil {
19443		invalidParams.Add(request.NewErrParamRequired("Url"))
19444	}
19445	if s.Url != nil && len(*s.Url) < 1 {
19446		invalidParams.Add(request.NewErrParamMinLen("Url", 1))
19447	}
19448	if s.Tags != nil {
19449		for i, v := range s.Tags {
19450			if v == nil {
19451				continue
19452			}
19453			if err := v.Validate(); err != nil {
19454				invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Tags", i), err.(request.ErrInvalidParams))
19455			}
19456		}
19457	}
19458
19459	if invalidParams.Len() > 0 {
19460		return invalidParams
19461	}
19462	return nil
19463}
19464
19465// SetClientIDList sets the ClientIDList field's value.
19466func (s *CreateOpenIDConnectProviderInput) SetClientIDList(v []*string) *CreateOpenIDConnectProviderInput {
19467	s.ClientIDList = v
19468	return s
19469}
19470
19471// SetTags sets the Tags field's value.
19472func (s *CreateOpenIDConnectProviderInput) SetTags(v []*Tag) *CreateOpenIDConnectProviderInput {
19473	s.Tags = v
19474	return s
19475}
19476
19477// SetThumbprintList sets the ThumbprintList field's value.
19478func (s *CreateOpenIDConnectProviderInput) SetThumbprintList(v []*string) *CreateOpenIDConnectProviderInput {
19479	s.ThumbprintList = v
19480	return s
19481}
19482
19483// SetUrl sets the Url field's value.
19484func (s *CreateOpenIDConnectProviderInput) SetUrl(v string) *CreateOpenIDConnectProviderInput {
19485	s.Url = &v
19486	return s
19487}
19488
19489// Contains the response to a successful CreateOpenIDConnectProvider request.
19490type CreateOpenIDConnectProviderOutput struct {
19491	_ struct{} `type:"structure"`
19492
19493	// The Amazon Resource Name (ARN) of the new IAM OpenID Connect provider that
19494	// is created. For more information, see OpenIDConnectProviderListEntry.
19495	OpenIDConnectProviderArn *string `min:"20" type:"string"`
19496
19497	// A list of tags that are attached to the new IAM OIDC provider. The returned
19498	// list of tags is sorted by tag key. For more information about tagging, see
19499	// Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
19500	// in the IAM User Guide.
19501	Tags []*Tag `type:"list"`
19502}
19503
19504// String returns the string representation.
19505//
19506// API parameter values that are decorated as "sensitive" in the API will not
19507// be included in the string output. The member name will be present, but the
19508// value will be replaced with "sensitive".
19509func (s CreateOpenIDConnectProviderOutput) String() string {
19510	return awsutil.Prettify(s)
19511}
19512
19513// GoString returns the string representation.
19514//
19515// API parameter values that are decorated as "sensitive" in the API will not
19516// be included in the string output. The member name will be present, but the
19517// value will be replaced with "sensitive".
19518func (s CreateOpenIDConnectProviderOutput) GoString() string {
19519	return s.String()
19520}
19521
19522// SetOpenIDConnectProviderArn sets the OpenIDConnectProviderArn field's value.
19523func (s *CreateOpenIDConnectProviderOutput) SetOpenIDConnectProviderArn(v string) *CreateOpenIDConnectProviderOutput {
19524	s.OpenIDConnectProviderArn = &v
19525	return s
19526}
19527
19528// SetTags sets the Tags field's value.
19529func (s *CreateOpenIDConnectProviderOutput) SetTags(v []*Tag) *CreateOpenIDConnectProviderOutput {
19530	s.Tags = v
19531	return s
19532}
19533
19534type CreatePolicyInput struct {
19535	_ struct{} `type:"structure"`
19536
19537	// A friendly description of the policy.
19538	//
19539	// Typically used to store information about the permissions defined in the
19540	// policy. For example, "Grants access to production DynamoDB tables."
19541	//
19542	// The policy description is immutable. After a value is assigned, it cannot
19543	// be changed.
19544	Description *string `type:"string"`
19545
19546	// The path for the policy.
19547	//
19548	// For more information about paths, see IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
19549	// in the IAM User Guide.
19550	//
19551	// This parameter is optional. If it is not included, it defaults to a slash
19552	// (/).
19553	//
19554	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
19555	// a string of characters consisting of either a forward slash (/) by itself
19556	// or a string that must begin and end with forward slashes. In addition, it
19557	// can contain any ASCII character from the ! (\u0021) through the DEL character
19558	// (\u007F), including most punctuation characters, digits, and upper and lowercased
19559	// letters.
19560	//
19561	// You cannot use an asterisk (*) in the path name.
19562	Path *string `min:"1" type:"string"`
19563
19564	// The JSON policy document that you want to use as the content for the new
19565	// policy.
19566	//
19567	// You must provide policies in JSON format in IAM. However, for CloudFormation
19568	// templates formatted in YAML, you can provide the policy in JSON or YAML format.
19569	// CloudFormation always converts a YAML policy to JSON format before submitting
19570	// it to IAM.
19571	//
19572	// The maximum length of the policy document that you can pass in this operation,
19573	// including whitespace, is listed below. To view the maximum character counts
19574	// of a managed policy with no whitespaces, see IAM and STS character quotas
19575	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html#reference_iam-quotas-entity-length).
19576	//
19577	// To learn more about JSON policy grammar, see Grammar of the IAM JSON policy
19578	// language (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_grammar.html)
19579	// in the IAM User Guide.
19580	//
19581	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
19582	// parameter is a string of characters consisting of the following:
19583	//
19584	//    * Any printable ASCII character ranging from the space character (\u0020)
19585	//    through the end of the ASCII character range
19586	//
19587	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
19588	//    set (through \u00FF)
19589	//
19590	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
19591	//    return (\u000D)
19592	//
19593	// PolicyDocument is a required field
19594	PolicyDocument *string `min:"1" type:"string" required:"true"`
19595
19596	// The friendly name of the policy.
19597	//
19598	// IAM user, group, role, and policy names must be unique within the account.
19599	// Names are not distinguished by case. For example, you cannot create resources
19600	// named both "MyResource" and "myresource".
19601	//
19602	// PolicyName is a required field
19603	PolicyName *string `min:"1" type:"string" required:"true"`
19604
19605	// A list of tags that you want to attach to the new IAM customer managed policy.
19606	// Each tag consists of a key name and an associated value. For more information
19607	// about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
19608	// in the IAM User Guide.
19609	//
19610	// If any one of the tags is invalid or if you exceed the allowed maximum number
19611	// of tags, then the entire request fails and the resource is not created.
19612	Tags []*Tag `type:"list"`
19613}
19614
19615// String returns the string representation.
19616//
19617// API parameter values that are decorated as "sensitive" in the API will not
19618// be included in the string output. The member name will be present, but the
19619// value will be replaced with "sensitive".
19620func (s CreatePolicyInput) String() string {
19621	return awsutil.Prettify(s)
19622}
19623
19624// GoString returns the string representation.
19625//
19626// API parameter values that are decorated as "sensitive" in the API will not
19627// be included in the string output. The member name will be present, but the
19628// value will be replaced with "sensitive".
19629func (s CreatePolicyInput) GoString() string {
19630	return s.String()
19631}
19632
19633// Validate inspects the fields of the type to determine if they are valid.
19634func (s *CreatePolicyInput) Validate() error {
19635	invalidParams := request.ErrInvalidParams{Context: "CreatePolicyInput"}
19636	if s.Path != nil && len(*s.Path) < 1 {
19637		invalidParams.Add(request.NewErrParamMinLen("Path", 1))
19638	}
19639	if s.PolicyDocument == nil {
19640		invalidParams.Add(request.NewErrParamRequired("PolicyDocument"))
19641	}
19642	if s.PolicyDocument != nil && len(*s.PolicyDocument) < 1 {
19643		invalidParams.Add(request.NewErrParamMinLen("PolicyDocument", 1))
19644	}
19645	if s.PolicyName == nil {
19646		invalidParams.Add(request.NewErrParamRequired("PolicyName"))
19647	}
19648	if s.PolicyName != nil && len(*s.PolicyName) < 1 {
19649		invalidParams.Add(request.NewErrParamMinLen("PolicyName", 1))
19650	}
19651	if s.Tags != nil {
19652		for i, v := range s.Tags {
19653			if v == nil {
19654				continue
19655			}
19656			if err := v.Validate(); err != nil {
19657				invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Tags", i), err.(request.ErrInvalidParams))
19658			}
19659		}
19660	}
19661
19662	if invalidParams.Len() > 0 {
19663		return invalidParams
19664	}
19665	return nil
19666}
19667
19668// SetDescription sets the Description field's value.
19669func (s *CreatePolicyInput) SetDescription(v string) *CreatePolicyInput {
19670	s.Description = &v
19671	return s
19672}
19673
19674// SetPath sets the Path field's value.
19675func (s *CreatePolicyInput) SetPath(v string) *CreatePolicyInput {
19676	s.Path = &v
19677	return s
19678}
19679
19680// SetPolicyDocument sets the PolicyDocument field's value.
19681func (s *CreatePolicyInput) SetPolicyDocument(v string) *CreatePolicyInput {
19682	s.PolicyDocument = &v
19683	return s
19684}
19685
19686// SetPolicyName sets the PolicyName field's value.
19687func (s *CreatePolicyInput) SetPolicyName(v string) *CreatePolicyInput {
19688	s.PolicyName = &v
19689	return s
19690}
19691
19692// SetTags sets the Tags field's value.
19693func (s *CreatePolicyInput) SetTags(v []*Tag) *CreatePolicyInput {
19694	s.Tags = v
19695	return s
19696}
19697
19698// Contains the response to a successful CreatePolicy request.
19699type CreatePolicyOutput struct {
19700	_ struct{} `type:"structure"`
19701
19702	// A structure containing details about the new policy.
19703	Policy *Policy `type:"structure"`
19704}
19705
19706// String returns the string representation.
19707//
19708// API parameter values that are decorated as "sensitive" in the API will not
19709// be included in the string output. The member name will be present, but the
19710// value will be replaced with "sensitive".
19711func (s CreatePolicyOutput) String() string {
19712	return awsutil.Prettify(s)
19713}
19714
19715// GoString returns the string representation.
19716//
19717// API parameter values that are decorated as "sensitive" in the API will not
19718// be included in the string output. The member name will be present, but the
19719// value will be replaced with "sensitive".
19720func (s CreatePolicyOutput) GoString() string {
19721	return s.String()
19722}
19723
19724// SetPolicy sets the Policy field's value.
19725func (s *CreatePolicyOutput) SetPolicy(v *Policy) *CreatePolicyOutput {
19726	s.Policy = v
19727	return s
19728}
19729
19730type CreatePolicyVersionInput struct {
19731	_ struct{} `type:"structure"`
19732
19733	// The Amazon Resource Name (ARN) of the IAM policy to which you want to add
19734	// a new version.
19735	//
19736	// For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
19737	// in the Amazon Web Services General Reference.
19738	//
19739	// PolicyArn is a required field
19740	PolicyArn *string `min:"20" type:"string" required:"true"`
19741
19742	// The JSON policy document that you want to use as the content for this new
19743	// version of the policy.
19744	//
19745	// You must provide policies in JSON format in IAM. However, for CloudFormation
19746	// templates formatted in YAML, you can provide the policy in JSON or YAML format.
19747	// CloudFormation always converts a YAML policy to JSON format before submitting
19748	// it to IAM.
19749	//
19750	// The maximum length of the policy document that you can pass in this operation,
19751	// including whitespace, is listed below. To view the maximum character counts
19752	// of a managed policy with no whitespaces, see IAM and STS character quotas
19753	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html#reference_iam-quotas-entity-length).
19754	//
19755	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
19756	// parameter is a string of characters consisting of the following:
19757	//
19758	//    * Any printable ASCII character ranging from the space character (\u0020)
19759	//    through the end of the ASCII character range
19760	//
19761	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
19762	//    set (through \u00FF)
19763	//
19764	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
19765	//    return (\u000D)
19766	//
19767	// PolicyDocument is a required field
19768	PolicyDocument *string `min:"1" type:"string" required:"true"`
19769
19770	// Specifies whether to set this version as the policy's default version.
19771	//
19772	// When this parameter is true, the new policy version becomes the operative
19773	// version. That is, it becomes the version that is in effect for the IAM users,
19774	// groups, and roles that the policy is attached to.
19775	//
19776	// For more information about managed policy versions, see Versioning for managed
19777	// policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-versions.html)
19778	// in the IAM User Guide.
19779	SetAsDefault *bool `type:"boolean"`
19780}
19781
19782// String returns the string representation.
19783//
19784// API parameter values that are decorated as "sensitive" in the API will not
19785// be included in the string output. The member name will be present, but the
19786// value will be replaced with "sensitive".
19787func (s CreatePolicyVersionInput) String() string {
19788	return awsutil.Prettify(s)
19789}
19790
19791// GoString returns the string representation.
19792//
19793// API parameter values that are decorated as "sensitive" in the API will not
19794// be included in the string output. The member name will be present, but the
19795// value will be replaced with "sensitive".
19796func (s CreatePolicyVersionInput) GoString() string {
19797	return s.String()
19798}
19799
19800// Validate inspects the fields of the type to determine if they are valid.
19801func (s *CreatePolicyVersionInput) Validate() error {
19802	invalidParams := request.ErrInvalidParams{Context: "CreatePolicyVersionInput"}
19803	if s.PolicyArn == nil {
19804		invalidParams.Add(request.NewErrParamRequired("PolicyArn"))
19805	}
19806	if s.PolicyArn != nil && len(*s.PolicyArn) < 20 {
19807		invalidParams.Add(request.NewErrParamMinLen("PolicyArn", 20))
19808	}
19809	if s.PolicyDocument == nil {
19810		invalidParams.Add(request.NewErrParamRequired("PolicyDocument"))
19811	}
19812	if s.PolicyDocument != nil && len(*s.PolicyDocument) < 1 {
19813		invalidParams.Add(request.NewErrParamMinLen("PolicyDocument", 1))
19814	}
19815
19816	if invalidParams.Len() > 0 {
19817		return invalidParams
19818	}
19819	return nil
19820}
19821
19822// SetPolicyArn sets the PolicyArn field's value.
19823func (s *CreatePolicyVersionInput) SetPolicyArn(v string) *CreatePolicyVersionInput {
19824	s.PolicyArn = &v
19825	return s
19826}
19827
19828// SetPolicyDocument sets the PolicyDocument field's value.
19829func (s *CreatePolicyVersionInput) SetPolicyDocument(v string) *CreatePolicyVersionInput {
19830	s.PolicyDocument = &v
19831	return s
19832}
19833
19834// SetSetAsDefault sets the SetAsDefault field's value.
19835func (s *CreatePolicyVersionInput) SetSetAsDefault(v bool) *CreatePolicyVersionInput {
19836	s.SetAsDefault = &v
19837	return s
19838}
19839
19840// Contains the response to a successful CreatePolicyVersion request.
19841type CreatePolicyVersionOutput struct {
19842	_ struct{} `type:"structure"`
19843
19844	// A structure containing details about the new policy version.
19845	PolicyVersion *PolicyVersion `type:"structure"`
19846}
19847
19848// String returns the string representation.
19849//
19850// API parameter values that are decorated as "sensitive" in the API will not
19851// be included in the string output. The member name will be present, but the
19852// value will be replaced with "sensitive".
19853func (s CreatePolicyVersionOutput) String() string {
19854	return awsutil.Prettify(s)
19855}
19856
19857// GoString returns the string representation.
19858//
19859// API parameter values that are decorated as "sensitive" in the API will not
19860// be included in the string output. The member name will be present, but the
19861// value will be replaced with "sensitive".
19862func (s CreatePolicyVersionOutput) GoString() string {
19863	return s.String()
19864}
19865
19866// SetPolicyVersion sets the PolicyVersion field's value.
19867func (s *CreatePolicyVersionOutput) SetPolicyVersion(v *PolicyVersion) *CreatePolicyVersionOutput {
19868	s.PolicyVersion = v
19869	return s
19870}
19871
19872type CreateRoleInput struct {
19873	_ struct{} `type:"structure"`
19874
19875	// The trust relationship policy document that grants an entity permission to
19876	// assume the role.
19877	//
19878	// In IAM, you must provide a JSON policy that has been converted to a string.
19879	// However, for CloudFormation templates formatted in YAML, you can provide
19880	// the policy in JSON or YAML format. CloudFormation always converts a YAML
19881	// policy to JSON format before submitting it to IAM.
19882	//
19883	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
19884	// parameter is a string of characters consisting of the following:
19885	//
19886	//    * Any printable ASCII character ranging from the space character (\u0020)
19887	//    through the end of the ASCII character range
19888	//
19889	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
19890	//    set (through \u00FF)
19891	//
19892	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
19893	//    return (\u000D)
19894	//
19895	// Upon success, the response includes the same trust policy in JSON format.
19896	//
19897	// AssumeRolePolicyDocument is a required field
19898	AssumeRolePolicyDocument *string `min:"1" type:"string" required:"true"`
19899
19900	// A description of the role.
19901	Description *string `type:"string"`
19902
19903	// The maximum session duration (in seconds) that you want to set for the specified
19904	// role. If you do not specify a value for this setting, the default maximum
19905	// of one hour is applied. This setting can have a value from 1 hour to 12 hours.
19906	//
19907	// Anyone who assumes the role from the or API can use the DurationSeconds API
19908	// parameter or the duration-seconds CLI parameter to request a longer session.
19909	// The MaxSessionDuration setting determines the maximum duration that can be
19910	// requested using the DurationSeconds parameter. If users don't specify a value
19911	// for the DurationSeconds parameter, their security credentials are valid for
19912	// one hour by default. This applies when you use the AssumeRole* API operations
19913	// or the assume-role* CLI operations but does not apply when you use those
19914	// operations to create a console URL. For more information, see Using IAM roles
19915	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use.html) in the
19916	// IAM User Guide.
19917	MaxSessionDuration *int64 `min:"3600" type:"integer"`
19918
19919	// The path to the role. For more information about paths, see IAM Identifiers
19920	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
19921	// in the IAM User Guide.
19922	//
19923	// This parameter is optional. If it is not included, it defaults to a slash
19924	// (/).
19925	//
19926	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
19927	// a string of characters consisting of either a forward slash (/) by itself
19928	// or a string that must begin and end with forward slashes. In addition, it
19929	// can contain any ASCII character from the ! (\u0021) through the DEL character
19930	// (\u007F), including most punctuation characters, digits, and upper and lowercased
19931	// letters.
19932	Path *string `min:"1" type:"string"`
19933
19934	// The ARN of the policy that is used to set the permissions boundary for the
19935	// role.
19936	PermissionsBoundary *string `min:"20" type:"string"`
19937
19938	// The name of the role to create.
19939	//
19940	// IAM user, group, role, and policy names must be unique within the account.
19941	// Names are not distinguished by case. For example, you cannot create resources
19942	// named both "MyResource" and "myresource".
19943	//
19944	// RoleName is a required field
19945	RoleName *string `min:"1" type:"string" required:"true"`
19946
19947	// A list of tags that you want to attach to the new role. Each tag consists
19948	// of a key name and an associated value. For more information about tagging,
19949	// see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
19950	// in the IAM User Guide.
19951	//
19952	// If any one of the tags is invalid or if you exceed the allowed maximum number
19953	// of tags, then the entire request fails and the resource is not created.
19954	Tags []*Tag `type:"list"`
19955}
19956
19957// String returns the string representation.
19958//
19959// API parameter values that are decorated as "sensitive" in the API will not
19960// be included in the string output. The member name will be present, but the
19961// value will be replaced with "sensitive".
19962func (s CreateRoleInput) String() string {
19963	return awsutil.Prettify(s)
19964}
19965
19966// GoString returns the string representation.
19967//
19968// API parameter values that are decorated as "sensitive" in the API will not
19969// be included in the string output. The member name will be present, but the
19970// value will be replaced with "sensitive".
19971func (s CreateRoleInput) GoString() string {
19972	return s.String()
19973}
19974
19975// Validate inspects the fields of the type to determine if they are valid.
19976func (s *CreateRoleInput) Validate() error {
19977	invalidParams := request.ErrInvalidParams{Context: "CreateRoleInput"}
19978	if s.AssumeRolePolicyDocument == nil {
19979		invalidParams.Add(request.NewErrParamRequired("AssumeRolePolicyDocument"))
19980	}
19981	if s.AssumeRolePolicyDocument != nil && len(*s.AssumeRolePolicyDocument) < 1 {
19982		invalidParams.Add(request.NewErrParamMinLen("AssumeRolePolicyDocument", 1))
19983	}
19984	if s.MaxSessionDuration != nil && *s.MaxSessionDuration < 3600 {
19985		invalidParams.Add(request.NewErrParamMinValue("MaxSessionDuration", 3600))
19986	}
19987	if s.Path != nil && len(*s.Path) < 1 {
19988		invalidParams.Add(request.NewErrParamMinLen("Path", 1))
19989	}
19990	if s.PermissionsBoundary != nil && len(*s.PermissionsBoundary) < 20 {
19991		invalidParams.Add(request.NewErrParamMinLen("PermissionsBoundary", 20))
19992	}
19993	if s.RoleName == nil {
19994		invalidParams.Add(request.NewErrParamRequired("RoleName"))
19995	}
19996	if s.RoleName != nil && len(*s.RoleName) < 1 {
19997		invalidParams.Add(request.NewErrParamMinLen("RoleName", 1))
19998	}
19999	if s.Tags != nil {
20000		for i, v := range s.Tags {
20001			if v == nil {
20002				continue
20003			}
20004			if err := v.Validate(); err != nil {
20005				invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Tags", i), err.(request.ErrInvalidParams))
20006			}
20007		}
20008	}
20009
20010	if invalidParams.Len() > 0 {
20011		return invalidParams
20012	}
20013	return nil
20014}
20015
20016// SetAssumeRolePolicyDocument sets the AssumeRolePolicyDocument field's value.
20017func (s *CreateRoleInput) SetAssumeRolePolicyDocument(v string) *CreateRoleInput {
20018	s.AssumeRolePolicyDocument = &v
20019	return s
20020}
20021
20022// SetDescription sets the Description field's value.
20023func (s *CreateRoleInput) SetDescription(v string) *CreateRoleInput {
20024	s.Description = &v
20025	return s
20026}
20027
20028// SetMaxSessionDuration sets the MaxSessionDuration field's value.
20029func (s *CreateRoleInput) SetMaxSessionDuration(v int64) *CreateRoleInput {
20030	s.MaxSessionDuration = &v
20031	return s
20032}
20033
20034// SetPath sets the Path field's value.
20035func (s *CreateRoleInput) SetPath(v string) *CreateRoleInput {
20036	s.Path = &v
20037	return s
20038}
20039
20040// SetPermissionsBoundary sets the PermissionsBoundary field's value.
20041func (s *CreateRoleInput) SetPermissionsBoundary(v string) *CreateRoleInput {
20042	s.PermissionsBoundary = &v
20043	return s
20044}
20045
20046// SetRoleName sets the RoleName field's value.
20047func (s *CreateRoleInput) SetRoleName(v string) *CreateRoleInput {
20048	s.RoleName = &v
20049	return s
20050}
20051
20052// SetTags sets the Tags field's value.
20053func (s *CreateRoleInput) SetTags(v []*Tag) *CreateRoleInput {
20054	s.Tags = v
20055	return s
20056}
20057
20058// Contains the response to a successful CreateRole request.
20059type CreateRoleOutput struct {
20060	_ struct{} `type:"structure"`
20061
20062	// A structure containing details about the new role.
20063	//
20064	// Role is a required field
20065	Role *Role `type:"structure" required:"true"`
20066}
20067
20068// String returns the string representation.
20069//
20070// API parameter values that are decorated as "sensitive" in the API will not
20071// be included in the string output. The member name will be present, but the
20072// value will be replaced with "sensitive".
20073func (s CreateRoleOutput) String() string {
20074	return awsutil.Prettify(s)
20075}
20076
20077// GoString returns the string representation.
20078//
20079// API parameter values that are decorated as "sensitive" in the API will not
20080// be included in the string output. The member name will be present, but the
20081// value will be replaced with "sensitive".
20082func (s CreateRoleOutput) GoString() string {
20083	return s.String()
20084}
20085
20086// SetRole sets the Role field's value.
20087func (s *CreateRoleOutput) SetRole(v *Role) *CreateRoleOutput {
20088	s.Role = v
20089	return s
20090}
20091
20092type CreateSAMLProviderInput struct {
20093	_ struct{} `type:"structure"`
20094
20095	// The name of the provider to create.
20096	//
20097	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
20098	// a string of characters consisting of upper and lowercase alphanumeric characters
20099	// with no spaces. You can also include any of the following characters: _+=,.@-
20100	//
20101	// Name is a required field
20102	Name *string `min:"1" type:"string" required:"true"`
20103
20104	// An XML document generated by an identity provider (IdP) that supports SAML
20105	// 2.0. The document includes the issuer's name, expiration information, and
20106	// keys that can be used to validate the SAML authentication response (assertions)
20107	// that are received from the IdP. You must generate the metadata document using
20108	// the identity management software that is used as your organization's IdP.
20109	//
20110	// For more information, see About SAML 2.0-based federation (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_saml.html)
20111	// in the IAM User Guide
20112	//
20113	// SAMLMetadataDocument is a required field
20114	SAMLMetadataDocument *string `min:"1000" type:"string" required:"true"`
20115
20116	// A list of tags that you want to attach to the new IAM SAML provider. Each
20117	// tag consists of a key name and an associated value. For more information
20118	// about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
20119	// in the IAM User Guide.
20120	//
20121	// If any one of the tags is invalid or if you exceed the allowed maximum number
20122	// of tags, then the entire request fails and the resource is not created.
20123	Tags []*Tag `type:"list"`
20124}
20125
20126// String returns the string representation.
20127//
20128// API parameter values that are decorated as "sensitive" in the API will not
20129// be included in the string output. The member name will be present, but the
20130// value will be replaced with "sensitive".
20131func (s CreateSAMLProviderInput) String() string {
20132	return awsutil.Prettify(s)
20133}
20134
20135// GoString returns the string representation.
20136//
20137// API parameter values that are decorated as "sensitive" in the API will not
20138// be included in the string output. The member name will be present, but the
20139// value will be replaced with "sensitive".
20140func (s CreateSAMLProviderInput) GoString() string {
20141	return s.String()
20142}
20143
20144// Validate inspects the fields of the type to determine if they are valid.
20145func (s *CreateSAMLProviderInput) Validate() error {
20146	invalidParams := request.ErrInvalidParams{Context: "CreateSAMLProviderInput"}
20147	if s.Name == nil {
20148		invalidParams.Add(request.NewErrParamRequired("Name"))
20149	}
20150	if s.Name != nil && len(*s.Name) < 1 {
20151		invalidParams.Add(request.NewErrParamMinLen("Name", 1))
20152	}
20153	if s.SAMLMetadataDocument == nil {
20154		invalidParams.Add(request.NewErrParamRequired("SAMLMetadataDocument"))
20155	}
20156	if s.SAMLMetadataDocument != nil && len(*s.SAMLMetadataDocument) < 1000 {
20157		invalidParams.Add(request.NewErrParamMinLen("SAMLMetadataDocument", 1000))
20158	}
20159	if s.Tags != nil {
20160		for i, v := range s.Tags {
20161			if v == nil {
20162				continue
20163			}
20164			if err := v.Validate(); err != nil {
20165				invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Tags", i), err.(request.ErrInvalidParams))
20166			}
20167		}
20168	}
20169
20170	if invalidParams.Len() > 0 {
20171		return invalidParams
20172	}
20173	return nil
20174}
20175
20176// SetName sets the Name field's value.
20177func (s *CreateSAMLProviderInput) SetName(v string) *CreateSAMLProviderInput {
20178	s.Name = &v
20179	return s
20180}
20181
20182// SetSAMLMetadataDocument sets the SAMLMetadataDocument field's value.
20183func (s *CreateSAMLProviderInput) SetSAMLMetadataDocument(v string) *CreateSAMLProviderInput {
20184	s.SAMLMetadataDocument = &v
20185	return s
20186}
20187
20188// SetTags sets the Tags field's value.
20189func (s *CreateSAMLProviderInput) SetTags(v []*Tag) *CreateSAMLProviderInput {
20190	s.Tags = v
20191	return s
20192}
20193
20194// Contains the response to a successful CreateSAMLProvider request.
20195type CreateSAMLProviderOutput struct {
20196	_ struct{} `type:"structure"`
20197
20198	// The Amazon Resource Name (ARN) of the new SAML provider resource in IAM.
20199	SAMLProviderArn *string `min:"20" type:"string"`
20200
20201	// A list of tags that are attached to the new IAM SAML provider. The returned
20202	// list of tags is sorted by tag key. For more information about tagging, see
20203	// Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
20204	// in the IAM User Guide.
20205	Tags []*Tag `type:"list"`
20206}
20207
20208// String returns the string representation.
20209//
20210// API parameter values that are decorated as "sensitive" in the API will not
20211// be included in the string output. The member name will be present, but the
20212// value will be replaced with "sensitive".
20213func (s CreateSAMLProviderOutput) String() string {
20214	return awsutil.Prettify(s)
20215}
20216
20217// GoString returns the string representation.
20218//
20219// API parameter values that are decorated as "sensitive" in the API will not
20220// be included in the string output. The member name will be present, but the
20221// value will be replaced with "sensitive".
20222func (s CreateSAMLProviderOutput) GoString() string {
20223	return s.String()
20224}
20225
20226// SetSAMLProviderArn sets the SAMLProviderArn field's value.
20227func (s *CreateSAMLProviderOutput) SetSAMLProviderArn(v string) *CreateSAMLProviderOutput {
20228	s.SAMLProviderArn = &v
20229	return s
20230}
20231
20232// SetTags sets the Tags field's value.
20233func (s *CreateSAMLProviderOutput) SetTags(v []*Tag) *CreateSAMLProviderOutput {
20234	s.Tags = v
20235	return s
20236}
20237
20238type CreateServiceLinkedRoleInput struct {
20239	_ struct{} `type:"structure"`
20240
20241	// The service principal for the Amazon Web Services service to which this role
20242	// is attached. You use a string similar to a URL but without the http:// in
20243	// front. For example: elasticbeanstalk.amazonaws.com.
20244	//
20245	// Service principals are unique and case-sensitive. To find the exact service
20246	// principal for your service-linked role, see Amazon Web Services services
20247	// that work with IAM (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-services-that-work-with-iam.html)
20248	// in the IAM User Guide. Look for the services that have Yes in the Service-Linked
20249	// Role column. Choose the Yes link to view the service-linked role documentation
20250	// for that service.
20251	//
20252	// AWSServiceName is a required field
20253	AWSServiceName *string `min:"1" type:"string" required:"true"`
20254
20255	// A string that you provide, which is combined with the service-provided prefix
20256	// to form the complete role name. If you make multiple requests for the same
20257	// service, then you must supply a different CustomSuffix for each request.
20258	// Otherwise the request fails with a duplicate role name error. For example,
20259	// you could add -1 or -debug to the suffix.
20260	//
20261	// Some services do not support the CustomSuffix parameter. If you provide an
20262	// optional suffix and the operation fails, try the operation again without
20263	// the suffix.
20264	CustomSuffix *string `min:"1" type:"string"`
20265
20266	// The description of the role.
20267	Description *string `type:"string"`
20268}
20269
20270// String returns the string representation.
20271//
20272// API parameter values that are decorated as "sensitive" in the API will not
20273// be included in the string output. The member name will be present, but the
20274// value will be replaced with "sensitive".
20275func (s CreateServiceLinkedRoleInput) String() string {
20276	return awsutil.Prettify(s)
20277}
20278
20279// GoString returns the string representation.
20280//
20281// API parameter values that are decorated as "sensitive" in the API will not
20282// be included in the string output. The member name will be present, but the
20283// value will be replaced with "sensitive".
20284func (s CreateServiceLinkedRoleInput) GoString() string {
20285	return s.String()
20286}
20287
20288// Validate inspects the fields of the type to determine if they are valid.
20289func (s *CreateServiceLinkedRoleInput) Validate() error {
20290	invalidParams := request.ErrInvalidParams{Context: "CreateServiceLinkedRoleInput"}
20291	if s.AWSServiceName == nil {
20292		invalidParams.Add(request.NewErrParamRequired("AWSServiceName"))
20293	}
20294	if s.AWSServiceName != nil && len(*s.AWSServiceName) < 1 {
20295		invalidParams.Add(request.NewErrParamMinLen("AWSServiceName", 1))
20296	}
20297	if s.CustomSuffix != nil && len(*s.CustomSuffix) < 1 {
20298		invalidParams.Add(request.NewErrParamMinLen("CustomSuffix", 1))
20299	}
20300
20301	if invalidParams.Len() > 0 {
20302		return invalidParams
20303	}
20304	return nil
20305}
20306
20307// SetAWSServiceName sets the AWSServiceName field's value.
20308func (s *CreateServiceLinkedRoleInput) SetAWSServiceName(v string) *CreateServiceLinkedRoleInput {
20309	s.AWSServiceName = &v
20310	return s
20311}
20312
20313// SetCustomSuffix sets the CustomSuffix field's value.
20314func (s *CreateServiceLinkedRoleInput) SetCustomSuffix(v string) *CreateServiceLinkedRoleInput {
20315	s.CustomSuffix = &v
20316	return s
20317}
20318
20319// SetDescription sets the Description field's value.
20320func (s *CreateServiceLinkedRoleInput) SetDescription(v string) *CreateServiceLinkedRoleInput {
20321	s.Description = &v
20322	return s
20323}
20324
20325type CreateServiceLinkedRoleOutput struct {
20326	_ struct{} `type:"structure"`
20327
20328	// A Role object that contains details about the newly created role.
20329	Role *Role `type:"structure"`
20330}
20331
20332// String returns the string representation.
20333//
20334// API parameter values that are decorated as "sensitive" in the API will not
20335// be included in the string output. The member name will be present, but the
20336// value will be replaced with "sensitive".
20337func (s CreateServiceLinkedRoleOutput) String() string {
20338	return awsutil.Prettify(s)
20339}
20340
20341// GoString returns the string representation.
20342//
20343// API parameter values that are decorated as "sensitive" in the API will not
20344// be included in the string output. The member name will be present, but the
20345// value will be replaced with "sensitive".
20346func (s CreateServiceLinkedRoleOutput) GoString() string {
20347	return s.String()
20348}
20349
20350// SetRole sets the Role field's value.
20351func (s *CreateServiceLinkedRoleOutput) SetRole(v *Role) *CreateServiceLinkedRoleOutput {
20352	s.Role = v
20353	return s
20354}
20355
20356type CreateServiceSpecificCredentialInput struct {
20357	_ struct{} `type:"structure"`
20358
20359	// The name of the Amazon Web Services service that is to be associated with
20360	// the credentials. The service you specify here is the only service that can
20361	// be accessed using these credentials.
20362	//
20363	// ServiceName is a required field
20364	ServiceName *string `type:"string" required:"true"`
20365
20366	// The name of the IAM user that is to be associated with the credentials. The
20367	// new service-specific credentials have the same permissions as the associated
20368	// user except that they can be used only to access the specified service.
20369	//
20370	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
20371	// a string of characters consisting of upper and lowercase alphanumeric characters
20372	// with no spaces. You can also include any of the following characters: _+=,.@-
20373	//
20374	// UserName is a required field
20375	UserName *string `min:"1" type:"string" required:"true"`
20376}
20377
20378// String returns the string representation.
20379//
20380// API parameter values that are decorated as "sensitive" in the API will not
20381// be included in the string output. The member name will be present, but the
20382// value will be replaced with "sensitive".
20383func (s CreateServiceSpecificCredentialInput) String() string {
20384	return awsutil.Prettify(s)
20385}
20386
20387// GoString returns the string representation.
20388//
20389// API parameter values that are decorated as "sensitive" in the API will not
20390// be included in the string output. The member name will be present, but the
20391// value will be replaced with "sensitive".
20392func (s CreateServiceSpecificCredentialInput) GoString() string {
20393	return s.String()
20394}
20395
20396// Validate inspects the fields of the type to determine if they are valid.
20397func (s *CreateServiceSpecificCredentialInput) Validate() error {
20398	invalidParams := request.ErrInvalidParams{Context: "CreateServiceSpecificCredentialInput"}
20399	if s.ServiceName == nil {
20400		invalidParams.Add(request.NewErrParamRequired("ServiceName"))
20401	}
20402	if s.UserName == nil {
20403		invalidParams.Add(request.NewErrParamRequired("UserName"))
20404	}
20405	if s.UserName != nil && len(*s.UserName) < 1 {
20406		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
20407	}
20408
20409	if invalidParams.Len() > 0 {
20410		return invalidParams
20411	}
20412	return nil
20413}
20414
20415// SetServiceName sets the ServiceName field's value.
20416func (s *CreateServiceSpecificCredentialInput) SetServiceName(v string) *CreateServiceSpecificCredentialInput {
20417	s.ServiceName = &v
20418	return s
20419}
20420
20421// SetUserName sets the UserName field's value.
20422func (s *CreateServiceSpecificCredentialInput) SetUserName(v string) *CreateServiceSpecificCredentialInput {
20423	s.UserName = &v
20424	return s
20425}
20426
20427type CreateServiceSpecificCredentialOutput struct {
20428	_ struct{} `type:"structure"`
20429
20430	// A structure that contains information about the newly created service-specific
20431	// credential.
20432	//
20433	// This is the only time that the password for this credential set is available.
20434	// It cannot be recovered later. Instead, you must reset the password with ResetServiceSpecificCredential.
20435	ServiceSpecificCredential *ServiceSpecificCredential `type:"structure"`
20436}
20437
20438// String returns the string representation.
20439//
20440// API parameter values that are decorated as "sensitive" in the API will not
20441// be included in the string output. The member name will be present, but the
20442// value will be replaced with "sensitive".
20443func (s CreateServiceSpecificCredentialOutput) String() string {
20444	return awsutil.Prettify(s)
20445}
20446
20447// GoString returns the string representation.
20448//
20449// API parameter values that are decorated as "sensitive" in the API will not
20450// be included in the string output. The member name will be present, but the
20451// value will be replaced with "sensitive".
20452func (s CreateServiceSpecificCredentialOutput) GoString() string {
20453	return s.String()
20454}
20455
20456// SetServiceSpecificCredential sets the ServiceSpecificCredential field's value.
20457func (s *CreateServiceSpecificCredentialOutput) SetServiceSpecificCredential(v *ServiceSpecificCredential) *CreateServiceSpecificCredentialOutput {
20458	s.ServiceSpecificCredential = v
20459	return s
20460}
20461
20462type CreateUserInput struct {
20463	_ struct{} `type:"structure"`
20464
20465	// The path for the user name. For more information about paths, see IAM identifiers
20466	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
20467	// in the IAM User Guide.
20468	//
20469	// This parameter is optional. If it is not included, it defaults to a slash
20470	// (/).
20471	//
20472	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
20473	// a string of characters consisting of either a forward slash (/) by itself
20474	// or a string that must begin and end with forward slashes. In addition, it
20475	// can contain any ASCII character from the ! (\u0021) through the DEL character
20476	// (\u007F), including most punctuation characters, digits, and upper and lowercased
20477	// letters.
20478	Path *string `min:"1" type:"string"`
20479
20480	// The ARN of the policy that is used to set the permissions boundary for the
20481	// user.
20482	PermissionsBoundary *string `min:"20" type:"string"`
20483
20484	// A list of tags that you want to attach to the new user. Each tag consists
20485	// of a key name and an associated value. For more information about tagging,
20486	// see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
20487	// in the IAM User Guide.
20488	//
20489	// If any one of the tags is invalid or if you exceed the allowed maximum number
20490	// of tags, then the entire request fails and the resource is not created.
20491	Tags []*Tag `type:"list"`
20492
20493	// The name of the user to create.
20494	//
20495	// IAM user, group, role, and policy names must be unique within the account.
20496	// Names are not distinguished by case. For example, you cannot create resources
20497	// named both "MyResource" and "myresource".
20498	//
20499	// UserName is a required field
20500	UserName *string `min:"1" type:"string" required:"true"`
20501}
20502
20503// String returns the string representation.
20504//
20505// API parameter values that are decorated as "sensitive" in the API will not
20506// be included in the string output. The member name will be present, but the
20507// value will be replaced with "sensitive".
20508func (s CreateUserInput) String() string {
20509	return awsutil.Prettify(s)
20510}
20511
20512// GoString returns the string representation.
20513//
20514// API parameter values that are decorated as "sensitive" in the API will not
20515// be included in the string output. The member name will be present, but the
20516// value will be replaced with "sensitive".
20517func (s CreateUserInput) GoString() string {
20518	return s.String()
20519}
20520
20521// Validate inspects the fields of the type to determine if they are valid.
20522func (s *CreateUserInput) Validate() error {
20523	invalidParams := request.ErrInvalidParams{Context: "CreateUserInput"}
20524	if s.Path != nil && len(*s.Path) < 1 {
20525		invalidParams.Add(request.NewErrParamMinLen("Path", 1))
20526	}
20527	if s.PermissionsBoundary != nil && len(*s.PermissionsBoundary) < 20 {
20528		invalidParams.Add(request.NewErrParamMinLen("PermissionsBoundary", 20))
20529	}
20530	if s.UserName == nil {
20531		invalidParams.Add(request.NewErrParamRequired("UserName"))
20532	}
20533	if s.UserName != nil && len(*s.UserName) < 1 {
20534		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
20535	}
20536	if s.Tags != nil {
20537		for i, v := range s.Tags {
20538			if v == nil {
20539				continue
20540			}
20541			if err := v.Validate(); err != nil {
20542				invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Tags", i), err.(request.ErrInvalidParams))
20543			}
20544		}
20545	}
20546
20547	if invalidParams.Len() > 0 {
20548		return invalidParams
20549	}
20550	return nil
20551}
20552
20553// SetPath sets the Path field's value.
20554func (s *CreateUserInput) SetPath(v string) *CreateUserInput {
20555	s.Path = &v
20556	return s
20557}
20558
20559// SetPermissionsBoundary sets the PermissionsBoundary field's value.
20560func (s *CreateUserInput) SetPermissionsBoundary(v string) *CreateUserInput {
20561	s.PermissionsBoundary = &v
20562	return s
20563}
20564
20565// SetTags sets the Tags field's value.
20566func (s *CreateUserInput) SetTags(v []*Tag) *CreateUserInput {
20567	s.Tags = v
20568	return s
20569}
20570
20571// SetUserName sets the UserName field's value.
20572func (s *CreateUserInput) SetUserName(v string) *CreateUserInput {
20573	s.UserName = &v
20574	return s
20575}
20576
20577// Contains the response to a successful CreateUser request.
20578type CreateUserOutput struct {
20579	_ struct{} `type:"structure"`
20580
20581	// A structure with details about the new IAM user.
20582	User *User `type:"structure"`
20583}
20584
20585// String returns the string representation.
20586//
20587// API parameter values that are decorated as "sensitive" in the API will not
20588// be included in the string output. The member name will be present, but the
20589// value will be replaced with "sensitive".
20590func (s CreateUserOutput) String() string {
20591	return awsutil.Prettify(s)
20592}
20593
20594// GoString returns the string representation.
20595//
20596// API parameter values that are decorated as "sensitive" in the API will not
20597// be included in the string output. The member name will be present, but the
20598// value will be replaced with "sensitive".
20599func (s CreateUserOutput) GoString() string {
20600	return s.String()
20601}
20602
20603// SetUser sets the User field's value.
20604func (s *CreateUserOutput) SetUser(v *User) *CreateUserOutput {
20605	s.User = v
20606	return s
20607}
20608
20609type CreateVirtualMFADeviceInput struct {
20610	_ struct{} `type:"structure"`
20611
20612	// The path for the virtual MFA device. For more information about paths, see
20613	// IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
20614	// in the IAM User Guide.
20615	//
20616	// This parameter is optional. If it is not included, it defaults to a slash
20617	// (/).
20618	//
20619	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
20620	// a string of characters consisting of either a forward slash (/) by itself
20621	// or a string that must begin and end with forward slashes. In addition, it
20622	// can contain any ASCII character from the ! (\u0021) through the DEL character
20623	// (\u007F), including most punctuation characters, digits, and upper and lowercased
20624	// letters.
20625	Path *string `min:"1" type:"string"`
20626
20627	// A list of tags that you want to attach to the new IAM virtual MFA device.
20628	// Each tag consists of a key name and an associated value. For more information
20629	// about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
20630	// in the IAM User Guide.
20631	//
20632	// If any one of the tags is invalid or if you exceed the allowed maximum number
20633	// of tags, then the entire request fails and the resource is not created.
20634	Tags []*Tag `type:"list"`
20635
20636	// The name of the virtual MFA device. Use with path to uniquely identify a
20637	// virtual MFA device.
20638	//
20639	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
20640	// a string of characters consisting of upper and lowercase alphanumeric characters
20641	// with no spaces. You can also include any of the following characters: _+=,.@-
20642	//
20643	// VirtualMFADeviceName is a required field
20644	VirtualMFADeviceName *string `min:"1" type:"string" required:"true"`
20645}
20646
20647// String returns the string representation.
20648//
20649// API parameter values that are decorated as "sensitive" in the API will not
20650// be included in the string output. The member name will be present, but the
20651// value will be replaced with "sensitive".
20652func (s CreateVirtualMFADeviceInput) String() string {
20653	return awsutil.Prettify(s)
20654}
20655
20656// GoString returns the string representation.
20657//
20658// API parameter values that are decorated as "sensitive" in the API will not
20659// be included in the string output. The member name will be present, but the
20660// value will be replaced with "sensitive".
20661func (s CreateVirtualMFADeviceInput) GoString() string {
20662	return s.String()
20663}
20664
20665// Validate inspects the fields of the type to determine if they are valid.
20666func (s *CreateVirtualMFADeviceInput) Validate() error {
20667	invalidParams := request.ErrInvalidParams{Context: "CreateVirtualMFADeviceInput"}
20668	if s.Path != nil && len(*s.Path) < 1 {
20669		invalidParams.Add(request.NewErrParamMinLen("Path", 1))
20670	}
20671	if s.VirtualMFADeviceName == nil {
20672		invalidParams.Add(request.NewErrParamRequired("VirtualMFADeviceName"))
20673	}
20674	if s.VirtualMFADeviceName != nil && len(*s.VirtualMFADeviceName) < 1 {
20675		invalidParams.Add(request.NewErrParamMinLen("VirtualMFADeviceName", 1))
20676	}
20677	if s.Tags != nil {
20678		for i, v := range s.Tags {
20679			if v == nil {
20680				continue
20681			}
20682			if err := v.Validate(); err != nil {
20683				invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Tags", i), err.(request.ErrInvalidParams))
20684			}
20685		}
20686	}
20687
20688	if invalidParams.Len() > 0 {
20689		return invalidParams
20690	}
20691	return nil
20692}
20693
20694// SetPath sets the Path field's value.
20695func (s *CreateVirtualMFADeviceInput) SetPath(v string) *CreateVirtualMFADeviceInput {
20696	s.Path = &v
20697	return s
20698}
20699
20700// SetTags sets the Tags field's value.
20701func (s *CreateVirtualMFADeviceInput) SetTags(v []*Tag) *CreateVirtualMFADeviceInput {
20702	s.Tags = v
20703	return s
20704}
20705
20706// SetVirtualMFADeviceName sets the VirtualMFADeviceName field's value.
20707func (s *CreateVirtualMFADeviceInput) SetVirtualMFADeviceName(v string) *CreateVirtualMFADeviceInput {
20708	s.VirtualMFADeviceName = &v
20709	return s
20710}
20711
20712// Contains the response to a successful CreateVirtualMFADevice request.
20713type CreateVirtualMFADeviceOutput struct {
20714	_ struct{} `type:"structure"`
20715
20716	// A structure containing details about the new virtual MFA device.
20717	//
20718	// VirtualMFADevice is a required field
20719	VirtualMFADevice *VirtualMFADevice `type:"structure" required:"true"`
20720}
20721
20722// String returns the string representation.
20723//
20724// API parameter values that are decorated as "sensitive" in the API will not
20725// be included in the string output. The member name will be present, but the
20726// value will be replaced with "sensitive".
20727func (s CreateVirtualMFADeviceOutput) String() string {
20728	return awsutil.Prettify(s)
20729}
20730
20731// GoString returns the string representation.
20732//
20733// API parameter values that are decorated as "sensitive" in the API will not
20734// be included in the string output. The member name will be present, but the
20735// value will be replaced with "sensitive".
20736func (s CreateVirtualMFADeviceOutput) GoString() string {
20737	return s.String()
20738}
20739
20740// SetVirtualMFADevice sets the VirtualMFADevice field's value.
20741func (s *CreateVirtualMFADeviceOutput) SetVirtualMFADevice(v *VirtualMFADevice) *CreateVirtualMFADeviceOutput {
20742	s.VirtualMFADevice = v
20743	return s
20744}
20745
20746type DeactivateMFADeviceInput struct {
20747	_ struct{} `type:"structure"`
20748
20749	// The serial number that uniquely identifies the MFA device. For virtual MFA
20750	// devices, the serial number is the device ARN.
20751	//
20752	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
20753	// a string of characters consisting of upper and lowercase alphanumeric characters
20754	// with no spaces. You can also include any of the following characters: =,.@:/-
20755	//
20756	// SerialNumber is a required field
20757	SerialNumber *string `min:"9" type:"string" required:"true"`
20758
20759	// The name of the user whose MFA device you want to deactivate.
20760	//
20761	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
20762	// a string of characters consisting of upper and lowercase alphanumeric characters
20763	// with no spaces. You can also include any of the following characters: _+=,.@-
20764	//
20765	// UserName is a required field
20766	UserName *string `min:"1" type:"string" required:"true"`
20767}
20768
20769// String returns the string representation.
20770//
20771// API parameter values that are decorated as "sensitive" in the API will not
20772// be included in the string output. The member name will be present, but the
20773// value will be replaced with "sensitive".
20774func (s DeactivateMFADeviceInput) String() string {
20775	return awsutil.Prettify(s)
20776}
20777
20778// GoString returns the string representation.
20779//
20780// API parameter values that are decorated as "sensitive" in the API will not
20781// be included in the string output. The member name will be present, but the
20782// value will be replaced with "sensitive".
20783func (s DeactivateMFADeviceInput) GoString() string {
20784	return s.String()
20785}
20786
20787// Validate inspects the fields of the type to determine if they are valid.
20788func (s *DeactivateMFADeviceInput) Validate() error {
20789	invalidParams := request.ErrInvalidParams{Context: "DeactivateMFADeviceInput"}
20790	if s.SerialNumber == nil {
20791		invalidParams.Add(request.NewErrParamRequired("SerialNumber"))
20792	}
20793	if s.SerialNumber != nil && len(*s.SerialNumber) < 9 {
20794		invalidParams.Add(request.NewErrParamMinLen("SerialNumber", 9))
20795	}
20796	if s.UserName == nil {
20797		invalidParams.Add(request.NewErrParamRequired("UserName"))
20798	}
20799	if s.UserName != nil && len(*s.UserName) < 1 {
20800		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
20801	}
20802
20803	if invalidParams.Len() > 0 {
20804		return invalidParams
20805	}
20806	return nil
20807}
20808
20809// SetSerialNumber sets the SerialNumber field's value.
20810func (s *DeactivateMFADeviceInput) SetSerialNumber(v string) *DeactivateMFADeviceInput {
20811	s.SerialNumber = &v
20812	return s
20813}
20814
20815// SetUserName sets the UserName field's value.
20816func (s *DeactivateMFADeviceInput) SetUserName(v string) *DeactivateMFADeviceInput {
20817	s.UserName = &v
20818	return s
20819}
20820
20821type DeactivateMFADeviceOutput struct {
20822	_ struct{} `type:"structure"`
20823}
20824
20825// String returns the string representation.
20826//
20827// API parameter values that are decorated as "sensitive" in the API will not
20828// be included in the string output. The member name will be present, but the
20829// value will be replaced with "sensitive".
20830func (s DeactivateMFADeviceOutput) String() string {
20831	return awsutil.Prettify(s)
20832}
20833
20834// GoString returns the string representation.
20835//
20836// API parameter values that are decorated as "sensitive" in the API will not
20837// be included in the string output. The member name will be present, but the
20838// value will be replaced with "sensitive".
20839func (s DeactivateMFADeviceOutput) GoString() string {
20840	return s.String()
20841}
20842
20843type DeleteAccessKeyInput struct {
20844	_ struct{} `type:"structure"`
20845
20846	// The access key ID for the access key ID and secret access key you want to
20847	// delete.
20848	//
20849	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
20850	// a string of characters that can consist of any upper or lowercased letter
20851	// or digit.
20852	//
20853	// AccessKeyId is a required field
20854	AccessKeyId *string `min:"16" type:"string" required:"true"`
20855
20856	// The name of the user whose access key pair you want to delete.
20857	//
20858	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
20859	// a string of characters consisting of upper and lowercase alphanumeric characters
20860	// with no spaces. You can also include any of the following characters: _+=,.@-
20861	UserName *string `min:"1" type:"string"`
20862}
20863
20864// String returns the string representation.
20865//
20866// API parameter values that are decorated as "sensitive" in the API will not
20867// be included in the string output. The member name will be present, but the
20868// value will be replaced with "sensitive".
20869func (s DeleteAccessKeyInput) String() string {
20870	return awsutil.Prettify(s)
20871}
20872
20873// GoString returns the string representation.
20874//
20875// API parameter values that are decorated as "sensitive" in the API will not
20876// be included in the string output. The member name will be present, but the
20877// value will be replaced with "sensitive".
20878func (s DeleteAccessKeyInput) GoString() string {
20879	return s.String()
20880}
20881
20882// Validate inspects the fields of the type to determine if they are valid.
20883func (s *DeleteAccessKeyInput) Validate() error {
20884	invalidParams := request.ErrInvalidParams{Context: "DeleteAccessKeyInput"}
20885	if s.AccessKeyId == nil {
20886		invalidParams.Add(request.NewErrParamRequired("AccessKeyId"))
20887	}
20888	if s.AccessKeyId != nil && len(*s.AccessKeyId) < 16 {
20889		invalidParams.Add(request.NewErrParamMinLen("AccessKeyId", 16))
20890	}
20891	if s.UserName != nil && len(*s.UserName) < 1 {
20892		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
20893	}
20894
20895	if invalidParams.Len() > 0 {
20896		return invalidParams
20897	}
20898	return nil
20899}
20900
20901// SetAccessKeyId sets the AccessKeyId field's value.
20902func (s *DeleteAccessKeyInput) SetAccessKeyId(v string) *DeleteAccessKeyInput {
20903	s.AccessKeyId = &v
20904	return s
20905}
20906
20907// SetUserName sets the UserName field's value.
20908func (s *DeleteAccessKeyInput) SetUserName(v string) *DeleteAccessKeyInput {
20909	s.UserName = &v
20910	return s
20911}
20912
20913type DeleteAccessKeyOutput struct {
20914	_ struct{} `type:"structure"`
20915}
20916
20917// String returns the string representation.
20918//
20919// API parameter values that are decorated as "sensitive" in the API will not
20920// be included in the string output. The member name will be present, but the
20921// value will be replaced with "sensitive".
20922func (s DeleteAccessKeyOutput) String() string {
20923	return awsutil.Prettify(s)
20924}
20925
20926// GoString returns the string representation.
20927//
20928// API parameter values that are decorated as "sensitive" in the API will not
20929// be included in the string output. The member name will be present, but the
20930// value will be replaced with "sensitive".
20931func (s DeleteAccessKeyOutput) GoString() string {
20932	return s.String()
20933}
20934
20935type DeleteAccountAliasInput struct {
20936	_ struct{} `type:"structure"`
20937
20938	// The name of the account alias to delete.
20939	//
20940	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
20941	// a string of characters consisting of lowercase letters, digits, and dashes.
20942	// You cannot start or finish with a dash, nor can you have two dashes in a
20943	// row.
20944	//
20945	// AccountAlias is a required field
20946	AccountAlias *string `min:"3" type:"string" required:"true"`
20947}
20948
20949// String returns the string representation.
20950//
20951// API parameter values that are decorated as "sensitive" in the API will not
20952// be included in the string output. The member name will be present, but the
20953// value will be replaced with "sensitive".
20954func (s DeleteAccountAliasInput) String() string {
20955	return awsutil.Prettify(s)
20956}
20957
20958// GoString returns the string representation.
20959//
20960// API parameter values that are decorated as "sensitive" in the API will not
20961// be included in the string output. The member name will be present, but the
20962// value will be replaced with "sensitive".
20963func (s DeleteAccountAliasInput) GoString() string {
20964	return s.String()
20965}
20966
20967// Validate inspects the fields of the type to determine if they are valid.
20968func (s *DeleteAccountAliasInput) Validate() error {
20969	invalidParams := request.ErrInvalidParams{Context: "DeleteAccountAliasInput"}
20970	if s.AccountAlias == nil {
20971		invalidParams.Add(request.NewErrParamRequired("AccountAlias"))
20972	}
20973	if s.AccountAlias != nil && len(*s.AccountAlias) < 3 {
20974		invalidParams.Add(request.NewErrParamMinLen("AccountAlias", 3))
20975	}
20976
20977	if invalidParams.Len() > 0 {
20978		return invalidParams
20979	}
20980	return nil
20981}
20982
20983// SetAccountAlias sets the AccountAlias field's value.
20984func (s *DeleteAccountAliasInput) SetAccountAlias(v string) *DeleteAccountAliasInput {
20985	s.AccountAlias = &v
20986	return s
20987}
20988
20989type DeleteAccountAliasOutput struct {
20990	_ struct{} `type:"structure"`
20991}
20992
20993// String returns the string representation.
20994//
20995// API parameter values that are decorated as "sensitive" in the API will not
20996// be included in the string output. The member name will be present, but the
20997// value will be replaced with "sensitive".
20998func (s DeleteAccountAliasOutput) String() string {
20999	return awsutil.Prettify(s)
21000}
21001
21002// GoString returns the string representation.
21003//
21004// API parameter values that are decorated as "sensitive" in the API will not
21005// be included in the string output. The member name will be present, but the
21006// value will be replaced with "sensitive".
21007func (s DeleteAccountAliasOutput) GoString() string {
21008	return s.String()
21009}
21010
21011type DeleteAccountPasswordPolicyInput struct {
21012	_ struct{} `type:"structure"`
21013}
21014
21015// String returns the string representation.
21016//
21017// API parameter values that are decorated as "sensitive" in the API will not
21018// be included in the string output. The member name will be present, but the
21019// value will be replaced with "sensitive".
21020func (s DeleteAccountPasswordPolicyInput) String() string {
21021	return awsutil.Prettify(s)
21022}
21023
21024// GoString returns the string representation.
21025//
21026// API parameter values that are decorated as "sensitive" in the API will not
21027// be included in the string output. The member name will be present, but the
21028// value will be replaced with "sensitive".
21029func (s DeleteAccountPasswordPolicyInput) GoString() string {
21030	return s.String()
21031}
21032
21033type DeleteAccountPasswordPolicyOutput struct {
21034	_ struct{} `type:"structure"`
21035}
21036
21037// String returns the string representation.
21038//
21039// API parameter values that are decorated as "sensitive" in the API will not
21040// be included in the string output. The member name will be present, but the
21041// value will be replaced with "sensitive".
21042func (s DeleteAccountPasswordPolicyOutput) String() string {
21043	return awsutil.Prettify(s)
21044}
21045
21046// GoString returns the string representation.
21047//
21048// API parameter values that are decorated as "sensitive" in the API will not
21049// be included in the string output. The member name will be present, but the
21050// value will be replaced with "sensitive".
21051func (s DeleteAccountPasswordPolicyOutput) GoString() string {
21052	return s.String()
21053}
21054
21055type DeleteGroupInput struct {
21056	_ struct{} `type:"structure"`
21057
21058	// The name of the IAM group to delete.
21059	//
21060	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
21061	// a string of characters consisting of upper and lowercase alphanumeric characters
21062	// with no spaces. You can also include any of the following characters: _+=,.@-
21063	//
21064	// GroupName is a required field
21065	GroupName *string `min:"1" type:"string" required:"true"`
21066}
21067
21068// String returns the string representation.
21069//
21070// API parameter values that are decorated as "sensitive" in the API will not
21071// be included in the string output. The member name will be present, but the
21072// value will be replaced with "sensitive".
21073func (s DeleteGroupInput) String() string {
21074	return awsutil.Prettify(s)
21075}
21076
21077// GoString returns the string representation.
21078//
21079// API parameter values that are decorated as "sensitive" in the API will not
21080// be included in the string output. The member name will be present, but the
21081// value will be replaced with "sensitive".
21082func (s DeleteGroupInput) GoString() string {
21083	return s.String()
21084}
21085
21086// Validate inspects the fields of the type to determine if they are valid.
21087func (s *DeleteGroupInput) Validate() error {
21088	invalidParams := request.ErrInvalidParams{Context: "DeleteGroupInput"}
21089	if s.GroupName == nil {
21090		invalidParams.Add(request.NewErrParamRequired("GroupName"))
21091	}
21092	if s.GroupName != nil && len(*s.GroupName) < 1 {
21093		invalidParams.Add(request.NewErrParamMinLen("GroupName", 1))
21094	}
21095
21096	if invalidParams.Len() > 0 {
21097		return invalidParams
21098	}
21099	return nil
21100}
21101
21102// SetGroupName sets the GroupName field's value.
21103func (s *DeleteGroupInput) SetGroupName(v string) *DeleteGroupInput {
21104	s.GroupName = &v
21105	return s
21106}
21107
21108type DeleteGroupOutput struct {
21109	_ struct{} `type:"structure"`
21110}
21111
21112// String returns the string representation.
21113//
21114// API parameter values that are decorated as "sensitive" in the API will not
21115// be included in the string output. The member name will be present, but the
21116// value will be replaced with "sensitive".
21117func (s DeleteGroupOutput) String() string {
21118	return awsutil.Prettify(s)
21119}
21120
21121// GoString returns the string representation.
21122//
21123// API parameter values that are decorated as "sensitive" in the API will not
21124// be included in the string output. The member name will be present, but the
21125// value will be replaced with "sensitive".
21126func (s DeleteGroupOutput) GoString() string {
21127	return s.String()
21128}
21129
21130type DeleteGroupPolicyInput struct {
21131	_ struct{} `type:"structure"`
21132
21133	// The name (friendly name, not ARN) identifying the group that the policy is
21134	// embedded in.
21135	//
21136	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
21137	// a string of characters consisting of upper and lowercase alphanumeric characters
21138	// with no spaces. You can also include any of the following characters: _+=,.@-
21139	//
21140	// GroupName is a required field
21141	GroupName *string `min:"1" type:"string" required:"true"`
21142
21143	// The name identifying the policy document to delete.
21144	//
21145	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
21146	// a string of characters consisting of upper and lowercase alphanumeric characters
21147	// with no spaces. You can also include any of the following characters: _+=,.@-
21148	//
21149	// PolicyName is a required field
21150	PolicyName *string `min:"1" type:"string" required:"true"`
21151}
21152
21153// String returns the string representation.
21154//
21155// API parameter values that are decorated as "sensitive" in the API will not
21156// be included in the string output. The member name will be present, but the
21157// value will be replaced with "sensitive".
21158func (s DeleteGroupPolicyInput) String() string {
21159	return awsutil.Prettify(s)
21160}
21161
21162// GoString returns the string representation.
21163//
21164// API parameter values that are decorated as "sensitive" in the API will not
21165// be included in the string output. The member name will be present, but the
21166// value will be replaced with "sensitive".
21167func (s DeleteGroupPolicyInput) GoString() string {
21168	return s.String()
21169}
21170
21171// Validate inspects the fields of the type to determine if they are valid.
21172func (s *DeleteGroupPolicyInput) Validate() error {
21173	invalidParams := request.ErrInvalidParams{Context: "DeleteGroupPolicyInput"}
21174	if s.GroupName == nil {
21175		invalidParams.Add(request.NewErrParamRequired("GroupName"))
21176	}
21177	if s.GroupName != nil && len(*s.GroupName) < 1 {
21178		invalidParams.Add(request.NewErrParamMinLen("GroupName", 1))
21179	}
21180	if s.PolicyName == nil {
21181		invalidParams.Add(request.NewErrParamRequired("PolicyName"))
21182	}
21183	if s.PolicyName != nil && len(*s.PolicyName) < 1 {
21184		invalidParams.Add(request.NewErrParamMinLen("PolicyName", 1))
21185	}
21186
21187	if invalidParams.Len() > 0 {
21188		return invalidParams
21189	}
21190	return nil
21191}
21192
21193// SetGroupName sets the GroupName field's value.
21194func (s *DeleteGroupPolicyInput) SetGroupName(v string) *DeleteGroupPolicyInput {
21195	s.GroupName = &v
21196	return s
21197}
21198
21199// SetPolicyName sets the PolicyName field's value.
21200func (s *DeleteGroupPolicyInput) SetPolicyName(v string) *DeleteGroupPolicyInput {
21201	s.PolicyName = &v
21202	return s
21203}
21204
21205type DeleteGroupPolicyOutput struct {
21206	_ struct{} `type:"structure"`
21207}
21208
21209// String returns the string representation.
21210//
21211// API parameter values that are decorated as "sensitive" in the API will not
21212// be included in the string output. The member name will be present, but the
21213// value will be replaced with "sensitive".
21214func (s DeleteGroupPolicyOutput) String() string {
21215	return awsutil.Prettify(s)
21216}
21217
21218// GoString returns the string representation.
21219//
21220// API parameter values that are decorated as "sensitive" in the API will not
21221// be included in the string output. The member name will be present, but the
21222// value will be replaced with "sensitive".
21223func (s DeleteGroupPolicyOutput) GoString() string {
21224	return s.String()
21225}
21226
21227type DeleteInstanceProfileInput struct {
21228	_ struct{} `type:"structure"`
21229
21230	// The name of the instance profile to delete.
21231	//
21232	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
21233	// a string of characters consisting of upper and lowercase alphanumeric characters
21234	// with no spaces. You can also include any of the following characters: _+=,.@-
21235	//
21236	// InstanceProfileName is a required field
21237	InstanceProfileName *string `min:"1" type:"string" required:"true"`
21238}
21239
21240// String returns the string representation.
21241//
21242// API parameter values that are decorated as "sensitive" in the API will not
21243// be included in the string output. The member name will be present, but the
21244// value will be replaced with "sensitive".
21245func (s DeleteInstanceProfileInput) String() string {
21246	return awsutil.Prettify(s)
21247}
21248
21249// GoString returns the string representation.
21250//
21251// API parameter values that are decorated as "sensitive" in the API will not
21252// be included in the string output. The member name will be present, but the
21253// value will be replaced with "sensitive".
21254func (s DeleteInstanceProfileInput) GoString() string {
21255	return s.String()
21256}
21257
21258// Validate inspects the fields of the type to determine if they are valid.
21259func (s *DeleteInstanceProfileInput) Validate() error {
21260	invalidParams := request.ErrInvalidParams{Context: "DeleteInstanceProfileInput"}
21261	if s.InstanceProfileName == nil {
21262		invalidParams.Add(request.NewErrParamRequired("InstanceProfileName"))
21263	}
21264	if s.InstanceProfileName != nil && len(*s.InstanceProfileName) < 1 {
21265		invalidParams.Add(request.NewErrParamMinLen("InstanceProfileName", 1))
21266	}
21267
21268	if invalidParams.Len() > 0 {
21269		return invalidParams
21270	}
21271	return nil
21272}
21273
21274// SetInstanceProfileName sets the InstanceProfileName field's value.
21275func (s *DeleteInstanceProfileInput) SetInstanceProfileName(v string) *DeleteInstanceProfileInput {
21276	s.InstanceProfileName = &v
21277	return s
21278}
21279
21280type DeleteInstanceProfileOutput struct {
21281	_ struct{} `type:"structure"`
21282}
21283
21284// String returns the string representation.
21285//
21286// API parameter values that are decorated as "sensitive" in the API will not
21287// be included in the string output. The member name will be present, but the
21288// value will be replaced with "sensitive".
21289func (s DeleteInstanceProfileOutput) String() string {
21290	return awsutil.Prettify(s)
21291}
21292
21293// GoString returns the string representation.
21294//
21295// API parameter values that are decorated as "sensitive" in the API will not
21296// be included in the string output. The member name will be present, but the
21297// value will be replaced with "sensitive".
21298func (s DeleteInstanceProfileOutput) GoString() string {
21299	return s.String()
21300}
21301
21302type DeleteLoginProfileInput struct {
21303	_ struct{} `type:"structure"`
21304
21305	// The name of the user whose password you want to delete.
21306	//
21307	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
21308	// a string of characters consisting of upper and lowercase alphanumeric characters
21309	// with no spaces. You can also include any of the following characters: _+=,.@-
21310	//
21311	// UserName is a required field
21312	UserName *string `min:"1" type:"string" required:"true"`
21313}
21314
21315// String returns the string representation.
21316//
21317// API parameter values that are decorated as "sensitive" in the API will not
21318// be included in the string output. The member name will be present, but the
21319// value will be replaced with "sensitive".
21320func (s DeleteLoginProfileInput) String() string {
21321	return awsutil.Prettify(s)
21322}
21323
21324// GoString returns the string representation.
21325//
21326// API parameter values that are decorated as "sensitive" in the API will not
21327// be included in the string output. The member name will be present, but the
21328// value will be replaced with "sensitive".
21329func (s DeleteLoginProfileInput) GoString() string {
21330	return s.String()
21331}
21332
21333// Validate inspects the fields of the type to determine if they are valid.
21334func (s *DeleteLoginProfileInput) Validate() error {
21335	invalidParams := request.ErrInvalidParams{Context: "DeleteLoginProfileInput"}
21336	if s.UserName == nil {
21337		invalidParams.Add(request.NewErrParamRequired("UserName"))
21338	}
21339	if s.UserName != nil && len(*s.UserName) < 1 {
21340		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
21341	}
21342
21343	if invalidParams.Len() > 0 {
21344		return invalidParams
21345	}
21346	return nil
21347}
21348
21349// SetUserName sets the UserName field's value.
21350func (s *DeleteLoginProfileInput) SetUserName(v string) *DeleteLoginProfileInput {
21351	s.UserName = &v
21352	return s
21353}
21354
21355type DeleteLoginProfileOutput struct {
21356	_ struct{} `type:"structure"`
21357}
21358
21359// String returns the string representation.
21360//
21361// API parameter values that are decorated as "sensitive" in the API will not
21362// be included in the string output. The member name will be present, but the
21363// value will be replaced with "sensitive".
21364func (s DeleteLoginProfileOutput) String() string {
21365	return awsutil.Prettify(s)
21366}
21367
21368// GoString returns the string representation.
21369//
21370// API parameter values that are decorated as "sensitive" in the API will not
21371// be included in the string output. The member name will be present, but the
21372// value will be replaced with "sensitive".
21373func (s DeleteLoginProfileOutput) GoString() string {
21374	return s.String()
21375}
21376
21377type DeleteOpenIDConnectProviderInput struct {
21378	_ struct{} `type:"structure"`
21379
21380	// The Amazon Resource Name (ARN) of the IAM OpenID Connect provider resource
21381	// object to delete. You can get a list of OpenID Connect provider resource
21382	// ARNs by using the ListOpenIDConnectProviders operation.
21383	//
21384	// OpenIDConnectProviderArn is a required field
21385	OpenIDConnectProviderArn *string `min:"20" type:"string" required:"true"`
21386}
21387
21388// String returns the string representation.
21389//
21390// API parameter values that are decorated as "sensitive" in the API will not
21391// be included in the string output. The member name will be present, but the
21392// value will be replaced with "sensitive".
21393func (s DeleteOpenIDConnectProviderInput) String() string {
21394	return awsutil.Prettify(s)
21395}
21396
21397// GoString returns the string representation.
21398//
21399// API parameter values that are decorated as "sensitive" in the API will not
21400// be included in the string output. The member name will be present, but the
21401// value will be replaced with "sensitive".
21402func (s DeleteOpenIDConnectProviderInput) GoString() string {
21403	return s.String()
21404}
21405
21406// Validate inspects the fields of the type to determine if they are valid.
21407func (s *DeleteOpenIDConnectProviderInput) Validate() error {
21408	invalidParams := request.ErrInvalidParams{Context: "DeleteOpenIDConnectProviderInput"}
21409	if s.OpenIDConnectProviderArn == nil {
21410		invalidParams.Add(request.NewErrParamRequired("OpenIDConnectProviderArn"))
21411	}
21412	if s.OpenIDConnectProviderArn != nil && len(*s.OpenIDConnectProviderArn) < 20 {
21413		invalidParams.Add(request.NewErrParamMinLen("OpenIDConnectProviderArn", 20))
21414	}
21415
21416	if invalidParams.Len() > 0 {
21417		return invalidParams
21418	}
21419	return nil
21420}
21421
21422// SetOpenIDConnectProviderArn sets the OpenIDConnectProviderArn field's value.
21423func (s *DeleteOpenIDConnectProviderInput) SetOpenIDConnectProviderArn(v string) *DeleteOpenIDConnectProviderInput {
21424	s.OpenIDConnectProviderArn = &v
21425	return s
21426}
21427
21428type DeleteOpenIDConnectProviderOutput struct {
21429	_ struct{} `type:"structure"`
21430}
21431
21432// String returns the string representation.
21433//
21434// API parameter values that are decorated as "sensitive" in the API will not
21435// be included in the string output. The member name will be present, but the
21436// value will be replaced with "sensitive".
21437func (s DeleteOpenIDConnectProviderOutput) String() string {
21438	return awsutil.Prettify(s)
21439}
21440
21441// GoString returns the string representation.
21442//
21443// API parameter values that are decorated as "sensitive" in the API will not
21444// be included in the string output. The member name will be present, but the
21445// value will be replaced with "sensitive".
21446func (s DeleteOpenIDConnectProviderOutput) GoString() string {
21447	return s.String()
21448}
21449
21450type DeletePolicyInput struct {
21451	_ struct{} `type:"structure"`
21452
21453	// The Amazon Resource Name (ARN) of the IAM policy you want to delete.
21454	//
21455	// For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
21456	// in the Amazon Web Services General Reference.
21457	//
21458	// PolicyArn is a required field
21459	PolicyArn *string `min:"20" type:"string" required:"true"`
21460}
21461
21462// String returns the string representation.
21463//
21464// API parameter values that are decorated as "sensitive" in the API will not
21465// be included in the string output. The member name will be present, but the
21466// value will be replaced with "sensitive".
21467func (s DeletePolicyInput) String() string {
21468	return awsutil.Prettify(s)
21469}
21470
21471// GoString returns the string representation.
21472//
21473// API parameter values that are decorated as "sensitive" in the API will not
21474// be included in the string output. The member name will be present, but the
21475// value will be replaced with "sensitive".
21476func (s DeletePolicyInput) GoString() string {
21477	return s.String()
21478}
21479
21480// Validate inspects the fields of the type to determine if they are valid.
21481func (s *DeletePolicyInput) Validate() error {
21482	invalidParams := request.ErrInvalidParams{Context: "DeletePolicyInput"}
21483	if s.PolicyArn == nil {
21484		invalidParams.Add(request.NewErrParamRequired("PolicyArn"))
21485	}
21486	if s.PolicyArn != nil && len(*s.PolicyArn) < 20 {
21487		invalidParams.Add(request.NewErrParamMinLen("PolicyArn", 20))
21488	}
21489
21490	if invalidParams.Len() > 0 {
21491		return invalidParams
21492	}
21493	return nil
21494}
21495
21496// SetPolicyArn sets the PolicyArn field's value.
21497func (s *DeletePolicyInput) SetPolicyArn(v string) *DeletePolicyInput {
21498	s.PolicyArn = &v
21499	return s
21500}
21501
21502type DeletePolicyOutput struct {
21503	_ struct{} `type:"structure"`
21504}
21505
21506// String returns the string representation.
21507//
21508// API parameter values that are decorated as "sensitive" in the API will not
21509// be included in the string output. The member name will be present, but the
21510// value will be replaced with "sensitive".
21511func (s DeletePolicyOutput) String() string {
21512	return awsutil.Prettify(s)
21513}
21514
21515// GoString returns the string representation.
21516//
21517// API parameter values that are decorated as "sensitive" in the API will not
21518// be included in the string output. The member name will be present, but the
21519// value will be replaced with "sensitive".
21520func (s DeletePolicyOutput) GoString() string {
21521	return s.String()
21522}
21523
21524type DeletePolicyVersionInput struct {
21525	_ struct{} `type:"structure"`
21526
21527	// The Amazon Resource Name (ARN) of the IAM policy from which you want to delete
21528	// a version.
21529	//
21530	// For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
21531	// in the Amazon Web Services General Reference.
21532	//
21533	// PolicyArn is a required field
21534	PolicyArn *string `min:"20" type:"string" required:"true"`
21535
21536	// The policy version to delete.
21537	//
21538	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
21539	// a string of characters that consists of the lowercase letter 'v' followed
21540	// by one or two digits, and optionally followed by a period '.' and a string
21541	// of letters and digits.
21542	//
21543	// For more information about managed policy versions, see Versioning for managed
21544	// policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-versions.html)
21545	// in the IAM User Guide.
21546	//
21547	// VersionId is a required field
21548	VersionId *string `type:"string" required:"true"`
21549}
21550
21551// String returns the string representation.
21552//
21553// API parameter values that are decorated as "sensitive" in the API will not
21554// be included in the string output. The member name will be present, but the
21555// value will be replaced with "sensitive".
21556func (s DeletePolicyVersionInput) String() string {
21557	return awsutil.Prettify(s)
21558}
21559
21560// GoString returns the string representation.
21561//
21562// API parameter values that are decorated as "sensitive" in the API will not
21563// be included in the string output. The member name will be present, but the
21564// value will be replaced with "sensitive".
21565func (s DeletePolicyVersionInput) GoString() string {
21566	return s.String()
21567}
21568
21569// Validate inspects the fields of the type to determine if they are valid.
21570func (s *DeletePolicyVersionInput) Validate() error {
21571	invalidParams := request.ErrInvalidParams{Context: "DeletePolicyVersionInput"}
21572	if s.PolicyArn == nil {
21573		invalidParams.Add(request.NewErrParamRequired("PolicyArn"))
21574	}
21575	if s.PolicyArn != nil && len(*s.PolicyArn) < 20 {
21576		invalidParams.Add(request.NewErrParamMinLen("PolicyArn", 20))
21577	}
21578	if s.VersionId == nil {
21579		invalidParams.Add(request.NewErrParamRequired("VersionId"))
21580	}
21581
21582	if invalidParams.Len() > 0 {
21583		return invalidParams
21584	}
21585	return nil
21586}
21587
21588// SetPolicyArn sets the PolicyArn field's value.
21589func (s *DeletePolicyVersionInput) SetPolicyArn(v string) *DeletePolicyVersionInput {
21590	s.PolicyArn = &v
21591	return s
21592}
21593
21594// SetVersionId sets the VersionId field's value.
21595func (s *DeletePolicyVersionInput) SetVersionId(v string) *DeletePolicyVersionInput {
21596	s.VersionId = &v
21597	return s
21598}
21599
21600type DeletePolicyVersionOutput struct {
21601	_ struct{} `type:"structure"`
21602}
21603
21604// String returns the string representation.
21605//
21606// API parameter values that are decorated as "sensitive" in the API will not
21607// be included in the string output. The member name will be present, but the
21608// value will be replaced with "sensitive".
21609func (s DeletePolicyVersionOutput) String() string {
21610	return awsutil.Prettify(s)
21611}
21612
21613// GoString returns the string representation.
21614//
21615// API parameter values that are decorated as "sensitive" in the API will not
21616// be included in the string output. The member name will be present, but the
21617// value will be replaced with "sensitive".
21618func (s DeletePolicyVersionOutput) GoString() string {
21619	return s.String()
21620}
21621
21622type DeleteRoleInput struct {
21623	_ struct{} `type:"structure"`
21624
21625	// The name of the role to delete.
21626	//
21627	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
21628	// a string of characters consisting of upper and lowercase alphanumeric characters
21629	// with no spaces. You can also include any of the following characters: _+=,.@-
21630	//
21631	// RoleName is a required field
21632	RoleName *string `min:"1" type:"string" required:"true"`
21633}
21634
21635// String returns the string representation.
21636//
21637// API parameter values that are decorated as "sensitive" in the API will not
21638// be included in the string output. The member name will be present, but the
21639// value will be replaced with "sensitive".
21640func (s DeleteRoleInput) String() string {
21641	return awsutil.Prettify(s)
21642}
21643
21644// GoString returns the string representation.
21645//
21646// API parameter values that are decorated as "sensitive" in the API will not
21647// be included in the string output. The member name will be present, but the
21648// value will be replaced with "sensitive".
21649func (s DeleteRoleInput) GoString() string {
21650	return s.String()
21651}
21652
21653// Validate inspects the fields of the type to determine if they are valid.
21654func (s *DeleteRoleInput) Validate() error {
21655	invalidParams := request.ErrInvalidParams{Context: "DeleteRoleInput"}
21656	if s.RoleName == nil {
21657		invalidParams.Add(request.NewErrParamRequired("RoleName"))
21658	}
21659	if s.RoleName != nil && len(*s.RoleName) < 1 {
21660		invalidParams.Add(request.NewErrParamMinLen("RoleName", 1))
21661	}
21662
21663	if invalidParams.Len() > 0 {
21664		return invalidParams
21665	}
21666	return nil
21667}
21668
21669// SetRoleName sets the RoleName field's value.
21670func (s *DeleteRoleInput) SetRoleName(v string) *DeleteRoleInput {
21671	s.RoleName = &v
21672	return s
21673}
21674
21675type DeleteRoleOutput struct {
21676	_ struct{} `type:"structure"`
21677}
21678
21679// String returns the string representation.
21680//
21681// API parameter values that are decorated as "sensitive" in the API will not
21682// be included in the string output. The member name will be present, but the
21683// value will be replaced with "sensitive".
21684func (s DeleteRoleOutput) String() string {
21685	return awsutil.Prettify(s)
21686}
21687
21688// GoString returns the string representation.
21689//
21690// API parameter values that are decorated as "sensitive" in the API will not
21691// be included in the string output. The member name will be present, but the
21692// value will be replaced with "sensitive".
21693func (s DeleteRoleOutput) GoString() string {
21694	return s.String()
21695}
21696
21697type DeleteRolePermissionsBoundaryInput struct {
21698	_ struct{} `type:"structure"`
21699
21700	// The name (friendly name, not ARN) of the IAM role from which you want to
21701	// remove the permissions boundary.
21702	//
21703	// RoleName is a required field
21704	RoleName *string `min:"1" type:"string" required:"true"`
21705}
21706
21707// String returns the string representation.
21708//
21709// API parameter values that are decorated as "sensitive" in the API will not
21710// be included in the string output. The member name will be present, but the
21711// value will be replaced with "sensitive".
21712func (s DeleteRolePermissionsBoundaryInput) String() string {
21713	return awsutil.Prettify(s)
21714}
21715
21716// GoString returns the string representation.
21717//
21718// API parameter values that are decorated as "sensitive" in the API will not
21719// be included in the string output. The member name will be present, but the
21720// value will be replaced with "sensitive".
21721func (s DeleteRolePermissionsBoundaryInput) GoString() string {
21722	return s.String()
21723}
21724
21725// Validate inspects the fields of the type to determine if they are valid.
21726func (s *DeleteRolePermissionsBoundaryInput) Validate() error {
21727	invalidParams := request.ErrInvalidParams{Context: "DeleteRolePermissionsBoundaryInput"}
21728	if s.RoleName == nil {
21729		invalidParams.Add(request.NewErrParamRequired("RoleName"))
21730	}
21731	if s.RoleName != nil && len(*s.RoleName) < 1 {
21732		invalidParams.Add(request.NewErrParamMinLen("RoleName", 1))
21733	}
21734
21735	if invalidParams.Len() > 0 {
21736		return invalidParams
21737	}
21738	return nil
21739}
21740
21741// SetRoleName sets the RoleName field's value.
21742func (s *DeleteRolePermissionsBoundaryInput) SetRoleName(v string) *DeleteRolePermissionsBoundaryInput {
21743	s.RoleName = &v
21744	return s
21745}
21746
21747type DeleteRolePermissionsBoundaryOutput struct {
21748	_ struct{} `type:"structure"`
21749}
21750
21751// String returns the string representation.
21752//
21753// API parameter values that are decorated as "sensitive" in the API will not
21754// be included in the string output. The member name will be present, but the
21755// value will be replaced with "sensitive".
21756func (s DeleteRolePermissionsBoundaryOutput) String() string {
21757	return awsutil.Prettify(s)
21758}
21759
21760// GoString returns the string representation.
21761//
21762// API parameter values that are decorated as "sensitive" in the API will not
21763// be included in the string output. The member name will be present, but the
21764// value will be replaced with "sensitive".
21765func (s DeleteRolePermissionsBoundaryOutput) GoString() string {
21766	return s.String()
21767}
21768
21769type DeleteRolePolicyInput struct {
21770	_ struct{} `type:"structure"`
21771
21772	// The name of the inline policy to delete from the specified IAM role.
21773	//
21774	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
21775	// a string of characters consisting of upper and lowercase alphanumeric characters
21776	// with no spaces. You can also include any of the following characters: _+=,.@-
21777	//
21778	// PolicyName is a required field
21779	PolicyName *string `min:"1" type:"string" required:"true"`
21780
21781	// The name (friendly name, not ARN) identifying the role that the policy is
21782	// embedded in.
21783	//
21784	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
21785	// a string of characters consisting of upper and lowercase alphanumeric characters
21786	// with no spaces. You can also include any of the following characters: _+=,.@-
21787	//
21788	// RoleName is a required field
21789	RoleName *string `min:"1" type:"string" required:"true"`
21790}
21791
21792// String returns the string representation.
21793//
21794// API parameter values that are decorated as "sensitive" in the API will not
21795// be included in the string output. The member name will be present, but the
21796// value will be replaced with "sensitive".
21797func (s DeleteRolePolicyInput) String() string {
21798	return awsutil.Prettify(s)
21799}
21800
21801// GoString returns the string representation.
21802//
21803// API parameter values that are decorated as "sensitive" in the API will not
21804// be included in the string output. The member name will be present, but the
21805// value will be replaced with "sensitive".
21806func (s DeleteRolePolicyInput) GoString() string {
21807	return s.String()
21808}
21809
21810// Validate inspects the fields of the type to determine if they are valid.
21811func (s *DeleteRolePolicyInput) Validate() error {
21812	invalidParams := request.ErrInvalidParams{Context: "DeleteRolePolicyInput"}
21813	if s.PolicyName == nil {
21814		invalidParams.Add(request.NewErrParamRequired("PolicyName"))
21815	}
21816	if s.PolicyName != nil && len(*s.PolicyName) < 1 {
21817		invalidParams.Add(request.NewErrParamMinLen("PolicyName", 1))
21818	}
21819	if s.RoleName == nil {
21820		invalidParams.Add(request.NewErrParamRequired("RoleName"))
21821	}
21822	if s.RoleName != nil && len(*s.RoleName) < 1 {
21823		invalidParams.Add(request.NewErrParamMinLen("RoleName", 1))
21824	}
21825
21826	if invalidParams.Len() > 0 {
21827		return invalidParams
21828	}
21829	return nil
21830}
21831
21832// SetPolicyName sets the PolicyName field's value.
21833func (s *DeleteRolePolicyInput) SetPolicyName(v string) *DeleteRolePolicyInput {
21834	s.PolicyName = &v
21835	return s
21836}
21837
21838// SetRoleName sets the RoleName field's value.
21839func (s *DeleteRolePolicyInput) SetRoleName(v string) *DeleteRolePolicyInput {
21840	s.RoleName = &v
21841	return s
21842}
21843
21844type DeleteRolePolicyOutput struct {
21845	_ struct{} `type:"structure"`
21846}
21847
21848// String returns the string representation.
21849//
21850// API parameter values that are decorated as "sensitive" in the API will not
21851// be included in the string output. The member name will be present, but the
21852// value will be replaced with "sensitive".
21853func (s DeleteRolePolicyOutput) String() string {
21854	return awsutil.Prettify(s)
21855}
21856
21857// GoString returns the string representation.
21858//
21859// API parameter values that are decorated as "sensitive" in the API will not
21860// be included in the string output. The member name will be present, but the
21861// value will be replaced with "sensitive".
21862func (s DeleteRolePolicyOutput) GoString() string {
21863	return s.String()
21864}
21865
21866type DeleteSAMLProviderInput struct {
21867	_ struct{} `type:"structure"`
21868
21869	// The Amazon Resource Name (ARN) of the SAML provider to delete.
21870	//
21871	// SAMLProviderArn is a required field
21872	SAMLProviderArn *string `min:"20" type:"string" required:"true"`
21873}
21874
21875// String returns the string representation.
21876//
21877// API parameter values that are decorated as "sensitive" in the API will not
21878// be included in the string output. The member name will be present, but the
21879// value will be replaced with "sensitive".
21880func (s DeleteSAMLProviderInput) String() string {
21881	return awsutil.Prettify(s)
21882}
21883
21884// GoString returns the string representation.
21885//
21886// API parameter values that are decorated as "sensitive" in the API will not
21887// be included in the string output. The member name will be present, but the
21888// value will be replaced with "sensitive".
21889func (s DeleteSAMLProviderInput) GoString() string {
21890	return s.String()
21891}
21892
21893// Validate inspects the fields of the type to determine if they are valid.
21894func (s *DeleteSAMLProviderInput) Validate() error {
21895	invalidParams := request.ErrInvalidParams{Context: "DeleteSAMLProviderInput"}
21896	if s.SAMLProviderArn == nil {
21897		invalidParams.Add(request.NewErrParamRequired("SAMLProviderArn"))
21898	}
21899	if s.SAMLProviderArn != nil && len(*s.SAMLProviderArn) < 20 {
21900		invalidParams.Add(request.NewErrParamMinLen("SAMLProviderArn", 20))
21901	}
21902
21903	if invalidParams.Len() > 0 {
21904		return invalidParams
21905	}
21906	return nil
21907}
21908
21909// SetSAMLProviderArn sets the SAMLProviderArn field's value.
21910func (s *DeleteSAMLProviderInput) SetSAMLProviderArn(v string) *DeleteSAMLProviderInput {
21911	s.SAMLProviderArn = &v
21912	return s
21913}
21914
21915type DeleteSAMLProviderOutput struct {
21916	_ struct{} `type:"structure"`
21917}
21918
21919// String returns the string representation.
21920//
21921// API parameter values that are decorated as "sensitive" in the API will not
21922// be included in the string output. The member name will be present, but the
21923// value will be replaced with "sensitive".
21924func (s DeleteSAMLProviderOutput) String() string {
21925	return awsutil.Prettify(s)
21926}
21927
21928// GoString returns the string representation.
21929//
21930// API parameter values that are decorated as "sensitive" in the API will not
21931// be included in the string output. The member name will be present, but the
21932// value will be replaced with "sensitive".
21933func (s DeleteSAMLProviderOutput) GoString() string {
21934	return s.String()
21935}
21936
21937type DeleteSSHPublicKeyInput struct {
21938	_ struct{} `type:"structure"`
21939
21940	// The unique identifier for the SSH public key.
21941	//
21942	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
21943	// a string of characters that can consist of any upper or lowercased letter
21944	// or digit.
21945	//
21946	// SSHPublicKeyId is a required field
21947	SSHPublicKeyId *string `min:"20" type:"string" required:"true"`
21948
21949	// The name of the IAM user associated with the SSH public key.
21950	//
21951	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
21952	// a string of characters consisting of upper and lowercase alphanumeric characters
21953	// with no spaces. You can also include any of the following characters: _+=,.@-
21954	//
21955	// UserName is a required field
21956	UserName *string `min:"1" type:"string" required:"true"`
21957}
21958
21959// String returns the string representation.
21960//
21961// API parameter values that are decorated as "sensitive" in the API will not
21962// be included in the string output. The member name will be present, but the
21963// value will be replaced with "sensitive".
21964func (s DeleteSSHPublicKeyInput) String() string {
21965	return awsutil.Prettify(s)
21966}
21967
21968// GoString returns the string representation.
21969//
21970// API parameter values that are decorated as "sensitive" in the API will not
21971// be included in the string output. The member name will be present, but the
21972// value will be replaced with "sensitive".
21973func (s DeleteSSHPublicKeyInput) GoString() string {
21974	return s.String()
21975}
21976
21977// Validate inspects the fields of the type to determine if they are valid.
21978func (s *DeleteSSHPublicKeyInput) Validate() error {
21979	invalidParams := request.ErrInvalidParams{Context: "DeleteSSHPublicKeyInput"}
21980	if s.SSHPublicKeyId == nil {
21981		invalidParams.Add(request.NewErrParamRequired("SSHPublicKeyId"))
21982	}
21983	if s.SSHPublicKeyId != nil && len(*s.SSHPublicKeyId) < 20 {
21984		invalidParams.Add(request.NewErrParamMinLen("SSHPublicKeyId", 20))
21985	}
21986	if s.UserName == nil {
21987		invalidParams.Add(request.NewErrParamRequired("UserName"))
21988	}
21989	if s.UserName != nil && len(*s.UserName) < 1 {
21990		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
21991	}
21992
21993	if invalidParams.Len() > 0 {
21994		return invalidParams
21995	}
21996	return nil
21997}
21998
21999// SetSSHPublicKeyId sets the SSHPublicKeyId field's value.
22000func (s *DeleteSSHPublicKeyInput) SetSSHPublicKeyId(v string) *DeleteSSHPublicKeyInput {
22001	s.SSHPublicKeyId = &v
22002	return s
22003}
22004
22005// SetUserName sets the UserName field's value.
22006func (s *DeleteSSHPublicKeyInput) SetUserName(v string) *DeleteSSHPublicKeyInput {
22007	s.UserName = &v
22008	return s
22009}
22010
22011type DeleteSSHPublicKeyOutput struct {
22012	_ struct{} `type:"structure"`
22013}
22014
22015// String returns the string representation.
22016//
22017// API parameter values that are decorated as "sensitive" in the API will not
22018// be included in the string output. The member name will be present, but the
22019// value will be replaced with "sensitive".
22020func (s DeleteSSHPublicKeyOutput) String() string {
22021	return awsutil.Prettify(s)
22022}
22023
22024// GoString returns the string representation.
22025//
22026// API parameter values that are decorated as "sensitive" in the API will not
22027// be included in the string output. The member name will be present, but the
22028// value will be replaced with "sensitive".
22029func (s DeleteSSHPublicKeyOutput) GoString() string {
22030	return s.String()
22031}
22032
22033type DeleteServerCertificateInput struct {
22034	_ struct{} `type:"structure"`
22035
22036	// The name of the server certificate you want to delete.
22037	//
22038	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
22039	// a string of characters consisting of upper and lowercase alphanumeric characters
22040	// with no spaces. You can also include any of the following characters: _+=,.@-
22041	//
22042	// ServerCertificateName is a required field
22043	ServerCertificateName *string `min:"1" type:"string" required:"true"`
22044}
22045
22046// String returns the string representation.
22047//
22048// API parameter values that are decorated as "sensitive" in the API will not
22049// be included in the string output. The member name will be present, but the
22050// value will be replaced with "sensitive".
22051func (s DeleteServerCertificateInput) String() string {
22052	return awsutil.Prettify(s)
22053}
22054
22055// GoString returns the string representation.
22056//
22057// API parameter values that are decorated as "sensitive" in the API will not
22058// be included in the string output. The member name will be present, but the
22059// value will be replaced with "sensitive".
22060func (s DeleteServerCertificateInput) GoString() string {
22061	return s.String()
22062}
22063
22064// Validate inspects the fields of the type to determine if they are valid.
22065func (s *DeleteServerCertificateInput) Validate() error {
22066	invalidParams := request.ErrInvalidParams{Context: "DeleteServerCertificateInput"}
22067	if s.ServerCertificateName == nil {
22068		invalidParams.Add(request.NewErrParamRequired("ServerCertificateName"))
22069	}
22070	if s.ServerCertificateName != nil && len(*s.ServerCertificateName) < 1 {
22071		invalidParams.Add(request.NewErrParamMinLen("ServerCertificateName", 1))
22072	}
22073
22074	if invalidParams.Len() > 0 {
22075		return invalidParams
22076	}
22077	return nil
22078}
22079
22080// SetServerCertificateName sets the ServerCertificateName field's value.
22081func (s *DeleteServerCertificateInput) SetServerCertificateName(v string) *DeleteServerCertificateInput {
22082	s.ServerCertificateName = &v
22083	return s
22084}
22085
22086type DeleteServerCertificateOutput struct {
22087	_ struct{} `type:"structure"`
22088}
22089
22090// String returns the string representation.
22091//
22092// API parameter values that are decorated as "sensitive" in the API will not
22093// be included in the string output. The member name will be present, but the
22094// value will be replaced with "sensitive".
22095func (s DeleteServerCertificateOutput) String() string {
22096	return awsutil.Prettify(s)
22097}
22098
22099// GoString returns the string representation.
22100//
22101// API parameter values that are decorated as "sensitive" in the API will not
22102// be included in the string output. The member name will be present, but the
22103// value will be replaced with "sensitive".
22104func (s DeleteServerCertificateOutput) GoString() string {
22105	return s.String()
22106}
22107
22108type DeleteServiceLinkedRoleInput struct {
22109	_ struct{} `type:"structure"`
22110
22111	// The name of the service-linked role to be deleted.
22112	//
22113	// RoleName is a required field
22114	RoleName *string `min:"1" type:"string" required:"true"`
22115}
22116
22117// String returns the string representation.
22118//
22119// API parameter values that are decorated as "sensitive" in the API will not
22120// be included in the string output. The member name will be present, but the
22121// value will be replaced with "sensitive".
22122func (s DeleteServiceLinkedRoleInput) String() string {
22123	return awsutil.Prettify(s)
22124}
22125
22126// GoString returns the string representation.
22127//
22128// API parameter values that are decorated as "sensitive" in the API will not
22129// be included in the string output. The member name will be present, but the
22130// value will be replaced with "sensitive".
22131func (s DeleteServiceLinkedRoleInput) GoString() string {
22132	return s.String()
22133}
22134
22135// Validate inspects the fields of the type to determine if they are valid.
22136func (s *DeleteServiceLinkedRoleInput) Validate() error {
22137	invalidParams := request.ErrInvalidParams{Context: "DeleteServiceLinkedRoleInput"}
22138	if s.RoleName == nil {
22139		invalidParams.Add(request.NewErrParamRequired("RoleName"))
22140	}
22141	if s.RoleName != nil && len(*s.RoleName) < 1 {
22142		invalidParams.Add(request.NewErrParamMinLen("RoleName", 1))
22143	}
22144
22145	if invalidParams.Len() > 0 {
22146		return invalidParams
22147	}
22148	return nil
22149}
22150
22151// SetRoleName sets the RoleName field's value.
22152func (s *DeleteServiceLinkedRoleInput) SetRoleName(v string) *DeleteServiceLinkedRoleInput {
22153	s.RoleName = &v
22154	return s
22155}
22156
22157type DeleteServiceLinkedRoleOutput struct {
22158	_ struct{} `type:"structure"`
22159
22160	// The deletion task identifier that you can use to check the status of the
22161	// deletion. This identifier is returned in the format task/aws-service-role/<service-principal-name>/<role-name>/<task-uuid>.
22162	//
22163	// DeletionTaskId is a required field
22164	DeletionTaskId *string `min:"1" type:"string" required:"true"`
22165}
22166
22167// String returns the string representation.
22168//
22169// API parameter values that are decorated as "sensitive" in the API will not
22170// be included in the string output. The member name will be present, but the
22171// value will be replaced with "sensitive".
22172func (s DeleteServiceLinkedRoleOutput) String() string {
22173	return awsutil.Prettify(s)
22174}
22175
22176// GoString returns the string representation.
22177//
22178// API parameter values that are decorated as "sensitive" in the API will not
22179// be included in the string output. The member name will be present, but the
22180// value will be replaced with "sensitive".
22181func (s DeleteServiceLinkedRoleOutput) GoString() string {
22182	return s.String()
22183}
22184
22185// SetDeletionTaskId sets the DeletionTaskId field's value.
22186func (s *DeleteServiceLinkedRoleOutput) SetDeletionTaskId(v string) *DeleteServiceLinkedRoleOutput {
22187	s.DeletionTaskId = &v
22188	return s
22189}
22190
22191type DeleteServiceSpecificCredentialInput struct {
22192	_ struct{} `type:"structure"`
22193
22194	// The unique identifier of the service-specific credential. You can get this
22195	// value by calling ListServiceSpecificCredentials.
22196	//
22197	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
22198	// a string of characters that can consist of any upper or lowercased letter
22199	// or digit.
22200	//
22201	// ServiceSpecificCredentialId is a required field
22202	ServiceSpecificCredentialId *string `min:"20" type:"string" required:"true"`
22203
22204	// The name of the IAM user associated with the service-specific credential.
22205	// If this value is not specified, then the operation assumes the user whose
22206	// credentials are used to call the operation.
22207	//
22208	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
22209	// a string of characters consisting of upper and lowercase alphanumeric characters
22210	// with no spaces. You can also include any of the following characters: _+=,.@-
22211	UserName *string `min:"1" type:"string"`
22212}
22213
22214// String returns the string representation.
22215//
22216// API parameter values that are decorated as "sensitive" in the API will not
22217// be included in the string output. The member name will be present, but the
22218// value will be replaced with "sensitive".
22219func (s DeleteServiceSpecificCredentialInput) String() string {
22220	return awsutil.Prettify(s)
22221}
22222
22223// GoString returns the string representation.
22224//
22225// API parameter values that are decorated as "sensitive" in the API will not
22226// be included in the string output. The member name will be present, but the
22227// value will be replaced with "sensitive".
22228func (s DeleteServiceSpecificCredentialInput) GoString() string {
22229	return s.String()
22230}
22231
22232// Validate inspects the fields of the type to determine if they are valid.
22233func (s *DeleteServiceSpecificCredentialInput) Validate() error {
22234	invalidParams := request.ErrInvalidParams{Context: "DeleteServiceSpecificCredentialInput"}
22235	if s.ServiceSpecificCredentialId == nil {
22236		invalidParams.Add(request.NewErrParamRequired("ServiceSpecificCredentialId"))
22237	}
22238	if s.ServiceSpecificCredentialId != nil && len(*s.ServiceSpecificCredentialId) < 20 {
22239		invalidParams.Add(request.NewErrParamMinLen("ServiceSpecificCredentialId", 20))
22240	}
22241	if s.UserName != nil && len(*s.UserName) < 1 {
22242		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
22243	}
22244
22245	if invalidParams.Len() > 0 {
22246		return invalidParams
22247	}
22248	return nil
22249}
22250
22251// SetServiceSpecificCredentialId sets the ServiceSpecificCredentialId field's value.
22252func (s *DeleteServiceSpecificCredentialInput) SetServiceSpecificCredentialId(v string) *DeleteServiceSpecificCredentialInput {
22253	s.ServiceSpecificCredentialId = &v
22254	return s
22255}
22256
22257// SetUserName sets the UserName field's value.
22258func (s *DeleteServiceSpecificCredentialInput) SetUserName(v string) *DeleteServiceSpecificCredentialInput {
22259	s.UserName = &v
22260	return s
22261}
22262
22263type DeleteServiceSpecificCredentialOutput struct {
22264	_ struct{} `type:"structure"`
22265}
22266
22267// String returns the string representation.
22268//
22269// API parameter values that are decorated as "sensitive" in the API will not
22270// be included in the string output. The member name will be present, but the
22271// value will be replaced with "sensitive".
22272func (s DeleteServiceSpecificCredentialOutput) String() string {
22273	return awsutil.Prettify(s)
22274}
22275
22276// GoString returns the string representation.
22277//
22278// API parameter values that are decorated as "sensitive" in the API will not
22279// be included in the string output. The member name will be present, but the
22280// value will be replaced with "sensitive".
22281func (s DeleteServiceSpecificCredentialOutput) GoString() string {
22282	return s.String()
22283}
22284
22285type DeleteSigningCertificateInput struct {
22286	_ struct{} `type:"structure"`
22287
22288	// The ID of the signing certificate to delete.
22289	//
22290	// The format of this parameter, as described by its regex (http://wikipedia.org/wiki/regex)
22291	// pattern, is a string of characters that can be upper- or lower-cased letters
22292	// or digits.
22293	//
22294	// CertificateId is a required field
22295	CertificateId *string `min:"24" type:"string" required:"true"`
22296
22297	// The name of the user the signing certificate belongs to.
22298	//
22299	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
22300	// a string of characters consisting of upper and lowercase alphanumeric characters
22301	// with no spaces. You can also include any of the following characters: _+=,.@-
22302	UserName *string `min:"1" type:"string"`
22303}
22304
22305// String returns the string representation.
22306//
22307// API parameter values that are decorated as "sensitive" in the API will not
22308// be included in the string output. The member name will be present, but the
22309// value will be replaced with "sensitive".
22310func (s DeleteSigningCertificateInput) String() string {
22311	return awsutil.Prettify(s)
22312}
22313
22314// GoString returns the string representation.
22315//
22316// API parameter values that are decorated as "sensitive" in the API will not
22317// be included in the string output. The member name will be present, but the
22318// value will be replaced with "sensitive".
22319func (s DeleteSigningCertificateInput) GoString() string {
22320	return s.String()
22321}
22322
22323// Validate inspects the fields of the type to determine if they are valid.
22324func (s *DeleteSigningCertificateInput) Validate() error {
22325	invalidParams := request.ErrInvalidParams{Context: "DeleteSigningCertificateInput"}
22326	if s.CertificateId == nil {
22327		invalidParams.Add(request.NewErrParamRequired("CertificateId"))
22328	}
22329	if s.CertificateId != nil && len(*s.CertificateId) < 24 {
22330		invalidParams.Add(request.NewErrParamMinLen("CertificateId", 24))
22331	}
22332	if s.UserName != nil && len(*s.UserName) < 1 {
22333		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
22334	}
22335
22336	if invalidParams.Len() > 0 {
22337		return invalidParams
22338	}
22339	return nil
22340}
22341
22342// SetCertificateId sets the CertificateId field's value.
22343func (s *DeleteSigningCertificateInput) SetCertificateId(v string) *DeleteSigningCertificateInput {
22344	s.CertificateId = &v
22345	return s
22346}
22347
22348// SetUserName sets the UserName field's value.
22349func (s *DeleteSigningCertificateInput) SetUserName(v string) *DeleteSigningCertificateInput {
22350	s.UserName = &v
22351	return s
22352}
22353
22354type DeleteSigningCertificateOutput struct {
22355	_ struct{} `type:"structure"`
22356}
22357
22358// String returns the string representation.
22359//
22360// API parameter values that are decorated as "sensitive" in the API will not
22361// be included in the string output. The member name will be present, but the
22362// value will be replaced with "sensitive".
22363func (s DeleteSigningCertificateOutput) String() string {
22364	return awsutil.Prettify(s)
22365}
22366
22367// GoString returns the string representation.
22368//
22369// API parameter values that are decorated as "sensitive" in the API will not
22370// be included in the string output. The member name will be present, but the
22371// value will be replaced with "sensitive".
22372func (s DeleteSigningCertificateOutput) GoString() string {
22373	return s.String()
22374}
22375
22376type DeleteUserInput struct {
22377	_ struct{} `type:"structure"`
22378
22379	// The name of the user to delete.
22380	//
22381	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
22382	// a string of characters consisting of upper and lowercase alphanumeric characters
22383	// with no spaces. You can also include any of the following characters: _+=,.@-
22384	//
22385	// UserName is a required field
22386	UserName *string `min:"1" type:"string" required:"true"`
22387}
22388
22389// String returns the string representation.
22390//
22391// API parameter values that are decorated as "sensitive" in the API will not
22392// be included in the string output. The member name will be present, but the
22393// value will be replaced with "sensitive".
22394func (s DeleteUserInput) String() string {
22395	return awsutil.Prettify(s)
22396}
22397
22398// GoString returns the string representation.
22399//
22400// API parameter values that are decorated as "sensitive" in the API will not
22401// be included in the string output. The member name will be present, but the
22402// value will be replaced with "sensitive".
22403func (s DeleteUserInput) GoString() string {
22404	return s.String()
22405}
22406
22407// Validate inspects the fields of the type to determine if they are valid.
22408func (s *DeleteUserInput) Validate() error {
22409	invalidParams := request.ErrInvalidParams{Context: "DeleteUserInput"}
22410	if s.UserName == nil {
22411		invalidParams.Add(request.NewErrParamRequired("UserName"))
22412	}
22413	if s.UserName != nil && len(*s.UserName) < 1 {
22414		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
22415	}
22416
22417	if invalidParams.Len() > 0 {
22418		return invalidParams
22419	}
22420	return nil
22421}
22422
22423// SetUserName sets the UserName field's value.
22424func (s *DeleteUserInput) SetUserName(v string) *DeleteUserInput {
22425	s.UserName = &v
22426	return s
22427}
22428
22429type DeleteUserOutput struct {
22430	_ struct{} `type:"structure"`
22431}
22432
22433// String returns the string representation.
22434//
22435// API parameter values that are decorated as "sensitive" in the API will not
22436// be included in the string output. The member name will be present, but the
22437// value will be replaced with "sensitive".
22438func (s DeleteUserOutput) String() string {
22439	return awsutil.Prettify(s)
22440}
22441
22442// GoString returns the string representation.
22443//
22444// API parameter values that are decorated as "sensitive" in the API will not
22445// be included in the string output. The member name will be present, but the
22446// value will be replaced with "sensitive".
22447func (s DeleteUserOutput) GoString() string {
22448	return s.String()
22449}
22450
22451type DeleteUserPermissionsBoundaryInput struct {
22452	_ struct{} `type:"structure"`
22453
22454	// The name (friendly name, not ARN) of the IAM user from which you want to
22455	// remove the permissions boundary.
22456	//
22457	// UserName is a required field
22458	UserName *string `min:"1" type:"string" required:"true"`
22459}
22460
22461// String returns the string representation.
22462//
22463// API parameter values that are decorated as "sensitive" in the API will not
22464// be included in the string output. The member name will be present, but the
22465// value will be replaced with "sensitive".
22466func (s DeleteUserPermissionsBoundaryInput) String() string {
22467	return awsutil.Prettify(s)
22468}
22469
22470// GoString returns the string representation.
22471//
22472// API parameter values that are decorated as "sensitive" in the API will not
22473// be included in the string output. The member name will be present, but the
22474// value will be replaced with "sensitive".
22475func (s DeleteUserPermissionsBoundaryInput) GoString() string {
22476	return s.String()
22477}
22478
22479// Validate inspects the fields of the type to determine if they are valid.
22480func (s *DeleteUserPermissionsBoundaryInput) Validate() error {
22481	invalidParams := request.ErrInvalidParams{Context: "DeleteUserPermissionsBoundaryInput"}
22482	if s.UserName == nil {
22483		invalidParams.Add(request.NewErrParamRequired("UserName"))
22484	}
22485	if s.UserName != nil && len(*s.UserName) < 1 {
22486		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
22487	}
22488
22489	if invalidParams.Len() > 0 {
22490		return invalidParams
22491	}
22492	return nil
22493}
22494
22495// SetUserName sets the UserName field's value.
22496func (s *DeleteUserPermissionsBoundaryInput) SetUserName(v string) *DeleteUserPermissionsBoundaryInput {
22497	s.UserName = &v
22498	return s
22499}
22500
22501type DeleteUserPermissionsBoundaryOutput struct {
22502	_ struct{} `type:"structure"`
22503}
22504
22505// String returns the string representation.
22506//
22507// API parameter values that are decorated as "sensitive" in the API will not
22508// be included in the string output. The member name will be present, but the
22509// value will be replaced with "sensitive".
22510func (s DeleteUserPermissionsBoundaryOutput) String() string {
22511	return awsutil.Prettify(s)
22512}
22513
22514// GoString returns the string representation.
22515//
22516// API parameter values that are decorated as "sensitive" in the API will not
22517// be included in the string output. The member name will be present, but the
22518// value will be replaced with "sensitive".
22519func (s DeleteUserPermissionsBoundaryOutput) GoString() string {
22520	return s.String()
22521}
22522
22523type DeleteUserPolicyInput struct {
22524	_ struct{} `type:"structure"`
22525
22526	// The name identifying the policy document to delete.
22527	//
22528	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
22529	// a string of characters consisting of upper and lowercase alphanumeric characters
22530	// with no spaces. You can also include any of the following characters: _+=,.@-
22531	//
22532	// PolicyName is a required field
22533	PolicyName *string `min:"1" type:"string" required:"true"`
22534
22535	// The name (friendly name, not ARN) identifying the user that the policy is
22536	// embedded in.
22537	//
22538	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
22539	// a string of characters consisting of upper and lowercase alphanumeric characters
22540	// with no spaces. You can also include any of the following characters: _+=,.@-
22541	//
22542	// UserName is a required field
22543	UserName *string `min:"1" type:"string" required:"true"`
22544}
22545
22546// String returns the string representation.
22547//
22548// API parameter values that are decorated as "sensitive" in the API will not
22549// be included in the string output. The member name will be present, but the
22550// value will be replaced with "sensitive".
22551func (s DeleteUserPolicyInput) String() string {
22552	return awsutil.Prettify(s)
22553}
22554
22555// GoString returns the string representation.
22556//
22557// API parameter values that are decorated as "sensitive" in the API will not
22558// be included in the string output. The member name will be present, but the
22559// value will be replaced with "sensitive".
22560func (s DeleteUserPolicyInput) GoString() string {
22561	return s.String()
22562}
22563
22564// Validate inspects the fields of the type to determine if they are valid.
22565func (s *DeleteUserPolicyInput) Validate() error {
22566	invalidParams := request.ErrInvalidParams{Context: "DeleteUserPolicyInput"}
22567	if s.PolicyName == nil {
22568		invalidParams.Add(request.NewErrParamRequired("PolicyName"))
22569	}
22570	if s.PolicyName != nil && len(*s.PolicyName) < 1 {
22571		invalidParams.Add(request.NewErrParamMinLen("PolicyName", 1))
22572	}
22573	if s.UserName == nil {
22574		invalidParams.Add(request.NewErrParamRequired("UserName"))
22575	}
22576	if s.UserName != nil && len(*s.UserName) < 1 {
22577		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
22578	}
22579
22580	if invalidParams.Len() > 0 {
22581		return invalidParams
22582	}
22583	return nil
22584}
22585
22586// SetPolicyName sets the PolicyName field's value.
22587func (s *DeleteUserPolicyInput) SetPolicyName(v string) *DeleteUserPolicyInput {
22588	s.PolicyName = &v
22589	return s
22590}
22591
22592// SetUserName sets the UserName field's value.
22593func (s *DeleteUserPolicyInput) SetUserName(v string) *DeleteUserPolicyInput {
22594	s.UserName = &v
22595	return s
22596}
22597
22598type DeleteUserPolicyOutput struct {
22599	_ struct{} `type:"structure"`
22600}
22601
22602// String returns the string representation.
22603//
22604// API parameter values that are decorated as "sensitive" in the API will not
22605// be included in the string output. The member name will be present, but the
22606// value will be replaced with "sensitive".
22607func (s DeleteUserPolicyOutput) String() string {
22608	return awsutil.Prettify(s)
22609}
22610
22611// GoString returns the string representation.
22612//
22613// API parameter values that are decorated as "sensitive" in the API will not
22614// be included in the string output. The member name will be present, but the
22615// value will be replaced with "sensitive".
22616func (s DeleteUserPolicyOutput) GoString() string {
22617	return s.String()
22618}
22619
22620type DeleteVirtualMFADeviceInput struct {
22621	_ struct{} `type:"structure"`
22622
22623	// The serial number that uniquely identifies the MFA device. For virtual MFA
22624	// devices, the serial number is the same as the ARN.
22625	//
22626	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
22627	// a string of characters consisting of upper and lowercase alphanumeric characters
22628	// with no spaces. You can also include any of the following characters: =,.@:/-
22629	//
22630	// SerialNumber is a required field
22631	SerialNumber *string `min:"9" type:"string" required:"true"`
22632}
22633
22634// String returns the string representation.
22635//
22636// API parameter values that are decorated as "sensitive" in the API will not
22637// be included in the string output. The member name will be present, but the
22638// value will be replaced with "sensitive".
22639func (s DeleteVirtualMFADeviceInput) String() string {
22640	return awsutil.Prettify(s)
22641}
22642
22643// GoString returns the string representation.
22644//
22645// API parameter values that are decorated as "sensitive" in the API will not
22646// be included in the string output. The member name will be present, but the
22647// value will be replaced with "sensitive".
22648func (s DeleteVirtualMFADeviceInput) GoString() string {
22649	return s.String()
22650}
22651
22652// Validate inspects the fields of the type to determine if they are valid.
22653func (s *DeleteVirtualMFADeviceInput) Validate() error {
22654	invalidParams := request.ErrInvalidParams{Context: "DeleteVirtualMFADeviceInput"}
22655	if s.SerialNumber == nil {
22656		invalidParams.Add(request.NewErrParamRequired("SerialNumber"))
22657	}
22658	if s.SerialNumber != nil && len(*s.SerialNumber) < 9 {
22659		invalidParams.Add(request.NewErrParamMinLen("SerialNumber", 9))
22660	}
22661
22662	if invalidParams.Len() > 0 {
22663		return invalidParams
22664	}
22665	return nil
22666}
22667
22668// SetSerialNumber sets the SerialNumber field's value.
22669func (s *DeleteVirtualMFADeviceInput) SetSerialNumber(v string) *DeleteVirtualMFADeviceInput {
22670	s.SerialNumber = &v
22671	return s
22672}
22673
22674type DeleteVirtualMFADeviceOutput struct {
22675	_ struct{} `type:"structure"`
22676}
22677
22678// String returns the string representation.
22679//
22680// API parameter values that are decorated as "sensitive" in the API will not
22681// be included in the string output. The member name will be present, but the
22682// value will be replaced with "sensitive".
22683func (s DeleteVirtualMFADeviceOutput) String() string {
22684	return awsutil.Prettify(s)
22685}
22686
22687// GoString returns the string representation.
22688//
22689// API parameter values that are decorated as "sensitive" in the API will not
22690// be included in the string output. The member name will be present, but the
22691// value will be replaced with "sensitive".
22692func (s DeleteVirtualMFADeviceOutput) GoString() string {
22693	return s.String()
22694}
22695
22696// The reason that the service-linked role deletion failed.
22697//
22698// This data type is used as a response element in the GetServiceLinkedRoleDeletionStatus
22699// operation.
22700type DeletionTaskFailureReasonType struct {
22701	_ struct{} `type:"structure"`
22702
22703	// A short description of the reason that the service-linked role deletion failed.
22704	Reason *string `type:"string"`
22705
22706	// A list of objects that contains details about the service-linked role deletion
22707	// failure, if that information is returned by the service. If the service-linked
22708	// role has active sessions or if any resources that were used by the role have
22709	// not been deleted from the linked service, the role can't be deleted. This
22710	// parameter includes a list of the resources that are associated with the role
22711	// and the Region in which the resources are being used.
22712	RoleUsageList []*RoleUsageType `type:"list"`
22713}
22714
22715// String returns the string representation.
22716//
22717// API parameter values that are decorated as "sensitive" in the API will not
22718// be included in the string output. The member name will be present, but the
22719// value will be replaced with "sensitive".
22720func (s DeletionTaskFailureReasonType) String() string {
22721	return awsutil.Prettify(s)
22722}
22723
22724// GoString returns the string representation.
22725//
22726// API parameter values that are decorated as "sensitive" in the API will not
22727// be included in the string output. The member name will be present, but the
22728// value will be replaced with "sensitive".
22729func (s DeletionTaskFailureReasonType) GoString() string {
22730	return s.String()
22731}
22732
22733// SetReason sets the Reason field's value.
22734func (s *DeletionTaskFailureReasonType) SetReason(v string) *DeletionTaskFailureReasonType {
22735	s.Reason = &v
22736	return s
22737}
22738
22739// SetRoleUsageList sets the RoleUsageList field's value.
22740func (s *DeletionTaskFailureReasonType) SetRoleUsageList(v []*RoleUsageType) *DeletionTaskFailureReasonType {
22741	s.RoleUsageList = v
22742	return s
22743}
22744
22745type DetachGroupPolicyInput struct {
22746	_ struct{} `type:"structure"`
22747
22748	// The name (friendly name, not ARN) of the IAM group to detach the policy from.
22749	//
22750	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
22751	// a string of characters consisting of upper and lowercase alphanumeric characters
22752	// with no spaces. You can also include any of the following characters: _+=,.@-
22753	//
22754	// GroupName is a required field
22755	GroupName *string `min:"1" type:"string" required:"true"`
22756
22757	// The Amazon Resource Name (ARN) of the IAM policy you want to detach.
22758	//
22759	// For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
22760	// in the Amazon Web Services General Reference.
22761	//
22762	// PolicyArn is a required field
22763	PolicyArn *string `min:"20" type:"string" required:"true"`
22764}
22765
22766// String returns the string representation.
22767//
22768// API parameter values that are decorated as "sensitive" in the API will not
22769// be included in the string output. The member name will be present, but the
22770// value will be replaced with "sensitive".
22771func (s DetachGroupPolicyInput) String() string {
22772	return awsutil.Prettify(s)
22773}
22774
22775// GoString returns the string representation.
22776//
22777// API parameter values that are decorated as "sensitive" in the API will not
22778// be included in the string output. The member name will be present, but the
22779// value will be replaced with "sensitive".
22780func (s DetachGroupPolicyInput) GoString() string {
22781	return s.String()
22782}
22783
22784// Validate inspects the fields of the type to determine if they are valid.
22785func (s *DetachGroupPolicyInput) Validate() error {
22786	invalidParams := request.ErrInvalidParams{Context: "DetachGroupPolicyInput"}
22787	if s.GroupName == nil {
22788		invalidParams.Add(request.NewErrParamRequired("GroupName"))
22789	}
22790	if s.GroupName != nil && len(*s.GroupName) < 1 {
22791		invalidParams.Add(request.NewErrParamMinLen("GroupName", 1))
22792	}
22793	if s.PolicyArn == nil {
22794		invalidParams.Add(request.NewErrParamRequired("PolicyArn"))
22795	}
22796	if s.PolicyArn != nil && len(*s.PolicyArn) < 20 {
22797		invalidParams.Add(request.NewErrParamMinLen("PolicyArn", 20))
22798	}
22799
22800	if invalidParams.Len() > 0 {
22801		return invalidParams
22802	}
22803	return nil
22804}
22805
22806// SetGroupName sets the GroupName field's value.
22807func (s *DetachGroupPolicyInput) SetGroupName(v string) *DetachGroupPolicyInput {
22808	s.GroupName = &v
22809	return s
22810}
22811
22812// SetPolicyArn sets the PolicyArn field's value.
22813func (s *DetachGroupPolicyInput) SetPolicyArn(v string) *DetachGroupPolicyInput {
22814	s.PolicyArn = &v
22815	return s
22816}
22817
22818type DetachGroupPolicyOutput struct {
22819	_ struct{} `type:"structure"`
22820}
22821
22822// String returns the string representation.
22823//
22824// API parameter values that are decorated as "sensitive" in the API will not
22825// be included in the string output. The member name will be present, but the
22826// value will be replaced with "sensitive".
22827func (s DetachGroupPolicyOutput) String() string {
22828	return awsutil.Prettify(s)
22829}
22830
22831// GoString returns the string representation.
22832//
22833// API parameter values that are decorated as "sensitive" in the API will not
22834// be included in the string output. The member name will be present, but the
22835// value will be replaced with "sensitive".
22836func (s DetachGroupPolicyOutput) GoString() string {
22837	return s.String()
22838}
22839
22840type DetachRolePolicyInput struct {
22841	_ struct{} `type:"structure"`
22842
22843	// The Amazon Resource Name (ARN) of the IAM policy you want to detach.
22844	//
22845	// For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
22846	// in the Amazon Web Services General Reference.
22847	//
22848	// PolicyArn is a required field
22849	PolicyArn *string `min:"20" type:"string" required:"true"`
22850
22851	// The name (friendly name, not ARN) of the IAM role to detach the policy from.
22852	//
22853	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
22854	// a string of characters consisting of upper and lowercase alphanumeric characters
22855	// with no spaces. You can also include any of the following characters: _+=,.@-
22856	//
22857	// RoleName is a required field
22858	RoleName *string `min:"1" type:"string" required:"true"`
22859}
22860
22861// String returns the string representation.
22862//
22863// API parameter values that are decorated as "sensitive" in the API will not
22864// be included in the string output. The member name will be present, but the
22865// value will be replaced with "sensitive".
22866func (s DetachRolePolicyInput) String() string {
22867	return awsutil.Prettify(s)
22868}
22869
22870// GoString returns the string representation.
22871//
22872// API parameter values that are decorated as "sensitive" in the API will not
22873// be included in the string output. The member name will be present, but the
22874// value will be replaced with "sensitive".
22875func (s DetachRolePolicyInput) GoString() string {
22876	return s.String()
22877}
22878
22879// Validate inspects the fields of the type to determine if they are valid.
22880func (s *DetachRolePolicyInput) Validate() error {
22881	invalidParams := request.ErrInvalidParams{Context: "DetachRolePolicyInput"}
22882	if s.PolicyArn == nil {
22883		invalidParams.Add(request.NewErrParamRequired("PolicyArn"))
22884	}
22885	if s.PolicyArn != nil && len(*s.PolicyArn) < 20 {
22886		invalidParams.Add(request.NewErrParamMinLen("PolicyArn", 20))
22887	}
22888	if s.RoleName == nil {
22889		invalidParams.Add(request.NewErrParamRequired("RoleName"))
22890	}
22891	if s.RoleName != nil && len(*s.RoleName) < 1 {
22892		invalidParams.Add(request.NewErrParamMinLen("RoleName", 1))
22893	}
22894
22895	if invalidParams.Len() > 0 {
22896		return invalidParams
22897	}
22898	return nil
22899}
22900
22901// SetPolicyArn sets the PolicyArn field's value.
22902func (s *DetachRolePolicyInput) SetPolicyArn(v string) *DetachRolePolicyInput {
22903	s.PolicyArn = &v
22904	return s
22905}
22906
22907// SetRoleName sets the RoleName field's value.
22908func (s *DetachRolePolicyInput) SetRoleName(v string) *DetachRolePolicyInput {
22909	s.RoleName = &v
22910	return s
22911}
22912
22913type DetachRolePolicyOutput struct {
22914	_ struct{} `type:"structure"`
22915}
22916
22917// String returns the string representation.
22918//
22919// API parameter values that are decorated as "sensitive" in the API will not
22920// be included in the string output. The member name will be present, but the
22921// value will be replaced with "sensitive".
22922func (s DetachRolePolicyOutput) String() string {
22923	return awsutil.Prettify(s)
22924}
22925
22926// GoString returns the string representation.
22927//
22928// API parameter values that are decorated as "sensitive" in the API will not
22929// be included in the string output. The member name will be present, but the
22930// value will be replaced with "sensitive".
22931func (s DetachRolePolicyOutput) GoString() string {
22932	return s.String()
22933}
22934
22935type DetachUserPolicyInput struct {
22936	_ struct{} `type:"structure"`
22937
22938	// The Amazon Resource Name (ARN) of the IAM policy you want to detach.
22939	//
22940	// For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
22941	// in the Amazon Web Services General Reference.
22942	//
22943	// PolicyArn is a required field
22944	PolicyArn *string `min:"20" type:"string" required:"true"`
22945
22946	// The name (friendly name, not ARN) of the IAM user to detach the policy from.
22947	//
22948	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
22949	// a string of characters consisting of upper and lowercase alphanumeric characters
22950	// with no spaces. You can also include any of the following characters: _+=,.@-
22951	//
22952	// UserName is a required field
22953	UserName *string `min:"1" type:"string" required:"true"`
22954}
22955
22956// String returns the string representation.
22957//
22958// API parameter values that are decorated as "sensitive" in the API will not
22959// be included in the string output. The member name will be present, but the
22960// value will be replaced with "sensitive".
22961func (s DetachUserPolicyInput) String() string {
22962	return awsutil.Prettify(s)
22963}
22964
22965// GoString returns the string representation.
22966//
22967// API parameter values that are decorated as "sensitive" in the API will not
22968// be included in the string output. The member name will be present, but the
22969// value will be replaced with "sensitive".
22970func (s DetachUserPolicyInput) GoString() string {
22971	return s.String()
22972}
22973
22974// Validate inspects the fields of the type to determine if they are valid.
22975func (s *DetachUserPolicyInput) Validate() error {
22976	invalidParams := request.ErrInvalidParams{Context: "DetachUserPolicyInput"}
22977	if s.PolicyArn == nil {
22978		invalidParams.Add(request.NewErrParamRequired("PolicyArn"))
22979	}
22980	if s.PolicyArn != nil && len(*s.PolicyArn) < 20 {
22981		invalidParams.Add(request.NewErrParamMinLen("PolicyArn", 20))
22982	}
22983	if s.UserName == nil {
22984		invalidParams.Add(request.NewErrParamRequired("UserName"))
22985	}
22986	if s.UserName != nil && len(*s.UserName) < 1 {
22987		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
22988	}
22989
22990	if invalidParams.Len() > 0 {
22991		return invalidParams
22992	}
22993	return nil
22994}
22995
22996// SetPolicyArn sets the PolicyArn field's value.
22997func (s *DetachUserPolicyInput) SetPolicyArn(v string) *DetachUserPolicyInput {
22998	s.PolicyArn = &v
22999	return s
23000}
23001
23002// SetUserName sets the UserName field's value.
23003func (s *DetachUserPolicyInput) SetUserName(v string) *DetachUserPolicyInput {
23004	s.UserName = &v
23005	return s
23006}
23007
23008type DetachUserPolicyOutput struct {
23009	_ struct{} `type:"structure"`
23010}
23011
23012// String returns the string representation.
23013//
23014// API parameter values that are decorated as "sensitive" in the API will not
23015// be included in the string output. The member name will be present, but the
23016// value will be replaced with "sensitive".
23017func (s DetachUserPolicyOutput) String() string {
23018	return awsutil.Prettify(s)
23019}
23020
23021// GoString returns the string representation.
23022//
23023// API parameter values that are decorated as "sensitive" in the API will not
23024// be included in the string output. The member name will be present, but the
23025// value will be replaced with "sensitive".
23026func (s DetachUserPolicyOutput) GoString() string {
23027	return s.String()
23028}
23029
23030type EnableMFADeviceInput struct {
23031	_ struct{} `type:"structure"`
23032
23033	// An authentication code emitted by the device.
23034	//
23035	// The format for this parameter is a string of six digits.
23036	//
23037	// Submit your request immediately after generating the authentication codes.
23038	// If you generate the codes and then wait too long to submit the request, the
23039	// MFA device successfully associates with the user but the MFA device becomes
23040	// out of sync. This happens because time-based one-time passwords (TOTP) expire
23041	// after a short period of time. If this happens, you can resync the device
23042	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_mfa_sync.html).
23043	//
23044	// AuthenticationCode1 is a required field
23045	AuthenticationCode1 *string `min:"6" type:"string" required:"true"`
23046
23047	// A subsequent authentication code emitted by the device.
23048	//
23049	// The format for this parameter is a string of six digits.
23050	//
23051	// Submit your request immediately after generating the authentication codes.
23052	// If you generate the codes and then wait too long to submit the request, the
23053	// MFA device successfully associates with the user but the MFA device becomes
23054	// out of sync. This happens because time-based one-time passwords (TOTP) expire
23055	// after a short period of time. If this happens, you can resync the device
23056	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_mfa_sync.html).
23057	//
23058	// AuthenticationCode2 is a required field
23059	AuthenticationCode2 *string `min:"6" type:"string" required:"true"`
23060
23061	// The serial number that uniquely identifies the MFA device. For virtual MFA
23062	// devices, the serial number is the device ARN.
23063	//
23064	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
23065	// a string of characters consisting of upper and lowercase alphanumeric characters
23066	// with no spaces. You can also include any of the following characters: =,.@:/-
23067	//
23068	// SerialNumber is a required field
23069	SerialNumber *string `min:"9" type:"string" required:"true"`
23070
23071	// The name of the IAM user for whom you want to enable the MFA device.
23072	//
23073	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
23074	// a string of characters consisting of upper and lowercase alphanumeric characters
23075	// with no spaces. You can also include any of the following characters: _+=,.@-
23076	//
23077	// UserName is a required field
23078	UserName *string `min:"1" type:"string" required:"true"`
23079}
23080
23081// String returns the string representation.
23082//
23083// API parameter values that are decorated as "sensitive" in the API will not
23084// be included in the string output. The member name will be present, but the
23085// value will be replaced with "sensitive".
23086func (s EnableMFADeviceInput) String() string {
23087	return awsutil.Prettify(s)
23088}
23089
23090// GoString returns the string representation.
23091//
23092// API parameter values that are decorated as "sensitive" in the API will not
23093// be included in the string output. The member name will be present, but the
23094// value will be replaced with "sensitive".
23095func (s EnableMFADeviceInput) GoString() string {
23096	return s.String()
23097}
23098
23099// Validate inspects the fields of the type to determine if they are valid.
23100func (s *EnableMFADeviceInput) Validate() error {
23101	invalidParams := request.ErrInvalidParams{Context: "EnableMFADeviceInput"}
23102	if s.AuthenticationCode1 == nil {
23103		invalidParams.Add(request.NewErrParamRequired("AuthenticationCode1"))
23104	}
23105	if s.AuthenticationCode1 != nil && len(*s.AuthenticationCode1) < 6 {
23106		invalidParams.Add(request.NewErrParamMinLen("AuthenticationCode1", 6))
23107	}
23108	if s.AuthenticationCode2 == nil {
23109		invalidParams.Add(request.NewErrParamRequired("AuthenticationCode2"))
23110	}
23111	if s.AuthenticationCode2 != nil && len(*s.AuthenticationCode2) < 6 {
23112		invalidParams.Add(request.NewErrParamMinLen("AuthenticationCode2", 6))
23113	}
23114	if s.SerialNumber == nil {
23115		invalidParams.Add(request.NewErrParamRequired("SerialNumber"))
23116	}
23117	if s.SerialNumber != nil && len(*s.SerialNumber) < 9 {
23118		invalidParams.Add(request.NewErrParamMinLen("SerialNumber", 9))
23119	}
23120	if s.UserName == nil {
23121		invalidParams.Add(request.NewErrParamRequired("UserName"))
23122	}
23123	if s.UserName != nil && len(*s.UserName) < 1 {
23124		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
23125	}
23126
23127	if invalidParams.Len() > 0 {
23128		return invalidParams
23129	}
23130	return nil
23131}
23132
23133// SetAuthenticationCode1 sets the AuthenticationCode1 field's value.
23134func (s *EnableMFADeviceInput) SetAuthenticationCode1(v string) *EnableMFADeviceInput {
23135	s.AuthenticationCode1 = &v
23136	return s
23137}
23138
23139// SetAuthenticationCode2 sets the AuthenticationCode2 field's value.
23140func (s *EnableMFADeviceInput) SetAuthenticationCode2(v string) *EnableMFADeviceInput {
23141	s.AuthenticationCode2 = &v
23142	return s
23143}
23144
23145// SetSerialNumber sets the SerialNumber field's value.
23146func (s *EnableMFADeviceInput) SetSerialNumber(v string) *EnableMFADeviceInput {
23147	s.SerialNumber = &v
23148	return s
23149}
23150
23151// SetUserName sets the UserName field's value.
23152func (s *EnableMFADeviceInput) SetUserName(v string) *EnableMFADeviceInput {
23153	s.UserName = &v
23154	return s
23155}
23156
23157type EnableMFADeviceOutput struct {
23158	_ struct{} `type:"structure"`
23159}
23160
23161// String returns the string representation.
23162//
23163// API parameter values that are decorated as "sensitive" in the API will not
23164// be included in the string output. The member name will be present, but the
23165// value will be replaced with "sensitive".
23166func (s EnableMFADeviceOutput) String() string {
23167	return awsutil.Prettify(s)
23168}
23169
23170// GoString returns the string representation.
23171//
23172// API parameter values that are decorated as "sensitive" in the API will not
23173// be included in the string output. The member name will be present, but the
23174// value will be replaced with "sensitive".
23175func (s EnableMFADeviceOutput) GoString() string {
23176	return s.String()
23177}
23178
23179// An object that contains details about when the IAM entities (users or roles)
23180// were last used in an attempt to access the specified Amazon Web Services
23181// service.
23182//
23183// This data type is a response element in the GetServiceLastAccessedDetailsWithEntities
23184// operation.
23185type EntityDetails struct {
23186	_ struct{} `type:"structure"`
23187
23188	// The EntityInfo object that contains details about the entity (user or role).
23189	//
23190	// EntityInfo is a required field
23191	EntityInfo *EntityInfo `type:"structure" required:"true"`
23192
23193	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
23194	// when the authenticated entity last attempted to access Amazon Web Services.
23195	// Amazon Web Services does not report unauthenticated requests.
23196	//
23197	// This field is null if no IAM entities attempted to access the service within
23198	// the reporting period (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#service-last-accessed-reporting-period).
23199	LastAuthenticated *time.Time `type:"timestamp"`
23200}
23201
23202// String returns the string representation.
23203//
23204// API parameter values that are decorated as "sensitive" in the API will not
23205// be included in the string output. The member name will be present, but the
23206// value will be replaced with "sensitive".
23207func (s EntityDetails) String() string {
23208	return awsutil.Prettify(s)
23209}
23210
23211// GoString returns the string representation.
23212//
23213// API parameter values that are decorated as "sensitive" in the API will not
23214// be included in the string output. The member name will be present, but the
23215// value will be replaced with "sensitive".
23216func (s EntityDetails) GoString() string {
23217	return s.String()
23218}
23219
23220// SetEntityInfo sets the EntityInfo field's value.
23221func (s *EntityDetails) SetEntityInfo(v *EntityInfo) *EntityDetails {
23222	s.EntityInfo = v
23223	return s
23224}
23225
23226// SetLastAuthenticated sets the LastAuthenticated field's value.
23227func (s *EntityDetails) SetLastAuthenticated(v time.Time) *EntityDetails {
23228	s.LastAuthenticated = &v
23229	return s
23230}
23231
23232// Contains details about the specified entity (user or role).
23233//
23234// This data type is an element of the EntityDetails object.
23235type EntityInfo struct {
23236	_ struct{} `type:"structure"`
23237
23238	// The Amazon Resource Name (ARN). ARNs are unique identifiers for Amazon Web
23239	// Services resources.
23240	//
23241	// For more information about ARNs, go to Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
23242	// in the Amazon Web Services General Reference.
23243	//
23244	// Arn is a required field
23245	Arn *string `min:"20" type:"string" required:"true"`
23246
23247	// The identifier of the entity (user or role).
23248	//
23249	// Id is a required field
23250	Id *string `min:"16" type:"string" required:"true"`
23251
23252	// The name of the entity (user or role).
23253	//
23254	// Name is a required field
23255	Name *string `min:"1" type:"string" required:"true"`
23256
23257	// The path to the entity (user or role). For more information about paths,
23258	// see IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
23259	// in the IAM User Guide.
23260	Path *string `min:"1" type:"string"`
23261
23262	// The type of entity (user or role).
23263	//
23264	// Type is a required field
23265	Type *string `type:"string" required:"true" enum:"PolicyOwnerEntityType"`
23266}
23267
23268// String returns the string representation.
23269//
23270// API parameter values that are decorated as "sensitive" in the API will not
23271// be included in the string output. The member name will be present, but the
23272// value will be replaced with "sensitive".
23273func (s EntityInfo) String() string {
23274	return awsutil.Prettify(s)
23275}
23276
23277// GoString returns the string representation.
23278//
23279// API parameter values that are decorated as "sensitive" in the API will not
23280// be included in the string output. The member name will be present, but the
23281// value will be replaced with "sensitive".
23282func (s EntityInfo) GoString() string {
23283	return s.String()
23284}
23285
23286// SetArn sets the Arn field's value.
23287func (s *EntityInfo) SetArn(v string) *EntityInfo {
23288	s.Arn = &v
23289	return s
23290}
23291
23292// SetId sets the Id field's value.
23293func (s *EntityInfo) SetId(v string) *EntityInfo {
23294	s.Id = &v
23295	return s
23296}
23297
23298// SetName sets the Name field's value.
23299func (s *EntityInfo) SetName(v string) *EntityInfo {
23300	s.Name = &v
23301	return s
23302}
23303
23304// SetPath sets the Path field's value.
23305func (s *EntityInfo) SetPath(v string) *EntityInfo {
23306	s.Path = &v
23307	return s
23308}
23309
23310// SetType sets the Type field's value.
23311func (s *EntityInfo) SetType(v string) *EntityInfo {
23312	s.Type = &v
23313	return s
23314}
23315
23316// Contains information about the reason that the operation failed.
23317//
23318// This data type is used as a response element in the GetOrganizationsAccessReport,
23319// GetServiceLastAccessedDetails, and GetServiceLastAccessedDetailsWithEntities
23320// operations.
23321type ErrorDetails struct {
23322	_ struct{} `type:"structure"`
23323
23324	// The error code associated with the operation failure.
23325	//
23326	// Code is a required field
23327	Code *string `type:"string" required:"true"`
23328
23329	// Detailed information about the reason that the operation failed.
23330	//
23331	// Message is a required field
23332	Message *string `type:"string" required:"true"`
23333}
23334
23335// String returns the string representation.
23336//
23337// API parameter values that are decorated as "sensitive" in the API will not
23338// be included in the string output. The member name will be present, but the
23339// value will be replaced with "sensitive".
23340func (s ErrorDetails) String() string {
23341	return awsutil.Prettify(s)
23342}
23343
23344// GoString returns the string representation.
23345//
23346// API parameter values that are decorated as "sensitive" in the API will not
23347// be included in the string output. The member name will be present, but the
23348// value will be replaced with "sensitive".
23349func (s ErrorDetails) GoString() string {
23350	return s.String()
23351}
23352
23353// SetCode sets the Code field's value.
23354func (s *ErrorDetails) SetCode(v string) *ErrorDetails {
23355	s.Code = &v
23356	return s
23357}
23358
23359// SetMessage sets the Message field's value.
23360func (s *ErrorDetails) SetMessage(v string) *ErrorDetails {
23361	s.Message = &v
23362	return s
23363}
23364
23365// Contains the results of a simulation.
23366//
23367// This data type is used by the return parameter of SimulateCustomPolicy and
23368// SimulatePrincipalPolicy .
23369type EvaluationResult struct {
23370	_ struct{} `type:"structure"`
23371
23372	// The name of the API operation tested on the indicated resource.
23373	//
23374	// EvalActionName is a required field
23375	EvalActionName *string `min:"3" type:"string" required:"true"`
23376
23377	// The result of the simulation.
23378	//
23379	// EvalDecision is a required field
23380	EvalDecision *string `type:"string" required:"true" enum:"PolicyEvaluationDecisionType"`
23381
23382	// Additional details about the results of the cross-account evaluation decision.
23383	// This parameter is populated for only cross-account simulations. It contains
23384	// a brief summary of how each policy type contributes to the final evaluation
23385	// decision.
23386	//
23387	// If the simulation evaluates policies within the same account and includes
23388	// a resource ARN, then the parameter is present but the response is empty.
23389	// If the simulation evaluates policies within the same account and specifies
23390	// all resources (*), then the parameter is not returned.
23391	//
23392	// When you make a cross-account request, Amazon Web Services evaluates the
23393	// request in the trusting account and the trusted account. The request is allowed
23394	// only if both evaluations return true. For more information about how policies
23395	// are evaluated, see Evaluating policies within a single account (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluation-logic.html#policy-eval-basics).
23396	//
23397	// If an Organizations SCP included in the evaluation denies access, the simulation
23398	// ends. In this case, policy evaluation does not proceed any further and this
23399	// parameter is not returned.
23400	EvalDecisionDetails map[string]*string `type:"map"`
23401
23402	// The ARN of the resource that the indicated API operation was tested on.
23403	EvalResourceName *string `min:"1" type:"string"`
23404
23405	// A list of the statements in the input policies that determine the result
23406	// for this scenario. Remember that even if multiple statements allow the operation
23407	// on the resource, if only one statement denies that operation, then the explicit
23408	// deny overrides any allow. In addition, the deny statement is the only entry
23409	// included in the result.
23410	MatchedStatements []*Statement `type:"list"`
23411
23412	// A list of context keys that are required by the included input policies but
23413	// that were not provided by one of the input parameters. This list is used
23414	// when the resource in a simulation is "*", either explicitly, or when the
23415	// ResourceArns parameter blank. If you include a list of resources, then any
23416	// missing context values are instead included under the ResourceSpecificResults
23417	// section. To discover the context keys used by a set of policies, you can
23418	// call GetContextKeysForCustomPolicy or GetContextKeysForPrincipalPolicy.
23419	MissingContextValues []*string `type:"list"`
23420
23421	// A structure that details how Organizations and its service control policies
23422	// affect the results of the simulation. Only applies if the simulated user's
23423	// account is part of an organization.
23424	OrganizationsDecisionDetail *OrganizationsDecisionDetail `type:"structure"`
23425
23426	// Contains information about the effect that a permissions boundary has on
23427	// a policy simulation when the boundary is applied to an IAM entity.
23428	PermissionsBoundaryDecisionDetail *PermissionsBoundaryDecisionDetail `type:"structure"`
23429
23430	// The individual results of the simulation of the API operation specified in
23431	// EvalActionName on each resource.
23432	ResourceSpecificResults []*ResourceSpecificResult `type:"list"`
23433}
23434
23435// String returns the string representation.
23436//
23437// API parameter values that are decorated as "sensitive" in the API will not
23438// be included in the string output. The member name will be present, but the
23439// value will be replaced with "sensitive".
23440func (s EvaluationResult) String() string {
23441	return awsutil.Prettify(s)
23442}
23443
23444// GoString returns the string representation.
23445//
23446// API parameter values that are decorated as "sensitive" in the API will not
23447// be included in the string output. The member name will be present, but the
23448// value will be replaced with "sensitive".
23449func (s EvaluationResult) GoString() string {
23450	return s.String()
23451}
23452
23453// SetEvalActionName sets the EvalActionName field's value.
23454func (s *EvaluationResult) SetEvalActionName(v string) *EvaluationResult {
23455	s.EvalActionName = &v
23456	return s
23457}
23458
23459// SetEvalDecision sets the EvalDecision field's value.
23460func (s *EvaluationResult) SetEvalDecision(v string) *EvaluationResult {
23461	s.EvalDecision = &v
23462	return s
23463}
23464
23465// SetEvalDecisionDetails sets the EvalDecisionDetails field's value.
23466func (s *EvaluationResult) SetEvalDecisionDetails(v map[string]*string) *EvaluationResult {
23467	s.EvalDecisionDetails = v
23468	return s
23469}
23470
23471// SetEvalResourceName sets the EvalResourceName field's value.
23472func (s *EvaluationResult) SetEvalResourceName(v string) *EvaluationResult {
23473	s.EvalResourceName = &v
23474	return s
23475}
23476
23477// SetMatchedStatements sets the MatchedStatements field's value.
23478func (s *EvaluationResult) SetMatchedStatements(v []*Statement) *EvaluationResult {
23479	s.MatchedStatements = v
23480	return s
23481}
23482
23483// SetMissingContextValues sets the MissingContextValues field's value.
23484func (s *EvaluationResult) SetMissingContextValues(v []*string) *EvaluationResult {
23485	s.MissingContextValues = v
23486	return s
23487}
23488
23489// SetOrganizationsDecisionDetail sets the OrganizationsDecisionDetail field's value.
23490func (s *EvaluationResult) SetOrganizationsDecisionDetail(v *OrganizationsDecisionDetail) *EvaluationResult {
23491	s.OrganizationsDecisionDetail = v
23492	return s
23493}
23494
23495// SetPermissionsBoundaryDecisionDetail sets the PermissionsBoundaryDecisionDetail field's value.
23496func (s *EvaluationResult) SetPermissionsBoundaryDecisionDetail(v *PermissionsBoundaryDecisionDetail) *EvaluationResult {
23497	s.PermissionsBoundaryDecisionDetail = v
23498	return s
23499}
23500
23501// SetResourceSpecificResults sets the ResourceSpecificResults field's value.
23502func (s *EvaluationResult) SetResourceSpecificResults(v []*ResourceSpecificResult) *EvaluationResult {
23503	s.ResourceSpecificResults = v
23504	return s
23505}
23506
23507type GenerateCredentialReportInput struct {
23508	_ struct{} `type:"structure"`
23509}
23510
23511// String returns the string representation.
23512//
23513// API parameter values that are decorated as "sensitive" in the API will not
23514// be included in the string output. The member name will be present, but the
23515// value will be replaced with "sensitive".
23516func (s GenerateCredentialReportInput) String() string {
23517	return awsutil.Prettify(s)
23518}
23519
23520// GoString returns the string representation.
23521//
23522// API parameter values that are decorated as "sensitive" in the API will not
23523// be included in the string output. The member name will be present, but the
23524// value will be replaced with "sensitive".
23525func (s GenerateCredentialReportInput) GoString() string {
23526	return s.String()
23527}
23528
23529// Contains the response to a successful GenerateCredentialReport request.
23530type GenerateCredentialReportOutput struct {
23531	_ struct{} `type:"structure"`
23532
23533	// Information about the credential report.
23534	Description *string `type:"string"`
23535
23536	// Information about the state of the credential report.
23537	State *string `type:"string" enum:"ReportStateType"`
23538}
23539
23540// String returns the string representation.
23541//
23542// API parameter values that are decorated as "sensitive" in the API will not
23543// be included in the string output. The member name will be present, but the
23544// value will be replaced with "sensitive".
23545func (s GenerateCredentialReportOutput) String() string {
23546	return awsutil.Prettify(s)
23547}
23548
23549// GoString returns the string representation.
23550//
23551// API parameter values that are decorated as "sensitive" in the API will not
23552// be included in the string output. The member name will be present, but the
23553// value will be replaced with "sensitive".
23554func (s GenerateCredentialReportOutput) GoString() string {
23555	return s.String()
23556}
23557
23558// SetDescription sets the Description field's value.
23559func (s *GenerateCredentialReportOutput) SetDescription(v string) *GenerateCredentialReportOutput {
23560	s.Description = &v
23561	return s
23562}
23563
23564// SetState sets the State field's value.
23565func (s *GenerateCredentialReportOutput) SetState(v string) *GenerateCredentialReportOutput {
23566	s.State = &v
23567	return s
23568}
23569
23570type GenerateOrganizationsAccessReportInput struct {
23571	_ struct{} `type:"structure"`
23572
23573	// The path of the Organizations entity (root, OU, or account). You can build
23574	// an entity path using the known structure of your organization. For example,
23575	// assume that your account ID is 123456789012 and its parent OU ID is ou-rge0-awsabcde.
23576	// The organization root ID is r-f6g7h8i9j0example and your organization ID
23577	// is o-a1b2c3d4e5. Your entity path is o-a1b2c3d4e5/r-f6g7h8i9j0example/ou-rge0-awsabcde/123456789012.
23578	//
23579	// EntityPath is a required field
23580	EntityPath *string `min:"19" type:"string" required:"true"`
23581
23582	// The identifier of the Organizations service control policy (SCP). This parameter
23583	// is optional.
23584	//
23585	// This ID is used to generate information about when an account principal that
23586	// is limited by the SCP attempted to access an Amazon Web Services service.
23587	OrganizationsPolicyId *string `type:"string"`
23588}
23589
23590// String returns the string representation.
23591//
23592// API parameter values that are decorated as "sensitive" in the API will not
23593// be included in the string output. The member name will be present, but the
23594// value will be replaced with "sensitive".
23595func (s GenerateOrganizationsAccessReportInput) String() string {
23596	return awsutil.Prettify(s)
23597}
23598
23599// GoString returns the string representation.
23600//
23601// API parameter values that are decorated as "sensitive" in the API will not
23602// be included in the string output. The member name will be present, but the
23603// value will be replaced with "sensitive".
23604func (s GenerateOrganizationsAccessReportInput) GoString() string {
23605	return s.String()
23606}
23607
23608// Validate inspects the fields of the type to determine if they are valid.
23609func (s *GenerateOrganizationsAccessReportInput) Validate() error {
23610	invalidParams := request.ErrInvalidParams{Context: "GenerateOrganizationsAccessReportInput"}
23611	if s.EntityPath == nil {
23612		invalidParams.Add(request.NewErrParamRequired("EntityPath"))
23613	}
23614	if s.EntityPath != nil && len(*s.EntityPath) < 19 {
23615		invalidParams.Add(request.NewErrParamMinLen("EntityPath", 19))
23616	}
23617
23618	if invalidParams.Len() > 0 {
23619		return invalidParams
23620	}
23621	return nil
23622}
23623
23624// SetEntityPath sets the EntityPath field's value.
23625func (s *GenerateOrganizationsAccessReportInput) SetEntityPath(v string) *GenerateOrganizationsAccessReportInput {
23626	s.EntityPath = &v
23627	return s
23628}
23629
23630// SetOrganizationsPolicyId sets the OrganizationsPolicyId field's value.
23631func (s *GenerateOrganizationsAccessReportInput) SetOrganizationsPolicyId(v string) *GenerateOrganizationsAccessReportInput {
23632	s.OrganizationsPolicyId = &v
23633	return s
23634}
23635
23636type GenerateOrganizationsAccessReportOutput struct {
23637	_ struct{} `type:"structure"`
23638
23639	// The job identifier that you can use in the GetOrganizationsAccessReport operation.
23640	JobId *string `min:"36" type:"string"`
23641}
23642
23643// String returns the string representation.
23644//
23645// API parameter values that are decorated as "sensitive" in the API will not
23646// be included in the string output. The member name will be present, but the
23647// value will be replaced with "sensitive".
23648func (s GenerateOrganizationsAccessReportOutput) String() string {
23649	return awsutil.Prettify(s)
23650}
23651
23652// GoString returns the string representation.
23653//
23654// API parameter values that are decorated as "sensitive" in the API will not
23655// be included in the string output. The member name will be present, but the
23656// value will be replaced with "sensitive".
23657func (s GenerateOrganizationsAccessReportOutput) GoString() string {
23658	return s.String()
23659}
23660
23661// SetJobId sets the JobId field's value.
23662func (s *GenerateOrganizationsAccessReportOutput) SetJobId(v string) *GenerateOrganizationsAccessReportOutput {
23663	s.JobId = &v
23664	return s
23665}
23666
23667type GenerateServiceLastAccessedDetailsInput struct {
23668	_ struct{} `type:"structure"`
23669
23670	// The ARN of the IAM resource (user, group, role, or managed policy) used to
23671	// generate information about when the resource was last used in an attempt
23672	// to access an Amazon Web Services service.
23673	//
23674	// Arn is a required field
23675	Arn *string `min:"20" type:"string" required:"true"`
23676
23677	// The level of detail that you want to generate. You can specify whether you
23678	// want to generate information about the last attempt to access services or
23679	// actions. If you specify service-level granularity, this operation generates
23680	// only service data. If you specify action-level granularity, it generates
23681	// service and action data. If you don't include this optional parameter, the
23682	// operation generates service data.
23683	Granularity *string `type:"string" enum:"AccessAdvisorUsageGranularityType"`
23684}
23685
23686// String returns the string representation.
23687//
23688// API parameter values that are decorated as "sensitive" in the API will not
23689// be included in the string output. The member name will be present, but the
23690// value will be replaced with "sensitive".
23691func (s GenerateServiceLastAccessedDetailsInput) String() string {
23692	return awsutil.Prettify(s)
23693}
23694
23695// GoString returns the string representation.
23696//
23697// API parameter values that are decorated as "sensitive" in the API will not
23698// be included in the string output. The member name will be present, but the
23699// value will be replaced with "sensitive".
23700func (s GenerateServiceLastAccessedDetailsInput) GoString() string {
23701	return s.String()
23702}
23703
23704// Validate inspects the fields of the type to determine if they are valid.
23705func (s *GenerateServiceLastAccessedDetailsInput) Validate() error {
23706	invalidParams := request.ErrInvalidParams{Context: "GenerateServiceLastAccessedDetailsInput"}
23707	if s.Arn == nil {
23708		invalidParams.Add(request.NewErrParamRequired("Arn"))
23709	}
23710	if s.Arn != nil && len(*s.Arn) < 20 {
23711		invalidParams.Add(request.NewErrParamMinLen("Arn", 20))
23712	}
23713
23714	if invalidParams.Len() > 0 {
23715		return invalidParams
23716	}
23717	return nil
23718}
23719
23720// SetArn sets the Arn field's value.
23721func (s *GenerateServiceLastAccessedDetailsInput) SetArn(v string) *GenerateServiceLastAccessedDetailsInput {
23722	s.Arn = &v
23723	return s
23724}
23725
23726// SetGranularity sets the Granularity field's value.
23727func (s *GenerateServiceLastAccessedDetailsInput) SetGranularity(v string) *GenerateServiceLastAccessedDetailsInput {
23728	s.Granularity = &v
23729	return s
23730}
23731
23732type GenerateServiceLastAccessedDetailsOutput struct {
23733	_ struct{} `type:"structure"`
23734
23735	// The JobId that you can use in the GetServiceLastAccessedDetails or GetServiceLastAccessedDetailsWithEntities
23736	// operations. The JobId returned by GenerateServiceLastAccessedDetail must
23737	// be used by the same role within a session, or by the same user when used
23738	// to call GetServiceLastAccessedDetail.
23739	JobId *string `min:"36" type:"string"`
23740}
23741
23742// String returns the string representation.
23743//
23744// API parameter values that are decorated as "sensitive" in the API will not
23745// be included in the string output. The member name will be present, but the
23746// value will be replaced with "sensitive".
23747func (s GenerateServiceLastAccessedDetailsOutput) String() string {
23748	return awsutil.Prettify(s)
23749}
23750
23751// GoString returns the string representation.
23752//
23753// API parameter values that are decorated as "sensitive" in the API will not
23754// be included in the string output. The member name will be present, but the
23755// value will be replaced with "sensitive".
23756func (s GenerateServiceLastAccessedDetailsOutput) GoString() string {
23757	return s.String()
23758}
23759
23760// SetJobId sets the JobId field's value.
23761func (s *GenerateServiceLastAccessedDetailsOutput) SetJobId(v string) *GenerateServiceLastAccessedDetailsOutput {
23762	s.JobId = &v
23763	return s
23764}
23765
23766type GetAccessKeyLastUsedInput struct {
23767	_ struct{} `type:"structure"`
23768
23769	// The identifier of an access key.
23770	//
23771	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
23772	// a string of characters that can consist of any upper or lowercased letter
23773	// or digit.
23774	//
23775	// AccessKeyId is a required field
23776	AccessKeyId *string `min:"16" type:"string" required:"true"`
23777}
23778
23779// String returns the string representation.
23780//
23781// API parameter values that are decorated as "sensitive" in the API will not
23782// be included in the string output. The member name will be present, but the
23783// value will be replaced with "sensitive".
23784func (s GetAccessKeyLastUsedInput) String() string {
23785	return awsutil.Prettify(s)
23786}
23787
23788// GoString returns the string representation.
23789//
23790// API parameter values that are decorated as "sensitive" in the API will not
23791// be included in the string output. The member name will be present, but the
23792// value will be replaced with "sensitive".
23793func (s GetAccessKeyLastUsedInput) GoString() string {
23794	return s.String()
23795}
23796
23797// Validate inspects the fields of the type to determine if they are valid.
23798func (s *GetAccessKeyLastUsedInput) Validate() error {
23799	invalidParams := request.ErrInvalidParams{Context: "GetAccessKeyLastUsedInput"}
23800	if s.AccessKeyId == nil {
23801		invalidParams.Add(request.NewErrParamRequired("AccessKeyId"))
23802	}
23803	if s.AccessKeyId != nil && len(*s.AccessKeyId) < 16 {
23804		invalidParams.Add(request.NewErrParamMinLen("AccessKeyId", 16))
23805	}
23806
23807	if invalidParams.Len() > 0 {
23808		return invalidParams
23809	}
23810	return nil
23811}
23812
23813// SetAccessKeyId sets the AccessKeyId field's value.
23814func (s *GetAccessKeyLastUsedInput) SetAccessKeyId(v string) *GetAccessKeyLastUsedInput {
23815	s.AccessKeyId = &v
23816	return s
23817}
23818
23819// Contains the response to a successful GetAccessKeyLastUsed request. It is
23820// also returned as a member of the AccessKeyMetaData structure returned by
23821// the ListAccessKeys action.
23822type GetAccessKeyLastUsedOutput struct {
23823	_ struct{} `type:"structure"`
23824
23825	// Contains information about the last time the access key was used.
23826	AccessKeyLastUsed *AccessKeyLastUsed `type:"structure"`
23827
23828	// The name of the IAM user that owns this access key.
23829	UserName *string `min:"1" type:"string"`
23830}
23831
23832// String returns the string representation.
23833//
23834// API parameter values that are decorated as "sensitive" in the API will not
23835// be included in the string output. The member name will be present, but the
23836// value will be replaced with "sensitive".
23837func (s GetAccessKeyLastUsedOutput) String() string {
23838	return awsutil.Prettify(s)
23839}
23840
23841// GoString returns the string representation.
23842//
23843// API parameter values that are decorated as "sensitive" in the API will not
23844// be included in the string output. The member name will be present, but the
23845// value will be replaced with "sensitive".
23846func (s GetAccessKeyLastUsedOutput) GoString() string {
23847	return s.String()
23848}
23849
23850// SetAccessKeyLastUsed sets the AccessKeyLastUsed field's value.
23851func (s *GetAccessKeyLastUsedOutput) SetAccessKeyLastUsed(v *AccessKeyLastUsed) *GetAccessKeyLastUsedOutput {
23852	s.AccessKeyLastUsed = v
23853	return s
23854}
23855
23856// SetUserName sets the UserName field's value.
23857func (s *GetAccessKeyLastUsedOutput) SetUserName(v string) *GetAccessKeyLastUsedOutput {
23858	s.UserName = &v
23859	return s
23860}
23861
23862type GetAccountAuthorizationDetailsInput struct {
23863	_ struct{} `type:"structure"`
23864
23865	// A list of entity types used to filter the results. Only the entities that
23866	// match the types you specify are included in the output. Use the value LocalManagedPolicy
23867	// to include customer managed policies.
23868	//
23869	// The format for this parameter is a comma-separated (if more than one) list
23870	// of strings. Each string value in the list must be one of the valid values
23871	// listed below.
23872	Filter []*string `type:"list"`
23873
23874	// Use this parameter only when paginating results and only after you receive
23875	// a response indicating that the results are truncated. Set it to the value
23876	// of the Marker element in the response that you received to indicate where
23877	// the next call should start.
23878	Marker *string `min:"1" type:"string"`
23879
23880	// Use this only when paginating results to indicate the maximum number of items
23881	// you want in the response. If additional items exist beyond the maximum you
23882	// specify, the IsTruncated response element is true.
23883	//
23884	// If you do not include this parameter, the number of items defaults to 100.
23885	// Note that IAM might return fewer results, even when there are more results
23886	// available. In that case, the IsTruncated response element returns true, and
23887	// Marker contains a value to include in the subsequent call that tells the
23888	// service where to continue from.
23889	MaxItems *int64 `min:"1" type:"integer"`
23890}
23891
23892// String returns the string representation.
23893//
23894// API parameter values that are decorated as "sensitive" in the API will not
23895// be included in the string output. The member name will be present, but the
23896// value will be replaced with "sensitive".
23897func (s GetAccountAuthorizationDetailsInput) String() string {
23898	return awsutil.Prettify(s)
23899}
23900
23901// GoString returns the string representation.
23902//
23903// API parameter values that are decorated as "sensitive" in the API will not
23904// be included in the string output. The member name will be present, but the
23905// value will be replaced with "sensitive".
23906func (s GetAccountAuthorizationDetailsInput) GoString() string {
23907	return s.String()
23908}
23909
23910// Validate inspects the fields of the type to determine if they are valid.
23911func (s *GetAccountAuthorizationDetailsInput) Validate() error {
23912	invalidParams := request.ErrInvalidParams{Context: "GetAccountAuthorizationDetailsInput"}
23913	if s.Marker != nil && len(*s.Marker) < 1 {
23914		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
23915	}
23916	if s.MaxItems != nil && *s.MaxItems < 1 {
23917		invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1))
23918	}
23919
23920	if invalidParams.Len() > 0 {
23921		return invalidParams
23922	}
23923	return nil
23924}
23925
23926// SetFilter sets the Filter field's value.
23927func (s *GetAccountAuthorizationDetailsInput) SetFilter(v []*string) *GetAccountAuthorizationDetailsInput {
23928	s.Filter = v
23929	return s
23930}
23931
23932// SetMarker sets the Marker field's value.
23933func (s *GetAccountAuthorizationDetailsInput) SetMarker(v string) *GetAccountAuthorizationDetailsInput {
23934	s.Marker = &v
23935	return s
23936}
23937
23938// SetMaxItems sets the MaxItems field's value.
23939func (s *GetAccountAuthorizationDetailsInput) SetMaxItems(v int64) *GetAccountAuthorizationDetailsInput {
23940	s.MaxItems = &v
23941	return s
23942}
23943
23944// Contains the response to a successful GetAccountAuthorizationDetails request.
23945type GetAccountAuthorizationDetailsOutput struct {
23946	_ struct{} `type:"structure"`
23947
23948	// A list containing information about IAM groups.
23949	GroupDetailList []*GroupDetail `type:"list"`
23950
23951	// A flag that indicates whether there are more items to return. If your results
23952	// were truncated, you can make a subsequent pagination request using the Marker
23953	// request parameter to retrieve more items. Note that IAM might return fewer
23954	// than the MaxItems number of results even when there are more results available.
23955	// We recommend that you check IsTruncated after every call to ensure that you
23956	// receive all your results.
23957	IsTruncated *bool `type:"boolean"`
23958
23959	// When IsTruncated is true, this element is present and contains the value
23960	// to use for the Marker parameter in a subsequent pagination request.
23961	Marker *string `type:"string"`
23962
23963	// A list containing information about managed policies.
23964	Policies []*ManagedPolicyDetail `type:"list"`
23965
23966	// A list containing information about IAM roles.
23967	RoleDetailList []*RoleDetail `type:"list"`
23968
23969	// A list containing information about IAM users.
23970	UserDetailList []*UserDetail `type:"list"`
23971}
23972
23973// String returns the string representation.
23974//
23975// API parameter values that are decorated as "sensitive" in the API will not
23976// be included in the string output. The member name will be present, but the
23977// value will be replaced with "sensitive".
23978func (s GetAccountAuthorizationDetailsOutput) String() string {
23979	return awsutil.Prettify(s)
23980}
23981
23982// GoString returns the string representation.
23983//
23984// API parameter values that are decorated as "sensitive" in the API will not
23985// be included in the string output. The member name will be present, but the
23986// value will be replaced with "sensitive".
23987func (s GetAccountAuthorizationDetailsOutput) GoString() string {
23988	return s.String()
23989}
23990
23991// SetGroupDetailList sets the GroupDetailList field's value.
23992func (s *GetAccountAuthorizationDetailsOutput) SetGroupDetailList(v []*GroupDetail) *GetAccountAuthorizationDetailsOutput {
23993	s.GroupDetailList = v
23994	return s
23995}
23996
23997// SetIsTruncated sets the IsTruncated field's value.
23998func (s *GetAccountAuthorizationDetailsOutput) SetIsTruncated(v bool) *GetAccountAuthorizationDetailsOutput {
23999	s.IsTruncated = &v
24000	return s
24001}
24002
24003// SetMarker sets the Marker field's value.
24004func (s *GetAccountAuthorizationDetailsOutput) SetMarker(v string) *GetAccountAuthorizationDetailsOutput {
24005	s.Marker = &v
24006	return s
24007}
24008
24009// SetPolicies sets the Policies field's value.
24010func (s *GetAccountAuthorizationDetailsOutput) SetPolicies(v []*ManagedPolicyDetail) *GetAccountAuthorizationDetailsOutput {
24011	s.Policies = v
24012	return s
24013}
24014
24015// SetRoleDetailList sets the RoleDetailList field's value.
24016func (s *GetAccountAuthorizationDetailsOutput) SetRoleDetailList(v []*RoleDetail) *GetAccountAuthorizationDetailsOutput {
24017	s.RoleDetailList = v
24018	return s
24019}
24020
24021// SetUserDetailList sets the UserDetailList field's value.
24022func (s *GetAccountAuthorizationDetailsOutput) SetUserDetailList(v []*UserDetail) *GetAccountAuthorizationDetailsOutput {
24023	s.UserDetailList = v
24024	return s
24025}
24026
24027type GetAccountPasswordPolicyInput struct {
24028	_ struct{} `type:"structure"`
24029}
24030
24031// String returns the string representation.
24032//
24033// API parameter values that are decorated as "sensitive" in the API will not
24034// be included in the string output. The member name will be present, but the
24035// value will be replaced with "sensitive".
24036func (s GetAccountPasswordPolicyInput) String() string {
24037	return awsutil.Prettify(s)
24038}
24039
24040// GoString returns the string representation.
24041//
24042// API parameter values that are decorated as "sensitive" in the API will not
24043// be included in the string output. The member name will be present, but the
24044// value will be replaced with "sensitive".
24045func (s GetAccountPasswordPolicyInput) GoString() string {
24046	return s.String()
24047}
24048
24049// Contains the response to a successful GetAccountPasswordPolicy request.
24050type GetAccountPasswordPolicyOutput struct {
24051	_ struct{} `type:"structure"`
24052
24053	// A structure that contains details about the account's password policy.
24054	//
24055	// PasswordPolicy is a required field
24056	PasswordPolicy *PasswordPolicy `type:"structure" required:"true"`
24057}
24058
24059// String returns the string representation.
24060//
24061// API parameter values that are decorated as "sensitive" in the API will not
24062// be included in the string output. The member name will be present, but the
24063// value will be replaced with "sensitive".
24064func (s GetAccountPasswordPolicyOutput) String() string {
24065	return awsutil.Prettify(s)
24066}
24067
24068// GoString returns the string representation.
24069//
24070// API parameter values that are decorated as "sensitive" in the API will not
24071// be included in the string output. The member name will be present, but the
24072// value will be replaced with "sensitive".
24073func (s GetAccountPasswordPolicyOutput) GoString() string {
24074	return s.String()
24075}
24076
24077// SetPasswordPolicy sets the PasswordPolicy field's value.
24078func (s *GetAccountPasswordPolicyOutput) SetPasswordPolicy(v *PasswordPolicy) *GetAccountPasswordPolicyOutput {
24079	s.PasswordPolicy = v
24080	return s
24081}
24082
24083type GetAccountSummaryInput struct {
24084	_ struct{} `type:"structure"`
24085}
24086
24087// String returns the string representation.
24088//
24089// API parameter values that are decorated as "sensitive" in the API will not
24090// be included in the string output. The member name will be present, but the
24091// value will be replaced with "sensitive".
24092func (s GetAccountSummaryInput) String() string {
24093	return awsutil.Prettify(s)
24094}
24095
24096// GoString returns the string representation.
24097//
24098// API parameter values that are decorated as "sensitive" in the API will not
24099// be included in the string output. The member name will be present, but the
24100// value will be replaced with "sensitive".
24101func (s GetAccountSummaryInput) GoString() string {
24102	return s.String()
24103}
24104
24105// Contains the response to a successful GetAccountSummary request.
24106type GetAccountSummaryOutput struct {
24107	_ struct{} `type:"structure"`
24108
24109	// A set of key–value pairs containing information about IAM entity usage
24110	// and IAM quotas.
24111	SummaryMap map[string]*int64 `type:"map"`
24112}
24113
24114// String returns the string representation.
24115//
24116// API parameter values that are decorated as "sensitive" in the API will not
24117// be included in the string output. The member name will be present, but the
24118// value will be replaced with "sensitive".
24119func (s GetAccountSummaryOutput) String() string {
24120	return awsutil.Prettify(s)
24121}
24122
24123// GoString returns the string representation.
24124//
24125// API parameter values that are decorated as "sensitive" in the API will not
24126// be included in the string output. The member name will be present, but the
24127// value will be replaced with "sensitive".
24128func (s GetAccountSummaryOutput) GoString() string {
24129	return s.String()
24130}
24131
24132// SetSummaryMap sets the SummaryMap field's value.
24133func (s *GetAccountSummaryOutput) SetSummaryMap(v map[string]*int64) *GetAccountSummaryOutput {
24134	s.SummaryMap = v
24135	return s
24136}
24137
24138type GetContextKeysForCustomPolicyInput struct {
24139	_ struct{} `type:"structure"`
24140
24141	// A list of policies for which you want the list of context keys referenced
24142	// in those policies. Each document is specified as a string containing the
24143	// complete, valid JSON text of an IAM policy.
24144	//
24145	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
24146	// parameter is a string of characters consisting of the following:
24147	//
24148	//    * Any printable ASCII character ranging from the space character (\u0020)
24149	//    through the end of the ASCII character range
24150	//
24151	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
24152	//    set (through \u00FF)
24153	//
24154	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
24155	//    return (\u000D)
24156	//
24157	// PolicyInputList is a required field
24158	PolicyInputList []*string `type:"list" required:"true"`
24159}
24160
24161// String returns the string representation.
24162//
24163// API parameter values that are decorated as "sensitive" in the API will not
24164// be included in the string output. The member name will be present, but the
24165// value will be replaced with "sensitive".
24166func (s GetContextKeysForCustomPolicyInput) String() string {
24167	return awsutil.Prettify(s)
24168}
24169
24170// GoString returns the string representation.
24171//
24172// API parameter values that are decorated as "sensitive" in the API will not
24173// be included in the string output. The member name will be present, but the
24174// value will be replaced with "sensitive".
24175func (s GetContextKeysForCustomPolicyInput) GoString() string {
24176	return s.String()
24177}
24178
24179// Validate inspects the fields of the type to determine if they are valid.
24180func (s *GetContextKeysForCustomPolicyInput) Validate() error {
24181	invalidParams := request.ErrInvalidParams{Context: "GetContextKeysForCustomPolicyInput"}
24182	if s.PolicyInputList == nil {
24183		invalidParams.Add(request.NewErrParamRequired("PolicyInputList"))
24184	}
24185
24186	if invalidParams.Len() > 0 {
24187		return invalidParams
24188	}
24189	return nil
24190}
24191
24192// SetPolicyInputList sets the PolicyInputList field's value.
24193func (s *GetContextKeysForCustomPolicyInput) SetPolicyInputList(v []*string) *GetContextKeysForCustomPolicyInput {
24194	s.PolicyInputList = v
24195	return s
24196}
24197
24198// Contains the response to a successful GetContextKeysForPrincipalPolicy or
24199// GetContextKeysForCustomPolicy request.
24200type GetContextKeysForPolicyResponse struct {
24201	_ struct{} `type:"structure"`
24202
24203	// The list of context keys that are referenced in the input policies.
24204	ContextKeyNames []*string `type:"list"`
24205}
24206
24207// String returns the string representation.
24208//
24209// API parameter values that are decorated as "sensitive" in the API will not
24210// be included in the string output. The member name will be present, but the
24211// value will be replaced with "sensitive".
24212func (s GetContextKeysForPolicyResponse) String() string {
24213	return awsutil.Prettify(s)
24214}
24215
24216// GoString returns the string representation.
24217//
24218// API parameter values that are decorated as "sensitive" in the API will not
24219// be included in the string output. The member name will be present, but the
24220// value will be replaced with "sensitive".
24221func (s GetContextKeysForPolicyResponse) GoString() string {
24222	return s.String()
24223}
24224
24225// SetContextKeyNames sets the ContextKeyNames field's value.
24226func (s *GetContextKeysForPolicyResponse) SetContextKeyNames(v []*string) *GetContextKeysForPolicyResponse {
24227	s.ContextKeyNames = v
24228	return s
24229}
24230
24231type GetContextKeysForPrincipalPolicyInput struct {
24232	_ struct{} `type:"structure"`
24233
24234	// An optional list of additional policies for which you want the list of context
24235	// keys that are referenced.
24236	//
24237	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
24238	// parameter is a string of characters consisting of the following:
24239	//
24240	//    * Any printable ASCII character ranging from the space character (\u0020)
24241	//    through the end of the ASCII character range
24242	//
24243	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
24244	//    set (through \u00FF)
24245	//
24246	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
24247	//    return (\u000D)
24248	PolicyInputList []*string `type:"list"`
24249
24250	// The ARN of a user, group, or role whose policies contain the context keys
24251	// that you want listed. If you specify a user, the list includes context keys
24252	// that are found in all policies that are attached to the user. The list also
24253	// includes all groups that the user is a member of. If you pick a group or
24254	// a role, then it includes only those context keys that are found in policies
24255	// attached to that entity. Note that all parameters are shown in unencoded
24256	// form here for clarity, but must be URL encoded to be included as a part of
24257	// a real HTML request.
24258	//
24259	// For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
24260	// in the Amazon Web Services General Reference.
24261	//
24262	// PolicySourceArn is a required field
24263	PolicySourceArn *string `min:"20" type:"string" required:"true"`
24264}
24265
24266// String returns the string representation.
24267//
24268// API parameter values that are decorated as "sensitive" in the API will not
24269// be included in the string output. The member name will be present, but the
24270// value will be replaced with "sensitive".
24271func (s GetContextKeysForPrincipalPolicyInput) String() string {
24272	return awsutil.Prettify(s)
24273}
24274
24275// GoString returns the string representation.
24276//
24277// API parameter values that are decorated as "sensitive" in the API will not
24278// be included in the string output. The member name will be present, but the
24279// value will be replaced with "sensitive".
24280func (s GetContextKeysForPrincipalPolicyInput) GoString() string {
24281	return s.String()
24282}
24283
24284// Validate inspects the fields of the type to determine if they are valid.
24285func (s *GetContextKeysForPrincipalPolicyInput) Validate() error {
24286	invalidParams := request.ErrInvalidParams{Context: "GetContextKeysForPrincipalPolicyInput"}
24287	if s.PolicySourceArn == nil {
24288		invalidParams.Add(request.NewErrParamRequired("PolicySourceArn"))
24289	}
24290	if s.PolicySourceArn != nil && len(*s.PolicySourceArn) < 20 {
24291		invalidParams.Add(request.NewErrParamMinLen("PolicySourceArn", 20))
24292	}
24293
24294	if invalidParams.Len() > 0 {
24295		return invalidParams
24296	}
24297	return nil
24298}
24299
24300// SetPolicyInputList sets the PolicyInputList field's value.
24301func (s *GetContextKeysForPrincipalPolicyInput) SetPolicyInputList(v []*string) *GetContextKeysForPrincipalPolicyInput {
24302	s.PolicyInputList = v
24303	return s
24304}
24305
24306// SetPolicySourceArn sets the PolicySourceArn field's value.
24307func (s *GetContextKeysForPrincipalPolicyInput) SetPolicySourceArn(v string) *GetContextKeysForPrincipalPolicyInput {
24308	s.PolicySourceArn = &v
24309	return s
24310}
24311
24312type GetCredentialReportInput struct {
24313	_ struct{} `type:"structure"`
24314}
24315
24316// String returns the string representation.
24317//
24318// API parameter values that are decorated as "sensitive" in the API will not
24319// be included in the string output. The member name will be present, but the
24320// value will be replaced with "sensitive".
24321func (s GetCredentialReportInput) String() string {
24322	return awsutil.Prettify(s)
24323}
24324
24325// GoString returns the string representation.
24326//
24327// API parameter values that are decorated as "sensitive" in the API will not
24328// be included in the string output. The member name will be present, but the
24329// value will be replaced with "sensitive".
24330func (s GetCredentialReportInput) GoString() string {
24331	return s.String()
24332}
24333
24334// Contains the response to a successful GetCredentialReport request.
24335type GetCredentialReportOutput struct {
24336	_ struct{} `type:"structure"`
24337
24338	// Contains the credential report. The report is Base64-encoded.
24339	// Content is automatically base64 encoded/decoded by the SDK.
24340	Content []byte `type:"blob"`
24341
24342	// The date and time when the credential report was created, in ISO 8601 date-time
24343	// format (http://www.iso.org/iso/iso8601).
24344	GeneratedTime *time.Time `type:"timestamp"`
24345
24346	// The format (MIME type) of the credential report.
24347	ReportFormat *string `type:"string" enum:"ReportFormatType"`
24348}
24349
24350// String returns the string representation.
24351//
24352// API parameter values that are decorated as "sensitive" in the API will not
24353// be included in the string output. The member name will be present, but the
24354// value will be replaced with "sensitive".
24355func (s GetCredentialReportOutput) String() string {
24356	return awsutil.Prettify(s)
24357}
24358
24359// GoString returns the string representation.
24360//
24361// API parameter values that are decorated as "sensitive" in the API will not
24362// be included in the string output. The member name will be present, but the
24363// value will be replaced with "sensitive".
24364func (s GetCredentialReportOutput) GoString() string {
24365	return s.String()
24366}
24367
24368// SetContent sets the Content field's value.
24369func (s *GetCredentialReportOutput) SetContent(v []byte) *GetCredentialReportOutput {
24370	s.Content = v
24371	return s
24372}
24373
24374// SetGeneratedTime sets the GeneratedTime field's value.
24375func (s *GetCredentialReportOutput) SetGeneratedTime(v time.Time) *GetCredentialReportOutput {
24376	s.GeneratedTime = &v
24377	return s
24378}
24379
24380// SetReportFormat sets the ReportFormat field's value.
24381func (s *GetCredentialReportOutput) SetReportFormat(v string) *GetCredentialReportOutput {
24382	s.ReportFormat = &v
24383	return s
24384}
24385
24386type GetGroupInput struct {
24387	_ struct{} `type:"structure"`
24388
24389	// The name of the group.
24390	//
24391	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
24392	// a string of characters consisting of upper and lowercase alphanumeric characters
24393	// with no spaces. You can also include any of the following characters: _+=,.@-
24394	//
24395	// GroupName is a required field
24396	GroupName *string `min:"1" type:"string" required:"true"`
24397
24398	// Use this parameter only when paginating results and only after you receive
24399	// a response indicating that the results are truncated. Set it to the value
24400	// of the Marker element in the response that you received to indicate where
24401	// the next call should start.
24402	Marker *string `min:"1" type:"string"`
24403
24404	// Use this only when paginating results to indicate the maximum number of items
24405	// you want in the response. If additional items exist beyond the maximum you
24406	// specify, the IsTruncated response element is true.
24407	//
24408	// If you do not include this parameter, the number of items defaults to 100.
24409	// Note that IAM might return fewer results, even when there are more results
24410	// available. In that case, the IsTruncated response element returns true, and
24411	// Marker contains a value to include in the subsequent call that tells the
24412	// service where to continue from.
24413	MaxItems *int64 `min:"1" type:"integer"`
24414}
24415
24416// String returns the string representation.
24417//
24418// API parameter values that are decorated as "sensitive" in the API will not
24419// be included in the string output. The member name will be present, but the
24420// value will be replaced with "sensitive".
24421func (s GetGroupInput) String() string {
24422	return awsutil.Prettify(s)
24423}
24424
24425// GoString returns the string representation.
24426//
24427// API parameter values that are decorated as "sensitive" in the API will not
24428// be included in the string output. The member name will be present, but the
24429// value will be replaced with "sensitive".
24430func (s GetGroupInput) GoString() string {
24431	return s.String()
24432}
24433
24434// Validate inspects the fields of the type to determine if they are valid.
24435func (s *GetGroupInput) Validate() error {
24436	invalidParams := request.ErrInvalidParams{Context: "GetGroupInput"}
24437	if s.GroupName == nil {
24438		invalidParams.Add(request.NewErrParamRequired("GroupName"))
24439	}
24440	if s.GroupName != nil && len(*s.GroupName) < 1 {
24441		invalidParams.Add(request.NewErrParamMinLen("GroupName", 1))
24442	}
24443	if s.Marker != nil && len(*s.Marker) < 1 {
24444		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
24445	}
24446	if s.MaxItems != nil && *s.MaxItems < 1 {
24447		invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1))
24448	}
24449
24450	if invalidParams.Len() > 0 {
24451		return invalidParams
24452	}
24453	return nil
24454}
24455
24456// SetGroupName sets the GroupName field's value.
24457func (s *GetGroupInput) SetGroupName(v string) *GetGroupInput {
24458	s.GroupName = &v
24459	return s
24460}
24461
24462// SetMarker sets the Marker field's value.
24463func (s *GetGroupInput) SetMarker(v string) *GetGroupInput {
24464	s.Marker = &v
24465	return s
24466}
24467
24468// SetMaxItems sets the MaxItems field's value.
24469func (s *GetGroupInput) SetMaxItems(v int64) *GetGroupInput {
24470	s.MaxItems = &v
24471	return s
24472}
24473
24474// Contains the response to a successful GetGroup request.
24475type GetGroupOutput struct {
24476	_ struct{} `type:"structure"`
24477
24478	// A structure that contains details about the group.
24479	//
24480	// Group is a required field
24481	Group *Group `type:"structure" required:"true"`
24482
24483	// A flag that indicates whether there are more items to return. If your results
24484	// were truncated, you can make a subsequent pagination request using the Marker
24485	// request parameter to retrieve more items. Note that IAM might return fewer
24486	// than the MaxItems number of results even when there are more results available.
24487	// We recommend that you check IsTruncated after every call to ensure that you
24488	// receive all your results.
24489	IsTruncated *bool `type:"boolean"`
24490
24491	// When IsTruncated is true, this element is present and contains the value
24492	// to use for the Marker parameter in a subsequent pagination request.
24493	Marker *string `type:"string"`
24494
24495	// A list of users in the group.
24496	//
24497	// Users is a required field
24498	Users []*User `type:"list" required:"true"`
24499}
24500
24501// String returns the string representation.
24502//
24503// API parameter values that are decorated as "sensitive" in the API will not
24504// be included in the string output. The member name will be present, but the
24505// value will be replaced with "sensitive".
24506func (s GetGroupOutput) String() string {
24507	return awsutil.Prettify(s)
24508}
24509
24510// GoString returns the string representation.
24511//
24512// API parameter values that are decorated as "sensitive" in the API will not
24513// be included in the string output. The member name will be present, but the
24514// value will be replaced with "sensitive".
24515func (s GetGroupOutput) GoString() string {
24516	return s.String()
24517}
24518
24519// SetGroup sets the Group field's value.
24520func (s *GetGroupOutput) SetGroup(v *Group) *GetGroupOutput {
24521	s.Group = v
24522	return s
24523}
24524
24525// SetIsTruncated sets the IsTruncated field's value.
24526func (s *GetGroupOutput) SetIsTruncated(v bool) *GetGroupOutput {
24527	s.IsTruncated = &v
24528	return s
24529}
24530
24531// SetMarker sets the Marker field's value.
24532func (s *GetGroupOutput) SetMarker(v string) *GetGroupOutput {
24533	s.Marker = &v
24534	return s
24535}
24536
24537// SetUsers sets the Users field's value.
24538func (s *GetGroupOutput) SetUsers(v []*User) *GetGroupOutput {
24539	s.Users = v
24540	return s
24541}
24542
24543type GetGroupPolicyInput struct {
24544	_ struct{} `type:"structure"`
24545
24546	// The name of the group the policy is associated with.
24547	//
24548	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
24549	// a string of characters consisting of upper and lowercase alphanumeric characters
24550	// with no spaces. You can also include any of the following characters: _+=,.@-
24551	//
24552	// GroupName is a required field
24553	GroupName *string `min:"1" type:"string" required:"true"`
24554
24555	// The name of the policy document to get.
24556	//
24557	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
24558	// a string of characters consisting of upper and lowercase alphanumeric characters
24559	// with no spaces. You can also include any of the following characters: _+=,.@-
24560	//
24561	// PolicyName is a required field
24562	PolicyName *string `min:"1" type:"string" required:"true"`
24563}
24564
24565// String returns the string representation.
24566//
24567// API parameter values that are decorated as "sensitive" in the API will not
24568// be included in the string output. The member name will be present, but the
24569// value will be replaced with "sensitive".
24570func (s GetGroupPolicyInput) String() string {
24571	return awsutil.Prettify(s)
24572}
24573
24574// GoString returns the string representation.
24575//
24576// API parameter values that are decorated as "sensitive" in the API will not
24577// be included in the string output. The member name will be present, but the
24578// value will be replaced with "sensitive".
24579func (s GetGroupPolicyInput) GoString() string {
24580	return s.String()
24581}
24582
24583// Validate inspects the fields of the type to determine if they are valid.
24584func (s *GetGroupPolicyInput) Validate() error {
24585	invalidParams := request.ErrInvalidParams{Context: "GetGroupPolicyInput"}
24586	if s.GroupName == nil {
24587		invalidParams.Add(request.NewErrParamRequired("GroupName"))
24588	}
24589	if s.GroupName != nil && len(*s.GroupName) < 1 {
24590		invalidParams.Add(request.NewErrParamMinLen("GroupName", 1))
24591	}
24592	if s.PolicyName == nil {
24593		invalidParams.Add(request.NewErrParamRequired("PolicyName"))
24594	}
24595	if s.PolicyName != nil && len(*s.PolicyName) < 1 {
24596		invalidParams.Add(request.NewErrParamMinLen("PolicyName", 1))
24597	}
24598
24599	if invalidParams.Len() > 0 {
24600		return invalidParams
24601	}
24602	return nil
24603}
24604
24605// SetGroupName sets the GroupName field's value.
24606func (s *GetGroupPolicyInput) SetGroupName(v string) *GetGroupPolicyInput {
24607	s.GroupName = &v
24608	return s
24609}
24610
24611// SetPolicyName sets the PolicyName field's value.
24612func (s *GetGroupPolicyInput) SetPolicyName(v string) *GetGroupPolicyInput {
24613	s.PolicyName = &v
24614	return s
24615}
24616
24617// Contains the response to a successful GetGroupPolicy request.
24618type GetGroupPolicyOutput struct {
24619	_ struct{} `type:"structure"`
24620
24621	// The group the policy is associated with.
24622	//
24623	// GroupName is a required field
24624	GroupName *string `min:"1" type:"string" required:"true"`
24625
24626	// The policy document.
24627	//
24628	// IAM stores policies in JSON format. However, resources that were created
24629	// using CloudFormation templates can be formatted in YAML. CloudFormation always
24630	// converts a YAML policy to JSON format before submitting it to IAM.
24631	//
24632	// PolicyDocument is a required field
24633	PolicyDocument *string `min:"1" type:"string" required:"true"`
24634
24635	// The name of the policy.
24636	//
24637	// PolicyName is a required field
24638	PolicyName *string `min:"1" type:"string" required:"true"`
24639}
24640
24641// String returns the string representation.
24642//
24643// API parameter values that are decorated as "sensitive" in the API will not
24644// be included in the string output. The member name will be present, but the
24645// value will be replaced with "sensitive".
24646func (s GetGroupPolicyOutput) String() string {
24647	return awsutil.Prettify(s)
24648}
24649
24650// GoString returns the string representation.
24651//
24652// API parameter values that are decorated as "sensitive" in the API will not
24653// be included in the string output. The member name will be present, but the
24654// value will be replaced with "sensitive".
24655func (s GetGroupPolicyOutput) GoString() string {
24656	return s.String()
24657}
24658
24659// SetGroupName sets the GroupName field's value.
24660func (s *GetGroupPolicyOutput) SetGroupName(v string) *GetGroupPolicyOutput {
24661	s.GroupName = &v
24662	return s
24663}
24664
24665// SetPolicyDocument sets the PolicyDocument field's value.
24666func (s *GetGroupPolicyOutput) SetPolicyDocument(v string) *GetGroupPolicyOutput {
24667	s.PolicyDocument = &v
24668	return s
24669}
24670
24671// SetPolicyName sets the PolicyName field's value.
24672func (s *GetGroupPolicyOutput) SetPolicyName(v string) *GetGroupPolicyOutput {
24673	s.PolicyName = &v
24674	return s
24675}
24676
24677type GetInstanceProfileInput struct {
24678	_ struct{} `type:"structure"`
24679
24680	// The name of the instance profile to get information about.
24681	//
24682	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
24683	// a string of characters consisting of upper and lowercase alphanumeric characters
24684	// with no spaces. You can also include any of the following characters: _+=,.@-
24685	//
24686	// InstanceProfileName is a required field
24687	InstanceProfileName *string `min:"1" type:"string" required:"true"`
24688}
24689
24690// String returns the string representation.
24691//
24692// API parameter values that are decorated as "sensitive" in the API will not
24693// be included in the string output. The member name will be present, but the
24694// value will be replaced with "sensitive".
24695func (s GetInstanceProfileInput) String() string {
24696	return awsutil.Prettify(s)
24697}
24698
24699// GoString returns the string representation.
24700//
24701// API parameter values that are decorated as "sensitive" in the API will not
24702// be included in the string output. The member name will be present, but the
24703// value will be replaced with "sensitive".
24704func (s GetInstanceProfileInput) GoString() string {
24705	return s.String()
24706}
24707
24708// Validate inspects the fields of the type to determine if they are valid.
24709func (s *GetInstanceProfileInput) Validate() error {
24710	invalidParams := request.ErrInvalidParams{Context: "GetInstanceProfileInput"}
24711	if s.InstanceProfileName == nil {
24712		invalidParams.Add(request.NewErrParamRequired("InstanceProfileName"))
24713	}
24714	if s.InstanceProfileName != nil && len(*s.InstanceProfileName) < 1 {
24715		invalidParams.Add(request.NewErrParamMinLen("InstanceProfileName", 1))
24716	}
24717
24718	if invalidParams.Len() > 0 {
24719		return invalidParams
24720	}
24721	return nil
24722}
24723
24724// SetInstanceProfileName sets the InstanceProfileName field's value.
24725func (s *GetInstanceProfileInput) SetInstanceProfileName(v string) *GetInstanceProfileInput {
24726	s.InstanceProfileName = &v
24727	return s
24728}
24729
24730// Contains the response to a successful GetInstanceProfile request.
24731type GetInstanceProfileOutput struct {
24732	_ struct{} `type:"structure"`
24733
24734	// A structure containing details about the instance profile.
24735	//
24736	// InstanceProfile is a required field
24737	InstanceProfile *InstanceProfile `type:"structure" required:"true"`
24738}
24739
24740// String returns the string representation.
24741//
24742// API parameter values that are decorated as "sensitive" in the API will not
24743// be included in the string output. The member name will be present, but the
24744// value will be replaced with "sensitive".
24745func (s GetInstanceProfileOutput) String() string {
24746	return awsutil.Prettify(s)
24747}
24748
24749// GoString returns the string representation.
24750//
24751// API parameter values that are decorated as "sensitive" in the API will not
24752// be included in the string output. The member name will be present, but the
24753// value will be replaced with "sensitive".
24754func (s GetInstanceProfileOutput) GoString() string {
24755	return s.String()
24756}
24757
24758// SetInstanceProfile sets the InstanceProfile field's value.
24759func (s *GetInstanceProfileOutput) SetInstanceProfile(v *InstanceProfile) *GetInstanceProfileOutput {
24760	s.InstanceProfile = v
24761	return s
24762}
24763
24764type GetLoginProfileInput struct {
24765	_ struct{} `type:"structure"`
24766
24767	// The name of the user whose login profile you want to retrieve.
24768	//
24769	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
24770	// a string of characters consisting of upper and lowercase alphanumeric characters
24771	// with no spaces. You can also include any of the following characters: _+=,.@-
24772	//
24773	// UserName is a required field
24774	UserName *string `min:"1" type:"string" required:"true"`
24775}
24776
24777// String returns the string representation.
24778//
24779// API parameter values that are decorated as "sensitive" in the API will not
24780// be included in the string output. The member name will be present, but the
24781// value will be replaced with "sensitive".
24782func (s GetLoginProfileInput) String() string {
24783	return awsutil.Prettify(s)
24784}
24785
24786// GoString returns the string representation.
24787//
24788// API parameter values that are decorated as "sensitive" in the API will not
24789// be included in the string output. The member name will be present, but the
24790// value will be replaced with "sensitive".
24791func (s GetLoginProfileInput) GoString() string {
24792	return s.String()
24793}
24794
24795// Validate inspects the fields of the type to determine if they are valid.
24796func (s *GetLoginProfileInput) Validate() error {
24797	invalidParams := request.ErrInvalidParams{Context: "GetLoginProfileInput"}
24798	if s.UserName == nil {
24799		invalidParams.Add(request.NewErrParamRequired("UserName"))
24800	}
24801	if s.UserName != nil && len(*s.UserName) < 1 {
24802		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
24803	}
24804
24805	if invalidParams.Len() > 0 {
24806		return invalidParams
24807	}
24808	return nil
24809}
24810
24811// SetUserName sets the UserName field's value.
24812func (s *GetLoginProfileInput) SetUserName(v string) *GetLoginProfileInput {
24813	s.UserName = &v
24814	return s
24815}
24816
24817// Contains the response to a successful GetLoginProfile request.
24818type GetLoginProfileOutput struct {
24819	_ struct{} `type:"structure"`
24820
24821	// A structure containing the user name and the profile creation date for the
24822	// user.
24823	//
24824	// LoginProfile is a required field
24825	LoginProfile *LoginProfile `type:"structure" required:"true"`
24826}
24827
24828// String returns the string representation.
24829//
24830// API parameter values that are decorated as "sensitive" in the API will not
24831// be included in the string output. The member name will be present, but the
24832// value will be replaced with "sensitive".
24833func (s GetLoginProfileOutput) String() string {
24834	return awsutil.Prettify(s)
24835}
24836
24837// GoString returns the string representation.
24838//
24839// API parameter values that are decorated as "sensitive" in the API will not
24840// be included in the string output. The member name will be present, but the
24841// value will be replaced with "sensitive".
24842func (s GetLoginProfileOutput) GoString() string {
24843	return s.String()
24844}
24845
24846// SetLoginProfile sets the LoginProfile field's value.
24847func (s *GetLoginProfileOutput) SetLoginProfile(v *LoginProfile) *GetLoginProfileOutput {
24848	s.LoginProfile = v
24849	return s
24850}
24851
24852type GetOpenIDConnectProviderInput struct {
24853	_ struct{} `type:"structure"`
24854
24855	// The Amazon Resource Name (ARN) of the OIDC provider resource object in IAM
24856	// to get information for. You can get a list of OIDC provider resource ARNs
24857	// by using the ListOpenIDConnectProviders operation.
24858	//
24859	// For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
24860	// in the Amazon Web Services General Reference.
24861	//
24862	// OpenIDConnectProviderArn is a required field
24863	OpenIDConnectProviderArn *string `min:"20" type:"string" required:"true"`
24864}
24865
24866// String returns the string representation.
24867//
24868// API parameter values that are decorated as "sensitive" in the API will not
24869// be included in the string output. The member name will be present, but the
24870// value will be replaced with "sensitive".
24871func (s GetOpenIDConnectProviderInput) String() string {
24872	return awsutil.Prettify(s)
24873}
24874
24875// GoString returns the string representation.
24876//
24877// API parameter values that are decorated as "sensitive" in the API will not
24878// be included in the string output. The member name will be present, but the
24879// value will be replaced with "sensitive".
24880func (s GetOpenIDConnectProviderInput) GoString() string {
24881	return s.String()
24882}
24883
24884// Validate inspects the fields of the type to determine if they are valid.
24885func (s *GetOpenIDConnectProviderInput) Validate() error {
24886	invalidParams := request.ErrInvalidParams{Context: "GetOpenIDConnectProviderInput"}
24887	if s.OpenIDConnectProviderArn == nil {
24888		invalidParams.Add(request.NewErrParamRequired("OpenIDConnectProviderArn"))
24889	}
24890	if s.OpenIDConnectProviderArn != nil && len(*s.OpenIDConnectProviderArn) < 20 {
24891		invalidParams.Add(request.NewErrParamMinLen("OpenIDConnectProviderArn", 20))
24892	}
24893
24894	if invalidParams.Len() > 0 {
24895		return invalidParams
24896	}
24897	return nil
24898}
24899
24900// SetOpenIDConnectProviderArn sets the OpenIDConnectProviderArn field's value.
24901func (s *GetOpenIDConnectProviderInput) SetOpenIDConnectProviderArn(v string) *GetOpenIDConnectProviderInput {
24902	s.OpenIDConnectProviderArn = &v
24903	return s
24904}
24905
24906// Contains the response to a successful GetOpenIDConnectProvider request.
24907type GetOpenIDConnectProviderOutput struct {
24908	_ struct{} `type:"structure"`
24909
24910	// A list of client IDs (also known as audiences) that are associated with the
24911	// specified IAM OIDC provider resource object. For more information, see CreateOpenIDConnectProvider.
24912	ClientIDList []*string `type:"list"`
24913
24914	// The date and time when the IAM OIDC provider resource object was created
24915	// in the Amazon Web Services account.
24916	CreateDate *time.Time `type:"timestamp"`
24917
24918	// A list of tags that are attached to the specified IAM OIDC provider. The
24919	// returned list of tags is sorted by tag key. For more information about tagging,
24920	// see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
24921	// in the IAM User Guide.
24922	Tags []*Tag `type:"list"`
24923
24924	// A list of certificate thumbprints that are associated with the specified
24925	// IAM OIDC provider resource object. For more information, see CreateOpenIDConnectProvider.
24926	ThumbprintList []*string `type:"list"`
24927
24928	// The URL that the IAM OIDC provider resource object is associated with. For
24929	// more information, see CreateOpenIDConnectProvider.
24930	Url *string `min:"1" type:"string"`
24931}
24932
24933// String returns the string representation.
24934//
24935// API parameter values that are decorated as "sensitive" in the API will not
24936// be included in the string output. The member name will be present, but the
24937// value will be replaced with "sensitive".
24938func (s GetOpenIDConnectProviderOutput) String() string {
24939	return awsutil.Prettify(s)
24940}
24941
24942// GoString returns the string representation.
24943//
24944// API parameter values that are decorated as "sensitive" in the API will not
24945// be included in the string output. The member name will be present, but the
24946// value will be replaced with "sensitive".
24947func (s GetOpenIDConnectProviderOutput) GoString() string {
24948	return s.String()
24949}
24950
24951// SetClientIDList sets the ClientIDList field's value.
24952func (s *GetOpenIDConnectProviderOutput) SetClientIDList(v []*string) *GetOpenIDConnectProviderOutput {
24953	s.ClientIDList = v
24954	return s
24955}
24956
24957// SetCreateDate sets the CreateDate field's value.
24958func (s *GetOpenIDConnectProviderOutput) SetCreateDate(v time.Time) *GetOpenIDConnectProviderOutput {
24959	s.CreateDate = &v
24960	return s
24961}
24962
24963// SetTags sets the Tags field's value.
24964func (s *GetOpenIDConnectProviderOutput) SetTags(v []*Tag) *GetOpenIDConnectProviderOutput {
24965	s.Tags = v
24966	return s
24967}
24968
24969// SetThumbprintList sets the ThumbprintList field's value.
24970func (s *GetOpenIDConnectProviderOutput) SetThumbprintList(v []*string) *GetOpenIDConnectProviderOutput {
24971	s.ThumbprintList = v
24972	return s
24973}
24974
24975// SetUrl sets the Url field's value.
24976func (s *GetOpenIDConnectProviderOutput) SetUrl(v string) *GetOpenIDConnectProviderOutput {
24977	s.Url = &v
24978	return s
24979}
24980
24981type GetOrganizationsAccessReportInput struct {
24982	_ struct{} `type:"structure"`
24983
24984	// The identifier of the request generated by the GenerateOrganizationsAccessReport
24985	// operation.
24986	//
24987	// JobId is a required field
24988	JobId *string `min:"36" type:"string" required:"true"`
24989
24990	// Use this parameter only when paginating results and only after you receive
24991	// a response indicating that the results are truncated. Set it to the value
24992	// of the Marker element in the response that you received to indicate where
24993	// the next call should start.
24994	Marker *string `min:"1" type:"string"`
24995
24996	// Use this only when paginating results to indicate the maximum number of items
24997	// you want in the response. If additional items exist beyond the maximum you
24998	// specify, the IsTruncated response element is true.
24999	//
25000	// If you do not include this parameter, the number of items defaults to 100.
25001	// Note that IAM might return fewer results, even when there are more results
25002	// available. In that case, the IsTruncated response element returns true, and
25003	// Marker contains a value to include in the subsequent call that tells the
25004	// service where to continue from.
25005	MaxItems *int64 `min:"1" type:"integer"`
25006
25007	// The key that is used to sort the results. If you choose the namespace key,
25008	// the results are returned in alphabetical order. If you choose the time key,
25009	// the results are sorted numerically by the date and time.
25010	SortKey *string `type:"string" enum:"SortKeyType"`
25011}
25012
25013// String returns the string representation.
25014//
25015// API parameter values that are decorated as "sensitive" in the API will not
25016// be included in the string output. The member name will be present, but the
25017// value will be replaced with "sensitive".
25018func (s GetOrganizationsAccessReportInput) String() string {
25019	return awsutil.Prettify(s)
25020}
25021
25022// GoString returns the string representation.
25023//
25024// API parameter values that are decorated as "sensitive" in the API will not
25025// be included in the string output. The member name will be present, but the
25026// value will be replaced with "sensitive".
25027func (s GetOrganizationsAccessReportInput) GoString() string {
25028	return s.String()
25029}
25030
25031// Validate inspects the fields of the type to determine if they are valid.
25032func (s *GetOrganizationsAccessReportInput) Validate() error {
25033	invalidParams := request.ErrInvalidParams{Context: "GetOrganizationsAccessReportInput"}
25034	if s.JobId == nil {
25035		invalidParams.Add(request.NewErrParamRequired("JobId"))
25036	}
25037	if s.JobId != nil && len(*s.JobId) < 36 {
25038		invalidParams.Add(request.NewErrParamMinLen("JobId", 36))
25039	}
25040	if s.Marker != nil && len(*s.Marker) < 1 {
25041		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
25042	}
25043	if s.MaxItems != nil && *s.MaxItems < 1 {
25044		invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1))
25045	}
25046
25047	if invalidParams.Len() > 0 {
25048		return invalidParams
25049	}
25050	return nil
25051}
25052
25053// SetJobId sets the JobId field's value.
25054func (s *GetOrganizationsAccessReportInput) SetJobId(v string) *GetOrganizationsAccessReportInput {
25055	s.JobId = &v
25056	return s
25057}
25058
25059// SetMarker sets the Marker field's value.
25060func (s *GetOrganizationsAccessReportInput) SetMarker(v string) *GetOrganizationsAccessReportInput {
25061	s.Marker = &v
25062	return s
25063}
25064
25065// SetMaxItems sets the MaxItems field's value.
25066func (s *GetOrganizationsAccessReportInput) SetMaxItems(v int64) *GetOrganizationsAccessReportInput {
25067	s.MaxItems = &v
25068	return s
25069}
25070
25071// SetSortKey sets the SortKey field's value.
25072func (s *GetOrganizationsAccessReportInput) SetSortKey(v string) *GetOrganizationsAccessReportInput {
25073	s.SortKey = &v
25074	return s
25075}
25076
25077type GetOrganizationsAccessReportOutput struct {
25078	_ struct{} `type:"structure"`
25079
25080	// An object that contains details about the most recent attempt to access the
25081	// service.
25082	AccessDetails []*AccessDetail `type:"list"`
25083
25084	// Contains information about the reason that the operation failed.
25085	//
25086	// This data type is used as a response element in the GetOrganizationsAccessReport,
25087	// GetServiceLastAccessedDetails, and GetServiceLastAccessedDetailsWithEntities
25088	// operations.
25089	ErrorDetails *ErrorDetails `type:"structure"`
25090
25091	// A flag that indicates whether there are more items to return. If your results
25092	// were truncated, you can make a subsequent pagination request using the Marker
25093	// request parameter to retrieve more items. Note that IAM might return fewer
25094	// than the MaxItems number of results even when there are more results available.
25095	// We recommend that you check IsTruncated after every call to ensure that you
25096	// receive all your results.
25097	IsTruncated *bool `type:"boolean"`
25098
25099	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
25100	// when the generated report job was completed or failed.
25101	//
25102	// This field is null if the job is still in progress, as indicated by a job
25103	// status value of IN_PROGRESS.
25104	JobCompletionDate *time.Time `type:"timestamp"`
25105
25106	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
25107	// when the report job was created.
25108	//
25109	// JobCreationDate is a required field
25110	JobCreationDate *time.Time `type:"timestamp" required:"true"`
25111
25112	// The status of the job.
25113	//
25114	// JobStatus is a required field
25115	JobStatus *string `type:"string" required:"true" enum:"JobStatusType"`
25116
25117	// When IsTruncated is true, this element is present and contains the value
25118	// to use for the Marker parameter in a subsequent pagination request.
25119	Marker *string `min:"1" type:"string"`
25120
25121	// The number of services that the applicable SCPs allow account principals
25122	// to access.
25123	NumberOfServicesAccessible *int64 `type:"integer"`
25124
25125	// The number of services that account principals are allowed but did not attempt
25126	// to access.
25127	NumberOfServicesNotAccessed *int64 `type:"integer"`
25128}
25129
25130// String returns the string representation.
25131//
25132// API parameter values that are decorated as "sensitive" in the API will not
25133// be included in the string output. The member name will be present, but the
25134// value will be replaced with "sensitive".
25135func (s GetOrganizationsAccessReportOutput) String() string {
25136	return awsutil.Prettify(s)
25137}
25138
25139// GoString returns the string representation.
25140//
25141// API parameter values that are decorated as "sensitive" in the API will not
25142// be included in the string output. The member name will be present, but the
25143// value will be replaced with "sensitive".
25144func (s GetOrganizationsAccessReportOutput) GoString() string {
25145	return s.String()
25146}
25147
25148// SetAccessDetails sets the AccessDetails field's value.
25149func (s *GetOrganizationsAccessReportOutput) SetAccessDetails(v []*AccessDetail) *GetOrganizationsAccessReportOutput {
25150	s.AccessDetails = v
25151	return s
25152}
25153
25154// SetErrorDetails sets the ErrorDetails field's value.
25155func (s *GetOrganizationsAccessReportOutput) SetErrorDetails(v *ErrorDetails) *GetOrganizationsAccessReportOutput {
25156	s.ErrorDetails = v
25157	return s
25158}
25159
25160// SetIsTruncated sets the IsTruncated field's value.
25161func (s *GetOrganizationsAccessReportOutput) SetIsTruncated(v bool) *GetOrganizationsAccessReportOutput {
25162	s.IsTruncated = &v
25163	return s
25164}
25165
25166// SetJobCompletionDate sets the JobCompletionDate field's value.
25167func (s *GetOrganizationsAccessReportOutput) SetJobCompletionDate(v time.Time) *GetOrganizationsAccessReportOutput {
25168	s.JobCompletionDate = &v
25169	return s
25170}
25171
25172// SetJobCreationDate sets the JobCreationDate field's value.
25173func (s *GetOrganizationsAccessReportOutput) SetJobCreationDate(v time.Time) *GetOrganizationsAccessReportOutput {
25174	s.JobCreationDate = &v
25175	return s
25176}
25177
25178// SetJobStatus sets the JobStatus field's value.
25179func (s *GetOrganizationsAccessReportOutput) SetJobStatus(v string) *GetOrganizationsAccessReportOutput {
25180	s.JobStatus = &v
25181	return s
25182}
25183
25184// SetMarker sets the Marker field's value.
25185func (s *GetOrganizationsAccessReportOutput) SetMarker(v string) *GetOrganizationsAccessReportOutput {
25186	s.Marker = &v
25187	return s
25188}
25189
25190// SetNumberOfServicesAccessible sets the NumberOfServicesAccessible field's value.
25191func (s *GetOrganizationsAccessReportOutput) SetNumberOfServicesAccessible(v int64) *GetOrganizationsAccessReportOutput {
25192	s.NumberOfServicesAccessible = &v
25193	return s
25194}
25195
25196// SetNumberOfServicesNotAccessed sets the NumberOfServicesNotAccessed field's value.
25197func (s *GetOrganizationsAccessReportOutput) SetNumberOfServicesNotAccessed(v int64) *GetOrganizationsAccessReportOutput {
25198	s.NumberOfServicesNotAccessed = &v
25199	return s
25200}
25201
25202type GetPolicyInput struct {
25203	_ struct{} `type:"structure"`
25204
25205	// The Amazon Resource Name (ARN) of the managed policy that you want information
25206	// about.
25207	//
25208	// For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
25209	// in the Amazon Web Services General Reference.
25210	//
25211	// PolicyArn is a required field
25212	PolicyArn *string `min:"20" type:"string" required:"true"`
25213}
25214
25215// String returns the string representation.
25216//
25217// API parameter values that are decorated as "sensitive" in the API will not
25218// be included in the string output. The member name will be present, but the
25219// value will be replaced with "sensitive".
25220func (s GetPolicyInput) String() string {
25221	return awsutil.Prettify(s)
25222}
25223
25224// GoString returns the string representation.
25225//
25226// API parameter values that are decorated as "sensitive" in the API will not
25227// be included in the string output. The member name will be present, but the
25228// value will be replaced with "sensitive".
25229func (s GetPolicyInput) GoString() string {
25230	return s.String()
25231}
25232
25233// Validate inspects the fields of the type to determine if they are valid.
25234func (s *GetPolicyInput) Validate() error {
25235	invalidParams := request.ErrInvalidParams{Context: "GetPolicyInput"}
25236	if s.PolicyArn == nil {
25237		invalidParams.Add(request.NewErrParamRequired("PolicyArn"))
25238	}
25239	if s.PolicyArn != nil && len(*s.PolicyArn) < 20 {
25240		invalidParams.Add(request.NewErrParamMinLen("PolicyArn", 20))
25241	}
25242
25243	if invalidParams.Len() > 0 {
25244		return invalidParams
25245	}
25246	return nil
25247}
25248
25249// SetPolicyArn sets the PolicyArn field's value.
25250func (s *GetPolicyInput) SetPolicyArn(v string) *GetPolicyInput {
25251	s.PolicyArn = &v
25252	return s
25253}
25254
25255// Contains the response to a successful GetPolicy request.
25256type GetPolicyOutput struct {
25257	_ struct{} `type:"structure"`
25258
25259	// A structure containing details about the policy.
25260	Policy *Policy `type:"structure"`
25261}
25262
25263// String returns the string representation.
25264//
25265// API parameter values that are decorated as "sensitive" in the API will not
25266// be included in the string output. The member name will be present, but the
25267// value will be replaced with "sensitive".
25268func (s GetPolicyOutput) String() string {
25269	return awsutil.Prettify(s)
25270}
25271
25272// GoString returns the string representation.
25273//
25274// API parameter values that are decorated as "sensitive" in the API will not
25275// be included in the string output. The member name will be present, but the
25276// value will be replaced with "sensitive".
25277func (s GetPolicyOutput) GoString() string {
25278	return s.String()
25279}
25280
25281// SetPolicy sets the Policy field's value.
25282func (s *GetPolicyOutput) SetPolicy(v *Policy) *GetPolicyOutput {
25283	s.Policy = v
25284	return s
25285}
25286
25287type GetPolicyVersionInput struct {
25288	_ struct{} `type:"structure"`
25289
25290	// The Amazon Resource Name (ARN) of the managed policy that you want information
25291	// about.
25292	//
25293	// For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
25294	// in the Amazon Web Services General Reference.
25295	//
25296	// PolicyArn is a required field
25297	PolicyArn *string `min:"20" type:"string" required:"true"`
25298
25299	// Identifies the policy version to retrieve.
25300	//
25301	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
25302	// a string of characters that consists of the lowercase letter 'v' followed
25303	// by one or two digits, and optionally followed by a period '.' and a string
25304	// of letters and digits.
25305	//
25306	// VersionId is a required field
25307	VersionId *string `type:"string" required:"true"`
25308}
25309
25310// String returns the string representation.
25311//
25312// API parameter values that are decorated as "sensitive" in the API will not
25313// be included in the string output. The member name will be present, but the
25314// value will be replaced with "sensitive".
25315func (s GetPolicyVersionInput) String() string {
25316	return awsutil.Prettify(s)
25317}
25318
25319// GoString returns the string representation.
25320//
25321// API parameter values that are decorated as "sensitive" in the API will not
25322// be included in the string output. The member name will be present, but the
25323// value will be replaced with "sensitive".
25324func (s GetPolicyVersionInput) GoString() string {
25325	return s.String()
25326}
25327
25328// Validate inspects the fields of the type to determine if they are valid.
25329func (s *GetPolicyVersionInput) Validate() error {
25330	invalidParams := request.ErrInvalidParams{Context: "GetPolicyVersionInput"}
25331	if s.PolicyArn == nil {
25332		invalidParams.Add(request.NewErrParamRequired("PolicyArn"))
25333	}
25334	if s.PolicyArn != nil && len(*s.PolicyArn) < 20 {
25335		invalidParams.Add(request.NewErrParamMinLen("PolicyArn", 20))
25336	}
25337	if s.VersionId == nil {
25338		invalidParams.Add(request.NewErrParamRequired("VersionId"))
25339	}
25340
25341	if invalidParams.Len() > 0 {
25342		return invalidParams
25343	}
25344	return nil
25345}
25346
25347// SetPolicyArn sets the PolicyArn field's value.
25348func (s *GetPolicyVersionInput) SetPolicyArn(v string) *GetPolicyVersionInput {
25349	s.PolicyArn = &v
25350	return s
25351}
25352
25353// SetVersionId sets the VersionId field's value.
25354func (s *GetPolicyVersionInput) SetVersionId(v string) *GetPolicyVersionInput {
25355	s.VersionId = &v
25356	return s
25357}
25358
25359// Contains the response to a successful GetPolicyVersion request.
25360type GetPolicyVersionOutput struct {
25361	_ struct{} `type:"structure"`
25362
25363	// A structure containing details about the policy version.
25364	PolicyVersion *PolicyVersion `type:"structure"`
25365}
25366
25367// String returns the string representation.
25368//
25369// API parameter values that are decorated as "sensitive" in the API will not
25370// be included in the string output. The member name will be present, but the
25371// value will be replaced with "sensitive".
25372func (s GetPolicyVersionOutput) String() string {
25373	return awsutil.Prettify(s)
25374}
25375
25376// GoString returns the string representation.
25377//
25378// API parameter values that are decorated as "sensitive" in the API will not
25379// be included in the string output. The member name will be present, but the
25380// value will be replaced with "sensitive".
25381func (s GetPolicyVersionOutput) GoString() string {
25382	return s.String()
25383}
25384
25385// SetPolicyVersion sets the PolicyVersion field's value.
25386func (s *GetPolicyVersionOutput) SetPolicyVersion(v *PolicyVersion) *GetPolicyVersionOutput {
25387	s.PolicyVersion = v
25388	return s
25389}
25390
25391type GetRoleInput struct {
25392	_ struct{} `type:"structure"`
25393
25394	// The name of the IAM role to get information about.
25395	//
25396	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
25397	// a string of characters consisting of upper and lowercase alphanumeric characters
25398	// with no spaces. You can also include any of the following characters: _+=,.@-
25399	//
25400	// RoleName is a required field
25401	RoleName *string `min:"1" type:"string" required:"true"`
25402}
25403
25404// String returns the string representation.
25405//
25406// API parameter values that are decorated as "sensitive" in the API will not
25407// be included in the string output. The member name will be present, but the
25408// value will be replaced with "sensitive".
25409func (s GetRoleInput) String() string {
25410	return awsutil.Prettify(s)
25411}
25412
25413// GoString returns the string representation.
25414//
25415// API parameter values that are decorated as "sensitive" in the API will not
25416// be included in the string output. The member name will be present, but the
25417// value will be replaced with "sensitive".
25418func (s GetRoleInput) GoString() string {
25419	return s.String()
25420}
25421
25422// Validate inspects the fields of the type to determine if they are valid.
25423func (s *GetRoleInput) Validate() error {
25424	invalidParams := request.ErrInvalidParams{Context: "GetRoleInput"}
25425	if s.RoleName == nil {
25426		invalidParams.Add(request.NewErrParamRequired("RoleName"))
25427	}
25428	if s.RoleName != nil && len(*s.RoleName) < 1 {
25429		invalidParams.Add(request.NewErrParamMinLen("RoleName", 1))
25430	}
25431
25432	if invalidParams.Len() > 0 {
25433		return invalidParams
25434	}
25435	return nil
25436}
25437
25438// SetRoleName sets the RoleName field's value.
25439func (s *GetRoleInput) SetRoleName(v string) *GetRoleInput {
25440	s.RoleName = &v
25441	return s
25442}
25443
25444// Contains the response to a successful GetRole request.
25445type GetRoleOutput struct {
25446	_ struct{} `type:"structure"`
25447
25448	// A structure containing details about the IAM role.
25449	//
25450	// Role is a required field
25451	Role *Role `type:"structure" required:"true"`
25452}
25453
25454// String returns the string representation.
25455//
25456// API parameter values that are decorated as "sensitive" in the API will not
25457// be included in the string output. The member name will be present, but the
25458// value will be replaced with "sensitive".
25459func (s GetRoleOutput) String() string {
25460	return awsutil.Prettify(s)
25461}
25462
25463// GoString returns the string representation.
25464//
25465// API parameter values that are decorated as "sensitive" in the API will not
25466// be included in the string output. The member name will be present, but the
25467// value will be replaced with "sensitive".
25468func (s GetRoleOutput) GoString() string {
25469	return s.String()
25470}
25471
25472// SetRole sets the Role field's value.
25473func (s *GetRoleOutput) SetRole(v *Role) *GetRoleOutput {
25474	s.Role = v
25475	return s
25476}
25477
25478type GetRolePolicyInput struct {
25479	_ struct{} `type:"structure"`
25480
25481	// The name of the policy document to get.
25482	//
25483	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
25484	// a string of characters consisting of upper and lowercase alphanumeric characters
25485	// with no spaces. You can also include any of the following characters: _+=,.@-
25486	//
25487	// PolicyName is a required field
25488	PolicyName *string `min:"1" type:"string" required:"true"`
25489
25490	// The name of the role associated with the policy.
25491	//
25492	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
25493	// a string of characters consisting of upper and lowercase alphanumeric characters
25494	// with no spaces. You can also include any of the following characters: _+=,.@-
25495	//
25496	// RoleName is a required field
25497	RoleName *string `min:"1" type:"string" required:"true"`
25498}
25499
25500// String returns the string representation.
25501//
25502// API parameter values that are decorated as "sensitive" in the API will not
25503// be included in the string output. The member name will be present, but the
25504// value will be replaced with "sensitive".
25505func (s GetRolePolicyInput) String() string {
25506	return awsutil.Prettify(s)
25507}
25508
25509// GoString returns the string representation.
25510//
25511// API parameter values that are decorated as "sensitive" in the API will not
25512// be included in the string output. The member name will be present, but the
25513// value will be replaced with "sensitive".
25514func (s GetRolePolicyInput) GoString() string {
25515	return s.String()
25516}
25517
25518// Validate inspects the fields of the type to determine if they are valid.
25519func (s *GetRolePolicyInput) Validate() error {
25520	invalidParams := request.ErrInvalidParams{Context: "GetRolePolicyInput"}
25521	if s.PolicyName == nil {
25522		invalidParams.Add(request.NewErrParamRequired("PolicyName"))
25523	}
25524	if s.PolicyName != nil && len(*s.PolicyName) < 1 {
25525		invalidParams.Add(request.NewErrParamMinLen("PolicyName", 1))
25526	}
25527	if s.RoleName == nil {
25528		invalidParams.Add(request.NewErrParamRequired("RoleName"))
25529	}
25530	if s.RoleName != nil && len(*s.RoleName) < 1 {
25531		invalidParams.Add(request.NewErrParamMinLen("RoleName", 1))
25532	}
25533
25534	if invalidParams.Len() > 0 {
25535		return invalidParams
25536	}
25537	return nil
25538}
25539
25540// SetPolicyName sets the PolicyName field's value.
25541func (s *GetRolePolicyInput) SetPolicyName(v string) *GetRolePolicyInput {
25542	s.PolicyName = &v
25543	return s
25544}
25545
25546// SetRoleName sets the RoleName field's value.
25547func (s *GetRolePolicyInput) SetRoleName(v string) *GetRolePolicyInput {
25548	s.RoleName = &v
25549	return s
25550}
25551
25552// Contains the response to a successful GetRolePolicy request.
25553type GetRolePolicyOutput struct {
25554	_ struct{} `type:"structure"`
25555
25556	// The policy document.
25557	//
25558	// IAM stores policies in JSON format. However, resources that were created
25559	// using CloudFormation templates can be formatted in YAML. CloudFormation always
25560	// converts a YAML policy to JSON format before submitting it to IAM.
25561	//
25562	// PolicyDocument is a required field
25563	PolicyDocument *string `min:"1" type:"string" required:"true"`
25564
25565	// The name of the policy.
25566	//
25567	// PolicyName is a required field
25568	PolicyName *string `min:"1" type:"string" required:"true"`
25569
25570	// The role the policy is associated with.
25571	//
25572	// RoleName is a required field
25573	RoleName *string `min:"1" type:"string" required:"true"`
25574}
25575
25576// String returns the string representation.
25577//
25578// API parameter values that are decorated as "sensitive" in the API will not
25579// be included in the string output. The member name will be present, but the
25580// value will be replaced with "sensitive".
25581func (s GetRolePolicyOutput) String() string {
25582	return awsutil.Prettify(s)
25583}
25584
25585// GoString returns the string representation.
25586//
25587// API parameter values that are decorated as "sensitive" in the API will not
25588// be included in the string output. The member name will be present, but the
25589// value will be replaced with "sensitive".
25590func (s GetRolePolicyOutput) GoString() string {
25591	return s.String()
25592}
25593
25594// SetPolicyDocument sets the PolicyDocument field's value.
25595func (s *GetRolePolicyOutput) SetPolicyDocument(v string) *GetRolePolicyOutput {
25596	s.PolicyDocument = &v
25597	return s
25598}
25599
25600// SetPolicyName sets the PolicyName field's value.
25601func (s *GetRolePolicyOutput) SetPolicyName(v string) *GetRolePolicyOutput {
25602	s.PolicyName = &v
25603	return s
25604}
25605
25606// SetRoleName sets the RoleName field's value.
25607func (s *GetRolePolicyOutput) SetRoleName(v string) *GetRolePolicyOutput {
25608	s.RoleName = &v
25609	return s
25610}
25611
25612type GetSAMLProviderInput struct {
25613	_ struct{} `type:"structure"`
25614
25615	// The Amazon Resource Name (ARN) of the SAML provider resource object in IAM
25616	// to get information about.
25617	//
25618	// For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
25619	// in the Amazon Web Services General Reference.
25620	//
25621	// SAMLProviderArn is a required field
25622	SAMLProviderArn *string `min:"20" type:"string" required:"true"`
25623}
25624
25625// String returns the string representation.
25626//
25627// API parameter values that are decorated as "sensitive" in the API will not
25628// be included in the string output. The member name will be present, but the
25629// value will be replaced with "sensitive".
25630func (s GetSAMLProviderInput) String() string {
25631	return awsutil.Prettify(s)
25632}
25633
25634// GoString returns the string representation.
25635//
25636// API parameter values that are decorated as "sensitive" in the API will not
25637// be included in the string output. The member name will be present, but the
25638// value will be replaced with "sensitive".
25639func (s GetSAMLProviderInput) GoString() string {
25640	return s.String()
25641}
25642
25643// Validate inspects the fields of the type to determine if they are valid.
25644func (s *GetSAMLProviderInput) Validate() error {
25645	invalidParams := request.ErrInvalidParams{Context: "GetSAMLProviderInput"}
25646	if s.SAMLProviderArn == nil {
25647		invalidParams.Add(request.NewErrParamRequired("SAMLProviderArn"))
25648	}
25649	if s.SAMLProviderArn != nil && len(*s.SAMLProviderArn) < 20 {
25650		invalidParams.Add(request.NewErrParamMinLen("SAMLProviderArn", 20))
25651	}
25652
25653	if invalidParams.Len() > 0 {
25654		return invalidParams
25655	}
25656	return nil
25657}
25658
25659// SetSAMLProviderArn sets the SAMLProviderArn field's value.
25660func (s *GetSAMLProviderInput) SetSAMLProviderArn(v string) *GetSAMLProviderInput {
25661	s.SAMLProviderArn = &v
25662	return s
25663}
25664
25665// Contains the response to a successful GetSAMLProvider request.
25666type GetSAMLProviderOutput struct {
25667	_ struct{} `type:"structure"`
25668
25669	// The date and time when the SAML provider was created.
25670	CreateDate *time.Time `type:"timestamp"`
25671
25672	// The XML metadata document that includes information about an identity provider.
25673	SAMLMetadataDocument *string `min:"1000" type:"string"`
25674
25675	// A list of tags that are attached to the specified IAM SAML provider. The
25676	// returned list of tags is sorted by tag key. For more information about tagging,
25677	// see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
25678	// in the IAM User Guide.
25679	Tags []*Tag `type:"list"`
25680
25681	// The expiration date and time for the SAML provider.
25682	ValidUntil *time.Time `type:"timestamp"`
25683}
25684
25685// String returns the string representation.
25686//
25687// API parameter values that are decorated as "sensitive" in the API will not
25688// be included in the string output. The member name will be present, but the
25689// value will be replaced with "sensitive".
25690func (s GetSAMLProviderOutput) String() string {
25691	return awsutil.Prettify(s)
25692}
25693
25694// GoString returns the string representation.
25695//
25696// API parameter values that are decorated as "sensitive" in the API will not
25697// be included in the string output. The member name will be present, but the
25698// value will be replaced with "sensitive".
25699func (s GetSAMLProviderOutput) GoString() string {
25700	return s.String()
25701}
25702
25703// SetCreateDate sets the CreateDate field's value.
25704func (s *GetSAMLProviderOutput) SetCreateDate(v time.Time) *GetSAMLProviderOutput {
25705	s.CreateDate = &v
25706	return s
25707}
25708
25709// SetSAMLMetadataDocument sets the SAMLMetadataDocument field's value.
25710func (s *GetSAMLProviderOutput) SetSAMLMetadataDocument(v string) *GetSAMLProviderOutput {
25711	s.SAMLMetadataDocument = &v
25712	return s
25713}
25714
25715// SetTags sets the Tags field's value.
25716func (s *GetSAMLProviderOutput) SetTags(v []*Tag) *GetSAMLProviderOutput {
25717	s.Tags = v
25718	return s
25719}
25720
25721// SetValidUntil sets the ValidUntil field's value.
25722func (s *GetSAMLProviderOutput) SetValidUntil(v time.Time) *GetSAMLProviderOutput {
25723	s.ValidUntil = &v
25724	return s
25725}
25726
25727type GetSSHPublicKeyInput struct {
25728	_ struct{} `type:"structure"`
25729
25730	// Specifies the public key encoding format to use in the response. To retrieve
25731	// the public key in ssh-rsa format, use SSH. To retrieve the public key in
25732	// PEM format, use PEM.
25733	//
25734	// Encoding is a required field
25735	Encoding *string `type:"string" required:"true" enum:"EncodingType"`
25736
25737	// The unique identifier for the SSH public key.
25738	//
25739	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
25740	// a string of characters that can consist of any upper or lowercased letter
25741	// or digit.
25742	//
25743	// SSHPublicKeyId is a required field
25744	SSHPublicKeyId *string `min:"20" type:"string" required:"true"`
25745
25746	// The name of the IAM user associated with the SSH public key.
25747	//
25748	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
25749	// a string of characters consisting of upper and lowercase alphanumeric characters
25750	// with no spaces. You can also include any of the following characters: _+=,.@-
25751	//
25752	// UserName is a required field
25753	UserName *string `min:"1" type:"string" required:"true"`
25754}
25755
25756// String returns the string representation.
25757//
25758// API parameter values that are decorated as "sensitive" in the API will not
25759// be included in the string output. The member name will be present, but the
25760// value will be replaced with "sensitive".
25761func (s GetSSHPublicKeyInput) String() string {
25762	return awsutil.Prettify(s)
25763}
25764
25765// GoString returns the string representation.
25766//
25767// API parameter values that are decorated as "sensitive" in the API will not
25768// be included in the string output. The member name will be present, but the
25769// value will be replaced with "sensitive".
25770func (s GetSSHPublicKeyInput) GoString() string {
25771	return s.String()
25772}
25773
25774// Validate inspects the fields of the type to determine if they are valid.
25775func (s *GetSSHPublicKeyInput) Validate() error {
25776	invalidParams := request.ErrInvalidParams{Context: "GetSSHPublicKeyInput"}
25777	if s.Encoding == nil {
25778		invalidParams.Add(request.NewErrParamRequired("Encoding"))
25779	}
25780	if s.SSHPublicKeyId == nil {
25781		invalidParams.Add(request.NewErrParamRequired("SSHPublicKeyId"))
25782	}
25783	if s.SSHPublicKeyId != nil && len(*s.SSHPublicKeyId) < 20 {
25784		invalidParams.Add(request.NewErrParamMinLen("SSHPublicKeyId", 20))
25785	}
25786	if s.UserName == nil {
25787		invalidParams.Add(request.NewErrParamRequired("UserName"))
25788	}
25789	if s.UserName != nil && len(*s.UserName) < 1 {
25790		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
25791	}
25792
25793	if invalidParams.Len() > 0 {
25794		return invalidParams
25795	}
25796	return nil
25797}
25798
25799// SetEncoding sets the Encoding field's value.
25800func (s *GetSSHPublicKeyInput) SetEncoding(v string) *GetSSHPublicKeyInput {
25801	s.Encoding = &v
25802	return s
25803}
25804
25805// SetSSHPublicKeyId sets the SSHPublicKeyId field's value.
25806func (s *GetSSHPublicKeyInput) SetSSHPublicKeyId(v string) *GetSSHPublicKeyInput {
25807	s.SSHPublicKeyId = &v
25808	return s
25809}
25810
25811// SetUserName sets the UserName field's value.
25812func (s *GetSSHPublicKeyInput) SetUserName(v string) *GetSSHPublicKeyInput {
25813	s.UserName = &v
25814	return s
25815}
25816
25817// Contains the response to a successful GetSSHPublicKey request.
25818type GetSSHPublicKeyOutput struct {
25819	_ struct{} `type:"structure"`
25820
25821	// A structure containing details about the SSH public key.
25822	SSHPublicKey *SSHPublicKey `type:"structure"`
25823}
25824
25825// String returns the string representation.
25826//
25827// API parameter values that are decorated as "sensitive" in the API will not
25828// be included in the string output. The member name will be present, but the
25829// value will be replaced with "sensitive".
25830func (s GetSSHPublicKeyOutput) String() string {
25831	return awsutil.Prettify(s)
25832}
25833
25834// GoString returns the string representation.
25835//
25836// API parameter values that are decorated as "sensitive" in the API will not
25837// be included in the string output. The member name will be present, but the
25838// value will be replaced with "sensitive".
25839func (s GetSSHPublicKeyOutput) GoString() string {
25840	return s.String()
25841}
25842
25843// SetSSHPublicKey sets the SSHPublicKey field's value.
25844func (s *GetSSHPublicKeyOutput) SetSSHPublicKey(v *SSHPublicKey) *GetSSHPublicKeyOutput {
25845	s.SSHPublicKey = v
25846	return s
25847}
25848
25849type GetServerCertificateInput struct {
25850	_ struct{} `type:"structure"`
25851
25852	// The name of the server certificate you want to retrieve information about.
25853	//
25854	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
25855	// a string of characters consisting of upper and lowercase alphanumeric characters
25856	// with no spaces. You can also include any of the following characters: _+=,.@-
25857	//
25858	// ServerCertificateName is a required field
25859	ServerCertificateName *string `min:"1" type:"string" required:"true"`
25860}
25861
25862// String returns the string representation.
25863//
25864// API parameter values that are decorated as "sensitive" in the API will not
25865// be included in the string output. The member name will be present, but the
25866// value will be replaced with "sensitive".
25867func (s GetServerCertificateInput) String() string {
25868	return awsutil.Prettify(s)
25869}
25870
25871// GoString returns the string representation.
25872//
25873// API parameter values that are decorated as "sensitive" in the API will not
25874// be included in the string output. The member name will be present, but the
25875// value will be replaced with "sensitive".
25876func (s GetServerCertificateInput) GoString() string {
25877	return s.String()
25878}
25879
25880// Validate inspects the fields of the type to determine if they are valid.
25881func (s *GetServerCertificateInput) Validate() error {
25882	invalidParams := request.ErrInvalidParams{Context: "GetServerCertificateInput"}
25883	if s.ServerCertificateName == nil {
25884		invalidParams.Add(request.NewErrParamRequired("ServerCertificateName"))
25885	}
25886	if s.ServerCertificateName != nil && len(*s.ServerCertificateName) < 1 {
25887		invalidParams.Add(request.NewErrParamMinLen("ServerCertificateName", 1))
25888	}
25889
25890	if invalidParams.Len() > 0 {
25891		return invalidParams
25892	}
25893	return nil
25894}
25895
25896// SetServerCertificateName sets the ServerCertificateName field's value.
25897func (s *GetServerCertificateInput) SetServerCertificateName(v string) *GetServerCertificateInput {
25898	s.ServerCertificateName = &v
25899	return s
25900}
25901
25902// Contains the response to a successful GetServerCertificate request.
25903type GetServerCertificateOutput struct {
25904	_ struct{} `type:"structure"`
25905
25906	// A structure containing details about the server certificate.
25907	//
25908	// ServerCertificate is a required field
25909	ServerCertificate *ServerCertificate `type:"structure" required:"true"`
25910}
25911
25912// String returns the string representation.
25913//
25914// API parameter values that are decorated as "sensitive" in the API will not
25915// be included in the string output. The member name will be present, but the
25916// value will be replaced with "sensitive".
25917func (s GetServerCertificateOutput) String() string {
25918	return awsutil.Prettify(s)
25919}
25920
25921// GoString returns the string representation.
25922//
25923// API parameter values that are decorated as "sensitive" in the API will not
25924// be included in the string output. The member name will be present, but the
25925// value will be replaced with "sensitive".
25926func (s GetServerCertificateOutput) GoString() string {
25927	return s.String()
25928}
25929
25930// SetServerCertificate sets the ServerCertificate field's value.
25931func (s *GetServerCertificateOutput) SetServerCertificate(v *ServerCertificate) *GetServerCertificateOutput {
25932	s.ServerCertificate = v
25933	return s
25934}
25935
25936type GetServiceLastAccessedDetailsInput struct {
25937	_ struct{} `type:"structure"`
25938
25939	// The ID of the request generated by the GenerateServiceLastAccessedDetails
25940	// operation. The JobId returned by GenerateServiceLastAccessedDetail must be
25941	// used by the same role within a session, or by the same user when used to
25942	// call GetServiceLastAccessedDetail.
25943	//
25944	// JobId is a required field
25945	JobId *string `min:"36" type:"string" required:"true"`
25946
25947	// Use this parameter only when paginating results and only after you receive
25948	// a response indicating that the results are truncated. Set it to the value
25949	// of the Marker element in the response that you received to indicate where
25950	// the next call should start.
25951	Marker *string `min:"1" type:"string"`
25952
25953	// Use this only when paginating results to indicate the maximum number of items
25954	// you want in the response. If additional items exist beyond the maximum you
25955	// specify, the IsTruncated response element is true.
25956	//
25957	// If you do not include this parameter, the number of items defaults to 100.
25958	// Note that IAM might return fewer results, even when there are more results
25959	// available. In that case, the IsTruncated response element returns true, and
25960	// Marker contains a value to include in the subsequent call that tells the
25961	// service where to continue from.
25962	MaxItems *int64 `min:"1" type:"integer"`
25963}
25964
25965// String returns the string representation.
25966//
25967// API parameter values that are decorated as "sensitive" in the API will not
25968// be included in the string output. The member name will be present, but the
25969// value will be replaced with "sensitive".
25970func (s GetServiceLastAccessedDetailsInput) String() string {
25971	return awsutil.Prettify(s)
25972}
25973
25974// GoString returns the string representation.
25975//
25976// API parameter values that are decorated as "sensitive" in the API will not
25977// be included in the string output. The member name will be present, but the
25978// value will be replaced with "sensitive".
25979func (s GetServiceLastAccessedDetailsInput) GoString() string {
25980	return s.String()
25981}
25982
25983// Validate inspects the fields of the type to determine if they are valid.
25984func (s *GetServiceLastAccessedDetailsInput) Validate() error {
25985	invalidParams := request.ErrInvalidParams{Context: "GetServiceLastAccessedDetailsInput"}
25986	if s.JobId == nil {
25987		invalidParams.Add(request.NewErrParamRequired("JobId"))
25988	}
25989	if s.JobId != nil && len(*s.JobId) < 36 {
25990		invalidParams.Add(request.NewErrParamMinLen("JobId", 36))
25991	}
25992	if s.Marker != nil && len(*s.Marker) < 1 {
25993		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
25994	}
25995	if s.MaxItems != nil && *s.MaxItems < 1 {
25996		invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1))
25997	}
25998
25999	if invalidParams.Len() > 0 {
26000		return invalidParams
26001	}
26002	return nil
26003}
26004
26005// SetJobId sets the JobId field's value.
26006func (s *GetServiceLastAccessedDetailsInput) SetJobId(v string) *GetServiceLastAccessedDetailsInput {
26007	s.JobId = &v
26008	return s
26009}
26010
26011// SetMarker sets the Marker field's value.
26012func (s *GetServiceLastAccessedDetailsInput) SetMarker(v string) *GetServiceLastAccessedDetailsInput {
26013	s.Marker = &v
26014	return s
26015}
26016
26017// SetMaxItems sets the MaxItems field's value.
26018func (s *GetServiceLastAccessedDetailsInput) SetMaxItems(v int64) *GetServiceLastAccessedDetailsInput {
26019	s.MaxItems = &v
26020	return s
26021}
26022
26023type GetServiceLastAccessedDetailsOutput struct {
26024	_ struct{} `type:"structure"`
26025
26026	// An object that contains details about the reason the operation failed.
26027	Error *ErrorDetails `type:"structure"`
26028
26029	// A flag that indicates whether there are more items to return. If your results
26030	// were truncated, you can make a subsequent pagination request using the Marker
26031	// request parameter to retrieve more items. Note that IAM might return fewer
26032	// than the MaxItems number of results even when there are more results available.
26033	// We recommend that you check IsTruncated after every call to ensure that you
26034	// receive all your results.
26035	IsTruncated *bool `type:"boolean"`
26036
26037	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
26038	// when the generated report job was completed or failed.
26039	//
26040	// This field is null if the job is still in progress, as indicated by a job
26041	// status value of IN_PROGRESS.
26042	//
26043	// JobCompletionDate is a required field
26044	JobCompletionDate *time.Time `type:"timestamp" required:"true"`
26045
26046	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
26047	// when the report job was created.
26048	//
26049	// JobCreationDate is a required field
26050	JobCreationDate *time.Time `type:"timestamp" required:"true"`
26051
26052	// The status of the job.
26053	//
26054	// JobStatus is a required field
26055	JobStatus *string `type:"string" required:"true" enum:"JobStatusType"`
26056
26057	// The type of job. Service jobs return information about when each service
26058	// was last accessed. Action jobs also include information about when tracked
26059	// actions within the service were last accessed.
26060	JobType *string `type:"string" enum:"AccessAdvisorUsageGranularityType"`
26061
26062	// When IsTruncated is true, this element is present and contains the value
26063	// to use for the Marker parameter in a subsequent pagination request.
26064	Marker *string `type:"string"`
26065
26066	// A ServiceLastAccessed object that contains details about the most recent
26067	// attempt to access the service.
26068	//
26069	// ServicesLastAccessed is a required field
26070	ServicesLastAccessed []*ServiceLastAccessed `type:"list" required:"true"`
26071}
26072
26073// String returns the string representation.
26074//
26075// API parameter values that are decorated as "sensitive" in the API will not
26076// be included in the string output. The member name will be present, but the
26077// value will be replaced with "sensitive".
26078func (s GetServiceLastAccessedDetailsOutput) String() string {
26079	return awsutil.Prettify(s)
26080}
26081
26082// GoString returns the string representation.
26083//
26084// API parameter values that are decorated as "sensitive" in the API will not
26085// be included in the string output. The member name will be present, but the
26086// value will be replaced with "sensitive".
26087func (s GetServiceLastAccessedDetailsOutput) GoString() string {
26088	return s.String()
26089}
26090
26091// SetError sets the Error field's value.
26092func (s *GetServiceLastAccessedDetailsOutput) SetError(v *ErrorDetails) *GetServiceLastAccessedDetailsOutput {
26093	s.Error = v
26094	return s
26095}
26096
26097// SetIsTruncated sets the IsTruncated field's value.
26098func (s *GetServiceLastAccessedDetailsOutput) SetIsTruncated(v bool) *GetServiceLastAccessedDetailsOutput {
26099	s.IsTruncated = &v
26100	return s
26101}
26102
26103// SetJobCompletionDate sets the JobCompletionDate field's value.
26104func (s *GetServiceLastAccessedDetailsOutput) SetJobCompletionDate(v time.Time) *GetServiceLastAccessedDetailsOutput {
26105	s.JobCompletionDate = &v
26106	return s
26107}
26108
26109// SetJobCreationDate sets the JobCreationDate field's value.
26110func (s *GetServiceLastAccessedDetailsOutput) SetJobCreationDate(v time.Time) *GetServiceLastAccessedDetailsOutput {
26111	s.JobCreationDate = &v
26112	return s
26113}
26114
26115// SetJobStatus sets the JobStatus field's value.
26116func (s *GetServiceLastAccessedDetailsOutput) SetJobStatus(v string) *GetServiceLastAccessedDetailsOutput {
26117	s.JobStatus = &v
26118	return s
26119}
26120
26121// SetJobType sets the JobType field's value.
26122func (s *GetServiceLastAccessedDetailsOutput) SetJobType(v string) *GetServiceLastAccessedDetailsOutput {
26123	s.JobType = &v
26124	return s
26125}
26126
26127// SetMarker sets the Marker field's value.
26128func (s *GetServiceLastAccessedDetailsOutput) SetMarker(v string) *GetServiceLastAccessedDetailsOutput {
26129	s.Marker = &v
26130	return s
26131}
26132
26133// SetServicesLastAccessed sets the ServicesLastAccessed field's value.
26134func (s *GetServiceLastAccessedDetailsOutput) SetServicesLastAccessed(v []*ServiceLastAccessed) *GetServiceLastAccessedDetailsOutput {
26135	s.ServicesLastAccessed = v
26136	return s
26137}
26138
26139type GetServiceLastAccessedDetailsWithEntitiesInput struct {
26140	_ struct{} `type:"structure"`
26141
26142	// The ID of the request generated by the GenerateServiceLastAccessedDetails
26143	// operation.
26144	//
26145	// JobId is a required field
26146	JobId *string `min:"36" type:"string" required:"true"`
26147
26148	// Use this parameter only when paginating results and only after you receive
26149	// a response indicating that the results are truncated. Set it to the value
26150	// of the Marker element in the response that you received to indicate where
26151	// the next call should start.
26152	Marker *string `min:"1" type:"string"`
26153
26154	// Use this only when paginating results to indicate the maximum number of items
26155	// you want in the response. If additional items exist beyond the maximum you
26156	// specify, the IsTruncated response element is true.
26157	//
26158	// If you do not include this parameter, the number of items defaults to 100.
26159	// Note that IAM might return fewer results, even when there are more results
26160	// available. In that case, the IsTruncated response element returns true, and
26161	// Marker contains a value to include in the subsequent call that tells the
26162	// service where to continue from.
26163	MaxItems *int64 `min:"1" type:"integer"`
26164
26165	// The service namespace for an Amazon Web Services service. Provide the service
26166	// namespace to learn when the IAM entity last attempted to access the specified
26167	// service.
26168	//
26169	// To learn the service namespace for a service, see Actions, resources, and
26170	// condition keys for Amazon Web Services services (https://docs.aws.amazon.com/service-authorization/latest/reference/reference_policies_actions-resources-contextkeys.html)
26171	// in the IAM User Guide. Choose the name of the service to view details for
26172	// that service. In the first paragraph, find the service prefix. For example,
26173	// (service prefix: a4b). For more information about service namespaces, see
26174	// Amazon Web Services service namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html#genref-aws-service-namespaces)
26175	// in the Amazon Web Services General Reference.
26176	//
26177	// ServiceNamespace is a required field
26178	ServiceNamespace *string `min:"1" type:"string" required:"true"`
26179}
26180
26181// String returns the string representation.
26182//
26183// API parameter values that are decorated as "sensitive" in the API will not
26184// be included in the string output. The member name will be present, but the
26185// value will be replaced with "sensitive".
26186func (s GetServiceLastAccessedDetailsWithEntitiesInput) String() string {
26187	return awsutil.Prettify(s)
26188}
26189
26190// GoString returns the string representation.
26191//
26192// API parameter values that are decorated as "sensitive" in the API will not
26193// be included in the string output. The member name will be present, but the
26194// value will be replaced with "sensitive".
26195func (s GetServiceLastAccessedDetailsWithEntitiesInput) GoString() string {
26196	return s.String()
26197}
26198
26199// Validate inspects the fields of the type to determine if they are valid.
26200func (s *GetServiceLastAccessedDetailsWithEntitiesInput) Validate() error {
26201	invalidParams := request.ErrInvalidParams{Context: "GetServiceLastAccessedDetailsWithEntitiesInput"}
26202	if s.JobId == nil {
26203		invalidParams.Add(request.NewErrParamRequired("JobId"))
26204	}
26205	if s.JobId != nil && len(*s.JobId) < 36 {
26206		invalidParams.Add(request.NewErrParamMinLen("JobId", 36))
26207	}
26208	if s.Marker != nil && len(*s.Marker) < 1 {
26209		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
26210	}
26211	if s.MaxItems != nil && *s.MaxItems < 1 {
26212		invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1))
26213	}
26214	if s.ServiceNamespace == nil {
26215		invalidParams.Add(request.NewErrParamRequired("ServiceNamespace"))
26216	}
26217	if s.ServiceNamespace != nil && len(*s.ServiceNamespace) < 1 {
26218		invalidParams.Add(request.NewErrParamMinLen("ServiceNamespace", 1))
26219	}
26220
26221	if invalidParams.Len() > 0 {
26222		return invalidParams
26223	}
26224	return nil
26225}
26226
26227// SetJobId sets the JobId field's value.
26228func (s *GetServiceLastAccessedDetailsWithEntitiesInput) SetJobId(v string) *GetServiceLastAccessedDetailsWithEntitiesInput {
26229	s.JobId = &v
26230	return s
26231}
26232
26233// SetMarker sets the Marker field's value.
26234func (s *GetServiceLastAccessedDetailsWithEntitiesInput) SetMarker(v string) *GetServiceLastAccessedDetailsWithEntitiesInput {
26235	s.Marker = &v
26236	return s
26237}
26238
26239// SetMaxItems sets the MaxItems field's value.
26240func (s *GetServiceLastAccessedDetailsWithEntitiesInput) SetMaxItems(v int64) *GetServiceLastAccessedDetailsWithEntitiesInput {
26241	s.MaxItems = &v
26242	return s
26243}
26244
26245// SetServiceNamespace sets the ServiceNamespace field's value.
26246func (s *GetServiceLastAccessedDetailsWithEntitiesInput) SetServiceNamespace(v string) *GetServiceLastAccessedDetailsWithEntitiesInput {
26247	s.ServiceNamespace = &v
26248	return s
26249}
26250
26251type GetServiceLastAccessedDetailsWithEntitiesOutput struct {
26252	_ struct{} `type:"structure"`
26253
26254	// An EntityDetailsList object that contains details about when an IAM entity
26255	// (user or role) used group or policy permissions in an attempt to access the
26256	// specified Amazon Web Services service.
26257	//
26258	// EntityDetailsList is a required field
26259	EntityDetailsList []*EntityDetails `type:"list" required:"true"`
26260
26261	// An object that contains details about the reason the operation failed.
26262	Error *ErrorDetails `type:"structure"`
26263
26264	// A flag that indicates whether there are more items to return. If your results
26265	// were truncated, you can make a subsequent pagination request using the Marker
26266	// request parameter to retrieve more items. Note that IAM might return fewer
26267	// than the MaxItems number of results even when there are more results available.
26268	// We recommend that you check IsTruncated after every call to ensure that you
26269	// receive all your results.
26270	IsTruncated *bool `type:"boolean"`
26271
26272	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
26273	// when the generated report job was completed or failed.
26274	//
26275	// This field is null if the job is still in progress, as indicated by a job
26276	// status value of IN_PROGRESS.
26277	//
26278	// JobCompletionDate is a required field
26279	JobCompletionDate *time.Time `type:"timestamp" required:"true"`
26280
26281	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
26282	// when the report job was created.
26283	//
26284	// JobCreationDate is a required field
26285	JobCreationDate *time.Time `type:"timestamp" required:"true"`
26286
26287	// The status of the job.
26288	//
26289	// JobStatus is a required field
26290	JobStatus *string `type:"string" required:"true" enum:"JobStatusType"`
26291
26292	// When IsTruncated is true, this element is present and contains the value
26293	// to use for the Marker parameter in a subsequent pagination request.
26294	Marker *string `type:"string"`
26295}
26296
26297// String returns the string representation.
26298//
26299// API parameter values that are decorated as "sensitive" in the API will not
26300// be included in the string output. The member name will be present, but the
26301// value will be replaced with "sensitive".
26302func (s GetServiceLastAccessedDetailsWithEntitiesOutput) String() string {
26303	return awsutil.Prettify(s)
26304}
26305
26306// GoString returns the string representation.
26307//
26308// API parameter values that are decorated as "sensitive" in the API will not
26309// be included in the string output. The member name will be present, but the
26310// value will be replaced with "sensitive".
26311func (s GetServiceLastAccessedDetailsWithEntitiesOutput) GoString() string {
26312	return s.String()
26313}
26314
26315// SetEntityDetailsList sets the EntityDetailsList field's value.
26316func (s *GetServiceLastAccessedDetailsWithEntitiesOutput) SetEntityDetailsList(v []*EntityDetails) *GetServiceLastAccessedDetailsWithEntitiesOutput {
26317	s.EntityDetailsList = v
26318	return s
26319}
26320
26321// SetError sets the Error field's value.
26322func (s *GetServiceLastAccessedDetailsWithEntitiesOutput) SetError(v *ErrorDetails) *GetServiceLastAccessedDetailsWithEntitiesOutput {
26323	s.Error = v
26324	return s
26325}
26326
26327// SetIsTruncated sets the IsTruncated field's value.
26328func (s *GetServiceLastAccessedDetailsWithEntitiesOutput) SetIsTruncated(v bool) *GetServiceLastAccessedDetailsWithEntitiesOutput {
26329	s.IsTruncated = &v
26330	return s
26331}
26332
26333// SetJobCompletionDate sets the JobCompletionDate field's value.
26334func (s *GetServiceLastAccessedDetailsWithEntitiesOutput) SetJobCompletionDate(v time.Time) *GetServiceLastAccessedDetailsWithEntitiesOutput {
26335	s.JobCompletionDate = &v
26336	return s
26337}
26338
26339// SetJobCreationDate sets the JobCreationDate field's value.
26340func (s *GetServiceLastAccessedDetailsWithEntitiesOutput) SetJobCreationDate(v time.Time) *GetServiceLastAccessedDetailsWithEntitiesOutput {
26341	s.JobCreationDate = &v
26342	return s
26343}
26344
26345// SetJobStatus sets the JobStatus field's value.
26346func (s *GetServiceLastAccessedDetailsWithEntitiesOutput) SetJobStatus(v string) *GetServiceLastAccessedDetailsWithEntitiesOutput {
26347	s.JobStatus = &v
26348	return s
26349}
26350
26351// SetMarker sets the Marker field's value.
26352func (s *GetServiceLastAccessedDetailsWithEntitiesOutput) SetMarker(v string) *GetServiceLastAccessedDetailsWithEntitiesOutput {
26353	s.Marker = &v
26354	return s
26355}
26356
26357type GetServiceLinkedRoleDeletionStatusInput struct {
26358	_ struct{} `type:"structure"`
26359
26360	// The deletion task identifier. This identifier is returned by the DeleteServiceLinkedRole
26361	// operation in the format task/aws-service-role/<service-principal-name>/<role-name>/<task-uuid>.
26362	//
26363	// DeletionTaskId is a required field
26364	DeletionTaskId *string `min:"1" type:"string" required:"true"`
26365}
26366
26367// String returns the string representation.
26368//
26369// API parameter values that are decorated as "sensitive" in the API will not
26370// be included in the string output. The member name will be present, but the
26371// value will be replaced with "sensitive".
26372func (s GetServiceLinkedRoleDeletionStatusInput) String() string {
26373	return awsutil.Prettify(s)
26374}
26375
26376// GoString returns the string representation.
26377//
26378// API parameter values that are decorated as "sensitive" in the API will not
26379// be included in the string output. The member name will be present, but the
26380// value will be replaced with "sensitive".
26381func (s GetServiceLinkedRoleDeletionStatusInput) GoString() string {
26382	return s.String()
26383}
26384
26385// Validate inspects the fields of the type to determine if they are valid.
26386func (s *GetServiceLinkedRoleDeletionStatusInput) Validate() error {
26387	invalidParams := request.ErrInvalidParams{Context: "GetServiceLinkedRoleDeletionStatusInput"}
26388	if s.DeletionTaskId == nil {
26389		invalidParams.Add(request.NewErrParamRequired("DeletionTaskId"))
26390	}
26391	if s.DeletionTaskId != nil && len(*s.DeletionTaskId) < 1 {
26392		invalidParams.Add(request.NewErrParamMinLen("DeletionTaskId", 1))
26393	}
26394
26395	if invalidParams.Len() > 0 {
26396		return invalidParams
26397	}
26398	return nil
26399}
26400
26401// SetDeletionTaskId sets the DeletionTaskId field's value.
26402func (s *GetServiceLinkedRoleDeletionStatusInput) SetDeletionTaskId(v string) *GetServiceLinkedRoleDeletionStatusInput {
26403	s.DeletionTaskId = &v
26404	return s
26405}
26406
26407type GetServiceLinkedRoleDeletionStatusOutput struct {
26408	_ struct{} `type:"structure"`
26409
26410	// An object that contains details about the reason the deletion failed.
26411	Reason *DeletionTaskFailureReasonType `type:"structure"`
26412
26413	// The status of the deletion.
26414	//
26415	// Status is a required field
26416	Status *string `type:"string" required:"true" enum:"DeletionTaskStatusType"`
26417}
26418
26419// String returns the string representation.
26420//
26421// API parameter values that are decorated as "sensitive" in the API will not
26422// be included in the string output. The member name will be present, but the
26423// value will be replaced with "sensitive".
26424func (s GetServiceLinkedRoleDeletionStatusOutput) String() string {
26425	return awsutil.Prettify(s)
26426}
26427
26428// GoString returns the string representation.
26429//
26430// API parameter values that are decorated as "sensitive" in the API will not
26431// be included in the string output. The member name will be present, but the
26432// value will be replaced with "sensitive".
26433func (s GetServiceLinkedRoleDeletionStatusOutput) GoString() string {
26434	return s.String()
26435}
26436
26437// SetReason sets the Reason field's value.
26438func (s *GetServiceLinkedRoleDeletionStatusOutput) SetReason(v *DeletionTaskFailureReasonType) *GetServiceLinkedRoleDeletionStatusOutput {
26439	s.Reason = v
26440	return s
26441}
26442
26443// SetStatus sets the Status field's value.
26444func (s *GetServiceLinkedRoleDeletionStatusOutput) SetStatus(v string) *GetServiceLinkedRoleDeletionStatusOutput {
26445	s.Status = &v
26446	return s
26447}
26448
26449type GetUserInput struct {
26450	_ struct{} `type:"structure"`
26451
26452	// The name of the user to get information about.
26453	//
26454	// This parameter is optional. If it is not included, it defaults to the user
26455	// making the request. This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
26456	// a string of characters consisting of upper and lowercase alphanumeric characters
26457	// with no spaces. You can also include any of the following characters: _+=,.@-
26458	UserName *string `min:"1" type:"string"`
26459}
26460
26461// String returns the string representation.
26462//
26463// API parameter values that are decorated as "sensitive" in the API will not
26464// be included in the string output. The member name will be present, but the
26465// value will be replaced with "sensitive".
26466func (s GetUserInput) String() string {
26467	return awsutil.Prettify(s)
26468}
26469
26470// GoString returns the string representation.
26471//
26472// API parameter values that are decorated as "sensitive" in the API will not
26473// be included in the string output. The member name will be present, but the
26474// value will be replaced with "sensitive".
26475func (s GetUserInput) GoString() string {
26476	return s.String()
26477}
26478
26479// Validate inspects the fields of the type to determine if they are valid.
26480func (s *GetUserInput) Validate() error {
26481	invalidParams := request.ErrInvalidParams{Context: "GetUserInput"}
26482	if s.UserName != nil && len(*s.UserName) < 1 {
26483		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
26484	}
26485
26486	if invalidParams.Len() > 0 {
26487		return invalidParams
26488	}
26489	return nil
26490}
26491
26492// SetUserName sets the UserName field's value.
26493func (s *GetUserInput) SetUserName(v string) *GetUserInput {
26494	s.UserName = &v
26495	return s
26496}
26497
26498// Contains the response to a successful GetUser request.
26499type GetUserOutput struct {
26500	_ struct{} `type:"structure"`
26501
26502	// A structure containing details about the IAM user.
26503	//
26504	// Due to a service issue, password last used data does not include password
26505	// use from May 3, 2018 22:50 PDT to May 23, 2018 14:08 PDT. This affects last
26506	// sign-in (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_finding-unused.html)
26507	// dates shown in the IAM console and password last used dates in the IAM credential
26508	// report (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_getting-report.html),
26509	// and returned by this operation. If users signed in during the affected time,
26510	// the password last used date that is returned is the date the user last signed
26511	// in before May 3, 2018. For users that signed in after May 23, 2018 14:08
26512	// PDT, the returned password last used date is accurate.
26513	//
26514	// You can use password last used information to identify unused credentials
26515	// for deletion. For example, you might delete users who did not sign in to
26516	// Amazon Web Services in the last 90 days. In cases like this, we recommend
26517	// that you adjust your evaluation window to include dates after May 23, 2018.
26518	// Alternatively, if your users use access keys to access Amazon Web Services
26519	// programmatically you can refer to access key last used information because
26520	// it is accurate for all dates.
26521	//
26522	// User is a required field
26523	User *User `type:"structure" required:"true"`
26524}
26525
26526// String returns the string representation.
26527//
26528// API parameter values that are decorated as "sensitive" in the API will not
26529// be included in the string output. The member name will be present, but the
26530// value will be replaced with "sensitive".
26531func (s GetUserOutput) String() string {
26532	return awsutil.Prettify(s)
26533}
26534
26535// GoString returns the string representation.
26536//
26537// API parameter values that are decorated as "sensitive" in the API will not
26538// be included in the string output. The member name will be present, but the
26539// value will be replaced with "sensitive".
26540func (s GetUserOutput) GoString() string {
26541	return s.String()
26542}
26543
26544// SetUser sets the User field's value.
26545func (s *GetUserOutput) SetUser(v *User) *GetUserOutput {
26546	s.User = v
26547	return s
26548}
26549
26550type GetUserPolicyInput struct {
26551	_ struct{} `type:"structure"`
26552
26553	// The name of the policy document to get.
26554	//
26555	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
26556	// a string of characters consisting of upper and lowercase alphanumeric characters
26557	// with no spaces. You can also include any of the following characters: _+=,.@-
26558	//
26559	// PolicyName is a required field
26560	PolicyName *string `min:"1" type:"string" required:"true"`
26561
26562	// The name of the user who the policy is associated with.
26563	//
26564	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
26565	// a string of characters consisting of upper and lowercase alphanumeric characters
26566	// with no spaces. You can also include any of the following characters: _+=,.@-
26567	//
26568	// UserName is a required field
26569	UserName *string `min:"1" type:"string" required:"true"`
26570}
26571
26572// String returns the string representation.
26573//
26574// API parameter values that are decorated as "sensitive" in the API will not
26575// be included in the string output. The member name will be present, but the
26576// value will be replaced with "sensitive".
26577func (s GetUserPolicyInput) String() string {
26578	return awsutil.Prettify(s)
26579}
26580
26581// GoString returns the string representation.
26582//
26583// API parameter values that are decorated as "sensitive" in the API will not
26584// be included in the string output. The member name will be present, but the
26585// value will be replaced with "sensitive".
26586func (s GetUserPolicyInput) GoString() string {
26587	return s.String()
26588}
26589
26590// Validate inspects the fields of the type to determine if they are valid.
26591func (s *GetUserPolicyInput) Validate() error {
26592	invalidParams := request.ErrInvalidParams{Context: "GetUserPolicyInput"}
26593	if s.PolicyName == nil {
26594		invalidParams.Add(request.NewErrParamRequired("PolicyName"))
26595	}
26596	if s.PolicyName != nil && len(*s.PolicyName) < 1 {
26597		invalidParams.Add(request.NewErrParamMinLen("PolicyName", 1))
26598	}
26599	if s.UserName == nil {
26600		invalidParams.Add(request.NewErrParamRequired("UserName"))
26601	}
26602	if s.UserName != nil && len(*s.UserName) < 1 {
26603		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
26604	}
26605
26606	if invalidParams.Len() > 0 {
26607		return invalidParams
26608	}
26609	return nil
26610}
26611
26612// SetPolicyName sets the PolicyName field's value.
26613func (s *GetUserPolicyInput) SetPolicyName(v string) *GetUserPolicyInput {
26614	s.PolicyName = &v
26615	return s
26616}
26617
26618// SetUserName sets the UserName field's value.
26619func (s *GetUserPolicyInput) SetUserName(v string) *GetUserPolicyInput {
26620	s.UserName = &v
26621	return s
26622}
26623
26624// Contains the response to a successful GetUserPolicy request.
26625type GetUserPolicyOutput struct {
26626	_ struct{} `type:"structure"`
26627
26628	// The policy document.
26629	//
26630	// IAM stores policies in JSON format. However, resources that were created
26631	// using CloudFormation templates can be formatted in YAML. CloudFormation always
26632	// converts a YAML policy to JSON format before submitting it to IAM.
26633	//
26634	// PolicyDocument is a required field
26635	PolicyDocument *string `min:"1" type:"string" required:"true"`
26636
26637	// The name of the policy.
26638	//
26639	// PolicyName is a required field
26640	PolicyName *string `min:"1" type:"string" required:"true"`
26641
26642	// The user the policy is associated with.
26643	//
26644	// UserName is a required field
26645	UserName *string `min:"1" type:"string" required:"true"`
26646}
26647
26648// String returns the string representation.
26649//
26650// API parameter values that are decorated as "sensitive" in the API will not
26651// be included in the string output. The member name will be present, but the
26652// value will be replaced with "sensitive".
26653func (s GetUserPolicyOutput) String() string {
26654	return awsutil.Prettify(s)
26655}
26656
26657// GoString returns the string representation.
26658//
26659// API parameter values that are decorated as "sensitive" in the API will not
26660// be included in the string output. The member name will be present, but the
26661// value will be replaced with "sensitive".
26662func (s GetUserPolicyOutput) GoString() string {
26663	return s.String()
26664}
26665
26666// SetPolicyDocument sets the PolicyDocument field's value.
26667func (s *GetUserPolicyOutput) SetPolicyDocument(v string) *GetUserPolicyOutput {
26668	s.PolicyDocument = &v
26669	return s
26670}
26671
26672// SetPolicyName sets the PolicyName field's value.
26673func (s *GetUserPolicyOutput) SetPolicyName(v string) *GetUserPolicyOutput {
26674	s.PolicyName = &v
26675	return s
26676}
26677
26678// SetUserName sets the UserName field's value.
26679func (s *GetUserPolicyOutput) SetUserName(v string) *GetUserPolicyOutput {
26680	s.UserName = &v
26681	return s
26682}
26683
26684// Contains information about an IAM group entity.
26685//
26686// This data type is used as a response element in the following operations:
26687//
26688//    * CreateGroup
26689//
26690//    * GetGroup
26691//
26692//    * ListGroups
26693type Group struct {
26694	_ struct{} `type:"structure"`
26695
26696	// The Amazon Resource Name (ARN) specifying the group. For more information
26697	// about ARNs and how to use them in policies, see IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
26698	// in the IAM User Guide.
26699	//
26700	// Arn is a required field
26701	Arn *string `min:"20" type:"string" required:"true"`
26702
26703	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
26704	// when the group was created.
26705	//
26706	// CreateDate is a required field
26707	CreateDate *time.Time `type:"timestamp" required:"true"`
26708
26709	// The stable and unique string identifying the group. For more information
26710	// about IDs, see IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
26711	// in the IAM User Guide.
26712	//
26713	// GroupId is a required field
26714	GroupId *string `min:"16" type:"string" required:"true"`
26715
26716	// The friendly name that identifies the group.
26717	//
26718	// GroupName is a required field
26719	GroupName *string `min:"1" type:"string" required:"true"`
26720
26721	// The path to the group. For more information about paths, see IAM identifiers
26722	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
26723	// in the IAM User Guide.
26724	//
26725	// Path is a required field
26726	Path *string `min:"1" type:"string" required:"true"`
26727}
26728
26729// String returns the string representation.
26730//
26731// API parameter values that are decorated as "sensitive" in the API will not
26732// be included in the string output. The member name will be present, but the
26733// value will be replaced with "sensitive".
26734func (s Group) String() string {
26735	return awsutil.Prettify(s)
26736}
26737
26738// GoString returns the string representation.
26739//
26740// API parameter values that are decorated as "sensitive" in the API will not
26741// be included in the string output. The member name will be present, but the
26742// value will be replaced with "sensitive".
26743func (s Group) GoString() string {
26744	return s.String()
26745}
26746
26747// SetArn sets the Arn field's value.
26748func (s *Group) SetArn(v string) *Group {
26749	s.Arn = &v
26750	return s
26751}
26752
26753// SetCreateDate sets the CreateDate field's value.
26754func (s *Group) SetCreateDate(v time.Time) *Group {
26755	s.CreateDate = &v
26756	return s
26757}
26758
26759// SetGroupId sets the GroupId field's value.
26760func (s *Group) SetGroupId(v string) *Group {
26761	s.GroupId = &v
26762	return s
26763}
26764
26765// SetGroupName sets the GroupName field's value.
26766func (s *Group) SetGroupName(v string) *Group {
26767	s.GroupName = &v
26768	return s
26769}
26770
26771// SetPath sets the Path field's value.
26772func (s *Group) SetPath(v string) *Group {
26773	s.Path = &v
26774	return s
26775}
26776
26777// Contains information about an IAM group, including all of the group's policies.
26778//
26779// This data type is used as a response element in the GetAccountAuthorizationDetails
26780// operation.
26781type GroupDetail struct {
26782	_ struct{} `type:"structure"`
26783
26784	// The Amazon Resource Name (ARN). ARNs are unique identifiers for Amazon Web
26785	// Services resources.
26786	//
26787	// For more information about ARNs, go to Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
26788	// in the Amazon Web Services General Reference.
26789	Arn *string `min:"20" type:"string"`
26790
26791	// A list of the managed policies attached to the group.
26792	AttachedManagedPolicies []*AttachedPolicy `type:"list"`
26793
26794	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
26795	// when the group was created.
26796	CreateDate *time.Time `type:"timestamp"`
26797
26798	// The stable and unique string identifying the group. For more information
26799	// about IDs, see IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
26800	// in the IAM User Guide.
26801	GroupId *string `min:"16" type:"string"`
26802
26803	// The friendly name that identifies the group.
26804	GroupName *string `min:"1" type:"string"`
26805
26806	// A list of the inline policies embedded in the group.
26807	GroupPolicyList []*PolicyDetail `type:"list"`
26808
26809	// The path to the group. For more information about paths, see IAM identifiers
26810	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
26811	// in the IAM User Guide.
26812	Path *string `min:"1" type:"string"`
26813}
26814
26815// String returns the string representation.
26816//
26817// API parameter values that are decorated as "sensitive" in the API will not
26818// be included in the string output. The member name will be present, but the
26819// value will be replaced with "sensitive".
26820func (s GroupDetail) String() string {
26821	return awsutil.Prettify(s)
26822}
26823
26824// GoString returns the string representation.
26825//
26826// API parameter values that are decorated as "sensitive" in the API will not
26827// be included in the string output. The member name will be present, but the
26828// value will be replaced with "sensitive".
26829func (s GroupDetail) GoString() string {
26830	return s.String()
26831}
26832
26833// SetArn sets the Arn field's value.
26834func (s *GroupDetail) SetArn(v string) *GroupDetail {
26835	s.Arn = &v
26836	return s
26837}
26838
26839// SetAttachedManagedPolicies sets the AttachedManagedPolicies field's value.
26840func (s *GroupDetail) SetAttachedManagedPolicies(v []*AttachedPolicy) *GroupDetail {
26841	s.AttachedManagedPolicies = v
26842	return s
26843}
26844
26845// SetCreateDate sets the CreateDate field's value.
26846func (s *GroupDetail) SetCreateDate(v time.Time) *GroupDetail {
26847	s.CreateDate = &v
26848	return s
26849}
26850
26851// SetGroupId sets the GroupId field's value.
26852func (s *GroupDetail) SetGroupId(v string) *GroupDetail {
26853	s.GroupId = &v
26854	return s
26855}
26856
26857// SetGroupName sets the GroupName field's value.
26858func (s *GroupDetail) SetGroupName(v string) *GroupDetail {
26859	s.GroupName = &v
26860	return s
26861}
26862
26863// SetGroupPolicyList sets the GroupPolicyList field's value.
26864func (s *GroupDetail) SetGroupPolicyList(v []*PolicyDetail) *GroupDetail {
26865	s.GroupPolicyList = v
26866	return s
26867}
26868
26869// SetPath sets the Path field's value.
26870func (s *GroupDetail) SetPath(v string) *GroupDetail {
26871	s.Path = &v
26872	return s
26873}
26874
26875// Contains information about an instance profile.
26876//
26877// This data type is used as a response element in the following operations:
26878//
26879//    * CreateInstanceProfile
26880//
26881//    * GetInstanceProfile
26882//
26883//    * ListInstanceProfiles
26884//
26885//    * ListInstanceProfilesForRole
26886type InstanceProfile struct {
26887	_ struct{} `type:"structure"`
26888
26889	// The Amazon Resource Name (ARN) specifying the instance profile. For more
26890	// information about ARNs and how to use them in policies, see IAM identifiers
26891	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
26892	// in the IAM User Guide.
26893	//
26894	// Arn is a required field
26895	Arn *string `min:"20" type:"string" required:"true"`
26896
26897	// The date when the instance profile was created.
26898	//
26899	// CreateDate is a required field
26900	CreateDate *time.Time `type:"timestamp" required:"true"`
26901
26902	// The stable and unique string identifying the instance profile. For more information
26903	// about IDs, see IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
26904	// in the IAM User Guide.
26905	//
26906	// InstanceProfileId is a required field
26907	InstanceProfileId *string `min:"16" type:"string" required:"true"`
26908
26909	// The name identifying the instance profile.
26910	//
26911	// InstanceProfileName is a required field
26912	InstanceProfileName *string `min:"1" type:"string" required:"true"`
26913
26914	// The path to the instance profile. For more information about paths, see IAM
26915	// identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
26916	// in the IAM User Guide.
26917	//
26918	// Path is a required field
26919	Path *string `min:"1" type:"string" required:"true"`
26920
26921	// The role associated with the instance profile.
26922	//
26923	// Roles is a required field
26924	Roles []*Role `type:"list" required:"true"`
26925
26926	// A list of tags that are attached to the instance profile. For more information
26927	// about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
26928	// in the IAM User Guide.
26929	Tags []*Tag `type:"list"`
26930}
26931
26932// String returns the string representation.
26933//
26934// API parameter values that are decorated as "sensitive" in the API will not
26935// be included in the string output. The member name will be present, but the
26936// value will be replaced with "sensitive".
26937func (s InstanceProfile) String() string {
26938	return awsutil.Prettify(s)
26939}
26940
26941// GoString returns the string representation.
26942//
26943// API parameter values that are decorated as "sensitive" in the API will not
26944// be included in the string output. The member name will be present, but the
26945// value will be replaced with "sensitive".
26946func (s InstanceProfile) GoString() string {
26947	return s.String()
26948}
26949
26950// SetArn sets the Arn field's value.
26951func (s *InstanceProfile) SetArn(v string) *InstanceProfile {
26952	s.Arn = &v
26953	return s
26954}
26955
26956// SetCreateDate sets the CreateDate field's value.
26957func (s *InstanceProfile) SetCreateDate(v time.Time) *InstanceProfile {
26958	s.CreateDate = &v
26959	return s
26960}
26961
26962// SetInstanceProfileId sets the InstanceProfileId field's value.
26963func (s *InstanceProfile) SetInstanceProfileId(v string) *InstanceProfile {
26964	s.InstanceProfileId = &v
26965	return s
26966}
26967
26968// SetInstanceProfileName sets the InstanceProfileName field's value.
26969func (s *InstanceProfile) SetInstanceProfileName(v string) *InstanceProfile {
26970	s.InstanceProfileName = &v
26971	return s
26972}
26973
26974// SetPath sets the Path field's value.
26975func (s *InstanceProfile) SetPath(v string) *InstanceProfile {
26976	s.Path = &v
26977	return s
26978}
26979
26980// SetRoles sets the Roles field's value.
26981func (s *InstanceProfile) SetRoles(v []*Role) *InstanceProfile {
26982	s.Roles = v
26983	return s
26984}
26985
26986// SetTags sets the Tags field's value.
26987func (s *InstanceProfile) SetTags(v []*Tag) *InstanceProfile {
26988	s.Tags = v
26989	return s
26990}
26991
26992type ListAccessKeysInput struct {
26993	_ struct{} `type:"structure"`
26994
26995	// Use this parameter only when paginating results and only after you receive
26996	// a response indicating that the results are truncated. Set it to the value
26997	// of the Marker element in the response that you received to indicate where
26998	// the next call should start.
26999	Marker *string `min:"1" type:"string"`
27000
27001	// Use this only when paginating results to indicate the maximum number of items
27002	// you want in the response. If additional items exist beyond the maximum you
27003	// specify, the IsTruncated response element is true.
27004	//
27005	// If you do not include this parameter, the number of items defaults to 100.
27006	// Note that IAM might return fewer results, even when there are more results
27007	// available. In that case, the IsTruncated response element returns true, and
27008	// Marker contains a value to include in the subsequent call that tells the
27009	// service where to continue from.
27010	MaxItems *int64 `min:"1" type:"integer"`
27011
27012	// The name of the user.
27013	//
27014	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
27015	// a string of characters consisting of upper and lowercase alphanumeric characters
27016	// with no spaces. You can also include any of the following characters: _+=,.@-
27017	UserName *string `min:"1" type:"string"`
27018}
27019
27020// String returns the string representation.
27021//
27022// API parameter values that are decorated as "sensitive" in the API will not
27023// be included in the string output. The member name will be present, but the
27024// value will be replaced with "sensitive".
27025func (s ListAccessKeysInput) String() string {
27026	return awsutil.Prettify(s)
27027}
27028
27029// GoString returns the string representation.
27030//
27031// API parameter values that are decorated as "sensitive" in the API will not
27032// be included in the string output. The member name will be present, but the
27033// value will be replaced with "sensitive".
27034func (s ListAccessKeysInput) GoString() string {
27035	return s.String()
27036}
27037
27038// Validate inspects the fields of the type to determine if they are valid.
27039func (s *ListAccessKeysInput) Validate() error {
27040	invalidParams := request.ErrInvalidParams{Context: "ListAccessKeysInput"}
27041	if s.Marker != nil && len(*s.Marker) < 1 {
27042		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
27043	}
27044	if s.MaxItems != nil && *s.MaxItems < 1 {
27045		invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1))
27046	}
27047	if s.UserName != nil && len(*s.UserName) < 1 {
27048		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
27049	}
27050
27051	if invalidParams.Len() > 0 {
27052		return invalidParams
27053	}
27054	return nil
27055}
27056
27057// SetMarker sets the Marker field's value.
27058func (s *ListAccessKeysInput) SetMarker(v string) *ListAccessKeysInput {
27059	s.Marker = &v
27060	return s
27061}
27062
27063// SetMaxItems sets the MaxItems field's value.
27064func (s *ListAccessKeysInput) SetMaxItems(v int64) *ListAccessKeysInput {
27065	s.MaxItems = &v
27066	return s
27067}
27068
27069// SetUserName sets the UserName field's value.
27070func (s *ListAccessKeysInput) SetUserName(v string) *ListAccessKeysInput {
27071	s.UserName = &v
27072	return s
27073}
27074
27075// Contains the response to a successful ListAccessKeys request.
27076type ListAccessKeysOutput struct {
27077	_ struct{} `type:"structure"`
27078
27079	// A list of objects containing metadata about the access keys.
27080	//
27081	// AccessKeyMetadata is a required field
27082	AccessKeyMetadata []*AccessKeyMetadata `type:"list" required:"true"`
27083
27084	// A flag that indicates whether there are more items to return. If your results
27085	// were truncated, you can make a subsequent pagination request using the Marker
27086	// request parameter to retrieve more items. Note that IAM might return fewer
27087	// than the MaxItems number of results even when there are more results available.
27088	// We recommend that you check IsTruncated after every call to ensure that you
27089	// receive all your results.
27090	IsTruncated *bool `type:"boolean"`
27091
27092	// When IsTruncated is true, this element is present and contains the value
27093	// to use for the Marker parameter in a subsequent pagination request.
27094	Marker *string `type:"string"`
27095}
27096
27097// String returns the string representation.
27098//
27099// API parameter values that are decorated as "sensitive" in the API will not
27100// be included in the string output. The member name will be present, but the
27101// value will be replaced with "sensitive".
27102func (s ListAccessKeysOutput) String() string {
27103	return awsutil.Prettify(s)
27104}
27105
27106// GoString returns the string representation.
27107//
27108// API parameter values that are decorated as "sensitive" in the API will not
27109// be included in the string output. The member name will be present, but the
27110// value will be replaced with "sensitive".
27111func (s ListAccessKeysOutput) GoString() string {
27112	return s.String()
27113}
27114
27115// SetAccessKeyMetadata sets the AccessKeyMetadata field's value.
27116func (s *ListAccessKeysOutput) SetAccessKeyMetadata(v []*AccessKeyMetadata) *ListAccessKeysOutput {
27117	s.AccessKeyMetadata = v
27118	return s
27119}
27120
27121// SetIsTruncated sets the IsTruncated field's value.
27122func (s *ListAccessKeysOutput) SetIsTruncated(v bool) *ListAccessKeysOutput {
27123	s.IsTruncated = &v
27124	return s
27125}
27126
27127// SetMarker sets the Marker field's value.
27128func (s *ListAccessKeysOutput) SetMarker(v string) *ListAccessKeysOutput {
27129	s.Marker = &v
27130	return s
27131}
27132
27133type ListAccountAliasesInput struct {
27134	_ struct{} `type:"structure"`
27135
27136	// Use this parameter only when paginating results and only after you receive
27137	// a response indicating that the results are truncated. Set it to the value
27138	// of the Marker element in the response that you received to indicate where
27139	// the next call should start.
27140	Marker *string `min:"1" type:"string"`
27141
27142	// Use this only when paginating results to indicate the maximum number of items
27143	// you want in the response. If additional items exist beyond the maximum you
27144	// specify, the IsTruncated response element is true.
27145	//
27146	// If you do not include this parameter, the number of items defaults to 100.
27147	// Note that IAM might return fewer results, even when there are more results
27148	// available. In that case, the IsTruncated response element returns true, and
27149	// Marker contains a value to include in the subsequent call that tells the
27150	// service where to continue from.
27151	MaxItems *int64 `min:"1" type:"integer"`
27152}
27153
27154// String returns the string representation.
27155//
27156// API parameter values that are decorated as "sensitive" in the API will not
27157// be included in the string output. The member name will be present, but the
27158// value will be replaced with "sensitive".
27159func (s ListAccountAliasesInput) String() string {
27160	return awsutil.Prettify(s)
27161}
27162
27163// GoString returns the string representation.
27164//
27165// API parameter values that are decorated as "sensitive" in the API will not
27166// be included in the string output. The member name will be present, but the
27167// value will be replaced with "sensitive".
27168func (s ListAccountAliasesInput) GoString() string {
27169	return s.String()
27170}
27171
27172// Validate inspects the fields of the type to determine if they are valid.
27173func (s *ListAccountAliasesInput) Validate() error {
27174	invalidParams := request.ErrInvalidParams{Context: "ListAccountAliasesInput"}
27175	if s.Marker != nil && len(*s.Marker) < 1 {
27176		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
27177	}
27178	if s.MaxItems != nil && *s.MaxItems < 1 {
27179		invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1))
27180	}
27181
27182	if invalidParams.Len() > 0 {
27183		return invalidParams
27184	}
27185	return nil
27186}
27187
27188// SetMarker sets the Marker field's value.
27189func (s *ListAccountAliasesInput) SetMarker(v string) *ListAccountAliasesInput {
27190	s.Marker = &v
27191	return s
27192}
27193
27194// SetMaxItems sets the MaxItems field's value.
27195func (s *ListAccountAliasesInput) SetMaxItems(v int64) *ListAccountAliasesInput {
27196	s.MaxItems = &v
27197	return s
27198}
27199
27200// Contains the response to a successful ListAccountAliases request.
27201type ListAccountAliasesOutput struct {
27202	_ struct{} `type:"structure"`
27203
27204	// A list of aliases associated with the account. Amazon Web Services supports
27205	// only one alias per account.
27206	//
27207	// AccountAliases is a required field
27208	AccountAliases []*string `type:"list" required:"true"`
27209
27210	// A flag that indicates whether there are more items to return. If your results
27211	// were truncated, you can make a subsequent pagination request using the Marker
27212	// request parameter to retrieve more items. Note that IAM might return fewer
27213	// than the MaxItems number of results even when there are more results available.
27214	// We recommend that you check IsTruncated after every call to ensure that you
27215	// receive all your results.
27216	IsTruncated *bool `type:"boolean"`
27217
27218	// When IsTruncated is true, this element is present and contains the value
27219	// to use for the Marker parameter in a subsequent pagination request.
27220	Marker *string `type:"string"`
27221}
27222
27223// String returns the string representation.
27224//
27225// API parameter values that are decorated as "sensitive" in the API will not
27226// be included in the string output. The member name will be present, but the
27227// value will be replaced with "sensitive".
27228func (s ListAccountAliasesOutput) String() string {
27229	return awsutil.Prettify(s)
27230}
27231
27232// GoString returns the string representation.
27233//
27234// API parameter values that are decorated as "sensitive" in the API will not
27235// be included in the string output. The member name will be present, but the
27236// value will be replaced with "sensitive".
27237func (s ListAccountAliasesOutput) GoString() string {
27238	return s.String()
27239}
27240
27241// SetAccountAliases sets the AccountAliases field's value.
27242func (s *ListAccountAliasesOutput) SetAccountAliases(v []*string) *ListAccountAliasesOutput {
27243	s.AccountAliases = v
27244	return s
27245}
27246
27247// SetIsTruncated sets the IsTruncated field's value.
27248func (s *ListAccountAliasesOutput) SetIsTruncated(v bool) *ListAccountAliasesOutput {
27249	s.IsTruncated = &v
27250	return s
27251}
27252
27253// SetMarker sets the Marker field's value.
27254func (s *ListAccountAliasesOutput) SetMarker(v string) *ListAccountAliasesOutput {
27255	s.Marker = &v
27256	return s
27257}
27258
27259type ListAttachedGroupPoliciesInput struct {
27260	_ struct{} `type:"structure"`
27261
27262	// The name (friendly name, not ARN) of the group to list attached policies
27263	// for.
27264	//
27265	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
27266	// a string of characters consisting of upper and lowercase alphanumeric characters
27267	// with no spaces. You can also include any of the following characters: _+=,.@-
27268	//
27269	// GroupName is a required field
27270	GroupName *string `min:"1" type:"string" required:"true"`
27271
27272	// Use this parameter only when paginating results and only after you receive
27273	// a response indicating that the results are truncated. Set it to the value
27274	// of the Marker element in the response that you received to indicate where
27275	// the next call should start.
27276	Marker *string `min:"1" type:"string"`
27277
27278	// Use this only when paginating results to indicate the maximum number of items
27279	// you want in the response. If additional items exist beyond the maximum you
27280	// specify, the IsTruncated response element is true.
27281	//
27282	// If you do not include this parameter, the number of items defaults to 100.
27283	// Note that IAM might return fewer results, even when there are more results
27284	// available. In that case, the IsTruncated response element returns true, and
27285	// Marker contains a value to include in the subsequent call that tells the
27286	// service where to continue from.
27287	MaxItems *int64 `min:"1" type:"integer"`
27288
27289	// The path prefix for filtering the results. This parameter is optional. If
27290	// it is not included, it defaults to a slash (/), listing all policies.
27291	//
27292	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
27293	// a string of characters consisting of either a forward slash (/) by itself
27294	// or a string that must begin and end with forward slashes. In addition, it
27295	// can contain any ASCII character from the ! (\u0021) through the DEL character
27296	// (\u007F), including most punctuation characters, digits, and upper and lowercased
27297	// letters.
27298	PathPrefix *string `min:"1" type:"string"`
27299}
27300
27301// String returns the string representation.
27302//
27303// API parameter values that are decorated as "sensitive" in the API will not
27304// be included in the string output. The member name will be present, but the
27305// value will be replaced with "sensitive".
27306func (s ListAttachedGroupPoliciesInput) String() string {
27307	return awsutil.Prettify(s)
27308}
27309
27310// GoString returns the string representation.
27311//
27312// API parameter values that are decorated as "sensitive" in the API will not
27313// be included in the string output. The member name will be present, but the
27314// value will be replaced with "sensitive".
27315func (s ListAttachedGroupPoliciesInput) GoString() string {
27316	return s.String()
27317}
27318
27319// Validate inspects the fields of the type to determine if they are valid.
27320func (s *ListAttachedGroupPoliciesInput) Validate() error {
27321	invalidParams := request.ErrInvalidParams{Context: "ListAttachedGroupPoliciesInput"}
27322	if s.GroupName == nil {
27323		invalidParams.Add(request.NewErrParamRequired("GroupName"))
27324	}
27325	if s.GroupName != nil && len(*s.GroupName) < 1 {
27326		invalidParams.Add(request.NewErrParamMinLen("GroupName", 1))
27327	}
27328	if s.Marker != nil && len(*s.Marker) < 1 {
27329		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
27330	}
27331	if s.MaxItems != nil && *s.MaxItems < 1 {
27332		invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1))
27333	}
27334	if s.PathPrefix != nil && len(*s.PathPrefix) < 1 {
27335		invalidParams.Add(request.NewErrParamMinLen("PathPrefix", 1))
27336	}
27337
27338	if invalidParams.Len() > 0 {
27339		return invalidParams
27340	}
27341	return nil
27342}
27343
27344// SetGroupName sets the GroupName field's value.
27345func (s *ListAttachedGroupPoliciesInput) SetGroupName(v string) *ListAttachedGroupPoliciesInput {
27346	s.GroupName = &v
27347	return s
27348}
27349
27350// SetMarker sets the Marker field's value.
27351func (s *ListAttachedGroupPoliciesInput) SetMarker(v string) *ListAttachedGroupPoliciesInput {
27352	s.Marker = &v
27353	return s
27354}
27355
27356// SetMaxItems sets the MaxItems field's value.
27357func (s *ListAttachedGroupPoliciesInput) SetMaxItems(v int64) *ListAttachedGroupPoliciesInput {
27358	s.MaxItems = &v
27359	return s
27360}
27361
27362// SetPathPrefix sets the PathPrefix field's value.
27363func (s *ListAttachedGroupPoliciesInput) SetPathPrefix(v string) *ListAttachedGroupPoliciesInput {
27364	s.PathPrefix = &v
27365	return s
27366}
27367
27368// Contains the response to a successful ListAttachedGroupPolicies request.
27369type ListAttachedGroupPoliciesOutput struct {
27370	_ struct{} `type:"structure"`
27371
27372	// A list of the attached policies.
27373	AttachedPolicies []*AttachedPolicy `type:"list"`
27374
27375	// A flag that indicates whether there are more items to return. If your results
27376	// were truncated, you can make a subsequent pagination request using the Marker
27377	// request parameter to retrieve more items. Note that IAM might return fewer
27378	// than the MaxItems number of results even when there are more results available.
27379	// We recommend that you check IsTruncated after every call to ensure that you
27380	// receive all your results.
27381	IsTruncated *bool `type:"boolean"`
27382
27383	// When IsTruncated is true, this element is present and contains the value
27384	// to use for the Marker parameter in a subsequent pagination request.
27385	Marker *string `type:"string"`
27386}
27387
27388// String returns the string representation.
27389//
27390// API parameter values that are decorated as "sensitive" in the API will not
27391// be included in the string output. The member name will be present, but the
27392// value will be replaced with "sensitive".
27393func (s ListAttachedGroupPoliciesOutput) String() string {
27394	return awsutil.Prettify(s)
27395}
27396
27397// GoString returns the string representation.
27398//
27399// API parameter values that are decorated as "sensitive" in the API will not
27400// be included in the string output. The member name will be present, but the
27401// value will be replaced with "sensitive".
27402func (s ListAttachedGroupPoliciesOutput) GoString() string {
27403	return s.String()
27404}
27405
27406// SetAttachedPolicies sets the AttachedPolicies field's value.
27407func (s *ListAttachedGroupPoliciesOutput) SetAttachedPolicies(v []*AttachedPolicy) *ListAttachedGroupPoliciesOutput {
27408	s.AttachedPolicies = v
27409	return s
27410}
27411
27412// SetIsTruncated sets the IsTruncated field's value.
27413func (s *ListAttachedGroupPoliciesOutput) SetIsTruncated(v bool) *ListAttachedGroupPoliciesOutput {
27414	s.IsTruncated = &v
27415	return s
27416}
27417
27418// SetMarker sets the Marker field's value.
27419func (s *ListAttachedGroupPoliciesOutput) SetMarker(v string) *ListAttachedGroupPoliciesOutput {
27420	s.Marker = &v
27421	return s
27422}
27423
27424type ListAttachedRolePoliciesInput struct {
27425	_ struct{} `type:"structure"`
27426
27427	// Use this parameter only when paginating results and only after you receive
27428	// a response indicating that the results are truncated. Set it to the value
27429	// of the Marker element in the response that you received to indicate where
27430	// the next call should start.
27431	Marker *string `min:"1" type:"string"`
27432
27433	// Use this only when paginating results to indicate the maximum number of items
27434	// you want in the response. If additional items exist beyond the maximum you
27435	// specify, the IsTruncated response element is true.
27436	//
27437	// If you do not include this parameter, the number of items defaults to 100.
27438	// Note that IAM might return fewer results, even when there are more results
27439	// available. In that case, the IsTruncated response element returns true, and
27440	// Marker contains a value to include in the subsequent call that tells the
27441	// service where to continue from.
27442	MaxItems *int64 `min:"1" type:"integer"`
27443
27444	// The path prefix for filtering the results. This parameter is optional. If
27445	// it is not included, it defaults to a slash (/), listing all policies.
27446	//
27447	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
27448	// a string of characters consisting of either a forward slash (/) by itself
27449	// or a string that must begin and end with forward slashes. In addition, it
27450	// can contain any ASCII character from the ! (\u0021) through the DEL character
27451	// (\u007F), including most punctuation characters, digits, and upper and lowercased
27452	// letters.
27453	PathPrefix *string `min:"1" type:"string"`
27454
27455	// The name (friendly name, not ARN) of the role to list attached policies for.
27456	//
27457	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
27458	// a string of characters consisting of upper and lowercase alphanumeric characters
27459	// with no spaces. You can also include any of the following characters: _+=,.@-
27460	//
27461	// RoleName is a required field
27462	RoleName *string `min:"1" type:"string" required:"true"`
27463}
27464
27465// String returns the string representation.
27466//
27467// API parameter values that are decorated as "sensitive" in the API will not
27468// be included in the string output. The member name will be present, but the
27469// value will be replaced with "sensitive".
27470func (s ListAttachedRolePoliciesInput) String() string {
27471	return awsutil.Prettify(s)
27472}
27473
27474// GoString returns the string representation.
27475//
27476// API parameter values that are decorated as "sensitive" in the API will not
27477// be included in the string output. The member name will be present, but the
27478// value will be replaced with "sensitive".
27479func (s ListAttachedRolePoliciesInput) GoString() string {
27480	return s.String()
27481}
27482
27483// Validate inspects the fields of the type to determine if they are valid.
27484func (s *ListAttachedRolePoliciesInput) Validate() error {
27485	invalidParams := request.ErrInvalidParams{Context: "ListAttachedRolePoliciesInput"}
27486	if s.Marker != nil && len(*s.Marker) < 1 {
27487		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
27488	}
27489	if s.MaxItems != nil && *s.MaxItems < 1 {
27490		invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1))
27491	}
27492	if s.PathPrefix != nil && len(*s.PathPrefix) < 1 {
27493		invalidParams.Add(request.NewErrParamMinLen("PathPrefix", 1))
27494	}
27495	if s.RoleName == nil {
27496		invalidParams.Add(request.NewErrParamRequired("RoleName"))
27497	}
27498	if s.RoleName != nil && len(*s.RoleName) < 1 {
27499		invalidParams.Add(request.NewErrParamMinLen("RoleName", 1))
27500	}
27501
27502	if invalidParams.Len() > 0 {
27503		return invalidParams
27504	}
27505	return nil
27506}
27507
27508// SetMarker sets the Marker field's value.
27509func (s *ListAttachedRolePoliciesInput) SetMarker(v string) *ListAttachedRolePoliciesInput {
27510	s.Marker = &v
27511	return s
27512}
27513
27514// SetMaxItems sets the MaxItems field's value.
27515func (s *ListAttachedRolePoliciesInput) SetMaxItems(v int64) *ListAttachedRolePoliciesInput {
27516	s.MaxItems = &v
27517	return s
27518}
27519
27520// SetPathPrefix sets the PathPrefix field's value.
27521func (s *ListAttachedRolePoliciesInput) SetPathPrefix(v string) *ListAttachedRolePoliciesInput {
27522	s.PathPrefix = &v
27523	return s
27524}
27525
27526// SetRoleName sets the RoleName field's value.
27527func (s *ListAttachedRolePoliciesInput) SetRoleName(v string) *ListAttachedRolePoliciesInput {
27528	s.RoleName = &v
27529	return s
27530}
27531
27532// Contains the response to a successful ListAttachedRolePolicies request.
27533type ListAttachedRolePoliciesOutput struct {
27534	_ struct{} `type:"structure"`
27535
27536	// A list of the attached policies.
27537	AttachedPolicies []*AttachedPolicy `type:"list"`
27538
27539	// A flag that indicates whether there are more items to return. If your results
27540	// were truncated, you can make a subsequent pagination request using the Marker
27541	// request parameter to retrieve more items. Note that IAM might return fewer
27542	// than the MaxItems number of results even when there are more results available.
27543	// We recommend that you check IsTruncated after every call to ensure that you
27544	// receive all your results.
27545	IsTruncated *bool `type:"boolean"`
27546
27547	// When IsTruncated is true, this element is present and contains the value
27548	// to use for the Marker parameter in a subsequent pagination request.
27549	Marker *string `type:"string"`
27550}
27551
27552// String returns the string representation.
27553//
27554// API parameter values that are decorated as "sensitive" in the API will not
27555// be included in the string output. The member name will be present, but the
27556// value will be replaced with "sensitive".
27557func (s ListAttachedRolePoliciesOutput) String() string {
27558	return awsutil.Prettify(s)
27559}
27560
27561// GoString returns the string representation.
27562//
27563// API parameter values that are decorated as "sensitive" in the API will not
27564// be included in the string output. The member name will be present, but the
27565// value will be replaced with "sensitive".
27566func (s ListAttachedRolePoliciesOutput) GoString() string {
27567	return s.String()
27568}
27569
27570// SetAttachedPolicies sets the AttachedPolicies field's value.
27571func (s *ListAttachedRolePoliciesOutput) SetAttachedPolicies(v []*AttachedPolicy) *ListAttachedRolePoliciesOutput {
27572	s.AttachedPolicies = v
27573	return s
27574}
27575
27576// SetIsTruncated sets the IsTruncated field's value.
27577func (s *ListAttachedRolePoliciesOutput) SetIsTruncated(v bool) *ListAttachedRolePoliciesOutput {
27578	s.IsTruncated = &v
27579	return s
27580}
27581
27582// SetMarker sets the Marker field's value.
27583func (s *ListAttachedRolePoliciesOutput) SetMarker(v string) *ListAttachedRolePoliciesOutput {
27584	s.Marker = &v
27585	return s
27586}
27587
27588type ListAttachedUserPoliciesInput struct {
27589	_ struct{} `type:"structure"`
27590
27591	// Use this parameter only when paginating results and only after you receive
27592	// a response indicating that the results are truncated. Set it to the value
27593	// of the Marker element in the response that you received to indicate where
27594	// the next call should start.
27595	Marker *string `min:"1" type:"string"`
27596
27597	// Use this only when paginating results to indicate the maximum number of items
27598	// you want in the response. If additional items exist beyond the maximum you
27599	// specify, the IsTruncated response element is true.
27600	//
27601	// If you do not include this parameter, the number of items defaults to 100.
27602	// Note that IAM might return fewer results, even when there are more results
27603	// available. In that case, the IsTruncated response element returns true, and
27604	// Marker contains a value to include in the subsequent call that tells the
27605	// service where to continue from.
27606	MaxItems *int64 `min:"1" type:"integer"`
27607
27608	// The path prefix for filtering the results. This parameter is optional. If
27609	// it is not included, it defaults to a slash (/), listing all policies.
27610	//
27611	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
27612	// a string of characters consisting of either a forward slash (/) by itself
27613	// or a string that must begin and end with forward slashes. In addition, it
27614	// can contain any ASCII character from the ! (\u0021) through the DEL character
27615	// (\u007F), including most punctuation characters, digits, and upper and lowercased
27616	// letters.
27617	PathPrefix *string `min:"1" type:"string"`
27618
27619	// The name (friendly name, not ARN) of the user to list attached policies for.
27620	//
27621	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
27622	// a string of characters consisting of upper and lowercase alphanumeric characters
27623	// with no spaces. You can also include any of the following characters: _+=,.@-
27624	//
27625	// UserName is a required field
27626	UserName *string `min:"1" type:"string" required:"true"`
27627}
27628
27629// String returns the string representation.
27630//
27631// API parameter values that are decorated as "sensitive" in the API will not
27632// be included in the string output. The member name will be present, but the
27633// value will be replaced with "sensitive".
27634func (s ListAttachedUserPoliciesInput) String() string {
27635	return awsutil.Prettify(s)
27636}
27637
27638// GoString returns the string representation.
27639//
27640// API parameter values that are decorated as "sensitive" in the API will not
27641// be included in the string output. The member name will be present, but the
27642// value will be replaced with "sensitive".
27643func (s ListAttachedUserPoliciesInput) GoString() string {
27644	return s.String()
27645}
27646
27647// Validate inspects the fields of the type to determine if they are valid.
27648func (s *ListAttachedUserPoliciesInput) Validate() error {
27649	invalidParams := request.ErrInvalidParams{Context: "ListAttachedUserPoliciesInput"}
27650	if s.Marker != nil && len(*s.Marker) < 1 {
27651		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
27652	}
27653	if s.MaxItems != nil && *s.MaxItems < 1 {
27654		invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1))
27655	}
27656	if s.PathPrefix != nil && len(*s.PathPrefix) < 1 {
27657		invalidParams.Add(request.NewErrParamMinLen("PathPrefix", 1))
27658	}
27659	if s.UserName == nil {
27660		invalidParams.Add(request.NewErrParamRequired("UserName"))
27661	}
27662	if s.UserName != nil && len(*s.UserName) < 1 {
27663		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
27664	}
27665
27666	if invalidParams.Len() > 0 {
27667		return invalidParams
27668	}
27669	return nil
27670}
27671
27672// SetMarker sets the Marker field's value.
27673func (s *ListAttachedUserPoliciesInput) SetMarker(v string) *ListAttachedUserPoliciesInput {
27674	s.Marker = &v
27675	return s
27676}
27677
27678// SetMaxItems sets the MaxItems field's value.
27679func (s *ListAttachedUserPoliciesInput) SetMaxItems(v int64) *ListAttachedUserPoliciesInput {
27680	s.MaxItems = &v
27681	return s
27682}
27683
27684// SetPathPrefix sets the PathPrefix field's value.
27685func (s *ListAttachedUserPoliciesInput) SetPathPrefix(v string) *ListAttachedUserPoliciesInput {
27686	s.PathPrefix = &v
27687	return s
27688}
27689
27690// SetUserName sets the UserName field's value.
27691func (s *ListAttachedUserPoliciesInput) SetUserName(v string) *ListAttachedUserPoliciesInput {
27692	s.UserName = &v
27693	return s
27694}
27695
27696// Contains the response to a successful ListAttachedUserPolicies request.
27697type ListAttachedUserPoliciesOutput struct {
27698	_ struct{} `type:"structure"`
27699
27700	// A list of the attached policies.
27701	AttachedPolicies []*AttachedPolicy `type:"list"`
27702
27703	// A flag that indicates whether there are more items to return. If your results
27704	// were truncated, you can make a subsequent pagination request using the Marker
27705	// request parameter to retrieve more items. Note that IAM might return fewer
27706	// than the MaxItems number of results even when there are more results available.
27707	// We recommend that you check IsTruncated after every call to ensure that you
27708	// receive all your results.
27709	IsTruncated *bool `type:"boolean"`
27710
27711	// When IsTruncated is true, this element is present and contains the value
27712	// to use for the Marker parameter in a subsequent pagination request.
27713	Marker *string `type:"string"`
27714}
27715
27716// String returns the string representation.
27717//
27718// API parameter values that are decorated as "sensitive" in the API will not
27719// be included in the string output. The member name will be present, but the
27720// value will be replaced with "sensitive".
27721func (s ListAttachedUserPoliciesOutput) String() string {
27722	return awsutil.Prettify(s)
27723}
27724
27725// GoString returns the string representation.
27726//
27727// API parameter values that are decorated as "sensitive" in the API will not
27728// be included in the string output. The member name will be present, but the
27729// value will be replaced with "sensitive".
27730func (s ListAttachedUserPoliciesOutput) GoString() string {
27731	return s.String()
27732}
27733
27734// SetAttachedPolicies sets the AttachedPolicies field's value.
27735func (s *ListAttachedUserPoliciesOutput) SetAttachedPolicies(v []*AttachedPolicy) *ListAttachedUserPoliciesOutput {
27736	s.AttachedPolicies = v
27737	return s
27738}
27739
27740// SetIsTruncated sets the IsTruncated field's value.
27741func (s *ListAttachedUserPoliciesOutput) SetIsTruncated(v bool) *ListAttachedUserPoliciesOutput {
27742	s.IsTruncated = &v
27743	return s
27744}
27745
27746// SetMarker sets the Marker field's value.
27747func (s *ListAttachedUserPoliciesOutput) SetMarker(v string) *ListAttachedUserPoliciesOutput {
27748	s.Marker = &v
27749	return s
27750}
27751
27752type ListEntitiesForPolicyInput struct {
27753	_ struct{} `type:"structure"`
27754
27755	// The entity type to use for filtering the results.
27756	//
27757	// For example, when EntityFilter is Role, only the roles that are attached
27758	// to the specified policy are returned. This parameter is optional. If it is
27759	// not included, all attached entities (users, groups, and roles) are returned.
27760	// The argument for this parameter must be one of the valid values listed below.
27761	EntityFilter *string `type:"string" enum:"EntityType"`
27762
27763	// Use this parameter only when paginating results and only after you receive
27764	// a response indicating that the results are truncated. Set it to the value
27765	// of the Marker element in the response that you received to indicate where
27766	// the next call should start.
27767	Marker *string `min:"1" type:"string"`
27768
27769	// Use this only when paginating results to indicate the maximum number of items
27770	// you want in the response. If additional items exist beyond the maximum you
27771	// specify, the IsTruncated response element is true.
27772	//
27773	// If you do not include this parameter, the number of items defaults to 100.
27774	// Note that IAM might return fewer results, even when there are more results
27775	// available. In that case, the IsTruncated response element returns true, and
27776	// Marker contains a value to include in the subsequent call that tells the
27777	// service where to continue from.
27778	MaxItems *int64 `min:"1" type:"integer"`
27779
27780	// The path prefix for filtering the results. This parameter is optional. If
27781	// it is not included, it defaults to a slash (/), listing all entities.
27782	//
27783	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
27784	// a string of characters consisting of either a forward slash (/) by itself
27785	// or a string that must begin and end with forward slashes. In addition, it
27786	// can contain any ASCII character from the ! (\u0021) through the DEL character
27787	// (\u007F), including most punctuation characters, digits, and upper and lowercased
27788	// letters.
27789	PathPrefix *string `min:"1" type:"string"`
27790
27791	// The Amazon Resource Name (ARN) of the IAM policy for which you want the versions.
27792	//
27793	// For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
27794	// in the Amazon Web Services General Reference.
27795	//
27796	// PolicyArn is a required field
27797	PolicyArn *string `min:"20" type:"string" required:"true"`
27798
27799	// The policy usage method to use for filtering the results.
27800	//
27801	// To list only permissions policies, set PolicyUsageFilter to PermissionsPolicy.
27802	// To list only the policies used to set permissions boundaries, set the value
27803	// to PermissionsBoundary.
27804	//
27805	// This parameter is optional. If it is not included, all policies are returned.
27806	PolicyUsageFilter *string `type:"string" enum:"PolicyUsageType"`
27807}
27808
27809// String returns the string representation.
27810//
27811// API parameter values that are decorated as "sensitive" in the API will not
27812// be included in the string output. The member name will be present, but the
27813// value will be replaced with "sensitive".
27814func (s ListEntitiesForPolicyInput) String() string {
27815	return awsutil.Prettify(s)
27816}
27817
27818// GoString returns the string representation.
27819//
27820// API parameter values that are decorated as "sensitive" in the API will not
27821// be included in the string output. The member name will be present, but the
27822// value will be replaced with "sensitive".
27823func (s ListEntitiesForPolicyInput) GoString() string {
27824	return s.String()
27825}
27826
27827// Validate inspects the fields of the type to determine if they are valid.
27828func (s *ListEntitiesForPolicyInput) Validate() error {
27829	invalidParams := request.ErrInvalidParams{Context: "ListEntitiesForPolicyInput"}
27830	if s.Marker != nil && len(*s.Marker) < 1 {
27831		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
27832	}
27833	if s.MaxItems != nil && *s.MaxItems < 1 {
27834		invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1))
27835	}
27836	if s.PathPrefix != nil && len(*s.PathPrefix) < 1 {
27837		invalidParams.Add(request.NewErrParamMinLen("PathPrefix", 1))
27838	}
27839	if s.PolicyArn == nil {
27840		invalidParams.Add(request.NewErrParamRequired("PolicyArn"))
27841	}
27842	if s.PolicyArn != nil && len(*s.PolicyArn) < 20 {
27843		invalidParams.Add(request.NewErrParamMinLen("PolicyArn", 20))
27844	}
27845
27846	if invalidParams.Len() > 0 {
27847		return invalidParams
27848	}
27849	return nil
27850}
27851
27852// SetEntityFilter sets the EntityFilter field's value.
27853func (s *ListEntitiesForPolicyInput) SetEntityFilter(v string) *ListEntitiesForPolicyInput {
27854	s.EntityFilter = &v
27855	return s
27856}
27857
27858// SetMarker sets the Marker field's value.
27859func (s *ListEntitiesForPolicyInput) SetMarker(v string) *ListEntitiesForPolicyInput {
27860	s.Marker = &v
27861	return s
27862}
27863
27864// SetMaxItems sets the MaxItems field's value.
27865func (s *ListEntitiesForPolicyInput) SetMaxItems(v int64) *ListEntitiesForPolicyInput {
27866	s.MaxItems = &v
27867	return s
27868}
27869
27870// SetPathPrefix sets the PathPrefix field's value.
27871func (s *ListEntitiesForPolicyInput) SetPathPrefix(v string) *ListEntitiesForPolicyInput {
27872	s.PathPrefix = &v
27873	return s
27874}
27875
27876// SetPolicyArn sets the PolicyArn field's value.
27877func (s *ListEntitiesForPolicyInput) SetPolicyArn(v string) *ListEntitiesForPolicyInput {
27878	s.PolicyArn = &v
27879	return s
27880}
27881
27882// SetPolicyUsageFilter sets the PolicyUsageFilter field's value.
27883func (s *ListEntitiesForPolicyInput) SetPolicyUsageFilter(v string) *ListEntitiesForPolicyInput {
27884	s.PolicyUsageFilter = &v
27885	return s
27886}
27887
27888// Contains the response to a successful ListEntitiesForPolicy request.
27889type ListEntitiesForPolicyOutput struct {
27890	_ struct{} `type:"structure"`
27891
27892	// A flag that indicates whether there are more items to return. If your results
27893	// were truncated, you can make a subsequent pagination request using the Marker
27894	// request parameter to retrieve more items. Note that IAM might return fewer
27895	// than the MaxItems number of results even when there are more results available.
27896	// We recommend that you check IsTruncated after every call to ensure that you
27897	// receive all your results.
27898	IsTruncated *bool `type:"boolean"`
27899
27900	// When IsTruncated is true, this element is present and contains the value
27901	// to use for the Marker parameter in a subsequent pagination request.
27902	Marker *string `type:"string"`
27903
27904	// A list of IAM groups that the policy is attached to.
27905	PolicyGroups []*PolicyGroup `type:"list"`
27906
27907	// A list of IAM roles that the policy is attached to.
27908	PolicyRoles []*PolicyRole `type:"list"`
27909
27910	// A list of IAM users that the policy is attached to.
27911	PolicyUsers []*PolicyUser `type:"list"`
27912}
27913
27914// String returns the string representation.
27915//
27916// API parameter values that are decorated as "sensitive" in the API will not
27917// be included in the string output. The member name will be present, but the
27918// value will be replaced with "sensitive".
27919func (s ListEntitiesForPolicyOutput) String() string {
27920	return awsutil.Prettify(s)
27921}
27922
27923// GoString returns the string representation.
27924//
27925// API parameter values that are decorated as "sensitive" in the API will not
27926// be included in the string output. The member name will be present, but the
27927// value will be replaced with "sensitive".
27928func (s ListEntitiesForPolicyOutput) GoString() string {
27929	return s.String()
27930}
27931
27932// SetIsTruncated sets the IsTruncated field's value.
27933func (s *ListEntitiesForPolicyOutput) SetIsTruncated(v bool) *ListEntitiesForPolicyOutput {
27934	s.IsTruncated = &v
27935	return s
27936}
27937
27938// SetMarker sets the Marker field's value.
27939func (s *ListEntitiesForPolicyOutput) SetMarker(v string) *ListEntitiesForPolicyOutput {
27940	s.Marker = &v
27941	return s
27942}
27943
27944// SetPolicyGroups sets the PolicyGroups field's value.
27945func (s *ListEntitiesForPolicyOutput) SetPolicyGroups(v []*PolicyGroup) *ListEntitiesForPolicyOutput {
27946	s.PolicyGroups = v
27947	return s
27948}
27949
27950// SetPolicyRoles sets the PolicyRoles field's value.
27951func (s *ListEntitiesForPolicyOutput) SetPolicyRoles(v []*PolicyRole) *ListEntitiesForPolicyOutput {
27952	s.PolicyRoles = v
27953	return s
27954}
27955
27956// SetPolicyUsers sets the PolicyUsers field's value.
27957func (s *ListEntitiesForPolicyOutput) SetPolicyUsers(v []*PolicyUser) *ListEntitiesForPolicyOutput {
27958	s.PolicyUsers = v
27959	return s
27960}
27961
27962type ListGroupPoliciesInput struct {
27963	_ struct{} `type:"structure"`
27964
27965	// The name of the group to list policies for.
27966	//
27967	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
27968	// a string of characters consisting of upper and lowercase alphanumeric characters
27969	// with no spaces. You can also include any of the following characters: _+=,.@-
27970	//
27971	// GroupName is a required field
27972	GroupName *string `min:"1" type:"string" required:"true"`
27973
27974	// Use this parameter only when paginating results and only after you receive
27975	// a response indicating that the results are truncated. Set it to the value
27976	// of the Marker element in the response that you received to indicate where
27977	// the next call should start.
27978	Marker *string `min:"1" type:"string"`
27979
27980	// Use this only when paginating results to indicate the maximum number of items
27981	// you want in the response. If additional items exist beyond the maximum you
27982	// specify, the IsTruncated response element is true.
27983	//
27984	// If you do not include this parameter, the number of items defaults to 100.
27985	// Note that IAM might return fewer results, even when there are more results
27986	// available. In that case, the IsTruncated response element returns true, and
27987	// Marker contains a value to include in the subsequent call that tells the
27988	// service where to continue from.
27989	MaxItems *int64 `min:"1" type:"integer"`
27990}
27991
27992// String returns the string representation.
27993//
27994// API parameter values that are decorated as "sensitive" in the API will not
27995// be included in the string output. The member name will be present, but the
27996// value will be replaced with "sensitive".
27997func (s ListGroupPoliciesInput) String() string {
27998	return awsutil.Prettify(s)
27999}
28000
28001// GoString returns the string representation.
28002//
28003// API parameter values that are decorated as "sensitive" in the API will not
28004// be included in the string output. The member name will be present, but the
28005// value will be replaced with "sensitive".
28006func (s ListGroupPoliciesInput) GoString() string {
28007	return s.String()
28008}
28009
28010// Validate inspects the fields of the type to determine if they are valid.
28011func (s *ListGroupPoliciesInput) Validate() error {
28012	invalidParams := request.ErrInvalidParams{Context: "ListGroupPoliciesInput"}
28013	if s.GroupName == nil {
28014		invalidParams.Add(request.NewErrParamRequired("GroupName"))
28015	}
28016	if s.GroupName != nil && len(*s.GroupName) < 1 {
28017		invalidParams.Add(request.NewErrParamMinLen("GroupName", 1))
28018	}
28019	if s.Marker != nil && len(*s.Marker) < 1 {
28020		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
28021	}
28022	if s.MaxItems != nil && *s.MaxItems < 1 {
28023		invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1))
28024	}
28025
28026	if invalidParams.Len() > 0 {
28027		return invalidParams
28028	}
28029	return nil
28030}
28031
28032// SetGroupName sets the GroupName field's value.
28033func (s *ListGroupPoliciesInput) SetGroupName(v string) *ListGroupPoliciesInput {
28034	s.GroupName = &v
28035	return s
28036}
28037
28038// SetMarker sets the Marker field's value.
28039func (s *ListGroupPoliciesInput) SetMarker(v string) *ListGroupPoliciesInput {
28040	s.Marker = &v
28041	return s
28042}
28043
28044// SetMaxItems sets the MaxItems field's value.
28045func (s *ListGroupPoliciesInput) SetMaxItems(v int64) *ListGroupPoliciesInput {
28046	s.MaxItems = &v
28047	return s
28048}
28049
28050// Contains the response to a successful ListGroupPolicies request.
28051type ListGroupPoliciesOutput struct {
28052	_ struct{} `type:"structure"`
28053
28054	// A flag that indicates whether there are more items to return. If your results
28055	// were truncated, you can make a subsequent pagination request using the Marker
28056	// request parameter to retrieve more items. Note that IAM might return fewer
28057	// than the MaxItems number of results even when there are more results available.
28058	// We recommend that you check IsTruncated after every call to ensure that you
28059	// receive all your results.
28060	IsTruncated *bool `type:"boolean"`
28061
28062	// When IsTruncated is true, this element is present and contains the value
28063	// to use for the Marker parameter in a subsequent pagination request.
28064	Marker *string `type:"string"`
28065
28066	// A list of policy names.
28067	//
28068	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
28069	// a string of characters consisting of upper and lowercase alphanumeric characters
28070	// with no spaces. You can also include any of the following characters: _+=,.@-
28071	//
28072	// PolicyNames is a required field
28073	PolicyNames []*string `type:"list" required:"true"`
28074}
28075
28076// String returns the string representation.
28077//
28078// API parameter values that are decorated as "sensitive" in the API will not
28079// be included in the string output. The member name will be present, but the
28080// value will be replaced with "sensitive".
28081func (s ListGroupPoliciesOutput) String() string {
28082	return awsutil.Prettify(s)
28083}
28084
28085// GoString returns the string representation.
28086//
28087// API parameter values that are decorated as "sensitive" in the API will not
28088// be included in the string output. The member name will be present, but the
28089// value will be replaced with "sensitive".
28090func (s ListGroupPoliciesOutput) GoString() string {
28091	return s.String()
28092}
28093
28094// SetIsTruncated sets the IsTruncated field's value.
28095func (s *ListGroupPoliciesOutput) SetIsTruncated(v bool) *ListGroupPoliciesOutput {
28096	s.IsTruncated = &v
28097	return s
28098}
28099
28100// SetMarker sets the Marker field's value.
28101func (s *ListGroupPoliciesOutput) SetMarker(v string) *ListGroupPoliciesOutput {
28102	s.Marker = &v
28103	return s
28104}
28105
28106// SetPolicyNames sets the PolicyNames field's value.
28107func (s *ListGroupPoliciesOutput) SetPolicyNames(v []*string) *ListGroupPoliciesOutput {
28108	s.PolicyNames = v
28109	return s
28110}
28111
28112type ListGroupsForUserInput struct {
28113	_ struct{} `type:"structure"`
28114
28115	// Use this parameter only when paginating results and only after you receive
28116	// a response indicating that the results are truncated. Set it to the value
28117	// of the Marker element in the response that you received to indicate where
28118	// the next call should start.
28119	Marker *string `min:"1" type:"string"`
28120
28121	// Use this only when paginating results to indicate the maximum number of items
28122	// you want in the response. If additional items exist beyond the maximum you
28123	// specify, the IsTruncated response element is true.
28124	//
28125	// If you do not include this parameter, the number of items defaults to 100.
28126	// Note that IAM might return fewer results, even when there are more results
28127	// available. In that case, the IsTruncated response element returns true, and
28128	// Marker contains a value to include in the subsequent call that tells the
28129	// service where to continue from.
28130	MaxItems *int64 `min:"1" type:"integer"`
28131
28132	// The name of the user to list groups for.
28133	//
28134	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
28135	// a string of characters consisting of upper and lowercase alphanumeric characters
28136	// with no spaces. You can also include any of the following characters: _+=,.@-
28137	//
28138	// UserName is a required field
28139	UserName *string `min:"1" type:"string" required:"true"`
28140}
28141
28142// String returns the string representation.
28143//
28144// API parameter values that are decorated as "sensitive" in the API will not
28145// be included in the string output. The member name will be present, but the
28146// value will be replaced with "sensitive".
28147func (s ListGroupsForUserInput) String() string {
28148	return awsutil.Prettify(s)
28149}
28150
28151// GoString returns the string representation.
28152//
28153// API parameter values that are decorated as "sensitive" in the API will not
28154// be included in the string output. The member name will be present, but the
28155// value will be replaced with "sensitive".
28156func (s ListGroupsForUserInput) GoString() string {
28157	return s.String()
28158}
28159
28160// Validate inspects the fields of the type to determine if they are valid.
28161func (s *ListGroupsForUserInput) Validate() error {
28162	invalidParams := request.ErrInvalidParams{Context: "ListGroupsForUserInput"}
28163	if s.Marker != nil && len(*s.Marker) < 1 {
28164		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
28165	}
28166	if s.MaxItems != nil && *s.MaxItems < 1 {
28167		invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1))
28168	}
28169	if s.UserName == nil {
28170		invalidParams.Add(request.NewErrParamRequired("UserName"))
28171	}
28172	if s.UserName != nil && len(*s.UserName) < 1 {
28173		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
28174	}
28175
28176	if invalidParams.Len() > 0 {
28177		return invalidParams
28178	}
28179	return nil
28180}
28181
28182// SetMarker sets the Marker field's value.
28183func (s *ListGroupsForUserInput) SetMarker(v string) *ListGroupsForUserInput {
28184	s.Marker = &v
28185	return s
28186}
28187
28188// SetMaxItems sets the MaxItems field's value.
28189func (s *ListGroupsForUserInput) SetMaxItems(v int64) *ListGroupsForUserInput {
28190	s.MaxItems = &v
28191	return s
28192}
28193
28194// SetUserName sets the UserName field's value.
28195func (s *ListGroupsForUserInput) SetUserName(v string) *ListGroupsForUserInput {
28196	s.UserName = &v
28197	return s
28198}
28199
28200// Contains the response to a successful ListGroupsForUser request.
28201type ListGroupsForUserOutput struct {
28202	_ struct{} `type:"structure"`
28203
28204	// A list of groups.
28205	//
28206	// Groups is a required field
28207	Groups []*Group `type:"list" required:"true"`
28208
28209	// A flag that indicates whether there are more items to return. If your results
28210	// were truncated, you can make a subsequent pagination request using the Marker
28211	// request parameter to retrieve more items. Note that IAM might return fewer
28212	// than the MaxItems number of results even when there are more results available.
28213	// We recommend that you check IsTruncated after every call to ensure that you
28214	// receive all your results.
28215	IsTruncated *bool `type:"boolean"`
28216
28217	// When IsTruncated is true, this element is present and contains the value
28218	// to use for the Marker parameter in a subsequent pagination request.
28219	Marker *string `type:"string"`
28220}
28221
28222// String returns the string representation.
28223//
28224// API parameter values that are decorated as "sensitive" in the API will not
28225// be included in the string output. The member name will be present, but the
28226// value will be replaced with "sensitive".
28227func (s ListGroupsForUserOutput) String() string {
28228	return awsutil.Prettify(s)
28229}
28230
28231// GoString returns the string representation.
28232//
28233// API parameter values that are decorated as "sensitive" in the API will not
28234// be included in the string output. The member name will be present, but the
28235// value will be replaced with "sensitive".
28236func (s ListGroupsForUserOutput) GoString() string {
28237	return s.String()
28238}
28239
28240// SetGroups sets the Groups field's value.
28241func (s *ListGroupsForUserOutput) SetGroups(v []*Group) *ListGroupsForUserOutput {
28242	s.Groups = v
28243	return s
28244}
28245
28246// SetIsTruncated sets the IsTruncated field's value.
28247func (s *ListGroupsForUserOutput) SetIsTruncated(v bool) *ListGroupsForUserOutput {
28248	s.IsTruncated = &v
28249	return s
28250}
28251
28252// SetMarker sets the Marker field's value.
28253func (s *ListGroupsForUserOutput) SetMarker(v string) *ListGroupsForUserOutput {
28254	s.Marker = &v
28255	return s
28256}
28257
28258type ListGroupsInput struct {
28259	_ struct{} `type:"structure"`
28260
28261	// Use this parameter only when paginating results and only after you receive
28262	// a response indicating that the results are truncated. Set it to the value
28263	// of the Marker element in the response that you received to indicate where
28264	// the next call should start.
28265	Marker *string `min:"1" type:"string"`
28266
28267	// Use this only when paginating results to indicate the maximum number of items
28268	// you want in the response. If additional items exist beyond the maximum you
28269	// specify, the IsTruncated response element is true.
28270	//
28271	// If you do not include this parameter, the number of items defaults to 100.
28272	// Note that IAM might return fewer results, even when there are more results
28273	// available. In that case, the IsTruncated response element returns true, and
28274	// Marker contains a value to include in the subsequent call that tells the
28275	// service where to continue from.
28276	MaxItems *int64 `min:"1" type:"integer"`
28277
28278	// The path prefix for filtering the results. For example, the prefix /division_abc/subdivision_xyz/
28279	// gets all groups whose path starts with /division_abc/subdivision_xyz/.
28280	//
28281	// This parameter is optional. If it is not included, it defaults to a slash
28282	// (/), listing all groups. This parameter allows (through its regex pattern
28283	// (http://wikipedia.org/wiki/regex)) a string of characters consisting of either
28284	// a forward slash (/) by itself or a string that must begin and end with forward
28285	// slashes. In addition, it can contain any ASCII character from the ! (\u0021)
28286	// through the DEL character (\u007F), including most punctuation characters,
28287	// digits, and upper and lowercased letters.
28288	PathPrefix *string `min:"1" type:"string"`
28289}
28290
28291// String returns the string representation.
28292//
28293// API parameter values that are decorated as "sensitive" in the API will not
28294// be included in the string output. The member name will be present, but the
28295// value will be replaced with "sensitive".
28296func (s ListGroupsInput) String() string {
28297	return awsutil.Prettify(s)
28298}
28299
28300// GoString returns the string representation.
28301//
28302// API parameter values that are decorated as "sensitive" in the API will not
28303// be included in the string output. The member name will be present, but the
28304// value will be replaced with "sensitive".
28305func (s ListGroupsInput) GoString() string {
28306	return s.String()
28307}
28308
28309// Validate inspects the fields of the type to determine if they are valid.
28310func (s *ListGroupsInput) Validate() error {
28311	invalidParams := request.ErrInvalidParams{Context: "ListGroupsInput"}
28312	if s.Marker != nil && len(*s.Marker) < 1 {
28313		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
28314	}
28315	if s.MaxItems != nil && *s.MaxItems < 1 {
28316		invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1))
28317	}
28318	if s.PathPrefix != nil && len(*s.PathPrefix) < 1 {
28319		invalidParams.Add(request.NewErrParamMinLen("PathPrefix", 1))
28320	}
28321
28322	if invalidParams.Len() > 0 {
28323		return invalidParams
28324	}
28325	return nil
28326}
28327
28328// SetMarker sets the Marker field's value.
28329func (s *ListGroupsInput) SetMarker(v string) *ListGroupsInput {
28330	s.Marker = &v
28331	return s
28332}
28333
28334// SetMaxItems sets the MaxItems field's value.
28335func (s *ListGroupsInput) SetMaxItems(v int64) *ListGroupsInput {
28336	s.MaxItems = &v
28337	return s
28338}
28339
28340// SetPathPrefix sets the PathPrefix field's value.
28341func (s *ListGroupsInput) SetPathPrefix(v string) *ListGroupsInput {
28342	s.PathPrefix = &v
28343	return s
28344}
28345
28346// Contains the response to a successful ListGroups request.
28347type ListGroupsOutput struct {
28348	_ struct{} `type:"structure"`
28349
28350	// A list of groups.
28351	//
28352	// Groups is a required field
28353	Groups []*Group `type:"list" required:"true"`
28354
28355	// A flag that indicates whether there are more items to return. If your results
28356	// were truncated, you can make a subsequent pagination request using the Marker
28357	// request parameter to retrieve more items. Note that IAM might return fewer
28358	// than the MaxItems number of results even when there are more results available.
28359	// We recommend that you check IsTruncated after every call to ensure that you
28360	// receive all your results.
28361	IsTruncated *bool `type:"boolean"`
28362
28363	// When IsTruncated is true, this element is present and contains the value
28364	// to use for the Marker parameter in a subsequent pagination request.
28365	Marker *string `type:"string"`
28366}
28367
28368// String returns the string representation.
28369//
28370// API parameter values that are decorated as "sensitive" in the API will not
28371// be included in the string output. The member name will be present, but the
28372// value will be replaced with "sensitive".
28373func (s ListGroupsOutput) String() string {
28374	return awsutil.Prettify(s)
28375}
28376
28377// GoString returns the string representation.
28378//
28379// API parameter values that are decorated as "sensitive" in the API will not
28380// be included in the string output. The member name will be present, but the
28381// value will be replaced with "sensitive".
28382func (s ListGroupsOutput) GoString() string {
28383	return s.String()
28384}
28385
28386// SetGroups sets the Groups field's value.
28387func (s *ListGroupsOutput) SetGroups(v []*Group) *ListGroupsOutput {
28388	s.Groups = v
28389	return s
28390}
28391
28392// SetIsTruncated sets the IsTruncated field's value.
28393func (s *ListGroupsOutput) SetIsTruncated(v bool) *ListGroupsOutput {
28394	s.IsTruncated = &v
28395	return s
28396}
28397
28398// SetMarker sets the Marker field's value.
28399func (s *ListGroupsOutput) SetMarker(v string) *ListGroupsOutput {
28400	s.Marker = &v
28401	return s
28402}
28403
28404type ListInstanceProfileTagsInput struct {
28405	_ struct{} `type:"structure"`
28406
28407	// The name of the IAM instance profile whose tags you want to see.
28408	//
28409	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
28410	// a string of characters consisting of upper and lowercase alphanumeric characters
28411	// with no spaces. You can also include any of the following characters: _+=,.@-
28412	//
28413	// InstanceProfileName is a required field
28414	InstanceProfileName *string `min:"1" type:"string" required:"true"`
28415
28416	// Use this parameter only when paginating results and only after you receive
28417	// a response indicating that the results are truncated. Set it to the value
28418	// of the Marker element in the response that you received to indicate where
28419	// the next call should start.
28420	Marker *string `min:"1" type:"string"`
28421
28422	// Use this only when paginating results to indicate the maximum number of items
28423	// you want in the response. If additional items exist beyond the maximum you
28424	// specify, the IsTruncated response element is true.
28425	//
28426	// If you do not include this parameter, the number of items defaults to 100.
28427	// Note that IAM might return fewer results, even when there are more results
28428	// available. In that case, the IsTruncated response element returns true, and
28429	// Marker contains a value to include in the subsequent call that tells the
28430	// service where to continue from.
28431	MaxItems *int64 `min:"1" type:"integer"`
28432}
28433
28434// String returns the string representation.
28435//
28436// API parameter values that are decorated as "sensitive" in the API will not
28437// be included in the string output. The member name will be present, but the
28438// value will be replaced with "sensitive".
28439func (s ListInstanceProfileTagsInput) String() string {
28440	return awsutil.Prettify(s)
28441}
28442
28443// GoString returns the string representation.
28444//
28445// API parameter values that are decorated as "sensitive" in the API will not
28446// be included in the string output. The member name will be present, but the
28447// value will be replaced with "sensitive".
28448func (s ListInstanceProfileTagsInput) GoString() string {
28449	return s.String()
28450}
28451
28452// Validate inspects the fields of the type to determine if they are valid.
28453func (s *ListInstanceProfileTagsInput) Validate() error {
28454	invalidParams := request.ErrInvalidParams{Context: "ListInstanceProfileTagsInput"}
28455	if s.InstanceProfileName == nil {
28456		invalidParams.Add(request.NewErrParamRequired("InstanceProfileName"))
28457	}
28458	if s.InstanceProfileName != nil && len(*s.InstanceProfileName) < 1 {
28459		invalidParams.Add(request.NewErrParamMinLen("InstanceProfileName", 1))
28460	}
28461	if s.Marker != nil && len(*s.Marker) < 1 {
28462		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
28463	}
28464	if s.MaxItems != nil && *s.MaxItems < 1 {
28465		invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1))
28466	}
28467
28468	if invalidParams.Len() > 0 {
28469		return invalidParams
28470	}
28471	return nil
28472}
28473
28474// SetInstanceProfileName sets the InstanceProfileName field's value.
28475func (s *ListInstanceProfileTagsInput) SetInstanceProfileName(v string) *ListInstanceProfileTagsInput {
28476	s.InstanceProfileName = &v
28477	return s
28478}
28479
28480// SetMarker sets the Marker field's value.
28481func (s *ListInstanceProfileTagsInput) SetMarker(v string) *ListInstanceProfileTagsInput {
28482	s.Marker = &v
28483	return s
28484}
28485
28486// SetMaxItems sets the MaxItems field's value.
28487func (s *ListInstanceProfileTagsInput) SetMaxItems(v int64) *ListInstanceProfileTagsInput {
28488	s.MaxItems = &v
28489	return s
28490}
28491
28492type ListInstanceProfileTagsOutput struct {
28493	_ struct{} `type:"structure"`
28494
28495	// A flag that indicates whether there are more items to return. If your results
28496	// were truncated, you can make a subsequent pagination request using the Marker
28497	// request parameter to retrieve more items. Note that IAM might return fewer
28498	// than the MaxItems number of results even when there are more results available.
28499	// We recommend that you check IsTruncated after every call to ensure that you
28500	// receive all your results.
28501	IsTruncated *bool `type:"boolean"`
28502
28503	// When IsTruncated is true, this element is present and contains the value
28504	// to use for the Marker parameter in a subsequent pagination request.
28505	Marker *string `type:"string"`
28506
28507	// The list of tags that are currently attached to the IAM instance profile.
28508	// Each tag consists of a key name and an associated value. If no tags are attached
28509	// to the specified resource, the response contains an empty list.
28510	//
28511	// Tags is a required field
28512	Tags []*Tag `type:"list" required:"true"`
28513}
28514
28515// String returns the string representation.
28516//
28517// API parameter values that are decorated as "sensitive" in the API will not
28518// be included in the string output. The member name will be present, but the
28519// value will be replaced with "sensitive".
28520func (s ListInstanceProfileTagsOutput) String() string {
28521	return awsutil.Prettify(s)
28522}
28523
28524// GoString returns the string representation.
28525//
28526// API parameter values that are decorated as "sensitive" in the API will not
28527// be included in the string output. The member name will be present, but the
28528// value will be replaced with "sensitive".
28529func (s ListInstanceProfileTagsOutput) GoString() string {
28530	return s.String()
28531}
28532
28533// SetIsTruncated sets the IsTruncated field's value.
28534func (s *ListInstanceProfileTagsOutput) SetIsTruncated(v bool) *ListInstanceProfileTagsOutput {
28535	s.IsTruncated = &v
28536	return s
28537}
28538
28539// SetMarker sets the Marker field's value.
28540func (s *ListInstanceProfileTagsOutput) SetMarker(v string) *ListInstanceProfileTagsOutput {
28541	s.Marker = &v
28542	return s
28543}
28544
28545// SetTags sets the Tags field's value.
28546func (s *ListInstanceProfileTagsOutput) SetTags(v []*Tag) *ListInstanceProfileTagsOutput {
28547	s.Tags = v
28548	return s
28549}
28550
28551type ListInstanceProfilesForRoleInput struct {
28552	_ struct{} `type:"structure"`
28553
28554	// Use this parameter only when paginating results and only after you receive
28555	// a response indicating that the results are truncated. Set it to the value
28556	// of the Marker element in the response that you received to indicate where
28557	// the next call should start.
28558	Marker *string `min:"1" type:"string"`
28559
28560	// Use this only when paginating results to indicate the maximum number of items
28561	// you want in the response. If additional items exist beyond the maximum you
28562	// specify, the IsTruncated response element is true.
28563	//
28564	// If you do not include this parameter, the number of items defaults to 100.
28565	// Note that IAM might return fewer results, even when there are more results
28566	// available. In that case, the IsTruncated response element returns true, and
28567	// Marker contains a value to include in the subsequent call that tells the
28568	// service where to continue from.
28569	MaxItems *int64 `min:"1" type:"integer"`
28570
28571	// The name of the role to list instance profiles for.
28572	//
28573	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
28574	// a string of characters consisting of upper and lowercase alphanumeric characters
28575	// with no spaces. You can also include any of the following characters: _+=,.@-
28576	//
28577	// RoleName is a required field
28578	RoleName *string `min:"1" type:"string" required:"true"`
28579}
28580
28581// String returns the string representation.
28582//
28583// API parameter values that are decorated as "sensitive" in the API will not
28584// be included in the string output. The member name will be present, but the
28585// value will be replaced with "sensitive".
28586func (s ListInstanceProfilesForRoleInput) String() string {
28587	return awsutil.Prettify(s)
28588}
28589
28590// GoString returns the string representation.
28591//
28592// API parameter values that are decorated as "sensitive" in the API will not
28593// be included in the string output. The member name will be present, but the
28594// value will be replaced with "sensitive".
28595func (s ListInstanceProfilesForRoleInput) GoString() string {
28596	return s.String()
28597}
28598
28599// Validate inspects the fields of the type to determine if they are valid.
28600func (s *ListInstanceProfilesForRoleInput) Validate() error {
28601	invalidParams := request.ErrInvalidParams{Context: "ListInstanceProfilesForRoleInput"}
28602	if s.Marker != nil && len(*s.Marker) < 1 {
28603		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
28604	}
28605	if s.MaxItems != nil && *s.MaxItems < 1 {
28606		invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1))
28607	}
28608	if s.RoleName == nil {
28609		invalidParams.Add(request.NewErrParamRequired("RoleName"))
28610	}
28611	if s.RoleName != nil && len(*s.RoleName) < 1 {
28612		invalidParams.Add(request.NewErrParamMinLen("RoleName", 1))
28613	}
28614
28615	if invalidParams.Len() > 0 {
28616		return invalidParams
28617	}
28618	return nil
28619}
28620
28621// SetMarker sets the Marker field's value.
28622func (s *ListInstanceProfilesForRoleInput) SetMarker(v string) *ListInstanceProfilesForRoleInput {
28623	s.Marker = &v
28624	return s
28625}
28626
28627// SetMaxItems sets the MaxItems field's value.
28628func (s *ListInstanceProfilesForRoleInput) SetMaxItems(v int64) *ListInstanceProfilesForRoleInput {
28629	s.MaxItems = &v
28630	return s
28631}
28632
28633// SetRoleName sets the RoleName field's value.
28634func (s *ListInstanceProfilesForRoleInput) SetRoleName(v string) *ListInstanceProfilesForRoleInput {
28635	s.RoleName = &v
28636	return s
28637}
28638
28639// Contains the response to a successful ListInstanceProfilesForRole request.
28640type ListInstanceProfilesForRoleOutput struct {
28641	_ struct{} `type:"structure"`
28642
28643	// A list of instance profiles.
28644	//
28645	// InstanceProfiles is a required field
28646	InstanceProfiles []*InstanceProfile `type:"list" required:"true"`
28647
28648	// A flag that indicates whether there are more items to return. If your results
28649	// were truncated, you can make a subsequent pagination request using the Marker
28650	// request parameter to retrieve more items. Note that IAM might return fewer
28651	// than the MaxItems number of results even when there are more results available.
28652	// We recommend that you check IsTruncated after every call to ensure that you
28653	// receive all your results.
28654	IsTruncated *bool `type:"boolean"`
28655
28656	// When IsTruncated is true, this element is present and contains the value
28657	// to use for the Marker parameter in a subsequent pagination request.
28658	Marker *string `type:"string"`
28659}
28660
28661// String returns the string representation.
28662//
28663// API parameter values that are decorated as "sensitive" in the API will not
28664// be included in the string output. The member name will be present, but the
28665// value will be replaced with "sensitive".
28666func (s ListInstanceProfilesForRoleOutput) String() string {
28667	return awsutil.Prettify(s)
28668}
28669
28670// GoString returns the string representation.
28671//
28672// API parameter values that are decorated as "sensitive" in the API will not
28673// be included in the string output. The member name will be present, but the
28674// value will be replaced with "sensitive".
28675func (s ListInstanceProfilesForRoleOutput) GoString() string {
28676	return s.String()
28677}
28678
28679// SetInstanceProfiles sets the InstanceProfiles field's value.
28680func (s *ListInstanceProfilesForRoleOutput) SetInstanceProfiles(v []*InstanceProfile) *ListInstanceProfilesForRoleOutput {
28681	s.InstanceProfiles = v
28682	return s
28683}
28684
28685// SetIsTruncated sets the IsTruncated field's value.
28686func (s *ListInstanceProfilesForRoleOutput) SetIsTruncated(v bool) *ListInstanceProfilesForRoleOutput {
28687	s.IsTruncated = &v
28688	return s
28689}
28690
28691// SetMarker sets the Marker field's value.
28692func (s *ListInstanceProfilesForRoleOutput) SetMarker(v string) *ListInstanceProfilesForRoleOutput {
28693	s.Marker = &v
28694	return s
28695}
28696
28697type ListInstanceProfilesInput struct {
28698	_ struct{} `type:"structure"`
28699
28700	// Use this parameter only when paginating results and only after you receive
28701	// a response indicating that the results are truncated. Set it to the value
28702	// of the Marker element in the response that you received to indicate where
28703	// the next call should start.
28704	Marker *string `min:"1" type:"string"`
28705
28706	// Use this only when paginating results to indicate the maximum number of items
28707	// you want in the response. If additional items exist beyond the maximum you
28708	// specify, the IsTruncated response element is true.
28709	//
28710	// If you do not include this parameter, the number of items defaults to 100.
28711	// Note that IAM might return fewer results, even when there are more results
28712	// available. In that case, the IsTruncated response element returns true, and
28713	// Marker contains a value to include in the subsequent call that tells the
28714	// service where to continue from.
28715	MaxItems *int64 `min:"1" type:"integer"`
28716
28717	// The path prefix for filtering the results. For example, the prefix /application_abc/component_xyz/
28718	// gets all instance profiles whose path starts with /application_abc/component_xyz/.
28719	//
28720	// This parameter is optional. If it is not included, it defaults to a slash
28721	// (/), listing all instance profiles. This parameter allows (through its regex
28722	// pattern (http://wikipedia.org/wiki/regex)) a string of characters consisting
28723	// of either a forward slash (/) by itself or a string that must begin and end
28724	// with forward slashes. In addition, it can contain any ASCII character from
28725	// the ! (\u0021) through the DEL character (\u007F), including most punctuation
28726	// characters, digits, and upper and lowercased letters.
28727	PathPrefix *string `min:"1" type:"string"`
28728}
28729
28730// String returns the string representation.
28731//
28732// API parameter values that are decorated as "sensitive" in the API will not
28733// be included in the string output. The member name will be present, but the
28734// value will be replaced with "sensitive".
28735func (s ListInstanceProfilesInput) String() string {
28736	return awsutil.Prettify(s)
28737}
28738
28739// GoString returns the string representation.
28740//
28741// API parameter values that are decorated as "sensitive" in the API will not
28742// be included in the string output. The member name will be present, but the
28743// value will be replaced with "sensitive".
28744func (s ListInstanceProfilesInput) GoString() string {
28745	return s.String()
28746}
28747
28748// Validate inspects the fields of the type to determine if they are valid.
28749func (s *ListInstanceProfilesInput) Validate() error {
28750	invalidParams := request.ErrInvalidParams{Context: "ListInstanceProfilesInput"}
28751	if s.Marker != nil && len(*s.Marker) < 1 {
28752		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
28753	}
28754	if s.MaxItems != nil && *s.MaxItems < 1 {
28755		invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1))
28756	}
28757	if s.PathPrefix != nil && len(*s.PathPrefix) < 1 {
28758		invalidParams.Add(request.NewErrParamMinLen("PathPrefix", 1))
28759	}
28760
28761	if invalidParams.Len() > 0 {
28762		return invalidParams
28763	}
28764	return nil
28765}
28766
28767// SetMarker sets the Marker field's value.
28768func (s *ListInstanceProfilesInput) SetMarker(v string) *ListInstanceProfilesInput {
28769	s.Marker = &v
28770	return s
28771}
28772
28773// SetMaxItems sets the MaxItems field's value.
28774func (s *ListInstanceProfilesInput) SetMaxItems(v int64) *ListInstanceProfilesInput {
28775	s.MaxItems = &v
28776	return s
28777}
28778
28779// SetPathPrefix sets the PathPrefix field's value.
28780func (s *ListInstanceProfilesInput) SetPathPrefix(v string) *ListInstanceProfilesInput {
28781	s.PathPrefix = &v
28782	return s
28783}
28784
28785// Contains the response to a successful ListInstanceProfiles request.
28786type ListInstanceProfilesOutput struct {
28787	_ struct{} `type:"structure"`
28788
28789	// A list of instance profiles.
28790	//
28791	// InstanceProfiles is a required field
28792	InstanceProfiles []*InstanceProfile `type:"list" required:"true"`
28793
28794	// A flag that indicates whether there are more items to return. If your results
28795	// were truncated, you can make a subsequent pagination request using the Marker
28796	// request parameter to retrieve more items. Note that IAM might return fewer
28797	// than the MaxItems number of results even when there are more results available.
28798	// We recommend that you check IsTruncated after every call to ensure that you
28799	// receive all your results.
28800	IsTruncated *bool `type:"boolean"`
28801
28802	// When IsTruncated is true, this element is present and contains the value
28803	// to use for the Marker parameter in a subsequent pagination request.
28804	Marker *string `type:"string"`
28805}
28806
28807// String returns the string representation.
28808//
28809// API parameter values that are decorated as "sensitive" in the API will not
28810// be included in the string output. The member name will be present, but the
28811// value will be replaced with "sensitive".
28812func (s ListInstanceProfilesOutput) String() string {
28813	return awsutil.Prettify(s)
28814}
28815
28816// GoString returns the string representation.
28817//
28818// API parameter values that are decorated as "sensitive" in the API will not
28819// be included in the string output. The member name will be present, but the
28820// value will be replaced with "sensitive".
28821func (s ListInstanceProfilesOutput) GoString() string {
28822	return s.String()
28823}
28824
28825// SetInstanceProfiles sets the InstanceProfiles field's value.
28826func (s *ListInstanceProfilesOutput) SetInstanceProfiles(v []*InstanceProfile) *ListInstanceProfilesOutput {
28827	s.InstanceProfiles = v
28828	return s
28829}
28830
28831// SetIsTruncated sets the IsTruncated field's value.
28832func (s *ListInstanceProfilesOutput) SetIsTruncated(v bool) *ListInstanceProfilesOutput {
28833	s.IsTruncated = &v
28834	return s
28835}
28836
28837// SetMarker sets the Marker field's value.
28838func (s *ListInstanceProfilesOutput) SetMarker(v string) *ListInstanceProfilesOutput {
28839	s.Marker = &v
28840	return s
28841}
28842
28843type ListMFADeviceTagsInput struct {
28844	_ struct{} `type:"structure"`
28845
28846	// Use this parameter only when paginating results and only after you receive
28847	// a response indicating that the results are truncated. Set it to the value
28848	// of the Marker element in the response that you received to indicate where
28849	// the next call should start.
28850	Marker *string `min:"1" type:"string"`
28851
28852	// Use this only when paginating results to indicate the maximum number of items
28853	// you want in the response. If additional items exist beyond the maximum you
28854	// specify, the IsTruncated response element is true.
28855	//
28856	// If you do not include this parameter, the number of items defaults to 100.
28857	// Note that IAM might return fewer results, even when there are more results
28858	// available. In that case, the IsTruncated response element returns true, and
28859	// Marker contains a value to include in the subsequent call that tells the
28860	// service where to continue from.
28861	MaxItems *int64 `min:"1" type:"integer"`
28862
28863	// The unique identifier for the IAM virtual MFA device whose tags you want
28864	// to see. For virtual MFA devices, the serial number is the same as the ARN.
28865	//
28866	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
28867	// a string of characters consisting of upper and lowercase alphanumeric characters
28868	// with no spaces. You can also include any of the following characters: _+=,.@-
28869	//
28870	// SerialNumber is a required field
28871	SerialNumber *string `min:"9" type:"string" required:"true"`
28872}
28873
28874// String returns the string representation.
28875//
28876// API parameter values that are decorated as "sensitive" in the API will not
28877// be included in the string output. The member name will be present, but the
28878// value will be replaced with "sensitive".
28879func (s ListMFADeviceTagsInput) String() string {
28880	return awsutil.Prettify(s)
28881}
28882
28883// GoString returns the string representation.
28884//
28885// API parameter values that are decorated as "sensitive" in the API will not
28886// be included in the string output. The member name will be present, but the
28887// value will be replaced with "sensitive".
28888func (s ListMFADeviceTagsInput) GoString() string {
28889	return s.String()
28890}
28891
28892// Validate inspects the fields of the type to determine if they are valid.
28893func (s *ListMFADeviceTagsInput) Validate() error {
28894	invalidParams := request.ErrInvalidParams{Context: "ListMFADeviceTagsInput"}
28895	if s.Marker != nil && len(*s.Marker) < 1 {
28896		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
28897	}
28898	if s.MaxItems != nil && *s.MaxItems < 1 {
28899		invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1))
28900	}
28901	if s.SerialNumber == nil {
28902		invalidParams.Add(request.NewErrParamRequired("SerialNumber"))
28903	}
28904	if s.SerialNumber != nil && len(*s.SerialNumber) < 9 {
28905		invalidParams.Add(request.NewErrParamMinLen("SerialNumber", 9))
28906	}
28907
28908	if invalidParams.Len() > 0 {
28909		return invalidParams
28910	}
28911	return nil
28912}
28913
28914// SetMarker sets the Marker field's value.
28915func (s *ListMFADeviceTagsInput) SetMarker(v string) *ListMFADeviceTagsInput {
28916	s.Marker = &v
28917	return s
28918}
28919
28920// SetMaxItems sets the MaxItems field's value.
28921func (s *ListMFADeviceTagsInput) SetMaxItems(v int64) *ListMFADeviceTagsInput {
28922	s.MaxItems = &v
28923	return s
28924}
28925
28926// SetSerialNumber sets the SerialNumber field's value.
28927func (s *ListMFADeviceTagsInput) SetSerialNumber(v string) *ListMFADeviceTagsInput {
28928	s.SerialNumber = &v
28929	return s
28930}
28931
28932type ListMFADeviceTagsOutput struct {
28933	_ struct{} `type:"structure"`
28934
28935	// A flag that indicates whether there are more items to return. If your results
28936	// were truncated, you can make a subsequent pagination request using the Marker
28937	// request parameter to retrieve more items. Note that IAM might return fewer
28938	// than the MaxItems number of results even when there are more results available.
28939	// We recommend that you check IsTruncated after every call to ensure that you
28940	// receive all your results.
28941	IsTruncated *bool `type:"boolean"`
28942
28943	// When IsTruncated is true, this element is present and contains the value
28944	// to use for the Marker parameter in a subsequent pagination request.
28945	Marker *string `type:"string"`
28946
28947	// The list of tags that are currently attached to the virtual MFA device. Each
28948	// tag consists of a key name and an associated value. If no tags are attached
28949	// to the specified resource, the response contains an empty list.
28950	//
28951	// Tags is a required field
28952	Tags []*Tag `type:"list" required:"true"`
28953}
28954
28955// String returns the string representation.
28956//
28957// API parameter values that are decorated as "sensitive" in the API will not
28958// be included in the string output. The member name will be present, but the
28959// value will be replaced with "sensitive".
28960func (s ListMFADeviceTagsOutput) String() string {
28961	return awsutil.Prettify(s)
28962}
28963
28964// GoString returns the string representation.
28965//
28966// API parameter values that are decorated as "sensitive" in the API will not
28967// be included in the string output. The member name will be present, but the
28968// value will be replaced with "sensitive".
28969func (s ListMFADeviceTagsOutput) GoString() string {
28970	return s.String()
28971}
28972
28973// SetIsTruncated sets the IsTruncated field's value.
28974func (s *ListMFADeviceTagsOutput) SetIsTruncated(v bool) *ListMFADeviceTagsOutput {
28975	s.IsTruncated = &v
28976	return s
28977}
28978
28979// SetMarker sets the Marker field's value.
28980func (s *ListMFADeviceTagsOutput) SetMarker(v string) *ListMFADeviceTagsOutput {
28981	s.Marker = &v
28982	return s
28983}
28984
28985// SetTags sets the Tags field's value.
28986func (s *ListMFADeviceTagsOutput) SetTags(v []*Tag) *ListMFADeviceTagsOutput {
28987	s.Tags = v
28988	return s
28989}
28990
28991type ListMFADevicesInput struct {
28992	_ struct{} `type:"structure"`
28993
28994	// Use this parameter only when paginating results and only after you receive
28995	// a response indicating that the results are truncated. Set it to the value
28996	// of the Marker element in the response that you received to indicate where
28997	// the next call should start.
28998	Marker *string `min:"1" type:"string"`
28999
29000	// Use this only when paginating results to indicate the maximum number of items
29001	// you want in the response. If additional items exist beyond the maximum you
29002	// specify, the IsTruncated response element is true.
29003	//
29004	// If you do not include this parameter, the number of items defaults to 100.
29005	// Note that IAM might return fewer results, even when there are more results
29006	// available. In that case, the IsTruncated response element returns true, and
29007	// Marker contains a value to include in the subsequent call that tells the
29008	// service where to continue from.
29009	MaxItems *int64 `min:"1" type:"integer"`
29010
29011	// The name of the user whose MFA devices you want to list.
29012	//
29013	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
29014	// a string of characters consisting of upper and lowercase alphanumeric characters
29015	// with no spaces. You can also include any of the following characters: _+=,.@-
29016	UserName *string `min:"1" type:"string"`
29017}
29018
29019// String returns the string representation.
29020//
29021// API parameter values that are decorated as "sensitive" in the API will not
29022// be included in the string output. The member name will be present, but the
29023// value will be replaced with "sensitive".
29024func (s ListMFADevicesInput) String() string {
29025	return awsutil.Prettify(s)
29026}
29027
29028// GoString returns the string representation.
29029//
29030// API parameter values that are decorated as "sensitive" in the API will not
29031// be included in the string output. The member name will be present, but the
29032// value will be replaced with "sensitive".
29033func (s ListMFADevicesInput) GoString() string {
29034	return s.String()
29035}
29036
29037// Validate inspects the fields of the type to determine if they are valid.
29038func (s *ListMFADevicesInput) Validate() error {
29039	invalidParams := request.ErrInvalidParams{Context: "ListMFADevicesInput"}
29040	if s.Marker != nil && len(*s.Marker) < 1 {
29041		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
29042	}
29043	if s.MaxItems != nil && *s.MaxItems < 1 {
29044		invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1))
29045	}
29046	if s.UserName != nil && len(*s.UserName) < 1 {
29047		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
29048	}
29049
29050	if invalidParams.Len() > 0 {
29051		return invalidParams
29052	}
29053	return nil
29054}
29055
29056// SetMarker sets the Marker field's value.
29057func (s *ListMFADevicesInput) SetMarker(v string) *ListMFADevicesInput {
29058	s.Marker = &v
29059	return s
29060}
29061
29062// SetMaxItems sets the MaxItems field's value.
29063func (s *ListMFADevicesInput) SetMaxItems(v int64) *ListMFADevicesInput {
29064	s.MaxItems = &v
29065	return s
29066}
29067
29068// SetUserName sets the UserName field's value.
29069func (s *ListMFADevicesInput) SetUserName(v string) *ListMFADevicesInput {
29070	s.UserName = &v
29071	return s
29072}
29073
29074// Contains the response to a successful ListMFADevices request.
29075type ListMFADevicesOutput struct {
29076	_ struct{} `type:"structure"`
29077
29078	// A flag that indicates whether there are more items to return. If your results
29079	// were truncated, you can make a subsequent pagination request using the Marker
29080	// request parameter to retrieve more items. Note that IAM might return fewer
29081	// than the MaxItems number of results even when there are more results available.
29082	// We recommend that you check IsTruncated after every call to ensure that you
29083	// receive all your results.
29084	IsTruncated *bool `type:"boolean"`
29085
29086	// A list of MFA devices.
29087	//
29088	// MFADevices is a required field
29089	MFADevices []*MFADevice `type:"list" required:"true"`
29090
29091	// When IsTruncated is true, this element is present and contains the value
29092	// to use for the Marker parameter in a subsequent pagination request.
29093	Marker *string `type:"string"`
29094}
29095
29096// String returns the string representation.
29097//
29098// API parameter values that are decorated as "sensitive" in the API will not
29099// be included in the string output. The member name will be present, but the
29100// value will be replaced with "sensitive".
29101func (s ListMFADevicesOutput) String() string {
29102	return awsutil.Prettify(s)
29103}
29104
29105// GoString returns the string representation.
29106//
29107// API parameter values that are decorated as "sensitive" in the API will not
29108// be included in the string output. The member name will be present, but the
29109// value will be replaced with "sensitive".
29110func (s ListMFADevicesOutput) GoString() string {
29111	return s.String()
29112}
29113
29114// SetIsTruncated sets the IsTruncated field's value.
29115func (s *ListMFADevicesOutput) SetIsTruncated(v bool) *ListMFADevicesOutput {
29116	s.IsTruncated = &v
29117	return s
29118}
29119
29120// SetMFADevices sets the MFADevices field's value.
29121func (s *ListMFADevicesOutput) SetMFADevices(v []*MFADevice) *ListMFADevicesOutput {
29122	s.MFADevices = v
29123	return s
29124}
29125
29126// SetMarker sets the Marker field's value.
29127func (s *ListMFADevicesOutput) SetMarker(v string) *ListMFADevicesOutput {
29128	s.Marker = &v
29129	return s
29130}
29131
29132type ListOpenIDConnectProviderTagsInput struct {
29133	_ struct{} `type:"structure"`
29134
29135	// Use this parameter only when paginating results and only after you receive
29136	// a response indicating that the results are truncated. Set it to the value
29137	// of the Marker element in the response that you received to indicate where
29138	// the next call should start.
29139	Marker *string `min:"1" type:"string"`
29140
29141	// Use this only when paginating results to indicate the maximum number of items
29142	// you want in the response. If additional items exist beyond the maximum you
29143	// specify, the IsTruncated response element is true.
29144	//
29145	// If you do not include this parameter, the number of items defaults to 100.
29146	// Note that IAM might return fewer results, even when there are more results
29147	// available. In that case, the IsTruncated response element returns true, and
29148	// Marker contains a value to include in the subsequent call that tells the
29149	// service where to continue from.
29150	MaxItems *int64 `min:"1" type:"integer"`
29151
29152	// The ARN of the OpenID Connect (OIDC) identity provider whose tags you want
29153	// to see.
29154	//
29155	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
29156	// a string of characters consisting of upper and lowercase alphanumeric characters
29157	// with no spaces. You can also include any of the following characters: _+=,.@-
29158	//
29159	// OpenIDConnectProviderArn is a required field
29160	OpenIDConnectProviderArn *string `min:"20" type:"string" required:"true"`
29161}
29162
29163// String returns the string representation.
29164//
29165// API parameter values that are decorated as "sensitive" in the API will not
29166// be included in the string output. The member name will be present, but the
29167// value will be replaced with "sensitive".
29168func (s ListOpenIDConnectProviderTagsInput) String() string {
29169	return awsutil.Prettify(s)
29170}
29171
29172// GoString returns the string representation.
29173//
29174// API parameter values that are decorated as "sensitive" in the API will not
29175// be included in the string output. The member name will be present, but the
29176// value will be replaced with "sensitive".
29177func (s ListOpenIDConnectProviderTagsInput) GoString() string {
29178	return s.String()
29179}
29180
29181// Validate inspects the fields of the type to determine if they are valid.
29182func (s *ListOpenIDConnectProviderTagsInput) Validate() error {
29183	invalidParams := request.ErrInvalidParams{Context: "ListOpenIDConnectProviderTagsInput"}
29184	if s.Marker != nil && len(*s.Marker) < 1 {
29185		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
29186	}
29187	if s.MaxItems != nil && *s.MaxItems < 1 {
29188		invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1))
29189	}
29190	if s.OpenIDConnectProviderArn == nil {
29191		invalidParams.Add(request.NewErrParamRequired("OpenIDConnectProviderArn"))
29192	}
29193	if s.OpenIDConnectProviderArn != nil && len(*s.OpenIDConnectProviderArn) < 20 {
29194		invalidParams.Add(request.NewErrParamMinLen("OpenIDConnectProviderArn", 20))
29195	}
29196
29197	if invalidParams.Len() > 0 {
29198		return invalidParams
29199	}
29200	return nil
29201}
29202
29203// SetMarker sets the Marker field's value.
29204func (s *ListOpenIDConnectProviderTagsInput) SetMarker(v string) *ListOpenIDConnectProviderTagsInput {
29205	s.Marker = &v
29206	return s
29207}
29208
29209// SetMaxItems sets the MaxItems field's value.
29210func (s *ListOpenIDConnectProviderTagsInput) SetMaxItems(v int64) *ListOpenIDConnectProviderTagsInput {
29211	s.MaxItems = &v
29212	return s
29213}
29214
29215// SetOpenIDConnectProviderArn sets the OpenIDConnectProviderArn field's value.
29216func (s *ListOpenIDConnectProviderTagsInput) SetOpenIDConnectProviderArn(v string) *ListOpenIDConnectProviderTagsInput {
29217	s.OpenIDConnectProviderArn = &v
29218	return s
29219}
29220
29221type ListOpenIDConnectProviderTagsOutput struct {
29222	_ struct{} `type:"structure"`
29223
29224	// A flag that indicates whether there are more items to return. If your results
29225	// were truncated, you can make a subsequent pagination request using the Marker
29226	// request parameter to retrieve more items. Note that IAM might return fewer
29227	// than the MaxItems number of results even when there are more results available.
29228	// We recommend that you check IsTruncated after every call to ensure that you
29229	// receive all your results.
29230	IsTruncated *bool `type:"boolean"`
29231
29232	// When IsTruncated is true, this element is present and contains the value
29233	// to use for the Marker parameter in a subsequent pagination request.
29234	Marker *string `type:"string"`
29235
29236	// The list of tags that are currently attached to the OpenID Connect (OIDC)
29237	// identity provider. Each tag consists of a key name and an associated value.
29238	// If no tags are attached to the specified resource, the response contains
29239	// an empty list.
29240	//
29241	// Tags is a required field
29242	Tags []*Tag `type:"list" required:"true"`
29243}
29244
29245// String returns the string representation.
29246//
29247// API parameter values that are decorated as "sensitive" in the API will not
29248// be included in the string output. The member name will be present, but the
29249// value will be replaced with "sensitive".
29250func (s ListOpenIDConnectProviderTagsOutput) String() string {
29251	return awsutil.Prettify(s)
29252}
29253
29254// GoString returns the string representation.
29255//
29256// API parameter values that are decorated as "sensitive" in the API will not
29257// be included in the string output. The member name will be present, but the
29258// value will be replaced with "sensitive".
29259func (s ListOpenIDConnectProviderTagsOutput) GoString() string {
29260	return s.String()
29261}
29262
29263// SetIsTruncated sets the IsTruncated field's value.
29264func (s *ListOpenIDConnectProviderTagsOutput) SetIsTruncated(v bool) *ListOpenIDConnectProviderTagsOutput {
29265	s.IsTruncated = &v
29266	return s
29267}
29268
29269// SetMarker sets the Marker field's value.
29270func (s *ListOpenIDConnectProviderTagsOutput) SetMarker(v string) *ListOpenIDConnectProviderTagsOutput {
29271	s.Marker = &v
29272	return s
29273}
29274
29275// SetTags sets the Tags field's value.
29276func (s *ListOpenIDConnectProviderTagsOutput) SetTags(v []*Tag) *ListOpenIDConnectProviderTagsOutput {
29277	s.Tags = v
29278	return s
29279}
29280
29281type ListOpenIDConnectProvidersInput struct {
29282	_ struct{} `type:"structure"`
29283}
29284
29285// String returns the string representation.
29286//
29287// API parameter values that are decorated as "sensitive" in the API will not
29288// be included in the string output. The member name will be present, but the
29289// value will be replaced with "sensitive".
29290func (s ListOpenIDConnectProvidersInput) String() string {
29291	return awsutil.Prettify(s)
29292}
29293
29294// GoString returns the string representation.
29295//
29296// API parameter values that are decorated as "sensitive" in the API will not
29297// be included in the string output. The member name will be present, but the
29298// value will be replaced with "sensitive".
29299func (s ListOpenIDConnectProvidersInput) GoString() string {
29300	return s.String()
29301}
29302
29303// Contains the response to a successful ListOpenIDConnectProviders request.
29304type ListOpenIDConnectProvidersOutput struct {
29305	_ struct{} `type:"structure"`
29306
29307	// The list of IAM OIDC provider resource objects defined in the Amazon Web
29308	// Services account.
29309	OpenIDConnectProviderList []*OpenIDConnectProviderListEntry `type:"list"`
29310}
29311
29312// String returns the string representation.
29313//
29314// API parameter values that are decorated as "sensitive" in the API will not
29315// be included in the string output. The member name will be present, but the
29316// value will be replaced with "sensitive".
29317func (s ListOpenIDConnectProvidersOutput) String() string {
29318	return awsutil.Prettify(s)
29319}
29320
29321// GoString returns the string representation.
29322//
29323// API parameter values that are decorated as "sensitive" in the API will not
29324// be included in the string output. The member name will be present, but the
29325// value will be replaced with "sensitive".
29326func (s ListOpenIDConnectProvidersOutput) GoString() string {
29327	return s.String()
29328}
29329
29330// SetOpenIDConnectProviderList sets the OpenIDConnectProviderList field's value.
29331func (s *ListOpenIDConnectProvidersOutput) SetOpenIDConnectProviderList(v []*OpenIDConnectProviderListEntry) *ListOpenIDConnectProvidersOutput {
29332	s.OpenIDConnectProviderList = v
29333	return s
29334}
29335
29336// Contains details about the permissions policies that are attached to the
29337// specified identity (user, group, or role).
29338//
29339// This data type is used as a response element in the ListPoliciesGrantingServiceAccess
29340// operation.
29341type ListPoliciesGrantingServiceAccessEntry struct {
29342	_ struct{} `type:"structure"`
29343
29344	// The PoliciesGrantingServiceAccess object that contains details about the
29345	// policy.
29346	Policies []*PolicyGrantingServiceAccess `type:"list"`
29347
29348	// The namespace of the service that was accessed.
29349	//
29350	// To learn the service namespace of a service, see Actions, resources, and
29351	// condition keys for Amazon Web Services services (https://docs.aws.amazon.com/service-authorization/latest/reference/reference_policies_actions-resources-contextkeys.html)
29352	// in the Service Authorization Reference. Choose the name of the service to
29353	// view details for that service. In the first paragraph, find the service prefix.
29354	// For example, (service prefix: a4b). For more information about service namespaces,
29355	// see Amazon Web Services service namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html#genref-aws-service-namespaces)
29356	// in the Amazon Web Services General Reference.
29357	ServiceNamespace *string `min:"1" type:"string"`
29358}
29359
29360// String returns the string representation.
29361//
29362// API parameter values that are decorated as "sensitive" in the API will not
29363// be included in the string output. The member name will be present, but the
29364// value will be replaced with "sensitive".
29365func (s ListPoliciesGrantingServiceAccessEntry) String() string {
29366	return awsutil.Prettify(s)
29367}
29368
29369// GoString returns the string representation.
29370//
29371// API parameter values that are decorated as "sensitive" in the API will not
29372// be included in the string output. The member name will be present, but the
29373// value will be replaced with "sensitive".
29374func (s ListPoliciesGrantingServiceAccessEntry) GoString() string {
29375	return s.String()
29376}
29377
29378// SetPolicies sets the Policies field's value.
29379func (s *ListPoliciesGrantingServiceAccessEntry) SetPolicies(v []*PolicyGrantingServiceAccess) *ListPoliciesGrantingServiceAccessEntry {
29380	s.Policies = v
29381	return s
29382}
29383
29384// SetServiceNamespace sets the ServiceNamespace field's value.
29385func (s *ListPoliciesGrantingServiceAccessEntry) SetServiceNamespace(v string) *ListPoliciesGrantingServiceAccessEntry {
29386	s.ServiceNamespace = &v
29387	return s
29388}
29389
29390type ListPoliciesGrantingServiceAccessInput struct {
29391	_ struct{} `type:"structure"`
29392
29393	// The ARN of the IAM identity (user, group, or role) whose policies you want
29394	// to list.
29395	//
29396	// Arn is a required field
29397	Arn *string `min:"20" type:"string" required:"true"`
29398
29399	// Use this parameter only when paginating results and only after you receive
29400	// a response indicating that the results are truncated. Set it to the value
29401	// of the Marker element in the response that you received to indicate where
29402	// the next call should start.
29403	Marker *string `min:"1" type:"string"`
29404
29405	// The service namespace for the Amazon Web Services services whose policies
29406	// you want to list.
29407	//
29408	// To learn the service namespace for a service, see Actions, resources, and
29409	// condition keys for Amazon Web Services services (https://docs.aws.amazon.com/service-authorization/latest/reference/reference_policies_actions-resources-contextkeys.html)
29410	// in the IAM User Guide. Choose the name of the service to view details for
29411	// that service. In the first paragraph, find the service prefix. For example,
29412	// (service prefix: a4b). For more information about service namespaces, see
29413	// Amazon Web Services service namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html#genref-aws-service-namespaces)
29414	// in the Amazon Web Services General Reference.
29415	//
29416	// ServiceNamespaces is a required field
29417	ServiceNamespaces []*string `min:"1" type:"list" required:"true"`
29418}
29419
29420// String returns the string representation.
29421//
29422// API parameter values that are decorated as "sensitive" in the API will not
29423// be included in the string output. The member name will be present, but the
29424// value will be replaced with "sensitive".
29425func (s ListPoliciesGrantingServiceAccessInput) String() string {
29426	return awsutil.Prettify(s)
29427}
29428
29429// GoString returns the string representation.
29430//
29431// API parameter values that are decorated as "sensitive" in the API will not
29432// be included in the string output. The member name will be present, but the
29433// value will be replaced with "sensitive".
29434func (s ListPoliciesGrantingServiceAccessInput) GoString() string {
29435	return s.String()
29436}
29437
29438// Validate inspects the fields of the type to determine if they are valid.
29439func (s *ListPoliciesGrantingServiceAccessInput) Validate() error {
29440	invalidParams := request.ErrInvalidParams{Context: "ListPoliciesGrantingServiceAccessInput"}
29441	if s.Arn == nil {
29442		invalidParams.Add(request.NewErrParamRequired("Arn"))
29443	}
29444	if s.Arn != nil && len(*s.Arn) < 20 {
29445		invalidParams.Add(request.NewErrParamMinLen("Arn", 20))
29446	}
29447	if s.Marker != nil && len(*s.Marker) < 1 {
29448		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
29449	}
29450	if s.ServiceNamespaces == nil {
29451		invalidParams.Add(request.NewErrParamRequired("ServiceNamespaces"))
29452	}
29453	if s.ServiceNamespaces != nil && len(s.ServiceNamespaces) < 1 {
29454		invalidParams.Add(request.NewErrParamMinLen("ServiceNamespaces", 1))
29455	}
29456
29457	if invalidParams.Len() > 0 {
29458		return invalidParams
29459	}
29460	return nil
29461}
29462
29463// SetArn sets the Arn field's value.
29464func (s *ListPoliciesGrantingServiceAccessInput) SetArn(v string) *ListPoliciesGrantingServiceAccessInput {
29465	s.Arn = &v
29466	return s
29467}
29468
29469// SetMarker sets the Marker field's value.
29470func (s *ListPoliciesGrantingServiceAccessInput) SetMarker(v string) *ListPoliciesGrantingServiceAccessInput {
29471	s.Marker = &v
29472	return s
29473}
29474
29475// SetServiceNamespaces sets the ServiceNamespaces field's value.
29476func (s *ListPoliciesGrantingServiceAccessInput) SetServiceNamespaces(v []*string) *ListPoliciesGrantingServiceAccessInput {
29477	s.ServiceNamespaces = v
29478	return s
29479}
29480
29481type ListPoliciesGrantingServiceAccessOutput struct {
29482	_ struct{} `type:"structure"`
29483
29484	// A flag that indicates whether there are more items to return. If your results
29485	// were truncated, you can make a subsequent pagination request using the Marker
29486	// request parameter to retrieve more items. We recommend that you check IsTruncated
29487	// after every call to ensure that you receive all your results.
29488	IsTruncated *bool `type:"boolean"`
29489
29490	// When IsTruncated is true, this element is present and contains the value
29491	// to use for the Marker parameter in a subsequent pagination request.
29492	Marker *string `type:"string"`
29493
29494	// A ListPoliciesGrantingServiceAccess object that contains details about the
29495	// permissions policies attached to the specified identity (user, group, or
29496	// role).
29497	//
29498	// PoliciesGrantingServiceAccess is a required field
29499	PoliciesGrantingServiceAccess []*ListPoliciesGrantingServiceAccessEntry `type:"list" required:"true"`
29500}
29501
29502// String returns the string representation.
29503//
29504// API parameter values that are decorated as "sensitive" in the API will not
29505// be included in the string output. The member name will be present, but the
29506// value will be replaced with "sensitive".
29507func (s ListPoliciesGrantingServiceAccessOutput) String() string {
29508	return awsutil.Prettify(s)
29509}
29510
29511// GoString returns the string representation.
29512//
29513// API parameter values that are decorated as "sensitive" in the API will not
29514// be included in the string output. The member name will be present, but the
29515// value will be replaced with "sensitive".
29516func (s ListPoliciesGrantingServiceAccessOutput) GoString() string {
29517	return s.String()
29518}
29519
29520// SetIsTruncated sets the IsTruncated field's value.
29521func (s *ListPoliciesGrantingServiceAccessOutput) SetIsTruncated(v bool) *ListPoliciesGrantingServiceAccessOutput {
29522	s.IsTruncated = &v
29523	return s
29524}
29525
29526// SetMarker sets the Marker field's value.
29527func (s *ListPoliciesGrantingServiceAccessOutput) SetMarker(v string) *ListPoliciesGrantingServiceAccessOutput {
29528	s.Marker = &v
29529	return s
29530}
29531
29532// SetPoliciesGrantingServiceAccess sets the PoliciesGrantingServiceAccess field's value.
29533func (s *ListPoliciesGrantingServiceAccessOutput) SetPoliciesGrantingServiceAccess(v []*ListPoliciesGrantingServiceAccessEntry) *ListPoliciesGrantingServiceAccessOutput {
29534	s.PoliciesGrantingServiceAccess = v
29535	return s
29536}
29537
29538type ListPoliciesInput struct {
29539	_ struct{} `type:"structure"`
29540
29541	// Use this parameter only when paginating results and only after you receive
29542	// a response indicating that the results are truncated. Set it to the value
29543	// of the Marker element in the response that you received to indicate where
29544	// the next call should start.
29545	Marker *string `min:"1" type:"string"`
29546
29547	// Use this only when paginating results to indicate the maximum number of items
29548	// you want in the response. If additional items exist beyond the maximum you
29549	// specify, the IsTruncated response element is true.
29550	//
29551	// If you do not include this parameter, the number of items defaults to 100.
29552	// Note that IAM might return fewer results, even when there are more results
29553	// available. In that case, the IsTruncated response element returns true, and
29554	// Marker contains a value to include in the subsequent call that tells the
29555	// service where to continue from.
29556	MaxItems *int64 `min:"1" type:"integer"`
29557
29558	// A flag to filter the results to only the attached policies.
29559	//
29560	// When OnlyAttached is true, the returned list contains only the policies that
29561	// are attached to an IAM user, group, or role. When OnlyAttached is false,
29562	// or when the parameter is not included, all policies are returned.
29563	OnlyAttached *bool `type:"boolean"`
29564
29565	// The path prefix for filtering the results. This parameter is optional. If
29566	// it is not included, it defaults to a slash (/), listing all policies. This
29567	// parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
29568	// a string of characters consisting of either a forward slash (/) by itself
29569	// or a string that must begin and end with forward slashes. In addition, it
29570	// can contain any ASCII character from the ! (\u0021) through the DEL character
29571	// (\u007F), including most punctuation characters, digits, and upper and lowercased
29572	// letters.
29573	PathPrefix *string `min:"1" type:"string"`
29574
29575	// The policy usage method to use for filtering the results.
29576	//
29577	// To list only permissions policies, set PolicyUsageFilter to PermissionsPolicy.
29578	// To list only the policies used to set permissions boundaries, set the value
29579	// to PermissionsBoundary.
29580	//
29581	// This parameter is optional. If it is not included, all policies are returned.
29582	PolicyUsageFilter *string `type:"string" enum:"PolicyUsageType"`
29583
29584	// The scope to use for filtering the results.
29585	//
29586	// To list only Amazon Web Services managed policies, set Scope to AWS. To list
29587	// only the customer managed policies in your Amazon Web Services account, set
29588	// Scope to Local.
29589	//
29590	// This parameter is optional. If it is not included, or if it is set to All,
29591	// all policies are returned.
29592	Scope *string `type:"string" enum:"PolicyScopeType"`
29593}
29594
29595// String returns the string representation.
29596//
29597// API parameter values that are decorated as "sensitive" in the API will not
29598// be included in the string output. The member name will be present, but the
29599// value will be replaced with "sensitive".
29600func (s ListPoliciesInput) String() string {
29601	return awsutil.Prettify(s)
29602}
29603
29604// GoString returns the string representation.
29605//
29606// API parameter values that are decorated as "sensitive" in the API will not
29607// be included in the string output. The member name will be present, but the
29608// value will be replaced with "sensitive".
29609func (s ListPoliciesInput) GoString() string {
29610	return s.String()
29611}
29612
29613// Validate inspects the fields of the type to determine if they are valid.
29614func (s *ListPoliciesInput) Validate() error {
29615	invalidParams := request.ErrInvalidParams{Context: "ListPoliciesInput"}
29616	if s.Marker != nil && len(*s.Marker) < 1 {
29617		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
29618	}
29619	if s.MaxItems != nil && *s.MaxItems < 1 {
29620		invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1))
29621	}
29622	if s.PathPrefix != nil && len(*s.PathPrefix) < 1 {
29623		invalidParams.Add(request.NewErrParamMinLen("PathPrefix", 1))
29624	}
29625
29626	if invalidParams.Len() > 0 {
29627		return invalidParams
29628	}
29629	return nil
29630}
29631
29632// SetMarker sets the Marker field's value.
29633func (s *ListPoliciesInput) SetMarker(v string) *ListPoliciesInput {
29634	s.Marker = &v
29635	return s
29636}
29637
29638// SetMaxItems sets the MaxItems field's value.
29639func (s *ListPoliciesInput) SetMaxItems(v int64) *ListPoliciesInput {
29640	s.MaxItems = &v
29641	return s
29642}
29643
29644// SetOnlyAttached sets the OnlyAttached field's value.
29645func (s *ListPoliciesInput) SetOnlyAttached(v bool) *ListPoliciesInput {
29646	s.OnlyAttached = &v
29647	return s
29648}
29649
29650// SetPathPrefix sets the PathPrefix field's value.
29651func (s *ListPoliciesInput) SetPathPrefix(v string) *ListPoliciesInput {
29652	s.PathPrefix = &v
29653	return s
29654}
29655
29656// SetPolicyUsageFilter sets the PolicyUsageFilter field's value.
29657func (s *ListPoliciesInput) SetPolicyUsageFilter(v string) *ListPoliciesInput {
29658	s.PolicyUsageFilter = &v
29659	return s
29660}
29661
29662// SetScope sets the Scope field's value.
29663func (s *ListPoliciesInput) SetScope(v string) *ListPoliciesInput {
29664	s.Scope = &v
29665	return s
29666}
29667
29668// Contains the response to a successful ListPolicies request.
29669type ListPoliciesOutput struct {
29670	_ struct{} `type:"structure"`
29671
29672	// A flag that indicates whether there are more items to return. If your results
29673	// were truncated, you can make a subsequent pagination request using the Marker
29674	// request parameter to retrieve more items. Note that IAM might return fewer
29675	// than the MaxItems number of results even when there are more results available.
29676	// We recommend that you check IsTruncated after every call to ensure that you
29677	// receive all your results.
29678	IsTruncated *bool `type:"boolean"`
29679
29680	// When IsTruncated is true, this element is present and contains the value
29681	// to use for the Marker parameter in a subsequent pagination request.
29682	Marker *string `type:"string"`
29683
29684	// A list of policies.
29685	Policies []*Policy `type:"list"`
29686}
29687
29688// String returns the string representation.
29689//
29690// API parameter values that are decorated as "sensitive" in the API will not
29691// be included in the string output. The member name will be present, but the
29692// value will be replaced with "sensitive".
29693func (s ListPoliciesOutput) String() string {
29694	return awsutil.Prettify(s)
29695}
29696
29697// GoString returns the string representation.
29698//
29699// API parameter values that are decorated as "sensitive" in the API will not
29700// be included in the string output. The member name will be present, but the
29701// value will be replaced with "sensitive".
29702func (s ListPoliciesOutput) GoString() string {
29703	return s.String()
29704}
29705
29706// SetIsTruncated sets the IsTruncated field's value.
29707func (s *ListPoliciesOutput) SetIsTruncated(v bool) *ListPoliciesOutput {
29708	s.IsTruncated = &v
29709	return s
29710}
29711
29712// SetMarker sets the Marker field's value.
29713func (s *ListPoliciesOutput) SetMarker(v string) *ListPoliciesOutput {
29714	s.Marker = &v
29715	return s
29716}
29717
29718// SetPolicies sets the Policies field's value.
29719func (s *ListPoliciesOutput) SetPolicies(v []*Policy) *ListPoliciesOutput {
29720	s.Policies = v
29721	return s
29722}
29723
29724type ListPolicyTagsInput struct {
29725	_ struct{} `type:"structure"`
29726
29727	// Use this parameter only when paginating results and only after you receive
29728	// a response indicating that the results are truncated. Set it to the value
29729	// of the Marker element in the response that you received to indicate where
29730	// the next call should start.
29731	Marker *string `min:"1" type:"string"`
29732
29733	// Use this only when paginating results to indicate the maximum number of items
29734	// you want in the response. If additional items exist beyond the maximum you
29735	// specify, the IsTruncated response element is true.
29736	//
29737	// If you do not include this parameter, the number of items defaults to 100.
29738	// Note that IAM might return fewer results, even when there are more results
29739	// available. In that case, the IsTruncated response element returns true, and
29740	// Marker contains a value to include in the subsequent call that tells the
29741	// service where to continue from.
29742	MaxItems *int64 `min:"1" type:"integer"`
29743
29744	// The ARN of the IAM customer managed policy whose tags you want to see.
29745	//
29746	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
29747	// a string of characters consisting of upper and lowercase alphanumeric characters
29748	// with no spaces. You can also include any of the following characters: _+=,.@-
29749	//
29750	// PolicyArn is a required field
29751	PolicyArn *string `min:"20" type:"string" required:"true"`
29752}
29753
29754// String returns the string representation.
29755//
29756// API parameter values that are decorated as "sensitive" in the API will not
29757// be included in the string output. The member name will be present, but the
29758// value will be replaced with "sensitive".
29759func (s ListPolicyTagsInput) String() string {
29760	return awsutil.Prettify(s)
29761}
29762
29763// GoString returns the string representation.
29764//
29765// API parameter values that are decorated as "sensitive" in the API will not
29766// be included in the string output. The member name will be present, but the
29767// value will be replaced with "sensitive".
29768func (s ListPolicyTagsInput) GoString() string {
29769	return s.String()
29770}
29771
29772// Validate inspects the fields of the type to determine if they are valid.
29773func (s *ListPolicyTagsInput) Validate() error {
29774	invalidParams := request.ErrInvalidParams{Context: "ListPolicyTagsInput"}
29775	if s.Marker != nil && len(*s.Marker) < 1 {
29776		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
29777	}
29778	if s.MaxItems != nil && *s.MaxItems < 1 {
29779		invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1))
29780	}
29781	if s.PolicyArn == nil {
29782		invalidParams.Add(request.NewErrParamRequired("PolicyArn"))
29783	}
29784	if s.PolicyArn != nil && len(*s.PolicyArn) < 20 {
29785		invalidParams.Add(request.NewErrParamMinLen("PolicyArn", 20))
29786	}
29787
29788	if invalidParams.Len() > 0 {
29789		return invalidParams
29790	}
29791	return nil
29792}
29793
29794// SetMarker sets the Marker field's value.
29795func (s *ListPolicyTagsInput) SetMarker(v string) *ListPolicyTagsInput {
29796	s.Marker = &v
29797	return s
29798}
29799
29800// SetMaxItems sets the MaxItems field's value.
29801func (s *ListPolicyTagsInput) SetMaxItems(v int64) *ListPolicyTagsInput {
29802	s.MaxItems = &v
29803	return s
29804}
29805
29806// SetPolicyArn sets the PolicyArn field's value.
29807func (s *ListPolicyTagsInput) SetPolicyArn(v string) *ListPolicyTagsInput {
29808	s.PolicyArn = &v
29809	return s
29810}
29811
29812type ListPolicyTagsOutput struct {
29813	_ struct{} `type:"structure"`
29814
29815	// A flag that indicates whether there are more items to return. If your results
29816	// were truncated, you can make a subsequent pagination request using the Marker
29817	// request parameter to retrieve more items. Note that IAM might return fewer
29818	// than the MaxItems number of results even when there are more results available.
29819	// We recommend that you check IsTruncated after every call to ensure that you
29820	// receive all your results.
29821	IsTruncated *bool `type:"boolean"`
29822
29823	// When IsTruncated is true, this element is present and contains the value
29824	// to use for the Marker parameter in a subsequent pagination request.
29825	Marker *string `type:"string"`
29826
29827	// The list of tags that are currently attached to the IAM customer managed
29828	// policy. Each tag consists of a key name and an associated value. If no tags
29829	// are attached to the specified resource, the response contains an empty list.
29830	//
29831	// Tags is a required field
29832	Tags []*Tag `type:"list" required:"true"`
29833}
29834
29835// String returns the string representation.
29836//
29837// API parameter values that are decorated as "sensitive" in the API will not
29838// be included in the string output. The member name will be present, but the
29839// value will be replaced with "sensitive".
29840func (s ListPolicyTagsOutput) String() string {
29841	return awsutil.Prettify(s)
29842}
29843
29844// GoString returns the string representation.
29845//
29846// API parameter values that are decorated as "sensitive" in the API will not
29847// be included in the string output. The member name will be present, but the
29848// value will be replaced with "sensitive".
29849func (s ListPolicyTagsOutput) GoString() string {
29850	return s.String()
29851}
29852
29853// SetIsTruncated sets the IsTruncated field's value.
29854func (s *ListPolicyTagsOutput) SetIsTruncated(v bool) *ListPolicyTagsOutput {
29855	s.IsTruncated = &v
29856	return s
29857}
29858
29859// SetMarker sets the Marker field's value.
29860func (s *ListPolicyTagsOutput) SetMarker(v string) *ListPolicyTagsOutput {
29861	s.Marker = &v
29862	return s
29863}
29864
29865// SetTags sets the Tags field's value.
29866func (s *ListPolicyTagsOutput) SetTags(v []*Tag) *ListPolicyTagsOutput {
29867	s.Tags = v
29868	return s
29869}
29870
29871type ListPolicyVersionsInput struct {
29872	_ struct{} `type:"structure"`
29873
29874	// Use this parameter only when paginating results and only after you receive
29875	// a response indicating that the results are truncated. Set it to the value
29876	// of the Marker element in the response that you received to indicate where
29877	// the next call should start.
29878	Marker *string `min:"1" type:"string"`
29879
29880	// Use this only when paginating results to indicate the maximum number of items
29881	// you want in the response. If additional items exist beyond the maximum you
29882	// specify, the IsTruncated response element is true.
29883	//
29884	// If you do not include this parameter, the number of items defaults to 100.
29885	// Note that IAM might return fewer results, even when there are more results
29886	// available. In that case, the IsTruncated response element returns true, and
29887	// Marker contains a value to include in the subsequent call that tells the
29888	// service where to continue from.
29889	MaxItems *int64 `min:"1" type:"integer"`
29890
29891	// The Amazon Resource Name (ARN) of the IAM policy for which you want the versions.
29892	//
29893	// For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
29894	// in the Amazon Web Services General Reference.
29895	//
29896	// PolicyArn is a required field
29897	PolicyArn *string `min:"20" type:"string" required:"true"`
29898}
29899
29900// String returns the string representation.
29901//
29902// API parameter values that are decorated as "sensitive" in the API will not
29903// be included in the string output. The member name will be present, but the
29904// value will be replaced with "sensitive".
29905func (s ListPolicyVersionsInput) String() string {
29906	return awsutil.Prettify(s)
29907}
29908
29909// GoString returns the string representation.
29910//
29911// API parameter values that are decorated as "sensitive" in the API will not
29912// be included in the string output. The member name will be present, but the
29913// value will be replaced with "sensitive".
29914func (s ListPolicyVersionsInput) GoString() string {
29915	return s.String()
29916}
29917
29918// Validate inspects the fields of the type to determine if they are valid.
29919func (s *ListPolicyVersionsInput) Validate() error {
29920	invalidParams := request.ErrInvalidParams{Context: "ListPolicyVersionsInput"}
29921	if s.Marker != nil && len(*s.Marker) < 1 {
29922		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
29923	}
29924	if s.MaxItems != nil && *s.MaxItems < 1 {
29925		invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1))
29926	}
29927	if s.PolicyArn == nil {
29928		invalidParams.Add(request.NewErrParamRequired("PolicyArn"))
29929	}
29930	if s.PolicyArn != nil && len(*s.PolicyArn) < 20 {
29931		invalidParams.Add(request.NewErrParamMinLen("PolicyArn", 20))
29932	}
29933
29934	if invalidParams.Len() > 0 {
29935		return invalidParams
29936	}
29937	return nil
29938}
29939
29940// SetMarker sets the Marker field's value.
29941func (s *ListPolicyVersionsInput) SetMarker(v string) *ListPolicyVersionsInput {
29942	s.Marker = &v
29943	return s
29944}
29945
29946// SetMaxItems sets the MaxItems field's value.
29947func (s *ListPolicyVersionsInput) SetMaxItems(v int64) *ListPolicyVersionsInput {
29948	s.MaxItems = &v
29949	return s
29950}
29951
29952// SetPolicyArn sets the PolicyArn field's value.
29953func (s *ListPolicyVersionsInput) SetPolicyArn(v string) *ListPolicyVersionsInput {
29954	s.PolicyArn = &v
29955	return s
29956}
29957
29958// Contains the response to a successful ListPolicyVersions request.
29959type ListPolicyVersionsOutput struct {
29960	_ struct{} `type:"structure"`
29961
29962	// A flag that indicates whether there are more items to return. If your results
29963	// were truncated, you can make a subsequent pagination request using the Marker
29964	// request parameter to retrieve more items. Note that IAM might return fewer
29965	// than the MaxItems number of results even when there are more results available.
29966	// We recommend that you check IsTruncated after every call to ensure that you
29967	// receive all your results.
29968	IsTruncated *bool `type:"boolean"`
29969
29970	// When IsTruncated is true, this element is present and contains the value
29971	// to use for the Marker parameter in a subsequent pagination request.
29972	Marker *string `type:"string"`
29973
29974	// A list of policy versions.
29975	//
29976	// For more information about managed policy versions, see Versioning for managed
29977	// policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-versions.html)
29978	// in the IAM User Guide.
29979	Versions []*PolicyVersion `type:"list"`
29980}
29981
29982// String returns the string representation.
29983//
29984// API parameter values that are decorated as "sensitive" in the API will not
29985// be included in the string output. The member name will be present, but the
29986// value will be replaced with "sensitive".
29987func (s ListPolicyVersionsOutput) String() string {
29988	return awsutil.Prettify(s)
29989}
29990
29991// GoString returns the string representation.
29992//
29993// API parameter values that are decorated as "sensitive" in the API will not
29994// be included in the string output. The member name will be present, but the
29995// value will be replaced with "sensitive".
29996func (s ListPolicyVersionsOutput) GoString() string {
29997	return s.String()
29998}
29999
30000// SetIsTruncated sets the IsTruncated field's value.
30001func (s *ListPolicyVersionsOutput) SetIsTruncated(v bool) *ListPolicyVersionsOutput {
30002	s.IsTruncated = &v
30003	return s
30004}
30005
30006// SetMarker sets the Marker field's value.
30007func (s *ListPolicyVersionsOutput) SetMarker(v string) *ListPolicyVersionsOutput {
30008	s.Marker = &v
30009	return s
30010}
30011
30012// SetVersions sets the Versions field's value.
30013func (s *ListPolicyVersionsOutput) SetVersions(v []*PolicyVersion) *ListPolicyVersionsOutput {
30014	s.Versions = v
30015	return s
30016}
30017
30018type ListRolePoliciesInput struct {
30019	_ struct{} `type:"structure"`
30020
30021	// Use this parameter only when paginating results and only after you receive
30022	// a response indicating that the results are truncated. Set it to the value
30023	// of the Marker element in the response that you received to indicate where
30024	// the next call should start.
30025	Marker *string `min:"1" type:"string"`
30026
30027	// Use this only when paginating results to indicate the maximum number of items
30028	// you want in the response. If additional items exist beyond the maximum you
30029	// specify, the IsTruncated response element is true.
30030	//
30031	// If you do not include this parameter, the number of items defaults to 100.
30032	// Note that IAM might return fewer results, even when there are more results
30033	// available. In that case, the IsTruncated response element returns true, and
30034	// Marker contains a value to include in the subsequent call that tells the
30035	// service where to continue from.
30036	MaxItems *int64 `min:"1" type:"integer"`
30037
30038	// The name of the role to list policies for.
30039	//
30040	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
30041	// a string of characters consisting of upper and lowercase alphanumeric characters
30042	// with no spaces. You can also include any of the following characters: _+=,.@-
30043	//
30044	// RoleName is a required field
30045	RoleName *string `min:"1" type:"string" required:"true"`
30046}
30047
30048// String returns the string representation.
30049//
30050// API parameter values that are decorated as "sensitive" in the API will not
30051// be included in the string output. The member name will be present, but the
30052// value will be replaced with "sensitive".
30053func (s ListRolePoliciesInput) String() string {
30054	return awsutil.Prettify(s)
30055}
30056
30057// GoString returns the string representation.
30058//
30059// API parameter values that are decorated as "sensitive" in the API will not
30060// be included in the string output. The member name will be present, but the
30061// value will be replaced with "sensitive".
30062func (s ListRolePoliciesInput) GoString() string {
30063	return s.String()
30064}
30065
30066// Validate inspects the fields of the type to determine if they are valid.
30067func (s *ListRolePoliciesInput) Validate() error {
30068	invalidParams := request.ErrInvalidParams{Context: "ListRolePoliciesInput"}
30069	if s.Marker != nil && len(*s.Marker) < 1 {
30070		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
30071	}
30072	if s.MaxItems != nil && *s.MaxItems < 1 {
30073		invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1))
30074	}
30075	if s.RoleName == nil {
30076		invalidParams.Add(request.NewErrParamRequired("RoleName"))
30077	}
30078	if s.RoleName != nil && len(*s.RoleName) < 1 {
30079		invalidParams.Add(request.NewErrParamMinLen("RoleName", 1))
30080	}
30081
30082	if invalidParams.Len() > 0 {
30083		return invalidParams
30084	}
30085	return nil
30086}
30087
30088// SetMarker sets the Marker field's value.
30089func (s *ListRolePoliciesInput) SetMarker(v string) *ListRolePoliciesInput {
30090	s.Marker = &v
30091	return s
30092}
30093
30094// SetMaxItems sets the MaxItems field's value.
30095func (s *ListRolePoliciesInput) SetMaxItems(v int64) *ListRolePoliciesInput {
30096	s.MaxItems = &v
30097	return s
30098}
30099
30100// SetRoleName sets the RoleName field's value.
30101func (s *ListRolePoliciesInput) SetRoleName(v string) *ListRolePoliciesInput {
30102	s.RoleName = &v
30103	return s
30104}
30105
30106// Contains the response to a successful ListRolePolicies request.
30107type ListRolePoliciesOutput struct {
30108	_ struct{} `type:"structure"`
30109
30110	// A flag that indicates whether there are more items to return. If your results
30111	// were truncated, you can make a subsequent pagination request using the Marker
30112	// request parameter to retrieve more items. Note that IAM might return fewer
30113	// than the MaxItems number of results even when there are more results available.
30114	// We recommend that you check IsTruncated after every call to ensure that you
30115	// receive all your results.
30116	IsTruncated *bool `type:"boolean"`
30117
30118	// When IsTruncated is true, this element is present and contains the value
30119	// to use for the Marker parameter in a subsequent pagination request.
30120	Marker *string `type:"string"`
30121
30122	// A list of policy names.
30123	//
30124	// PolicyNames is a required field
30125	PolicyNames []*string `type:"list" required:"true"`
30126}
30127
30128// String returns the string representation.
30129//
30130// API parameter values that are decorated as "sensitive" in the API will not
30131// be included in the string output. The member name will be present, but the
30132// value will be replaced with "sensitive".
30133func (s ListRolePoliciesOutput) String() string {
30134	return awsutil.Prettify(s)
30135}
30136
30137// GoString returns the string representation.
30138//
30139// API parameter values that are decorated as "sensitive" in the API will not
30140// be included in the string output. The member name will be present, but the
30141// value will be replaced with "sensitive".
30142func (s ListRolePoliciesOutput) GoString() string {
30143	return s.String()
30144}
30145
30146// SetIsTruncated sets the IsTruncated field's value.
30147func (s *ListRolePoliciesOutput) SetIsTruncated(v bool) *ListRolePoliciesOutput {
30148	s.IsTruncated = &v
30149	return s
30150}
30151
30152// SetMarker sets the Marker field's value.
30153func (s *ListRolePoliciesOutput) SetMarker(v string) *ListRolePoliciesOutput {
30154	s.Marker = &v
30155	return s
30156}
30157
30158// SetPolicyNames sets the PolicyNames field's value.
30159func (s *ListRolePoliciesOutput) SetPolicyNames(v []*string) *ListRolePoliciesOutput {
30160	s.PolicyNames = v
30161	return s
30162}
30163
30164type ListRoleTagsInput struct {
30165	_ struct{} `type:"structure"`
30166
30167	// Use this parameter only when paginating results and only after you receive
30168	// a response indicating that the results are truncated. Set it to the value
30169	// of the Marker element in the response that you received to indicate where
30170	// the next call should start.
30171	Marker *string `min:"1" type:"string"`
30172
30173	// Use this only when paginating results to indicate the maximum number of items
30174	// you want in the response. If additional items exist beyond the maximum you
30175	// specify, the IsTruncated response element is true.
30176	//
30177	// If you do not include this parameter, the number of items defaults to 100.
30178	// Note that IAM might return fewer results, even when there are more results
30179	// available. In that case, the IsTruncated response element returns true, and
30180	// Marker contains a value to include in the subsequent call that tells the
30181	// service where to continue from.
30182	MaxItems *int64 `min:"1" type:"integer"`
30183
30184	// The name of the IAM role for which you want to see the list of tags.
30185	//
30186	// This parameter accepts (through its regex pattern (http://wikipedia.org/wiki/regex))
30187	// a string of characters that consist of upper and lowercase alphanumeric characters
30188	// with no spaces. You can also include any of the following characters: _+=,.@-
30189	//
30190	// RoleName is a required field
30191	RoleName *string `min:"1" type:"string" required:"true"`
30192}
30193
30194// String returns the string representation.
30195//
30196// API parameter values that are decorated as "sensitive" in the API will not
30197// be included in the string output. The member name will be present, but the
30198// value will be replaced with "sensitive".
30199func (s ListRoleTagsInput) String() string {
30200	return awsutil.Prettify(s)
30201}
30202
30203// GoString returns the string representation.
30204//
30205// API parameter values that are decorated as "sensitive" in the API will not
30206// be included in the string output. The member name will be present, but the
30207// value will be replaced with "sensitive".
30208func (s ListRoleTagsInput) GoString() string {
30209	return s.String()
30210}
30211
30212// Validate inspects the fields of the type to determine if they are valid.
30213func (s *ListRoleTagsInput) Validate() error {
30214	invalidParams := request.ErrInvalidParams{Context: "ListRoleTagsInput"}
30215	if s.Marker != nil && len(*s.Marker) < 1 {
30216		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
30217	}
30218	if s.MaxItems != nil && *s.MaxItems < 1 {
30219		invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1))
30220	}
30221	if s.RoleName == nil {
30222		invalidParams.Add(request.NewErrParamRequired("RoleName"))
30223	}
30224	if s.RoleName != nil && len(*s.RoleName) < 1 {
30225		invalidParams.Add(request.NewErrParamMinLen("RoleName", 1))
30226	}
30227
30228	if invalidParams.Len() > 0 {
30229		return invalidParams
30230	}
30231	return nil
30232}
30233
30234// SetMarker sets the Marker field's value.
30235func (s *ListRoleTagsInput) SetMarker(v string) *ListRoleTagsInput {
30236	s.Marker = &v
30237	return s
30238}
30239
30240// SetMaxItems sets the MaxItems field's value.
30241func (s *ListRoleTagsInput) SetMaxItems(v int64) *ListRoleTagsInput {
30242	s.MaxItems = &v
30243	return s
30244}
30245
30246// SetRoleName sets the RoleName field's value.
30247func (s *ListRoleTagsInput) SetRoleName(v string) *ListRoleTagsInput {
30248	s.RoleName = &v
30249	return s
30250}
30251
30252type ListRoleTagsOutput struct {
30253	_ struct{} `type:"structure"`
30254
30255	// A flag that indicates whether there are more items to return. If your results
30256	// were truncated, you can make a subsequent pagination request using the Marker
30257	// request parameter to retrieve more items. Note that IAM might return fewer
30258	// than the MaxItems number of results even when there are more results available.
30259	// We recommend that you check IsTruncated after every call to ensure that you
30260	// receive all your results.
30261	IsTruncated *bool `type:"boolean"`
30262
30263	// When IsTruncated is true, this element is present and contains the value
30264	// to use for the Marker parameter in a subsequent pagination request.
30265	Marker *string `type:"string"`
30266
30267	// The list of tags that are currently attached to the role. Each tag consists
30268	// of a key name and an associated value. If no tags are attached to the specified
30269	// resource, the response contains an empty list.
30270	//
30271	// Tags is a required field
30272	Tags []*Tag `type:"list" required:"true"`
30273}
30274
30275// String returns the string representation.
30276//
30277// API parameter values that are decorated as "sensitive" in the API will not
30278// be included in the string output. The member name will be present, but the
30279// value will be replaced with "sensitive".
30280func (s ListRoleTagsOutput) String() string {
30281	return awsutil.Prettify(s)
30282}
30283
30284// GoString returns the string representation.
30285//
30286// API parameter values that are decorated as "sensitive" in the API will not
30287// be included in the string output. The member name will be present, but the
30288// value will be replaced with "sensitive".
30289func (s ListRoleTagsOutput) GoString() string {
30290	return s.String()
30291}
30292
30293// SetIsTruncated sets the IsTruncated field's value.
30294func (s *ListRoleTagsOutput) SetIsTruncated(v bool) *ListRoleTagsOutput {
30295	s.IsTruncated = &v
30296	return s
30297}
30298
30299// SetMarker sets the Marker field's value.
30300func (s *ListRoleTagsOutput) SetMarker(v string) *ListRoleTagsOutput {
30301	s.Marker = &v
30302	return s
30303}
30304
30305// SetTags sets the Tags field's value.
30306func (s *ListRoleTagsOutput) SetTags(v []*Tag) *ListRoleTagsOutput {
30307	s.Tags = v
30308	return s
30309}
30310
30311type ListRolesInput struct {
30312	_ struct{} `type:"structure"`
30313
30314	// Use this parameter only when paginating results and only after you receive
30315	// a response indicating that the results are truncated. Set it to the value
30316	// of the Marker element in the response that you received to indicate where
30317	// the next call should start.
30318	Marker *string `min:"1" type:"string"`
30319
30320	// Use this only when paginating results to indicate the maximum number of items
30321	// you want in the response. If additional items exist beyond the maximum you
30322	// specify, the IsTruncated response element is true.
30323	//
30324	// If you do not include this parameter, the number of items defaults to 100.
30325	// Note that IAM might return fewer results, even when there are more results
30326	// available. In that case, the IsTruncated response element returns true, and
30327	// Marker contains a value to include in the subsequent call that tells the
30328	// service where to continue from.
30329	MaxItems *int64 `min:"1" type:"integer"`
30330
30331	// The path prefix for filtering the results. For example, the prefix /application_abc/component_xyz/
30332	// gets all roles whose path starts with /application_abc/component_xyz/.
30333	//
30334	// This parameter is optional. If it is not included, it defaults to a slash
30335	// (/), listing all roles. This parameter allows (through its regex pattern
30336	// (http://wikipedia.org/wiki/regex)) a string of characters consisting of either
30337	// a forward slash (/) by itself or a string that must begin and end with forward
30338	// slashes. In addition, it can contain any ASCII character from the ! (\u0021)
30339	// through the DEL character (\u007F), including most punctuation characters,
30340	// digits, and upper and lowercased letters.
30341	PathPrefix *string `min:"1" type:"string"`
30342}
30343
30344// String returns the string representation.
30345//
30346// API parameter values that are decorated as "sensitive" in the API will not
30347// be included in the string output. The member name will be present, but the
30348// value will be replaced with "sensitive".
30349func (s ListRolesInput) String() string {
30350	return awsutil.Prettify(s)
30351}
30352
30353// GoString returns the string representation.
30354//
30355// API parameter values that are decorated as "sensitive" in the API will not
30356// be included in the string output. The member name will be present, but the
30357// value will be replaced with "sensitive".
30358func (s ListRolesInput) GoString() string {
30359	return s.String()
30360}
30361
30362// Validate inspects the fields of the type to determine if they are valid.
30363func (s *ListRolesInput) Validate() error {
30364	invalidParams := request.ErrInvalidParams{Context: "ListRolesInput"}
30365	if s.Marker != nil && len(*s.Marker) < 1 {
30366		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
30367	}
30368	if s.MaxItems != nil && *s.MaxItems < 1 {
30369		invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1))
30370	}
30371	if s.PathPrefix != nil && len(*s.PathPrefix) < 1 {
30372		invalidParams.Add(request.NewErrParamMinLen("PathPrefix", 1))
30373	}
30374
30375	if invalidParams.Len() > 0 {
30376		return invalidParams
30377	}
30378	return nil
30379}
30380
30381// SetMarker sets the Marker field's value.
30382func (s *ListRolesInput) SetMarker(v string) *ListRolesInput {
30383	s.Marker = &v
30384	return s
30385}
30386
30387// SetMaxItems sets the MaxItems field's value.
30388func (s *ListRolesInput) SetMaxItems(v int64) *ListRolesInput {
30389	s.MaxItems = &v
30390	return s
30391}
30392
30393// SetPathPrefix sets the PathPrefix field's value.
30394func (s *ListRolesInput) SetPathPrefix(v string) *ListRolesInput {
30395	s.PathPrefix = &v
30396	return s
30397}
30398
30399// Contains the response to a successful ListRoles request.
30400type ListRolesOutput struct {
30401	_ struct{} `type:"structure"`
30402
30403	// A flag that indicates whether there are more items to return. If your results
30404	// were truncated, you can make a subsequent pagination request using the Marker
30405	// request parameter to retrieve more items. Note that IAM might return fewer
30406	// than the MaxItems number of results even when there are more results available.
30407	// We recommend that you check IsTruncated after every call to ensure that you
30408	// receive all your results.
30409	IsTruncated *bool `type:"boolean"`
30410
30411	// When IsTruncated is true, this element is present and contains the value
30412	// to use for the Marker parameter in a subsequent pagination request.
30413	Marker *string `type:"string"`
30414
30415	// A list of roles.
30416	//
30417	// Roles is a required field
30418	Roles []*Role `type:"list" required:"true"`
30419}
30420
30421// String returns the string representation.
30422//
30423// API parameter values that are decorated as "sensitive" in the API will not
30424// be included in the string output. The member name will be present, but the
30425// value will be replaced with "sensitive".
30426func (s ListRolesOutput) String() string {
30427	return awsutil.Prettify(s)
30428}
30429
30430// GoString returns the string representation.
30431//
30432// API parameter values that are decorated as "sensitive" in the API will not
30433// be included in the string output. The member name will be present, but the
30434// value will be replaced with "sensitive".
30435func (s ListRolesOutput) GoString() string {
30436	return s.String()
30437}
30438
30439// SetIsTruncated sets the IsTruncated field's value.
30440func (s *ListRolesOutput) SetIsTruncated(v bool) *ListRolesOutput {
30441	s.IsTruncated = &v
30442	return s
30443}
30444
30445// SetMarker sets the Marker field's value.
30446func (s *ListRolesOutput) SetMarker(v string) *ListRolesOutput {
30447	s.Marker = &v
30448	return s
30449}
30450
30451// SetRoles sets the Roles field's value.
30452func (s *ListRolesOutput) SetRoles(v []*Role) *ListRolesOutput {
30453	s.Roles = v
30454	return s
30455}
30456
30457type ListSAMLProviderTagsInput struct {
30458	_ struct{} `type:"structure"`
30459
30460	// Use this parameter only when paginating results and only after you receive
30461	// a response indicating that the results are truncated. Set it to the value
30462	// of the Marker element in the response that you received to indicate where
30463	// the next call should start.
30464	Marker *string `min:"1" type:"string"`
30465
30466	// Use this only when paginating results to indicate the maximum number of items
30467	// you want in the response. If additional items exist beyond the maximum you
30468	// specify, the IsTruncated response element is true.
30469	//
30470	// If you do not include this parameter, the number of items defaults to 100.
30471	// Note that IAM might return fewer results, even when there are more results
30472	// available. In that case, the IsTruncated response element returns true, and
30473	// Marker contains a value to include in the subsequent call that tells the
30474	// service where to continue from.
30475	MaxItems *int64 `min:"1" type:"integer"`
30476
30477	// The ARN of the Security Assertion Markup Language (SAML) identity provider
30478	// whose tags you want to see.
30479	//
30480	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
30481	// a string of characters consisting of upper and lowercase alphanumeric characters
30482	// with no spaces. You can also include any of the following characters: _+=,.@-
30483	//
30484	// SAMLProviderArn is a required field
30485	SAMLProviderArn *string `min:"20" type:"string" required:"true"`
30486}
30487
30488// String returns the string representation.
30489//
30490// API parameter values that are decorated as "sensitive" in the API will not
30491// be included in the string output. The member name will be present, but the
30492// value will be replaced with "sensitive".
30493func (s ListSAMLProviderTagsInput) String() string {
30494	return awsutil.Prettify(s)
30495}
30496
30497// GoString returns the string representation.
30498//
30499// API parameter values that are decorated as "sensitive" in the API will not
30500// be included in the string output. The member name will be present, but the
30501// value will be replaced with "sensitive".
30502func (s ListSAMLProviderTagsInput) GoString() string {
30503	return s.String()
30504}
30505
30506// Validate inspects the fields of the type to determine if they are valid.
30507func (s *ListSAMLProviderTagsInput) Validate() error {
30508	invalidParams := request.ErrInvalidParams{Context: "ListSAMLProviderTagsInput"}
30509	if s.Marker != nil && len(*s.Marker) < 1 {
30510		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
30511	}
30512	if s.MaxItems != nil && *s.MaxItems < 1 {
30513		invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1))
30514	}
30515	if s.SAMLProviderArn == nil {
30516		invalidParams.Add(request.NewErrParamRequired("SAMLProviderArn"))
30517	}
30518	if s.SAMLProviderArn != nil && len(*s.SAMLProviderArn) < 20 {
30519		invalidParams.Add(request.NewErrParamMinLen("SAMLProviderArn", 20))
30520	}
30521
30522	if invalidParams.Len() > 0 {
30523		return invalidParams
30524	}
30525	return nil
30526}
30527
30528// SetMarker sets the Marker field's value.
30529func (s *ListSAMLProviderTagsInput) SetMarker(v string) *ListSAMLProviderTagsInput {
30530	s.Marker = &v
30531	return s
30532}
30533
30534// SetMaxItems sets the MaxItems field's value.
30535func (s *ListSAMLProviderTagsInput) SetMaxItems(v int64) *ListSAMLProviderTagsInput {
30536	s.MaxItems = &v
30537	return s
30538}
30539
30540// SetSAMLProviderArn sets the SAMLProviderArn field's value.
30541func (s *ListSAMLProviderTagsInput) SetSAMLProviderArn(v string) *ListSAMLProviderTagsInput {
30542	s.SAMLProviderArn = &v
30543	return s
30544}
30545
30546type ListSAMLProviderTagsOutput struct {
30547	_ struct{} `type:"structure"`
30548
30549	// A flag that indicates whether there are more items to return. If your results
30550	// were truncated, you can make a subsequent pagination request using the Marker
30551	// request parameter to retrieve more items. Note that IAM might return fewer
30552	// than the MaxItems number of results even when there are more results available.
30553	// We recommend that you check IsTruncated after every call to ensure that you
30554	// receive all your results.
30555	IsTruncated *bool `type:"boolean"`
30556
30557	// When IsTruncated is true, this element is present and contains the value
30558	// to use for the Marker parameter in a subsequent pagination request.
30559	Marker *string `type:"string"`
30560
30561	// The list of tags that are currently attached to the Security Assertion Markup
30562	// Language (SAML) identity provider. Each tag consists of a key name and an
30563	// associated value. If no tags are attached to the specified resource, the
30564	// response contains an empty list.
30565	//
30566	// Tags is a required field
30567	Tags []*Tag `type:"list" required:"true"`
30568}
30569
30570// String returns the string representation.
30571//
30572// API parameter values that are decorated as "sensitive" in the API will not
30573// be included in the string output. The member name will be present, but the
30574// value will be replaced with "sensitive".
30575func (s ListSAMLProviderTagsOutput) String() string {
30576	return awsutil.Prettify(s)
30577}
30578
30579// GoString returns the string representation.
30580//
30581// API parameter values that are decorated as "sensitive" in the API will not
30582// be included in the string output. The member name will be present, but the
30583// value will be replaced with "sensitive".
30584func (s ListSAMLProviderTagsOutput) GoString() string {
30585	return s.String()
30586}
30587
30588// SetIsTruncated sets the IsTruncated field's value.
30589func (s *ListSAMLProviderTagsOutput) SetIsTruncated(v bool) *ListSAMLProviderTagsOutput {
30590	s.IsTruncated = &v
30591	return s
30592}
30593
30594// SetMarker sets the Marker field's value.
30595func (s *ListSAMLProviderTagsOutput) SetMarker(v string) *ListSAMLProviderTagsOutput {
30596	s.Marker = &v
30597	return s
30598}
30599
30600// SetTags sets the Tags field's value.
30601func (s *ListSAMLProviderTagsOutput) SetTags(v []*Tag) *ListSAMLProviderTagsOutput {
30602	s.Tags = v
30603	return s
30604}
30605
30606type ListSAMLProvidersInput struct {
30607	_ struct{} `type:"structure"`
30608}
30609
30610// String returns the string representation.
30611//
30612// API parameter values that are decorated as "sensitive" in the API will not
30613// be included in the string output. The member name will be present, but the
30614// value will be replaced with "sensitive".
30615func (s ListSAMLProvidersInput) String() string {
30616	return awsutil.Prettify(s)
30617}
30618
30619// GoString returns the string representation.
30620//
30621// API parameter values that are decorated as "sensitive" in the API will not
30622// be included in the string output. The member name will be present, but the
30623// value will be replaced with "sensitive".
30624func (s ListSAMLProvidersInput) GoString() string {
30625	return s.String()
30626}
30627
30628// Contains the response to a successful ListSAMLProviders request.
30629type ListSAMLProvidersOutput struct {
30630	_ struct{} `type:"structure"`
30631
30632	// The list of SAML provider resource objects defined in IAM for this Amazon
30633	// Web Services account.
30634	SAMLProviderList []*SAMLProviderListEntry `type:"list"`
30635}
30636
30637// String returns the string representation.
30638//
30639// API parameter values that are decorated as "sensitive" in the API will not
30640// be included in the string output. The member name will be present, but the
30641// value will be replaced with "sensitive".
30642func (s ListSAMLProvidersOutput) String() string {
30643	return awsutil.Prettify(s)
30644}
30645
30646// GoString returns the string representation.
30647//
30648// API parameter values that are decorated as "sensitive" in the API will not
30649// be included in the string output. The member name will be present, but the
30650// value will be replaced with "sensitive".
30651func (s ListSAMLProvidersOutput) GoString() string {
30652	return s.String()
30653}
30654
30655// SetSAMLProviderList sets the SAMLProviderList field's value.
30656func (s *ListSAMLProvidersOutput) SetSAMLProviderList(v []*SAMLProviderListEntry) *ListSAMLProvidersOutput {
30657	s.SAMLProviderList = v
30658	return s
30659}
30660
30661type ListSSHPublicKeysInput struct {
30662	_ struct{} `type:"structure"`
30663
30664	// Use this parameter only when paginating results and only after you receive
30665	// a response indicating that the results are truncated. Set it to the value
30666	// of the Marker element in the response that you received to indicate where
30667	// the next call should start.
30668	Marker *string `min:"1" type:"string"`
30669
30670	// Use this only when paginating results to indicate the maximum number of items
30671	// you want in the response. If additional items exist beyond the maximum you
30672	// specify, the IsTruncated response element is true.
30673	//
30674	// If you do not include this parameter, the number of items defaults to 100.
30675	// Note that IAM might return fewer results, even when there are more results
30676	// available. In that case, the IsTruncated response element returns true, and
30677	// Marker contains a value to include in the subsequent call that tells the
30678	// service where to continue from.
30679	MaxItems *int64 `min:"1" type:"integer"`
30680
30681	// The name of the IAM user to list SSH public keys for. If none is specified,
30682	// the UserName field is determined implicitly based on the Amazon Web Services
30683	// access key used to sign the request.
30684	//
30685	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
30686	// a string of characters consisting of upper and lowercase alphanumeric characters
30687	// with no spaces. You can also include any of the following characters: _+=,.@-
30688	UserName *string `min:"1" type:"string"`
30689}
30690
30691// String returns the string representation.
30692//
30693// API parameter values that are decorated as "sensitive" in the API will not
30694// be included in the string output. The member name will be present, but the
30695// value will be replaced with "sensitive".
30696func (s ListSSHPublicKeysInput) String() string {
30697	return awsutil.Prettify(s)
30698}
30699
30700// GoString returns the string representation.
30701//
30702// API parameter values that are decorated as "sensitive" in the API will not
30703// be included in the string output. The member name will be present, but the
30704// value will be replaced with "sensitive".
30705func (s ListSSHPublicKeysInput) GoString() string {
30706	return s.String()
30707}
30708
30709// Validate inspects the fields of the type to determine if they are valid.
30710func (s *ListSSHPublicKeysInput) Validate() error {
30711	invalidParams := request.ErrInvalidParams{Context: "ListSSHPublicKeysInput"}
30712	if s.Marker != nil && len(*s.Marker) < 1 {
30713		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
30714	}
30715	if s.MaxItems != nil && *s.MaxItems < 1 {
30716		invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1))
30717	}
30718	if s.UserName != nil && len(*s.UserName) < 1 {
30719		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
30720	}
30721
30722	if invalidParams.Len() > 0 {
30723		return invalidParams
30724	}
30725	return nil
30726}
30727
30728// SetMarker sets the Marker field's value.
30729func (s *ListSSHPublicKeysInput) SetMarker(v string) *ListSSHPublicKeysInput {
30730	s.Marker = &v
30731	return s
30732}
30733
30734// SetMaxItems sets the MaxItems field's value.
30735func (s *ListSSHPublicKeysInput) SetMaxItems(v int64) *ListSSHPublicKeysInput {
30736	s.MaxItems = &v
30737	return s
30738}
30739
30740// SetUserName sets the UserName field's value.
30741func (s *ListSSHPublicKeysInput) SetUserName(v string) *ListSSHPublicKeysInput {
30742	s.UserName = &v
30743	return s
30744}
30745
30746// Contains the response to a successful ListSSHPublicKeys request.
30747type ListSSHPublicKeysOutput struct {
30748	_ struct{} `type:"structure"`
30749
30750	// A flag that indicates whether there are more items to return. If your results
30751	// were truncated, you can make a subsequent pagination request using the Marker
30752	// request parameter to retrieve more items. Note that IAM might return fewer
30753	// than the MaxItems number of results even when there are more results available.
30754	// We recommend that you check IsTruncated after every call to ensure that you
30755	// receive all your results.
30756	IsTruncated *bool `type:"boolean"`
30757
30758	// When IsTruncated is true, this element is present and contains the value
30759	// to use for the Marker parameter in a subsequent pagination request.
30760	Marker *string `type:"string"`
30761
30762	// A list of the SSH public keys assigned to IAM user.
30763	SSHPublicKeys []*SSHPublicKeyMetadata `type:"list"`
30764}
30765
30766// String returns the string representation.
30767//
30768// API parameter values that are decorated as "sensitive" in the API will not
30769// be included in the string output. The member name will be present, but the
30770// value will be replaced with "sensitive".
30771func (s ListSSHPublicKeysOutput) String() string {
30772	return awsutil.Prettify(s)
30773}
30774
30775// GoString returns the string representation.
30776//
30777// API parameter values that are decorated as "sensitive" in the API will not
30778// be included in the string output. The member name will be present, but the
30779// value will be replaced with "sensitive".
30780func (s ListSSHPublicKeysOutput) GoString() string {
30781	return s.String()
30782}
30783
30784// SetIsTruncated sets the IsTruncated field's value.
30785func (s *ListSSHPublicKeysOutput) SetIsTruncated(v bool) *ListSSHPublicKeysOutput {
30786	s.IsTruncated = &v
30787	return s
30788}
30789
30790// SetMarker sets the Marker field's value.
30791func (s *ListSSHPublicKeysOutput) SetMarker(v string) *ListSSHPublicKeysOutput {
30792	s.Marker = &v
30793	return s
30794}
30795
30796// SetSSHPublicKeys sets the SSHPublicKeys field's value.
30797func (s *ListSSHPublicKeysOutput) SetSSHPublicKeys(v []*SSHPublicKeyMetadata) *ListSSHPublicKeysOutput {
30798	s.SSHPublicKeys = v
30799	return s
30800}
30801
30802type ListServerCertificateTagsInput struct {
30803	_ struct{} `type:"structure"`
30804
30805	// Use this parameter only when paginating results and only after you receive
30806	// a response indicating that the results are truncated. Set it to the value
30807	// of the Marker element in the response that you received to indicate where
30808	// the next call should start.
30809	Marker *string `min:"1" type:"string"`
30810
30811	// Use this only when paginating results to indicate the maximum number of items
30812	// you want in the response. If additional items exist beyond the maximum you
30813	// specify, the IsTruncated response element is true.
30814	//
30815	// If you do not include this parameter, the number of items defaults to 100.
30816	// Note that IAM might return fewer results, even when there are more results
30817	// available. In that case, the IsTruncated response element returns true, and
30818	// Marker contains a value to include in the subsequent call that tells the
30819	// service where to continue from.
30820	MaxItems *int64 `min:"1" type:"integer"`
30821
30822	// The name of the IAM server certificate whose tags you want to see.
30823	//
30824	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
30825	// a string of characters consisting of upper and lowercase alphanumeric characters
30826	// with no spaces. You can also include any of the following characters: _+=,.@-
30827	//
30828	// ServerCertificateName is a required field
30829	ServerCertificateName *string `min:"1" type:"string" required:"true"`
30830}
30831
30832// String returns the string representation.
30833//
30834// API parameter values that are decorated as "sensitive" in the API will not
30835// be included in the string output. The member name will be present, but the
30836// value will be replaced with "sensitive".
30837func (s ListServerCertificateTagsInput) String() string {
30838	return awsutil.Prettify(s)
30839}
30840
30841// GoString returns the string representation.
30842//
30843// API parameter values that are decorated as "sensitive" in the API will not
30844// be included in the string output. The member name will be present, but the
30845// value will be replaced with "sensitive".
30846func (s ListServerCertificateTagsInput) GoString() string {
30847	return s.String()
30848}
30849
30850// Validate inspects the fields of the type to determine if they are valid.
30851func (s *ListServerCertificateTagsInput) Validate() error {
30852	invalidParams := request.ErrInvalidParams{Context: "ListServerCertificateTagsInput"}
30853	if s.Marker != nil && len(*s.Marker) < 1 {
30854		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
30855	}
30856	if s.MaxItems != nil && *s.MaxItems < 1 {
30857		invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1))
30858	}
30859	if s.ServerCertificateName == nil {
30860		invalidParams.Add(request.NewErrParamRequired("ServerCertificateName"))
30861	}
30862	if s.ServerCertificateName != nil && len(*s.ServerCertificateName) < 1 {
30863		invalidParams.Add(request.NewErrParamMinLen("ServerCertificateName", 1))
30864	}
30865
30866	if invalidParams.Len() > 0 {
30867		return invalidParams
30868	}
30869	return nil
30870}
30871
30872// SetMarker sets the Marker field's value.
30873func (s *ListServerCertificateTagsInput) SetMarker(v string) *ListServerCertificateTagsInput {
30874	s.Marker = &v
30875	return s
30876}
30877
30878// SetMaxItems sets the MaxItems field's value.
30879func (s *ListServerCertificateTagsInput) SetMaxItems(v int64) *ListServerCertificateTagsInput {
30880	s.MaxItems = &v
30881	return s
30882}
30883
30884// SetServerCertificateName sets the ServerCertificateName field's value.
30885func (s *ListServerCertificateTagsInput) SetServerCertificateName(v string) *ListServerCertificateTagsInput {
30886	s.ServerCertificateName = &v
30887	return s
30888}
30889
30890type ListServerCertificateTagsOutput struct {
30891	_ struct{} `type:"structure"`
30892
30893	// A flag that indicates whether there are more items to return. If your results
30894	// were truncated, you can make a subsequent pagination request using the Marker
30895	// request parameter to retrieve more items. Note that IAM might return fewer
30896	// than the MaxItems number of results even when there are more results available.
30897	// We recommend that you check IsTruncated after every call to ensure that you
30898	// receive all your results.
30899	IsTruncated *bool `type:"boolean"`
30900
30901	// When IsTruncated is true, this element is present and contains the value
30902	// to use for the Marker parameter in a subsequent pagination request.
30903	Marker *string `type:"string"`
30904
30905	// The list of tags that are currently attached to the IAM server certificate.
30906	// Each tag consists of a key name and an associated value. If no tags are attached
30907	// to the specified resource, the response contains an empty list.
30908	//
30909	// Tags is a required field
30910	Tags []*Tag `type:"list" required:"true"`
30911}
30912
30913// String returns the string representation.
30914//
30915// API parameter values that are decorated as "sensitive" in the API will not
30916// be included in the string output. The member name will be present, but the
30917// value will be replaced with "sensitive".
30918func (s ListServerCertificateTagsOutput) String() string {
30919	return awsutil.Prettify(s)
30920}
30921
30922// GoString returns the string representation.
30923//
30924// API parameter values that are decorated as "sensitive" in the API will not
30925// be included in the string output. The member name will be present, but the
30926// value will be replaced with "sensitive".
30927func (s ListServerCertificateTagsOutput) GoString() string {
30928	return s.String()
30929}
30930
30931// SetIsTruncated sets the IsTruncated field's value.
30932func (s *ListServerCertificateTagsOutput) SetIsTruncated(v bool) *ListServerCertificateTagsOutput {
30933	s.IsTruncated = &v
30934	return s
30935}
30936
30937// SetMarker sets the Marker field's value.
30938func (s *ListServerCertificateTagsOutput) SetMarker(v string) *ListServerCertificateTagsOutput {
30939	s.Marker = &v
30940	return s
30941}
30942
30943// SetTags sets the Tags field's value.
30944func (s *ListServerCertificateTagsOutput) SetTags(v []*Tag) *ListServerCertificateTagsOutput {
30945	s.Tags = v
30946	return s
30947}
30948
30949type ListServerCertificatesInput struct {
30950	_ struct{} `type:"structure"`
30951
30952	// Use this parameter only when paginating results and only after you receive
30953	// a response indicating that the results are truncated. Set it to the value
30954	// of the Marker element in the response that you received to indicate where
30955	// the next call should start.
30956	Marker *string `min:"1" type:"string"`
30957
30958	// Use this only when paginating results to indicate the maximum number of items
30959	// you want in the response. If additional items exist beyond the maximum you
30960	// specify, the IsTruncated response element is true.
30961	//
30962	// If you do not include this parameter, the number of items defaults to 100.
30963	// Note that IAM might return fewer results, even when there are more results
30964	// available. In that case, the IsTruncated response element returns true, and
30965	// Marker contains a value to include in the subsequent call that tells the
30966	// service where to continue from.
30967	MaxItems *int64 `min:"1" type:"integer"`
30968
30969	// The path prefix for filtering the results. For example: /company/servercerts
30970	// would get all server certificates for which the path starts with /company/servercerts.
30971	//
30972	// This parameter is optional. If it is not included, it defaults to a slash
30973	// (/), listing all server certificates. This parameter allows (through its
30974	// regex pattern (http://wikipedia.org/wiki/regex)) a string of characters consisting
30975	// of either a forward slash (/) by itself or a string that must begin and end
30976	// with forward slashes. In addition, it can contain any ASCII character from
30977	// the ! (\u0021) through the DEL character (\u007F), including most punctuation
30978	// characters, digits, and upper and lowercased letters.
30979	PathPrefix *string `min:"1" type:"string"`
30980}
30981
30982// String returns the string representation.
30983//
30984// API parameter values that are decorated as "sensitive" in the API will not
30985// be included in the string output. The member name will be present, but the
30986// value will be replaced with "sensitive".
30987func (s ListServerCertificatesInput) String() string {
30988	return awsutil.Prettify(s)
30989}
30990
30991// GoString returns the string representation.
30992//
30993// API parameter values that are decorated as "sensitive" in the API will not
30994// be included in the string output. The member name will be present, but the
30995// value will be replaced with "sensitive".
30996func (s ListServerCertificatesInput) GoString() string {
30997	return s.String()
30998}
30999
31000// Validate inspects the fields of the type to determine if they are valid.
31001func (s *ListServerCertificatesInput) Validate() error {
31002	invalidParams := request.ErrInvalidParams{Context: "ListServerCertificatesInput"}
31003	if s.Marker != nil && len(*s.Marker) < 1 {
31004		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
31005	}
31006	if s.MaxItems != nil && *s.MaxItems < 1 {
31007		invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1))
31008	}
31009	if s.PathPrefix != nil && len(*s.PathPrefix) < 1 {
31010		invalidParams.Add(request.NewErrParamMinLen("PathPrefix", 1))
31011	}
31012
31013	if invalidParams.Len() > 0 {
31014		return invalidParams
31015	}
31016	return nil
31017}
31018
31019// SetMarker sets the Marker field's value.
31020func (s *ListServerCertificatesInput) SetMarker(v string) *ListServerCertificatesInput {
31021	s.Marker = &v
31022	return s
31023}
31024
31025// SetMaxItems sets the MaxItems field's value.
31026func (s *ListServerCertificatesInput) SetMaxItems(v int64) *ListServerCertificatesInput {
31027	s.MaxItems = &v
31028	return s
31029}
31030
31031// SetPathPrefix sets the PathPrefix field's value.
31032func (s *ListServerCertificatesInput) SetPathPrefix(v string) *ListServerCertificatesInput {
31033	s.PathPrefix = &v
31034	return s
31035}
31036
31037// Contains the response to a successful ListServerCertificates request.
31038type ListServerCertificatesOutput struct {
31039	_ struct{} `type:"structure"`
31040
31041	// A flag that indicates whether there are more items to return. If your results
31042	// were truncated, you can make a subsequent pagination request using the Marker
31043	// request parameter to retrieve more items. Note that IAM might return fewer
31044	// than the MaxItems number of results even when there are more results available.
31045	// We recommend that you check IsTruncated after every call to ensure that you
31046	// receive all your results.
31047	IsTruncated *bool `type:"boolean"`
31048
31049	// When IsTruncated is true, this element is present and contains the value
31050	// to use for the Marker parameter in a subsequent pagination request.
31051	Marker *string `type:"string"`
31052
31053	// A list of server certificates.
31054	//
31055	// ServerCertificateMetadataList is a required field
31056	ServerCertificateMetadataList []*ServerCertificateMetadata `type:"list" required:"true"`
31057}
31058
31059// String returns the string representation.
31060//
31061// API parameter values that are decorated as "sensitive" in the API will not
31062// be included in the string output. The member name will be present, but the
31063// value will be replaced with "sensitive".
31064func (s ListServerCertificatesOutput) String() string {
31065	return awsutil.Prettify(s)
31066}
31067
31068// GoString returns the string representation.
31069//
31070// API parameter values that are decorated as "sensitive" in the API will not
31071// be included in the string output. The member name will be present, but the
31072// value will be replaced with "sensitive".
31073func (s ListServerCertificatesOutput) GoString() string {
31074	return s.String()
31075}
31076
31077// SetIsTruncated sets the IsTruncated field's value.
31078func (s *ListServerCertificatesOutput) SetIsTruncated(v bool) *ListServerCertificatesOutput {
31079	s.IsTruncated = &v
31080	return s
31081}
31082
31083// SetMarker sets the Marker field's value.
31084func (s *ListServerCertificatesOutput) SetMarker(v string) *ListServerCertificatesOutput {
31085	s.Marker = &v
31086	return s
31087}
31088
31089// SetServerCertificateMetadataList sets the ServerCertificateMetadataList field's value.
31090func (s *ListServerCertificatesOutput) SetServerCertificateMetadataList(v []*ServerCertificateMetadata) *ListServerCertificatesOutput {
31091	s.ServerCertificateMetadataList = v
31092	return s
31093}
31094
31095type ListServiceSpecificCredentialsInput struct {
31096	_ struct{} `type:"structure"`
31097
31098	// Filters the returned results to only those for the specified Amazon Web Services
31099	// service. If not specified, then Amazon Web Services returns service-specific
31100	// credentials for all services.
31101	ServiceName *string `type:"string"`
31102
31103	// The name of the user whose service-specific credentials you want information
31104	// about. If this value is not specified, then the operation assumes the user
31105	// whose credentials are used to call the operation.
31106	//
31107	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
31108	// a string of characters consisting of upper and lowercase alphanumeric characters
31109	// with no spaces. You can also include any of the following characters: _+=,.@-
31110	UserName *string `min:"1" type:"string"`
31111}
31112
31113// String returns the string representation.
31114//
31115// API parameter values that are decorated as "sensitive" in the API will not
31116// be included in the string output. The member name will be present, but the
31117// value will be replaced with "sensitive".
31118func (s ListServiceSpecificCredentialsInput) String() string {
31119	return awsutil.Prettify(s)
31120}
31121
31122// GoString returns the string representation.
31123//
31124// API parameter values that are decorated as "sensitive" in the API will not
31125// be included in the string output. The member name will be present, but the
31126// value will be replaced with "sensitive".
31127func (s ListServiceSpecificCredentialsInput) GoString() string {
31128	return s.String()
31129}
31130
31131// Validate inspects the fields of the type to determine if they are valid.
31132func (s *ListServiceSpecificCredentialsInput) Validate() error {
31133	invalidParams := request.ErrInvalidParams{Context: "ListServiceSpecificCredentialsInput"}
31134	if s.UserName != nil && len(*s.UserName) < 1 {
31135		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
31136	}
31137
31138	if invalidParams.Len() > 0 {
31139		return invalidParams
31140	}
31141	return nil
31142}
31143
31144// SetServiceName sets the ServiceName field's value.
31145func (s *ListServiceSpecificCredentialsInput) SetServiceName(v string) *ListServiceSpecificCredentialsInput {
31146	s.ServiceName = &v
31147	return s
31148}
31149
31150// SetUserName sets the UserName field's value.
31151func (s *ListServiceSpecificCredentialsInput) SetUserName(v string) *ListServiceSpecificCredentialsInput {
31152	s.UserName = &v
31153	return s
31154}
31155
31156type ListServiceSpecificCredentialsOutput struct {
31157	_ struct{} `type:"structure"`
31158
31159	// A list of structures that each contain details about a service-specific credential.
31160	ServiceSpecificCredentials []*ServiceSpecificCredentialMetadata `type:"list"`
31161}
31162
31163// String returns the string representation.
31164//
31165// API parameter values that are decorated as "sensitive" in the API will not
31166// be included in the string output. The member name will be present, but the
31167// value will be replaced with "sensitive".
31168func (s ListServiceSpecificCredentialsOutput) String() string {
31169	return awsutil.Prettify(s)
31170}
31171
31172// GoString returns the string representation.
31173//
31174// API parameter values that are decorated as "sensitive" in the API will not
31175// be included in the string output. The member name will be present, but the
31176// value will be replaced with "sensitive".
31177func (s ListServiceSpecificCredentialsOutput) GoString() string {
31178	return s.String()
31179}
31180
31181// SetServiceSpecificCredentials sets the ServiceSpecificCredentials field's value.
31182func (s *ListServiceSpecificCredentialsOutput) SetServiceSpecificCredentials(v []*ServiceSpecificCredentialMetadata) *ListServiceSpecificCredentialsOutput {
31183	s.ServiceSpecificCredentials = v
31184	return s
31185}
31186
31187type ListSigningCertificatesInput struct {
31188	_ struct{} `type:"structure"`
31189
31190	// Use this parameter only when paginating results and only after you receive
31191	// a response indicating that the results are truncated. Set it to the value
31192	// of the Marker element in the response that you received to indicate where
31193	// the next call should start.
31194	Marker *string `min:"1" type:"string"`
31195
31196	// Use this only when paginating results to indicate the maximum number of items
31197	// you want in the response. If additional items exist beyond the maximum you
31198	// specify, the IsTruncated response element is true.
31199	//
31200	// If you do not include this parameter, the number of items defaults to 100.
31201	// Note that IAM might return fewer results, even when there are more results
31202	// available. In that case, the IsTruncated response element returns true, and
31203	// Marker contains a value to include in the subsequent call that tells the
31204	// service where to continue from.
31205	MaxItems *int64 `min:"1" type:"integer"`
31206
31207	// The name of the IAM user whose signing certificates you want to examine.
31208	//
31209	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
31210	// a string of characters consisting of upper and lowercase alphanumeric characters
31211	// with no spaces. You can also include any of the following characters: _+=,.@-
31212	UserName *string `min:"1" type:"string"`
31213}
31214
31215// String returns the string representation.
31216//
31217// API parameter values that are decorated as "sensitive" in the API will not
31218// be included in the string output. The member name will be present, but the
31219// value will be replaced with "sensitive".
31220func (s ListSigningCertificatesInput) String() string {
31221	return awsutil.Prettify(s)
31222}
31223
31224// GoString returns the string representation.
31225//
31226// API parameter values that are decorated as "sensitive" in the API will not
31227// be included in the string output. The member name will be present, but the
31228// value will be replaced with "sensitive".
31229func (s ListSigningCertificatesInput) GoString() string {
31230	return s.String()
31231}
31232
31233// Validate inspects the fields of the type to determine if they are valid.
31234func (s *ListSigningCertificatesInput) Validate() error {
31235	invalidParams := request.ErrInvalidParams{Context: "ListSigningCertificatesInput"}
31236	if s.Marker != nil && len(*s.Marker) < 1 {
31237		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
31238	}
31239	if s.MaxItems != nil && *s.MaxItems < 1 {
31240		invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1))
31241	}
31242	if s.UserName != nil && len(*s.UserName) < 1 {
31243		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
31244	}
31245
31246	if invalidParams.Len() > 0 {
31247		return invalidParams
31248	}
31249	return nil
31250}
31251
31252// SetMarker sets the Marker field's value.
31253func (s *ListSigningCertificatesInput) SetMarker(v string) *ListSigningCertificatesInput {
31254	s.Marker = &v
31255	return s
31256}
31257
31258// SetMaxItems sets the MaxItems field's value.
31259func (s *ListSigningCertificatesInput) SetMaxItems(v int64) *ListSigningCertificatesInput {
31260	s.MaxItems = &v
31261	return s
31262}
31263
31264// SetUserName sets the UserName field's value.
31265func (s *ListSigningCertificatesInput) SetUserName(v string) *ListSigningCertificatesInput {
31266	s.UserName = &v
31267	return s
31268}
31269
31270// Contains the response to a successful ListSigningCertificates request.
31271type ListSigningCertificatesOutput struct {
31272	_ struct{} `type:"structure"`
31273
31274	// A list of the user's signing certificate information.
31275	//
31276	// Certificates is a required field
31277	Certificates []*SigningCertificate `type:"list" required:"true"`
31278
31279	// A flag that indicates whether there are more items to return. If your results
31280	// were truncated, you can make a subsequent pagination request using the Marker
31281	// request parameter to retrieve more items. Note that IAM might return fewer
31282	// than the MaxItems number of results even when there are more results available.
31283	// We recommend that you check IsTruncated after every call to ensure that you
31284	// receive all your results.
31285	IsTruncated *bool `type:"boolean"`
31286
31287	// When IsTruncated is true, this element is present and contains the value
31288	// to use for the Marker parameter in a subsequent pagination request.
31289	Marker *string `type:"string"`
31290}
31291
31292// String returns the string representation.
31293//
31294// API parameter values that are decorated as "sensitive" in the API will not
31295// be included in the string output. The member name will be present, but the
31296// value will be replaced with "sensitive".
31297func (s ListSigningCertificatesOutput) String() string {
31298	return awsutil.Prettify(s)
31299}
31300
31301// GoString returns the string representation.
31302//
31303// API parameter values that are decorated as "sensitive" in the API will not
31304// be included in the string output. The member name will be present, but the
31305// value will be replaced with "sensitive".
31306func (s ListSigningCertificatesOutput) GoString() string {
31307	return s.String()
31308}
31309
31310// SetCertificates sets the Certificates field's value.
31311func (s *ListSigningCertificatesOutput) SetCertificates(v []*SigningCertificate) *ListSigningCertificatesOutput {
31312	s.Certificates = v
31313	return s
31314}
31315
31316// SetIsTruncated sets the IsTruncated field's value.
31317func (s *ListSigningCertificatesOutput) SetIsTruncated(v bool) *ListSigningCertificatesOutput {
31318	s.IsTruncated = &v
31319	return s
31320}
31321
31322// SetMarker sets the Marker field's value.
31323func (s *ListSigningCertificatesOutput) SetMarker(v string) *ListSigningCertificatesOutput {
31324	s.Marker = &v
31325	return s
31326}
31327
31328type ListUserPoliciesInput struct {
31329	_ struct{} `type:"structure"`
31330
31331	// Use this parameter only when paginating results and only after you receive
31332	// a response indicating that the results are truncated. Set it to the value
31333	// of the Marker element in the response that you received to indicate where
31334	// the next call should start.
31335	Marker *string `min:"1" type:"string"`
31336
31337	// Use this only when paginating results to indicate the maximum number of items
31338	// you want in the response. If additional items exist beyond the maximum you
31339	// specify, the IsTruncated response element is true.
31340	//
31341	// If you do not include this parameter, the number of items defaults to 100.
31342	// Note that IAM might return fewer results, even when there are more results
31343	// available. In that case, the IsTruncated response element returns true, and
31344	// Marker contains a value to include in the subsequent call that tells the
31345	// service where to continue from.
31346	MaxItems *int64 `min:"1" type:"integer"`
31347
31348	// The name of the user to list policies for.
31349	//
31350	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
31351	// a string of characters consisting of upper and lowercase alphanumeric characters
31352	// with no spaces. You can also include any of the following characters: _+=,.@-
31353	//
31354	// UserName is a required field
31355	UserName *string `min:"1" type:"string" required:"true"`
31356}
31357
31358// String returns the string representation.
31359//
31360// API parameter values that are decorated as "sensitive" in the API will not
31361// be included in the string output. The member name will be present, but the
31362// value will be replaced with "sensitive".
31363func (s ListUserPoliciesInput) String() string {
31364	return awsutil.Prettify(s)
31365}
31366
31367// GoString returns the string representation.
31368//
31369// API parameter values that are decorated as "sensitive" in the API will not
31370// be included in the string output. The member name will be present, but the
31371// value will be replaced with "sensitive".
31372func (s ListUserPoliciesInput) GoString() string {
31373	return s.String()
31374}
31375
31376// Validate inspects the fields of the type to determine if they are valid.
31377func (s *ListUserPoliciesInput) Validate() error {
31378	invalidParams := request.ErrInvalidParams{Context: "ListUserPoliciesInput"}
31379	if s.Marker != nil && len(*s.Marker) < 1 {
31380		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
31381	}
31382	if s.MaxItems != nil && *s.MaxItems < 1 {
31383		invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1))
31384	}
31385	if s.UserName == nil {
31386		invalidParams.Add(request.NewErrParamRequired("UserName"))
31387	}
31388	if s.UserName != nil && len(*s.UserName) < 1 {
31389		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
31390	}
31391
31392	if invalidParams.Len() > 0 {
31393		return invalidParams
31394	}
31395	return nil
31396}
31397
31398// SetMarker sets the Marker field's value.
31399func (s *ListUserPoliciesInput) SetMarker(v string) *ListUserPoliciesInput {
31400	s.Marker = &v
31401	return s
31402}
31403
31404// SetMaxItems sets the MaxItems field's value.
31405func (s *ListUserPoliciesInput) SetMaxItems(v int64) *ListUserPoliciesInput {
31406	s.MaxItems = &v
31407	return s
31408}
31409
31410// SetUserName sets the UserName field's value.
31411func (s *ListUserPoliciesInput) SetUserName(v string) *ListUserPoliciesInput {
31412	s.UserName = &v
31413	return s
31414}
31415
31416// Contains the response to a successful ListUserPolicies request.
31417type ListUserPoliciesOutput struct {
31418	_ struct{} `type:"structure"`
31419
31420	// A flag that indicates whether there are more items to return. If your results
31421	// were truncated, you can make a subsequent pagination request using the Marker
31422	// request parameter to retrieve more items. Note that IAM might return fewer
31423	// than the MaxItems number of results even when there are more results available.
31424	// We recommend that you check IsTruncated after every call to ensure that you
31425	// receive all your results.
31426	IsTruncated *bool `type:"boolean"`
31427
31428	// When IsTruncated is true, this element is present and contains the value
31429	// to use for the Marker parameter in a subsequent pagination request.
31430	Marker *string `type:"string"`
31431
31432	// A list of policy names.
31433	//
31434	// PolicyNames is a required field
31435	PolicyNames []*string `type:"list" required:"true"`
31436}
31437
31438// String returns the string representation.
31439//
31440// API parameter values that are decorated as "sensitive" in the API will not
31441// be included in the string output. The member name will be present, but the
31442// value will be replaced with "sensitive".
31443func (s ListUserPoliciesOutput) String() string {
31444	return awsutil.Prettify(s)
31445}
31446
31447// GoString returns the string representation.
31448//
31449// API parameter values that are decorated as "sensitive" in the API will not
31450// be included in the string output. The member name will be present, but the
31451// value will be replaced with "sensitive".
31452func (s ListUserPoliciesOutput) GoString() string {
31453	return s.String()
31454}
31455
31456// SetIsTruncated sets the IsTruncated field's value.
31457func (s *ListUserPoliciesOutput) SetIsTruncated(v bool) *ListUserPoliciesOutput {
31458	s.IsTruncated = &v
31459	return s
31460}
31461
31462// SetMarker sets the Marker field's value.
31463func (s *ListUserPoliciesOutput) SetMarker(v string) *ListUserPoliciesOutput {
31464	s.Marker = &v
31465	return s
31466}
31467
31468// SetPolicyNames sets the PolicyNames field's value.
31469func (s *ListUserPoliciesOutput) SetPolicyNames(v []*string) *ListUserPoliciesOutput {
31470	s.PolicyNames = v
31471	return s
31472}
31473
31474type ListUserTagsInput struct {
31475	_ struct{} `type:"structure"`
31476
31477	// Use this parameter only when paginating results and only after you receive
31478	// a response indicating that the results are truncated. Set it to the value
31479	// of the Marker element in the response that you received to indicate where
31480	// the next call should start.
31481	Marker *string `min:"1" type:"string"`
31482
31483	// Use this only when paginating results to indicate the maximum number of items
31484	// you want in the response. If additional items exist beyond the maximum you
31485	// specify, the IsTruncated response element is true.
31486	//
31487	// If you do not include this parameter, the number of items defaults to 100.
31488	// Note that IAM might return fewer results, even when there are more results
31489	// available. In that case, the IsTruncated response element returns true, and
31490	// Marker contains a value to include in the subsequent call that tells the
31491	// service where to continue from.
31492	MaxItems *int64 `min:"1" type:"integer"`
31493
31494	// The name of the IAM user whose tags you want to see.
31495	//
31496	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
31497	// a string of characters consisting of upper and lowercase alphanumeric characters
31498	// with no spaces. You can also include any of the following characters: _+=,.@-
31499	//
31500	// UserName is a required field
31501	UserName *string `min:"1" type:"string" required:"true"`
31502}
31503
31504// String returns the string representation.
31505//
31506// API parameter values that are decorated as "sensitive" in the API will not
31507// be included in the string output. The member name will be present, but the
31508// value will be replaced with "sensitive".
31509func (s ListUserTagsInput) String() string {
31510	return awsutil.Prettify(s)
31511}
31512
31513// GoString returns the string representation.
31514//
31515// API parameter values that are decorated as "sensitive" in the API will not
31516// be included in the string output. The member name will be present, but the
31517// value will be replaced with "sensitive".
31518func (s ListUserTagsInput) GoString() string {
31519	return s.String()
31520}
31521
31522// Validate inspects the fields of the type to determine if they are valid.
31523func (s *ListUserTagsInput) Validate() error {
31524	invalidParams := request.ErrInvalidParams{Context: "ListUserTagsInput"}
31525	if s.Marker != nil && len(*s.Marker) < 1 {
31526		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
31527	}
31528	if s.MaxItems != nil && *s.MaxItems < 1 {
31529		invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1))
31530	}
31531	if s.UserName == nil {
31532		invalidParams.Add(request.NewErrParamRequired("UserName"))
31533	}
31534	if s.UserName != nil && len(*s.UserName) < 1 {
31535		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
31536	}
31537
31538	if invalidParams.Len() > 0 {
31539		return invalidParams
31540	}
31541	return nil
31542}
31543
31544// SetMarker sets the Marker field's value.
31545func (s *ListUserTagsInput) SetMarker(v string) *ListUserTagsInput {
31546	s.Marker = &v
31547	return s
31548}
31549
31550// SetMaxItems sets the MaxItems field's value.
31551func (s *ListUserTagsInput) SetMaxItems(v int64) *ListUserTagsInput {
31552	s.MaxItems = &v
31553	return s
31554}
31555
31556// SetUserName sets the UserName field's value.
31557func (s *ListUserTagsInput) SetUserName(v string) *ListUserTagsInput {
31558	s.UserName = &v
31559	return s
31560}
31561
31562type ListUserTagsOutput struct {
31563	_ struct{} `type:"structure"`
31564
31565	// A flag that indicates whether there are more items to return. If your results
31566	// were truncated, you can make a subsequent pagination request using the Marker
31567	// request parameter to retrieve more items. Note that IAM might return fewer
31568	// than the MaxItems number of results even when there are more results available.
31569	// We recommend that you check IsTruncated after every call to ensure that you
31570	// receive all your results.
31571	IsTruncated *bool `type:"boolean"`
31572
31573	// When IsTruncated is true, this element is present and contains the value
31574	// to use for the Marker parameter in a subsequent pagination request.
31575	Marker *string `type:"string"`
31576
31577	// The list of tags that are currently attached to the user. Each tag consists
31578	// of a key name and an associated value. If no tags are attached to the specified
31579	// resource, the response contains an empty list.
31580	//
31581	// Tags is a required field
31582	Tags []*Tag `type:"list" required:"true"`
31583}
31584
31585// String returns the string representation.
31586//
31587// API parameter values that are decorated as "sensitive" in the API will not
31588// be included in the string output. The member name will be present, but the
31589// value will be replaced with "sensitive".
31590func (s ListUserTagsOutput) String() string {
31591	return awsutil.Prettify(s)
31592}
31593
31594// GoString returns the string representation.
31595//
31596// API parameter values that are decorated as "sensitive" in the API will not
31597// be included in the string output. The member name will be present, but the
31598// value will be replaced with "sensitive".
31599func (s ListUserTagsOutput) GoString() string {
31600	return s.String()
31601}
31602
31603// SetIsTruncated sets the IsTruncated field's value.
31604func (s *ListUserTagsOutput) SetIsTruncated(v bool) *ListUserTagsOutput {
31605	s.IsTruncated = &v
31606	return s
31607}
31608
31609// SetMarker sets the Marker field's value.
31610func (s *ListUserTagsOutput) SetMarker(v string) *ListUserTagsOutput {
31611	s.Marker = &v
31612	return s
31613}
31614
31615// SetTags sets the Tags field's value.
31616func (s *ListUserTagsOutput) SetTags(v []*Tag) *ListUserTagsOutput {
31617	s.Tags = v
31618	return s
31619}
31620
31621type ListUsersInput struct {
31622	_ struct{} `type:"structure"`
31623
31624	// Use this parameter only when paginating results and only after you receive
31625	// a response indicating that the results are truncated. Set it to the value
31626	// of the Marker element in the response that you received to indicate where
31627	// the next call should start.
31628	Marker *string `min:"1" type:"string"`
31629
31630	// Use this only when paginating results to indicate the maximum number of items
31631	// you want in the response. If additional items exist beyond the maximum you
31632	// specify, the IsTruncated response element is true.
31633	//
31634	// If you do not include this parameter, the number of items defaults to 100.
31635	// Note that IAM might return fewer results, even when there are more results
31636	// available. In that case, the IsTruncated response element returns true, and
31637	// Marker contains a value to include in the subsequent call that tells the
31638	// service where to continue from.
31639	MaxItems *int64 `min:"1" type:"integer"`
31640
31641	// The path prefix for filtering the results. For example: /division_abc/subdivision_xyz/,
31642	// which would get all user names whose path starts with /division_abc/subdivision_xyz/.
31643	//
31644	// This parameter is optional. If it is not included, it defaults to a slash
31645	// (/), listing all user names. This parameter allows (through its regex pattern
31646	// (http://wikipedia.org/wiki/regex)) a string of characters consisting of either
31647	// a forward slash (/) by itself or a string that must begin and end with forward
31648	// slashes. In addition, it can contain any ASCII character from the ! (\u0021)
31649	// through the DEL character (\u007F), including most punctuation characters,
31650	// digits, and upper and lowercased letters.
31651	PathPrefix *string `min:"1" type:"string"`
31652}
31653
31654// String returns the string representation.
31655//
31656// API parameter values that are decorated as "sensitive" in the API will not
31657// be included in the string output. The member name will be present, but the
31658// value will be replaced with "sensitive".
31659func (s ListUsersInput) String() string {
31660	return awsutil.Prettify(s)
31661}
31662
31663// GoString returns the string representation.
31664//
31665// API parameter values that are decorated as "sensitive" in the API will not
31666// be included in the string output. The member name will be present, but the
31667// value will be replaced with "sensitive".
31668func (s ListUsersInput) GoString() string {
31669	return s.String()
31670}
31671
31672// Validate inspects the fields of the type to determine if they are valid.
31673func (s *ListUsersInput) Validate() error {
31674	invalidParams := request.ErrInvalidParams{Context: "ListUsersInput"}
31675	if s.Marker != nil && len(*s.Marker) < 1 {
31676		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
31677	}
31678	if s.MaxItems != nil && *s.MaxItems < 1 {
31679		invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1))
31680	}
31681	if s.PathPrefix != nil && len(*s.PathPrefix) < 1 {
31682		invalidParams.Add(request.NewErrParamMinLen("PathPrefix", 1))
31683	}
31684
31685	if invalidParams.Len() > 0 {
31686		return invalidParams
31687	}
31688	return nil
31689}
31690
31691// SetMarker sets the Marker field's value.
31692func (s *ListUsersInput) SetMarker(v string) *ListUsersInput {
31693	s.Marker = &v
31694	return s
31695}
31696
31697// SetMaxItems sets the MaxItems field's value.
31698func (s *ListUsersInput) SetMaxItems(v int64) *ListUsersInput {
31699	s.MaxItems = &v
31700	return s
31701}
31702
31703// SetPathPrefix sets the PathPrefix field's value.
31704func (s *ListUsersInput) SetPathPrefix(v string) *ListUsersInput {
31705	s.PathPrefix = &v
31706	return s
31707}
31708
31709// Contains the response to a successful ListUsers request.
31710type ListUsersOutput struct {
31711	_ struct{} `type:"structure"`
31712
31713	// A flag that indicates whether there are more items to return. If your results
31714	// were truncated, you can make a subsequent pagination request using the Marker
31715	// request parameter to retrieve more items. Note that IAM might return fewer
31716	// than the MaxItems number of results even when there are more results available.
31717	// We recommend that you check IsTruncated after every call to ensure that you
31718	// receive all your results.
31719	IsTruncated *bool `type:"boolean"`
31720
31721	// When IsTruncated is true, this element is present and contains the value
31722	// to use for the Marker parameter in a subsequent pagination request.
31723	Marker *string `type:"string"`
31724
31725	// A list of users.
31726	//
31727	// Users is a required field
31728	Users []*User `type:"list" required:"true"`
31729}
31730
31731// String returns the string representation.
31732//
31733// API parameter values that are decorated as "sensitive" in the API will not
31734// be included in the string output. The member name will be present, but the
31735// value will be replaced with "sensitive".
31736func (s ListUsersOutput) String() string {
31737	return awsutil.Prettify(s)
31738}
31739
31740// GoString returns the string representation.
31741//
31742// API parameter values that are decorated as "sensitive" in the API will not
31743// be included in the string output. The member name will be present, but the
31744// value will be replaced with "sensitive".
31745func (s ListUsersOutput) GoString() string {
31746	return s.String()
31747}
31748
31749// SetIsTruncated sets the IsTruncated field's value.
31750func (s *ListUsersOutput) SetIsTruncated(v bool) *ListUsersOutput {
31751	s.IsTruncated = &v
31752	return s
31753}
31754
31755// SetMarker sets the Marker field's value.
31756func (s *ListUsersOutput) SetMarker(v string) *ListUsersOutput {
31757	s.Marker = &v
31758	return s
31759}
31760
31761// SetUsers sets the Users field's value.
31762func (s *ListUsersOutput) SetUsers(v []*User) *ListUsersOutput {
31763	s.Users = v
31764	return s
31765}
31766
31767type ListVirtualMFADevicesInput struct {
31768	_ struct{} `type:"structure"`
31769
31770	// The status (Unassigned or Assigned) of the devices to list. If you do not
31771	// specify an AssignmentStatus, the operation defaults to Any, which lists both
31772	// assigned and unassigned virtual MFA devices.,
31773	AssignmentStatus *string `type:"string" enum:"AssignmentStatusType"`
31774
31775	// Use this parameter only when paginating results and only after you receive
31776	// a response indicating that the results are truncated. Set it to the value
31777	// of the Marker element in the response that you received to indicate where
31778	// the next call should start.
31779	Marker *string `min:"1" type:"string"`
31780
31781	// Use this only when paginating results to indicate the maximum number of items
31782	// you want in the response. If additional items exist beyond the maximum you
31783	// specify, the IsTruncated response element is true.
31784	//
31785	// If you do not include this parameter, the number of items defaults to 100.
31786	// Note that IAM might return fewer results, even when there are more results
31787	// available. In that case, the IsTruncated response element returns true, and
31788	// Marker contains a value to include in the subsequent call that tells the
31789	// service where to continue from.
31790	MaxItems *int64 `min:"1" type:"integer"`
31791}
31792
31793// String returns the string representation.
31794//
31795// API parameter values that are decorated as "sensitive" in the API will not
31796// be included in the string output. The member name will be present, but the
31797// value will be replaced with "sensitive".
31798func (s ListVirtualMFADevicesInput) String() string {
31799	return awsutil.Prettify(s)
31800}
31801
31802// GoString returns the string representation.
31803//
31804// API parameter values that are decorated as "sensitive" in the API will not
31805// be included in the string output. The member name will be present, but the
31806// value will be replaced with "sensitive".
31807func (s ListVirtualMFADevicesInput) GoString() string {
31808	return s.String()
31809}
31810
31811// Validate inspects the fields of the type to determine if they are valid.
31812func (s *ListVirtualMFADevicesInput) Validate() error {
31813	invalidParams := request.ErrInvalidParams{Context: "ListVirtualMFADevicesInput"}
31814	if s.Marker != nil && len(*s.Marker) < 1 {
31815		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
31816	}
31817	if s.MaxItems != nil && *s.MaxItems < 1 {
31818		invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1))
31819	}
31820
31821	if invalidParams.Len() > 0 {
31822		return invalidParams
31823	}
31824	return nil
31825}
31826
31827// SetAssignmentStatus sets the AssignmentStatus field's value.
31828func (s *ListVirtualMFADevicesInput) SetAssignmentStatus(v string) *ListVirtualMFADevicesInput {
31829	s.AssignmentStatus = &v
31830	return s
31831}
31832
31833// SetMarker sets the Marker field's value.
31834func (s *ListVirtualMFADevicesInput) SetMarker(v string) *ListVirtualMFADevicesInput {
31835	s.Marker = &v
31836	return s
31837}
31838
31839// SetMaxItems sets the MaxItems field's value.
31840func (s *ListVirtualMFADevicesInput) SetMaxItems(v int64) *ListVirtualMFADevicesInput {
31841	s.MaxItems = &v
31842	return s
31843}
31844
31845// Contains the response to a successful ListVirtualMFADevices request.
31846type ListVirtualMFADevicesOutput struct {
31847	_ struct{} `type:"structure"`
31848
31849	// A flag that indicates whether there are more items to return. If your results
31850	// were truncated, you can make a subsequent pagination request using the Marker
31851	// request parameter to retrieve more items. Note that IAM might return fewer
31852	// than the MaxItems number of results even when there are more results available.
31853	// We recommend that you check IsTruncated after every call to ensure that you
31854	// receive all your results.
31855	IsTruncated *bool `type:"boolean"`
31856
31857	// When IsTruncated is true, this element is present and contains the value
31858	// to use for the Marker parameter in a subsequent pagination request.
31859	Marker *string `type:"string"`
31860
31861	// The list of virtual MFA devices in the current account that match the AssignmentStatus
31862	// value that was passed in the request.
31863	//
31864	// VirtualMFADevices is a required field
31865	VirtualMFADevices []*VirtualMFADevice `type:"list" required:"true"`
31866}
31867
31868// String returns the string representation.
31869//
31870// API parameter values that are decorated as "sensitive" in the API will not
31871// be included in the string output. The member name will be present, but the
31872// value will be replaced with "sensitive".
31873func (s ListVirtualMFADevicesOutput) String() string {
31874	return awsutil.Prettify(s)
31875}
31876
31877// GoString returns the string representation.
31878//
31879// API parameter values that are decorated as "sensitive" in the API will not
31880// be included in the string output. The member name will be present, but the
31881// value will be replaced with "sensitive".
31882func (s ListVirtualMFADevicesOutput) GoString() string {
31883	return s.String()
31884}
31885
31886// SetIsTruncated sets the IsTruncated field's value.
31887func (s *ListVirtualMFADevicesOutput) SetIsTruncated(v bool) *ListVirtualMFADevicesOutput {
31888	s.IsTruncated = &v
31889	return s
31890}
31891
31892// SetMarker sets the Marker field's value.
31893func (s *ListVirtualMFADevicesOutput) SetMarker(v string) *ListVirtualMFADevicesOutput {
31894	s.Marker = &v
31895	return s
31896}
31897
31898// SetVirtualMFADevices sets the VirtualMFADevices field's value.
31899func (s *ListVirtualMFADevicesOutput) SetVirtualMFADevices(v []*VirtualMFADevice) *ListVirtualMFADevicesOutput {
31900	s.VirtualMFADevices = v
31901	return s
31902}
31903
31904// Contains the user name and password create date for a user.
31905//
31906// This data type is used as a response element in the CreateLoginProfile and
31907// GetLoginProfile operations.
31908type LoginProfile struct {
31909	_ struct{} `type:"structure"`
31910
31911	// The date when the password for the user was created.
31912	//
31913	// CreateDate is a required field
31914	CreateDate *time.Time `type:"timestamp" required:"true"`
31915
31916	// Specifies whether the user is required to set a new password on next sign-in.
31917	PasswordResetRequired *bool `type:"boolean"`
31918
31919	// The name of the user, which can be used for signing in to the Amazon Web
31920	// Services Management Console.
31921	//
31922	// UserName is a required field
31923	UserName *string `min:"1" type:"string" required:"true"`
31924}
31925
31926// String returns the string representation.
31927//
31928// API parameter values that are decorated as "sensitive" in the API will not
31929// be included in the string output. The member name will be present, but the
31930// value will be replaced with "sensitive".
31931func (s LoginProfile) String() string {
31932	return awsutil.Prettify(s)
31933}
31934
31935// GoString returns the string representation.
31936//
31937// API parameter values that are decorated as "sensitive" in the API will not
31938// be included in the string output. The member name will be present, but the
31939// value will be replaced with "sensitive".
31940func (s LoginProfile) GoString() string {
31941	return s.String()
31942}
31943
31944// SetCreateDate sets the CreateDate field's value.
31945func (s *LoginProfile) SetCreateDate(v time.Time) *LoginProfile {
31946	s.CreateDate = &v
31947	return s
31948}
31949
31950// SetPasswordResetRequired sets the PasswordResetRequired field's value.
31951func (s *LoginProfile) SetPasswordResetRequired(v bool) *LoginProfile {
31952	s.PasswordResetRequired = &v
31953	return s
31954}
31955
31956// SetUserName sets the UserName field's value.
31957func (s *LoginProfile) SetUserName(v string) *LoginProfile {
31958	s.UserName = &v
31959	return s
31960}
31961
31962// Contains information about an MFA device.
31963//
31964// This data type is used as a response element in the ListMFADevices operation.
31965type MFADevice struct {
31966	_ struct{} `type:"structure"`
31967
31968	// The date when the MFA device was enabled for the user.
31969	//
31970	// EnableDate is a required field
31971	EnableDate *time.Time `type:"timestamp" required:"true"`
31972
31973	// The serial number that uniquely identifies the MFA device. For virtual MFA
31974	// devices, the serial number is the device ARN.
31975	//
31976	// SerialNumber is a required field
31977	SerialNumber *string `min:"9" type:"string" required:"true"`
31978
31979	// The user with whom the MFA device is associated.
31980	//
31981	// UserName is a required field
31982	UserName *string `min:"1" type:"string" required:"true"`
31983}
31984
31985// String returns the string representation.
31986//
31987// API parameter values that are decorated as "sensitive" in the API will not
31988// be included in the string output. The member name will be present, but the
31989// value will be replaced with "sensitive".
31990func (s MFADevice) String() string {
31991	return awsutil.Prettify(s)
31992}
31993
31994// GoString returns the string representation.
31995//
31996// API parameter values that are decorated as "sensitive" in the API will not
31997// be included in the string output. The member name will be present, but the
31998// value will be replaced with "sensitive".
31999func (s MFADevice) GoString() string {
32000	return s.String()
32001}
32002
32003// SetEnableDate sets the EnableDate field's value.
32004func (s *MFADevice) SetEnableDate(v time.Time) *MFADevice {
32005	s.EnableDate = &v
32006	return s
32007}
32008
32009// SetSerialNumber sets the SerialNumber field's value.
32010func (s *MFADevice) SetSerialNumber(v string) *MFADevice {
32011	s.SerialNumber = &v
32012	return s
32013}
32014
32015// SetUserName sets the UserName field's value.
32016func (s *MFADevice) SetUserName(v string) *MFADevice {
32017	s.UserName = &v
32018	return s
32019}
32020
32021// Contains information about a managed policy, including the policy's ARN,
32022// versions, and the number of principal entities (users, groups, and roles)
32023// that the policy is attached to.
32024//
32025// This data type is used as a response element in the GetAccountAuthorizationDetails
32026// operation.
32027//
32028// For more information about managed policies, see Managed policies and inline
32029// policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
32030// in the IAM User Guide.
32031type ManagedPolicyDetail struct {
32032	_ struct{} `type:"structure"`
32033
32034	// The Amazon Resource Name (ARN). ARNs are unique identifiers for Amazon Web
32035	// Services resources.
32036	//
32037	// For more information about ARNs, go to Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
32038	// in the Amazon Web Services General Reference.
32039	Arn *string `min:"20" type:"string"`
32040
32041	// The number of principal entities (users, groups, and roles) that the policy
32042	// is attached to.
32043	AttachmentCount *int64 `type:"integer"`
32044
32045	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
32046	// when the policy was created.
32047	CreateDate *time.Time `type:"timestamp"`
32048
32049	// The identifier for the version of the policy that is set as the default (operative)
32050	// version.
32051	//
32052	// For more information about policy versions, see Versioning for managed policies
32053	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-versions.html)
32054	// in the IAM User Guide.
32055	DefaultVersionId *string `type:"string"`
32056
32057	// A friendly description of the policy.
32058	Description *string `type:"string"`
32059
32060	// Specifies whether the policy can be attached to an IAM user, group, or role.
32061	IsAttachable *bool `type:"boolean"`
32062
32063	// The path to the policy.
32064	//
32065	// For more information about paths, see IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
32066	// in the IAM User Guide.
32067	Path *string `min:"1" type:"string"`
32068
32069	// The number of entities (users and roles) for which the policy is used as
32070	// the permissions boundary.
32071	//
32072	// For more information about permissions boundaries, see Permissions boundaries
32073	// for IAM identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html)
32074	// in the IAM User Guide.
32075	PermissionsBoundaryUsageCount *int64 `type:"integer"`
32076
32077	// The stable and unique string identifying the policy.
32078	//
32079	// For more information about IDs, see IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
32080	// in the IAM User Guide.
32081	PolicyId *string `min:"16" type:"string"`
32082
32083	// The friendly name (not ARN) identifying the policy.
32084	PolicyName *string `min:"1" type:"string"`
32085
32086	// A list containing information about the versions of the policy.
32087	PolicyVersionList []*PolicyVersion `type:"list"`
32088
32089	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
32090	// when the policy was last updated.
32091	//
32092	// When a policy has only one version, this field contains the date and time
32093	// when the policy was created. When a policy has more than one version, this
32094	// field contains the date and time when the most recent policy version was
32095	// created.
32096	UpdateDate *time.Time `type:"timestamp"`
32097}
32098
32099// String returns the string representation.
32100//
32101// API parameter values that are decorated as "sensitive" in the API will not
32102// be included in the string output. The member name will be present, but the
32103// value will be replaced with "sensitive".
32104func (s ManagedPolicyDetail) String() string {
32105	return awsutil.Prettify(s)
32106}
32107
32108// GoString returns the string representation.
32109//
32110// API parameter values that are decorated as "sensitive" in the API will not
32111// be included in the string output. The member name will be present, but the
32112// value will be replaced with "sensitive".
32113func (s ManagedPolicyDetail) GoString() string {
32114	return s.String()
32115}
32116
32117// SetArn sets the Arn field's value.
32118func (s *ManagedPolicyDetail) SetArn(v string) *ManagedPolicyDetail {
32119	s.Arn = &v
32120	return s
32121}
32122
32123// SetAttachmentCount sets the AttachmentCount field's value.
32124func (s *ManagedPolicyDetail) SetAttachmentCount(v int64) *ManagedPolicyDetail {
32125	s.AttachmentCount = &v
32126	return s
32127}
32128
32129// SetCreateDate sets the CreateDate field's value.
32130func (s *ManagedPolicyDetail) SetCreateDate(v time.Time) *ManagedPolicyDetail {
32131	s.CreateDate = &v
32132	return s
32133}
32134
32135// SetDefaultVersionId sets the DefaultVersionId field's value.
32136func (s *ManagedPolicyDetail) SetDefaultVersionId(v string) *ManagedPolicyDetail {
32137	s.DefaultVersionId = &v
32138	return s
32139}
32140
32141// SetDescription sets the Description field's value.
32142func (s *ManagedPolicyDetail) SetDescription(v string) *ManagedPolicyDetail {
32143	s.Description = &v
32144	return s
32145}
32146
32147// SetIsAttachable sets the IsAttachable field's value.
32148func (s *ManagedPolicyDetail) SetIsAttachable(v bool) *ManagedPolicyDetail {
32149	s.IsAttachable = &v
32150	return s
32151}
32152
32153// SetPath sets the Path field's value.
32154func (s *ManagedPolicyDetail) SetPath(v string) *ManagedPolicyDetail {
32155	s.Path = &v
32156	return s
32157}
32158
32159// SetPermissionsBoundaryUsageCount sets the PermissionsBoundaryUsageCount field's value.
32160func (s *ManagedPolicyDetail) SetPermissionsBoundaryUsageCount(v int64) *ManagedPolicyDetail {
32161	s.PermissionsBoundaryUsageCount = &v
32162	return s
32163}
32164
32165// SetPolicyId sets the PolicyId field's value.
32166func (s *ManagedPolicyDetail) SetPolicyId(v string) *ManagedPolicyDetail {
32167	s.PolicyId = &v
32168	return s
32169}
32170
32171// SetPolicyName sets the PolicyName field's value.
32172func (s *ManagedPolicyDetail) SetPolicyName(v string) *ManagedPolicyDetail {
32173	s.PolicyName = &v
32174	return s
32175}
32176
32177// SetPolicyVersionList sets the PolicyVersionList field's value.
32178func (s *ManagedPolicyDetail) SetPolicyVersionList(v []*PolicyVersion) *ManagedPolicyDetail {
32179	s.PolicyVersionList = v
32180	return s
32181}
32182
32183// SetUpdateDate sets the UpdateDate field's value.
32184func (s *ManagedPolicyDetail) SetUpdateDate(v time.Time) *ManagedPolicyDetail {
32185	s.UpdateDate = &v
32186	return s
32187}
32188
32189// Contains the Amazon Resource Name (ARN) for an IAM OpenID Connect provider.
32190type OpenIDConnectProviderListEntry struct {
32191	_ struct{} `type:"structure"`
32192
32193	// The Amazon Resource Name (ARN). ARNs are unique identifiers for Amazon Web
32194	// Services resources.
32195	//
32196	// For more information about ARNs, go to Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
32197	// in the Amazon Web Services General Reference.
32198	Arn *string `min:"20" type:"string"`
32199}
32200
32201// String returns the string representation.
32202//
32203// API parameter values that are decorated as "sensitive" in the API will not
32204// be included in the string output. The member name will be present, but the
32205// value will be replaced with "sensitive".
32206func (s OpenIDConnectProviderListEntry) String() string {
32207	return awsutil.Prettify(s)
32208}
32209
32210// GoString returns the string representation.
32211//
32212// API parameter values that are decorated as "sensitive" in the API will not
32213// be included in the string output. The member name will be present, but the
32214// value will be replaced with "sensitive".
32215func (s OpenIDConnectProviderListEntry) GoString() string {
32216	return s.String()
32217}
32218
32219// SetArn sets the Arn field's value.
32220func (s *OpenIDConnectProviderListEntry) SetArn(v string) *OpenIDConnectProviderListEntry {
32221	s.Arn = &v
32222	return s
32223}
32224
32225// Contains information about the effect that Organizations has on a policy
32226// simulation.
32227type OrganizationsDecisionDetail struct {
32228	_ struct{} `type:"structure"`
32229
32230	// Specifies whether the simulated operation is allowed by the Organizations
32231	// service control policies that impact the simulated user's account.
32232	AllowedByOrganizations *bool `type:"boolean"`
32233}
32234
32235// String returns the string representation.
32236//
32237// API parameter values that are decorated as "sensitive" in the API will not
32238// be included in the string output. The member name will be present, but the
32239// value will be replaced with "sensitive".
32240func (s OrganizationsDecisionDetail) String() string {
32241	return awsutil.Prettify(s)
32242}
32243
32244// GoString returns the string representation.
32245//
32246// API parameter values that are decorated as "sensitive" in the API will not
32247// be included in the string output. The member name will be present, but the
32248// value will be replaced with "sensitive".
32249func (s OrganizationsDecisionDetail) GoString() string {
32250	return s.String()
32251}
32252
32253// SetAllowedByOrganizations sets the AllowedByOrganizations field's value.
32254func (s *OrganizationsDecisionDetail) SetAllowedByOrganizations(v bool) *OrganizationsDecisionDetail {
32255	s.AllowedByOrganizations = &v
32256	return s
32257}
32258
32259// Contains information about the account password policy.
32260//
32261// This data type is used as a response element in the GetAccountPasswordPolicy
32262// operation.
32263type PasswordPolicy struct {
32264	_ struct{} `type:"structure"`
32265
32266	// Specifies whether IAM users are allowed to change their own password.
32267	AllowUsersToChangePassword *bool `type:"boolean"`
32268
32269	// Indicates whether passwords in the account expire. Returns true if MaxPasswordAge
32270	// contains a value greater than 0. Returns false if MaxPasswordAge is 0 or
32271	// not present.
32272	ExpirePasswords *bool `type:"boolean"`
32273
32274	// Specifies whether IAM users are prevented from setting a new password after
32275	// their password has expired.
32276	HardExpiry *bool `type:"boolean"`
32277
32278	// The number of days that an IAM user password is valid.
32279	MaxPasswordAge *int64 `min:"1" type:"integer"`
32280
32281	// Minimum length to require for IAM user passwords.
32282	MinimumPasswordLength *int64 `min:"6" type:"integer"`
32283
32284	// Specifies the number of previous passwords that IAM users are prevented from
32285	// reusing.
32286	PasswordReusePrevention *int64 `min:"1" type:"integer"`
32287
32288	// Specifies whether IAM user passwords must contain at least one lowercase
32289	// character (a to z).
32290	RequireLowercaseCharacters *bool `type:"boolean"`
32291
32292	// Specifies whether IAM user passwords must contain at least one numeric character
32293	// (0 to 9).
32294	RequireNumbers *bool `type:"boolean"`
32295
32296	// Specifies whether IAM user passwords must contain at least one of the following
32297	// symbols:
32298	//
32299	// ! @ # $ % ^ & * ( ) _ + - = [ ] { } | '
32300	RequireSymbols *bool `type:"boolean"`
32301
32302	// Specifies whether IAM user passwords must contain at least one uppercase
32303	// character (A to Z).
32304	RequireUppercaseCharacters *bool `type:"boolean"`
32305}
32306
32307// String returns the string representation.
32308//
32309// API parameter values that are decorated as "sensitive" in the API will not
32310// be included in the string output. The member name will be present, but the
32311// value will be replaced with "sensitive".
32312func (s PasswordPolicy) String() string {
32313	return awsutil.Prettify(s)
32314}
32315
32316// GoString returns the string representation.
32317//
32318// API parameter values that are decorated as "sensitive" in the API will not
32319// be included in the string output. The member name will be present, but the
32320// value will be replaced with "sensitive".
32321func (s PasswordPolicy) GoString() string {
32322	return s.String()
32323}
32324
32325// SetAllowUsersToChangePassword sets the AllowUsersToChangePassword field's value.
32326func (s *PasswordPolicy) SetAllowUsersToChangePassword(v bool) *PasswordPolicy {
32327	s.AllowUsersToChangePassword = &v
32328	return s
32329}
32330
32331// SetExpirePasswords sets the ExpirePasswords field's value.
32332func (s *PasswordPolicy) SetExpirePasswords(v bool) *PasswordPolicy {
32333	s.ExpirePasswords = &v
32334	return s
32335}
32336
32337// SetHardExpiry sets the HardExpiry field's value.
32338func (s *PasswordPolicy) SetHardExpiry(v bool) *PasswordPolicy {
32339	s.HardExpiry = &v
32340	return s
32341}
32342
32343// SetMaxPasswordAge sets the MaxPasswordAge field's value.
32344func (s *PasswordPolicy) SetMaxPasswordAge(v int64) *PasswordPolicy {
32345	s.MaxPasswordAge = &v
32346	return s
32347}
32348
32349// SetMinimumPasswordLength sets the MinimumPasswordLength field's value.
32350func (s *PasswordPolicy) SetMinimumPasswordLength(v int64) *PasswordPolicy {
32351	s.MinimumPasswordLength = &v
32352	return s
32353}
32354
32355// SetPasswordReusePrevention sets the PasswordReusePrevention field's value.
32356func (s *PasswordPolicy) SetPasswordReusePrevention(v int64) *PasswordPolicy {
32357	s.PasswordReusePrevention = &v
32358	return s
32359}
32360
32361// SetRequireLowercaseCharacters sets the RequireLowercaseCharacters field's value.
32362func (s *PasswordPolicy) SetRequireLowercaseCharacters(v bool) *PasswordPolicy {
32363	s.RequireLowercaseCharacters = &v
32364	return s
32365}
32366
32367// SetRequireNumbers sets the RequireNumbers field's value.
32368func (s *PasswordPolicy) SetRequireNumbers(v bool) *PasswordPolicy {
32369	s.RequireNumbers = &v
32370	return s
32371}
32372
32373// SetRequireSymbols sets the RequireSymbols field's value.
32374func (s *PasswordPolicy) SetRequireSymbols(v bool) *PasswordPolicy {
32375	s.RequireSymbols = &v
32376	return s
32377}
32378
32379// SetRequireUppercaseCharacters sets the RequireUppercaseCharacters field's value.
32380func (s *PasswordPolicy) SetRequireUppercaseCharacters(v bool) *PasswordPolicy {
32381	s.RequireUppercaseCharacters = &v
32382	return s
32383}
32384
32385// Contains information about the effect that a permissions boundary has on
32386// a policy simulation when the boundary is applied to an IAM entity.
32387type PermissionsBoundaryDecisionDetail struct {
32388	_ struct{} `type:"structure"`
32389
32390	// Specifies whether an action is allowed by a permissions boundary that is
32391	// applied to an IAM entity (user or role). A value of true means that the permissions
32392	// boundary does not deny the action. This means that the policy includes an
32393	// Allow statement that matches the request. In this case, if an identity-based
32394	// policy also allows the action, the request is allowed. A value of false means
32395	// that either the requested action is not allowed (implicitly denied) or that
32396	// the action is explicitly denied by the permissions boundary. In both of these
32397	// cases, the action is not allowed, regardless of the identity-based policy.
32398	AllowedByPermissionsBoundary *bool `type:"boolean"`
32399}
32400
32401// String returns the string representation.
32402//
32403// API parameter values that are decorated as "sensitive" in the API will not
32404// be included in the string output. The member name will be present, but the
32405// value will be replaced with "sensitive".
32406func (s PermissionsBoundaryDecisionDetail) String() string {
32407	return awsutil.Prettify(s)
32408}
32409
32410// GoString returns the string representation.
32411//
32412// API parameter values that are decorated as "sensitive" in the API will not
32413// be included in the string output. The member name will be present, but the
32414// value will be replaced with "sensitive".
32415func (s PermissionsBoundaryDecisionDetail) GoString() string {
32416	return s.String()
32417}
32418
32419// SetAllowedByPermissionsBoundary sets the AllowedByPermissionsBoundary field's value.
32420func (s *PermissionsBoundaryDecisionDetail) SetAllowedByPermissionsBoundary(v bool) *PermissionsBoundaryDecisionDetail {
32421	s.AllowedByPermissionsBoundary = &v
32422	return s
32423}
32424
32425// Contains information about a managed policy.
32426//
32427// This data type is used as a response element in the CreatePolicy, GetPolicy,
32428// and ListPolicies operations.
32429//
32430// For more information about managed policies, refer to Managed policies and
32431// inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
32432// in the IAM User Guide.
32433type Policy struct {
32434	_ struct{} `type:"structure"`
32435
32436	// The Amazon Resource Name (ARN). ARNs are unique identifiers for Amazon Web
32437	// Services resources.
32438	//
32439	// For more information about ARNs, go to Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
32440	// in the Amazon Web Services General Reference.
32441	Arn *string `min:"20" type:"string"`
32442
32443	// The number of entities (users, groups, and roles) that the policy is attached
32444	// to.
32445	AttachmentCount *int64 `type:"integer"`
32446
32447	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
32448	// when the policy was created.
32449	CreateDate *time.Time `type:"timestamp"`
32450
32451	// The identifier for the version of the policy that is set as the default version.
32452	DefaultVersionId *string `type:"string"`
32453
32454	// A friendly description of the policy.
32455	//
32456	// This element is included in the response to the GetPolicy operation. It is
32457	// not included in the response to the ListPolicies operation.
32458	Description *string `type:"string"`
32459
32460	// Specifies whether the policy can be attached to an IAM user, group, or role.
32461	IsAttachable *bool `type:"boolean"`
32462
32463	// The path to the policy.
32464	//
32465	// For more information about paths, see IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
32466	// in the IAM User Guide.
32467	Path *string `min:"1" type:"string"`
32468
32469	// The number of entities (users and roles) for which the policy is used to
32470	// set the permissions boundary.
32471	//
32472	// For more information about permissions boundaries, see Permissions boundaries
32473	// for IAM identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html)
32474	// in the IAM User Guide.
32475	PermissionsBoundaryUsageCount *int64 `type:"integer"`
32476
32477	// The stable and unique string identifying the policy.
32478	//
32479	// For more information about IDs, see IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
32480	// in the IAM User Guide.
32481	PolicyId *string `min:"16" type:"string"`
32482
32483	// The friendly name (not ARN) identifying the policy.
32484	PolicyName *string `min:"1" type:"string"`
32485
32486	// A list of tags that are attached to the instance profile. For more information
32487	// about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
32488	// in the IAM User Guide.
32489	Tags []*Tag `type:"list"`
32490
32491	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
32492	// when the policy was last updated.
32493	//
32494	// When a policy has only one version, this field contains the date and time
32495	// when the policy was created. When a policy has more than one version, this
32496	// field contains the date and time when the most recent policy version was
32497	// created.
32498	UpdateDate *time.Time `type:"timestamp"`
32499}
32500
32501// String returns the string representation.
32502//
32503// API parameter values that are decorated as "sensitive" in the API will not
32504// be included in the string output. The member name will be present, but the
32505// value will be replaced with "sensitive".
32506func (s Policy) String() string {
32507	return awsutil.Prettify(s)
32508}
32509
32510// GoString returns the string representation.
32511//
32512// API parameter values that are decorated as "sensitive" in the API will not
32513// be included in the string output. The member name will be present, but the
32514// value will be replaced with "sensitive".
32515func (s Policy) GoString() string {
32516	return s.String()
32517}
32518
32519// SetArn sets the Arn field's value.
32520func (s *Policy) SetArn(v string) *Policy {
32521	s.Arn = &v
32522	return s
32523}
32524
32525// SetAttachmentCount sets the AttachmentCount field's value.
32526func (s *Policy) SetAttachmentCount(v int64) *Policy {
32527	s.AttachmentCount = &v
32528	return s
32529}
32530
32531// SetCreateDate sets the CreateDate field's value.
32532func (s *Policy) SetCreateDate(v time.Time) *Policy {
32533	s.CreateDate = &v
32534	return s
32535}
32536
32537// SetDefaultVersionId sets the DefaultVersionId field's value.
32538func (s *Policy) SetDefaultVersionId(v string) *Policy {
32539	s.DefaultVersionId = &v
32540	return s
32541}
32542
32543// SetDescription sets the Description field's value.
32544func (s *Policy) SetDescription(v string) *Policy {
32545	s.Description = &v
32546	return s
32547}
32548
32549// SetIsAttachable sets the IsAttachable field's value.
32550func (s *Policy) SetIsAttachable(v bool) *Policy {
32551	s.IsAttachable = &v
32552	return s
32553}
32554
32555// SetPath sets the Path field's value.
32556func (s *Policy) SetPath(v string) *Policy {
32557	s.Path = &v
32558	return s
32559}
32560
32561// SetPermissionsBoundaryUsageCount sets the PermissionsBoundaryUsageCount field's value.
32562func (s *Policy) SetPermissionsBoundaryUsageCount(v int64) *Policy {
32563	s.PermissionsBoundaryUsageCount = &v
32564	return s
32565}
32566
32567// SetPolicyId sets the PolicyId field's value.
32568func (s *Policy) SetPolicyId(v string) *Policy {
32569	s.PolicyId = &v
32570	return s
32571}
32572
32573// SetPolicyName sets the PolicyName field's value.
32574func (s *Policy) SetPolicyName(v string) *Policy {
32575	s.PolicyName = &v
32576	return s
32577}
32578
32579// SetTags sets the Tags field's value.
32580func (s *Policy) SetTags(v []*Tag) *Policy {
32581	s.Tags = v
32582	return s
32583}
32584
32585// SetUpdateDate sets the UpdateDate field's value.
32586func (s *Policy) SetUpdateDate(v time.Time) *Policy {
32587	s.UpdateDate = &v
32588	return s
32589}
32590
32591// Contains information about an IAM policy, including the policy document.
32592//
32593// This data type is used as a response element in the GetAccountAuthorizationDetails
32594// operation.
32595type PolicyDetail struct {
32596	_ struct{} `type:"structure"`
32597
32598	// The policy document.
32599	PolicyDocument *string `min:"1" type:"string"`
32600
32601	// The name of the policy.
32602	PolicyName *string `min:"1" type:"string"`
32603}
32604
32605// String returns the string representation.
32606//
32607// API parameter values that are decorated as "sensitive" in the API will not
32608// be included in the string output. The member name will be present, but the
32609// value will be replaced with "sensitive".
32610func (s PolicyDetail) String() string {
32611	return awsutil.Prettify(s)
32612}
32613
32614// GoString returns the string representation.
32615//
32616// API parameter values that are decorated as "sensitive" in the API will not
32617// be included in the string output. The member name will be present, but the
32618// value will be replaced with "sensitive".
32619func (s PolicyDetail) GoString() string {
32620	return s.String()
32621}
32622
32623// SetPolicyDocument sets the PolicyDocument field's value.
32624func (s *PolicyDetail) SetPolicyDocument(v string) *PolicyDetail {
32625	s.PolicyDocument = &v
32626	return s
32627}
32628
32629// SetPolicyName sets the PolicyName field's value.
32630func (s *PolicyDetail) SetPolicyName(v string) *PolicyDetail {
32631	s.PolicyName = &v
32632	return s
32633}
32634
32635// Contains details about the permissions policies that are attached to the
32636// specified identity (user, group, or role).
32637//
32638// This data type is an element of the ListPoliciesGrantingServiceAccessEntry
32639// object.
32640type PolicyGrantingServiceAccess struct {
32641	_ struct{} `type:"structure"`
32642
32643	// The name of the entity (user or role) to which the inline policy is attached.
32644	//
32645	// This field is null for managed policies. For more information about these
32646	// policy types, see Managed policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_managed-vs-inline.html)
32647	// in the IAM User Guide.
32648	EntityName *string `min:"1" type:"string"`
32649
32650	// The type of entity (user or role) that used the policy to access the service
32651	// to which the inline policy is attached.
32652	//
32653	// This field is null for managed policies. For more information about these
32654	// policy types, see Managed policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_managed-vs-inline.html)
32655	// in the IAM User Guide.
32656	EntityType *string `type:"string" enum:"PolicyOwnerEntityType"`
32657
32658	// The Amazon Resource Name (ARN). ARNs are unique identifiers for Amazon Web
32659	// Services resources.
32660	//
32661	// For more information about ARNs, go to Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
32662	// in the Amazon Web Services General Reference.
32663	PolicyArn *string `min:"20" type:"string"`
32664
32665	// The policy name.
32666	//
32667	// PolicyName is a required field
32668	PolicyName *string `min:"1" type:"string" required:"true"`
32669
32670	// The policy type. For more information about these policy types, see Managed
32671	// policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_managed-vs-inline.html)
32672	// in the IAM User Guide.
32673	//
32674	// PolicyType is a required field
32675	PolicyType *string `type:"string" required:"true" enum:"PolicyType"`
32676}
32677
32678// String returns the string representation.
32679//
32680// API parameter values that are decorated as "sensitive" in the API will not
32681// be included in the string output. The member name will be present, but the
32682// value will be replaced with "sensitive".
32683func (s PolicyGrantingServiceAccess) String() string {
32684	return awsutil.Prettify(s)
32685}
32686
32687// GoString returns the string representation.
32688//
32689// API parameter values that are decorated as "sensitive" in the API will not
32690// be included in the string output. The member name will be present, but the
32691// value will be replaced with "sensitive".
32692func (s PolicyGrantingServiceAccess) GoString() string {
32693	return s.String()
32694}
32695
32696// SetEntityName sets the EntityName field's value.
32697func (s *PolicyGrantingServiceAccess) SetEntityName(v string) *PolicyGrantingServiceAccess {
32698	s.EntityName = &v
32699	return s
32700}
32701
32702// SetEntityType sets the EntityType field's value.
32703func (s *PolicyGrantingServiceAccess) SetEntityType(v string) *PolicyGrantingServiceAccess {
32704	s.EntityType = &v
32705	return s
32706}
32707
32708// SetPolicyArn sets the PolicyArn field's value.
32709func (s *PolicyGrantingServiceAccess) SetPolicyArn(v string) *PolicyGrantingServiceAccess {
32710	s.PolicyArn = &v
32711	return s
32712}
32713
32714// SetPolicyName sets the PolicyName field's value.
32715func (s *PolicyGrantingServiceAccess) SetPolicyName(v string) *PolicyGrantingServiceAccess {
32716	s.PolicyName = &v
32717	return s
32718}
32719
32720// SetPolicyType sets the PolicyType field's value.
32721func (s *PolicyGrantingServiceAccess) SetPolicyType(v string) *PolicyGrantingServiceAccess {
32722	s.PolicyType = &v
32723	return s
32724}
32725
32726// Contains information about a group that a managed policy is attached to.
32727//
32728// This data type is used as a response element in the ListEntitiesForPolicy
32729// operation.
32730//
32731// For more information about managed policies, refer to Managed policies and
32732// inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
32733// in the IAM User Guide.
32734type PolicyGroup struct {
32735	_ struct{} `type:"structure"`
32736
32737	// The stable and unique string identifying the group. For more information
32738	// about IDs, see IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html)
32739	// in the IAM User Guide.
32740	GroupId *string `min:"16" type:"string"`
32741
32742	// The name (friendly name, not ARN) identifying the group.
32743	GroupName *string `min:"1" type:"string"`
32744}
32745
32746// String returns the string representation.
32747//
32748// API parameter values that are decorated as "sensitive" in the API will not
32749// be included in the string output. The member name will be present, but the
32750// value will be replaced with "sensitive".
32751func (s PolicyGroup) String() string {
32752	return awsutil.Prettify(s)
32753}
32754
32755// GoString returns the string representation.
32756//
32757// API parameter values that are decorated as "sensitive" in the API will not
32758// be included in the string output. The member name will be present, but the
32759// value will be replaced with "sensitive".
32760func (s PolicyGroup) GoString() string {
32761	return s.String()
32762}
32763
32764// SetGroupId sets the GroupId field's value.
32765func (s *PolicyGroup) SetGroupId(v string) *PolicyGroup {
32766	s.GroupId = &v
32767	return s
32768}
32769
32770// SetGroupName sets the GroupName field's value.
32771func (s *PolicyGroup) SetGroupName(v string) *PolicyGroup {
32772	s.GroupName = &v
32773	return s
32774}
32775
32776// Contains information about a role that a managed policy is attached to.
32777//
32778// This data type is used as a response element in the ListEntitiesForPolicy
32779// operation.
32780//
32781// For more information about managed policies, refer to Managed policies and
32782// inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
32783// in the IAM User Guide.
32784type PolicyRole struct {
32785	_ struct{} `type:"structure"`
32786
32787	// The stable and unique string identifying the role. For more information about
32788	// IDs, see IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html)
32789	// in the IAM User Guide.
32790	RoleId *string `min:"16" type:"string"`
32791
32792	// The name (friendly name, not ARN) identifying the role.
32793	RoleName *string `min:"1" type:"string"`
32794}
32795
32796// String returns the string representation.
32797//
32798// API parameter values that are decorated as "sensitive" in the API will not
32799// be included in the string output. The member name will be present, but the
32800// value will be replaced with "sensitive".
32801func (s PolicyRole) String() string {
32802	return awsutil.Prettify(s)
32803}
32804
32805// GoString returns the string representation.
32806//
32807// API parameter values that are decorated as "sensitive" in the API will not
32808// be included in the string output. The member name will be present, but the
32809// value will be replaced with "sensitive".
32810func (s PolicyRole) GoString() string {
32811	return s.String()
32812}
32813
32814// SetRoleId sets the RoleId field's value.
32815func (s *PolicyRole) SetRoleId(v string) *PolicyRole {
32816	s.RoleId = &v
32817	return s
32818}
32819
32820// SetRoleName sets the RoleName field's value.
32821func (s *PolicyRole) SetRoleName(v string) *PolicyRole {
32822	s.RoleName = &v
32823	return s
32824}
32825
32826// Contains information about a user that a managed policy is attached to.
32827//
32828// This data type is used as a response element in the ListEntitiesForPolicy
32829// operation.
32830//
32831// For more information about managed policies, refer to Managed policies and
32832// inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
32833// in the IAM User Guide.
32834type PolicyUser struct {
32835	_ struct{} `type:"structure"`
32836
32837	// The stable and unique string identifying the user. For more information about
32838	// IDs, see IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html)
32839	// in the IAM User Guide.
32840	UserId *string `min:"16" type:"string"`
32841
32842	// The name (friendly name, not ARN) identifying the user.
32843	UserName *string `min:"1" type:"string"`
32844}
32845
32846// String returns the string representation.
32847//
32848// API parameter values that are decorated as "sensitive" in the API will not
32849// be included in the string output. The member name will be present, but the
32850// value will be replaced with "sensitive".
32851func (s PolicyUser) String() string {
32852	return awsutil.Prettify(s)
32853}
32854
32855// GoString returns the string representation.
32856//
32857// API parameter values that are decorated as "sensitive" in the API will not
32858// be included in the string output. The member name will be present, but the
32859// value will be replaced with "sensitive".
32860func (s PolicyUser) GoString() string {
32861	return s.String()
32862}
32863
32864// SetUserId sets the UserId field's value.
32865func (s *PolicyUser) SetUserId(v string) *PolicyUser {
32866	s.UserId = &v
32867	return s
32868}
32869
32870// SetUserName sets the UserName field's value.
32871func (s *PolicyUser) SetUserName(v string) *PolicyUser {
32872	s.UserName = &v
32873	return s
32874}
32875
32876// Contains information about a version of a managed policy.
32877//
32878// This data type is used as a response element in the CreatePolicyVersion,
32879// GetPolicyVersion, ListPolicyVersions, and GetAccountAuthorizationDetails
32880// operations.
32881//
32882// For more information about managed policies, refer to Managed policies and
32883// inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
32884// in the IAM User Guide.
32885type PolicyVersion struct {
32886	_ struct{} `type:"structure"`
32887
32888	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
32889	// when the policy version was created.
32890	CreateDate *time.Time `type:"timestamp"`
32891
32892	// The policy document.
32893	//
32894	// The policy document is returned in the response to the GetPolicyVersion and
32895	// GetAccountAuthorizationDetails operations. It is not returned in the response
32896	// to the CreatePolicyVersion or ListPolicyVersions operations.
32897	//
32898	// The policy document returned in this structure is URL-encoded compliant with
32899	// RFC 3986 (https://tools.ietf.org/html/rfc3986). You can use a URL decoding
32900	// method to convert the policy back to plain JSON text. For example, if you
32901	// use Java, you can use the decode method of the java.net.URLDecoder utility
32902	// class in the Java SDK. Other languages and SDKs provide similar functionality.
32903	Document *string `min:"1" type:"string"`
32904
32905	// Specifies whether the policy version is set as the policy's default version.
32906	IsDefaultVersion *bool `type:"boolean"`
32907
32908	// The identifier for the policy version.
32909	//
32910	// Policy version identifiers always begin with v (always lowercase). When a
32911	// policy is created, the first policy version is v1.
32912	VersionId *string `type:"string"`
32913}
32914
32915// String returns the string representation.
32916//
32917// API parameter values that are decorated as "sensitive" in the API will not
32918// be included in the string output. The member name will be present, but the
32919// value will be replaced with "sensitive".
32920func (s PolicyVersion) String() string {
32921	return awsutil.Prettify(s)
32922}
32923
32924// GoString returns the string representation.
32925//
32926// API parameter values that are decorated as "sensitive" in the API will not
32927// be included in the string output. The member name will be present, but the
32928// value will be replaced with "sensitive".
32929func (s PolicyVersion) GoString() string {
32930	return s.String()
32931}
32932
32933// SetCreateDate sets the CreateDate field's value.
32934func (s *PolicyVersion) SetCreateDate(v time.Time) *PolicyVersion {
32935	s.CreateDate = &v
32936	return s
32937}
32938
32939// SetDocument sets the Document field's value.
32940func (s *PolicyVersion) SetDocument(v string) *PolicyVersion {
32941	s.Document = &v
32942	return s
32943}
32944
32945// SetIsDefaultVersion sets the IsDefaultVersion field's value.
32946func (s *PolicyVersion) SetIsDefaultVersion(v bool) *PolicyVersion {
32947	s.IsDefaultVersion = &v
32948	return s
32949}
32950
32951// SetVersionId sets the VersionId field's value.
32952func (s *PolicyVersion) SetVersionId(v string) *PolicyVersion {
32953	s.VersionId = &v
32954	return s
32955}
32956
32957// Contains the row and column of a location of a Statement element in a policy
32958// document.
32959//
32960// This data type is used as a member of the Statement type.
32961type Position struct {
32962	_ struct{} `type:"structure"`
32963
32964	// The column in the line containing the specified position in the document.
32965	Column *int64 `type:"integer"`
32966
32967	// The line containing the specified position in the document.
32968	Line *int64 `type:"integer"`
32969}
32970
32971// String returns the string representation.
32972//
32973// API parameter values that are decorated as "sensitive" in the API will not
32974// be included in the string output. The member name will be present, but the
32975// value will be replaced with "sensitive".
32976func (s Position) String() string {
32977	return awsutil.Prettify(s)
32978}
32979
32980// GoString returns the string representation.
32981//
32982// API parameter values that are decorated as "sensitive" in the API will not
32983// be included in the string output. The member name will be present, but the
32984// value will be replaced with "sensitive".
32985func (s Position) GoString() string {
32986	return s.String()
32987}
32988
32989// SetColumn sets the Column field's value.
32990func (s *Position) SetColumn(v int64) *Position {
32991	s.Column = &v
32992	return s
32993}
32994
32995// SetLine sets the Line field's value.
32996func (s *Position) SetLine(v int64) *Position {
32997	s.Line = &v
32998	return s
32999}
33000
33001type PutGroupPolicyInput struct {
33002	_ struct{} `type:"structure"`
33003
33004	// The name of the group to associate the policy with.
33005	//
33006	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
33007	// a string of characters consisting of upper and lowercase alphanumeric characters
33008	// with no spaces. You can also include any of the following characters: _+=,.@-.
33009	//
33010	// GroupName is a required field
33011	GroupName *string `min:"1" type:"string" required:"true"`
33012
33013	// The policy document.
33014	//
33015	// You must provide policies in JSON format in IAM. However, for CloudFormation
33016	// templates formatted in YAML, you can provide the policy in JSON or YAML format.
33017	// CloudFormation always converts a YAML policy to JSON format before submitting
33018	// it to = IAM.
33019	//
33020	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
33021	// parameter is a string of characters consisting of the following:
33022	//
33023	//    * Any printable ASCII character ranging from the space character (\u0020)
33024	//    through the end of the ASCII character range
33025	//
33026	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
33027	//    set (through \u00FF)
33028	//
33029	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
33030	//    return (\u000D)
33031	//
33032	// PolicyDocument is a required field
33033	PolicyDocument *string `min:"1" type:"string" required:"true"`
33034
33035	// The name of the policy document.
33036	//
33037	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
33038	// a string of characters consisting of upper and lowercase alphanumeric characters
33039	// with no spaces. You can also include any of the following characters: _+=,.@-
33040	//
33041	// PolicyName is a required field
33042	PolicyName *string `min:"1" type:"string" required:"true"`
33043}
33044
33045// String returns the string representation.
33046//
33047// API parameter values that are decorated as "sensitive" in the API will not
33048// be included in the string output. The member name will be present, but the
33049// value will be replaced with "sensitive".
33050func (s PutGroupPolicyInput) String() string {
33051	return awsutil.Prettify(s)
33052}
33053
33054// GoString returns the string representation.
33055//
33056// API parameter values that are decorated as "sensitive" in the API will not
33057// be included in the string output. The member name will be present, but the
33058// value will be replaced with "sensitive".
33059func (s PutGroupPolicyInput) GoString() string {
33060	return s.String()
33061}
33062
33063// Validate inspects the fields of the type to determine if they are valid.
33064func (s *PutGroupPolicyInput) Validate() error {
33065	invalidParams := request.ErrInvalidParams{Context: "PutGroupPolicyInput"}
33066	if s.GroupName == nil {
33067		invalidParams.Add(request.NewErrParamRequired("GroupName"))
33068	}
33069	if s.GroupName != nil && len(*s.GroupName) < 1 {
33070		invalidParams.Add(request.NewErrParamMinLen("GroupName", 1))
33071	}
33072	if s.PolicyDocument == nil {
33073		invalidParams.Add(request.NewErrParamRequired("PolicyDocument"))
33074	}
33075	if s.PolicyDocument != nil && len(*s.PolicyDocument) < 1 {
33076		invalidParams.Add(request.NewErrParamMinLen("PolicyDocument", 1))
33077	}
33078	if s.PolicyName == nil {
33079		invalidParams.Add(request.NewErrParamRequired("PolicyName"))
33080	}
33081	if s.PolicyName != nil && len(*s.PolicyName) < 1 {
33082		invalidParams.Add(request.NewErrParamMinLen("PolicyName", 1))
33083	}
33084
33085	if invalidParams.Len() > 0 {
33086		return invalidParams
33087	}
33088	return nil
33089}
33090
33091// SetGroupName sets the GroupName field's value.
33092func (s *PutGroupPolicyInput) SetGroupName(v string) *PutGroupPolicyInput {
33093	s.GroupName = &v
33094	return s
33095}
33096
33097// SetPolicyDocument sets the PolicyDocument field's value.
33098func (s *PutGroupPolicyInput) SetPolicyDocument(v string) *PutGroupPolicyInput {
33099	s.PolicyDocument = &v
33100	return s
33101}
33102
33103// SetPolicyName sets the PolicyName field's value.
33104func (s *PutGroupPolicyInput) SetPolicyName(v string) *PutGroupPolicyInput {
33105	s.PolicyName = &v
33106	return s
33107}
33108
33109type PutGroupPolicyOutput struct {
33110	_ struct{} `type:"structure"`
33111}
33112
33113// String returns the string representation.
33114//
33115// API parameter values that are decorated as "sensitive" in the API will not
33116// be included in the string output. The member name will be present, but the
33117// value will be replaced with "sensitive".
33118func (s PutGroupPolicyOutput) String() string {
33119	return awsutil.Prettify(s)
33120}
33121
33122// GoString returns the string representation.
33123//
33124// API parameter values that are decorated as "sensitive" in the API will not
33125// be included in the string output. The member name will be present, but the
33126// value will be replaced with "sensitive".
33127func (s PutGroupPolicyOutput) GoString() string {
33128	return s.String()
33129}
33130
33131type PutRolePermissionsBoundaryInput struct {
33132	_ struct{} `type:"structure"`
33133
33134	// The ARN of the policy that is used to set the permissions boundary for the
33135	// role.
33136	//
33137	// PermissionsBoundary is a required field
33138	PermissionsBoundary *string `min:"20" type:"string" required:"true"`
33139
33140	// The name (friendly name, not ARN) of the IAM role for which you want to set
33141	// the permissions boundary.
33142	//
33143	// RoleName is a required field
33144	RoleName *string `min:"1" type:"string" required:"true"`
33145}
33146
33147// String returns the string representation.
33148//
33149// API parameter values that are decorated as "sensitive" in the API will not
33150// be included in the string output. The member name will be present, but the
33151// value will be replaced with "sensitive".
33152func (s PutRolePermissionsBoundaryInput) String() string {
33153	return awsutil.Prettify(s)
33154}
33155
33156// GoString returns the string representation.
33157//
33158// API parameter values that are decorated as "sensitive" in the API will not
33159// be included in the string output. The member name will be present, but the
33160// value will be replaced with "sensitive".
33161func (s PutRolePermissionsBoundaryInput) GoString() string {
33162	return s.String()
33163}
33164
33165// Validate inspects the fields of the type to determine if they are valid.
33166func (s *PutRolePermissionsBoundaryInput) Validate() error {
33167	invalidParams := request.ErrInvalidParams{Context: "PutRolePermissionsBoundaryInput"}
33168	if s.PermissionsBoundary == nil {
33169		invalidParams.Add(request.NewErrParamRequired("PermissionsBoundary"))
33170	}
33171	if s.PermissionsBoundary != nil && len(*s.PermissionsBoundary) < 20 {
33172		invalidParams.Add(request.NewErrParamMinLen("PermissionsBoundary", 20))
33173	}
33174	if s.RoleName == nil {
33175		invalidParams.Add(request.NewErrParamRequired("RoleName"))
33176	}
33177	if s.RoleName != nil && len(*s.RoleName) < 1 {
33178		invalidParams.Add(request.NewErrParamMinLen("RoleName", 1))
33179	}
33180
33181	if invalidParams.Len() > 0 {
33182		return invalidParams
33183	}
33184	return nil
33185}
33186
33187// SetPermissionsBoundary sets the PermissionsBoundary field's value.
33188func (s *PutRolePermissionsBoundaryInput) SetPermissionsBoundary(v string) *PutRolePermissionsBoundaryInput {
33189	s.PermissionsBoundary = &v
33190	return s
33191}
33192
33193// SetRoleName sets the RoleName field's value.
33194func (s *PutRolePermissionsBoundaryInput) SetRoleName(v string) *PutRolePermissionsBoundaryInput {
33195	s.RoleName = &v
33196	return s
33197}
33198
33199type PutRolePermissionsBoundaryOutput struct {
33200	_ struct{} `type:"structure"`
33201}
33202
33203// String returns the string representation.
33204//
33205// API parameter values that are decorated as "sensitive" in the API will not
33206// be included in the string output. The member name will be present, but the
33207// value will be replaced with "sensitive".
33208func (s PutRolePermissionsBoundaryOutput) String() string {
33209	return awsutil.Prettify(s)
33210}
33211
33212// GoString returns the string representation.
33213//
33214// API parameter values that are decorated as "sensitive" in the API will not
33215// be included in the string output. The member name will be present, but the
33216// value will be replaced with "sensitive".
33217func (s PutRolePermissionsBoundaryOutput) GoString() string {
33218	return s.String()
33219}
33220
33221type PutRolePolicyInput struct {
33222	_ struct{} `type:"structure"`
33223
33224	// The policy document.
33225	//
33226	// You must provide policies in JSON format in IAM. However, for CloudFormation
33227	// templates formatted in YAML, you can provide the policy in JSON or YAML format.
33228	// CloudFormation always converts a YAML policy to JSON format before submitting
33229	// it to IAM.
33230	//
33231	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
33232	// parameter is a string of characters consisting of the following:
33233	//
33234	//    * Any printable ASCII character ranging from the space character (\u0020)
33235	//    through the end of the ASCII character range
33236	//
33237	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
33238	//    set (through \u00FF)
33239	//
33240	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
33241	//    return (\u000D)
33242	//
33243	// PolicyDocument is a required field
33244	PolicyDocument *string `min:"1" type:"string" required:"true"`
33245
33246	// The name of the policy document.
33247	//
33248	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
33249	// a string of characters consisting of upper and lowercase alphanumeric characters
33250	// with no spaces. You can also include any of the following characters: _+=,.@-
33251	//
33252	// PolicyName is a required field
33253	PolicyName *string `min:"1" type:"string" required:"true"`
33254
33255	// The name of the role to associate the policy with.
33256	//
33257	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
33258	// a string of characters consisting of upper and lowercase alphanumeric characters
33259	// with no spaces. You can also include any of the following characters: _+=,.@-
33260	//
33261	// RoleName is a required field
33262	RoleName *string `min:"1" type:"string" required:"true"`
33263}
33264
33265// String returns the string representation.
33266//
33267// API parameter values that are decorated as "sensitive" in the API will not
33268// be included in the string output. The member name will be present, but the
33269// value will be replaced with "sensitive".
33270func (s PutRolePolicyInput) String() string {
33271	return awsutil.Prettify(s)
33272}
33273
33274// GoString returns the string representation.
33275//
33276// API parameter values that are decorated as "sensitive" in the API will not
33277// be included in the string output. The member name will be present, but the
33278// value will be replaced with "sensitive".
33279func (s PutRolePolicyInput) GoString() string {
33280	return s.String()
33281}
33282
33283// Validate inspects the fields of the type to determine if they are valid.
33284func (s *PutRolePolicyInput) Validate() error {
33285	invalidParams := request.ErrInvalidParams{Context: "PutRolePolicyInput"}
33286	if s.PolicyDocument == nil {
33287		invalidParams.Add(request.NewErrParamRequired("PolicyDocument"))
33288	}
33289	if s.PolicyDocument != nil && len(*s.PolicyDocument) < 1 {
33290		invalidParams.Add(request.NewErrParamMinLen("PolicyDocument", 1))
33291	}
33292	if s.PolicyName == nil {
33293		invalidParams.Add(request.NewErrParamRequired("PolicyName"))
33294	}
33295	if s.PolicyName != nil && len(*s.PolicyName) < 1 {
33296		invalidParams.Add(request.NewErrParamMinLen("PolicyName", 1))
33297	}
33298	if s.RoleName == nil {
33299		invalidParams.Add(request.NewErrParamRequired("RoleName"))
33300	}
33301	if s.RoleName != nil && len(*s.RoleName) < 1 {
33302		invalidParams.Add(request.NewErrParamMinLen("RoleName", 1))
33303	}
33304
33305	if invalidParams.Len() > 0 {
33306		return invalidParams
33307	}
33308	return nil
33309}
33310
33311// SetPolicyDocument sets the PolicyDocument field's value.
33312func (s *PutRolePolicyInput) SetPolicyDocument(v string) *PutRolePolicyInput {
33313	s.PolicyDocument = &v
33314	return s
33315}
33316
33317// SetPolicyName sets the PolicyName field's value.
33318func (s *PutRolePolicyInput) SetPolicyName(v string) *PutRolePolicyInput {
33319	s.PolicyName = &v
33320	return s
33321}
33322
33323// SetRoleName sets the RoleName field's value.
33324func (s *PutRolePolicyInput) SetRoleName(v string) *PutRolePolicyInput {
33325	s.RoleName = &v
33326	return s
33327}
33328
33329type PutRolePolicyOutput struct {
33330	_ struct{} `type:"structure"`
33331}
33332
33333// String returns the string representation.
33334//
33335// API parameter values that are decorated as "sensitive" in the API will not
33336// be included in the string output. The member name will be present, but the
33337// value will be replaced with "sensitive".
33338func (s PutRolePolicyOutput) String() string {
33339	return awsutil.Prettify(s)
33340}
33341
33342// GoString returns the string representation.
33343//
33344// API parameter values that are decorated as "sensitive" in the API will not
33345// be included in the string output. The member name will be present, but the
33346// value will be replaced with "sensitive".
33347func (s PutRolePolicyOutput) GoString() string {
33348	return s.String()
33349}
33350
33351type PutUserPermissionsBoundaryInput struct {
33352	_ struct{} `type:"structure"`
33353
33354	// The ARN of the policy that is used to set the permissions boundary for the
33355	// user.
33356	//
33357	// PermissionsBoundary is a required field
33358	PermissionsBoundary *string `min:"20" type:"string" required:"true"`
33359
33360	// The name (friendly name, not ARN) of the IAM user for which you want to set
33361	// the permissions boundary.
33362	//
33363	// UserName is a required field
33364	UserName *string `min:"1" type:"string" required:"true"`
33365}
33366
33367// String returns the string representation.
33368//
33369// API parameter values that are decorated as "sensitive" in the API will not
33370// be included in the string output. The member name will be present, but the
33371// value will be replaced with "sensitive".
33372func (s PutUserPermissionsBoundaryInput) String() string {
33373	return awsutil.Prettify(s)
33374}
33375
33376// GoString returns the string representation.
33377//
33378// API parameter values that are decorated as "sensitive" in the API will not
33379// be included in the string output. The member name will be present, but the
33380// value will be replaced with "sensitive".
33381func (s PutUserPermissionsBoundaryInput) GoString() string {
33382	return s.String()
33383}
33384
33385// Validate inspects the fields of the type to determine if they are valid.
33386func (s *PutUserPermissionsBoundaryInput) Validate() error {
33387	invalidParams := request.ErrInvalidParams{Context: "PutUserPermissionsBoundaryInput"}
33388	if s.PermissionsBoundary == nil {
33389		invalidParams.Add(request.NewErrParamRequired("PermissionsBoundary"))
33390	}
33391	if s.PermissionsBoundary != nil && len(*s.PermissionsBoundary) < 20 {
33392		invalidParams.Add(request.NewErrParamMinLen("PermissionsBoundary", 20))
33393	}
33394	if s.UserName == nil {
33395		invalidParams.Add(request.NewErrParamRequired("UserName"))
33396	}
33397	if s.UserName != nil && len(*s.UserName) < 1 {
33398		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
33399	}
33400
33401	if invalidParams.Len() > 0 {
33402		return invalidParams
33403	}
33404	return nil
33405}
33406
33407// SetPermissionsBoundary sets the PermissionsBoundary field's value.
33408func (s *PutUserPermissionsBoundaryInput) SetPermissionsBoundary(v string) *PutUserPermissionsBoundaryInput {
33409	s.PermissionsBoundary = &v
33410	return s
33411}
33412
33413// SetUserName sets the UserName field's value.
33414func (s *PutUserPermissionsBoundaryInput) SetUserName(v string) *PutUserPermissionsBoundaryInput {
33415	s.UserName = &v
33416	return s
33417}
33418
33419type PutUserPermissionsBoundaryOutput struct {
33420	_ struct{} `type:"structure"`
33421}
33422
33423// String returns the string representation.
33424//
33425// API parameter values that are decorated as "sensitive" in the API will not
33426// be included in the string output. The member name will be present, but the
33427// value will be replaced with "sensitive".
33428func (s PutUserPermissionsBoundaryOutput) String() string {
33429	return awsutil.Prettify(s)
33430}
33431
33432// GoString returns the string representation.
33433//
33434// API parameter values that are decorated as "sensitive" in the API will not
33435// be included in the string output. The member name will be present, but the
33436// value will be replaced with "sensitive".
33437func (s PutUserPermissionsBoundaryOutput) GoString() string {
33438	return s.String()
33439}
33440
33441type PutUserPolicyInput struct {
33442	_ struct{} `type:"structure"`
33443
33444	// The policy document.
33445	//
33446	// You must provide policies in JSON format in IAM. However, for CloudFormation
33447	// templates formatted in YAML, you can provide the policy in JSON or YAML format.
33448	// CloudFormation always converts a YAML policy to JSON format before submitting
33449	// it to IAM.
33450	//
33451	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
33452	// parameter is a string of characters consisting of the following:
33453	//
33454	//    * Any printable ASCII character ranging from the space character (\u0020)
33455	//    through the end of the ASCII character range
33456	//
33457	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
33458	//    set (through \u00FF)
33459	//
33460	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
33461	//    return (\u000D)
33462	//
33463	// PolicyDocument is a required field
33464	PolicyDocument *string `min:"1" type:"string" required:"true"`
33465
33466	// The name of the policy document.
33467	//
33468	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
33469	// a string of characters consisting of upper and lowercase alphanumeric characters
33470	// with no spaces. You can also include any of the following characters: _+=,.@-
33471	//
33472	// PolicyName is a required field
33473	PolicyName *string `min:"1" type:"string" required:"true"`
33474
33475	// The name of the user to associate the policy with.
33476	//
33477	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
33478	// a string of characters consisting of upper and lowercase alphanumeric characters
33479	// with no spaces. You can also include any of the following characters: _+=,.@-
33480	//
33481	// UserName is a required field
33482	UserName *string `min:"1" type:"string" required:"true"`
33483}
33484
33485// String returns the string representation.
33486//
33487// API parameter values that are decorated as "sensitive" in the API will not
33488// be included in the string output. The member name will be present, but the
33489// value will be replaced with "sensitive".
33490func (s PutUserPolicyInput) String() string {
33491	return awsutil.Prettify(s)
33492}
33493
33494// GoString returns the string representation.
33495//
33496// API parameter values that are decorated as "sensitive" in the API will not
33497// be included in the string output. The member name will be present, but the
33498// value will be replaced with "sensitive".
33499func (s PutUserPolicyInput) GoString() string {
33500	return s.String()
33501}
33502
33503// Validate inspects the fields of the type to determine if they are valid.
33504func (s *PutUserPolicyInput) Validate() error {
33505	invalidParams := request.ErrInvalidParams{Context: "PutUserPolicyInput"}
33506	if s.PolicyDocument == nil {
33507		invalidParams.Add(request.NewErrParamRequired("PolicyDocument"))
33508	}
33509	if s.PolicyDocument != nil && len(*s.PolicyDocument) < 1 {
33510		invalidParams.Add(request.NewErrParamMinLen("PolicyDocument", 1))
33511	}
33512	if s.PolicyName == nil {
33513		invalidParams.Add(request.NewErrParamRequired("PolicyName"))
33514	}
33515	if s.PolicyName != nil && len(*s.PolicyName) < 1 {
33516		invalidParams.Add(request.NewErrParamMinLen("PolicyName", 1))
33517	}
33518	if s.UserName == nil {
33519		invalidParams.Add(request.NewErrParamRequired("UserName"))
33520	}
33521	if s.UserName != nil && len(*s.UserName) < 1 {
33522		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
33523	}
33524
33525	if invalidParams.Len() > 0 {
33526		return invalidParams
33527	}
33528	return nil
33529}
33530
33531// SetPolicyDocument sets the PolicyDocument field's value.
33532func (s *PutUserPolicyInput) SetPolicyDocument(v string) *PutUserPolicyInput {
33533	s.PolicyDocument = &v
33534	return s
33535}
33536
33537// SetPolicyName sets the PolicyName field's value.
33538func (s *PutUserPolicyInput) SetPolicyName(v string) *PutUserPolicyInput {
33539	s.PolicyName = &v
33540	return s
33541}
33542
33543// SetUserName sets the UserName field's value.
33544func (s *PutUserPolicyInput) SetUserName(v string) *PutUserPolicyInput {
33545	s.UserName = &v
33546	return s
33547}
33548
33549type PutUserPolicyOutput struct {
33550	_ struct{} `type:"structure"`
33551}
33552
33553// String returns the string representation.
33554//
33555// API parameter values that are decorated as "sensitive" in the API will not
33556// be included in the string output. The member name will be present, but the
33557// value will be replaced with "sensitive".
33558func (s PutUserPolicyOutput) String() string {
33559	return awsutil.Prettify(s)
33560}
33561
33562// GoString returns the string representation.
33563//
33564// API parameter values that are decorated as "sensitive" in the API will not
33565// be included in the string output. The member name will be present, but the
33566// value will be replaced with "sensitive".
33567func (s PutUserPolicyOutput) GoString() string {
33568	return s.String()
33569}
33570
33571type RemoveClientIDFromOpenIDConnectProviderInput struct {
33572	_ struct{} `type:"structure"`
33573
33574	// The client ID (also known as audience) to remove from the IAM OIDC provider
33575	// resource. For more information about client IDs, see CreateOpenIDConnectProvider.
33576	//
33577	// ClientID is a required field
33578	ClientID *string `min:"1" type:"string" required:"true"`
33579
33580	// The Amazon Resource Name (ARN) of the IAM OIDC provider resource to remove
33581	// the client ID from. You can get a list of OIDC provider ARNs by using the
33582	// ListOpenIDConnectProviders operation.
33583	//
33584	// For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
33585	// in the Amazon Web Services General Reference.
33586	//
33587	// OpenIDConnectProviderArn is a required field
33588	OpenIDConnectProviderArn *string `min:"20" type:"string" required:"true"`
33589}
33590
33591// String returns the string representation.
33592//
33593// API parameter values that are decorated as "sensitive" in the API will not
33594// be included in the string output. The member name will be present, but the
33595// value will be replaced with "sensitive".
33596func (s RemoveClientIDFromOpenIDConnectProviderInput) String() string {
33597	return awsutil.Prettify(s)
33598}
33599
33600// GoString returns the string representation.
33601//
33602// API parameter values that are decorated as "sensitive" in the API will not
33603// be included in the string output. The member name will be present, but the
33604// value will be replaced with "sensitive".
33605func (s RemoveClientIDFromOpenIDConnectProviderInput) GoString() string {
33606	return s.String()
33607}
33608
33609// Validate inspects the fields of the type to determine if they are valid.
33610func (s *RemoveClientIDFromOpenIDConnectProviderInput) Validate() error {
33611	invalidParams := request.ErrInvalidParams{Context: "RemoveClientIDFromOpenIDConnectProviderInput"}
33612	if s.ClientID == nil {
33613		invalidParams.Add(request.NewErrParamRequired("ClientID"))
33614	}
33615	if s.ClientID != nil && len(*s.ClientID) < 1 {
33616		invalidParams.Add(request.NewErrParamMinLen("ClientID", 1))
33617	}
33618	if s.OpenIDConnectProviderArn == nil {
33619		invalidParams.Add(request.NewErrParamRequired("OpenIDConnectProviderArn"))
33620	}
33621	if s.OpenIDConnectProviderArn != nil && len(*s.OpenIDConnectProviderArn) < 20 {
33622		invalidParams.Add(request.NewErrParamMinLen("OpenIDConnectProviderArn", 20))
33623	}
33624
33625	if invalidParams.Len() > 0 {
33626		return invalidParams
33627	}
33628	return nil
33629}
33630
33631// SetClientID sets the ClientID field's value.
33632func (s *RemoveClientIDFromOpenIDConnectProviderInput) SetClientID(v string) *RemoveClientIDFromOpenIDConnectProviderInput {
33633	s.ClientID = &v
33634	return s
33635}
33636
33637// SetOpenIDConnectProviderArn sets the OpenIDConnectProviderArn field's value.
33638func (s *RemoveClientIDFromOpenIDConnectProviderInput) SetOpenIDConnectProviderArn(v string) *RemoveClientIDFromOpenIDConnectProviderInput {
33639	s.OpenIDConnectProviderArn = &v
33640	return s
33641}
33642
33643type RemoveClientIDFromOpenIDConnectProviderOutput struct {
33644	_ struct{} `type:"structure"`
33645}
33646
33647// String returns the string representation.
33648//
33649// API parameter values that are decorated as "sensitive" in the API will not
33650// be included in the string output. The member name will be present, but the
33651// value will be replaced with "sensitive".
33652func (s RemoveClientIDFromOpenIDConnectProviderOutput) String() string {
33653	return awsutil.Prettify(s)
33654}
33655
33656// GoString returns the string representation.
33657//
33658// API parameter values that are decorated as "sensitive" in the API will not
33659// be included in the string output. The member name will be present, but the
33660// value will be replaced with "sensitive".
33661func (s RemoveClientIDFromOpenIDConnectProviderOutput) GoString() string {
33662	return s.String()
33663}
33664
33665type RemoveRoleFromInstanceProfileInput struct {
33666	_ struct{} `type:"structure"`
33667
33668	// The name of the instance profile to update.
33669	//
33670	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
33671	// a string of characters consisting of upper and lowercase alphanumeric characters
33672	// with no spaces. You can also include any of the following characters: _+=,.@-
33673	//
33674	// InstanceProfileName is a required field
33675	InstanceProfileName *string `min:"1" type:"string" required:"true"`
33676
33677	// The name of the role to remove.
33678	//
33679	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
33680	// a string of characters consisting of upper and lowercase alphanumeric characters
33681	// with no spaces. You can also include any of the following characters: _+=,.@-
33682	//
33683	// RoleName is a required field
33684	RoleName *string `min:"1" type:"string" required:"true"`
33685}
33686
33687// String returns the string representation.
33688//
33689// API parameter values that are decorated as "sensitive" in the API will not
33690// be included in the string output. The member name will be present, but the
33691// value will be replaced with "sensitive".
33692func (s RemoveRoleFromInstanceProfileInput) String() string {
33693	return awsutil.Prettify(s)
33694}
33695
33696// GoString returns the string representation.
33697//
33698// API parameter values that are decorated as "sensitive" in the API will not
33699// be included in the string output. The member name will be present, but the
33700// value will be replaced with "sensitive".
33701func (s RemoveRoleFromInstanceProfileInput) GoString() string {
33702	return s.String()
33703}
33704
33705// Validate inspects the fields of the type to determine if they are valid.
33706func (s *RemoveRoleFromInstanceProfileInput) Validate() error {
33707	invalidParams := request.ErrInvalidParams{Context: "RemoveRoleFromInstanceProfileInput"}
33708	if s.InstanceProfileName == nil {
33709		invalidParams.Add(request.NewErrParamRequired("InstanceProfileName"))
33710	}
33711	if s.InstanceProfileName != nil && len(*s.InstanceProfileName) < 1 {
33712		invalidParams.Add(request.NewErrParamMinLen("InstanceProfileName", 1))
33713	}
33714	if s.RoleName == nil {
33715		invalidParams.Add(request.NewErrParamRequired("RoleName"))
33716	}
33717	if s.RoleName != nil && len(*s.RoleName) < 1 {
33718		invalidParams.Add(request.NewErrParamMinLen("RoleName", 1))
33719	}
33720
33721	if invalidParams.Len() > 0 {
33722		return invalidParams
33723	}
33724	return nil
33725}
33726
33727// SetInstanceProfileName sets the InstanceProfileName field's value.
33728func (s *RemoveRoleFromInstanceProfileInput) SetInstanceProfileName(v string) *RemoveRoleFromInstanceProfileInput {
33729	s.InstanceProfileName = &v
33730	return s
33731}
33732
33733// SetRoleName sets the RoleName field's value.
33734func (s *RemoveRoleFromInstanceProfileInput) SetRoleName(v string) *RemoveRoleFromInstanceProfileInput {
33735	s.RoleName = &v
33736	return s
33737}
33738
33739type RemoveRoleFromInstanceProfileOutput struct {
33740	_ struct{} `type:"structure"`
33741}
33742
33743// String returns the string representation.
33744//
33745// API parameter values that are decorated as "sensitive" in the API will not
33746// be included in the string output. The member name will be present, but the
33747// value will be replaced with "sensitive".
33748func (s RemoveRoleFromInstanceProfileOutput) String() string {
33749	return awsutil.Prettify(s)
33750}
33751
33752// GoString returns the string representation.
33753//
33754// API parameter values that are decorated as "sensitive" in the API will not
33755// be included in the string output. The member name will be present, but the
33756// value will be replaced with "sensitive".
33757func (s RemoveRoleFromInstanceProfileOutput) GoString() string {
33758	return s.String()
33759}
33760
33761type RemoveUserFromGroupInput struct {
33762	_ struct{} `type:"structure"`
33763
33764	// The name of the group to update.
33765	//
33766	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
33767	// a string of characters consisting of upper and lowercase alphanumeric characters
33768	// with no spaces. You can also include any of the following characters: _+=,.@-
33769	//
33770	// GroupName is a required field
33771	GroupName *string `min:"1" type:"string" required:"true"`
33772
33773	// The name of the user to remove.
33774	//
33775	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
33776	// a string of characters consisting of upper and lowercase alphanumeric characters
33777	// with no spaces. You can also include any of the following characters: _+=,.@-
33778	//
33779	// UserName is a required field
33780	UserName *string `min:"1" type:"string" required:"true"`
33781}
33782
33783// String returns the string representation.
33784//
33785// API parameter values that are decorated as "sensitive" in the API will not
33786// be included in the string output. The member name will be present, but the
33787// value will be replaced with "sensitive".
33788func (s RemoveUserFromGroupInput) String() string {
33789	return awsutil.Prettify(s)
33790}
33791
33792// GoString returns the string representation.
33793//
33794// API parameter values that are decorated as "sensitive" in the API will not
33795// be included in the string output. The member name will be present, but the
33796// value will be replaced with "sensitive".
33797func (s RemoveUserFromGroupInput) GoString() string {
33798	return s.String()
33799}
33800
33801// Validate inspects the fields of the type to determine if they are valid.
33802func (s *RemoveUserFromGroupInput) Validate() error {
33803	invalidParams := request.ErrInvalidParams{Context: "RemoveUserFromGroupInput"}
33804	if s.GroupName == nil {
33805		invalidParams.Add(request.NewErrParamRequired("GroupName"))
33806	}
33807	if s.GroupName != nil && len(*s.GroupName) < 1 {
33808		invalidParams.Add(request.NewErrParamMinLen("GroupName", 1))
33809	}
33810	if s.UserName == nil {
33811		invalidParams.Add(request.NewErrParamRequired("UserName"))
33812	}
33813	if s.UserName != nil && len(*s.UserName) < 1 {
33814		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
33815	}
33816
33817	if invalidParams.Len() > 0 {
33818		return invalidParams
33819	}
33820	return nil
33821}
33822
33823// SetGroupName sets the GroupName field's value.
33824func (s *RemoveUserFromGroupInput) SetGroupName(v string) *RemoveUserFromGroupInput {
33825	s.GroupName = &v
33826	return s
33827}
33828
33829// SetUserName sets the UserName field's value.
33830func (s *RemoveUserFromGroupInput) SetUserName(v string) *RemoveUserFromGroupInput {
33831	s.UserName = &v
33832	return s
33833}
33834
33835type RemoveUserFromGroupOutput struct {
33836	_ struct{} `type:"structure"`
33837}
33838
33839// String returns the string representation.
33840//
33841// API parameter values that are decorated as "sensitive" in the API will not
33842// be included in the string output. The member name will be present, but the
33843// value will be replaced with "sensitive".
33844func (s RemoveUserFromGroupOutput) String() string {
33845	return awsutil.Prettify(s)
33846}
33847
33848// GoString returns the string representation.
33849//
33850// API parameter values that are decorated as "sensitive" in the API will not
33851// be included in the string output. The member name will be present, but the
33852// value will be replaced with "sensitive".
33853func (s RemoveUserFromGroupOutput) GoString() string {
33854	return s.String()
33855}
33856
33857type ResetServiceSpecificCredentialInput struct {
33858	_ struct{} `type:"structure"`
33859
33860	// The unique identifier of the service-specific credential.
33861	//
33862	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
33863	// a string of characters that can consist of any upper or lowercased letter
33864	// or digit.
33865	//
33866	// ServiceSpecificCredentialId is a required field
33867	ServiceSpecificCredentialId *string `min:"20" type:"string" required:"true"`
33868
33869	// The name of the IAM user associated with the service-specific credential.
33870	// If this value is not specified, then the operation assumes the user whose
33871	// credentials are used to call the operation.
33872	//
33873	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
33874	// a string of characters consisting of upper and lowercase alphanumeric characters
33875	// with no spaces. You can also include any of the following characters: _+=,.@-
33876	UserName *string `min:"1" type:"string"`
33877}
33878
33879// String returns the string representation.
33880//
33881// API parameter values that are decorated as "sensitive" in the API will not
33882// be included in the string output. The member name will be present, but the
33883// value will be replaced with "sensitive".
33884func (s ResetServiceSpecificCredentialInput) String() string {
33885	return awsutil.Prettify(s)
33886}
33887
33888// GoString returns the string representation.
33889//
33890// API parameter values that are decorated as "sensitive" in the API will not
33891// be included in the string output. The member name will be present, but the
33892// value will be replaced with "sensitive".
33893func (s ResetServiceSpecificCredentialInput) GoString() string {
33894	return s.String()
33895}
33896
33897// Validate inspects the fields of the type to determine if they are valid.
33898func (s *ResetServiceSpecificCredentialInput) Validate() error {
33899	invalidParams := request.ErrInvalidParams{Context: "ResetServiceSpecificCredentialInput"}
33900	if s.ServiceSpecificCredentialId == nil {
33901		invalidParams.Add(request.NewErrParamRequired("ServiceSpecificCredentialId"))
33902	}
33903	if s.ServiceSpecificCredentialId != nil && len(*s.ServiceSpecificCredentialId) < 20 {
33904		invalidParams.Add(request.NewErrParamMinLen("ServiceSpecificCredentialId", 20))
33905	}
33906	if s.UserName != nil && len(*s.UserName) < 1 {
33907		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
33908	}
33909
33910	if invalidParams.Len() > 0 {
33911		return invalidParams
33912	}
33913	return nil
33914}
33915
33916// SetServiceSpecificCredentialId sets the ServiceSpecificCredentialId field's value.
33917func (s *ResetServiceSpecificCredentialInput) SetServiceSpecificCredentialId(v string) *ResetServiceSpecificCredentialInput {
33918	s.ServiceSpecificCredentialId = &v
33919	return s
33920}
33921
33922// SetUserName sets the UserName field's value.
33923func (s *ResetServiceSpecificCredentialInput) SetUserName(v string) *ResetServiceSpecificCredentialInput {
33924	s.UserName = &v
33925	return s
33926}
33927
33928type ResetServiceSpecificCredentialOutput struct {
33929	_ struct{} `type:"structure"`
33930
33931	// A structure with details about the updated service-specific credential, including
33932	// the new password.
33933	//
33934	// This is the only time that you can access the password. You cannot recover
33935	// the password later, but you can reset it again.
33936	ServiceSpecificCredential *ServiceSpecificCredential `type:"structure"`
33937}
33938
33939// String returns the string representation.
33940//
33941// API parameter values that are decorated as "sensitive" in the API will not
33942// be included in the string output. The member name will be present, but the
33943// value will be replaced with "sensitive".
33944func (s ResetServiceSpecificCredentialOutput) String() string {
33945	return awsutil.Prettify(s)
33946}
33947
33948// GoString returns the string representation.
33949//
33950// API parameter values that are decorated as "sensitive" in the API will not
33951// be included in the string output. The member name will be present, but the
33952// value will be replaced with "sensitive".
33953func (s ResetServiceSpecificCredentialOutput) GoString() string {
33954	return s.String()
33955}
33956
33957// SetServiceSpecificCredential sets the ServiceSpecificCredential field's value.
33958func (s *ResetServiceSpecificCredentialOutput) SetServiceSpecificCredential(v *ServiceSpecificCredential) *ResetServiceSpecificCredentialOutput {
33959	s.ServiceSpecificCredential = v
33960	return s
33961}
33962
33963// Contains the result of the simulation of a single API operation call on a
33964// single resource.
33965//
33966// This data type is used by a member of the EvaluationResult data type.
33967type ResourceSpecificResult struct {
33968	_ struct{} `type:"structure"`
33969
33970	// Additional details about the results of the evaluation decision on a single
33971	// resource. This parameter is returned only for cross-account simulations.
33972	// This parameter explains how each policy type contributes to the resource-specific
33973	// evaluation decision.
33974	EvalDecisionDetails map[string]*string `type:"map"`
33975
33976	// The result of the simulation of the simulated API operation on the resource
33977	// specified in EvalResourceName.
33978	//
33979	// EvalResourceDecision is a required field
33980	EvalResourceDecision *string `type:"string" required:"true" enum:"PolicyEvaluationDecisionType"`
33981
33982	// The name of the simulated resource, in Amazon Resource Name (ARN) format.
33983	//
33984	// EvalResourceName is a required field
33985	EvalResourceName *string `min:"1" type:"string" required:"true"`
33986
33987	// A list of the statements in the input policies that determine the result
33988	// for this part of the simulation. Remember that even if multiple statements
33989	// allow the operation on the resource, if any statement denies that operation,
33990	// then the explicit deny overrides any allow. In addition, the deny statement
33991	// is the only entry included in the result.
33992	MatchedStatements []*Statement `type:"list"`
33993
33994	// A list of context keys that are required by the included input policies but
33995	// that were not provided by one of the input parameters. This list is used
33996	// when a list of ARNs is included in the ResourceArns parameter instead of
33997	// "*". If you do not specify individual resources, by setting ResourceArns
33998	// to "*" or by not including the ResourceArns parameter, then any missing context
33999	// values are instead included under the EvaluationResults section. To discover
34000	// the context keys used by a set of policies, you can call GetContextKeysForCustomPolicy
34001	// or GetContextKeysForPrincipalPolicy.
34002	MissingContextValues []*string `type:"list"`
34003
34004	// Contains information about the effect that a permissions boundary has on
34005	// a policy simulation when that boundary is applied to an IAM entity.
34006	PermissionsBoundaryDecisionDetail *PermissionsBoundaryDecisionDetail `type:"structure"`
34007}
34008
34009// String returns the string representation.
34010//
34011// API parameter values that are decorated as "sensitive" in the API will not
34012// be included in the string output. The member name will be present, but the
34013// value will be replaced with "sensitive".
34014func (s ResourceSpecificResult) String() string {
34015	return awsutil.Prettify(s)
34016}
34017
34018// GoString returns the string representation.
34019//
34020// API parameter values that are decorated as "sensitive" in the API will not
34021// be included in the string output. The member name will be present, but the
34022// value will be replaced with "sensitive".
34023func (s ResourceSpecificResult) GoString() string {
34024	return s.String()
34025}
34026
34027// SetEvalDecisionDetails sets the EvalDecisionDetails field's value.
34028func (s *ResourceSpecificResult) SetEvalDecisionDetails(v map[string]*string) *ResourceSpecificResult {
34029	s.EvalDecisionDetails = v
34030	return s
34031}
34032
34033// SetEvalResourceDecision sets the EvalResourceDecision field's value.
34034func (s *ResourceSpecificResult) SetEvalResourceDecision(v string) *ResourceSpecificResult {
34035	s.EvalResourceDecision = &v
34036	return s
34037}
34038
34039// SetEvalResourceName sets the EvalResourceName field's value.
34040func (s *ResourceSpecificResult) SetEvalResourceName(v string) *ResourceSpecificResult {
34041	s.EvalResourceName = &v
34042	return s
34043}
34044
34045// SetMatchedStatements sets the MatchedStatements field's value.
34046func (s *ResourceSpecificResult) SetMatchedStatements(v []*Statement) *ResourceSpecificResult {
34047	s.MatchedStatements = v
34048	return s
34049}
34050
34051// SetMissingContextValues sets the MissingContextValues field's value.
34052func (s *ResourceSpecificResult) SetMissingContextValues(v []*string) *ResourceSpecificResult {
34053	s.MissingContextValues = v
34054	return s
34055}
34056
34057// SetPermissionsBoundaryDecisionDetail sets the PermissionsBoundaryDecisionDetail field's value.
34058func (s *ResourceSpecificResult) SetPermissionsBoundaryDecisionDetail(v *PermissionsBoundaryDecisionDetail) *ResourceSpecificResult {
34059	s.PermissionsBoundaryDecisionDetail = v
34060	return s
34061}
34062
34063type ResyncMFADeviceInput struct {
34064	_ struct{} `type:"structure"`
34065
34066	// An authentication code emitted by the device.
34067	//
34068	// The format for this parameter is a sequence of six digits.
34069	//
34070	// AuthenticationCode1 is a required field
34071	AuthenticationCode1 *string `min:"6" type:"string" required:"true"`
34072
34073	// A subsequent authentication code emitted by the device.
34074	//
34075	// The format for this parameter is a sequence of six digits.
34076	//
34077	// AuthenticationCode2 is a required field
34078	AuthenticationCode2 *string `min:"6" type:"string" required:"true"`
34079
34080	// Serial number that uniquely identifies the MFA device.
34081	//
34082	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
34083	// a string of characters consisting of upper and lowercase alphanumeric characters
34084	// with no spaces. You can also include any of the following characters: _+=,.@-
34085	//
34086	// SerialNumber is a required field
34087	SerialNumber *string `min:"9" type:"string" required:"true"`
34088
34089	// The name of the user whose MFA device you want to resynchronize.
34090	//
34091	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
34092	// a string of characters consisting of upper and lowercase alphanumeric characters
34093	// with no spaces. You can also include any of the following characters: _+=,.@-
34094	//
34095	// UserName is a required field
34096	UserName *string `min:"1" type:"string" required:"true"`
34097}
34098
34099// String returns the string representation.
34100//
34101// API parameter values that are decorated as "sensitive" in the API will not
34102// be included in the string output. The member name will be present, but the
34103// value will be replaced with "sensitive".
34104func (s ResyncMFADeviceInput) String() string {
34105	return awsutil.Prettify(s)
34106}
34107
34108// GoString returns the string representation.
34109//
34110// API parameter values that are decorated as "sensitive" in the API will not
34111// be included in the string output. The member name will be present, but the
34112// value will be replaced with "sensitive".
34113func (s ResyncMFADeviceInput) GoString() string {
34114	return s.String()
34115}
34116
34117// Validate inspects the fields of the type to determine if they are valid.
34118func (s *ResyncMFADeviceInput) Validate() error {
34119	invalidParams := request.ErrInvalidParams{Context: "ResyncMFADeviceInput"}
34120	if s.AuthenticationCode1 == nil {
34121		invalidParams.Add(request.NewErrParamRequired("AuthenticationCode1"))
34122	}
34123	if s.AuthenticationCode1 != nil && len(*s.AuthenticationCode1) < 6 {
34124		invalidParams.Add(request.NewErrParamMinLen("AuthenticationCode1", 6))
34125	}
34126	if s.AuthenticationCode2 == nil {
34127		invalidParams.Add(request.NewErrParamRequired("AuthenticationCode2"))
34128	}
34129	if s.AuthenticationCode2 != nil && len(*s.AuthenticationCode2) < 6 {
34130		invalidParams.Add(request.NewErrParamMinLen("AuthenticationCode2", 6))
34131	}
34132	if s.SerialNumber == nil {
34133		invalidParams.Add(request.NewErrParamRequired("SerialNumber"))
34134	}
34135	if s.SerialNumber != nil && len(*s.SerialNumber) < 9 {
34136		invalidParams.Add(request.NewErrParamMinLen("SerialNumber", 9))
34137	}
34138	if s.UserName == nil {
34139		invalidParams.Add(request.NewErrParamRequired("UserName"))
34140	}
34141	if s.UserName != nil && len(*s.UserName) < 1 {
34142		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
34143	}
34144
34145	if invalidParams.Len() > 0 {
34146		return invalidParams
34147	}
34148	return nil
34149}
34150
34151// SetAuthenticationCode1 sets the AuthenticationCode1 field's value.
34152func (s *ResyncMFADeviceInput) SetAuthenticationCode1(v string) *ResyncMFADeviceInput {
34153	s.AuthenticationCode1 = &v
34154	return s
34155}
34156
34157// SetAuthenticationCode2 sets the AuthenticationCode2 field's value.
34158func (s *ResyncMFADeviceInput) SetAuthenticationCode2(v string) *ResyncMFADeviceInput {
34159	s.AuthenticationCode2 = &v
34160	return s
34161}
34162
34163// SetSerialNumber sets the SerialNumber field's value.
34164func (s *ResyncMFADeviceInput) SetSerialNumber(v string) *ResyncMFADeviceInput {
34165	s.SerialNumber = &v
34166	return s
34167}
34168
34169// SetUserName sets the UserName field's value.
34170func (s *ResyncMFADeviceInput) SetUserName(v string) *ResyncMFADeviceInput {
34171	s.UserName = &v
34172	return s
34173}
34174
34175type ResyncMFADeviceOutput struct {
34176	_ struct{} `type:"structure"`
34177}
34178
34179// String returns the string representation.
34180//
34181// API parameter values that are decorated as "sensitive" in the API will not
34182// be included in the string output. The member name will be present, but the
34183// value will be replaced with "sensitive".
34184func (s ResyncMFADeviceOutput) String() string {
34185	return awsutil.Prettify(s)
34186}
34187
34188// GoString returns the string representation.
34189//
34190// API parameter values that are decorated as "sensitive" in the API will not
34191// be included in the string output. The member name will be present, but the
34192// value will be replaced with "sensitive".
34193func (s ResyncMFADeviceOutput) GoString() string {
34194	return s.String()
34195}
34196
34197// Contains information about an IAM role. This structure is returned as a response
34198// element in several API operations that interact with roles.
34199type Role struct {
34200	_ struct{} `type:"structure"`
34201
34202	// The Amazon Resource Name (ARN) specifying the role. For more information
34203	// about ARNs and how to use them in policies, see IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
34204	// in the IAM User Guide guide.
34205	//
34206	// Arn is a required field
34207	Arn *string `min:"20" type:"string" required:"true"`
34208
34209	// The policy that grants an entity permission to assume the role.
34210	AssumeRolePolicyDocument *string `min:"1" type:"string"`
34211
34212	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
34213	// when the role was created.
34214	//
34215	// CreateDate is a required field
34216	CreateDate *time.Time `type:"timestamp" required:"true"`
34217
34218	// A description of the role that you provide.
34219	Description *string `type:"string"`
34220
34221	// The maximum session duration (in seconds) for the specified role. Anyone
34222	// who uses the CLI, or API to assume the role can specify the duration using
34223	// the optional DurationSeconds API parameter or duration-seconds CLI parameter.
34224	MaxSessionDuration *int64 `min:"3600" type:"integer"`
34225
34226	// The path to the role. For more information about paths, see IAM identifiers
34227	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
34228	// in the IAM User Guide.
34229	//
34230	// Path is a required field
34231	Path *string `min:"1" type:"string" required:"true"`
34232
34233	// The ARN of the policy used to set the permissions boundary for the role.
34234	//
34235	// For more information about permissions boundaries, see Permissions boundaries
34236	// for IAM identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html)
34237	// in the IAM User Guide.
34238	PermissionsBoundary *AttachedPermissionsBoundary `type:"structure"`
34239
34240	// The stable and unique string identifying the role. For more information about
34241	// IDs, see IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
34242	// in the IAM User Guide.
34243	//
34244	// RoleId is a required field
34245	RoleId *string `min:"16" type:"string" required:"true"`
34246
34247	// Contains information about the last time that an IAM role was used. This
34248	// includes the date and time and the Region in which the role was last used.
34249	// Activity is only reported for the trailing 400 days. This period can be shorter
34250	// if your Region began supporting these features within the last year. The
34251	// role might have been used more than 400 days ago. For more information, see
34252	// Regions where data is tracked (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#access-advisor_tracking-period)
34253	// in the IAM User Guide.
34254	RoleLastUsed *RoleLastUsed `type:"structure"`
34255
34256	// The friendly name that identifies the role.
34257	//
34258	// RoleName is a required field
34259	RoleName *string `min:"1" type:"string" required:"true"`
34260
34261	// A list of tags that are attached to the role. For more information about
34262	// tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
34263	// in the IAM User Guide.
34264	Tags []*Tag `type:"list"`
34265}
34266
34267// String returns the string representation.
34268//
34269// API parameter values that are decorated as "sensitive" in the API will not
34270// be included in the string output. The member name will be present, but the
34271// value will be replaced with "sensitive".
34272func (s Role) String() string {
34273	return awsutil.Prettify(s)
34274}
34275
34276// GoString returns the string representation.
34277//
34278// API parameter values that are decorated as "sensitive" in the API will not
34279// be included in the string output. The member name will be present, but the
34280// value will be replaced with "sensitive".
34281func (s Role) GoString() string {
34282	return s.String()
34283}
34284
34285// SetArn sets the Arn field's value.
34286func (s *Role) SetArn(v string) *Role {
34287	s.Arn = &v
34288	return s
34289}
34290
34291// SetAssumeRolePolicyDocument sets the AssumeRolePolicyDocument field's value.
34292func (s *Role) SetAssumeRolePolicyDocument(v string) *Role {
34293	s.AssumeRolePolicyDocument = &v
34294	return s
34295}
34296
34297// SetCreateDate sets the CreateDate field's value.
34298func (s *Role) SetCreateDate(v time.Time) *Role {
34299	s.CreateDate = &v
34300	return s
34301}
34302
34303// SetDescription sets the Description field's value.
34304func (s *Role) SetDescription(v string) *Role {
34305	s.Description = &v
34306	return s
34307}
34308
34309// SetMaxSessionDuration sets the MaxSessionDuration field's value.
34310func (s *Role) SetMaxSessionDuration(v int64) *Role {
34311	s.MaxSessionDuration = &v
34312	return s
34313}
34314
34315// SetPath sets the Path field's value.
34316func (s *Role) SetPath(v string) *Role {
34317	s.Path = &v
34318	return s
34319}
34320
34321// SetPermissionsBoundary sets the PermissionsBoundary field's value.
34322func (s *Role) SetPermissionsBoundary(v *AttachedPermissionsBoundary) *Role {
34323	s.PermissionsBoundary = v
34324	return s
34325}
34326
34327// SetRoleId sets the RoleId field's value.
34328func (s *Role) SetRoleId(v string) *Role {
34329	s.RoleId = &v
34330	return s
34331}
34332
34333// SetRoleLastUsed sets the RoleLastUsed field's value.
34334func (s *Role) SetRoleLastUsed(v *RoleLastUsed) *Role {
34335	s.RoleLastUsed = v
34336	return s
34337}
34338
34339// SetRoleName sets the RoleName field's value.
34340func (s *Role) SetRoleName(v string) *Role {
34341	s.RoleName = &v
34342	return s
34343}
34344
34345// SetTags sets the Tags field's value.
34346func (s *Role) SetTags(v []*Tag) *Role {
34347	s.Tags = v
34348	return s
34349}
34350
34351// Contains information about an IAM role, including all of the role's policies.
34352//
34353// This data type is used as a response element in the GetAccountAuthorizationDetails
34354// operation.
34355type RoleDetail struct {
34356	_ struct{} `type:"structure"`
34357
34358	// The Amazon Resource Name (ARN). ARNs are unique identifiers for Amazon Web
34359	// Services resources.
34360	//
34361	// For more information about ARNs, go to Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
34362	// in the Amazon Web Services General Reference.
34363	Arn *string `min:"20" type:"string"`
34364
34365	// The trust policy that grants permission to assume the role.
34366	AssumeRolePolicyDocument *string `min:"1" type:"string"`
34367
34368	// A list of managed policies attached to the role. These policies are the role's
34369	// access (permissions) policies.
34370	AttachedManagedPolicies []*AttachedPolicy `type:"list"`
34371
34372	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
34373	// when the role was created.
34374	CreateDate *time.Time `type:"timestamp"`
34375
34376	// A list of instance profiles that contain this role.
34377	InstanceProfileList []*InstanceProfile `type:"list"`
34378
34379	// The path to the role. For more information about paths, see IAM identifiers
34380	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
34381	// in the IAM User Guide.
34382	Path *string `min:"1" type:"string"`
34383
34384	// The ARN of the policy used to set the permissions boundary for the role.
34385	//
34386	// For more information about permissions boundaries, see Permissions boundaries
34387	// for IAM identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html)
34388	// in the IAM User Guide.
34389	PermissionsBoundary *AttachedPermissionsBoundary `type:"structure"`
34390
34391	// The stable and unique string identifying the role. For more information about
34392	// IDs, see IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
34393	// in the IAM User Guide.
34394	RoleId *string `min:"16" type:"string"`
34395
34396	// Contains information about the last time that an IAM role was used. This
34397	// includes the date and time and the Region in which the role was last used.
34398	// Activity is only reported for the trailing 400 days. This period can be shorter
34399	// if your Region began supporting these features within the last year. The
34400	// role might have been used more than 400 days ago. For more information, see
34401	// Regions where data is tracked (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#access-advisor_tracking-period)
34402	// in the IAM User Guide.
34403	RoleLastUsed *RoleLastUsed `type:"structure"`
34404
34405	// The friendly name that identifies the role.
34406	RoleName *string `min:"1" type:"string"`
34407
34408	// A list of inline policies embedded in the role. These policies are the role's
34409	// access (permissions) policies.
34410	RolePolicyList []*PolicyDetail `type:"list"`
34411
34412	// A list of tags that are attached to the role. For more information about
34413	// tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
34414	// in the IAM User Guide.
34415	Tags []*Tag `type:"list"`
34416}
34417
34418// String returns the string representation.
34419//
34420// API parameter values that are decorated as "sensitive" in the API will not
34421// be included in the string output. The member name will be present, but the
34422// value will be replaced with "sensitive".
34423func (s RoleDetail) String() string {
34424	return awsutil.Prettify(s)
34425}
34426
34427// GoString returns the string representation.
34428//
34429// API parameter values that are decorated as "sensitive" in the API will not
34430// be included in the string output. The member name will be present, but the
34431// value will be replaced with "sensitive".
34432func (s RoleDetail) GoString() string {
34433	return s.String()
34434}
34435
34436// SetArn sets the Arn field's value.
34437func (s *RoleDetail) SetArn(v string) *RoleDetail {
34438	s.Arn = &v
34439	return s
34440}
34441
34442// SetAssumeRolePolicyDocument sets the AssumeRolePolicyDocument field's value.
34443func (s *RoleDetail) SetAssumeRolePolicyDocument(v string) *RoleDetail {
34444	s.AssumeRolePolicyDocument = &v
34445	return s
34446}
34447
34448// SetAttachedManagedPolicies sets the AttachedManagedPolicies field's value.
34449func (s *RoleDetail) SetAttachedManagedPolicies(v []*AttachedPolicy) *RoleDetail {
34450	s.AttachedManagedPolicies = v
34451	return s
34452}
34453
34454// SetCreateDate sets the CreateDate field's value.
34455func (s *RoleDetail) SetCreateDate(v time.Time) *RoleDetail {
34456	s.CreateDate = &v
34457	return s
34458}
34459
34460// SetInstanceProfileList sets the InstanceProfileList field's value.
34461func (s *RoleDetail) SetInstanceProfileList(v []*InstanceProfile) *RoleDetail {
34462	s.InstanceProfileList = v
34463	return s
34464}
34465
34466// SetPath sets the Path field's value.
34467func (s *RoleDetail) SetPath(v string) *RoleDetail {
34468	s.Path = &v
34469	return s
34470}
34471
34472// SetPermissionsBoundary sets the PermissionsBoundary field's value.
34473func (s *RoleDetail) SetPermissionsBoundary(v *AttachedPermissionsBoundary) *RoleDetail {
34474	s.PermissionsBoundary = v
34475	return s
34476}
34477
34478// SetRoleId sets the RoleId field's value.
34479func (s *RoleDetail) SetRoleId(v string) *RoleDetail {
34480	s.RoleId = &v
34481	return s
34482}
34483
34484// SetRoleLastUsed sets the RoleLastUsed field's value.
34485func (s *RoleDetail) SetRoleLastUsed(v *RoleLastUsed) *RoleDetail {
34486	s.RoleLastUsed = v
34487	return s
34488}
34489
34490// SetRoleName sets the RoleName field's value.
34491func (s *RoleDetail) SetRoleName(v string) *RoleDetail {
34492	s.RoleName = &v
34493	return s
34494}
34495
34496// SetRolePolicyList sets the RolePolicyList field's value.
34497func (s *RoleDetail) SetRolePolicyList(v []*PolicyDetail) *RoleDetail {
34498	s.RolePolicyList = v
34499	return s
34500}
34501
34502// SetTags sets the Tags field's value.
34503func (s *RoleDetail) SetTags(v []*Tag) *RoleDetail {
34504	s.Tags = v
34505	return s
34506}
34507
34508// Contains information about the last time that an IAM role was used. This
34509// includes the date and time and the Region in which the role was last used.
34510// Activity is only reported for the trailing 400 days. This period can be shorter
34511// if your Region began supporting these features within the last year. The
34512// role might have been used more than 400 days ago. For more information, see
34513// Regions where data is tracked (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#access-advisor_tracking-period)
34514// in the IAM User Guide.
34515//
34516// This data type is returned as a response element in the GetRole and GetAccountAuthorizationDetails
34517// operations.
34518type RoleLastUsed struct {
34519	_ struct{} `type:"structure"`
34520
34521	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601)
34522	// that the role was last used.
34523	//
34524	// This field is null if the role has not been used within the IAM tracking
34525	// period. For more information about the tracking period, see Regions where
34526	// data is tracked (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#access-advisor_tracking-period)
34527	// in the IAM User Guide.
34528	LastUsedDate *time.Time `type:"timestamp"`
34529
34530	// The name of the Amazon Web Services Region in which the role was last used.
34531	Region *string `type:"string"`
34532}
34533
34534// String returns the string representation.
34535//
34536// API parameter values that are decorated as "sensitive" in the API will not
34537// be included in the string output. The member name will be present, but the
34538// value will be replaced with "sensitive".
34539func (s RoleLastUsed) String() string {
34540	return awsutil.Prettify(s)
34541}
34542
34543// GoString returns the string representation.
34544//
34545// API parameter values that are decorated as "sensitive" in the API will not
34546// be included in the string output. The member name will be present, but the
34547// value will be replaced with "sensitive".
34548func (s RoleLastUsed) GoString() string {
34549	return s.String()
34550}
34551
34552// SetLastUsedDate sets the LastUsedDate field's value.
34553func (s *RoleLastUsed) SetLastUsedDate(v time.Time) *RoleLastUsed {
34554	s.LastUsedDate = &v
34555	return s
34556}
34557
34558// SetRegion sets the Region field's value.
34559func (s *RoleLastUsed) SetRegion(v string) *RoleLastUsed {
34560	s.Region = &v
34561	return s
34562}
34563
34564// An object that contains details about how a service-linked role is used,
34565// if that information is returned by the service.
34566//
34567// This data type is used as a response element in the GetServiceLinkedRoleDeletionStatus
34568// operation.
34569type RoleUsageType struct {
34570	_ struct{} `type:"structure"`
34571
34572	// The name of the Region where the service-linked role is being used.
34573	Region *string `min:"1" type:"string"`
34574
34575	// The name of the resource that is using the service-linked role.
34576	Resources []*string `type:"list"`
34577}
34578
34579// String returns the string representation.
34580//
34581// API parameter values that are decorated as "sensitive" in the API will not
34582// be included in the string output. The member name will be present, but the
34583// value will be replaced with "sensitive".
34584func (s RoleUsageType) String() string {
34585	return awsutil.Prettify(s)
34586}
34587
34588// GoString returns the string representation.
34589//
34590// API parameter values that are decorated as "sensitive" in the API will not
34591// be included in the string output. The member name will be present, but the
34592// value will be replaced with "sensitive".
34593func (s RoleUsageType) GoString() string {
34594	return s.String()
34595}
34596
34597// SetRegion sets the Region field's value.
34598func (s *RoleUsageType) SetRegion(v string) *RoleUsageType {
34599	s.Region = &v
34600	return s
34601}
34602
34603// SetResources sets the Resources field's value.
34604func (s *RoleUsageType) SetResources(v []*string) *RoleUsageType {
34605	s.Resources = v
34606	return s
34607}
34608
34609// Contains the list of SAML providers for this account.
34610type SAMLProviderListEntry struct {
34611	_ struct{} `type:"structure"`
34612
34613	// The Amazon Resource Name (ARN) of the SAML provider.
34614	Arn *string `min:"20" type:"string"`
34615
34616	// The date and time when the SAML provider was created.
34617	CreateDate *time.Time `type:"timestamp"`
34618
34619	// The expiration date and time for the SAML provider.
34620	ValidUntil *time.Time `type:"timestamp"`
34621}
34622
34623// String returns the string representation.
34624//
34625// API parameter values that are decorated as "sensitive" in the API will not
34626// be included in the string output. The member name will be present, but the
34627// value will be replaced with "sensitive".
34628func (s SAMLProviderListEntry) String() string {
34629	return awsutil.Prettify(s)
34630}
34631
34632// GoString returns the string representation.
34633//
34634// API parameter values that are decorated as "sensitive" in the API will not
34635// be included in the string output. The member name will be present, but the
34636// value will be replaced with "sensitive".
34637func (s SAMLProviderListEntry) GoString() string {
34638	return s.String()
34639}
34640
34641// SetArn sets the Arn field's value.
34642func (s *SAMLProviderListEntry) SetArn(v string) *SAMLProviderListEntry {
34643	s.Arn = &v
34644	return s
34645}
34646
34647// SetCreateDate sets the CreateDate field's value.
34648func (s *SAMLProviderListEntry) SetCreateDate(v time.Time) *SAMLProviderListEntry {
34649	s.CreateDate = &v
34650	return s
34651}
34652
34653// SetValidUntil sets the ValidUntil field's value.
34654func (s *SAMLProviderListEntry) SetValidUntil(v time.Time) *SAMLProviderListEntry {
34655	s.ValidUntil = &v
34656	return s
34657}
34658
34659// Contains information about an SSH public key.
34660//
34661// This data type is used as a response element in the GetSSHPublicKey and UploadSSHPublicKey
34662// operations.
34663type SSHPublicKey struct {
34664	_ struct{} `type:"structure"`
34665
34666	// The MD5 message digest of the SSH public key.
34667	//
34668	// Fingerprint is a required field
34669	Fingerprint *string `min:"48" type:"string" required:"true"`
34670
34671	// The SSH public key.
34672	//
34673	// SSHPublicKeyBody is a required field
34674	SSHPublicKeyBody *string `min:"1" type:"string" required:"true"`
34675
34676	// The unique identifier for the SSH public key.
34677	//
34678	// SSHPublicKeyId is a required field
34679	SSHPublicKeyId *string `min:"20" type:"string" required:"true"`
34680
34681	// The status of the SSH public key. Active means that the key can be used for
34682	// authentication with an CodeCommit repository. Inactive means that the key
34683	// cannot be used.
34684	//
34685	// Status is a required field
34686	Status *string `type:"string" required:"true" enum:"StatusType"`
34687
34688	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
34689	// when the SSH public key was uploaded.
34690	UploadDate *time.Time `type:"timestamp"`
34691
34692	// The name of the IAM user associated with the SSH public key.
34693	//
34694	// UserName is a required field
34695	UserName *string `min:"1" type:"string" required:"true"`
34696}
34697
34698// String returns the string representation.
34699//
34700// API parameter values that are decorated as "sensitive" in the API will not
34701// be included in the string output. The member name will be present, but the
34702// value will be replaced with "sensitive".
34703func (s SSHPublicKey) String() string {
34704	return awsutil.Prettify(s)
34705}
34706
34707// GoString returns the string representation.
34708//
34709// API parameter values that are decorated as "sensitive" in the API will not
34710// be included in the string output. The member name will be present, but the
34711// value will be replaced with "sensitive".
34712func (s SSHPublicKey) GoString() string {
34713	return s.String()
34714}
34715
34716// SetFingerprint sets the Fingerprint field's value.
34717func (s *SSHPublicKey) SetFingerprint(v string) *SSHPublicKey {
34718	s.Fingerprint = &v
34719	return s
34720}
34721
34722// SetSSHPublicKeyBody sets the SSHPublicKeyBody field's value.
34723func (s *SSHPublicKey) SetSSHPublicKeyBody(v string) *SSHPublicKey {
34724	s.SSHPublicKeyBody = &v
34725	return s
34726}
34727
34728// SetSSHPublicKeyId sets the SSHPublicKeyId field's value.
34729func (s *SSHPublicKey) SetSSHPublicKeyId(v string) *SSHPublicKey {
34730	s.SSHPublicKeyId = &v
34731	return s
34732}
34733
34734// SetStatus sets the Status field's value.
34735func (s *SSHPublicKey) SetStatus(v string) *SSHPublicKey {
34736	s.Status = &v
34737	return s
34738}
34739
34740// SetUploadDate sets the UploadDate field's value.
34741func (s *SSHPublicKey) SetUploadDate(v time.Time) *SSHPublicKey {
34742	s.UploadDate = &v
34743	return s
34744}
34745
34746// SetUserName sets the UserName field's value.
34747func (s *SSHPublicKey) SetUserName(v string) *SSHPublicKey {
34748	s.UserName = &v
34749	return s
34750}
34751
34752// Contains information about an SSH public key, without the key's body or fingerprint.
34753//
34754// This data type is used as a response element in the ListSSHPublicKeys operation.
34755type SSHPublicKeyMetadata struct {
34756	_ struct{} `type:"structure"`
34757
34758	// The unique identifier for the SSH public key.
34759	//
34760	// SSHPublicKeyId is a required field
34761	SSHPublicKeyId *string `min:"20" type:"string" required:"true"`
34762
34763	// The status of the SSH public key. Active means that the key can be used for
34764	// authentication with an CodeCommit repository. Inactive means that the key
34765	// cannot be used.
34766	//
34767	// Status is a required field
34768	Status *string `type:"string" required:"true" enum:"StatusType"`
34769
34770	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
34771	// when the SSH public key was uploaded.
34772	//
34773	// UploadDate is a required field
34774	UploadDate *time.Time `type:"timestamp" required:"true"`
34775
34776	// The name of the IAM user associated with the SSH public key.
34777	//
34778	// UserName is a required field
34779	UserName *string `min:"1" type:"string" required:"true"`
34780}
34781
34782// String returns the string representation.
34783//
34784// API parameter values that are decorated as "sensitive" in the API will not
34785// be included in the string output. The member name will be present, but the
34786// value will be replaced with "sensitive".
34787func (s SSHPublicKeyMetadata) String() string {
34788	return awsutil.Prettify(s)
34789}
34790
34791// GoString returns the string representation.
34792//
34793// API parameter values that are decorated as "sensitive" in the API will not
34794// be included in the string output. The member name will be present, but the
34795// value will be replaced with "sensitive".
34796func (s SSHPublicKeyMetadata) GoString() string {
34797	return s.String()
34798}
34799
34800// SetSSHPublicKeyId sets the SSHPublicKeyId field's value.
34801func (s *SSHPublicKeyMetadata) SetSSHPublicKeyId(v string) *SSHPublicKeyMetadata {
34802	s.SSHPublicKeyId = &v
34803	return s
34804}
34805
34806// SetStatus sets the Status field's value.
34807func (s *SSHPublicKeyMetadata) SetStatus(v string) *SSHPublicKeyMetadata {
34808	s.Status = &v
34809	return s
34810}
34811
34812// SetUploadDate sets the UploadDate field's value.
34813func (s *SSHPublicKeyMetadata) SetUploadDate(v time.Time) *SSHPublicKeyMetadata {
34814	s.UploadDate = &v
34815	return s
34816}
34817
34818// SetUserName sets the UserName field's value.
34819func (s *SSHPublicKeyMetadata) SetUserName(v string) *SSHPublicKeyMetadata {
34820	s.UserName = &v
34821	return s
34822}
34823
34824// Contains information about a server certificate.
34825//
34826// This data type is used as a response element in the GetServerCertificate
34827// operation.
34828type ServerCertificate struct {
34829	_ struct{} `type:"structure"`
34830
34831	// The contents of the public key certificate.
34832	//
34833	// CertificateBody is a required field
34834	CertificateBody *string `min:"1" type:"string" required:"true"`
34835
34836	// The contents of the public key certificate chain.
34837	CertificateChain *string `min:"1" type:"string"`
34838
34839	// The meta information of the server certificate, such as its name, path, ID,
34840	// and ARN.
34841	//
34842	// ServerCertificateMetadata is a required field
34843	ServerCertificateMetadata *ServerCertificateMetadata `type:"structure" required:"true"`
34844
34845	// A list of tags that are attached to the server certificate. For more information
34846	// about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
34847	// in the IAM User Guide.
34848	Tags []*Tag `type:"list"`
34849}
34850
34851// String returns the string representation.
34852//
34853// API parameter values that are decorated as "sensitive" in the API will not
34854// be included in the string output. The member name will be present, but the
34855// value will be replaced with "sensitive".
34856func (s ServerCertificate) String() string {
34857	return awsutil.Prettify(s)
34858}
34859
34860// GoString returns the string representation.
34861//
34862// API parameter values that are decorated as "sensitive" in the API will not
34863// be included in the string output. The member name will be present, but the
34864// value will be replaced with "sensitive".
34865func (s ServerCertificate) GoString() string {
34866	return s.String()
34867}
34868
34869// SetCertificateBody sets the CertificateBody field's value.
34870func (s *ServerCertificate) SetCertificateBody(v string) *ServerCertificate {
34871	s.CertificateBody = &v
34872	return s
34873}
34874
34875// SetCertificateChain sets the CertificateChain field's value.
34876func (s *ServerCertificate) SetCertificateChain(v string) *ServerCertificate {
34877	s.CertificateChain = &v
34878	return s
34879}
34880
34881// SetServerCertificateMetadata sets the ServerCertificateMetadata field's value.
34882func (s *ServerCertificate) SetServerCertificateMetadata(v *ServerCertificateMetadata) *ServerCertificate {
34883	s.ServerCertificateMetadata = v
34884	return s
34885}
34886
34887// SetTags sets the Tags field's value.
34888func (s *ServerCertificate) SetTags(v []*Tag) *ServerCertificate {
34889	s.Tags = v
34890	return s
34891}
34892
34893// Contains information about a server certificate without its certificate body,
34894// certificate chain, and private key.
34895//
34896// This data type is used as a response element in the UploadServerCertificate
34897// and ListServerCertificates operations.
34898type ServerCertificateMetadata struct {
34899	_ struct{} `type:"structure"`
34900
34901	// The Amazon Resource Name (ARN) specifying the server certificate. For more
34902	// information about ARNs and how to use them in policies, see IAM identifiers
34903	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
34904	// in the IAM User Guide.
34905	//
34906	// Arn is a required field
34907	Arn *string `min:"20" type:"string" required:"true"`
34908
34909	// The date on which the certificate is set to expire.
34910	Expiration *time.Time `type:"timestamp"`
34911
34912	// The path to the server certificate. For more information about paths, see
34913	// IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
34914	// in the IAM User Guide.
34915	//
34916	// Path is a required field
34917	Path *string `min:"1" type:"string" required:"true"`
34918
34919	// The stable and unique string identifying the server certificate. For more
34920	// information about IDs, see IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
34921	// in the IAM User Guide.
34922	//
34923	// ServerCertificateId is a required field
34924	ServerCertificateId *string `min:"16" type:"string" required:"true"`
34925
34926	// The name that identifies the server certificate.
34927	//
34928	// ServerCertificateName is a required field
34929	ServerCertificateName *string `min:"1" type:"string" required:"true"`
34930
34931	// The date when the server certificate was uploaded.
34932	UploadDate *time.Time `type:"timestamp"`
34933}
34934
34935// String returns the string representation.
34936//
34937// API parameter values that are decorated as "sensitive" in the API will not
34938// be included in the string output. The member name will be present, but the
34939// value will be replaced with "sensitive".
34940func (s ServerCertificateMetadata) String() string {
34941	return awsutil.Prettify(s)
34942}
34943
34944// GoString returns the string representation.
34945//
34946// API parameter values that are decorated as "sensitive" in the API will not
34947// be included in the string output. The member name will be present, but the
34948// value will be replaced with "sensitive".
34949func (s ServerCertificateMetadata) GoString() string {
34950	return s.String()
34951}
34952
34953// SetArn sets the Arn field's value.
34954func (s *ServerCertificateMetadata) SetArn(v string) *ServerCertificateMetadata {
34955	s.Arn = &v
34956	return s
34957}
34958
34959// SetExpiration sets the Expiration field's value.
34960func (s *ServerCertificateMetadata) SetExpiration(v time.Time) *ServerCertificateMetadata {
34961	s.Expiration = &v
34962	return s
34963}
34964
34965// SetPath sets the Path field's value.
34966func (s *ServerCertificateMetadata) SetPath(v string) *ServerCertificateMetadata {
34967	s.Path = &v
34968	return s
34969}
34970
34971// SetServerCertificateId sets the ServerCertificateId field's value.
34972func (s *ServerCertificateMetadata) SetServerCertificateId(v string) *ServerCertificateMetadata {
34973	s.ServerCertificateId = &v
34974	return s
34975}
34976
34977// SetServerCertificateName sets the ServerCertificateName field's value.
34978func (s *ServerCertificateMetadata) SetServerCertificateName(v string) *ServerCertificateMetadata {
34979	s.ServerCertificateName = &v
34980	return s
34981}
34982
34983// SetUploadDate sets the UploadDate field's value.
34984func (s *ServerCertificateMetadata) SetUploadDate(v time.Time) *ServerCertificateMetadata {
34985	s.UploadDate = &v
34986	return s
34987}
34988
34989// Contains details about the most recent attempt to access the service.
34990//
34991// This data type is used as a response element in the GetServiceLastAccessedDetails
34992// operation.
34993type ServiceLastAccessed struct {
34994	_ struct{} `type:"structure"`
34995
34996	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
34997	// when an authenticated entity most recently attempted to access the service.
34998	// Amazon Web Services does not report unauthenticated requests.
34999	//
35000	// This field is null if no IAM entities attempted to access the service within
35001	// the reporting period (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#service-last-accessed-reporting-period).
35002	LastAuthenticated *time.Time `type:"timestamp"`
35003
35004	// The ARN of the authenticated entity (user or role) that last attempted to
35005	// access the service. Amazon Web Services does not report unauthenticated requests.
35006	//
35007	// This field is null if no IAM entities attempted to access the service within
35008	// the reporting period (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#service-last-accessed-reporting-period).
35009	LastAuthenticatedEntity *string `min:"20" type:"string"`
35010
35011	// The Region from which the authenticated entity (user or role) last attempted
35012	// to access the service. Amazon Web Services does not report unauthenticated
35013	// requests.
35014	//
35015	// This field is null if no IAM entities attempted to access the service within
35016	// the reporting period (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#service-last-accessed-reporting-period).
35017	LastAuthenticatedRegion *string `type:"string"`
35018
35019	// The name of the service in which access was attempted.
35020	//
35021	// ServiceName is a required field
35022	ServiceName *string `type:"string" required:"true"`
35023
35024	// The namespace of the service in which access was attempted.
35025	//
35026	// To learn the service namespace of a service, see Actions, resources, and
35027	// condition keys for Amazon Web Services services (https://docs.aws.amazon.com/service-authorization/latest/reference/reference_policies_actions-resources-contextkeys.html)
35028	// in the Service Authorization Reference. Choose the name of the service to
35029	// view details for that service. In the first paragraph, find the service prefix.
35030	// For example, (service prefix: a4b). For more information about service namespaces,
35031	// see Amazon Web Services Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html#genref-aws-service-namespaces)
35032	// in the Amazon Web Services General Reference.
35033	//
35034	// ServiceNamespace is a required field
35035	ServiceNamespace *string `min:"1" type:"string" required:"true"`
35036
35037	// The total number of authenticated principals (root user, IAM users, or IAM
35038	// roles) that have attempted to access the service.
35039	//
35040	// This field is null if no principals attempted to access the service within
35041	// the reporting period (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#service-last-accessed-reporting-period).
35042	TotalAuthenticatedEntities *int64 `type:"integer"`
35043
35044	// An object that contains details about the most recent attempt to access a
35045	// tracked action within the service.
35046	//
35047	// This field is null if there no tracked actions or if the principal did not
35048	// use the tracked actions within the reporting period (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#service-last-accessed-reporting-period).
35049	// This field is also null if the report was generated at the service level
35050	// and not the action level. For more information, see the Granularity field
35051	// in GenerateServiceLastAccessedDetails.
35052	TrackedActionsLastAccessed []*TrackedActionLastAccessed `type:"list"`
35053}
35054
35055// String returns the string representation.
35056//
35057// API parameter values that are decorated as "sensitive" in the API will not
35058// be included in the string output. The member name will be present, but the
35059// value will be replaced with "sensitive".
35060func (s ServiceLastAccessed) String() string {
35061	return awsutil.Prettify(s)
35062}
35063
35064// GoString returns the string representation.
35065//
35066// API parameter values that are decorated as "sensitive" in the API will not
35067// be included in the string output. The member name will be present, but the
35068// value will be replaced with "sensitive".
35069func (s ServiceLastAccessed) GoString() string {
35070	return s.String()
35071}
35072
35073// SetLastAuthenticated sets the LastAuthenticated field's value.
35074func (s *ServiceLastAccessed) SetLastAuthenticated(v time.Time) *ServiceLastAccessed {
35075	s.LastAuthenticated = &v
35076	return s
35077}
35078
35079// SetLastAuthenticatedEntity sets the LastAuthenticatedEntity field's value.
35080func (s *ServiceLastAccessed) SetLastAuthenticatedEntity(v string) *ServiceLastAccessed {
35081	s.LastAuthenticatedEntity = &v
35082	return s
35083}
35084
35085// SetLastAuthenticatedRegion sets the LastAuthenticatedRegion field's value.
35086func (s *ServiceLastAccessed) SetLastAuthenticatedRegion(v string) *ServiceLastAccessed {
35087	s.LastAuthenticatedRegion = &v
35088	return s
35089}
35090
35091// SetServiceName sets the ServiceName field's value.
35092func (s *ServiceLastAccessed) SetServiceName(v string) *ServiceLastAccessed {
35093	s.ServiceName = &v
35094	return s
35095}
35096
35097// SetServiceNamespace sets the ServiceNamespace field's value.
35098func (s *ServiceLastAccessed) SetServiceNamespace(v string) *ServiceLastAccessed {
35099	s.ServiceNamespace = &v
35100	return s
35101}
35102
35103// SetTotalAuthenticatedEntities sets the TotalAuthenticatedEntities field's value.
35104func (s *ServiceLastAccessed) SetTotalAuthenticatedEntities(v int64) *ServiceLastAccessed {
35105	s.TotalAuthenticatedEntities = &v
35106	return s
35107}
35108
35109// SetTrackedActionsLastAccessed sets the TrackedActionsLastAccessed field's value.
35110func (s *ServiceLastAccessed) SetTrackedActionsLastAccessed(v []*TrackedActionLastAccessed) *ServiceLastAccessed {
35111	s.TrackedActionsLastAccessed = v
35112	return s
35113}
35114
35115// Contains the details of a service-specific credential.
35116type ServiceSpecificCredential struct {
35117	_ struct{} `type:"structure"`
35118
35119	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
35120	// when the service-specific credential were created.
35121	//
35122	// CreateDate is a required field
35123	CreateDate *time.Time `type:"timestamp" required:"true"`
35124
35125	// The name of the service associated with the service-specific credential.
35126	//
35127	// ServiceName is a required field
35128	ServiceName *string `type:"string" required:"true"`
35129
35130	// The generated password for the service-specific credential.
35131	//
35132	// ServicePassword is a sensitive parameter and its value will be
35133	// replaced with "sensitive" in string returned by ServiceSpecificCredential's
35134	// String and GoString methods.
35135	//
35136	// ServicePassword is a required field
35137	ServicePassword *string `type:"string" required:"true" sensitive:"true"`
35138
35139	// The unique identifier for the service-specific credential.
35140	//
35141	// ServiceSpecificCredentialId is a required field
35142	ServiceSpecificCredentialId *string `min:"20" type:"string" required:"true"`
35143
35144	// The generated user name for the service-specific credential. This value is
35145	// generated by combining the IAM user's name combined with the ID number of
35146	// the Amazon Web Services account, as in jane-at-123456789012, for example.
35147	// This value cannot be configured by the user.
35148	//
35149	// ServiceUserName is a required field
35150	ServiceUserName *string `min:"17" type:"string" required:"true"`
35151
35152	// The status of the service-specific credential. Active means that the key
35153	// is valid for API calls, while Inactive means it is not.
35154	//
35155	// Status is a required field
35156	Status *string `type:"string" required:"true" enum:"StatusType"`
35157
35158	// The name of the IAM user associated with the service-specific credential.
35159	//
35160	// UserName is a required field
35161	UserName *string `min:"1" type:"string" required:"true"`
35162}
35163
35164// String returns the string representation.
35165//
35166// API parameter values that are decorated as "sensitive" in the API will not
35167// be included in the string output. The member name will be present, but the
35168// value will be replaced with "sensitive".
35169func (s ServiceSpecificCredential) String() string {
35170	return awsutil.Prettify(s)
35171}
35172
35173// GoString returns the string representation.
35174//
35175// API parameter values that are decorated as "sensitive" in the API will not
35176// be included in the string output. The member name will be present, but the
35177// value will be replaced with "sensitive".
35178func (s ServiceSpecificCredential) GoString() string {
35179	return s.String()
35180}
35181
35182// SetCreateDate sets the CreateDate field's value.
35183func (s *ServiceSpecificCredential) SetCreateDate(v time.Time) *ServiceSpecificCredential {
35184	s.CreateDate = &v
35185	return s
35186}
35187
35188// SetServiceName sets the ServiceName field's value.
35189func (s *ServiceSpecificCredential) SetServiceName(v string) *ServiceSpecificCredential {
35190	s.ServiceName = &v
35191	return s
35192}
35193
35194// SetServicePassword sets the ServicePassword field's value.
35195func (s *ServiceSpecificCredential) SetServicePassword(v string) *ServiceSpecificCredential {
35196	s.ServicePassword = &v
35197	return s
35198}
35199
35200// SetServiceSpecificCredentialId sets the ServiceSpecificCredentialId field's value.
35201func (s *ServiceSpecificCredential) SetServiceSpecificCredentialId(v string) *ServiceSpecificCredential {
35202	s.ServiceSpecificCredentialId = &v
35203	return s
35204}
35205
35206// SetServiceUserName sets the ServiceUserName field's value.
35207func (s *ServiceSpecificCredential) SetServiceUserName(v string) *ServiceSpecificCredential {
35208	s.ServiceUserName = &v
35209	return s
35210}
35211
35212// SetStatus sets the Status field's value.
35213func (s *ServiceSpecificCredential) SetStatus(v string) *ServiceSpecificCredential {
35214	s.Status = &v
35215	return s
35216}
35217
35218// SetUserName sets the UserName field's value.
35219func (s *ServiceSpecificCredential) SetUserName(v string) *ServiceSpecificCredential {
35220	s.UserName = &v
35221	return s
35222}
35223
35224// Contains additional details about a service-specific credential.
35225type ServiceSpecificCredentialMetadata struct {
35226	_ struct{} `type:"structure"`
35227
35228	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
35229	// when the service-specific credential were created.
35230	//
35231	// CreateDate is a required field
35232	CreateDate *time.Time `type:"timestamp" required:"true"`
35233
35234	// The name of the service associated with the service-specific credential.
35235	//
35236	// ServiceName is a required field
35237	ServiceName *string `type:"string" required:"true"`
35238
35239	// The unique identifier for the service-specific credential.
35240	//
35241	// ServiceSpecificCredentialId is a required field
35242	ServiceSpecificCredentialId *string `min:"20" type:"string" required:"true"`
35243
35244	// The generated user name for the service-specific credential.
35245	//
35246	// ServiceUserName is a required field
35247	ServiceUserName *string `min:"17" type:"string" required:"true"`
35248
35249	// The status of the service-specific credential. Active means that the key
35250	// is valid for API calls, while Inactive means it is not.
35251	//
35252	// Status is a required field
35253	Status *string `type:"string" required:"true" enum:"StatusType"`
35254
35255	// The name of the IAM user associated with the service-specific credential.
35256	//
35257	// UserName is a required field
35258	UserName *string `min:"1" type:"string" required:"true"`
35259}
35260
35261// String returns the string representation.
35262//
35263// API parameter values that are decorated as "sensitive" in the API will not
35264// be included in the string output. The member name will be present, but the
35265// value will be replaced with "sensitive".
35266func (s ServiceSpecificCredentialMetadata) String() string {
35267	return awsutil.Prettify(s)
35268}
35269
35270// GoString returns the string representation.
35271//
35272// API parameter values that are decorated as "sensitive" in the API will not
35273// be included in the string output. The member name will be present, but the
35274// value will be replaced with "sensitive".
35275func (s ServiceSpecificCredentialMetadata) GoString() string {
35276	return s.String()
35277}
35278
35279// SetCreateDate sets the CreateDate field's value.
35280func (s *ServiceSpecificCredentialMetadata) SetCreateDate(v time.Time) *ServiceSpecificCredentialMetadata {
35281	s.CreateDate = &v
35282	return s
35283}
35284
35285// SetServiceName sets the ServiceName field's value.
35286func (s *ServiceSpecificCredentialMetadata) SetServiceName(v string) *ServiceSpecificCredentialMetadata {
35287	s.ServiceName = &v
35288	return s
35289}
35290
35291// SetServiceSpecificCredentialId sets the ServiceSpecificCredentialId field's value.
35292func (s *ServiceSpecificCredentialMetadata) SetServiceSpecificCredentialId(v string) *ServiceSpecificCredentialMetadata {
35293	s.ServiceSpecificCredentialId = &v
35294	return s
35295}
35296
35297// SetServiceUserName sets the ServiceUserName field's value.
35298func (s *ServiceSpecificCredentialMetadata) SetServiceUserName(v string) *ServiceSpecificCredentialMetadata {
35299	s.ServiceUserName = &v
35300	return s
35301}
35302
35303// SetStatus sets the Status field's value.
35304func (s *ServiceSpecificCredentialMetadata) SetStatus(v string) *ServiceSpecificCredentialMetadata {
35305	s.Status = &v
35306	return s
35307}
35308
35309// SetUserName sets the UserName field's value.
35310func (s *ServiceSpecificCredentialMetadata) SetUserName(v string) *ServiceSpecificCredentialMetadata {
35311	s.UserName = &v
35312	return s
35313}
35314
35315type SetDefaultPolicyVersionInput struct {
35316	_ struct{} `type:"structure"`
35317
35318	// The Amazon Resource Name (ARN) of the IAM policy whose default version you
35319	// want to set.
35320	//
35321	// For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
35322	// in the Amazon Web Services General Reference.
35323	//
35324	// PolicyArn is a required field
35325	PolicyArn *string `min:"20" type:"string" required:"true"`
35326
35327	// The version of the policy to set as the default (operative) version.
35328	//
35329	// For more information about managed policy versions, see Versioning for managed
35330	// policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-versions.html)
35331	// in the IAM User Guide.
35332	//
35333	// VersionId is a required field
35334	VersionId *string `type:"string" required:"true"`
35335}
35336
35337// String returns the string representation.
35338//
35339// API parameter values that are decorated as "sensitive" in the API will not
35340// be included in the string output. The member name will be present, but the
35341// value will be replaced with "sensitive".
35342func (s SetDefaultPolicyVersionInput) String() string {
35343	return awsutil.Prettify(s)
35344}
35345
35346// GoString returns the string representation.
35347//
35348// API parameter values that are decorated as "sensitive" in the API will not
35349// be included in the string output. The member name will be present, but the
35350// value will be replaced with "sensitive".
35351func (s SetDefaultPolicyVersionInput) GoString() string {
35352	return s.String()
35353}
35354
35355// Validate inspects the fields of the type to determine if they are valid.
35356func (s *SetDefaultPolicyVersionInput) Validate() error {
35357	invalidParams := request.ErrInvalidParams{Context: "SetDefaultPolicyVersionInput"}
35358	if s.PolicyArn == nil {
35359		invalidParams.Add(request.NewErrParamRequired("PolicyArn"))
35360	}
35361	if s.PolicyArn != nil && len(*s.PolicyArn) < 20 {
35362		invalidParams.Add(request.NewErrParamMinLen("PolicyArn", 20))
35363	}
35364	if s.VersionId == nil {
35365		invalidParams.Add(request.NewErrParamRequired("VersionId"))
35366	}
35367
35368	if invalidParams.Len() > 0 {
35369		return invalidParams
35370	}
35371	return nil
35372}
35373
35374// SetPolicyArn sets the PolicyArn field's value.
35375func (s *SetDefaultPolicyVersionInput) SetPolicyArn(v string) *SetDefaultPolicyVersionInput {
35376	s.PolicyArn = &v
35377	return s
35378}
35379
35380// SetVersionId sets the VersionId field's value.
35381func (s *SetDefaultPolicyVersionInput) SetVersionId(v string) *SetDefaultPolicyVersionInput {
35382	s.VersionId = &v
35383	return s
35384}
35385
35386type SetDefaultPolicyVersionOutput struct {
35387	_ struct{} `type:"structure"`
35388}
35389
35390// String returns the string representation.
35391//
35392// API parameter values that are decorated as "sensitive" in the API will not
35393// be included in the string output. The member name will be present, but the
35394// value will be replaced with "sensitive".
35395func (s SetDefaultPolicyVersionOutput) String() string {
35396	return awsutil.Prettify(s)
35397}
35398
35399// GoString returns the string representation.
35400//
35401// API parameter values that are decorated as "sensitive" in the API will not
35402// be included in the string output. The member name will be present, but the
35403// value will be replaced with "sensitive".
35404func (s SetDefaultPolicyVersionOutput) GoString() string {
35405	return s.String()
35406}
35407
35408type SetSecurityTokenServicePreferencesInput struct {
35409	_ struct{} `type:"structure"`
35410
35411	// The version of the global endpoint token. Version 1 tokens are valid only
35412	// in Amazon Web Services Regions that are available by default. These tokens
35413	// do not work in manually enabled Regions, such as Asia Pacific (Hong Kong).
35414	// Version 2 tokens are valid in all Regions. However, version 2 tokens are
35415	// longer and might affect systems where you temporarily store tokens.
35416	//
35417	// For information, see Activating and deactivating STS in an Amazon Web Services
35418	// Region (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html)
35419	// in the IAM User Guide.
35420	//
35421	// GlobalEndpointTokenVersion is a required field
35422	GlobalEndpointTokenVersion *string `type:"string" required:"true" enum:"GlobalEndpointTokenVersion"`
35423}
35424
35425// String returns the string representation.
35426//
35427// API parameter values that are decorated as "sensitive" in the API will not
35428// be included in the string output. The member name will be present, but the
35429// value will be replaced with "sensitive".
35430func (s SetSecurityTokenServicePreferencesInput) String() string {
35431	return awsutil.Prettify(s)
35432}
35433
35434// GoString returns the string representation.
35435//
35436// API parameter values that are decorated as "sensitive" in the API will not
35437// be included in the string output. The member name will be present, but the
35438// value will be replaced with "sensitive".
35439func (s SetSecurityTokenServicePreferencesInput) GoString() string {
35440	return s.String()
35441}
35442
35443// Validate inspects the fields of the type to determine if they are valid.
35444func (s *SetSecurityTokenServicePreferencesInput) Validate() error {
35445	invalidParams := request.ErrInvalidParams{Context: "SetSecurityTokenServicePreferencesInput"}
35446	if s.GlobalEndpointTokenVersion == nil {
35447		invalidParams.Add(request.NewErrParamRequired("GlobalEndpointTokenVersion"))
35448	}
35449
35450	if invalidParams.Len() > 0 {
35451		return invalidParams
35452	}
35453	return nil
35454}
35455
35456// SetGlobalEndpointTokenVersion sets the GlobalEndpointTokenVersion field's value.
35457func (s *SetSecurityTokenServicePreferencesInput) SetGlobalEndpointTokenVersion(v string) *SetSecurityTokenServicePreferencesInput {
35458	s.GlobalEndpointTokenVersion = &v
35459	return s
35460}
35461
35462type SetSecurityTokenServicePreferencesOutput struct {
35463	_ struct{} `type:"structure"`
35464}
35465
35466// String returns the string representation.
35467//
35468// API parameter values that are decorated as "sensitive" in the API will not
35469// be included in the string output. The member name will be present, but the
35470// value will be replaced with "sensitive".
35471func (s SetSecurityTokenServicePreferencesOutput) String() string {
35472	return awsutil.Prettify(s)
35473}
35474
35475// GoString returns the string representation.
35476//
35477// API parameter values that are decorated as "sensitive" in the API will not
35478// be included in the string output. The member name will be present, but the
35479// value will be replaced with "sensitive".
35480func (s SetSecurityTokenServicePreferencesOutput) GoString() string {
35481	return s.String()
35482}
35483
35484// Contains information about an X.509 signing certificate.
35485//
35486// This data type is used as a response element in the UploadSigningCertificate
35487// and ListSigningCertificates operations.
35488type SigningCertificate struct {
35489	_ struct{} `type:"structure"`
35490
35491	// The contents of the signing certificate.
35492	//
35493	// CertificateBody is a required field
35494	CertificateBody *string `min:"1" type:"string" required:"true"`
35495
35496	// The ID for the signing certificate.
35497	//
35498	// CertificateId is a required field
35499	CertificateId *string `min:"24" type:"string" required:"true"`
35500
35501	// The status of the signing certificate. Active means that the key is valid
35502	// for API calls, while Inactive means it is not.
35503	//
35504	// Status is a required field
35505	Status *string `type:"string" required:"true" enum:"StatusType"`
35506
35507	// The date when the signing certificate was uploaded.
35508	UploadDate *time.Time `type:"timestamp"`
35509
35510	// The name of the user the signing certificate is associated with.
35511	//
35512	// UserName is a required field
35513	UserName *string `min:"1" type:"string" required:"true"`
35514}
35515
35516// String returns the string representation.
35517//
35518// API parameter values that are decorated as "sensitive" in the API will not
35519// be included in the string output. The member name will be present, but the
35520// value will be replaced with "sensitive".
35521func (s SigningCertificate) String() string {
35522	return awsutil.Prettify(s)
35523}
35524
35525// GoString returns the string representation.
35526//
35527// API parameter values that are decorated as "sensitive" in the API will not
35528// be included in the string output. The member name will be present, but the
35529// value will be replaced with "sensitive".
35530func (s SigningCertificate) GoString() string {
35531	return s.String()
35532}
35533
35534// SetCertificateBody sets the CertificateBody field's value.
35535func (s *SigningCertificate) SetCertificateBody(v string) *SigningCertificate {
35536	s.CertificateBody = &v
35537	return s
35538}
35539
35540// SetCertificateId sets the CertificateId field's value.
35541func (s *SigningCertificate) SetCertificateId(v string) *SigningCertificate {
35542	s.CertificateId = &v
35543	return s
35544}
35545
35546// SetStatus sets the Status field's value.
35547func (s *SigningCertificate) SetStatus(v string) *SigningCertificate {
35548	s.Status = &v
35549	return s
35550}
35551
35552// SetUploadDate sets the UploadDate field's value.
35553func (s *SigningCertificate) SetUploadDate(v time.Time) *SigningCertificate {
35554	s.UploadDate = &v
35555	return s
35556}
35557
35558// SetUserName sets the UserName field's value.
35559func (s *SigningCertificate) SetUserName(v string) *SigningCertificate {
35560	s.UserName = &v
35561	return s
35562}
35563
35564type SimulateCustomPolicyInput struct {
35565	_ struct{} `type:"structure"`
35566
35567	// A list of names of API operations to evaluate in the simulation. Each operation
35568	// is evaluated against each resource. Each operation must include the service
35569	// identifier, such as iam:CreateUser. This operation does not support using
35570	// wildcards (*) in an action name.
35571	//
35572	// ActionNames is a required field
35573	ActionNames []*string `type:"list" required:"true"`
35574
35575	// The ARN of the IAM user that you want to use as the simulated caller of the
35576	// API operations. CallerArn is required if you include a ResourcePolicy so
35577	// that the policy's Principal element has a value to use in evaluating the
35578	// policy.
35579	//
35580	// You can specify only the ARN of an IAM user. You cannot specify the ARN of
35581	// an assumed role, federated user, or a service principal.
35582	CallerArn *string `min:"1" type:"string"`
35583
35584	// A list of context keys and corresponding values for the simulation to use.
35585	// Whenever a context key is evaluated in one of the simulated IAM permissions
35586	// policies, the corresponding value is supplied.
35587	ContextEntries []*ContextEntry `type:"list"`
35588
35589	// Use this parameter only when paginating results and only after you receive
35590	// a response indicating that the results are truncated. Set it to the value
35591	// of the Marker element in the response that you received to indicate where
35592	// the next call should start.
35593	Marker *string `min:"1" type:"string"`
35594
35595	// Use this only when paginating results to indicate the maximum number of items
35596	// you want in the response. If additional items exist beyond the maximum you
35597	// specify, the IsTruncated response element is true.
35598	//
35599	// If you do not include this parameter, the number of items defaults to 100.
35600	// Note that IAM might return fewer results, even when there are more results
35601	// available. In that case, the IsTruncated response element returns true, and
35602	// Marker contains a value to include in the subsequent call that tells the
35603	// service where to continue from.
35604	MaxItems *int64 `min:"1" type:"integer"`
35605
35606	// The IAM permissions boundary policy to simulate. The permissions boundary
35607	// sets the maximum permissions that an IAM entity can have. You can input only
35608	// one permissions boundary when you pass a policy to this operation. For more
35609	// information about permissions boundaries, see Permissions boundaries for
35610	// IAM entities (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html)
35611	// in the IAM User Guide. The policy input is specified as a string that contains
35612	// the complete, valid JSON text of a permissions boundary policy.
35613	//
35614	// The maximum length of the policy document that you can pass in this operation,
35615	// including whitespace, is listed below. To view the maximum character counts
35616	// of a managed policy with no whitespaces, see IAM and STS character quotas
35617	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html#reference_iam-quotas-entity-length).
35618	//
35619	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
35620	// parameter is a string of characters consisting of the following:
35621	//
35622	//    * Any printable ASCII character ranging from the space character (\u0020)
35623	//    through the end of the ASCII character range
35624	//
35625	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
35626	//    set (through \u00FF)
35627	//
35628	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
35629	//    return (\u000D)
35630	PermissionsBoundaryPolicyInputList []*string `type:"list"`
35631
35632	// A list of policy documents to include in the simulation. Each document is
35633	// specified as a string containing the complete, valid JSON text of an IAM
35634	// policy. Do not include any resource-based policies in this parameter. Any
35635	// resource-based policy must be submitted with the ResourcePolicy parameter.
35636	// The policies cannot be "scope-down" policies, such as you could include in
35637	// a call to GetFederationToken (https://docs.aws.amazon.com/IAM/latest/APIReference/API_GetFederationToken.html)
35638	// or one of the AssumeRole (https://docs.aws.amazon.com/IAM/latest/APIReference/API_AssumeRole.html)
35639	// API operations. In other words, do not use policies designed to restrict
35640	// what a user can do while using the temporary credentials.
35641	//
35642	// The maximum length of the policy document that you can pass in this operation,
35643	// including whitespace, is listed below. To view the maximum character counts
35644	// of a managed policy with no whitespaces, see IAM and STS character quotas
35645	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html#reference_iam-quotas-entity-length).
35646	//
35647	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
35648	// parameter is a string of characters consisting of the following:
35649	//
35650	//    * Any printable ASCII character ranging from the space character (\u0020)
35651	//    through the end of the ASCII character range
35652	//
35653	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
35654	//    set (through \u00FF)
35655	//
35656	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
35657	//    return (\u000D)
35658	//
35659	// PolicyInputList is a required field
35660	PolicyInputList []*string `type:"list" required:"true"`
35661
35662	// A list of ARNs of Amazon Web Services resources to include in the simulation.
35663	// If this parameter is not provided, then the value defaults to * (all resources).
35664	// Each API in the ActionNames parameter is evaluated for each resource in this
35665	// list. The simulation determines the access result (allowed or denied) of
35666	// each combination and reports it in the response. You can simulate resources
35667	// that don't exist in your account.
35668	//
35669	// The simulation does not automatically retrieve policies for the specified
35670	// resources. If you want to include a resource policy in the simulation, then
35671	// you must include the policy as a string in the ResourcePolicy parameter.
35672	//
35673	// If you include a ResourcePolicy, then it must be applicable to all of the
35674	// resources included in the simulation or you receive an invalid input error.
35675	//
35676	// For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
35677	// in the Amazon Web Services General Reference.
35678	ResourceArns []*string `type:"list"`
35679
35680	// Specifies the type of simulation to run. Different API operations that support
35681	// resource-based policies require different combinations of resources. By specifying
35682	// the type of simulation to run, you enable the policy simulator to enforce
35683	// the presence of the required resources to ensure reliable simulation results.
35684	// If your simulation does not match one of the following scenarios, then you
35685	// can omit this parameter. The following list shows each of the supported scenario
35686	// values and the resources that you must define to run the simulation.
35687	//
35688	// Each of the EC2 scenarios requires that you specify instance, image, and
35689	// security-group resources. If your scenario includes an EBS volume, then you
35690	// must specify that volume as a resource. If the EC2 scenario includes VPC,
35691	// then you must supply the network-interface resource. If it includes an IP
35692	// subnet, then you must specify the subnet resource. For more information on
35693	// the EC2 scenario options, see Supported platforms (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-supported-platforms.html)
35694	// in the Amazon EC2 User Guide.
35695	//
35696	//    * EC2-Classic-InstanceStore instance, image, security-group
35697	//
35698	//    * EC2-Classic-EBS instance, image, security-group, volume
35699	//
35700	//    * EC2-VPC-InstanceStore instance, image, security-group, network-interface
35701	//
35702	//    * EC2-VPC-InstanceStore-Subnet instance, image, security-group, network-interface,
35703	//    subnet
35704	//
35705	//    * EC2-VPC-EBS instance, image, security-group, network-interface, volume
35706	//
35707	//    * EC2-VPC-EBS-Subnet instance, image, security-group, network-interface,
35708	//    subnet, volume
35709	ResourceHandlingOption *string `min:"1" type:"string"`
35710
35711	// An ARN representing the Amazon Web Services account ID that specifies the
35712	// owner of any simulated resource that does not identify its owner in the resource
35713	// ARN. Examples of resource ARNs include an S3 bucket or object. If ResourceOwner
35714	// is specified, it is also used as the account owner of any ResourcePolicy
35715	// included in the simulation. If the ResourceOwner parameter is not specified,
35716	// then the owner of the resources and the resource policy defaults to the account
35717	// of the identity provided in CallerArn. This parameter is required only if
35718	// you specify a resource-based policy and account that owns the resource is
35719	// different from the account that owns the simulated calling user CallerArn.
35720	//
35721	// The ARN for an account uses the following syntax: arn:aws:iam::AWS-account-ID:root.
35722	// For example, to represent the account with the 112233445566 ID, use the following
35723	// ARN: arn:aws:iam::112233445566-ID:root.
35724	ResourceOwner *string `min:"1" type:"string"`
35725
35726	// A resource-based policy to include in the simulation provided as a string.
35727	// Each resource in the simulation is treated as if it had this policy attached.
35728	// You can include only one resource-based policy in a simulation.
35729	//
35730	// The maximum length of the policy document that you can pass in this operation,
35731	// including whitespace, is listed below. To view the maximum character counts
35732	// of a managed policy with no whitespaces, see IAM and STS character quotas
35733	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html#reference_iam-quotas-entity-length).
35734	//
35735	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
35736	// parameter is a string of characters consisting of the following:
35737	//
35738	//    * Any printable ASCII character ranging from the space character (\u0020)
35739	//    through the end of the ASCII character range
35740	//
35741	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
35742	//    set (through \u00FF)
35743	//
35744	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
35745	//    return (\u000D)
35746	ResourcePolicy *string `min:"1" type:"string"`
35747}
35748
35749// String returns the string representation.
35750//
35751// API parameter values that are decorated as "sensitive" in the API will not
35752// be included in the string output. The member name will be present, but the
35753// value will be replaced with "sensitive".
35754func (s SimulateCustomPolicyInput) String() string {
35755	return awsutil.Prettify(s)
35756}
35757
35758// GoString returns the string representation.
35759//
35760// API parameter values that are decorated as "sensitive" in the API will not
35761// be included in the string output. The member name will be present, but the
35762// value will be replaced with "sensitive".
35763func (s SimulateCustomPolicyInput) GoString() string {
35764	return s.String()
35765}
35766
35767// Validate inspects the fields of the type to determine if they are valid.
35768func (s *SimulateCustomPolicyInput) Validate() error {
35769	invalidParams := request.ErrInvalidParams{Context: "SimulateCustomPolicyInput"}
35770	if s.ActionNames == nil {
35771		invalidParams.Add(request.NewErrParamRequired("ActionNames"))
35772	}
35773	if s.CallerArn != nil && len(*s.CallerArn) < 1 {
35774		invalidParams.Add(request.NewErrParamMinLen("CallerArn", 1))
35775	}
35776	if s.Marker != nil && len(*s.Marker) < 1 {
35777		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
35778	}
35779	if s.MaxItems != nil && *s.MaxItems < 1 {
35780		invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1))
35781	}
35782	if s.PolicyInputList == nil {
35783		invalidParams.Add(request.NewErrParamRequired("PolicyInputList"))
35784	}
35785	if s.ResourceHandlingOption != nil && len(*s.ResourceHandlingOption) < 1 {
35786		invalidParams.Add(request.NewErrParamMinLen("ResourceHandlingOption", 1))
35787	}
35788	if s.ResourceOwner != nil && len(*s.ResourceOwner) < 1 {
35789		invalidParams.Add(request.NewErrParamMinLen("ResourceOwner", 1))
35790	}
35791	if s.ResourcePolicy != nil && len(*s.ResourcePolicy) < 1 {
35792		invalidParams.Add(request.NewErrParamMinLen("ResourcePolicy", 1))
35793	}
35794	if s.ContextEntries != nil {
35795		for i, v := range s.ContextEntries {
35796			if v == nil {
35797				continue
35798			}
35799			if err := v.Validate(); err != nil {
35800				invalidParams.AddNested(fmt.Sprintf("%s[%v]", "ContextEntries", i), err.(request.ErrInvalidParams))
35801			}
35802		}
35803	}
35804
35805	if invalidParams.Len() > 0 {
35806		return invalidParams
35807	}
35808	return nil
35809}
35810
35811// SetActionNames sets the ActionNames field's value.
35812func (s *SimulateCustomPolicyInput) SetActionNames(v []*string) *SimulateCustomPolicyInput {
35813	s.ActionNames = v
35814	return s
35815}
35816
35817// SetCallerArn sets the CallerArn field's value.
35818func (s *SimulateCustomPolicyInput) SetCallerArn(v string) *SimulateCustomPolicyInput {
35819	s.CallerArn = &v
35820	return s
35821}
35822
35823// SetContextEntries sets the ContextEntries field's value.
35824func (s *SimulateCustomPolicyInput) SetContextEntries(v []*ContextEntry) *SimulateCustomPolicyInput {
35825	s.ContextEntries = v
35826	return s
35827}
35828
35829// SetMarker sets the Marker field's value.
35830func (s *SimulateCustomPolicyInput) SetMarker(v string) *SimulateCustomPolicyInput {
35831	s.Marker = &v
35832	return s
35833}
35834
35835// SetMaxItems sets the MaxItems field's value.
35836func (s *SimulateCustomPolicyInput) SetMaxItems(v int64) *SimulateCustomPolicyInput {
35837	s.MaxItems = &v
35838	return s
35839}
35840
35841// SetPermissionsBoundaryPolicyInputList sets the PermissionsBoundaryPolicyInputList field's value.
35842func (s *SimulateCustomPolicyInput) SetPermissionsBoundaryPolicyInputList(v []*string) *SimulateCustomPolicyInput {
35843	s.PermissionsBoundaryPolicyInputList = v
35844	return s
35845}
35846
35847// SetPolicyInputList sets the PolicyInputList field's value.
35848func (s *SimulateCustomPolicyInput) SetPolicyInputList(v []*string) *SimulateCustomPolicyInput {
35849	s.PolicyInputList = v
35850	return s
35851}
35852
35853// SetResourceArns sets the ResourceArns field's value.
35854func (s *SimulateCustomPolicyInput) SetResourceArns(v []*string) *SimulateCustomPolicyInput {
35855	s.ResourceArns = v
35856	return s
35857}
35858
35859// SetResourceHandlingOption sets the ResourceHandlingOption field's value.
35860func (s *SimulateCustomPolicyInput) SetResourceHandlingOption(v string) *SimulateCustomPolicyInput {
35861	s.ResourceHandlingOption = &v
35862	return s
35863}
35864
35865// SetResourceOwner sets the ResourceOwner field's value.
35866func (s *SimulateCustomPolicyInput) SetResourceOwner(v string) *SimulateCustomPolicyInput {
35867	s.ResourceOwner = &v
35868	return s
35869}
35870
35871// SetResourcePolicy sets the ResourcePolicy field's value.
35872func (s *SimulateCustomPolicyInput) SetResourcePolicy(v string) *SimulateCustomPolicyInput {
35873	s.ResourcePolicy = &v
35874	return s
35875}
35876
35877// Contains the response to a successful SimulatePrincipalPolicy or SimulateCustomPolicy
35878// request.
35879type SimulatePolicyResponse struct {
35880	_ struct{} `type:"structure"`
35881
35882	// The results of the simulation.
35883	EvaluationResults []*EvaluationResult `type:"list"`
35884
35885	// A flag that indicates whether there are more items to return. If your results
35886	// were truncated, you can make a subsequent pagination request using the Marker
35887	// request parameter to retrieve more items. Note that IAM might return fewer
35888	// than the MaxItems number of results even when there are more results available.
35889	// We recommend that you check IsTruncated after every call to ensure that you
35890	// receive all your results.
35891	IsTruncated *bool `type:"boolean"`
35892
35893	// When IsTruncated is true, this element is present and contains the value
35894	// to use for the Marker parameter in a subsequent pagination request.
35895	Marker *string `type:"string"`
35896}
35897
35898// String returns the string representation.
35899//
35900// API parameter values that are decorated as "sensitive" in the API will not
35901// be included in the string output. The member name will be present, but the
35902// value will be replaced with "sensitive".
35903func (s SimulatePolicyResponse) String() string {
35904	return awsutil.Prettify(s)
35905}
35906
35907// GoString returns the string representation.
35908//
35909// API parameter values that are decorated as "sensitive" in the API will not
35910// be included in the string output. The member name will be present, but the
35911// value will be replaced with "sensitive".
35912func (s SimulatePolicyResponse) GoString() string {
35913	return s.String()
35914}
35915
35916// SetEvaluationResults sets the EvaluationResults field's value.
35917func (s *SimulatePolicyResponse) SetEvaluationResults(v []*EvaluationResult) *SimulatePolicyResponse {
35918	s.EvaluationResults = v
35919	return s
35920}
35921
35922// SetIsTruncated sets the IsTruncated field's value.
35923func (s *SimulatePolicyResponse) SetIsTruncated(v bool) *SimulatePolicyResponse {
35924	s.IsTruncated = &v
35925	return s
35926}
35927
35928// SetMarker sets the Marker field's value.
35929func (s *SimulatePolicyResponse) SetMarker(v string) *SimulatePolicyResponse {
35930	s.Marker = &v
35931	return s
35932}
35933
35934type SimulatePrincipalPolicyInput struct {
35935	_ struct{} `type:"structure"`
35936
35937	// A list of names of API operations to evaluate in the simulation. Each operation
35938	// is evaluated for each resource. Each operation must include the service identifier,
35939	// such as iam:CreateUser.
35940	//
35941	// ActionNames is a required field
35942	ActionNames []*string `type:"list" required:"true"`
35943
35944	// The ARN of the IAM user that you want to specify as the simulated caller
35945	// of the API operations. If you do not specify a CallerArn, it defaults to
35946	// the ARN of the user that you specify in PolicySourceArn, if you specified
35947	// a user. If you include both a PolicySourceArn (for example, arn:aws:iam::123456789012:user/David)
35948	// and a CallerArn (for example, arn:aws:iam::123456789012:user/Bob), the result
35949	// is that you simulate calling the API operations as Bob, as if Bob had David's
35950	// policies.
35951	//
35952	// You can specify only the ARN of an IAM user. You cannot specify the ARN of
35953	// an assumed role, federated user, or a service principal.
35954	//
35955	// CallerArn is required if you include a ResourcePolicy and the PolicySourceArn
35956	// is not the ARN for an IAM user. This is required so that the resource-based
35957	// policy's Principal element has a value to use in evaluating the policy.
35958	//
35959	// For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
35960	// in the Amazon Web Services General Reference.
35961	CallerArn *string `min:"1" type:"string"`
35962
35963	// A list of context keys and corresponding values for the simulation to use.
35964	// Whenever a context key is evaluated in one of the simulated IAM permissions
35965	// policies, the corresponding value is supplied.
35966	ContextEntries []*ContextEntry `type:"list"`
35967
35968	// Use this parameter only when paginating results and only after you receive
35969	// a response indicating that the results are truncated. Set it to the value
35970	// of the Marker element in the response that you received to indicate where
35971	// the next call should start.
35972	Marker *string `min:"1" type:"string"`
35973
35974	// Use this only when paginating results to indicate the maximum number of items
35975	// you want in the response. If additional items exist beyond the maximum you
35976	// specify, the IsTruncated response element is true.
35977	//
35978	// If you do not include this parameter, the number of items defaults to 100.
35979	// Note that IAM might return fewer results, even when there are more results
35980	// available. In that case, the IsTruncated response element returns true, and
35981	// Marker contains a value to include in the subsequent call that tells the
35982	// service where to continue from.
35983	MaxItems *int64 `min:"1" type:"integer"`
35984
35985	// The IAM permissions boundary policy to simulate. The permissions boundary
35986	// sets the maximum permissions that the entity can have. You can input only
35987	// one permissions boundary when you pass a policy to this operation. An IAM
35988	// entity can only have one permissions boundary in effect at a time. For example,
35989	// if a permissions boundary is attached to an entity and you pass in a different
35990	// permissions boundary policy using this parameter, then the new permissions
35991	// boundary policy is used for the simulation. For more information about permissions
35992	// boundaries, see Permissions boundaries for IAM entities (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html)
35993	// in the IAM User Guide. The policy input is specified as a string containing
35994	// the complete, valid JSON text of a permissions boundary policy.
35995	//
35996	// The maximum length of the policy document that you can pass in this operation,
35997	// including whitespace, is listed below. To view the maximum character counts
35998	// of a managed policy with no whitespaces, see IAM and STS character quotas
35999	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html#reference_iam-quotas-entity-length).
36000	//
36001	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
36002	// parameter is a string of characters consisting of the following:
36003	//
36004	//    * Any printable ASCII character ranging from the space character (\u0020)
36005	//    through the end of the ASCII character range
36006	//
36007	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
36008	//    set (through \u00FF)
36009	//
36010	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
36011	//    return (\u000D)
36012	PermissionsBoundaryPolicyInputList []*string `type:"list"`
36013
36014	// An optional list of additional policy documents to include in the simulation.
36015	// Each document is specified as a string containing the complete, valid JSON
36016	// text of an IAM policy.
36017	//
36018	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
36019	// parameter is a string of characters consisting of the following:
36020	//
36021	//    * Any printable ASCII character ranging from the space character (\u0020)
36022	//    through the end of the ASCII character range
36023	//
36024	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
36025	//    set (through \u00FF)
36026	//
36027	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
36028	//    return (\u000D)
36029	PolicyInputList []*string `type:"list"`
36030
36031	// The Amazon Resource Name (ARN) of a user, group, or role whose policies you
36032	// want to include in the simulation. If you specify a user, group, or role,
36033	// the simulation includes all policies that are associated with that entity.
36034	// If you specify a user, the simulation also includes all policies that are
36035	// attached to any groups the user belongs to.
36036	//
36037	// The maximum length of the policy document that you can pass in this operation,
36038	// including whitespace, is listed below. To view the maximum character counts
36039	// of a managed policy with no whitespaces, see IAM and STS character quotas
36040	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html#reference_iam-quotas-entity-length).
36041	//
36042	// For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
36043	// in the Amazon Web Services General Reference.
36044	//
36045	// PolicySourceArn is a required field
36046	PolicySourceArn *string `min:"20" type:"string" required:"true"`
36047
36048	// A list of ARNs of Amazon Web Services resources to include in the simulation.
36049	// If this parameter is not provided, then the value defaults to * (all resources).
36050	// Each API in the ActionNames parameter is evaluated for each resource in this
36051	// list. The simulation determines the access result (allowed or denied) of
36052	// each combination and reports it in the response. You can simulate resources
36053	// that don't exist in your account.
36054	//
36055	// The simulation does not automatically retrieve policies for the specified
36056	// resources. If you want to include a resource policy in the simulation, then
36057	// you must include the policy as a string in the ResourcePolicy parameter.
36058	//
36059	// For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
36060	// in the Amazon Web Services General Reference.
36061	ResourceArns []*string `type:"list"`
36062
36063	// Specifies the type of simulation to run. Different API operations that support
36064	// resource-based policies require different combinations of resources. By specifying
36065	// the type of simulation to run, you enable the policy simulator to enforce
36066	// the presence of the required resources to ensure reliable simulation results.
36067	// If your simulation does not match one of the following scenarios, then you
36068	// can omit this parameter. The following list shows each of the supported scenario
36069	// values and the resources that you must define to run the simulation.
36070	//
36071	// Each of the EC2 scenarios requires that you specify instance, image, and
36072	// security group resources. If your scenario includes an EBS volume, then you
36073	// must specify that volume as a resource. If the EC2 scenario includes VPC,
36074	// then you must supply the network interface resource. If it includes an IP
36075	// subnet, then you must specify the subnet resource. For more information on
36076	// the EC2 scenario options, see Supported platforms (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-supported-platforms.html)
36077	// in the Amazon EC2 User Guide.
36078	//
36079	//    * EC2-Classic-InstanceStore instance, image, security group
36080	//
36081	//    * EC2-Classic-EBS instance, image, security group, volume
36082	//
36083	//    * EC2-VPC-InstanceStore instance, image, security group, network interface
36084	//
36085	//    * EC2-VPC-InstanceStore-Subnet instance, image, security group, network
36086	//    interface, subnet
36087	//
36088	//    * EC2-VPC-EBS instance, image, security group, network interface, volume
36089	//
36090	//    * EC2-VPC-EBS-Subnet instance, image, security group, network interface,
36091	//    subnet, volume
36092	ResourceHandlingOption *string `min:"1" type:"string"`
36093
36094	// An Amazon Web Services account ID that specifies the owner of any simulated
36095	// resource that does not identify its owner in the resource ARN. Examples of
36096	// resource ARNs include an S3 bucket or object. If ResourceOwner is specified,
36097	// it is also used as the account owner of any ResourcePolicy included in the
36098	// simulation. If the ResourceOwner parameter is not specified, then the owner
36099	// of the resources and the resource policy defaults to the account of the identity
36100	// provided in CallerArn. This parameter is required only if you specify a resource-based
36101	// policy and account that owns the resource is different from the account that
36102	// owns the simulated calling user CallerArn.
36103	ResourceOwner *string `min:"1" type:"string"`
36104
36105	// A resource-based policy to include in the simulation provided as a string.
36106	// Each resource in the simulation is treated as if it had this policy attached.
36107	// You can include only one resource-based policy in a simulation.
36108	//
36109	// The maximum length of the policy document that you can pass in this operation,
36110	// including whitespace, is listed below. To view the maximum character counts
36111	// of a managed policy with no whitespaces, see IAM and STS character quotas
36112	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html#reference_iam-quotas-entity-length).
36113	//
36114	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
36115	// parameter is a string of characters consisting of the following:
36116	//
36117	//    * Any printable ASCII character ranging from the space character (\u0020)
36118	//    through the end of the ASCII character range
36119	//
36120	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
36121	//    set (through \u00FF)
36122	//
36123	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
36124	//    return (\u000D)
36125	ResourcePolicy *string `min:"1" type:"string"`
36126}
36127
36128// String returns the string representation.
36129//
36130// API parameter values that are decorated as "sensitive" in the API will not
36131// be included in the string output. The member name will be present, but the
36132// value will be replaced with "sensitive".
36133func (s SimulatePrincipalPolicyInput) String() string {
36134	return awsutil.Prettify(s)
36135}
36136
36137// GoString returns the string representation.
36138//
36139// API parameter values that are decorated as "sensitive" in the API will not
36140// be included in the string output. The member name will be present, but the
36141// value will be replaced with "sensitive".
36142func (s SimulatePrincipalPolicyInput) GoString() string {
36143	return s.String()
36144}
36145
36146// Validate inspects the fields of the type to determine if they are valid.
36147func (s *SimulatePrincipalPolicyInput) Validate() error {
36148	invalidParams := request.ErrInvalidParams{Context: "SimulatePrincipalPolicyInput"}
36149	if s.ActionNames == nil {
36150		invalidParams.Add(request.NewErrParamRequired("ActionNames"))
36151	}
36152	if s.CallerArn != nil && len(*s.CallerArn) < 1 {
36153		invalidParams.Add(request.NewErrParamMinLen("CallerArn", 1))
36154	}
36155	if s.Marker != nil && len(*s.Marker) < 1 {
36156		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
36157	}
36158	if s.MaxItems != nil && *s.MaxItems < 1 {
36159		invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1))
36160	}
36161	if s.PolicySourceArn == nil {
36162		invalidParams.Add(request.NewErrParamRequired("PolicySourceArn"))
36163	}
36164	if s.PolicySourceArn != nil && len(*s.PolicySourceArn) < 20 {
36165		invalidParams.Add(request.NewErrParamMinLen("PolicySourceArn", 20))
36166	}
36167	if s.ResourceHandlingOption != nil && len(*s.ResourceHandlingOption) < 1 {
36168		invalidParams.Add(request.NewErrParamMinLen("ResourceHandlingOption", 1))
36169	}
36170	if s.ResourceOwner != nil && len(*s.ResourceOwner) < 1 {
36171		invalidParams.Add(request.NewErrParamMinLen("ResourceOwner", 1))
36172	}
36173	if s.ResourcePolicy != nil && len(*s.ResourcePolicy) < 1 {
36174		invalidParams.Add(request.NewErrParamMinLen("ResourcePolicy", 1))
36175	}
36176	if s.ContextEntries != nil {
36177		for i, v := range s.ContextEntries {
36178			if v == nil {
36179				continue
36180			}
36181			if err := v.Validate(); err != nil {
36182				invalidParams.AddNested(fmt.Sprintf("%s[%v]", "ContextEntries", i), err.(request.ErrInvalidParams))
36183			}
36184		}
36185	}
36186
36187	if invalidParams.Len() > 0 {
36188		return invalidParams
36189	}
36190	return nil
36191}
36192
36193// SetActionNames sets the ActionNames field's value.
36194func (s *SimulatePrincipalPolicyInput) SetActionNames(v []*string) *SimulatePrincipalPolicyInput {
36195	s.ActionNames = v
36196	return s
36197}
36198
36199// SetCallerArn sets the CallerArn field's value.
36200func (s *SimulatePrincipalPolicyInput) SetCallerArn(v string) *SimulatePrincipalPolicyInput {
36201	s.CallerArn = &v
36202	return s
36203}
36204
36205// SetContextEntries sets the ContextEntries field's value.
36206func (s *SimulatePrincipalPolicyInput) SetContextEntries(v []*ContextEntry) *SimulatePrincipalPolicyInput {
36207	s.ContextEntries = v
36208	return s
36209}
36210
36211// SetMarker sets the Marker field's value.
36212func (s *SimulatePrincipalPolicyInput) SetMarker(v string) *SimulatePrincipalPolicyInput {
36213	s.Marker = &v
36214	return s
36215}
36216
36217// SetMaxItems sets the MaxItems field's value.
36218func (s *SimulatePrincipalPolicyInput) SetMaxItems(v int64) *SimulatePrincipalPolicyInput {
36219	s.MaxItems = &v
36220	return s
36221}
36222
36223// SetPermissionsBoundaryPolicyInputList sets the PermissionsBoundaryPolicyInputList field's value.
36224func (s *SimulatePrincipalPolicyInput) SetPermissionsBoundaryPolicyInputList(v []*string) *SimulatePrincipalPolicyInput {
36225	s.PermissionsBoundaryPolicyInputList = v
36226	return s
36227}
36228
36229// SetPolicyInputList sets the PolicyInputList field's value.
36230func (s *SimulatePrincipalPolicyInput) SetPolicyInputList(v []*string) *SimulatePrincipalPolicyInput {
36231	s.PolicyInputList = v
36232	return s
36233}
36234
36235// SetPolicySourceArn sets the PolicySourceArn field's value.
36236func (s *SimulatePrincipalPolicyInput) SetPolicySourceArn(v string) *SimulatePrincipalPolicyInput {
36237	s.PolicySourceArn = &v
36238	return s
36239}
36240
36241// SetResourceArns sets the ResourceArns field's value.
36242func (s *SimulatePrincipalPolicyInput) SetResourceArns(v []*string) *SimulatePrincipalPolicyInput {
36243	s.ResourceArns = v
36244	return s
36245}
36246
36247// SetResourceHandlingOption sets the ResourceHandlingOption field's value.
36248func (s *SimulatePrincipalPolicyInput) SetResourceHandlingOption(v string) *SimulatePrincipalPolicyInput {
36249	s.ResourceHandlingOption = &v
36250	return s
36251}
36252
36253// SetResourceOwner sets the ResourceOwner field's value.
36254func (s *SimulatePrincipalPolicyInput) SetResourceOwner(v string) *SimulatePrincipalPolicyInput {
36255	s.ResourceOwner = &v
36256	return s
36257}
36258
36259// SetResourcePolicy sets the ResourcePolicy field's value.
36260func (s *SimulatePrincipalPolicyInput) SetResourcePolicy(v string) *SimulatePrincipalPolicyInput {
36261	s.ResourcePolicy = &v
36262	return s
36263}
36264
36265// Contains a reference to a Statement element in a policy document that determines
36266// the result of the simulation.
36267//
36268// This data type is used by the MatchedStatements member of the EvaluationResult
36269// type.
36270type Statement struct {
36271	_ struct{} `type:"structure"`
36272
36273	// The row and column of the end of a Statement in an IAM policy.
36274	EndPosition *Position `type:"structure"`
36275
36276	// The identifier of the policy that was provided as an input.
36277	SourcePolicyId *string `type:"string"`
36278
36279	// The type of the policy.
36280	SourcePolicyType *string `type:"string" enum:"PolicySourceType"`
36281
36282	// The row and column of the beginning of the Statement in an IAM policy.
36283	StartPosition *Position `type:"structure"`
36284}
36285
36286// String returns the string representation.
36287//
36288// API parameter values that are decorated as "sensitive" in the API will not
36289// be included in the string output. The member name will be present, but the
36290// value will be replaced with "sensitive".
36291func (s Statement) String() string {
36292	return awsutil.Prettify(s)
36293}
36294
36295// GoString returns the string representation.
36296//
36297// API parameter values that are decorated as "sensitive" in the API will not
36298// be included in the string output. The member name will be present, but the
36299// value will be replaced with "sensitive".
36300func (s Statement) GoString() string {
36301	return s.String()
36302}
36303
36304// SetEndPosition sets the EndPosition field's value.
36305func (s *Statement) SetEndPosition(v *Position) *Statement {
36306	s.EndPosition = v
36307	return s
36308}
36309
36310// SetSourcePolicyId sets the SourcePolicyId field's value.
36311func (s *Statement) SetSourcePolicyId(v string) *Statement {
36312	s.SourcePolicyId = &v
36313	return s
36314}
36315
36316// SetSourcePolicyType sets the SourcePolicyType field's value.
36317func (s *Statement) SetSourcePolicyType(v string) *Statement {
36318	s.SourcePolicyType = &v
36319	return s
36320}
36321
36322// SetStartPosition sets the StartPosition field's value.
36323func (s *Statement) SetStartPosition(v *Position) *Statement {
36324	s.StartPosition = v
36325	return s
36326}
36327
36328// A structure that represents user-provided metadata that can be associated
36329// with an IAM resource. For more information about tagging, see Tagging IAM
36330// resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
36331// in the IAM User Guide.
36332type Tag struct {
36333	_ struct{} `type:"structure"`
36334
36335	// The key name that can be used to look up or retrieve the associated value.
36336	// For example, Department or Cost Center are common choices.
36337	//
36338	// Key is a required field
36339	Key *string `min:"1" type:"string" required:"true"`
36340
36341	// The value associated with this tag. For example, tags with a key name of
36342	// Department could have values such as Human Resources, Accounting, and Support.
36343	// Tags with a key name of Cost Center might have values that consist of the
36344	// number associated with the different cost centers in your company. Typically,
36345	// many resources have tags with the same key name but with different values.
36346	//
36347	// Amazon Web Services always interprets the tag Value as a single string. If
36348	// you need to store an array, you can store comma-separated values in the string.
36349	// However, you must interpret the value in your code.
36350	//
36351	// Value is a required field
36352	Value *string `type:"string" required:"true"`
36353}
36354
36355// String returns the string representation.
36356//
36357// API parameter values that are decorated as "sensitive" in the API will not
36358// be included in the string output. The member name will be present, but the
36359// value will be replaced with "sensitive".
36360func (s Tag) String() string {
36361	return awsutil.Prettify(s)
36362}
36363
36364// GoString returns the string representation.
36365//
36366// API parameter values that are decorated as "sensitive" in the API will not
36367// be included in the string output. The member name will be present, but the
36368// value will be replaced with "sensitive".
36369func (s Tag) GoString() string {
36370	return s.String()
36371}
36372
36373// Validate inspects the fields of the type to determine if they are valid.
36374func (s *Tag) Validate() error {
36375	invalidParams := request.ErrInvalidParams{Context: "Tag"}
36376	if s.Key == nil {
36377		invalidParams.Add(request.NewErrParamRequired("Key"))
36378	}
36379	if s.Key != nil && len(*s.Key) < 1 {
36380		invalidParams.Add(request.NewErrParamMinLen("Key", 1))
36381	}
36382	if s.Value == nil {
36383		invalidParams.Add(request.NewErrParamRequired("Value"))
36384	}
36385
36386	if invalidParams.Len() > 0 {
36387		return invalidParams
36388	}
36389	return nil
36390}
36391
36392// SetKey sets the Key field's value.
36393func (s *Tag) SetKey(v string) *Tag {
36394	s.Key = &v
36395	return s
36396}
36397
36398// SetValue sets the Value field's value.
36399func (s *Tag) SetValue(v string) *Tag {
36400	s.Value = &v
36401	return s
36402}
36403
36404type TagInstanceProfileInput struct {
36405	_ struct{} `type:"structure"`
36406
36407	// The name of the IAM instance profile to which you want to add tags.
36408	//
36409	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
36410	// a string of characters consisting of upper and lowercase alphanumeric characters
36411	// with no spaces. You can also include any of the following characters: _+=,.@-
36412	//
36413	// InstanceProfileName is a required field
36414	InstanceProfileName *string `min:"1" type:"string" required:"true"`
36415
36416	// The list of tags that you want to attach to the IAM instance profile. Each
36417	// tag consists of a key name and an associated value.
36418	//
36419	// Tags is a required field
36420	Tags []*Tag `type:"list" required:"true"`
36421}
36422
36423// String returns the string representation.
36424//
36425// API parameter values that are decorated as "sensitive" in the API will not
36426// be included in the string output. The member name will be present, but the
36427// value will be replaced with "sensitive".
36428func (s TagInstanceProfileInput) String() string {
36429	return awsutil.Prettify(s)
36430}
36431
36432// GoString returns the string representation.
36433//
36434// API parameter values that are decorated as "sensitive" in the API will not
36435// be included in the string output. The member name will be present, but the
36436// value will be replaced with "sensitive".
36437func (s TagInstanceProfileInput) GoString() string {
36438	return s.String()
36439}
36440
36441// Validate inspects the fields of the type to determine if they are valid.
36442func (s *TagInstanceProfileInput) Validate() error {
36443	invalidParams := request.ErrInvalidParams{Context: "TagInstanceProfileInput"}
36444	if s.InstanceProfileName == nil {
36445		invalidParams.Add(request.NewErrParamRequired("InstanceProfileName"))
36446	}
36447	if s.InstanceProfileName != nil && len(*s.InstanceProfileName) < 1 {
36448		invalidParams.Add(request.NewErrParamMinLen("InstanceProfileName", 1))
36449	}
36450	if s.Tags == nil {
36451		invalidParams.Add(request.NewErrParamRequired("Tags"))
36452	}
36453	if s.Tags != nil {
36454		for i, v := range s.Tags {
36455			if v == nil {
36456				continue
36457			}
36458			if err := v.Validate(); err != nil {
36459				invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Tags", i), err.(request.ErrInvalidParams))
36460			}
36461		}
36462	}
36463
36464	if invalidParams.Len() > 0 {
36465		return invalidParams
36466	}
36467	return nil
36468}
36469
36470// SetInstanceProfileName sets the InstanceProfileName field's value.
36471func (s *TagInstanceProfileInput) SetInstanceProfileName(v string) *TagInstanceProfileInput {
36472	s.InstanceProfileName = &v
36473	return s
36474}
36475
36476// SetTags sets the Tags field's value.
36477func (s *TagInstanceProfileInput) SetTags(v []*Tag) *TagInstanceProfileInput {
36478	s.Tags = v
36479	return s
36480}
36481
36482type TagInstanceProfileOutput struct {
36483	_ struct{} `type:"structure"`
36484}
36485
36486// String returns the string representation.
36487//
36488// API parameter values that are decorated as "sensitive" in the API will not
36489// be included in the string output. The member name will be present, but the
36490// value will be replaced with "sensitive".
36491func (s TagInstanceProfileOutput) String() string {
36492	return awsutil.Prettify(s)
36493}
36494
36495// GoString returns the string representation.
36496//
36497// API parameter values that are decorated as "sensitive" in the API will not
36498// be included in the string output. The member name will be present, but the
36499// value will be replaced with "sensitive".
36500func (s TagInstanceProfileOutput) GoString() string {
36501	return s.String()
36502}
36503
36504type TagMFADeviceInput struct {
36505	_ struct{} `type:"structure"`
36506
36507	// The unique identifier for the IAM virtual MFA device to which you want to
36508	// add tags. For virtual MFA devices, the serial number is the same as the ARN.
36509	//
36510	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
36511	// a string of characters consisting of upper and lowercase alphanumeric characters
36512	// with no spaces. You can also include any of the following characters: _+=,.@-
36513	//
36514	// SerialNumber is a required field
36515	SerialNumber *string `min:"9" type:"string" required:"true"`
36516
36517	// The list of tags that you want to attach to the IAM virtual MFA device. Each
36518	// tag consists of a key name and an associated value.
36519	//
36520	// Tags is a required field
36521	Tags []*Tag `type:"list" required:"true"`
36522}
36523
36524// String returns the string representation.
36525//
36526// API parameter values that are decorated as "sensitive" in the API will not
36527// be included in the string output. The member name will be present, but the
36528// value will be replaced with "sensitive".
36529func (s TagMFADeviceInput) String() string {
36530	return awsutil.Prettify(s)
36531}
36532
36533// GoString returns the string representation.
36534//
36535// API parameter values that are decorated as "sensitive" in the API will not
36536// be included in the string output. The member name will be present, but the
36537// value will be replaced with "sensitive".
36538func (s TagMFADeviceInput) GoString() string {
36539	return s.String()
36540}
36541
36542// Validate inspects the fields of the type to determine if they are valid.
36543func (s *TagMFADeviceInput) Validate() error {
36544	invalidParams := request.ErrInvalidParams{Context: "TagMFADeviceInput"}
36545	if s.SerialNumber == nil {
36546		invalidParams.Add(request.NewErrParamRequired("SerialNumber"))
36547	}
36548	if s.SerialNumber != nil && len(*s.SerialNumber) < 9 {
36549		invalidParams.Add(request.NewErrParamMinLen("SerialNumber", 9))
36550	}
36551	if s.Tags == nil {
36552		invalidParams.Add(request.NewErrParamRequired("Tags"))
36553	}
36554	if s.Tags != nil {
36555		for i, v := range s.Tags {
36556			if v == nil {
36557				continue
36558			}
36559			if err := v.Validate(); err != nil {
36560				invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Tags", i), err.(request.ErrInvalidParams))
36561			}
36562		}
36563	}
36564
36565	if invalidParams.Len() > 0 {
36566		return invalidParams
36567	}
36568	return nil
36569}
36570
36571// SetSerialNumber sets the SerialNumber field's value.
36572func (s *TagMFADeviceInput) SetSerialNumber(v string) *TagMFADeviceInput {
36573	s.SerialNumber = &v
36574	return s
36575}
36576
36577// SetTags sets the Tags field's value.
36578func (s *TagMFADeviceInput) SetTags(v []*Tag) *TagMFADeviceInput {
36579	s.Tags = v
36580	return s
36581}
36582
36583type TagMFADeviceOutput struct {
36584	_ struct{} `type:"structure"`
36585}
36586
36587// String returns the string representation.
36588//
36589// API parameter values that are decorated as "sensitive" in the API will not
36590// be included in the string output. The member name will be present, but the
36591// value will be replaced with "sensitive".
36592func (s TagMFADeviceOutput) String() string {
36593	return awsutil.Prettify(s)
36594}
36595
36596// GoString returns the string representation.
36597//
36598// API parameter values that are decorated as "sensitive" in the API will not
36599// be included in the string output. The member name will be present, but the
36600// value will be replaced with "sensitive".
36601func (s TagMFADeviceOutput) GoString() string {
36602	return s.String()
36603}
36604
36605type TagOpenIDConnectProviderInput struct {
36606	_ struct{} `type:"structure"`
36607
36608	// The ARN of the OIDC identity provider in IAM to which you want to add tags.
36609	//
36610	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
36611	// a string of characters consisting of upper and lowercase alphanumeric characters
36612	// with no spaces. You can also include any of the following characters: _+=,.@-
36613	//
36614	// OpenIDConnectProviderArn is a required field
36615	OpenIDConnectProviderArn *string `min:"20" type:"string" required:"true"`
36616
36617	// The list of tags that you want to attach to the OIDC identity provider in
36618	// IAM. Each tag consists of a key name and an associated value.
36619	//
36620	// Tags is a required field
36621	Tags []*Tag `type:"list" required:"true"`
36622}
36623
36624// String returns the string representation.
36625//
36626// API parameter values that are decorated as "sensitive" in the API will not
36627// be included in the string output. The member name will be present, but the
36628// value will be replaced with "sensitive".
36629func (s TagOpenIDConnectProviderInput) String() string {
36630	return awsutil.Prettify(s)
36631}
36632
36633// GoString returns the string representation.
36634//
36635// API parameter values that are decorated as "sensitive" in the API will not
36636// be included in the string output. The member name will be present, but the
36637// value will be replaced with "sensitive".
36638func (s TagOpenIDConnectProviderInput) GoString() string {
36639	return s.String()
36640}
36641
36642// Validate inspects the fields of the type to determine if they are valid.
36643func (s *TagOpenIDConnectProviderInput) Validate() error {
36644	invalidParams := request.ErrInvalidParams{Context: "TagOpenIDConnectProviderInput"}
36645	if s.OpenIDConnectProviderArn == nil {
36646		invalidParams.Add(request.NewErrParamRequired("OpenIDConnectProviderArn"))
36647	}
36648	if s.OpenIDConnectProviderArn != nil && len(*s.OpenIDConnectProviderArn) < 20 {
36649		invalidParams.Add(request.NewErrParamMinLen("OpenIDConnectProviderArn", 20))
36650	}
36651	if s.Tags == nil {
36652		invalidParams.Add(request.NewErrParamRequired("Tags"))
36653	}
36654	if s.Tags != nil {
36655		for i, v := range s.Tags {
36656			if v == nil {
36657				continue
36658			}
36659			if err := v.Validate(); err != nil {
36660				invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Tags", i), err.(request.ErrInvalidParams))
36661			}
36662		}
36663	}
36664
36665	if invalidParams.Len() > 0 {
36666		return invalidParams
36667	}
36668	return nil
36669}
36670
36671// SetOpenIDConnectProviderArn sets the OpenIDConnectProviderArn field's value.
36672func (s *TagOpenIDConnectProviderInput) SetOpenIDConnectProviderArn(v string) *TagOpenIDConnectProviderInput {
36673	s.OpenIDConnectProviderArn = &v
36674	return s
36675}
36676
36677// SetTags sets the Tags field's value.
36678func (s *TagOpenIDConnectProviderInput) SetTags(v []*Tag) *TagOpenIDConnectProviderInput {
36679	s.Tags = v
36680	return s
36681}
36682
36683type TagOpenIDConnectProviderOutput struct {
36684	_ struct{} `type:"structure"`
36685}
36686
36687// String returns the string representation.
36688//
36689// API parameter values that are decorated as "sensitive" in the API will not
36690// be included in the string output. The member name will be present, but the
36691// value will be replaced with "sensitive".
36692func (s TagOpenIDConnectProviderOutput) String() string {
36693	return awsutil.Prettify(s)
36694}
36695
36696// GoString returns the string representation.
36697//
36698// API parameter values that are decorated as "sensitive" in the API will not
36699// be included in the string output. The member name will be present, but the
36700// value will be replaced with "sensitive".
36701func (s TagOpenIDConnectProviderOutput) GoString() string {
36702	return s.String()
36703}
36704
36705type TagPolicyInput struct {
36706	_ struct{} `type:"structure"`
36707
36708	// The ARN of the IAM customer managed policy to which you want to add tags.
36709	//
36710	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
36711	// a string of characters consisting of upper and lowercase alphanumeric characters
36712	// with no spaces. You can also include any of the following characters: _+=,.@-
36713	//
36714	// PolicyArn is a required field
36715	PolicyArn *string `min:"20" type:"string" required:"true"`
36716
36717	// The list of tags that you want to attach to the IAM customer managed policy.
36718	// Each tag consists of a key name and an associated value.
36719	//
36720	// Tags is a required field
36721	Tags []*Tag `type:"list" required:"true"`
36722}
36723
36724// String returns the string representation.
36725//
36726// API parameter values that are decorated as "sensitive" in the API will not
36727// be included in the string output. The member name will be present, but the
36728// value will be replaced with "sensitive".
36729func (s TagPolicyInput) String() string {
36730	return awsutil.Prettify(s)
36731}
36732
36733// GoString returns the string representation.
36734//
36735// API parameter values that are decorated as "sensitive" in the API will not
36736// be included in the string output. The member name will be present, but the
36737// value will be replaced with "sensitive".
36738func (s TagPolicyInput) GoString() string {
36739	return s.String()
36740}
36741
36742// Validate inspects the fields of the type to determine if they are valid.
36743func (s *TagPolicyInput) Validate() error {
36744	invalidParams := request.ErrInvalidParams{Context: "TagPolicyInput"}
36745	if s.PolicyArn == nil {
36746		invalidParams.Add(request.NewErrParamRequired("PolicyArn"))
36747	}
36748	if s.PolicyArn != nil && len(*s.PolicyArn) < 20 {
36749		invalidParams.Add(request.NewErrParamMinLen("PolicyArn", 20))
36750	}
36751	if s.Tags == nil {
36752		invalidParams.Add(request.NewErrParamRequired("Tags"))
36753	}
36754	if s.Tags != nil {
36755		for i, v := range s.Tags {
36756			if v == nil {
36757				continue
36758			}
36759			if err := v.Validate(); err != nil {
36760				invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Tags", i), err.(request.ErrInvalidParams))
36761			}
36762		}
36763	}
36764
36765	if invalidParams.Len() > 0 {
36766		return invalidParams
36767	}
36768	return nil
36769}
36770
36771// SetPolicyArn sets the PolicyArn field's value.
36772func (s *TagPolicyInput) SetPolicyArn(v string) *TagPolicyInput {
36773	s.PolicyArn = &v
36774	return s
36775}
36776
36777// SetTags sets the Tags field's value.
36778func (s *TagPolicyInput) SetTags(v []*Tag) *TagPolicyInput {
36779	s.Tags = v
36780	return s
36781}
36782
36783type TagPolicyOutput struct {
36784	_ struct{} `type:"structure"`
36785}
36786
36787// String returns the string representation.
36788//
36789// API parameter values that are decorated as "sensitive" in the API will not
36790// be included in the string output. The member name will be present, but the
36791// value will be replaced with "sensitive".
36792func (s TagPolicyOutput) String() string {
36793	return awsutil.Prettify(s)
36794}
36795
36796// GoString returns the string representation.
36797//
36798// API parameter values that are decorated as "sensitive" in the API will not
36799// be included in the string output. The member name will be present, but the
36800// value will be replaced with "sensitive".
36801func (s TagPolicyOutput) GoString() string {
36802	return s.String()
36803}
36804
36805type TagRoleInput struct {
36806	_ struct{} `type:"structure"`
36807
36808	// The name of the IAM role to which you want to add tags.
36809	//
36810	// This parameter accepts (through its regex pattern (http://wikipedia.org/wiki/regex))
36811	// a string of characters that consist of upper and lowercase alphanumeric characters
36812	// with no spaces. You can also include any of the following characters: _+=,.@-
36813	//
36814	// RoleName is a required field
36815	RoleName *string `min:"1" type:"string" required:"true"`
36816
36817	// The list of tags that you want to attach to the IAM role. Each tag consists
36818	// of a key name and an associated value.
36819	//
36820	// Tags is a required field
36821	Tags []*Tag `type:"list" required:"true"`
36822}
36823
36824// String returns the string representation.
36825//
36826// API parameter values that are decorated as "sensitive" in the API will not
36827// be included in the string output. The member name will be present, but the
36828// value will be replaced with "sensitive".
36829func (s TagRoleInput) String() string {
36830	return awsutil.Prettify(s)
36831}
36832
36833// GoString returns the string representation.
36834//
36835// API parameter values that are decorated as "sensitive" in the API will not
36836// be included in the string output. The member name will be present, but the
36837// value will be replaced with "sensitive".
36838func (s TagRoleInput) GoString() string {
36839	return s.String()
36840}
36841
36842// Validate inspects the fields of the type to determine if they are valid.
36843func (s *TagRoleInput) Validate() error {
36844	invalidParams := request.ErrInvalidParams{Context: "TagRoleInput"}
36845	if s.RoleName == nil {
36846		invalidParams.Add(request.NewErrParamRequired("RoleName"))
36847	}
36848	if s.RoleName != nil && len(*s.RoleName) < 1 {
36849		invalidParams.Add(request.NewErrParamMinLen("RoleName", 1))
36850	}
36851	if s.Tags == nil {
36852		invalidParams.Add(request.NewErrParamRequired("Tags"))
36853	}
36854	if s.Tags != nil {
36855		for i, v := range s.Tags {
36856			if v == nil {
36857				continue
36858			}
36859			if err := v.Validate(); err != nil {
36860				invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Tags", i), err.(request.ErrInvalidParams))
36861			}
36862		}
36863	}
36864
36865	if invalidParams.Len() > 0 {
36866		return invalidParams
36867	}
36868	return nil
36869}
36870
36871// SetRoleName sets the RoleName field's value.
36872func (s *TagRoleInput) SetRoleName(v string) *TagRoleInput {
36873	s.RoleName = &v
36874	return s
36875}
36876
36877// SetTags sets the Tags field's value.
36878func (s *TagRoleInput) SetTags(v []*Tag) *TagRoleInput {
36879	s.Tags = v
36880	return s
36881}
36882
36883type TagRoleOutput struct {
36884	_ struct{} `type:"structure"`
36885}
36886
36887// String returns the string representation.
36888//
36889// API parameter values that are decorated as "sensitive" in the API will not
36890// be included in the string output. The member name will be present, but the
36891// value will be replaced with "sensitive".
36892func (s TagRoleOutput) String() string {
36893	return awsutil.Prettify(s)
36894}
36895
36896// GoString returns the string representation.
36897//
36898// API parameter values that are decorated as "sensitive" in the API will not
36899// be included in the string output. The member name will be present, but the
36900// value will be replaced with "sensitive".
36901func (s TagRoleOutput) GoString() string {
36902	return s.String()
36903}
36904
36905type TagSAMLProviderInput struct {
36906	_ struct{} `type:"structure"`
36907
36908	// The ARN of the SAML identity provider in IAM to which you want to add tags.
36909	//
36910	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
36911	// a string of characters consisting of upper and lowercase alphanumeric characters
36912	// with no spaces. You can also include any of the following characters: _+=,.@-
36913	//
36914	// SAMLProviderArn is a required field
36915	SAMLProviderArn *string `min:"20" type:"string" required:"true"`
36916
36917	// The list of tags that you want to attach to the SAML identity provider in
36918	// IAM. Each tag consists of a key name and an associated value.
36919	//
36920	// Tags is a required field
36921	Tags []*Tag `type:"list" required:"true"`
36922}
36923
36924// String returns the string representation.
36925//
36926// API parameter values that are decorated as "sensitive" in the API will not
36927// be included in the string output. The member name will be present, but the
36928// value will be replaced with "sensitive".
36929func (s TagSAMLProviderInput) String() string {
36930	return awsutil.Prettify(s)
36931}
36932
36933// GoString returns the string representation.
36934//
36935// API parameter values that are decorated as "sensitive" in the API will not
36936// be included in the string output. The member name will be present, but the
36937// value will be replaced with "sensitive".
36938func (s TagSAMLProviderInput) GoString() string {
36939	return s.String()
36940}
36941
36942// Validate inspects the fields of the type to determine if they are valid.
36943func (s *TagSAMLProviderInput) Validate() error {
36944	invalidParams := request.ErrInvalidParams{Context: "TagSAMLProviderInput"}
36945	if s.SAMLProviderArn == nil {
36946		invalidParams.Add(request.NewErrParamRequired("SAMLProviderArn"))
36947	}
36948	if s.SAMLProviderArn != nil && len(*s.SAMLProviderArn) < 20 {
36949		invalidParams.Add(request.NewErrParamMinLen("SAMLProviderArn", 20))
36950	}
36951	if s.Tags == nil {
36952		invalidParams.Add(request.NewErrParamRequired("Tags"))
36953	}
36954	if s.Tags != nil {
36955		for i, v := range s.Tags {
36956			if v == nil {
36957				continue
36958			}
36959			if err := v.Validate(); err != nil {
36960				invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Tags", i), err.(request.ErrInvalidParams))
36961			}
36962		}
36963	}
36964
36965	if invalidParams.Len() > 0 {
36966		return invalidParams
36967	}
36968	return nil
36969}
36970
36971// SetSAMLProviderArn sets the SAMLProviderArn field's value.
36972func (s *TagSAMLProviderInput) SetSAMLProviderArn(v string) *TagSAMLProviderInput {
36973	s.SAMLProviderArn = &v
36974	return s
36975}
36976
36977// SetTags sets the Tags field's value.
36978func (s *TagSAMLProviderInput) SetTags(v []*Tag) *TagSAMLProviderInput {
36979	s.Tags = v
36980	return s
36981}
36982
36983type TagSAMLProviderOutput struct {
36984	_ struct{} `type:"structure"`
36985}
36986
36987// String returns the string representation.
36988//
36989// API parameter values that are decorated as "sensitive" in the API will not
36990// be included in the string output. The member name will be present, but the
36991// value will be replaced with "sensitive".
36992func (s TagSAMLProviderOutput) String() string {
36993	return awsutil.Prettify(s)
36994}
36995
36996// GoString returns the string representation.
36997//
36998// API parameter values that are decorated as "sensitive" in the API will not
36999// be included in the string output. The member name will be present, but the
37000// value will be replaced with "sensitive".
37001func (s TagSAMLProviderOutput) GoString() string {
37002	return s.String()
37003}
37004
37005type TagServerCertificateInput struct {
37006	_ struct{} `type:"structure"`
37007
37008	// The name of the IAM server certificate to which you want to add tags.
37009	//
37010	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
37011	// a string of characters consisting of upper and lowercase alphanumeric characters
37012	// with no spaces. You can also include any of the following characters: _+=,.@-
37013	//
37014	// ServerCertificateName is a required field
37015	ServerCertificateName *string `min:"1" type:"string" required:"true"`
37016
37017	// The list of tags that you want to attach to the IAM server certificate. Each
37018	// tag consists of a key name and an associated value.
37019	//
37020	// Tags is a required field
37021	Tags []*Tag `type:"list" required:"true"`
37022}
37023
37024// String returns the string representation.
37025//
37026// API parameter values that are decorated as "sensitive" in the API will not
37027// be included in the string output. The member name will be present, but the
37028// value will be replaced with "sensitive".
37029func (s TagServerCertificateInput) String() string {
37030	return awsutil.Prettify(s)
37031}
37032
37033// GoString returns the string representation.
37034//
37035// API parameter values that are decorated as "sensitive" in the API will not
37036// be included in the string output. The member name will be present, but the
37037// value will be replaced with "sensitive".
37038func (s TagServerCertificateInput) GoString() string {
37039	return s.String()
37040}
37041
37042// Validate inspects the fields of the type to determine if they are valid.
37043func (s *TagServerCertificateInput) Validate() error {
37044	invalidParams := request.ErrInvalidParams{Context: "TagServerCertificateInput"}
37045	if s.ServerCertificateName == nil {
37046		invalidParams.Add(request.NewErrParamRequired("ServerCertificateName"))
37047	}
37048	if s.ServerCertificateName != nil && len(*s.ServerCertificateName) < 1 {
37049		invalidParams.Add(request.NewErrParamMinLen("ServerCertificateName", 1))
37050	}
37051	if s.Tags == nil {
37052		invalidParams.Add(request.NewErrParamRequired("Tags"))
37053	}
37054	if s.Tags != nil {
37055		for i, v := range s.Tags {
37056			if v == nil {
37057				continue
37058			}
37059			if err := v.Validate(); err != nil {
37060				invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Tags", i), err.(request.ErrInvalidParams))
37061			}
37062		}
37063	}
37064
37065	if invalidParams.Len() > 0 {
37066		return invalidParams
37067	}
37068	return nil
37069}
37070
37071// SetServerCertificateName sets the ServerCertificateName field's value.
37072func (s *TagServerCertificateInput) SetServerCertificateName(v string) *TagServerCertificateInput {
37073	s.ServerCertificateName = &v
37074	return s
37075}
37076
37077// SetTags sets the Tags field's value.
37078func (s *TagServerCertificateInput) SetTags(v []*Tag) *TagServerCertificateInput {
37079	s.Tags = v
37080	return s
37081}
37082
37083type TagServerCertificateOutput struct {
37084	_ struct{} `type:"structure"`
37085}
37086
37087// String returns the string representation.
37088//
37089// API parameter values that are decorated as "sensitive" in the API will not
37090// be included in the string output. The member name will be present, but the
37091// value will be replaced with "sensitive".
37092func (s TagServerCertificateOutput) String() string {
37093	return awsutil.Prettify(s)
37094}
37095
37096// GoString returns the string representation.
37097//
37098// API parameter values that are decorated as "sensitive" in the API will not
37099// be included in the string output. The member name will be present, but the
37100// value will be replaced with "sensitive".
37101func (s TagServerCertificateOutput) GoString() string {
37102	return s.String()
37103}
37104
37105type TagUserInput struct {
37106	_ struct{} `type:"structure"`
37107
37108	// The list of tags that you want to attach to the IAM user. Each tag consists
37109	// of a key name and an associated value.
37110	//
37111	// Tags is a required field
37112	Tags []*Tag `type:"list" required:"true"`
37113
37114	// The name of the IAM user to which you want to add tags.
37115	//
37116	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
37117	// a string of characters consisting of upper and lowercase alphanumeric characters
37118	// with no spaces. You can also include any of the following characters: _+=,.@-
37119	//
37120	// UserName is a required field
37121	UserName *string `min:"1" type:"string" required:"true"`
37122}
37123
37124// String returns the string representation.
37125//
37126// API parameter values that are decorated as "sensitive" in the API will not
37127// be included in the string output. The member name will be present, but the
37128// value will be replaced with "sensitive".
37129func (s TagUserInput) String() string {
37130	return awsutil.Prettify(s)
37131}
37132
37133// GoString returns the string representation.
37134//
37135// API parameter values that are decorated as "sensitive" in the API will not
37136// be included in the string output. The member name will be present, but the
37137// value will be replaced with "sensitive".
37138func (s TagUserInput) GoString() string {
37139	return s.String()
37140}
37141
37142// Validate inspects the fields of the type to determine if they are valid.
37143func (s *TagUserInput) Validate() error {
37144	invalidParams := request.ErrInvalidParams{Context: "TagUserInput"}
37145	if s.Tags == nil {
37146		invalidParams.Add(request.NewErrParamRequired("Tags"))
37147	}
37148	if s.UserName == nil {
37149		invalidParams.Add(request.NewErrParamRequired("UserName"))
37150	}
37151	if s.UserName != nil && len(*s.UserName) < 1 {
37152		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
37153	}
37154	if s.Tags != nil {
37155		for i, v := range s.Tags {
37156			if v == nil {
37157				continue
37158			}
37159			if err := v.Validate(); err != nil {
37160				invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Tags", i), err.(request.ErrInvalidParams))
37161			}
37162		}
37163	}
37164
37165	if invalidParams.Len() > 0 {
37166		return invalidParams
37167	}
37168	return nil
37169}
37170
37171// SetTags sets the Tags field's value.
37172func (s *TagUserInput) SetTags(v []*Tag) *TagUserInput {
37173	s.Tags = v
37174	return s
37175}
37176
37177// SetUserName sets the UserName field's value.
37178func (s *TagUserInput) SetUserName(v string) *TagUserInput {
37179	s.UserName = &v
37180	return s
37181}
37182
37183type TagUserOutput struct {
37184	_ struct{} `type:"structure"`
37185}
37186
37187// String returns the string representation.
37188//
37189// API parameter values that are decorated as "sensitive" in the API will not
37190// be included in the string output. The member name will be present, but the
37191// value will be replaced with "sensitive".
37192func (s TagUserOutput) String() string {
37193	return awsutil.Prettify(s)
37194}
37195
37196// GoString returns the string representation.
37197//
37198// API parameter values that are decorated as "sensitive" in the API will not
37199// be included in the string output. The member name will be present, but the
37200// value will be replaced with "sensitive".
37201func (s TagUserOutput) GoString() string {
37202	return s.String()
37203}
37204
37205// Contains details about the most recent attempt to access an action within
37206// the service.
37207//
37208// This data type is used as a response element in the GetServiceLastAccessedDetails
37209// operation.
37210type TrackedActionLastAccessed struct {
37211	_ struct{} `type:"structure"`
37212
37213	// The name of the tracked action to which access was attempted. Tracked actions
37214	// are actions that report activity to IAM.
37215	ActionName *string `type:"string"`
37216
37217	// The Amazon Resource Name (ARN). ARNs are unique identifiers for Amazon Web
37218	// Services resources.
37219	//
37220	// For more information about ARNs, go to Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
37221	// in the Amazon Web Services General Reference.
37222	LastAccessedEntity *string `min:"20" type:"string"`
37223
37224	// The Region from which the authenticated entity (user or role) last attempted
37225	// to access the tracked action. Amazon Web Services does not report unauthenticated
37226	// requests.
37227	//
37228	// This field is null if no IAM entities attempted to access the service within
37229	// the reporting period (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#service-last-accessed-reporting-period).
37230	LastAccessedRegion *string `type:"string"`
37231
37232	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
37233	// when an authenticated entity most recently attempted to access the tracked
37234	// service. Amazon Web Services does not report unauthenticated requests.
37235	//
37236	// This field is null if no IAM entities attempted to access the service within
37237	// the reporting period (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#service-last-accessed-reporting-period).
37238	LastAccessedTime *time.Time `type:"timestamp"`
37239}
37240
37241// String returns the string representation.
37242//
37243// API parameter values that are decorated as "sensitive" in the API will not
37244// be included in the string output. The member name will be present, but the
37245// value will be replaced with "sensitive".
37246func (s TrackedActionLastAccessed) String() string {
37247	return awsutil.Prettify(s)
37248}
37249
37250// GoString returns the string representation.
37251//
37252// API parameter values that are decorated as "sensitive" in the API will not
37253// be included in the string output. The member name will be present, but the
37254// value will be replaced with "sensitive".
37255func (s TrackedActionLastAccessed) GoString() string {
37256	return s.String()
37257}
37258
37259// SetActionName sets the ActionName field's value.
37260func (s *TrackedActionLastAccessed) SetActionName(v string) *TrackedActionLastAccessed {
37261	s.ActionName = &v
37262	return s
37263}
37264
37265// SetLastAccessedEntity sets the LastAccessedEntity field's value.
37266func (s *TrackedActionLastAccessed) SetLastAccessedEntity(v string) *TrackedActionLastAccessed {
37267	s.LastAccessedEntity = &v
37268	return s
37269}
37270
37271// SetLastAccessedRegion sets the LastAccessedRegion field's value.
37272func (s *TrackedActionLastAccessed) SetLastAccessedRegion(v string) *TrackedActionLastAccessed {
37273	s.LastAccessedRegion = &v
37274	return s
37275}
37276
37277// SetLastAccessedTime sets the LastAccessedTime field's value.
37278func (s *TrackedActionLastAccessed) SetLastAccessedTime(v time.Time) *TrackedActionLastAccessed {
37279	s.LastAccessedTime = &v
37280	return s
37281}
37282
37283type UntagInstanceProfileInput struct {
37284	_ struct{} `type:"structure"`
37285
37286	// The name of the IAM instance profile from which you want to remove tags.
37287	//
37288	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
37289	// a string of characters consisting of upper and lowercase alphanumeric characters
37290	// with no spaces. You can also include any of the following characters: _+=,.@-
37291	//
37292	// InstanceProfileName is a required field
37293	InstanceProfileName *string `min:"1" type:"string" required:"true"`
37294
37295	// A list of key names as a simple array of strings. The tags with matching
37296	// keys are removed from the specified instance profile.
37297	//
37298	// TagKeys is a required field
37299	TagKeys []*string `type:"list" required:"true"`
37300}
37301
37302// String returns the string representation.
37303//
37304// API parameter values that are decorated as "sensitive" in the API will not
37305// be included in the string output. The member name will be present, but the
37306// value will be replaced with "sensitive".
37307func (s UntagInstanceProfileInput) String() string {
37308	return awsutil.Prettify(s)
37309}
37310
37311// GoString returns the string representation.
37312//
37313// API parameter values that are decorated as "sensitive" in the API will not
37314// be included in the string output. The member name will be present, but the
37315// value will be replaced with "sensitive".
37316func (s UntagInstanceProfileInput) GoString() string {
37317	return s.String()
37318}
37319
37320// Validate inspects the fields of the type to determine if they are valid.
37321func (s *UntagInstanceProfileInput) Validate() error {
37322	invalidParams := request.ErrInvalidParams{Context: "UntagInstanceProfileInput"}
37323	if s.InstanceProfileName == nil {
37324		invalidParams.Add(request.NewErrParamRequired("InstanceProfileName"))
37325	}
37326	if s.InstanceProfileName != nil && len(*s.InstanceProfileName) < 1 {
37327		invalidParams.Add(request.NewErrParamMinLen("InstanceProfileName", 1))
37328	}
37329	if s.TagKeys == nil {
37330		invalidParams.Add(request.NewErrParamRequired("TagKeys"))
37331	}
37332
37333	if invalidParams.Len() > 0 {
37334		return invalidParams
37335	}
37336	return nil
37337}
37338
37339// SetInstanceProfileName sets the InstanceProfileName field's value.
37340func (s *UntagInstanceProfileInput) SetInstanceProfileName(v string) *UntagInstanceProfileInput {
37341	s.InstanceProfileName = &v
37342	return s
37343}
37344
37345// SetTagKeys sets the TagKeys field's value.
37346func (s *UntagInstanceProfileInput) SetTagKeys(v []*string) *UntagInstanceProfileInput {
37347	s.TagKeys = v
37348	return s
37349}
37350
37351type UntagInstanceProfileOutput struct {
37352	_ struct{} `type:"structure"`
37353}
37354
37355// String returns the string representation.
37356//
37357// API parameter values that are decorated as "sensitive" in the API will not
37358// be included in the string output. The member name will be present, but the
37359// value will be replaced with "sensitive".
37360func (s UntagInstanceProfileOutput) String() string {
37361	return awsutil.Prettify(s)
37362}
37363
37364// GoString returns the string representation.
37365//
37366// API parameter values that are decorated as "sensitive" in the API will not
37367// be included in the string output. The member name will be present, but the
37368// value will be replaced with "sensitive".
37369func (s UntagInstanceProfileOutput) GoString() string {
37370	return s.String()
37371}
37372
37373type UntagMFADeviceInput struct {
37374	_ struct{} `type:"structure"`
37375
37376	// The unique identifier for the IAM virtual MFA device from which you want
37377	// to remove tags. For virtual MFA devices, the serial number is the same as
37378	// the ARN.
37379	//
37380	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
37381	// a string of characters consisting of upper and lowercase alphanumeric characters
37382	// with no spaces. You can also include any of the following characters: _+=,.@-
37383	//
37384	// SerialNumber is a required field
37385	SerialNumber *string `min:"9" type:"string" required:"true"`
37386
37387	// A list of key names as a simple array of strings. The tags with matching
37388	// keys are removed from the specified instance profile.
37389	//
37390	// TagKeys is a required field
37391	TagKeys []*string `type:"list" required:"true"`
37392}
37393
37394// String returns the string representation.
37395//
37396// API parameter values that are decorated as "sensitive" in the API will not
37397// be included in the string output. The member name will be present, but the
37398// value will be replaced with "sensitive".
37399func (s UntagMFADeviceInput) String() string {
37400	return awsutil.Prettify(s)
37401}
37402
37403// GoString returns the string representation.
37404//
37405// API parameter values that are decorated as "sensitive" in the API will not
37406// be included in the string output. The member name will be present, but the
37407// value will be replaced with "sensitive".
37408func (s UntagMFADeviceInput) GoString() string {
37409	return s.String()
37410}
37411
37412// Validate inspects the fields of the type to determine if they are valid.
37413func (s *UntagMFADeviceInput) Validate() error {
37414	invalidParams := request.ErrInvalidParams{Context: "UntagMFADeviceInput"}
37415	if s.SerialNumber == nil {
37416		invalidParams.Add(request.NewErrParamRequired("SerialNumber"))
37417	}
37418	if s.SerialNumber != nil && len(*s.SerialNumber) < 9 {
37419		invalidParams.Add(request.NewErrParamMinLen("SerialNumber", 9))
37420	}
37421	if s.TagKeys == nil {
37422		invalidParams.Add(request.NewErrParamRequired("TagKeys"))
37423	}
37424
37425	if invalidParams.Len() > 0 {
37426		return invalidParams
37427	}
37428	return nil
37429}
37430
37431// SetSerialNumber sets the SerialNumber field's value.
37432func (s *UntagMFADeviceInput) SetSerialNumber(v string) *UntagMFADeviceInput {
37433	s.SerialNumber = &v
37434	return s
37435}
37436
37437// SetTagKeys sets the TagKeys field's value.
37438func (s *UntagMFADeviceInput) SetTagKeys(v []*string) *UntagMFADeviceInput {
37439	s.TagKeys = v
37440	return s
37441}
37442
37443type UntagMFADeviceOutput struct {
37444	_ struct{} `type:"structure"`
37445}
37446
37447// String returns the string representation.
37448//
37449// API parameter values that are decorated as "sensitive" in the API will not
37450// be included in the string output. The member name will be present, but the
37451// value will be replaced with "sensitive".
37452func (s UntagMFADeviceOutput) String() string {
37453	return awsutil.Prettify(s)
37454}
37455
37456// GoString returns the string representation.
37457//
37458// API parameter values that are decorated as "sensitive" in the API will not
37459// be included in the string output. The member name will be present, but the
37460// value will be replaced with "sensitive".
37461func (s UntagMFADeviceOutput) GoString() string {
37462	return s.String()
37463}
37464
37465type UntagOpenIDConnectProviderInput struct {
37466	_ struct{} `type:"structure"`
37467
37468	// The ARN of the OIDC provider in IAM from which you want to remove tags.
37469	//
37470	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
37471	// a string of characters consisting of upper and lowercase alphanumeric characters
37472	// with no spaces. You can also include any of the following characters: _+=,.@-
37473	//
37474	// OpenIDConnectProviderArn is a required field
37475	OpenIDConnectProviderArn *string `min:"20" type:"string" required:"true"`
37476
37477	// A list of key names as a simple array of strings. The tags with matching
37478	// keys are removed from the specified OIDC provider.
37479	//
37480	// TagKeys is a required field
37481	TagKeys []*string `type:"list" required:"true"`
37482}
37483
37484// String returns the string representation.
37485//
37486// API parameter values that are decorated as "sensitive" in the API will not
37487// be included in the string output. The member name will be present, but the
37488// value will be replaced with "sensitive".
37489func (s UntagOpenIDConnectProviderInput) String() string {
37490	return awsutil.Prettify(s)
37491}
37492
37493// GoString returns the string representation.
37494//
37495// API parameter values that are decorated as "sensitive" in the API will not
37496// be included in the string output. The member name will be present, but the
37497// value will be replaced with "sensitive".
37498func (s UntagOpenIDConnectProviderInput) GoString() string {
37499	return s.String()
37500}
37501
37502// Validate inspects the fields of the type to determine if they are valid.
37503func (s *UntagOpenIDConnectProviderInput) Validate() error {
37504	invalidParams := request.ErrInvalidParams{Context: "UntagOpenIDConnectProviderInput"}
37505	if s.OpenIDConnectProviderArn == nil {
37506		invalidParams.Add(request.NewErrParamRequired("OpenIDConnectProviderArn"))
37507	}
37508	if s.OpenIDConnectProviderArn != nil && len(*s.OpenIDConnectProviderArn) < 20 {
37509		invalidParams.Add(request.NewErrParamMinLen("OpenIDConnectProviderArn", 20))
37510	}
37511	if s.TagKeys == nil {
37512		invalidParams.Add(request.NewErrParamRequired("TagKeys"))
37513	}
37514
37515	if invalidParams.Len() > 0 {
37516		return invalidParams
37517	}
37518	return nil
37519}
37520
37521// SetOpenIDConnectProviderArn sets the OpenIDConnectProviderArn field's value.
37522func (s *UntagOpenIDConnectProviderInput) SetOpenIDConnectProviderArn(v string) *UntagOpenIDConnectProviderInput {
37523	s.OpenIDConnectProviderArn = &v
37524	return s
37525}
37526
37527// SetTagKeys sets the TagKeys field's value.
37528func (s *UntagOpenIDConnectProviderInput) SetTagKeys(v []*string) *UntagOpenIDConnectProviderInput {
37529	s.TagKeys = v
37530	return s
37531}
37532
37533type UntagOpenIDConnectProviderOutput struct {
37534	_ struct{} `type:"structure"`
37535}
37536
37537// String returns the string representation.
37538//
37539// API parameter values that are decorated as "sensitive" in the API will not
37540// be included in the string output. The member name will be present, but the
37541// value will be replaced with "sensitive".
37542func (s UntagOpenIDConnectProviderOutput) String() string {
37543	return awsutil.Prettify(s)
37544}
37545
37546// GoString returns the string representation.
37547//
37548// API parameter values that are decorated as "sensitive" in the API will not
37549// be included in the string output. The member name will be present, but the
37550// value will be replaced with "sensitive".
37551func (s UntagOpenIDConnectProviderOutput) GoString() string {
37552	return s.String()
37553}
37554
37555type UntagPolicyInput struct {
37556	_ struct{} `type:"structure"`
37557
37558	// The ARN of the IAM customer managed policy from which you want to remove
37559	// tags.
37560	//
37561	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
37562	// a string of characters consisting of upper and lowercase alphanumeric characters
37563	// with no spaces. You can also include any of the following characters: _+=,.@-
37564	//
37565	// PolicyArn is a required field
37566	PolicyArn *string `min:"20" type:"string" required:"true"`
37567
37568	// A list of key names as a simple array of strings. The tags with matching
37569	// keys are removed from the specified policy.
37570	//
37571	// TagKeys is a required field
37572	TagKeys []*string `type:"list" required:"true"`
37573}
37574
37575// String returns the string representation.
37576//
37577// API parameter values that are decorated as "sensitive" in the API will not
37578// be included in the string output. The member name will be present, but the
37579// value will be replaced with "sensitive".
37580func (s UntagPolicyInput) String() string {
37581	return awsutil.Prettify(s)
37582}
37583
37584// GoString returns the string representation.
37585//
37586// API parameter values that are decorated as "sensitive" in the API will not
37587// be included in the string output. The member name will be present, but the
37588// value will be replaced with "sensitive".
37589func (s UntagPolicyInput) GoString() string {
37590	return s.String()
37591}
37592
37593// Validate inspects the fields of the type to determine if they are valid.
37594func (s *UntagPolicyInput) Validate() error {
37595	invalidParams := request.ErrInvalidParams{Context: "UntagPolicyInput"}
37596	if s.PolicyArn == nil {
37597		invalidParams.Add(request.NewErrParamRequired("PolicyArn"))
37598	}
37599	if s.PolicyArn != nil && len(*s.PolicyArn) < 20 {
37600		invalidParams.Add(request.NewErrParamMinLen("PolicyArn", 20))
37601	}
37602	if s.TagKeys == nil {
37603		invalidParams.Add(request.NewErrParamRequired("TagKeys"))
37604	}
37605
37606	if invalidParams.Len() > 0 {
37607		return invalidParams
37608	}
37609	return nil
37610}
37611
37612// SetPolicyArn sets the PolicyArn field's value.
37613func (s *UntagPolicyInput) SetPolicyArn(v string) *UntagPolicyInput {
37614	s.PolicyArn = &v
37615	return s
37616}
37617
37618// SetTagKeys sets the TagKeys field's value.
37619func (s *UntagPolicyInput) SetTagKeys(v []*string) *UntagPolicyInput {
37620	s.TagKeys = v
37621	return s
37622}
37623
37624type UntagPolicyOutput struct {
37625	_ struct{} `type:"structure"`
37626}
37627
37628// String returns the string representation.
37629//
37630// API parameter values that are decorated as "sensitive" in the API will not
37631// be included in the string output. The member name will be present, but the
37632// value will be replaced with "sensitive".
37633func (s UntagPolicyOutput) String() string {
37634	return awsutil.Prettify(s)
37635}
37636
37637// GoString returns the string representation.
37638//
37639// API parameter values that are decorated as "sensitive" in the API will not
37640// be included in the string output. The member name will be present, but the
37641// value will be replaced with "sensitive".
37642func (s UntagPolicyOutput) GoString() string {
37643	return s.String()
37644}
37645
37646type UntagRoleInput struct {
37647	_ struct{} `type:"structure"`
37648
37649	// The name of the IAM role from which you want to remove tags.
37650	//
37651	// This parameter accepts (through its regex pattern (http://wikipedia.org/wiki/regex))
37652	// a string of characters that consist of upper and lowercase alphanumeric characters
37653	// with no spaces. You can also include any of the following characters: _+=,.@-
37654	//
37655	// RoleName is a required field
37656	RoleName *string `min:"1" type:"string" required:"true"`
37657
37658	// A list of key names as a simple array of strings. The tags with matching
37659	// keys are removed from the specified role.
37660	//
37661	// TagKeys is a required field
37662	TagKeys []*string `type:"list" required:"true"`
37663}
37664
37665// String returns the string representation.
37666//
37667// API parameter values that are decorated as "sensitive" in the API will not
37668// be included in the string output. The member name will be present, but the
37669// value will be replaced with "sensitive".
37670func (s UntagRoleInput) String() string {
37671	return awsutil.Prettify(s)
37672}
37673
37674// GoString returns the string representation.
37675//
37676// API parameter values that are decorated as "sensitive" in the API will not
37677// be included in the string output. The member name will be present, but the
37678// value will be replaced with "sensitive".
37679func (s UntagRoleInput) GoString() string {
37680	return s.String()
37681}
37682
37683// Validate inspects the fields of the type to determine if they are valid.
37684func (s *UntagRoleInput) Validate() error {
37685	invalidParams := request.ErrInvalidParams{Context: "UntagRoleInput"}
37686	if s.RoleName == nil {
37687		invalidParams.Add(request.NewErrParamRequired("RoleName"))
37688	}
37689	if s.RoleName != nil && len(*s.RoleName) < 1 {
37690		invalidParams.Add(request.NewErrParamMinLen("RoleName", 1))
37691	}
37692	if s.TagKeys == nil {
37693		invalidParams.Add(request.NewErrParamRequired("TagKeys"))
37694	}
37695
37696	if invalidParams.Len() > 0 {
37697		return invalidParams
37698	}
37699	return nil
37700}
37701
37702// SetRoleName sets the RoleName field's value.
37703func (s *UntagRoleInput) SetRoleName(v string) *UntagRoleInput {
37704	s.RoleName = &v
37705	return s
37706}
37707
37708// SetTagKeys sets the TagKeys field's value.
37709func (s *UntagRoleInput) SetTagKeys(v []*string) *UntagRoleInput {
37710	s.TagKeys = v
37711	return s
37712}
37713
37714type UntagRoleOutput struct {
37715	_ struct{} `type:"structure"`
37716}
37717
37718// String returns the string representation.
37719//
37720// API parameter values that are decorated as "sensitive" in the API will not
37721// be included in the string output. The member name will be present, but the
37722// value will be replaced with "sensitive".
37723func (s UntagRoleOutput) String() string {
37724	return awsutil.Prettify(s)
37725}
37726
37727// GoString returns the string representation.
37728//
37729// API parameter values that are decorated as "sensitive" in the API will not
37730// be included in the string output. The member name will be present, but the
37731// value will be replaced with "sensitive".
37732func (s UntagRoleOutput) GoString() string {
37733	return s.String()
37734}
37735
37736type UntagSAMLProviderInput struct {
37737	_ struct{} `type:"structure"`
37738
37739	// The ARN of the SAML identity provider in IAM from which you want to remove
37740	// tags.
37741	//
37742	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
37743	// a string of characters consisting of upper and lowercase alphanumeric characters
37744	// with no spaces. You can also include any of the following characters: _+=,.@-
37745	//
37746	// SAMLProviderArn is a required field
37747	SAMLProviderArn *string `min:"20" type:"string" required:"true"`
37748
37749	// A list of key names as a simple array of strings. The tags with matching
37750	// keys are removed from the specified SAML identity provider.
37751	//
37752	// TagKeys is a required field
37753	TagKeys []*string `type:"list" required:"true"`
37754}
37755
37756// String returns the string representation.
37757//
37758// API parameter values that are decorated as "sensitive" in the API will not
37759// be included in the string output. The member name will be present, but the
37760// value will be replaced with "sensitive".
37761func (s UntagSAMLProviderInput) String() string {
37762	return awsutil.Prettify(s)
37763}
37764
37765// GoString returns the string representation.
37766//
37767// API parameter values that are decorated as "sensitive" in the API will not
37768// be included in the string output. The member name will be present, but the
37769// value will be replaced with "sensitive".
37770func (s UntagSAMLProviderInput) GoString() string {
37771	return s.String()
37772}
37773
37774// Validate inspects the fields of the type to determine if they are valid.
37775func (s *UntagSAMLProviderInput) Validate() error {
37776	invalidParams := request.ErrInvalidParams{Context: "UntagSAMLProviderInput"}
37777	if s.SAMLProviderArn == nil {
37778		invalidParams.Add(request.NewErrParamRequired("SAMLProviderArn"))
37779	}
37780	if s.SAMLProviderArn != nil && len(*s.SAMLProviderArn) < 20 {
37781		invalidParams.Add(request.NewErrParamMinLen("SAMLProviderArn", 20))
37782	}
37783	if s.TagKeys == nil {
37784		invalidParams.Add(request.NewErrParamRequired("TagKeys"))
37785	}
37786
37787	if invalidParams.Len() > 0 {
37788		return invalidParams
37789	}
37790	return nil
37791}
37792
37793// SetSAMLProviderArn sets the SAMLProviderArn field's value.
37794func (s *UntagSAMLProviderInput) SetSAMLProviderArn(v string) *UntagSAMLProviderInput {
37795	s.SAMLProviderArn = &v
37796	return s
37797}
37798
37799// SetTagKeys sets the TagKeys field's value.
37800func (s *UntagSAMLProviderInput) SetTagKeys(v []*string) *UntagSAMLProviderInput {
37801	s.TagKeys = v
37802	return s
37803}
37804
37805type UntagSAMLProviderOutput struct {
37806	_ struct{} `type:"structure"`
37807}
37808
37809// String returns the string representation.
37810//
37811// API parameter values that are decorated as "sensitive" in the API will not
37812// be included in the string output. The member name will be present, but the
37813// value will be replaced with "sensitive".
37814func (s UntagSAMLProviderOutput) String() string {
37815	return awsutil.Prettify(s)
37816}
37817
37818// GoString returns the string representation.
37819//
37820// API parameter values that are decorated as "sensitive" in the API will not
37821// be included in the string output. The member name will be present, but the
37822// value will be replaced with "sensitive".
37823func (s UntagSAMLProviderOutput) GoString() string {
37824	return s.String()
37825}
37826
37827type UntagServerCertificateInput struct {
37828	_ struct{} `type:"structure"`
37829
37830	// The name of the IAM server certificate from which you want to remove tags.
37831	//
37832	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
37833	// a string of characters consisting of upper and lowercase alphanumeric characters
37834	// with no spaces. You can also include any of the following characters: _+=,.@-
37835	//
37836	// ServerCertificateName is a required field
37837	ServerCertificateName *string `min:"1" type:"string" required:"true"`
37838
37839	// A list of key names as a simple array of strings. The tags with matching
37840	// keys are removed from the specified IAM server certificate.
37841	//
37842	// TagKeys is a required field
37843	TagKeys []*string `type:"list" required:"true"`
37844}
37845
37846// String returns the string representation.
37847//
37848// API parameter values that are decorated as "sensitive" in the API will not
37849// be included in the string output. The member name will be present, but the
37850// value will be replaced with "sensitive".
37851func (s UntagServerCertificateInput) String() string {
37852	return awsutil.Prettify(s)
37853}
37854
37855// GoString returns the string representation.
37856//
37857// API parameter values that are decorated as "sensitive" in the API will not
37858// be included in the string output. The member name will be present, but the
37859// value will be replaced with "sensitive".
37860func (s UntagServerCertificateInput) GoString() string {
37861	return s.String()
37862}
37863
37864// Validate inspects the fields of the type to determine if they are valid.
37865func (s *UntagServerCertificateInput) Validate() error {
37866	invalidParams := request.ErrInvalidParams{Context: "UntagServerCertificateInput"}
37867	if s.ServerCertificateName == nil {
37868		invalidParams.Add(request.NewErrParamRequired("ServerCertificateName"))
37869	}
37870	if s.ServerCertificateName != nil && len(*s.ServerCertificateName) < 1 {
37871		invalidParams.Add(request.NewErrParamMinLen("ServerCertificateName", 1))
37872	}
37873	if s.TagKeys == nil {
37874		invalidParams.Add(request.NewErrParamRequired("TagKeys"))
37875	}
37876
37877	if invalidParams.Len() > 0 {
37878		return invalidParams
37879	}
37880	return nil
37881}
37882
37883// SetServerCertificateName sets the ServerCertificateName field's value.
37884func (s *UntagServerCertificateInput) SetServerCertificateName(v string) *UntagServerCertificateInput {
37885	s.ServerCertificateName = &v
37886	return s
37887}
37888
37889// SetTagKeys sets the TagKeys field's value.
37890func (s *UntagServerCertificateInput) SetTagKeys(v []*string) *UntagServerCertificateInput {
37891	s.TagKeys = v
37892	return s
37893}
37894
37895type UntagServerCertificateOutput struct {
37896	_ struct{} `type:"structure"`
37897}
37898
37899// String returns the string representation.
37900//
37901// API parameter values that are decorated as "sensitive" in the API will not
37902// be included in the string output. The member name will be present, but the
37903// value will be replaced with "sensitive".
37904func (s UntagServerCertificateOutput) String() string {
37905	return awsutil.Prettify(s)
37906}
37907
37908// GoString returns the string representation.
37909//
37910// API parameter values that are decorated as "sensitive" in the API will not
37911// be included in the string output. The member name will be present, but the
37912// value will be replaced with "sensitive".
37913func (s UntagServerCertificateOutput) GoString() string {
37914	return s.String()
37915}
37916
37917type UntagUserInput struct {
37918	_ struct{} `type:"structure"`
37919
37920	// A list of key names as a simple array of strings. The tags with matching
37921	// keys are removed from the specified user.
37922	//
37923	// TagKeys is a required field
37924	TagKeys []*string `type:"list" required:"true"`
37925
37926	// The name of the IAM user from which you want to remove tags.
37927	//
37928	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
37929	// a string of characters consisting of upper and lowercase alphanumeric characters
37930	// with no spaces. You can also include any of the following characters: _+=,.@-
37931	//
37932	// UserName is a required field
37933	UserName *string `min:"1" type:"string" required:"true"`
37934}
37935
37936// String returns the string representation.
37937//
37938// API parameter values that are decorated as "sensitive" in the API will not
37939// be included in the string output. The member name will be present, but the
37940// value will be replaced with "sensitive".
37941func (s UntagUserInput) String() string {
37942	return awsutil.Prettify(s)
37943}
37944
37945// GoString returns the string representation.
37946//
37947// API parameter values that are decorated as "sensitive" in the API will not
37948// be included in the string output. The member name will be present, but the
37949// value will be replaced with "sensitive".
37950func (s UntagUserInput) GoString() string {
37951	return s.String()
37952}
37953
37954// Validate inspects the fields of the type to determine if they are valid.
37955func (s *UntagUserInput) Validate() error {
37956	invalidParams := request.ErrInvalidParams{Context: "UntagUserInput"}
37957	if s.TagKeys == nil {
37958		invalidParams.Add(request.NewErrParamRequired("TagKeys"))
37959	}
37960	if s.UserName == nil {
37961		invalidParams.Add(request.NewErrParamRequired("UserName"))
37962	}
37963	if s.UserName != nil && len(*s.UserName) < 1 {
37964		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
37965	}
37966
37967	if invalidParams.Len() > 0 {
37968		return invalidParams
37969	}
37970	return nil
37971}
37972
37973// SetTagKeys sets the TagKeys field's value.
37974func (s *UntagUserInput) SetTagKeys(v []*string) *UntagUserInput {
37975	s.TagKeys = v
37976	return s
37977}
37978
37979// SetUserName sets the UserName field's value.
37980func (s *UntagUserInput) SetUserName(v string) *UntagUserInput {
37981	s.UserName = &v
37982	return s
37983}
37984
37985type UntagUserOutput struct {
37986	_ struct{} `type:"structure"`
37987}
37988
37989// String returns the string representation.
37990//
37991// API parameter values that are decorated as "sensitive" in the API will not
37992// be included in the string output. The member name will be present, but the
37993// value will be replaced with "sensitive".
37994func (s UntagUserOutput) String() string {
37995	return awsutil.Prettify(s)
37996}
37997
37998// GoString returns the string representation.
37999//
38000// API parameter values that are decorated as "sensitive" in the API will not
38001// be included in the string output. The member name will be present, but the
38002// value will be replaced with "sensitive".
38003func (s UntagUserOutput) GoString() string {
38004	return s.String()
38005}
38006
38007type UpdateAccessKeyInput struct {
38008	_ struct{} `type:"structure"`
38009
38010	// The access key ID of the secret access key you want to update.
38011	//
38012	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
38013	// a string of characters that can consist of any upper or lowercased letter
38014	// or digit.
38015	//
38016	// AccessKeyId is a required field
38017	AccessKeyId *string `min:"16" type:"string" required:"true"`
38018
38019	// The status you want to assign to the secret access key. Active means that
38020	// the key can be used for programmatic calls to Amazon Web Services, while
38021	// Inactive means that the key cannot be used.
38022	//
38023	// Status is a required field
38024	Status *string `type:"string" required:"true" enum:"StatusType"`
38025
38026	// The name of the user whose key you want to update.
38027	//
38028	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
38029	// a string of characters consisting of upper and lowercase alphanumeric characters
38030	// with no spaces. You can also include any of the following characters: _+=,.@-
38031	UserName *string `min:"1" type:"string"`
38032}
38033
38034// String returns the string representation.
38035//
38036// API parameter values that are decorated as "sensitive" in the API will not
38037// be included in the string output. The member name will be present, but the
38038// value will be replaced with "sensitive".
38039func (s UpdateAccessKeyInput) String() string {
38040	return awsutil.Prettify(s)
38041}
38042
38043// GoString returns the string representation.
38044//
38045// API parameter values that are decorated as "sensitive" in the API will not
38046// be included in the string output. The member name will be present, but the
38047// value will be replaced with "sensitive".
38048func (s UpdateAccessKeyInput) GoString() string {
38049	return s.String()
38050}
38051
38052// Validate inspects the fields of the type to determine if they are valid.
38053func (s *UpdateAccessKeyInput) Validate() error {
38054	invalidParams := request.ErrInvalidParams{Context: "UpdateAccessKeyInput"}
38055	if s.AccessKeyId == nil {
38056		invalidParams.Add(request.NewErrParamRequired("AccessKeyId"))
38057	}
38058	if s.AccessKeyId != nil && len(*s.AccessKeyId) < 16 {
38059		invalidParams.Add(request.NewErrParamMinLen("AccessKeyId", 16))
38060	}
38061	if s.Status == nil {
38062		invalidParams.Add(request.NewErrParamRequired("Status"))
38063	}
38064	if s.UserName != nil && len(*s.UserName) < 1 {
38065		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
38066	}
38067
38068	if invalidParams.Len() > 0 {
38069		return invalidParams
38070	}
38071	return nil
38072}
38073
38074// SetAccessKeyId sets the AccessKeyId field's value.
38075func (s *UpdateAccessKeyInput) SetAccessKeyId(v string) *UpdateAccessKeyInput {
38076	s.AccessKeyId = &v
38077	return s
38078}
38079
38080// SetStatus sets the Status field's value.
38081func (s *UpdateAccessKeyInput) SetStatus(v string) *UpdateAccessKeyInput {
38082	s.Status = &v
38083	return s
38084}
38085
38086// SetUserName sets the UserName field's value.
38087func (s *UpdateAccessKeyInput) SetUserName(v string) *UpdateAccessKeyInput {
38088	s.UserName = &v
38089	return s
38090}
38091
38092type UpdateAccessKeyOutput struct {
38093	_ struct{} `type:"structure"`
38094}
38095
38096// String returns the string representation.
38097//
38098// API parameter values that are decorated as "sensitive" in the API will not
38099// be included in the string output. The member name will be present, but the
38100// value will be replaced with "sensitive".
38101func (s UpdateAccessKeyOutput) String() string {
38102	return awsutil.Prettify(s)
38103}
38104
38105// GoString returns the string representation.
38106//
38107// API parameter values that are decorated as "sensitive" in the API will not
38108// be included in the string output. The member name will be present, but the
38109// value will be replaced with "sensitive".
38110func (s UpdateAccessKeyOutput) GoString() string {
38111	return s.String()
38112}
38113
38114type UpdateAccountPasswordPolicyInput struct {
38115	_ struct{} `type:"structure"`
38116
38117	// Allows all IAM users in your account to use the Amazon Web Services Management
38118	// Console to change their own passwords. For more information, see Letting
38119	// IAM users change their own passwords (https://docs.aws.amazon.com/IAM/latest/UserGuide/HowToPwdIAMUser.html)
38120	// in the IAM User Guide.
38121	//
38122	// If you do not specify a value for this parameter, then the operation uses
38123	// the default value of false. The result is that IAM users in the account do
38124	// not automatically have permissions to change their own password.
38125	AllowUsersToChangePassword *bool `type:"boolean"`
38126
38127	// Prevents IAM users from setting a new password after their password has expired.
38128	// The IAM user cannot be accessed until an administrator resets the password.
38129	//
38130	// If you do not specify a value for this parameter, then the operation uses
38131	// the default value of false. The result is that IAM users can change their
38132	// passwords after they expire and continue to sign in as the user.
38133	HardExpiry *bool `type:"boolean"`
38134
38135	// The number of days that an IAM user password is valid.
38136	//
38137	// If you do not specify a value for this parameter, then the operation uses
38138	// the default value of 0. The result is that IAM user passwords never expire.
38139	MaxPasswordAge *int64 `min:"1" type:"integer"`
38140
38141	// The minimum number of characters allowed in an IAM user password.
38142	//
38143	// If you do not specify a value for this parameter, then the operation uses
38144	// the default value of 6.
38145	MinimumPasswordLength *int64 `min:"6" type:"integer"`
38146
38147	// Specifies the number of previous passwords that IAM users are prevented from
38148	// reusing.
38149	//
38150	// If you do not specify a value for this parameter, then the operation uses
38151	// the default value of 0. The result is that IAM users are not prevented from
38152	// reusing previous passwords.
38153	PasswordReusePrevention *int64 `min:"1" type:"integer"`
38154
38155	// Specifies whether IAM user passwords must contain at least one lowercase
38156	// character from the ISO basic Latin alphabet (a to z).
38157	//
38158	// If you do not specify a value for this parameter, then the operation uses
38159	// the default value of false. The result is that passwords do not require at
38160	// least one lowercase character.
38161	RequireLowercaseCharacters *bool `type:"boolean"`
38162
38163	// Specifies whether IAM user passwords must contain at least one numeric character
38164	// (0 to 9).
38165	//
38166	// If you do not specify a value for this parameter, then the operation uses
38167	// the default value of false. The result is that passwords do not require at
38168	// least one numeric character.
38169	RequireNumbers *bool `type:"boolean"`
38170
38171	// Specifies whether IAM user passwords must contain at least one of the following
38172	// non-alphanumeric characters:
38173	//
38174	// ! @ # $ % ^ & * ( ) _ + - = [ ] { } | '
38175	//
38176	// If you do not specify a value for this parameter, then the operation uses
38177	// the default value of false. The result is that passwords do not require at
38178	// least one symbol character.
38179	RequireSymbols *bool `type:"boolean"`
38180
38181	// Specifies whether IAM user passwords must contain at least one uppercase
38182	// character from the ISO basic Latin alphabet (A to Z).
38183	//
38184	// If you do not specify a value for this parameter, then the operation uses
38185	// the default value of false. The result is that passwords do not require at
38186	// least one uppercase character.
38187	RequireUppercaseCharacters *bool `type:"boolean"`
38188}
38189
38190// String returns the string representation.
38191//
38192// API parameter values that are decorated as "sensitive" in the API will not
38193// be included in the string output. The member name will be present, but the
38194// value will be replaced with "sensitive".
38195func (s UpdateAccountPasswordPolicyInput) String() string {
38196	return awsutil.Prettify(s)
38197}
38198
38199// GoString returns the string representation.
38200//
38201// API parameter values that are decorated as "sensitive" in the API will not
38202// be included in the string output. The member name will be present, but the
38203// value will be replaced with "sensitive".
38204func (s UpdateAccountPasswordPolicyInput) GoString() string {
38205	return s.String()
38206}
38207
38208// Validate inspects the fields of the type to determine if they are valid.
38209func (s *UpdateAccountPasswordPolicyInput) Validate() error {
38210	invalidParams := request.ErrInvalidParams{Context: "UpdateAccountPasswordPolicyInput"}
38211	if s.MaxPasswordAge != nil && *s.MaxPasswordAge < 1 {
38212		invalidParams.Add(request.NewErrParamMinValue("MaxPasswordAge", 1))
38213	}
38214	if s.MinimumPasswordLength != nil && *s.MinimumPasswordLength < 6 {
38215		invalidParams.Add(request.NewErrParamMinValue("MinimumPasswordLength", 6))
38216	}
38217	if s.PasswordReusePrevention != nil && *s.PasswordReusePrevention < 1 {
38218		invalidParams.Add(request.NewErrParamMinValue("PasswordReusePrevention", 1))
38219	}
38220
38221	if invalidParams.Len() > 0 {
38222		return invalidParams
38223	}
38224	return nil
38225}
38226
38227// SetAllowUsersToChangePassword sets the AllowUsersToChangePassword field's value.
38228func (s *UpdateAccountPasswordPolicyInput) SetAllowUsersToChangePassword(v bool) *UpdateAccountPasswordPolicyInput {
38229	s.AllowUsersToChangePassword = &v
38230	return s
38231}
38232
38233// SetHardExpiry sets the HardExpiry field's value.
38234func (s *UpdateAccountPasswordPolicyInput) SetHardExpiry(v bool) *UpdateAccountPasswordPolicyInput {
38235	s.HardExpiry = &v
38236	return s
38237}
38238
38239// SetMaxPasswordAge sets the MaxPasswordAge field's value.
38240func (s *UpdateAccountPasswordPolicyInput) SetMaxPasswordAge(v int64) *UpdateAccountPasswordPolicyInput {
38241	s.MaxPasswordAge = &v
38242	return s
38243}
38244
38245// SetMinimumPasswordLength sets the MinimumPasswordLength field's value.
38246func (s *UpdateAccountPasswordPolicyInput) SetMinimumPasswordLength(v int64) *UpdateAccountPasswordPolicyInput {
38247	s.MinimumPasswordLength = &v
38248	return s
38249}
38250
38251// SetPasswordReusePrevention sets the PasswordReusePrevention field's value.
38252func (s *UpdateAccountPasswordPolicyInput) SetPasswordReusePrevention(v int64) *UpdateAccountPasswordPolicyInput {
38253	s.PasswordReusePrevention = &v
38254	return s
38255}
38256
38257// SetRequireLowercaseCharacters sets the RequireLowercaseCharacters field's value.
38258func (s *UpdateAccountPasswordPolicyInput) SetRequireLowercaseCharacters(v bool) *UpdateAccountPasswordPolicyInput {
38259	s.RequireLowercaseCharacters = &v
38260	return s
38261}
38262
38263// SetRequireNumbers sets the RequireNumbers field's value.
38264func (s *UpdateAccountPasswordPolicyInput) SetRequireNumbers(v bool) *UpdateAccountPasswordPolicyInput {
38265	s.RequireNumbers = &v
38266	return s
38267}
38268
38269// SetRequireSymbols sets the RequireSymbols field's value.
38270func (s *UpdateAccountPasswordPolicyInput) SetRequireSymbols(v bool) *UpdateAccountPasswordPolicyInput {
38271	s.RequireSymbols = &v
38272	return s
38273}
38274
38275// SetRequireUppercaseCharacters sets the RequireUppercaseCharacters field's value.
38276func (s *UpdateAccountPasswordPolicyInput) SetRequireUppercaseCharacters(v bool) *UpdateAccountPasswordPolicyInput {
38277	s.RequireUppercaseCharacters = &v
38278	return s
38279}
38280
38281type UpdateAccountPasswordPolicyOutput struct {
38282	_ struct{} `type:"structure"`
38283}
38284
38285// String returns the string representation.
38286//
38287// API parameter values that are decorated as "sensitive" in the API will not
38288// be included in the string output. The member name will be present, but the
38289// value will be replaced with "sensitive".
38290func (s UpdateAccountPasswordPolicyOutput) String() string {
38291	return awsutil.Prettify(s)
38292}
38293
38294// GoString returns the string representation.
38295//
38296// API parameter values that are decorated as "sensitive" in the API will not
38297// be included in the string output. The member name will be present, but the
38298// value will be replaced with "sensitive".
38299func (s UpdateAccountPasswordPolicyOutput) GoString() string {
38300	return s.String()
38301}
38302
38303type UpdateAssumeRolePolicyInput struct {
38304	_ struct{} `type:"structure"`
38305
38306	// The policy that grants an entity permission to assume the role.
38307	//
38308	// You must provide policies in JSON format in IAM. However, for CloudFormation
38309	// templates formatted in YAML, you can provide the policy in JSON or YAML format.
38310	// CloudFormation always converts a YAML policy to JSON format before submitting
38311	// it to IAM.
38312	//
38313	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
38314	// parameter is a string of characters consisting of the following:
38315	//
38316	//    * Any printable ASCII character ranging from the space character (\u0020)
38317	//    through the end of the ASCII character range
38318	//
38319	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
38320	//    set (through \u00FF)
38321	//
38322	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
38323	//    return (\u000D)
38324	//
38325	// PolicyDocument is a required field
38326	PolicyDocument *string `min:"1" type:"string" required:"true"`
38327
38328	// The name of the role to update with the new policy.
38329	//
38330	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
38331	// a string of characters consisting of upper and lowercase alphanumeric characters
38332	// with no spaces. You can also include any of the following characters: _+=,.@-
38333	//
38334	// RoleName is a required field
38335	RoleName *string `min:"1" type:"string" required:"true"`
38336}
38337
38338// String returns the string representation.
38339//
38340// API parameter values that are decorated as "sensitive" in the API will not
38341// be included in the string output. The member name will be present, but the
38342// value will be replaced with "sensitive".
38343func (s UpdateAssumeRolePolicyInput) String() string {
38344	return awsutil.Prettify(s)
38345}
38346
38347// GoString returns the string representation.
38348//
38349// API parameter values that are decorated as "sensitive" in the API will not
38350// be included in the string output. The member name will be present, but the
38351// value will be replaced with "sensitive".
38352func (s UpdateAssumeRolePolicyInput) GoString() string {
38353	return s.String()
38354}
38355
38356// Validate inspects the fields of the type to determine if they are valid.
38357func (s *UpdateAssumeRolePolicyInput) Validate() error {
38358	invalidParams := request.ErrInvalidParams{Context: "UpdateAssumeRolePolicyInput"}
38359	if s.PolicyDocument == nil {
38360		invalidParams.Add(request.NewErrParamRequired("PolicyDocument"))
38361	}
38362	if s.PolicyDocument != nil && len(*s.PolicyDocument) < 1 {
38363		invalidParams.Add(request.NewErrParamMinLen("PolicyDocument", 1))
38364	}
38365	if s.RoleName == nil {
38366		invalidParams.Add(request.NewErrParamRequired("RoleName"))
38367	}
38368	if s.RoleName != nil && len(*s.RoleName) < 1 {
38369		invalidParams.Add(request.NewErrParamMinLen("RoleName", 1))
38370	}
38371
38372	if invalidParams.Len() > 0 {
38373		return invalidParams
38374	}
38375	return nil
38376}
38377
38378// SetPolicyDocument sets the PolicyDocument field's value.
38379func (s *UpdateAssumeRolePolicyInput) SetPolicyDocument(v string) *UpdateAssumeRolePolicyInput {
38380	s.PolicyDocument = &v
38381	return s
38382}
38383
38384// SetRoleName sets the RoleName field's value.
38385func (s *UpdateAssumeRolePolicyInput) SetRoleName(v string) *UpdateAssumeRolePolicyInput {
38386	s.RoleName = &v
38387	return s
38388}
38389
38390type UpdateAssumeRolePolicyOutput struct {
38391	_ struct{} `type:"structure"`
38392}
38393
38394// String returns the string representation.
38395//
38396// API parameter values that are decorated as "sensitive" in the API will not
38397// be included in the string output. The member name will be present, but the
38398// value will be replaced with "sensitive".
38399func (s UpdateAssumeRolePolicyOutput) String() string {
38400	return awsutil.Prettify(s)
38401}
38402
38403// GoString returns the string representation.
38404//
38405// API parameter values that are decorated as "sensitive" in the API will not
38406// be included in the string output. The member name will be present, but the
38407// value will be replaced with "sensitive".
38408func (s UpdateAssumeRolePolicyOutput) GoString() string {
38409	return s.String()
38410}
38411
38412type UpdateGroupInput struct {
38413	_ struct{} `type:"structure"`
38414
38415	// Name of the IAM group to update. If you're changing the name of the group,
38416	// this is the original name.
38417	//
38418	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
38419	// a string of characters consisting of upper and lowercase alphanumeric characters
38420	// with no spaces. You can also include any of the following characters: _+=,.@-
38421	//
38422	// GroupName is a required field
38423	GroupName *string `min:"1" type:"string" required:"true"`
38424
38425	// New name for the IAM group. Only include this if changing the group's name.
38426	//
38427	// IAM user, group, role, and policy names must be unique within the account.
38428	// Names are not distinguished by case. For example, you cannot create resources
38429	// named both "MyResource" and "myresource".
38430	NewGroupName *string `min:"1" type:"string"`
38431
38432	// New path for the IAM group. Only include this if changing the group's path.
38433	//
38434	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
38435	// a string of characters consisting of either a forward slash (/) by itself
38436	// or a string that must begin and end with forward slashes. In addition, it
38437	// can contain any ASCII character from the ! (\u0021) through the DEL character
38438	// (\u007F), including most punctuation characters, digits, and upper and lowercased
38439	// letters.
38440	NewPath *string `min:"1" type:"string"`
38441}
38442
38443// String returns the string representation.
38444//
38445// API parameter values that are decorated as "sensitive" in the API will not
38446// be included in the string output. The member name will be present, but the
38447// value will be replaced with "sensitive".
38448func (s UpdateGroupInput) String() string {
38449	return awsutil.Prettify(s)
38450}
38451
38452// GoString returns the string representation.
38453//
38454// API parameter values that are decorated as "sensitive" in the API will not
38455// be included in the string output. The member name will be present, but the
38456// value will be replaced with "sensitive".
38457func (s UpdateGroupInput) GoString() string {
38458	return s.String()
38459}
38460
38461// Validate inspects the fields of the type to determine if they are valid.
38462func (s *UpdateGroupInput) Validate() error {
38463	invalidParams := request.ErrInvalidParams{Context: "UpdateGroupInput"}
38464	if s.GroupName == nil {
38465		invalidParams.Add(request.NewErrParamRequired("GroupName"))
38466	}
38467	if s.GroupName != nil && len(*s.GroupName) < 1 {
38468		invalidParams.Add(request.NewErrParamMinLen("GroupName", 1))
38469	}
38470	if s.NewGroupName != nil && len(*s.NewGroupName) < 1 {
38471		invalidParams.Add(request.NewErrParamMinLen("NewGroupName", 1))
38472	}
38473	if s.NewPath != nil && len(*s.NewPath) < 1 {
38474		invalidParams.Add(request.NewErrParamMinLen("NewPath", 1))
38475	}
38476
38477	if invalidParams.Len() > 0 {
38478		return invalidParams
38479	}
38480	return nil
38481}
38482
38483// SetGroupName sets the GroupName field's value.
38484func (s *UpdateGroupInput) SetGroupName(v string) *UpdateGroupInput {
38485	s.GroupName = &v
38486	return s
38487}
38488
38489// SetNewGroupName sets the NewGroupName field's value.
38490func (s *UpdateGroupInput) SetNewGroupName(v string) *UpdateGroupInput {
38491	s.NewGroupName = &v
38492	return s
38493}
38494
38495// SetNewPath sets the NewPath field's value.
38496func (s *UpdateGroupInput) SetNewPath(v string) *UpdateGroupInput {
38497	s.NewPath = &v
38498	return s
38499}
38500
38501type UpdateGroupOutput struct {
38502	_ struct{} `type:"structure"`
38503}
38504
38505// String returns the string representation.
38506//
38507// API parameter values that are decorated as "sensitive" in the API will not
38508// be included in the string output. The member name will be present, but the
38509// value will be replaced with "sensitive".
38510func (s UpdateGroupOutput) String() string {
38511	return awsutil.Prettify(s)
38512}
38513
38514// GoString returns the string representation.
38515//
38516// API parameter values that are decorated as "sensitive" in the API will not
38517// be included in the string output. The member name will be present, but the
38518// value will be replaced with "sensitive".
38519func (s UpdateGroupOutput) GoString() string {
38520	return s.String()
38521}
38522
38523type UpdateLoginProfileInput struct {
38524	_ struct{} `type:"structure"`
38525
38526	// The new password for the specified IAM user.
38527	//
38528	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
38529	// parameter is a string of characters consisting of the following:
38530	//
38531	//    * Any printable ASCII character ranging from the space character (\u0020)
38532	//    through the end of the ASCII character range
38533	//
38534	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
38535	//    set (through \u00FF)
38536	//
38537	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
38538	//    return (\u000D)
38539	//
38540	// However, the format can be further restricted by the account administrator
38541	// by setting a password policy on the Amazon Web Services account. For more
38542	// information, see UpdateAccountPasswordPolicy.
38543	//
38544	// Password is a sensitive parameter and its value will be
38545	// replaced with "sensitive" in string returned by UpdateLoginProfileInput's
38546	// String and GoString methods.
38547	Password *string `min:"1" type:"string" sensitive:"true"`
38548
38549	// Allows this new password to be used only once by requiring the specified
38550	// IAM user to set a new password on next sign-in.
38551	PasswordResetRequired *bool `type:"boolean"`
38552
38553	// The name of the user whose password you want to update.
38554	//
38555	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
38556	// a string of characters consisting of upper and lowercase alphanumeric characters
38557	// with no spaces. You can also include any of the following characters: _+=,.@-
38558	//
38559	// UserName is a required field
38560	UserName *string `min:"1" type:"string" required:"true"`
38561}
38562
38563// String returns the string representation.
38564//
38565// API parameter values that are decorated as "sensitive" in the API will not
38566// be included in the string output. The member name will be present, but the
38567// value will be replaced with "sensitive".
38568func (s UpdateLoginProfileInput) String() string {
38569	return awsutil.Prettify(s)
38570}
38571
38572// GoString returns the string representation.
38573//
38574// API parameter values that are decorated as "sensitive" in the API will not
38575// be included in the string output. The member name will be present, but the
38576// value will be replaced with "sensitive".
38577func (s UpdateLoginProfileInput) GoString() string {
38578	return s.String()
38579}
38580
38581// Validate inspects the fields of the type to determine if they are valid.
38582func (s *UpdateLoginProfileInput) Validate() error {
38583	invalidParams := request.ErrInvalidParams{Context: "UpdateLoginProfileInput"}
38584	if s.Password != nil && len(*s.Password) < 1 {
38585		invalidParams.Add(request.NewErrParamMinLen("Password", 1))
38586	}
38587	if s.UserName == nil {
38588		invalidParams.Add(request.NewErrParamRequired("UserName"))
38589	}
38590	if s.UserName != nil && len(*s.UserName) < 1 {
38591		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
38592	}
38593
38594	if invalidParams.Len() > 0 {
38595		return invalidParams
38596	}
38597	return nil
38598}
38599
38600// SetPassword sets the Password field's value.
38601func (s *UpdateLoginProfileInput) SetPassword(v string) *UpdateLoginProfileInput {
38602	s.Password = &v
38603	return s
38604}
38605
38606// SetPasswordResetRequired sets the PasswordResetRequired field's value.
38607func (s *UpdateLoginProfileInput) SetPasswordResetRequired(v bool) *UpdateLoginProfileInput {
38608	s.PasswordResetRequired = &v
38609	return s
38610}
38611
38612// SetUserName sets the UserName field's value.
38613func (s *UpdateLoginProfileInput) SetUserName(v string) *UpdateLoginProfileInput {
38614	s.UserName = &v
38615	return s
38616}
38617
38618type UpdateLoginProfileOutput struct {
38619	_ struct{} `type:"structure"`
38620}
38621
38622// String returns the string representation.
38623//
38624// API parameter values that are decorated as "sensitive" in the API will not
38625// be included in the string output. The member name will be present, but the
38626// value will be replaced with "sensitive".
38627func (s UpdateLoginProfileOutput) String() string {
38628	return awsutil.Prettify(s)
38629}
38630
38631// GoString returns the string representation.
38632//
38633// API parameter values that are decorated as "sensitive" in the API will not
38634// be included in the string output. The member name will be present, but the
38635// value will be replaced with "sensitive".
38636func (s UpdateLoginProfileOutput) GoString() string {
38637	return s.String()
38638}
38639
38640type UpdateOpenIDConnectProviderThumbprintInput struct {
38641	_ struct{} `type:"structure"`
38642
38643	// The Amazon Resource Name (ARN) of the IAM OIDC provider resource object for
38644	// which you want to update the thumbprint. You can get a list of OIDC provider
38645	// ARNs by using the ListOpenIDConnectProviders operation.
38646	//
38647	// For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
38648	// in the Amazon Web Services General Reference.
38649	//
38650	// OpenIDConnectProviderArn is a required field
38651	OpenIDConnectProviderArn *string `min:"20" type:"string" required:"true"`
38652
38653	// A list of certificate thumbprints that are associated with the specified
38654	// IAM OpenID Connect provider. For more information, see CreateOpenIDConnectProvider.
38655	//
38656	// ThumbprintList is a required field
38657	ThumbprintList []*string `type:"list" required:"true"`
38658}
38659
38660// String returns the string representation.
38661//
38662// API parameter values that are decorated as "sensitive" in the API will not
38663// be included in the string output. The member name will be present, but the
38664// value will be replaced with "sensitive".
38665func (s UpdateOpenIDConnectProviderThumbprintInput) String() string {
38666	return awsutil.Prettify(s)
38667}
38668
38669// GoString returns the string representation.
38670//
38671// API parameter values that are decorated as "sensitive" in the API will not
38672// be included in the string output. The member name will be present, but the
38673// value will be replaced with "sensitive".
38674func (s UpdateOpenIDConnectProviderThumbprintInput) GoString() string {
38675	return s.String()
38676}
38677
38678// Validate inspects the fields of the type to determine if they are valid.
38679func (s *UpdateOpenIDConnectProviderThumbprintInput) Validate() error {
38680	invalidParams := request.ErrInvalidParams{Context: "UpdateOpenIDConnectProviderThumbprintInput"}
38681	if s.OpenIDConnectProviderArn == nil {
38682		invalidParams.Add(request.NewErrParamRequired("OpenIDConnectProviderArn"))
38683	}
38684	if s.OpenIDConnectProviderArn != nil && len(*s.OpenIDConnectProviderArn) < 20 {
38685		invalidParams.Add(request.NewErrParamMinLen("OpenIDConnectProviderArn", 20))
38686	}
38687	if s.ThumbprintList == nil {
38688		invalidParams.Add(request.NewErrParamRequired("ThumbprintList"))
38689	}
38690
38691	if invalidParams.Len() > 0 {
38692		return invalidParams
38693	}
38694	return nil
38695}
38696
38697// SetOpenIDConnectProviderArn sets the OpenIDConnectProviderArn field's value.
38698func (s *UpdateOpenIDConnectProviderThumbprintInput) SetOpenIDConnectProviderArn(v string) *UpdateOpenIDConnectProviderThumbprintInput {
38699	s.OpenIDConnectProviderArn = &v
38700	return s
38701}
38702
38703// SetThumbprintList sets the ThumbprintList field's value.
38704func (s *UpdateOpenIDConnectProviderThumbprintInput) SetThumbprintList(v []*string) *UpdateOpenIDConnectProviderThumbprintInput {
38705	s.ThumbprintList = v
38706	return s
38707}
38708
38709type UpdateOpenIDConnectProviderThumbprintOutput struct {
38710	_ struct{} `type:"structure"`
38711}
38712
38713// String returns the string representation.
38714//
38715// API parameter values that are decorated as "sensitive" in the API will not
38716// be included in the string output. The member name will be present, but the
38717// value will be replaced with "sensitive".
38718func (s UpdateOpenIDConnectProviderThumbprintOutput) String() string {
38719	return awsutil.Prettify(s)
38720}
38721
38722// GoString returns the string representation.
38723//
38724// API parameter values that are decorated as "sensitive" in the API will not
38725// be included in the string output. The member name will be present, but the
38726// value will be replaced with "sensitive".
38727func (s UpdateOpenIDConnectProviderThumbprintOutput) GoString() string {
38728	return s.String()
38729}
38730
38731type UpdateRoleDescriptionInput struct {
38732	_ struct{} `type:"structure"`
38733
38734	// The new description that you want to apply to the specified role.
38735	//
38736	// Description is a required field
38737	Description *string `type:"string" required:"true"`
38738
38739	// The name of the role that you want to modify.
38740	//
38741	// RoleName is a required field
38742	RoleName *string `min:"1" type:"string" required:"true"`
38743}
38744
38745// String returns the string representation.
38746//
38747// API parameter values that are decorated as "sensitive" in the API will not
38748// be included in the string output. The member name will be present, but the
38749// value will be replaced with "sensitive".
38750func (s UpdateRoleDescriptionInput) String() string {
38751	return awsutil.Prettify(s)
38752}
38753
38754// GoString returns the string representation.
38755//
38756// API parameter values that are decorated as "sensitive" in the API will not
38757// be included in the string output. The member name will be present, but the
38758// value will be replaced with "sensitive".
38759func (s UpdateRoleDescriptionInput) GoString() string {
38760	return s.String()
38761}
38762
38763// Validate inspects the fields of the type to determine if they are valid.
38764func (s *UpdateRoleDescriptionInput) Validate() error {
38765	invalidParams := request.ErrInvalidParams{Context: "UpdateRoleDescriptionInput"}
38766	if s.Description == nil {
38767		invalidParams.Add(request.NewErrParamRequired("Description"))
38768	}
38769	if s.RoleName == nil {
38770		invalidParams.Add(request.NewErrParamRequired("RoleName"))
38771	}
38772	if s.RoleName != nil && len(*s.RoleName) < 1 {
38773		invalidParams.Add(request.NewErrParamMinLen("RoleName", 1))
38774	}
38775
38776	if invalidParams.Len() > 0 {
38777		return invalidParams
38778	}
38779	return nil
38780}
38781
38782// SetDescription sets the Description field's value.
38783func (s *UpdateRoleDescriptionInput) SetDescription(v string) *UpdateRoleDescriptionInput {
38784	s.Description = &v
38785	return s
38786}
38787
38788// SetRoleName sets the RoleName field's value.
38789func (s *UpdateRoleDescriptionInput) SetRoleName(v string) *UpdateRoleDescriptionInput {
38790	s.RoleName = &v
38791	return s
38792}
38793
38794type UpdateRoleDescriptionOutput struct {
38795	_ struct{} `type:"structure"`
38796
38797	// A structure that contains details about the modified role.
38798	Role *Role `type:"structure"`
38799}
38800
38801// String returns the string representation.
38802//
38803// API parameter values that are decorated as "sensitive" in the API will not
38804// be included in the string output. The member name will be present, but the
38805// value will be replaced with "sensitive".
38806func (s UpdateRoleDescriptionOutput) String() string {
38807	return awsutil.Prettify(s)
38808}
38809
38810// GoString returns the string representation.
38811//
38812// API parameter values that are decorated as "sensitive" in the API will not
38813// be included in the string output. The member name will be present, but the
38814// value will be replaced with "sensitive".
38815func (s UpdateRoleDescriptionOutput) GoString() string {
38816	return s.String()
38817}
38818
38819// SetRole sets the Role field's value.
38820func (s *UpdateRoleDescriptionOutput) SetRole(v *Role) *UpdateRoleDescriptionOutput {
38821	s.Role = v
38822	return s
38823}
38824
38825type UpdateRoleInput struct {
38826	_ struct{} `type:"structure"`
38827
38828	// The new description that you want to apply to the specified role.
38829	Description *string `type:"string"`
38830
38831	// The maximum session duration (in seconds) that you want to set for the specified
38832	// role. If you do not specify a value for this setting, the default maximum
38833	// of one hour is applied. This setting can have a value from 1 hour to 12 hours.
38834	//
38835	// Anyone who assumes the role from the CLI or API can use the DurationSeconds
38836	// API parameter or the duration-seconds CLI parameter to request a longer session.
38837	// The MaxSessionDuration setting determines the maximum duration that can be
38838	// requested using the DurationSeconds parameter. If users don't specify a value
38839	// for the DurationSeconds parameter, their security credentials are valid for
38840	// one hour by default. This applies when you use the AssumeRole* API operations
38841	// or the assume-role* CLI operations but does not apply when you use those
38842	// operations to create a console URL. For more information, see Using IAM roles
38843	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use.html) in the
38844	// IAM User Guide.
38845	MaxSessionDuration *int64 `min:"3600" type:"integer"`
38846
38847	// The name of the role that you want to modify.
38848	//
38849	// RoleName is a required field
38850	RoleName *string `min:"1" type:"string" required:"true"`
38851}
38852
38853// String returns the string representation.
38854//
38855// API parameter values that are decorated as "sensitive" in the API will not
38856// be included in the string output. The member name will be present, but the
38857// value will be replaced with "sensitive".
38858func (s UpdateRoleInput) String() string {
38859	return awsutil.Prettify(s)
38860}
38861
38862// GoString returns the string representation.
38863//
38864// API parameter values that are decorated as "sensitive" in the API will not
38865// be included in the string output. The member name will be present, but the
38866// value will be replaced with "sensitive".
38867func (s UpdateRoleInput) GoString() string {
38868	return s.String()
38869}
38870
38871// Validate inspects the fields of the type to determine if they are valid.
38872func (s *UpdateRoleInput) Validate() error {
38873	invalidParams := request.ErrInvalidParams{Context: "UpdateRoleInput"}
38874	if s.MaxSessionDuration != nil && *s.MaxSessionDuration < 3600 {
38875		invalidParams.Add(request.NewErrParamMinValue("MaxSessionDuration", 3600))
38876	}
38877	if s.RoleName == nil {
38878		invalidParams.Add(request.NewErrParamRequired("RoleName"))
38879	}
38880	if s.RoleName != nil && len(*s.RoleName) < 1 {
38881		invalidParams.Add(request.NewErrParamMinLen("RoleName", 1))
38882	}
38883
38884	if invalidParams.Len() > 0 {
38885		return invalidParams
38886	}
38887	return nil
38888}
38889
38890// SetDescription sets the Description field's value.
38891func (s *UpdateRoleInput) SetDescription(v string) *UpdateRoleInput {
38892	s.Description = &v
38893	return s
38894}
38895
38896// SetMaxSessionDuration sets the MaxSessionDuration field's value.
38897func (s *UpdateRoleInput) SetMaxSessionDuration(v int64) *UpdateRoleInput {
38898	s.MaxSessionDuration = &v
38899	return s
38900}
38901
38902// SetRoleName sets the RoleName field's value.
38903func (s *UpdateRoleInput) SetRoleName(v string) *UpdateRoleInput {
38904	s.RoleName = &v
38905	return s
38906}
38907
38908type UpdateRoleOutput struct {
38909	_ struct{} `type:"structure"`
38910}
38911
38912// String returns the string representation.
38913//
38914// API parameter values that are decorated as "sensitive" in the API will not
38915// be included in the string output. The member name will be present, but the
38916// value will be replaced with "sensitive".
38917func (s UpdateRoleOutput) String() string {
38918	return awsutil.Prettify(s)
38919}
38920
38921// GoString returns the string representation.
38922//
38923// API parameter values that are decorated as "sensitive" in the API will not
38924// be included in the string output. The member name will be present, but the
38925// value will be replaced with "sensitive".
38926func (s UpdateRoleOutput) GoString() string {
38927	return s.String()
38928}
38929
38930type UpdateSAMLProviderInput struct {
38931	_ struct{} `type:"structure"`
38932
38933	// An XML document generated by an identity provider (IdP) that supports SAML
38934	// 2.0. The document includes the issuer's name, expiration information, and
38935	// keys that can be used to validate the SAML authentication response (assertions)
38936	// that are received from the IdP. You must generate the metadata document using
38937	// the identity management software that is used as your organization's IdP.
38938	//
38939	// SAMLMetadataDocument is a required field
38940	SAMLMetadataDocument *string `min:"1000" type:"string" required:"true"`
38941
38942	// The Amazon Resource Name (ARN) of the SAML provider to update.
38943	//
38944	// For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
38945	// in the Amazon Web Services General Reference.
38946	//
38947	// SAMLProviderArn is a required field
38948	SAMLProviderArn *string `min:"20" type:"string" required:"true"`
38949}
38950
38951// String returns the string representation.
38952//
38953// API parameter values that are decorated as "sensitive" in the API will not
38954// be included in the string output. The member name will be present, but the
38955// value will be replaced with "sensitive".
38956func (s UpdateSAMLProviderInput) String() string {
38957	return awsutil.Prettify(s)
38958}
38959
38960// GoString returns the string representation.
38961//
38962// API parameter values that are decorated as "sensitive" in the API will not
38963// be included in the string output. The member name will be present, but the
38964// value will be replaced with "sensitive".
38965func (s UpdateSAMLProviderInput) GoString() string {
38966	return s.String()
38967}
38968
38969// Validate inspects the fields of the type to determine if they are valid.
38970func (s *UpdateSAMLProviderInput) Validate() error {
38971	invalidParams := request.ErrInvalidParams{Context: "UpdateSAMLProviderInput"}
38972	if s.SAMLMetadataDocument == nil {
38973		invalidParams.Add(request.NewErrParamRequired("SAMLMetadataDocument"))
38974	}
38975	if s.SAMLMetadataDocument != nil && len(*s.SAMLMetadataDocument) < 1000 {
38976		invalidParams.Add(request.NewErrParamMinLen("SAMLMetadataDocument", 1000))
38977	}
38978	if s.SAMLProviderArn == nil {
38979		invalidParams.Add(request.NewErrParamRequired("SAMLProviderArn"))
38980	}
38981	if s.SAMLProviderArn != nil && len(*s.SAMLProviderArn) < 20 {
38982		invalidParams.Add(request.NewErrParamMinLen("SAMLProviderArn", 20))
38983	}
38984
38985	if invalidParams.Len() > 0 {
38986		return invalidParams
38987	}
38988	return nil
38989}
38990
38991// SetSAMLMetadataDocument sets the SAMLMetadataDocument field's value.
38992func (s *UpdateSAMLProviderInput) SetSAMLMetadataDocument(v string) *UpdateSAMLProviderInput {
38993	s.SAMLMetadataDocument = &v
38994	return s
38995}
38996
38997// SetSAMLProviderArn sets the SAMLProviderArn field's value.
38998func (s *UpdateSAMLProviderInput) SetSAMLProviderArn(v string) *UpdateSAMLProviderInput {
38999	s.SAMLProviderArn = &v
39000	return s
39001}
39002
39003// Contains the response to a successful UpdateSAMLProvider request.
39004type UpdateSAMLProviderOutput struct {
39005	_ struct{} `type:"structure"`
39006
39007	// The Amazon Resource Name (ARN) of the SAML provider that was updated.
39008	SAMLProviderArn *string `min:"20" type:"string"`
39009}
39010
39011// String returns the string representation.
39012//
39013// API parameter values that are decorated as "sensitive" in the API will not
39014// be included in the string output. The member name will be present, but the
39015// value will be replaced with "sensitive".
39016func (s UpdateSAMLProviderOutput) String() string {
39017	return awsutil.Prettify(s)
39018}
39019
39020// GoString returns the string representation.
39021//
39022// API parameter values that are decorated as "sensitive" in the API will not
39023// be included in the string output. The member name will be present, but the
39024// value will be replaced with "sensitive".
39025func (s UpdateSAMLProviderOutput) GoString() string {
39026	return s.String()
39027}
39028
39029// SetSAMLProviderArn sets the SAMLProviderArn field's value.
39030func (s *UpdateSAMLProviderOutput) SetSAMLProviderArn(v string) *UpdateSAMLProviderOutput {
39031	s.SAMLProviderArn = &v
39032	return s
39033}
39034
39035type UpdateSSHPublicKeyInput struct {
39036	_ struct{} `type:"structure"`
39037
39038	// The unique identifier for the SSH public key.
39039	//
39040	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
39041	// a string of characters that can consist of any upper or lowercased letter
39042	// or digit.
39043	//
39044	// SSHPublicKeyId is a required field
39045	SSHPublicKeyId *string `min:"20" type:"string" required:"true"`
39046
39047	// The status to assign to the SSH public key. Active means that the key can
39048	// be used for authentication with an CodeCommit repository. Inactive means
39049	// that the key cannot be used.
39050	//
39051	// Status is a required field
39052	Status *string `type:"string" required:"true" enum:"StatusType"`
39053
39054	// The name of the IAM user associated with the SSH public key.
39055	//
39056	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
39057	// a string of characters consisting of upper and lowercase alphanumeric characters
39058	// with no spaces. You can also include any of the following characters: _+=,.@-
39059	//
39060	// UserName is a required field
39061	UserName *string `min:"1" type:"string" required:"true"`
39062}
39063
39064// String returns the string representation.
39065//
39066// API parameter values that are decorated as "sensitive" in the API will not
39067// be included in the string output. The member name will be present, but the
39068// value will be replaced with "sensitive".
39069func (s UpdateSSHPublicKeyInput) String() string {
39070	return awsutil.Prettify(s)
39071}
39072
39073// GoString returns the string representation.
39074//
39075// API parameter values that are decorated as "sensitive" in the API will not
39076// be included in the string output. The member name will be present, but the
39077// value will be replaced with "sensitive".
39078func (s UpdateSSHPublicKeyInput) GoString() string {
39079	return s.String()
39080}
39081
39082// Validate inspects the fields of the type to determine if they are valid.
39083func (s *UpdateSSHPublicKeyInput) Validate() error {
39084	invalidParams := request.ErrInvalidParams{Context: "UpdateSSHPublicKeyInput"}
39085	if s.SSHPublicKeyId == nil {
39086		invalidParams.Add(request.NewErrParamRequired("SSHPublicKeyId"))
39087	}
39088	if s.SSHPublicKeyId != nil && len(*s.SSHPublicKeyId) < 20 {
39089		invalidParams.Add(request.NewErrParamMinLen("SSHPublicKeyId", 20))
39090	}
39091	if s.Status == nil {
39092		invalidParams.Add(request.NewErrParamRequired("Status"))
39093	}
39094	if s.UserName == nil {
39095		invalidParams.Add(request.NewErrParamRequired("UserName"))
39096	}
39097	if s.UserName != nil && len(*s.UserName) < 1 {
39098		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
39099	}
39100
39101	if invalidParams.Len() > 0 {
39102		return invalidParams
39103	}
39104	return nil
39105}
39106
39107// SetSSHPublicKeyId sets the SSHPublicKeyId field's value.
39108func (s *UpdateSSHPublicKeyInput) SetSSHPublicKeyId(v string) *UpdateSSHPublicKeyInput {
39109	s.SSHPublicKeyId = &v
39110	return s
39111}
39112
39113// SetStatus sets the Status field's value.
39114func (s *UpdateSSHPublicKeyInput) SetStatus(v string) *UpdateSSHPublicKeyInput {
39115	s.Status = &v
39116	return s
39117}
39118
39119// SetUserName sets the UserName field's value.
39120func (s *UpdateSSHPublicKeyInput) SetUserName(v string) *UpdateSSHPublicKeyInput {
39121	s.UserName = &v
39122	return s
39123}
39124
39125type UpdateSSHPublicKeyOutput struct {
39126	_ struct{} `type:"structure"`
39127}
39128
39129// String returns the string representation.
39130//
39131// API parameter values that are decorated as "sensitive" in the API will not
39132// be included in the string output. The member name will be present, but the
39133// value will be replaced with "sensitive".
39134func (s UpdateSSHPublicKeyOutput) String() string {
39135	return awsutil.Prettify(s)
39136}
39137
39138// GoString returns the string representation.
39139//
39140// API parameter values that are decorated as "sensitive" in the API will not
39141// be included in the string output. The member name will be present, but the
39142// value will be replaced with "sensitive".
39143func (s UpdateSSHPublicKeyOutput) GoString() string {
39144	return s.String()
39145}
39146
39147type UpdateServerCertificateInput struct {
39148	_ struct{} `type:"structure"`
39149
39150	// The new path for the server certificate. Include this only if you are updating
39151	// the server certificate's path.
39152	//
39153	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
39154	// a string of characters consisting of either a forward slash (/) by itself
39155	// or a string that must begin and end with forward slashes. In addition, it
39156	// can contain any ASCII character from the ! (\u0021) through the DEL character
39157	// (\u007F), including most punctuation characters, digits, and upper and lowercased
39158	// letters.
39159	NewPath *string `min:"1" type:"string"`
39160
39161	// The new name for the server certificate. Include this only if you are updating
39162	// the server certificate's name. The name of the certificate cannot contain
39163	// any spaces.
39164	//
39165	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
39166	// a string of characters consisting of upper and lowercase alphanumeric characters
39167	// with no spaces. You can also include any of the following characters: _+=,.@-
39168	NewServerCertificateName *string `min:"1" type:"string"`
39169
39170	// The name of the server certificate that you want to update.
39171	//
39172	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
39173	// a string of characters consisting of upper and lowercase alphanumeric characters
39174	// with no spaces. You can also include any of the following characters: _+=,.@-
39175	//
39176	// ServerCertificateName is a required field
39177	ServerCertificateName *string `min:"1" type:"string" required:"true"`
39178}
39179
39180// String returns the string representation.
39181//
39182// API parameter values that are decorated as "sensitive" in the API will not
39183// be included in the string output. The member name will be present, but the
39184// value will be replaced with "sensitive".
39185func (s UpdateServerCertificateInput) String() string {
39186	return awsutil.Prettify(s)
39187}
39188
39189// GoString returns the string representation.
39190//
39191// API parameter values that are decorated as "sensitive" in the API will not
39192// be included in the string output. The member name will be present, but the
39193// value will be replaced with "sensitive".
39194func (s UpdateServerCertificateInput) GoString() string {
39195	return s.String()
39196}
39197
39198// Validate inspects the fields of the type to determine if they are valid.
39199func (s *UpdateServerCertificateInput) Validate() error {
39200	invalidParams := request.ErrInvalidParams{Context: "UpdateServerCertificateInput"}
39201	if s.NewPath != nil && len(*s.NewPath) < 1 {
39202		invalidParams.Add(request.NewErrParamMinLen("NewPath", 1))
39203	}
39204	if s.NewServerCertificateName != nil && len(*s.NewServerCertificateName) < 1 {
39205		invalidParams.Add(request.NewErrParamMinLen("NewServerCertificateName", 1))
39206	}
39207	if s.ServerCertificateName == nil {
39208		invalidParams.Add(request.NewErrParamRequired("ServerCertificateName"))
39209	}
39210	if s.ServerCertificateName != nil && len(*s.ServerCertificateName) < 1 {
39211		invalidParams.Add(request.NewErrParamMinLen("ServerCertificateName", 1))
39212	}
39213
39214	if invalidParams.Len() > 0 {
39215		return invalidParams
39216	}
39217	return nil
39218}
39219
39220// SetNewPath sets the NewPath field's value.
39221func (s *UpdateServerCertificateInput) SetNewPath(v string) *UpdateServerCertificateInput {
39222	s.NewPath = &v
39223	return s
39224}
39225
39226// SetNewServerCertificateName sets the NewServerCertificateName field's value.
39227func (s *UpdateServerCertificateInput) SetNewServerCertificateName(v string) *UpdateServerCertificateInput {
39228	s.NewServerCertificateName = &v
39229	return s
39230}
39231
39232// SetServerCertificateName sets the ServerCertificateName field's value.
39233func (s *UpdateServerCertificateInput) SetServerCertificateName(v string) *UpdateServerCertificateInput {
39234	s.ServerCertificateName = &v
39235	return s
39236}
39237
39238type UpdateServerCertificateOutput struct {
39239	_ struct{} `type:"structure"`
39240}
39241
39242// String returns the string representation.
39243//
39244// API parameter values that are decorated as "sensitive" in the API will not
39245// be included in the string output. The member name will be present, but the
39246// value will be replaced with "sensitive".
39247func (s UpdateServerCertificateOutput) String() string {
39248	return awsutil.Prettify(s)
39249}
39250
39251// GoString returns the string representation.
39252//
39253// API parameter values that are decorated as "sensitive" in the API will not
39254// be included in the string output. The member name will be present, but the
39255// value will be replaced with "sensitive".
39256func (s UpdateServerCertificateOutput) GoString() string {
39257	return s.String()
39258}
39259
39260type UpdateServiceSpecificCredentialInput struct {
39261	_ struct{} `type:"structure"`
39262
39263	// The unique identifier of the service-specific credential.
39264	//
39265	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
39266	// a string of characters that can consist of any upper or lowercased letter
39267	// or digit.
39268	//
39269	// ServiceSpecificCredentialId is a required field
39270	ServiceSpecificCredentialId *string `min:"20" type:"string" required:"true"`
39271
39272	// The status to be assigned to the service-specific credential.
39273	//
39274	// Status is a required field
39275	Status *string `type:"string" required:"true" enum:"StatusType"`
39276
39277	// The name of the IAM user associated with the service-specific credential.
39278	// If you do not specify this value, then the operation assumes the user whose
39279	// credentials are used to call the operation.
39280	//
39281	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
39282	// a string of characters consisting of upper and lowercase alphanumeric characters
39283	// with no spaces. You can also include any of the following characters: _+=,.@-
39284	UserName *string `min:"1" type:"string"`
39285}
39286
39287// String returns the string representation.
39288//
39289// API parameter values that are decorated as "sensitive" in the API will not
39290// be included in the string output. The member name will be present, but the
39291// value will be replaced with "sensitive".
39292func (s UpdateServiceSpecificCredentialInput) String() string {
39293	return awsutil.Prettify(s)
39294}
39295
39296// GoString returns the string representation.
39297//
39298// API parameter values that are decorated as "sensitive" in the API will not
39299// be included in the string output. The member name will be present, but the
39300// value will be replaced with "sensitive".
39301func (s UpdateServiceSpecificCredentialInput) GoString() string {
39302	return s.String()
39303}
39304
39305// Validate inspects the fields of the type to determine if they are valid.
39306func (s *UpdateServiceSpecificCredentialInput) Validate() error {
39307	invalidParams := request.ErrInvalidParams{Context: "UpdateServiceSpecificCredentialInput"}
39308	if s.ServiceSpecificCredentialId == nil {
39309		invalidParams.Add(request.NewErrParamRequired("ServiceSpecificCredentialId"))
39310	}
39311	if s.ServiceSpecificCredentialId != nil && len(*s.ServiceSpecificCredentialId) < 20 {
39312		invalidParams.Add(request.NewErrParamMinLen("ServiceSpecificCredentialId", 20))
39313	}
39314	if s.Status == nil {
39315		invalidParams.Add(request.NewErrParamRequired("Status"))
39316	}
39317	if s.UserName != nil && len(*s.UserName) < 1 {
39318		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
39319	}
39320
39321	if invalidParams.Len() > 0 {
39322		return invalidParams
39323	}
39324	return nil
39325}
39326
39327// SetServiceSpecificCredentialId sets the ServiceSpecificCredentialId field's value.
39328func (s *UpdateServiceSpecificCredentialInput) SetServiceSpecificCredentialId(v string) *UpdateServiceSpecificCredentialInput {
39329	s.ServiceSpecificCredentialId = &v
39330	return s
39331}
39332
39333// SetStatus sets the Status field's value.
39334func (s *UpdateServiceSpecificCredentialInput) SetStatus(v string) *UpdateServiceSpecificCredentialInput {
39335	s.Status = &v
39336	return s
39337}
39338
39339// SetUserName sets the UserName field's value.
39340func (s *UpdateServiceSpecificCredentialInput) SetUserName(v string) *UpdateServiceSpecificCredentialInput {
39341	s.UserName = &v
39342	return s
39343}
39344
39345type UpdateServiceSpecificCredentialOutput struct {
39346	_ struct{} `type:"structure"`
39347}
39348
39349// String returns the string representation.
39350//
39351// API parameter values that are decorated as "sensitive" in the API will not
39352// be included in the string output. The member name will be present, but the
39353// value will be replaced with "sensitive".
39354func (s UpdateServiceSpecificCredentialOutput) String() string {
39355	return awsutil.Prettify(s)
39356}
39357
39358// GoString returns the string representation.
39359//
39360// API parameter values that are decorated as "sensitive" in the API will not
39361// be included in the string output. The member name will be present, but the
39362// value will be replaced with "sensitive".
39363func (s UpdateServiceSpecificCredentialOutput) GoString() string {
39364	return s.String()
39365}
39366
39367type UpdateSigningCertificateInput struct {
39368	_ struct{} `type:"structure"`
39369
39370	// The ID of the signing certificate you want to update.
39371	//
39372	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
39373	// a string of characters that can consist of any upper or lowercased letter
39374	// or digit.
39375	//
39376	// CertificateId is a required field
39377	CertificateId *string `min:"24" type:"string" required:"true"`
39378
39379	// The status you want to assign to the certificate. Active means that the certificate
39380	// can be used for programmatic calls to Amazon Web Services Inactive means
39381	// that the certificate cannot be used.
39382	//
39383	// Status is a required field
39384	Status *string `type:"string" required:"true" enum:"StatusType"`
39385
39386	// The name of the IAM user the signing certificate belongs to.
39387	//
39388	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
39389	// a string of characters consisting of upper and lowercase alphanumeric characters
39390	// with no spaces. You can also include any of the following characters: _+=,.@-
39391	UserName *string `min:"1" type:"string"`
39392}
39393
39394// String returns the string representation.
39395//
39396// API parameter values that are decorated as "sensitive" in the API will not
39397// be included in the string output. The member name will be present, but the
39398// value will be replaced with "sensitive".
39399func (s UpdateSigningCertificateInput) String() string {
39400	return awsutil.Prettify(s)
39401}
39402
39403// GoString returns the string representation.
39404//
39405// API parameter values that are decorated as "sensitive" in the API will not
39406// be included in the string output. The member name will be present, but the
39407// value will be replaced with "sensitive".
39408func (s UpdateSigningCertificateInput) GoString() string {
39409	return s.String()
39410}
39411
39412// Validate inspects the fields of the type to determine if they are valid.
39413func (s *UpdateSigningCertificateInput) Validate() error {
39414	invalidParams := request.ErrInvalidParams{Context: "UpdateSigningCertificateInput"}
39415	if s.CertificateId == nil {
39416		invalidParams.Add(request.NewErrParamRequired("CertificateId"))
39417	}
39418	if s.CertificateId != nil && len(*s.CertificateId) < 24 {
39419		invalidParams.Add(request.NewErrParamMinLen("CertificateId", 24))
39420	}
39421	if s.Status == nil {
39422		invalidParams.Add(request.NewErrParamRequired("Status"))
39423	}
39424	if s.UserName != nil && len(*s.UserName) < 1 {
39425		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
39426	}
39427
39428	if invalidParams.Len() > 0 {
39429		return invalidParams
39430	}
39431	return nil
39432}
39433
39434// SetCertificateId sets the CertificateId field's value.
39435func (s *UpdateSigningCertificateInput) SetCertificateId(v string) *UpdateSigningCertificateInput {
39436	s.CertificateId = &v
39437	return s
39438}
39439
39440// SetStatus sets the Status field's value.
39441func (s *UpdateSigningCertificateInput) SetStatus(v string) *UpdateSigningCertificateInput {
39442	s.Status = &v
39443	return s
39444}
39445
39446// SetUserName sets the UserName field's value.
39447func (s *UpdateSigningCertificateInput) SetUserName(v string) *UpdateSigningCertificateInput {
39448	s.UserName = &v
39449	return s
39450}
39451
39452type UpdateSigningCertificateOutput struct {
39453	_ struct{} `type:"structure"`
39454}
39455
39456// String returns the string representation.
39457//
39458// API parameter values that are decorated as "sensitive" in the API will not
39459// be included in the string output. The member name will be present, but the
39460// value will be replaced with "sensitive".
39461func (s UpdateSigningCertificateOutput) String() string {
39462	return awsutil.Prettify(s)
39463}
39464
39465// GoString returns the string representation.
39466//
39467// API parameter values that are decorated as "sensitive" in the API will not
39468// be included in the string output. The member name will be present, but the
39469// value will be replaced with "sensitive".
39470func (s UpdateSigningCertificateOutput) GoString() string {
39471	return s.String()
39472}
39473
39474type UpdateUserInput struct {
39475	_ struct{} `type:"structure"`
39476
39477	// New path for the IAM user. Include this parameter only if you're changing
39478	// the user's path.
39479	//
39480	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
39481	// a string of characters consisting of either a forward slash (/) by itself
39482	// or a string that must begin and end with forward slashes. In addition, it
39483	// can contain any ASCII character from the ! (\u0021) through the DEL character
39484	// (\u007F), including most punctuation characters, digits, and upper and lowercased
39485	// letters.
39486	NewPath *string `min:"1" type:"string"`
39487
39488	// New name for the user. Include this parameter only if you're changing the
39489	// user's name.
39490	//
39491	// IAM user, group, role, and policy names must be unique within the account.
39492	// Names are not distinguished by case. For example, you cannot create resources
39493	// named both "MyResource" and "myresource".
39494	NewUserName *string `min:"1" type:"string"`
39495
39496	// Name of the user to update. If you're changing the name of the user, this
39497	// is the original user name.
39498	//
39499	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
39500	// a string of characters consisting of upper and lowercase alphanumeric characters
39501	// with no spaces. You can also include any of the following characters: _+=,.@-
39502	//
39503	// UserName is a required field
39504	UserName *string `min:"1" type:"string" required:"true"`
39505}
39506
39507// String returns the string representation.
39508//
39509// API parameter values that are decorated as "sensitive" in the API will not
39510// be included in the string output. The member name will be present, but the
39511// value will be replaced with "sensitive".
39512func (s UpdateUserInput) String() string {
39513	return awsutil.Prettify(s)
39514}
39515
39516// GoString returns the string representation.
39517//
39518// API parameter values that are decorated as "sensitive" in the API will not
39519// be included in the string output. The member name will be present, but the
39520// value will be replaced with "sensitive".
39521func (s UpdateUserInput) GoString() string {
39522	return s.String()
39523}
39524
39525// Validate inspects the fields of the type to determine if they are valid.
39526func (s *UpdateUserInput) Validate() error {
39527	invalidParams := request.ErrInvalidParams{Context: "UpdateUserInput"}
39528	if s.NewPath != nil && len(*s.NewPath) < 1 {
39529		invalidParams.Add(request.NewErrParamMinLen("NewPath", 1))
39530	}
39531	if s.NewUserName != nil && len(*s.NewUserName) < 1 {
39532		invalidParams.Add(request.NewErrParamMinLen("NewUserName", 1))
39533	}
39534	if s.UserName == nil {
39535		invalidParams.Add(request.NewErrParamRequired("UserName"))
39536	}
39537	if s.UserName != nil && len(*s.UserName) < 1 {
39538		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
39539	}
39540
39541	if invalidParams.Len() > 0 {
39542		return invalidParams
39543	}
39544	return nil
39545}
39546
39547// SetNewPath sets the NewPath field's value.
39548func (s *UpdateUserInput) SetNewPath(v string) *UpdateUserInput {
39549	s.NewPath = &v
39550	return s
39551}
39552
39553// SetNewUserName sets the NewUserName field's value.
39554func (s *UpdateUserInput) SetNewUserName(v string) *UpdateUserInput {
39555	s.NewUserName = &v
39556	return s
39557}
39558
39559// SetUserName sets the UserName field's value.
39560func (s *UpdateUserInput) SetUserName(v string) *UpdateUserInput {
39561	s.UserName = &v
39562	return s
39563}
39564
39565type UpdateUserOutput struct {
39566	_ struct{} `type:"structure"`
39567}
39568
39569// String returns the string representation.
39570//
39571// API parameter values that are decorated as "sensitive" in the API will not
39572// be included in the string output. The member name will be present, but the
39573// value will be replaced with "sensitive".
39574func (s UpdateUserOutput) String() string {
39575	return awsutil.Prettify(s)
39576}
39577
39578// GoString returns the string representation.
39579//
39580// API parameter values that are decorated as "sensitive" in the API will not
39581// be included in the string output. The member name will be present, but the
39582// value will be replaced with "sensitive".
39583func (s UpdateUserOutput) GoString() string {
39584	return s.String()
39585}
39586
39587type UploadSSHPublicKeyInput struct {
39588	_ struct{} `type:"structure"`
39589
39590	// The SSH public key. The public key must be encoded in ssh-rsa format or PEM
39591	// format. The minimum bit-length of the public key is 2048 bits. For example,
39592	// you can generate a 2048-bit key, and the resulting PEM file is 1679 bytes
39593	// long.
39594	//
39595	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
39596	// parameter is a string of characters consisting of the following:
39597	//
39598	//    * Any printable ASCII character ranging from the space character (\u0020)
39599	//    through the end of the ASCII character range
39600	//
39601	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
39602	//    set (through \u00FF)
39603	//
39604	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
39605	//    return (\u000D)
39606	//
39607	// SSHPublicKeyBody is a required field
39608	SSHPublicKeyBody *string `min:"1" type:"string" required:"true"`
39609
39610	// The name of the IAM user to associate the SSH public key with.
39611	//
39612	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
39613	// a string of characters consisting of upper and lowercase alphanumeric characters
39614	// with no spaces. You can also include any of the following characters: _+=,.@-
39615	//
39616	// UserName is a required field
39617	UserName *string `min:"1" type:"string" required:"true"`
39618}
39619
39620// String returns the string representation.
39621//
39622// API parameter values that are decorated as "sensitive" in the API will not
39623// be included in the string output. The member name will be present, but the
39624// value will be replaced with "sensitive".
39625func (s UploadSSHPublicKeyInput) String() string {
39626	return awsutil.Prettify(s)
39627}
39628
39629// GoString returns the string representation.
39630//
39631// API parameter values that are decorated as "sensitive" in the API will not
39632// be included in the string output. The member name will be present, but the
39633// value will be replaced with "sensitive".
39634func (s UploadSSHPublicKeyInput) GoString() string {
39635	return s.String()
39636}
39637
39638// Validate inspects the fields of the type to determine if they are valid.
39639func (s *UploadSSHPublicKeyInput) Validate() error {
39640	invalidParams := request.ErrInvalidParams{Context: "UploadSSHPublicKeyInput"}
39641	if s.SSHPublicKeyBody == nil {
39642		invalidParams.Add(request.NewErrParamRequired("SSHPublicKeyBody"))
39643	}
39644	if s.SSHPublicKeyBody != nil && len(*s.SSHPublicKeyBody) < 1 {
39645		invalidParams.Add(request.NewErrParamMinLen("SSHPublicKeyBody", 1))
39646	}
39647	if s.UserName == nil {
39648		invalidParams.Add(request.NewErrParamRequired("UserName"))
39649	}
39650	if s.UserName != nil && len(*s.UserName) < 1 {
39651		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
39652	}
39653
39654	if invalidParams.Len() > 0 {
39655		return invalidParams
39656	}
39657	return nil
39658}
39659
39660// SetSSHPublicKeyBody sets the SSHPublicKeyBody field's value.
39661func (s *UploadSSHPublicKeyInput) SetSSHPublicKeyBody(v string) *UploadSSHPublicKeyInput {
39662	s.SSHPublicKeyBody = &v
39663	return s
39664}
39665
39666// SetUserName sets the UserName field's value.
39667func (s *UploadSSHPublicKeyInput) SetUserName(v string) *UploadSSHPublicKeyInput {
39668	s.UserName = &v
39669	return s
39670}
39671
39672// Contains the response to a successful UploadSSHPublicKey request.
39673type UploadSSHPublicKeyOutput struct {
39674	_ struct{} `type:"structure"`
39675
39676	// Contains information about the SSH public key.
39677	SSHPublicKey *SSHPublicKey `type:"structure"`
39678}
39679
39680// String returns the string representation.
39681//
39682// API parameter values that are decorated as "sensitive" in the API will not
39683// be included in the string output. The member name will be present, but the
39684// value will be replaced with "sensitive".
39685func (s UploadSSHPublicKeyOutput) String() string {
39686	return awsutil.Prettify(s)
39687}
39688
39689// GoString returns the string representation.
39690//
39691// API parameter values that are decorated as "sensitive" in the API will not
39692// be included in the string output. The member name will be present, but the
39693// value will be replaced with "sensitive".
39694func (s UploadSSHPublicKeyOutput) GoString() string {
39695	return s.String()
39696}
39697
39698// SetSSHPublicKey sets the SSHPublicKey field's value.
39699func (s *UploadSSHPublicKeyOutput) SetSSHPublicKey(v *SSHPublicKey) *UploadSSHPublicKeyOutput {
39700	s.SSHPublicKey = v
39701	return s
39702}
39703
39704type UploadServerCertificateInput struct {
39705	_ struct{} `type:"structure"`
39706
39707	// The contents of the public key certificate in PEM-encoded format.
39708	//
39709	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
39710	// parameter is a string of characters consisting of the following:
39711	//
39712	//    * Any printable ASCII character ranging from the space character (\u0020)
39713	//    through the end of the ASCII character range
39714	//
39715	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
39716	//    set (through \u00FF)
39717	//
39718	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
39719	//    return (\u000D)
39720	//
39721	// CertificateBody is a required field
39722	CertificateBody *string `min:"1" type:"string" required:"true"`
39723
39724	// The contents of the certificate chain. This is typically a concatenation
39725	// of the PEM-encoded public key certificates of the chain.
39726	//
39727	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
39728	// parameter is a string of characters consisting of the following:
39729	//
39730	//    * Any printable ASCII character ranging from the space character (\u0020)
39731	//    through the end of the ASCII character range
39732	//
39733	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
39734	//    set (through \u00FF)
39735	//
39736	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
39737	//    return (\u000D)
39738	CertificateChain *string `min:"1" type:"string"`
39739
39740	// The path for the server certificate. For more information about paths, see
39741	// IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
39742	// in the IAM User Guide.
39743	//
39744	// This parameter is optional. If it is not included, it defaults to a slash
39745	// (/). This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
39746	// a string of characters consisting of either a forward slash (/) by itself
39747	// or a string that must begin and end with forward slashes. In addition, it
39748	// can contain any ASCII character from the ! (\u0021) through the DEL character
39749	// (\u007F), including most punctuation characters, digits, and upper and lowercased
39750	// letters.
39751	//
39752	// If you are uploading a server certificate specifically for use with Amazon
39753	// CloudFront distributions, you must specify a path using the path parameter.
39754	// The path must begin with /cloudfront and must include a trailing slash (for
39755	// example, /cloudfront/test/).
39756	Path *string `min:"1" type:"string"`
39757
39758	// The contents of the private key in PEM-encoded format.
39759	//
39760	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
39761	// parameter is a string of characters consisting of the following:
39762	//
39763	//    * Any printable ASCII character ranging from the space character (\u0020)
39764	//    through the end of the ASCII character range
39765	//
39766	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
39767	//    set (through \u00FF)
39768	//
39769	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
39770	//    return (\u000D)
39771	//
39772	// PrivateKey is a sensitive parameter and its value will be
39773	// replaced with "sensitive" in string returned by UploadServerCertificateInput's
39774	// String and GoString methods.
39775	//
39776	// PrivateKey is a required field
39777	PrivateKey *string `min:"1" type:"string" required:"true" sensitive:"true"`
39778
39779	// The name for the server certificate. Do not include the path in this value.
39780	// The name of the certificate cannot contain any spaces.
39781	//
39782	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
39783	// a string of characters consisting of upper and lowercase alphanumeric characters
39784	// with no spaces. You can also include any of the following characters: _+=,.@-
39785	//
39786	// ServerCertificateName is a required field
39787	ServerCertificateName *string `min:"1" type:"string" required:"true"`
39788
39789	// A list of tags that you want to attach to the new IAM server certificate
39790	// resource. Each tag consists of a key name and an associated value. For more
39791	// information about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
39792	// in the IAM User Guide.
39793	//
39794	// If any one of the tags is invalid or if you exceed the allowed maximum number
39795	// of tags, then the entire request fails and the resource is not created.
39796	Tags []*Tag `type:"list"`
39797}
39798
39799// String returns the string representation.
39800//
39801// API parameter values that are decorated as "sensitive" in the API will not
39802// be included in the string output. The member name will be present, but the
39803// value will be replaced with "sensitive".
39804func (s UploadServerCertificateInput) String() string {
39805	return awsutil.Prettify(s)
39806}
39807
39808// GoString returns the string representation.
39809//
39810// API parameter values that are decorated as "sensitive" in the API will not
39811// be included in the string output. The member name will be present, but the
39812// value will be replaced with "sensitive".
39813func (s UploadServerCertificateInput) GoString() string {
39814	return s.String()
39815}
39816
39817// Validate inspects the fields of the type to determine if they are valid.
39818func (s *UploadServerCertificateInput) Validate() error {
39819	invalidParams := request.ErrInvalidParams{Context: "UploadServerCertificateInput"}
39820	if s.CertificateBody == nil {
39821		invalidParams.Add(request.NewErrParamRequired("CertificateBody"))
39822	}
39823	if s.CertificateBody != nil && len(*s.CertificateBody) < 1 {
39824		invalidParams.Add(request.NewErrParamMinLen("CertificateBody", 1))
39825	}
39826	if s.CertificateChain != nil && len(*s.CertificateChain) < 1 {
39827		invalidParams.Add(request.NewErrParamMinLen("CertificateChain", 1))
39828	}
39829	if s.Path != nil && len(*s.Path) < 1 {
39830		invalidParams.Add(request.NewErrParamMinLen("Path", 1))
39831	}
39832	if s.PrivateKey == nil {
39833		invalidParams.Add(request.NewErrParamRequired("PrivateKey"))
39834	}
39835	if s.PrivateKey != nil && len(*s.PrivateKey) < 1 {
39836		invalidParams.Add(request.NewErrParamMinLen("PrivateKey", 1))
39837	}
39838	if s.ServerCertificateName == nil {
39839		invalidParams.Add(request.NewErrParamRequired("ServerCertificateName"))
39840	}
39841	if s.ServerCertificateName != nil && len(*s.ServerCertificateName) < 1 {
39842		invalidParams.Add(request.NewErrParamMinLen("ServerCertificateName", 1))
39843	}
39844	if s.Tags != nil {
39845		for i, v := range s.Tags {
39846			if v == nil {
39847				continue
39848			}
39849			if err := v.Validate(); err != nil {
39850				invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Tags", i), err.(request.ErrInvalidParams))
39851			}
39852		}
39853	}
39854
39855	if invalidParams.Len() > 0 {
39856		return invalidParams
39857	}
39858	return nil
39859}
39860
39861// SetCertificateBody sets the CertificateBody field's value.
39862func (s *UploadServerCertificateInput) SetCertificateBody(v string) *UploadServerCertificateInput {
39863	s.CertificateBody = &v
39864	return s
39865}
39866
39867// SetCertificateChain sets the CertificateChain field's value.
39868func (s *UploadServerCertificateInput) SetCertificateChain(v string) *UploadServerCertificateInput {
39869	s.CertificateChain = &v
39870	return s
39871}
39872
39873// SetPath sets the Path field's value.
39874func (s *UploadServerCertificateInput) SetPath(v string) *UploadServerCertificateInput {
39875	s.Path = &v
39876	return s
39877}
39878
39879// SetPrivateKey sets the PrivateKey field's value.
39880func (s *UploadServerCertificateInput) SetPrivateKey(v string) *UploadServerCertificateInput {
39881	s.PrivateKey = &v
39882	return s
39883}
39884
39885// SetServerCertificateName sets the ServerCertificateName field's value.
39886func (s *UploadServerCertificateInput) SetServerCertificateName(v string) *UploadServerCertificateInput {
39887	s.ServerCertificateName = &v
39888	return s
39889}
39890
39891// SetTags sets the Tags field's value.
39892func (s *UploadServerCertificateInput) SetTags(v []*Tag) *UploadServerCertificateInput {
39893	s.Tags = v
39894	return s
39895}
39896
39897// Contains the response to a successful UploadServerCertificate request.
39898type UploadServerCertificateOutput struct {
39899	_ struct{} `type:"structure"`
39900
39901	// The meta information of the uploaded server certificate without its certificate
39902	// body, certificate chain, and private key.
39903	ServerCertificateMetadata *ServerCertificateMetadata `type:"structure"`
39904
39905	// A list of tags that are attached to the new IAM server certificate. The returned
39906	// list of tags is sorted by tag key. For more information about tagging, see
39907	// Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
39908	// in the IAM User Guide.
39909	Tags []*Tag `type:"list"`
39910}
39911
39912// String returns the string representation.
39913//
39914// API parameter values that are decorated as "sensitive" in the API will not
39915// be included in the string output. The member name will be present, but the
39916// value will be replaced with "sensitive".
39917func (s UploadServerCertificateOutput) String() string {
39918	return awsutil.Prettify(s)
39919}
39920
39921// GoString returns the string representation.
39922//
39923// API parameter values that are decorated as "sensitive" in the API will not
39924// be included in the string output. The member name will be present, but the
39925// value will be replaced with "sensitive".
39926func (s UploadServerCertificateOutput) GoString() string {
39927	return s.String()
39928}
39929
39930// SetServerCertificateMetadata sets the ServerCertificateMetadata field's value.
39931func (s *UploadServerCertificateOutput) SetServerCertificateMetadata(v *ServerCertificateMetadata) *UploadServerCertificateOutput {
39932	s.ServerCertificateMetadata = v
39933	return s
39934}
39935
39936// SetTags sets the Tags field's value.
39937func (s *UploadServerCertificateOutput) SetTags(v []*Tag) *UploadServerCertificateOutput {
39938	s.Tags = v
39939	return s
39940}
39941
39942type UploadSigningCertificateInput struct {
39943	_ struct{} `type:"structure"`
39944
39945	// The contents of the signing certificate.
39946	//
39947	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
39948	// parameter is a string of characters consisting of the following:
39949	//
39950	//    * Any printable ASCII character ranging from the space character (\u0020)
39951	//    through the end of the ASCII character range
39952	//
39953	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
39954	//    set (through \u00FF)
39955	//
39956	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
39957	//    return (\u000D)
39958	//
39959	// CertificateBody is a required field
39960	CertificateBody *string `min:"1" type:"string" required:"true"`
39961
39962	// The name of the user the signing certificate is for.
39963	//
39964	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
39965	// a string of characters consisting of upper and lowercase alphanumeric characters
39966	// with no spaces. You can also include any of the following characters: _+=,.@-
39967	UserName *string `min:"1" type:"string"`
39968}
39969
39970// String returns the string representation.
39971//
39972// API parameter values that are decorated as "sensitive" in the API will not
39973// be included in the string output. The member name will be present, but the
39974// value will be replaced with "sensitive".
39975func (s UploadSigningCertificateInput) String() string {
39976	return awsutil.Prettify(s)
39977}
39978
39979// GoString returns the string representation.
39980//
39981// API parameter values that are decorated as "sensitive" in the API will not
39982// be included in the string output. The member name will be present, but the
39983// value will be replaced with "sensitive".
39984func (s UploadSigningCertificateInput) GoString() string {
39985	return s.String()
39986}
39987
39988// Validate inspects the fields of the type to determine if they are valid.
39989func (s *UploadSigningCertificateInput) Validate() error {
39990	invalidParams := request.ErrInvalidParams{Context: "UploadSigningCertificateInput"}
39991	if s.CertificateBody == nil {
39992		invalidParams.Add(request.NewErrParamRequired("CertificateBody"))
39993	}
39994	if s.CertificateBody != nil && len(*s.CertificateBody) < 1 {
39995		invalidParams.Add(request.NewErrParamMinLen("CertificateBody", 1))
39996	}
39997	if s.UserName != nil && len(*s.UserName) < 1 {
39998		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
39999	}
40000
40001	if invalidParams.Len() > 0 {
40002		return invalidParams
40003	}
40004	return nil
40005}
40006
40007// SetCertificateBody sets the CertificateBody field's value.
40008func (s *UploadSigningCertificateInput) SetCertificateBody(v string) *UploadSigningCertificateInput {
40009	s.CertificateBody = &v
40010	return s
40011}
40012
40013// SetUserName sets the UserName field's value.
40014func (s *UploadSigningCertificateInput) SetUserName(v string) *UploadSigningCertificateInput {
40015	s.UserName = &v
40016	return s
40017}
40018
40019// Contains the response to a successful UploadSigningCertificate request.
40020type UploadSigningCertificateOutput struct {
40021	_ struct{} `type:"structure"`
40022
40023	// Information about the certificate.
40024	//
40025	// Certificate is a required field
40026	Certificate *SigningCertificate `type:"structure" required:"true"`
40027}
40028
40029// String returns the string representation.
40030//
40031// API parameter values that are decorated as "sensitive" in the API will not
40032// be included in the string output. The member name will be present, but the
40033// value will be replaced with "sensitive".
40034func (s UploadSigningCertificateOutput) String() string {
40035	return awsutil.Prettify(s)
40036}
40037
40038// GoString returns the string representation.
40039//
40040// API parameter values that are decorated as "sensitive" in the API will not
40041// be included in the string output. The member name will be present, but the
40042// value will be replaced with "sensitive".
40043func (s UploadSigningCertificateOutput) GoString() string {
40044	return s.String()
40045}
40046
40047// SetCertificate sets the Certificate field's value.
40048func (s *UploadSigningCertificateOutput) SetCertificate(v *SigningCertificate) *UploadSigningCertificateOutput {
40049	s.Certificate = v
40050	return s
40051}
40052
40053// Contains information about an IAM user entity.
40054//
40055// This data type is used as a response element in the following operations:
40056//
40057//    * CreateUser
40058//
40059//    * GetUser
40060//
40061//    * ListUsers
40062type User struct {
40063	_ struct{} `type:"structure"`
40064
40065	// The Amazon Resource Name (ARN) that identifies the user. For more information
40066	// about ARNs and how to use ARNs in policies, see IAM Identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
40067	// in the IAM User Guide.
40068	//
40069	// Arn is a required field
40070	Arn *string `min:"20" type:"string" required:"true"`
40071
40072	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
40073	// when the user was created.
40074	//
40075	// CreateDate is a required field
40076	CreateDate *time.Time `type:"timestamp" required:"true"`
40077
40078	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
40079	// when the user's password was last used to sign in to an Amazon Web Services
40080	// website. For a list of Amazon Web Services websites that capture a user's
40081	// last sign-in time, see the Credential reports (https://docs.aws.amazon.com/IAM/latest/UserGuide/credential-reports.html)
40082	// topic in the IAM User Guide. If a password is used more than once in a five-minute
40083	// span, only the first use is returned in this field. If the field is null
40084	// (no value), then it indicates that they never signed in with a password.
40085	// This can be because:
40086	//
40087	//    * The user never had a password.
40088	//
40089	//    * A password exists but has not been used since IAM started tracking this
40090	//    information on October 20, 2014.
40091	//
40092	// A null value does not mean that the user never had a password. Also, if the
40093	// user does not currently have a password but had one in the past, then this
40094	// field contains the date and time the most recent password was used.
40095	//
40096	// This value is returned only in the GetUser and ListUsers operations.
40097	PasswordLastUsed *time.Time `type:"timestamp"`
40098
40099	// The path to the user. For more information about paths, see IAM identifiers
40100	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
40101	// in the IAM User Guide.
40102	//
40103	// The ARN of the policy used to set the permissions boundary for the user.
40104	//
40105	// Path is a required field
40106	Path *string `min:"1" type:"string" required:"true"`
40107
40108	// For more information about permissions boundaries, see Permissions boundaries
40109	// for IAM identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html)
40110	// in the IAM User Guide.
40111	PermissionsBoundary *AttachedPermissionsBoundary `type:"structure"`
40112
40113	// A list of tags that are associated with the user. For more information about
40114	// tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
40115	// in the IAM User Guide.
40116	Tags []*Tag `type:"list"`
40117
40118	// The stable and unique string identifying the user. For more information about
40119	// IDs, see IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
40120	// in the IAM User Guide.
40121	//
40122	// UserId is a required field
40123	UserId *string `min:"16" type:"string" required:"true"`
40124
40125	// The friendly name identifying the user.
40126	//
40127	// UserName is a required field
40128	UserName *string `min:"1" type:"string" required:"true"`
40129}
40130
40131// String returns the string representation.
40132//
40133// API parameter values that are decorated as "sensitive" in the API will not
40134// be included in the string output. The member name will be present, but the
40135// value will be replaced with "sensitive".
40136func (s User) String() string {
40137	return awsutil.Prettify(s)
40138}
40139
40140// GoString returns the string representation.
40141//
40142// API parameter values that are decorated as "sensitive" in the API will not
40143// be included in the string output. The member name will be present, but the
40144// value will be replaced with "sensitive".
40145func (s User) GoString() string {
40146	return s.String()
40147}
40148
40149// SetArn sets the Arn field's value.
40150func (s *User) SetArn(v string) *User {
40151	s.Arn = &v
40152	return s
40153}
40154
40155// SetCreateDate sets the CreateDate field's value.
40156func (s *User) SetCreateDate(v time.Time) *User {
40157	s.CreateDate = &v
40158	return s
40159}
40160
40161// SetPasswordLastUsed sets the PasswordLastUsed field's value.
40162func (s *User) SetPasswordLastUsed(v time.Time) *User {
40163	s.PasswordLastUsed = &v
40164	return s
40165}
40166
40167// SetPath sets the Path field's value.
40168func (s *User) SetPath(v string) *User {
40169	s.Path = &v
40170	return s
40171}
40172
40173// SetPermissionsBoundary sets the PermissionsBoundary field's value.
40174func (s *User) SetPermissionsBoundary(v *AttachedPermissionsBoundary) *User {
40175	s.PermissionsBoundary = v
40176	return s
40177}
40178
40179// SetTags sets the Tags field's value.
40180func (s *User) SetTags(v []*Tag) *User {
40181	s.Tags = v
40182	return s
40183}
40184
40185// SetUserId sets the UserId field's value.
40186func (s *User) SetUserId(v string) *User {
40187	s.UserId = &v
40188	return s
40189}
40190
40191// SetUserName sets the UserName field's value.
40192func (s *User) SetUserName(v string) *User {
40193	s.UserName = &v
40194	return s
40195}
40196
40197// Contains information about an IAM user, including all the user's policies
40198// and all the IAM groups the user is in.
40199//
40200// This data type is used as a response element in the GetAccountAuthorizationDetails
40201// operation.
40202type UserDetail struct {
40203	_ struct{} `type:"structure"`
40204
40205	// The Amazon Resource Name (ARN). ARNs are unique identifiers for Amazon Web
40206	// Services resources.
40207	//
40208	// For more information about ARNs, go to Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
40209	// in the Amazon Web Services General Reference.
40210	Arn *string `min:"20" type:"string"`
40211
40212	// A list of the managed policies attached to the user.
40213	AttachedManagedPolicies []*AttachedPolicy `type:"list"`
40214
40215	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
40216	// when the user was created.
40217	CreateDate *time.Time `type:"timestamp"`
40218
40219	// A list of IAM groups that the user is in.
40220	GroupList []*string `type:"list"`
40221
40222	// The path to the user. For more information about paths, see IAM identifiers
40223	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
40224	// in the IAM User Guide.
40225	Path *string `min:"1" type:"string"`
40226
40227	// The ARN of the policy used to set the permissions boundary for the user.
40228	//
40229	// For more information about permissions boundaries, see Permissions boundaries
40230	// for IAM identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html)
40231	// in the IAM User Guide.
40232	PermissionsBoundary *AttachedPermissionsBoundary `type:"structure"`
40233
40234	// A list of tags that are associated with the user. For more information about
40235	// tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
40236	// in the IAM User Guide.
40237	Tags []*Tag `type:"list"`
40238
40239	// The stable and unique string identifying the user. For more information about
40240	// IDs, see IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
40241	// in the IAM User Guide.
40242	UserId *string `min:"16" type:"string"`
40243
40244	// The friendly name identifying the user.
40245	UserName *string `min:"1" type:"string"`
40246
40247	// A list of the inline policies embedded in the user.
40248	UserPolicyList []*PolicyDetail `type:"list"`
40249}
40250
40251// String returns the string representation.
40252//
40253// API parameter values that are decorated as "sensitive" in the API will not
40254// be included in the string output. The member name will be present, but the
40255// value will be replaced with "sensitive".
40256func (s UserDetail) String() string {
40257	return awsutil.Prettify(s)
40258}
40259
40260// GoString returns the string representation.
40261//
40262// API parameter values that are decorated as "sensitive" in the API will not
40263// be included in the string output. The member name will be present, but the
40264// value will be replaced with "sensitive".
40265func (s UserDetail) GoString() string {
40266	return s.String()
40267}
40268
40269// SetArn sets the Arn field's value.
40270func (s *UserDetail) SetArn(v string) *UserDetail {
40271	s.Arn = &v
40272	return s
40273}
40274
40275// SetAttachedManagedPolicies sets the AttachedManagedPolicies field's value.
40276func (s *UserDetail) SetAttachedManagedPolicies(v []*AttachedPolicy) *UserDetail {
40277	s.AttachedManagedPolicies = v
40278	return s
40279}
40280
40281// SetCreateDate sets the CreateDate field's value.
40282func (s *UserDetail) SetCreateDate(v time.Time) *UserDetail {
40283	s.CreateDate = &v
40284	return s
40285}
40286
40287// SetGroupList sets the GroupList field's value.
40288func (s *UserDetail) SetGroupList(v []*string) *UserDetail {
40289	s.GroupList = v
40290	return s
40291}
40292
40293// SetPath sets the Path field's value.
40294func (s *UserDetail) SetPath(v string) *UserDetail {
40295	s.Path = &v
40296	return s
40297}
40298
40299// SetPermissionsBoundary sets the PermissionsBoundary field's value.
40300func (s *UserDetail) SetPermissionsBoundary(v *AttachedPermissionsBoundary) *UserDetail {
40301	s.PermissionsBoundary = v
40302	return s
40303}
40304
40305// SetTags sets the Tags field's value.
40306func (s *UserDetail) SetTags(v []*Tag) *UserDetail {
40307	s.Tags = v
40308	return s
40309}
40310
40311// SetUserId sets the UserId field's value.
40312func (s *UserDetail) SetUserId(v string) *UserDetail {
40313	s.UserId = &v
40314	return s
40315}
40316
40317// SetUserName sets the UserName field's value.
40318func (s *UserDetail) SetUserName(v string) *UserDetail {
40319	s.UserName = &v
40320	return s
40321}
40322
40323// SetUserPolicyList sets the UserPolicyList field's value.
40324func (s *UserDetail) SetUserPolicyList(v []*PolicyDetail) *UserDetail {
40325	s.UserPolicyList = v
40326	return s
40327}
40328
40329// Contains information about a virtual MFA device.
40330type VirtualMFADevice struct {
40331	_ struct{} `type:"structure"`
40332
40333	// The base32 seed defined as specified in RFC3548 (https://tools.ietf.org/html/rfc3548.txt).
40334	// The Base32StringSeed is base64-encoded.
40335	//
40336	// Base32StringSeed is a sensitive parameter and its value will be
40337	// replaced with "sensitive" in string returned by VirtualMFADevice's
40338	// String and GoString methods.
40339	//
40340	// Base32StringSeed is automatically base64 encoded/decoded by the SDK.
40341	Base32StringSeed []byte `type:"blob" sensitive:"true"`
40342
40343	// The date and time on which the virtual MFA device was enabled.
40344	EnableDate *time.Time `type:"timestamp"`
40345
40346	// A QR code PNG image that encodes otpauth://totp/$virtualMFADeviceName@$AccountName?secret=$Base32String
40347	// where $virtualMFADeviceName is one of the create call arguments. AccountName
40348	// is the user name if set (otherwise, the account ID otherwise), and Base32String
40349	// is the seed in base32 format. The Base32String value is base64-encoded.
40350	//
40351	// QRCodePNG is a sensitive parameter and its value will be
40352	// replaced with "sensitive" in string returned by VirtualMFADevice's
40353	// String and GoString methods.
40354	//
40355	// QRCodePNG is automatically base64 encoded/decoded by the SDK.
40356	QRCodePNG []byte `type:"blob" sensitive:"true"`
40357
40358	// The serial number associated with VirtualMFADevice.
40359	//
40360	// SerialNumber is a required field
40361	SerialNumber *string `min:"9" type:"string" required:"true"`
40362
40363	// A list of tags that are attached to the virtual MFA device. For more information
40364	// about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
40365	// in the IAM User Guide.
40366	Tags []*Tag `type:"list"`
40367
40368	// The IAM user associated with this virtual MFA device.
40369	User *User `type:"structure"`
40370}
40371
40372// String returns the string representation.
40373//
40374// API parameter values that are decorated as "sensitive" in the API will not
40375// be included in the string output. The member name will be present, but the
40376// value will be replaced with "sensitive".
40377func (s VirtualMFADevice) String() string {
40378	return awsutil.Prettify(s)
40379}
40380
40381// GoString returns the string representation.
40382//
40383// API parameter values that are decorated as "sensitive" in the API will not
40384// be included in the string output. The member name will be present, but the
40385// value will be replaced with "sensitive".
40386func (s VirtualMFADevice) GoString() string {
40387	return s.String()
40388}
40389
40390// SetBase32StringSeed sets the Base32StringSeed field's value.
40391func (s *VirtualMFADevice) SetBase32StringSeed(v []byte) *VirtualMFADevice {
40392	s.Base32StringSeed = v
40393	return s
40394}
40395
40396// SetEnableDate sets the EnableDate field's value.
40397func (s *VirtualMFADevice) SetEnableDate(v time.Time) *VirtualMFADevice {
40398	s.EnableDate = &v
40399	return s
40400}
40401
40402// SetQRCodePNG sets the QRCodePNG field's value.
40403func (s *VirtualMFADevice) SetQRCodePNG(v []byte) *VirtualMFADevice {
40404	s.QRCodePNG = v
40405	return s
40406}
40407
40408// SetSerialNumber sets the SerialNumber field's value.
40409func (s *VirtualMFADevice) SetSerialNumber(v string) *VirtualMFADevice {
40410	s.SerialNumber = &v
40411	return s
40412}
40413
40414// SetTags sets the Tags field's value.
40415func (s *VirtualMFADevice) SetTags(v []*Tag) *VirtualMFADevice {
40416	s.Tags = v
40417	return s
40418}
40419
40420// SetUser sets the User field's value.
40421func (s *VirtualMFADevice) SetUser(v *User) *VirtualMFADevice {
40422	s.User = v
40423	return s
40424}
40425
40426const (
40427	// AccessAdvisorUsageGranularityTypeServiceLevel is a AccessAdvisorUsageGranularityType enum value
40428	AccessAdvisorUsageGranularityTypeServiceLevel = "SERVICE_LEVEL"
40429
40430	// AccessAdvisorUsageGranularityTypeActionLevel is a AccessAdvisorUsageGranularityType enum value
40431	AccessAdvisorUsageGranularityTypeActionLevel = "ACTION_LEVEL"
40432)
40433
40434// AccessAdvisorUsageGranularityType_Values returns all elements of the AccessAdvisorUsageGranularityType enum
40435func AccessAdvisorUsageGranularityType_Values() []string {
40436	return []string{
40437		AccessAdvisorUsageGranularityTypeServiceLevel,
40438		AccessAdvisorUsageGranularityTypeActionLevel,
40439	}
40440}
40441
40442const (
40443	// AssignmentStatusTypeAssigned is a AssignmentStatusType enum value
40444	AssignmentStatusTypeAssigned = "Assigned"
40445
40446	// AssignmentStatusTypeUnassigned is a AssignmentStatusType enum value
40447	AssignmentStatusTypeUnassigned = "Unassigned"
40448
40449	// AssignmentStatusTypeAny is a AssignmentStatusType enum value
40450	AssignmentStatusTypeAny = "Any"
40451)
40452
40453// AssignmentStatusType_Values returns all elements of the AssignmentStatusType enum
40454func AssignmentStatusType_Values() []string {
40455	return []string{
40456		AssignmentStatusTypeAssigned,
40457		AssignmentStatusTypeUnassigned,
40458		AssignmentStatusTypeAny,
40459	}
40460}
40461
40462const (
40463	// ContextKeyTypeEnumString is a ContextKeyTypeEnum enum value
40464	ContextKeyTypeEnumString = "string"
40465
40466	// ContextKeyTypeEnumStringList is a ContextKeyTypeEnum enum value
40467	ContextKeyTypeEnumStringList = "stringList"
40468
40469	// ContextKeyTypeEnumNumeric is a ContextKeyTypeEnum enum value
40470	ContextKeyTypeEnumNumeric = "numeric"
40471
40472	// ContextKeyTypeEnumNumericList is a ContextKeyTypeEnum enum value
40473	ContextKeyTypeEnumNumericList = "numericList"
40474
40475	// ContextKeyTypeEnumBoolean is a ContextKeyTypeEnum enum value
40476	ContextKeyTypeEnumBoolean = "boolean"
40477
40478	// ContextKeyTypeEnumBooleanList is a ContextKeyTypeEnum enum value
40479	ContextKeyTypeEnumBooleanList = "booleanList"
40480
40481	// ContextKeyTypeEnumIp is a ContextKeyTypeEnum enum value
40482	ContextKeyTypeEnumIp = "ip"
40483
40484	// ContextKeyTypeEnumIpList is a ContextKeyTypeEnum enum value
40485	ContextKeyTypeEnumIpList = "ipList"
40486
40487	// ContextKeyTypeEnumBinary is a ContextKeyTypeEnum enum value
40488	ContextKeyTypeEnumBinary = "binary"
40489
40490	// ContextKeyTypeEnumBinaryList is a ContextKeyTypeEnum enum value
40491	ContextKeyTypeEnumBinaryList = "binaryList"
40492
40493	// ContextKeyTypeEnumDate is a ContextKeyTypeEnum enum value
40494	ContextKeyTypeEnumDate = "date"
40495
40496	// ContextKeyTypeEnumDateList is a ContextKeyTypeEnum enum value
40497	ContextKeyTypeEnumDateList = "dateList"
40498)
40499
40500// ContextKeyTypeEnum_Values returns all elements of the ContextKeyTypeEnum enum
40501func ContextKeyTypeEnum_Values() []string {
40502	return []string{
40503		ContextKeyTypeEnumString,
40504		ContextKeyTypeEnumStringList,
40505		ContextKeyTypeEnumNumeric,
40506		ContextKeyTypeEnumNumericList,
40507		ContextKeyTypeEnumBoolean,
40508		ContextKeyTypeEnumBooleanList,
40509		ContextKeyTypeEnumIp,
40510		ContextKeyTypeEnumIpList,
40511		ContextKeyTypeEnumBinary,
40512		ContextKeyTypeEnumBinaryList,
40513		ContextKeyTypeEnumDate,
40514		ContextKeyTypeEnumDateList,
40515	}
40516}
40517
40518const (
40519	// DeletionTaskStatusTypeSucceeded is a DeletionTaskStatusType enum value
40520	DeletionTaskStatusTypeSucceeded = "SUCCEEDED"
40521
40522	// DeletionTaskStatusTypeInProgress is a DeletionTaskStatusType enum value
40523	DeletionTaskStatusTypeInProgress = "IN_PROGRESS"
40524
40525	// DeletionTaskStatusTypeFailed is a DeletionTaskStatusType enum value
40526	DeletionTaskStatusTypeFailed = "FAILED"
40527
40528	// DeletionTaskStatusTypeNotStarted is a DeletionTaskStatusType enum value
40529	DeletionTaskStatusTypeNotStarted = "NOT_STARTED"
40530)
40531
40532// DeletionTaskStatusType_Values returns all elements of the DeletionTaskStatusType enum
40533func DeletionTaskStatusType_Values() []string {
40534	return []string{
40535		DeletionTaskStatusTypeSucceeded,
40536		DeletionTaskStatusTypeInProgress,
40537		DeletionTaskStatusTypeFailed,
40538		DeletionTaskStatusTypeNotStarted,
40539	}
40540}
40541
40542const (
40543	// EncodingTypeSsh is a EncodingType enum value
40544	EncodingTypeSsh = "SSH"
40545
40546	// EncodingTypePem is a EncodingType enum value
40547	EncodingTypePem = "PEM"
40548)
40549
40550// EncodingType_Values returns all elements of the EncodingType enum
40551func EncodingType_Values() []string {
40552	return []string{
40553		EncodingTypeSsh,
40554		EncodingTypePem,
40555	}
40556}
40557
40558const (
40559	// EntityTypeUser is a EntityType enum value
40560	EntityTypeUser = "User"
40561
40562	// EntityTypeRole is a EntityType enum value
40563	EntityTypeRole = "Role"
40564
40565	// EntityTypeGroup is a EntityType enum value
40566	EntityTypeGroup = "Group"
40567
40568	// EntityTypeLocalManagedPolicy is a EntityType enum value
40569	EntityTypeLocalManagedPolicy = "LocalManagedPolicy"
40570
40571	// EntityTypeAwsmanagedPolicy is a EntityType enum value
40572	EntityTypeAwsmanagedPolicy = "AWSManagedPolicy"
40573)
40574
40575// EntityType_Values returns all elements of the EntityType enum
40576func EntityType_Values() []string {
40577	return []string{
40578		EntityTypeUser,
40579		EntityTypeRole,
40580		EntityTypeGroup,
40581		EntityTypeLocalManagedPolicy,
40582		EntityTypeAwsmanagedPolicy,
40583	}
40584}
40585
40586const (
40587	// GlobalEndpointTokenVersionV1token is a GlobalEndpointTokenVersion enum value
40588	GlobalEndpointTokenVersionV1token = "v1Token"
40589
40590	// GlobalEndpointTokenVersionV2token is a GlobalEndpointTokenVersion enum value
40591	GlobalEndpointTokenVersionV2token = "v2Token"
40592)
40593
40594// GlobalEndpointTokenVersion_Values returns all elements of the GlobalEndpointTokenVersion enum
40595func GlobalEndpointTokenVersion_Values() []string {
40596	return []string{
40597		GlobalEndpointTokenVersionV1token,
40598		GlobalEndpointTokenVersionV2token,
40599	}
40600}
40601
40602const (
40603	// JobStatusTypeInProgress is a JobStatusType enum value
40604	JobStatusTypeInProgress = "IN_PROGRESS"
40605
40606	// JobStatusTypeCompleted is a JobStatusType enum value
40607	JobStatusTypeCompleted = "COMPLETED"
40608
40609	// JobStatusTypeFailed is a JobStatusType enum value
40610	JobStatusTypeFailed = "FAILED"
40611)
40612
40613// JobStatusType_Values returns all elements of the JobStatusType enum
40614func JobStatusType_Values() []string {
40615	return []string{
40616		JobStatusTypeInProgress,
40617		JobStatusTypeCompleted,
40618		JobStatusTypeFailed,
40619	}
40620}
40621
40622const (
40623	// PermissionsBoundaryAttachmentTypePermissionsBoundaryPolicy is a PermissionsBoundaryAttachmentType enum value
40624	PermissionsBoundaryAttachmentTypePermissionsBoundaryPolicy = "PermissionsBoundaryPolicy"
40625)
40626
40627// PermissionsBoundaryAttachmentType_Values returns all elements of the PermissionsBoundaryAttachmentType enum
40628func PermissionsBoundaryAttachmentType_Values() []string {
40629	return []string{
40630		PermissionsBoundaryAttachmentTypePermissionsBoundaryPolicy,
40631	}
40632}
40633
40634const (
40635	// PolicyEvaluationDecisionTypeAllowed is a PolicyEvaluationDecisionType enum value
40636	PolicyEvaluationDecisionTypeAllowed = "allowed"
40637
40638	// PolicyEvaluationDecisionTypeExplicitDeny is a PolicyEvaluationDecisionType enum value
40639	PolicyEvaluationDecisionTypeExplicitDeny = "explicitDeny"
40640
40641	// PolicyEvaluationDecisionTypeImplicitDeny is a PolicyEvaluationDecisionType enum value
40642	PolicyEvaluationDecisionTypeImplicitDeny = "implicitDeny"
40643)
40644
40645// PolicyEvaluationDecisionType_Values returns all elements of the PolicyEvaluationDecisionType enum
40646func PolicyEvaluationDecisionType_Values() []string {
40647	return []string{
40648		PolicyEvaluationDecisionTypeAllowed,
40649		PolicyEvaluationDecisionTypeExplicitDeny,
40650		PolicyEvaluationDecisionTypeImplicitDeny,
40651	}
40652}
40653
40654const (
40655	// PolicyOwnerEntityTypeUser is a PolicyOwnerEntityType enum value
40656	PolicyOwnerEntityTypeUser = "USER"
40657
40658	// PolicyOwnerEntityTypeRole is a PolicyOwnerEntityType enum value
40659	PolicyOwnerEntityTypeRole = "ROLE"
40660
40661	// PolicyOwnerEntityTypeGroup is a PolicyOwnerEntityType enum value
40662	PolicyOwnerEntityTypeGroup = "GROUP"
40663)
40664
40665// PolicyOwnerEntityType_Values returns all elements of the PolicyOwnerEntityType enum
40666func PolicyOwnerEntityType_Values() []string {
40667	return []string{
40668		PolicyOwnerEntityTypeUser,
40669		PolicyOwnerEntityTypeRole,
40670		PolicyOwnerEntityTypeGroup,
40671	}
40672}
40673
40674const (
40675	// PolicyScopeTypeAll is a PolicyScopeType enum value
40676	PolicyScopeTypeAll = "All"
40677
40678	// PolicyScopeTypeAws is a PolicyScopeType enum value
40679	PolicyScopeTypeAws = "AWS"
40680
40681	// PolicyScopeTypeLocal is a PolicyScopeType enum value
40682	PolicyScopeTypeLocal = "Local"
40683)
40684
40685// PolicyScopeType_Values returns all elements of the PolicyScopeType enum
40686func PolicyScopeType_Values() []string {
40687	return []string{
40688		PolicyScopeTypeAll,
40689		PolicyScopeTypeAws,
40690		PolicyScopeTypeLocal,
40691	}
40692}
40693
40694const (
40695	// PolicySourceTypeUser is a PolicySourceType enum value
40696	PolicySourceTypeUser = "user"
40697
40698	// PolicySourceTypeGroup is a PolicySourceType enum value
40699	PolicySourceTypeGroup = "group"
40700
40701	// PolicySourceTypeRole is a PolicySourceType enum value
40702	PolicySourceTypeRole = "role"
40703
40704	// PolicySourceTypeAwsManaged is a PolicySourceType enum value
40705	PolicySourceTypeAwsManaged = "aws-managed"
40706
40707	// PolicySourceTypeUserManaged is a PolicySourceType enum value
40708	PolicySourceTypeUserManaged = "user-managed"
40709
40710	// PolicySourceTypeResource is a PolicySourceType enum value
40711	PolicySourceTypeResource = "resource"
40712
40713	// PolicySourceTypeNone is a PolicySourceType enum value
40714	PolicySourceTypeNone = "none"
40715)
40716
40717// PolicySourceType_Values returns all elements of the PolicySourceType enum
40718func PolicySourceType_Values() []string {
40719	return []string{
40720		PolicySourceTypeUser,
40721		PolicySourceTypeGroup,
40722		PolicySourceTypeRole,
40723		PolicySourceTypeAwsManaged,
40724		PolicySourceTypeUserManaged,
40725		PolicySourceTypeResource,
40726		PolicySourceTypeNone,
40727	}
40728}
40729
40730const (
40731	// PolicyTypeInline is a PolicyType enum value
40732	PolicyTypeInline = "INLINE"
40733
40734	// PolicyTypeManaged is a PolicyType enum value
40735	PolicyTypeManaged = "MANAGED"
40736)
40737
40738// PolicyType_Values returns all elements of the PolicyType enum
40739func PolicyType_Values() []string {
40740	return []string{
40741		PolicyTypeInline,
40742		PolicyTypeManaged,
40743	}
40744}
40745
40746// The policy usage type that indicates whether the policy is used as a permissions
40747// policy or as the permissions boundary for an entity.
40748//
40749// For more information about permissions boundaries, see Permissions boundaries
40750// for IAM identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html)
40751// in the IAM User Guide.
40752const (
40753	// PolicyUsageTypePermissionsPolicy is a PolicyUsageType enum value
40754	PolicyUsageTypePermissionsPolicy = "PermissionsPolicy"
40755
40756	// PolicyUsageTypePermissionsBoundary is a PolicyUsageType enum value
40757	PolicyUsageTypePermissionsBoundary = "PermissionsBoundary"
40758)
40759
40760// PolicyUsageType_Values returns all elements of the PolicyUsageType enum
40761func PolicyUsageType_Values() []string {
40762	return []string{
40763		PolicyUsageTypePermissionsPolicy,
40764		PolicyUsageTypePermissionsBoundary,
40765	}
40766}
40767
40768const (
40769	// ReportFormatTypeTextCsv is a ReportFormatType enum value
40770	ReportFormatTypeTextCsv = "text/csv"
40771)
40772
40773// ReportFormatType_Values returns all elements of the ReportFormatType enum
40774func ReportFormatType_Values() []string {
40775	return []string{
40776		ReportFormatTypeTextCsv,
40777	}
40778}
40779
40780const (
40781	// ReportStateTypeStarted is a ReportStateType enum value
40782	ReportStateTypeStarted = "STARTED"
40783
40784	// ReportStateTypeInprogress is a ReportStateType enum value
40785	ReportStateTypeInprogress = "INPROGRESS"
40786
40787	// ReportStateTypeComplete is a ReportStateType enum value
40788	ReportStateTypeComplete = "COMPLETE"
40789)
40790
40791// ReportStateType_Values returns all elements of the ReportStateType enum
40792func ReportStateType_Values() []string {
40793	return []string{
40794		ReportStateTypeStarted,
40795		ReportStateTypeInprogress,
40796		ReportStateTypeComplete,
40797	}
40798}
40799
40800const (
40801	// SortKeyTypeServiceNamespaceAscending is a SortKeyType enum value
40802	SortKeyTypeServiceNamespaceAscending = "SERVICE_NAMESPACE_ASCENDING"
40803
40804	// SortKeyTypeServiceNamespaceDescending is a SortKeyType enum value
40805	SortKeyTypeServiceNamespaceDescending = "SERVICE_NAMESPACE_DESCENDING"
40806
40807	// SortKeyTypeLastAuthenticatedTimeAscending is a SortKeyType enum value
40808	SortKeyTypeLastAuthenticatedTimeAscending = "LAST_AUTHENTICATED_TIME_ASCENDING"
40809
40810	// SortKeyTypeLastAuthenticatedTimeDescending is a SortKeyType enum value
40811	SortKeyTypeLastAuthenticatedTimeDescending = "LAST_AUTHENTICATED_TIME_DESCENDING"
40812)
40813
40814// SortKeyType_Values returns all elements of the SortKeyType enum
40815func SortKeyType_Values() []string {
40816	return []string{
40817		SortKeyTypeServiceNamespaceAscending,
40818		SortKeyTypeServiceNamespaceDescending,
40819		SortKeyTypeLastAuthenticatedTimeAscending,
40820		SortKeyTypeLastAuthenticatedTimeDescending,
40821	}
40822}
40823
40824const (
40825	// StatusTypeActive is a StatusType enum value
40826	StatusTypeActive = "Active"
40827
40828	// StatusTypeInactive is a StatusType enum value
40829	StatusTypeInactive = "Inactive"
40830)
40831
40832// StatusType_Values returns all elements of the StatusType enum
40833func StatusType_Values() []string {
40834	return []string{
40835		StatusTypeActive,
40836		StatusTypeInactive,
40837	}
40838}
40839
40840const (
40841	// SummaryKeyTypeUsers is a SummaryKeyType enum value
40842	SummaryKeyTypeUsers = "Users"
40843
40844	// SummaryKeyTypeUsersQuota is a SummaryKeyType enum value
40845	SummaryKeyTypeUsersQuota = "UsersQuota"
40846
40847	// SummaryKeyTypeGroups is a SummaryKeyType enum value
40848	SummaryKeyTypeGroups = "Groups"
40849
40850	// SummaryKeyTypeGroupsQuota is a SummaryKeyType enum value
40851	SummaryKeyTypeGroupsQuota = "GroupsQuota"
40852
40853	// SummaryKeyTypeServerCertificates is a SummaryKeyType enum value
40854	SummaryKeyTypeServerCertificates = "ServerCertificates"
40855
40856	// SummaryKeyTypeServerCertificatesQuota is a SummaryKeyType enum value
40857	SummaryKeyTypeServerCertificatesQuota = "ServerCertificatesQuota"
40858
40859	// SummaryKeyTypeUserPolicySizeQuota is a SummaryKeyType enum value
40860	SummaryKeyTypeUserPolicySizeQuota = "UserPolicySizeQuota"
40861
40862	// SummaryKeyTypeGroupPolicySizeQuota is a SummaryKeyType enum value
40863	SummaryKeyTypeGroupPolicySizeQuota = "GroupPolicySizeQuota"
40864
40865	// SummaryKeyTypeGroupsPerUserQuota is a SummaryKeyType enum value
40866	SummaryKeyTypeGroupsPerUserQuota = "GroupsPerUserQuota"
40867
40868	// SummaryKeyTypeSigningCertificatesPerUserQuota is a SummaryKeyType enum value
40869	SummaryKeyTypeSigningCertificatesPerUserQuota = "SigningCertificatesPerUserQuota"
40870
40871	// SummaryKeyTypeAccessKeysPerUserQuota is a SummaryKeyType enum value
40872	SummaryKeyTypeAccessKeysPerUserQuota = "AccessKeysPerUserQuota"
40873
40874	// SummaryKeyTypeMfadevices is a SummaryKeyType enum value
40875	SummaryKeyTypeMfadevices = "MFADevices"
40876
40877	// SummaryKeyTypeMfadevicesInUse is a SummaryKeyType enum value
40878	SummaryKeyTypeMfadevicesInUse = "MFADevicesInUse"
40879
40880	// SummaryKeyTypeAccountMfaenabled is a SummaryKeyType enum value
40881	SummaryKeyTypeAccountMfaenabled = "AccountMFAEnabled"
40882
40883	// SummaryKeyTypeAccountAccessKeysPresent is a SummaryKeyType enum value
40884	SummaryKeyTypeAccountAccessKeysPresent = "AccountAccessKeysPresent"
40885
40886	// SummaryKeyTypeAccountSigningCertificatesPresent is a SummaryKeyType enum value
40887	SummaryKeyTypeAccountSigningCertificatesPresent = "AccountSigningCertificatesPresent"
40888
40889	// SummaryKeyTypeAttachedPoliciesPerGroupQuota is a SummaryKeyType enum value
40890	SummaryKeyTypeAttachedPoliciesPerGroupQuota = "AttachedPoliciesPerGroupQuota"
40891
40892	// SummaryKeyTypeAttachedPoliciesPerRoleQuota is a SummaryKeyType enum value
40893	SummaryKeyTypeAttachedPoliciesPerRoleQuota = "AttachedPoliciesPerRoleQuota"
40894
40895	// SummaryKeyTypeAttachedPoliciesPerUserQuota is a SummaryKeyType enum value
40896	SummaryKeyTypeAttachedPoliciesPerUserQuota = "AttachedPoliciesPerUserQuota"
40897
40898	// SummaryKeyTypePolicies is a SummaryKeyType enum value
40899	SummaryKeyTypePolicies = "Policies"
40900
40901	// SummaryKeyTypePoliciesQuota is a SummaryKeyType enum value
40902	SummaryKeyTypePoliciesQuota = "PoliciesQuota"
40903
40904	// SummaryKeyTypePolicySizeQuota is a SummaryKeyType enum value
40905	SummaryKeyTypePolicySizeQuota = "PolicySizeQuota"
40906
40907	// SummaryKeyTypePolicyVersionsInUse is a SummaryKeyType enum value
40908	SummaryKeyTypePolicyVersionsInUse = "PolicyVersionsInUse"
40909
40910	// SummaryKeyTypePolicyVersionsInUseQuota is a SummaryKeyType enum value
40911	SummaryKeyTypePolicyVersionsInUseQuota = "PolicyVersionsInUseQuota"
40912
40913	// SummaryKeyTypeVersionsPerPolicyQuota is a SummaryKeyType enum value
40914	SummaryKeyTypeVersionsPerPolicyQuota = "VersionsPerPolicyQuota"
40915
40916	// SummaryKeyTypeGlobalEndpointTokenVersion is a SummaryKeyType enum value
40917	SummaryKeyTypeGlobalEndpointTokenVersion = "GlobalEndpointTokenVersion"
40918)
40919
40920// SummaryKeyType_Values returns all elements of the SummaryKeyType enum
40921func SummaryKeyType_Values() []string {
40922	return []string{
40923		SummaryKeyTypeUsers,
40924		SummaryKeyTypeUsersQuota,
40925		SummaryKeyTypeGroups,
40926		SummaryKeyTypeGroupsQuota,
40927		SummaryKeyTypeServerCertificates,
40928		SummaryKeyTypeServerCertificatesQuota,
40929		SummaryKeyTypeUserPolicySizeQuota,
40930		SummaryKeyTypeGroupPolicySizeQuota,
40931		SummaryKeyTypeGroupsPerUserQuota,
40932		SummaryKeyTypeSigningCertificatesPerUserQuota,
40933		SummaryKeyTypeAccessKeysPerUserQuota,
40934		SummaryKeyTypeMfadevices,
40935		SummaryKeyTypeMfadevicesInUse,
40936		SummaryKeyTypeAccountMfaenabled,
40937		SummaryKeyTypeAccountAccessKeysPresent,
40938		SummaryKeyTypeAccountSigningCertificatesPresent,
40939		SummaryKeyTypeAttachedPoliciesPerGroupQuota,
40940		SummaryKeyTypeAttachedPoliciesPerRoleQuota,
40941		SummaryKeyTypeAttachedPoliciesPerUserQuota,
40942		SummaryKeyTypePolicies,
40943		SummaryKeyTypePoliciesQuota,
40944		SummaryKeyTypePolicySizeQuota,
40945		SummaryKeyTypePolicyVersionsInUse,
40946		SummaryKeyTypePolicyVersionsInUseQuota,
40947		SummaryKeyTypeVersionsPerPolicyQuota,
40948		SummaryKeyTypeGlobalEndpointTokenVersion,
40949	}
40950}
40951