github.com/aavshr/aws-sdk-go@v1.41.3/service/iam/api.go (about)

     1  // Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT.
     2  
     3  package iam
     4  
     5  import (
     6  	"fmt"
     7  	"time"
     8  
     9  	"github.com/aavshr/aws-sdk-go/aws"
    10  	"github.com/aavshr/aws-sdk-go/aws/awsutil"
    11  	"github.com/aavshr/aws-sdk-go/aws/request"
    12  	"github.com/aavshr/aws-sdk-go/private/protocol"
    13  	"github.com/aavshr/aws-sdk-go/private/protocol/query"
    14  )
    15  
    16  const opAddClientIDToOpenIDConnectProvider = "AddClientIDToOpenIDConnectProvider"
    17  
    18  // AddClientIDToOpenIDConnectProviderRequest generates a "aws/request.Request" representing the
    19  // client's request for the AddClientIDToOpenIDConnectProvider operation. The "output" return
    20  // value will be populated with the request's response once the request completes
    21  // successfully.
    22  //
    23  // Use "Send" method on the returned Request to send the API call to the service.
    24  // the "output" return value is not valid until after Send returns without error.
    25  //
    26  // See AddClientIDToOpenIDConnectProvider for more information on using the AddClientIDToOpenIDConnectProvider
    27  // API call, and error handling.
    28  //
    29  // This method is useful when you want to inject custom logic or configuration
    30  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
    31  //
    32  //
    33  //    // Example sending a request using the AddClientIDToOpenIDConnectProviderRequest method.
    34  //    req, resp := client.AddClientIDToOpenIDConnectProviderRequest(params)
    35  //
    36  //    err := req.Send()
    37  //    if err == nil { // resp is now filled
    38  //        fmt.Println(resp)
    39  //    }
    40  //
    41  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/AddClientIDToOpenIDConnectProvider
    42  func (c *IAM) AddClientIDToOpenIDConnectProviderRequest(input *AddClientIDToOpenIDConnectProviderInput) (req *request.Request, output *AddClientIDToOpenIDConnectProviderOutput) {
    43  	op := &request.Operation{
    44  		Name:       opAddClientIDToOpenIDConnectProvider,
    45  		HTTPMethod: "POST",
    46  		HTTPPath:   "/",
    47  	}
    48  
    49  	if input == nil {
    50  		input = &AddClientIDToOpenIDConnectProviderInput{}
    51  	}
    52  
    53  	output = &AddClientIDToOpenIDConnectProviderOutput{}
    54  	req = c.newRequest(op, input, output)
    55  	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
    56  	return
    57  }
    58  
    59  // AddClientIDToOpenIDConnectProvider API operation for AWS Identity and Access Management.
    60  //
    61  // Adds a new client ID (also known as audience) to the list of client IDs already
    62  // registered for the specified IAM OpenID Connect (OIDC) provider resource.
    63  //
    64  // This operation is idempotent; it does not fail or return an error if you
    65  // add an existing client ID to the provider.
    66  //
    67  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
    68  // with awserr.Error's Code and Message methods to get detailed information about
    69  // the error.
    70  //
    71  // See the AWS API reference guide for AWS Identity and Access Management's
    72  // API operation AddClientIDToOpenIDConnectProvider for usage and error information.
    73  //
    74  // Returned Error Codes:
    75  //   * ErrCodeInvalidInputException "InvalidInput"
    76  //   The request was rejected because an invalid or out-of-range value was supplied
    77  //   for an input parameter.
    78  //
    79  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
    80  //   The request was rejected because it referenced a resource entity that does
    81  //   not exist. The error message describes the resource.
    82  //
    83  //   * ErrCodeLimitExceededException "LimitExceeded"
    84  //   The request was rejected because it attempted to create resources beyond
    85  //   the current Amazon Web Services account limits. The error message describes
    86  //   the limit exceeded.
    87  //
    88  //   * ErrCodeServiceFailureException "ServiceFailure"
    89  //   The request processing has failed because of an unknown error, exception
    90  //   or failure.
    91  //
    92  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/AddClientIDToOpenIDConnectProvider
    93  func (c *IAM) AddClientIDToOpenIDConnectProvider(input *AddClientIDToOpenIDConnectProviderInput) (*AddClientIDToOpenIDConnectProviderOutput, error) {
    94  	req, out := c.AddClientIDToOpenIDConnectProviderRequest(input)
    95  	return out, req.Send()
    96  }
    97  
    98  // AddClientIDToOpenIDConnectProviderWithContext is the same as AddClientIDToOpenIDConnectProvider with the addition of
    99  // the ability to pass a context and additional request options.
   100  //
   101  // See AddClientIDToOpenIDConnectProvider for details on how to use this API operation.
   102  //
   103  // The context must be non-nil and will be used for request cancellation. If
   104  // the context is nil a panic will occur. In the future the SDK may create
   105  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
   106  // for more information on using Contexts.
   107  func (c *IAM) AddClientIDToOpenIDConnectProviderWithContext(ctx aws.Context, input *AddClientIDToOpenIDConnectProviderInput, opts ...request.Option) (*AddClientIDToOpenIDConnectProviderOutput, error) {
   108  	req, out := c.AddClientIDToOpenIDConnectProviderRequest(input)
   109  	req.SetContext(ctx)
   110  	req.ApplyOptions(opts...)
   111  	return out, req.Send()
   112  }
   113  
   114  const opAddRoleToInstanceProfile = "AddRoleToInstanceProfile"
   115  
   116  // AddRoleToInstanceProfileRequest generates a "aws/request.Request" representing the
   117  // client's request for the AddRoleToInstanceProfile operation. The "output" return
   118  // value will be populated with the request's response once the request completes
   119  // successfully.
   120  //
   121  // Use "Send" method on the returned Request to send the API call to the service.
   122  // the "output" return value is not valid until after Send returns without error.
   123  //
   124  // See AddRoleToInstanceProfile for more information on using the AddRoleToInstanceProfile
   125  // API call, and error handling.
   126  //
   127  // This method is useful when you want to inject custom logic or configuration
   128  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
   129  //
   130  //
   131  //    // Example sending a request using the AddRoleToInstanceProfileRequest method.
   132  //    req, resp := client.AddRoleToInstanceProfileRequest(params)
   133  //
   134  //    err := req.Send()
   135  //    if err == nil { // resp is now filled
   136  //        fmt.Println(resp)
   137  //    }
   138  //
   139  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/AddRoleToInstanceProfile
   140  func (c *IAM) AddRoleToInstanceProfileRequest(input *AddRoleToInstanceProfileInput) (req *request.Request, output *AddRoleToInstanceProfileOutput) {
   141  	op := &request.Operation{
   142  		Name:       opAddRoleToInstanceProfile,
   143  		HTTPMethod: "POST",
   144  		HTTPPath:   "/",
   145  	}
   146  
   147  	if input == nil {
   148  		input = &AddRoleToInstanceProfileInput{}
   149  	}
   150  
   151  	output = &AddRoleToInstanceProfileOutput{}
   152  	req = c.newRequest(op, input, output)
   153  	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
   154  	return
   155  }
   156  
   157  // AddRoleToInstanceProfile API operation for AWS Identity and Access Management.
   158  //
   159  // Adds the specified IAM role to the specified instance profile. An instance
   160  // profile can contain only one role, and this quota cannot be increased. You
   161  // can remove the existing role and then add a different role to an instance
   162  // profile. You must then wait for the change to appear across all of Amazon
   163  // Web Services because of eventual consistency (https://en.wikipedia.org/wiki/Eventual_consistency).
   164  // To force the change, you must disassociate the instance profile (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DisassociateIamInstanceProfile.html)
   165  // and then associate the instance profile (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AssociateIamInstanceProfile.html),
   166  // or you can stop your instance and then restart it.
   167  //
   168  // The caller of this operation must be granted the PassRole permission on the
   169  // IAM role by a permissions policy.
   170  //
   171  // For more information about roles, see Working with roles (https://docs.aws.amazon.com/IAM/latest/UserGuide/WorkingWithRoles.html).
   172  // For more information about instance profiles, see About instance profiles
   173  // (https://docs.aws.amazon.com/IAM/latest/UserGuide/AboutInstanceProfiles.html).
   174  //
   175  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
   176  // with awserr.Error's Code and Message methods to get detailed information about
   177  // the error.
   178  //
   179  // See the AWS API reference guide for AWS Identity and Access Management's
   180  // API operation AddRoleToInstanceProfile for usage and error information.
   181  //
   182  // Returned Error Codes:
   183  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
   184  //   The request was rejected because it referenced a resource entity that does
   185  //   not exist. The error message describes the resource.
   186  //
   187  //   * ErrCodeEntityAlreadyExistsException "EntityAlreadyExists"
   188  //   The request was rejected because it attempted to create a resource that already
   189  //   exists.
   190  //
   191  //   * ErrCodeLimitExceededException "LimitExceeded"
   192  //   The request was rejected because it attempted to create resources beyond
   193  //   the current Amazon Web Services account limits. The error message describes
   194  //   the limit exceeded.
   195  //
   196  //   * ErrCodeUnmodifiableEntityException "UnmodifiableEntity"
   197  //   The request was rejected because only the service that depends on the service-linked
   198  //   role can modify or delete the role on your behalf. The error message includes
   199  //   the name of the service that depends on this service-linked role. You must
   200  //   request the change through that service.
   201  //
   202  //   * ErrCodeServiceFailureException "ServiceFailure"
   203  //   The request processing has failed because of an unknown error, exception
   204  //   or failure.
   205  //
   206  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/AddRoleToInstanceProfile
   207  func (c *IAM) AddRoleToInstanceProfile(input *AddRoleToInstanceProfileInput) (*AddRoleToInstanceProfileOutput, error) {
   208  	req, out := c.AddRoleToInstanceProfileRequest(input)
   209  	return out, req.Send()
   210  }
   211  
   212  // AddRoleToInstanceProfileWithContext is the same as AddRoleToInstanceProfile with the addition of
   213  // the ability to pass a context and additional request options.
   214  //
   215  // See AddRoleToInstanceProfile for details on how to use this API operation.
   216  //
   217  // The context must be non-nil and will be used for request cancellation. If
   218  // the context is nil a panic will occur. In the future the SDK may create
   219  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
   220  // for more information on using Contexts.
   221  func (c *IAM) AddRoleToInstanceProfileWithContext(ctx aws.Context, input *AddRoleToInstanceProfileInput, opts ...request.Option) (*AddRoleToInstanceProfileOutput, error) {
   222  	req, out := c.AddRoleToInstanceProfileRequest(input)
   223  	req.SetContext(ctx)
   224  	req.ApplyOptions(opts...)
   225  	return out, req.Send()
   226  }
   227  
   228  const opAddUserToGroup = "AddUserToGroup"
   229  
   230  // AddUserToGroupRequest generates a "aws/request.Request" representing the
   231  // client's request for the AddUserToGroup operation. The "output" return
   232  // value will be populated with the request's response once the request completes
   233  // successfully.
   234  //
   235  // Use "Send" method on the returned Request to send the API call to the service.
   236  // the "output" return value is not valid until after Send returns without error.
   237  //
   238  // See AddUserToGroup for more information on using the AddUserToGroup
   239  // API call, and error handling.
   240  //
   241  // This method is useful when you want to inject custom logic or configuration
   242  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
   243  //
   244  //
   245  //    // Example sending a request using the AddUserToGroupRequest method.
   246  //    req, resp := client.AddUserToGroupRequest(params)
   247  //
   248  //    err := req.Send()
   249  //    if err == nil { // resp is now filled
   250  //        fmt.Println(resp)
   251  //    }
   252  //
   253  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/AddUserToGroup
   254  func (c *IAM) AddUserToGroupRequest(input *AddUserToGroupInput) (req *request.Request, output *AddUserToGroupOutput) {
   255  	op := &request.Operation{
   256  		Name:       opAddUserToGroup,
   257  		HTTPMethod: "POST",
   258  		HTTPPath:   "/",
   259  	}
   260  
   261  	if input == nil {
   262  		input = &AddUserToGroupInput{}
   263  	}
   264  
   265  	output = &AddUserToGroupOutput{}
   266  	req = c.newRequest(op, input, output)
   267  	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
   268  	return
   269  }
   270  
   271  // AddUserToGroup API operation for AWS Identity and Access Management.
   272  //
   273  // Adds the specified user to the specified group.
   274  //
   275  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
   276  // with awserr.Error's Code and Message methods to get detailed information about
   277  // the error.
   278  //
   279  // See the AWS API reference guide for AWS Identity and Access Management's
   280  // API operation AddUserToGroup for usage and error information.
   281  //
   282  // Returned Error Codes:
   283  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
   284  //   The request was rejected because it referenced a resource entity that does
   285  //   not exist. The error message describes the resource.
   286  //
   287  //   * ErrCodeLimitExceededException "LimitExceeded"
   288  //   The request was rejected because it attempted to create resources beyond
   289  //   the current Amazon Web Services account limits. The error message describes
   290  //   the limit exceeded.
   291  //
   292  //   * ErrCodeServiceFailureException "ServiceFailure"
   293  //   The request processing has failed because of an unknown error, exception
   294  //   or failure.
   295  //
   296  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/AddUserToGroup
   297  func (c *IAM) AddUserToGroup(input *AddUserToGroupInput) (*AddUserToGroupOutput, error) {
   298  	req, out := c.AddUserToGroupRequest(input)
   299  	return out, req.Send()
   300  }
   301  
   302  // AddUserToGroupWithContext is the same as AddUserToGroup with the addition of
   303  // the ability to pass a context and additional request options.
   304  //
   305  // See AddUserToGroup for details on how to use this API operation.
   306  //
   307  // The context must be non-nil and will be used for request cancellation. If
   308  // the context is nil a panic will occur. In the future the SDK may create
   309  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
   310  // for more information on using Contexts.
   311  func (c *IAM) AddUserToGroupWithContext(ctx aws.Context, input *AddUserToGroupInput, opts ...request.Option) (*AddUserToGroupOutput, error) {
   312  	req, out := c.AddUserToGroupRequest(input)
   313  	req.SetContext(ctx)
   314  	req.ApplyOptions(opts...)
   315  	return out, req.Send()
   316  }
   317  
   318  const opAttachGroupPolicy = "AttachGroupPolicy"
   319  
   320  // AttachGroupPolicyRequest generates a "aws/request.Request" representing the
   321  // client's request for the AttachGroupPolicy operation. The "output" return
   322  // value will be populated with the request's response once the request completes
   323  // successfully.
   324  //
   325  // Use "Send" method on the returned Request to send the API call to the service.
   326  // the "output" return value is not valid until after Send returns without error.
   327  //
   328  // See AttachGroupPolicy for more information on using the AttachGroupPolicy
   329  // API call, and error handling.
   330  //
   331  // This method is useful when you want to inject custom logic or configuration
   332  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
   333  //
   334  //
   335  //    // Example sending a request using the AttachGroupPolicyRequest method.
   336  //    req, resp := client.AttachGroupPolicyRequest(params)
   337  //
   338  //    err := req.Send()
   339  //    if err == nil { // resp is now filled
   340  //        fmt.Println(resp)
   341  //    }
   342  //
   343  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/AttachGroupPolicy
   344  func (c *IAM) AttachGroupPolicyRequest(input *AttachGroupPolicyInput) (req *request.Request, output *AttachGroupPolicyOutput) {
   345  	op := &request.Operation{
   346  		Name:       opAttachGroupPolicy,
   347  		HTTPMethod: "POST",
   348  		HTTPPath:   "/",
   349  	}
   350  
   351  	if input == nil {
   352  		input = &AttachGroupPolicyInput{}
   353  	}
   354  
   355  	output = &AttachGroupPolicyOutput{}
   356  	req = c.newRequest(op, input, output)
   357  	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
   358  	return
   359  }
   360  
   361  // AttachGroupPolicy API operation for AWS Identity and Access Management.
   362  //
   363  // Attaches the specified managed policy to the specified IAM group.
   364  //
   365  // You use this operation to attach a managed policy to a group. To embed an
   366  // inline policy in a group, use PutGroupPolicy.
   367  //
   368  // As a best practice, you can validate your IAM policies. To learn more, see
   369  // Validating IAM policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_policy-validator.html)
   370  // in the IAM User Guide.
   371  //
   372  // For more information about policies, see Managed policies and inline policies
   373  // (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
   374  // in the IAM User Guide.
   375  //
   376  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
   377  // with awserr.Error's Code and Message methods to get detailed information about
   378  // the error.
   379  //
   380  // See the AWS API reference guide for AWS Identity and Access Management's
   381  // API operation AttachGroupPolicy for usage and error information.
   382  //
   383  // Returned Error Codes:
   384  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
   385  //   The request was rejected because it referenced a resource entity that does
   386  //   not exist. The error message describes the resource.
   387  //
   388  //   * ErrCodeLimitExceededException "LimitExceeded"
   389  //   The request was rejected because it attempted to create resources beyond
   390  //   the current Amazon Web Services account limits. The error message describes
   391  //   the limit exceeded.
   392  //
   393  //   * ErrCodeInvalidInputException "InvalidInput"
   394  //   The request was rejected because an invalid or out-of-range value was supplied
   395  //   for an input parameter.
   396  //
   397  //   * ErrCodePolicyNotAttachableException "PolicyNotAttachable"
   398  //   The request failed because Amazon Web Services service role policies can
   399  //   only be attached to the service-linked role for that service.
   400  //
   401  //   * ErrCodeServiceFailureException "ServiceFailure"
   402  //   The request processing has failed because of an unknown error, exception
   403  //   or failure.
   404  //
   405  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/AttachGroupPolicy
   406  func (c *IAM) AttachGroupPolicy(input *AttachGroupPolicyInput) (*AttachGroupPolicyOutput, error) {
   407  	req, out := c.AttachGroupPolicyRequest(input)
   408  	return out, req.Send()
   409  }
   410  
   411  // AttachGroupPolicyWithContext is the same as AttachGroupPolicy with the addition of
   412  // the ability to pass a context and additional request options.
   413  //
   414  // See AttachGroupPolicy for details on how to use this API operation.
   415  //
   416  // The context must be non-nil and will be used for request cancellation. If
   417  // the context is nil a panic will occur. In the future the SDK may create
   418  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
   419  // for more information on using Contexts.
   420  func (c *IAM) AttachGroupPolicyWithContext(ctx aws.Context, input *AttachGroupPolicyInput, opts ...request.Option) (*AttachGroupPolicyOutput, error) {
   421  	req, out := c.AttachGroupPolicyRequest(input)
   422  	req.SetContext(ctx)
   423  	req.ApplyOptions(opts...)
   424  	return out, req.Send()
   425  }
   426  
   427  const opAttachRolePolicy = "AttachRolePolicy"
   428  
   429  // AttachRolePolicyRequest generates a "aws/request.Request" representing the
   430  // client's request for the AttachRolePolicy operation. The "output" return
   431  // value will be populated with the request's response once the request completes
   432  // successfully.
   433  //
   434  // Use "Send" method on the returned Request to send the API call to the service.
   435  // the "output" return value is not valid until after Send returns without error.
   436  //
   437  // See AttachRolePolicy for more information on using the AttachRolePolicy
   438  // API call, and error handling.
   439  //
   440  // This method is useful when you want to inject custom logic or configuration
   441  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
   442  //
   443  //
   444  //    // Example sending a request using the AttachRolePolicyRequest method.
   445  //    req, resp := client.AttachRolePolicyRequest(params)
   446  //
   447  //    err := req.Send()
   448  //    if err == nil { // resp is now filled
   449  //        fmt.Println(resp)
   450  //    }
   451  //
   452  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/AttachRolePolicy
   453  func (c *IAM) AttachRolePolicyRequest(input *AttachRolePolicyInput) (req *request.Request, output *AttachRolePolicyOutput) {
   454  	op := &request.Operation{
   455  		Name:       opAttachRolePolicy,
   456  		HTTPMethod: "POST",
   457  		HTTPPath:   "/",
   458  	}
   459  
   460  	if input == nil {
   461  		input = &AttachRolePolicyInput{}
   462  	}
   463  
   464  	output = &AttachRolePolicyOutput{}
   465  	req = c.newRequest(op, input, output)
   466  	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
   467  	return
   468  }
   469  
   470  // AttachRolePolicy API operation for AWS Identity and Access Management.
   471  //
   472  // Attaches the specified managed policy to the specified IAM role. When you
   473  // attach a managed policy to a role, the managed policy becomes part of the
   474  // role's permission (access) policy.
   475  //
   476  // You cannot use a managed policy as the role's trust policy. The role's trust
   477  // policy is created at the same time as the role, using CreateRole. You can
   478  // update a role's trust policy using UpdateAssumeRolePolicy.
   479  //
   480  // Use this operation to attach a managed policy to a role. To embed an inline
   481  // policy in a role, use PutRolePolicy. For more information about policies,
   482  // see Managed policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
   483  // in the IAM User Guide.
   484  //
   485  // As a best practice, you can validate your IAM policies. To learn more, see
   486  // Validating IAM policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_policy-validator.html)
   487  // in the IAM User Guide.
   488  //
   489  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
   490  // with awserr.Error's Code and Message methods to get detailed information about
   491  // the error.
   492  //
   493  // See the AWS API reference guide for AWS Identity and Access Management's
   494  // API operation AttachRolePolicy for usage and error information.
   495  //
   496  // Returned Error Codes:
   497  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
   498  //   The request was rejected because it referenced a resource entity that does
   499  //   not exist. The error message describes the resource.
   500  //
   501  //   * ErrCodeLimitExceededException "LimitExceeded"
   502  //   The request was rejected because it attempted to create resources beyond
   503  //   the current Amazon Web Services account limits. The error message describes
   504  //   the limit exceeded.
   505  //
   506  //   * ErrCodeInvalidInputException "InvalidInput"
   507  //   The request was rejected because an invalid or out-of-range value was supplied
   508  //   for an input parameter.
   509  //
   510  //   * ErrCodeUnmodifiableEntityException "UnmodifiableEntity"
   511  //   The request was rejected because only the service that depends on the service-linked
   512  //   role can modify or delete the role on your behalf. The error message includes
   513  //   the name of the service that depends on this service-linked role. You must
   514  //   request the change through that service.
   515  //
   516  //   * ErrCodePolicyNotAttachableException "PolicyNotAttachable"
   517  //   The request failed because Amazon Web Services service role policies can
   518  //   only be attached to the service-linked role for that service.
   519  //
   520  //   * ErrCodeServiceFailureException "ServiceFailure"
   521  //   The request processing has failed because of an unknown error, exception
   522  //   or failure.
   523  //
   524  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/AttachRolePolicy
   525  func (c *IAM) AttachRolePolicy(input *AttachRolePolicyInput) (*AttachRolePolicyOutput, error) {
   526  	req, out := c.AttachRolePolicyRequest(input)
   527  	return out, req.Send()
   528  }
   529  
   530  // AttachRolePolicyWithContext is the same as AttachRolePolicy with the addition of
   531  // the ability to pass a context and additional request options.
   532  //
   533  // See AttachRolePolicy for details on how to use this API operation.
   534  //
   535  // The context must be non-nil and will be used for request cancellation. If
   536  // the context is nil a panic will occur. In the future the SDK may create
   537  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
   538  // for more information on using Contexts.
   539  func (c *IAM) AttachRolePolicyWithContext(ctx aws.Context, input *AttachRolePolicyInput, opts ...request.Option) (*AttachRolePolicyOutput, error) {
   540  	req, out := c.AttachRolePolicyRequest(input)
   541  	req.SetContext(ctx)
   542  	req.ApplyOptions(opts...)
   543  	return out, req.Send()
   544  }
   545  
   546  const opAttachUserPolicy = "AttachUserPolicy"
   547  
   548  // AttachUserPolicyRequest generates a "aws/request.Request" representing the
   549  // client's request for the AttachUserPolicy operation. The "output" return
   550  // value will be populated with the request's response once the request completes
   551  // successfully.
   552  //
   553  // Use "Send" method on the returned Request to send the API call to the service.
   554  // the "output" return value is not valid until after Send returns without error.
   555  //
   556  // See AttachUserPolicy for more information on using the AttachUserPolicy
   557  // API call, and error handling.
   558  //
   559  // This method is useful when you want to inject custom logic or configuration
   560  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
   561  //
   562  //
   563  //    // Example sending a request using the AttachUserPolicyRequest method.
   564  //    req, resp := client.AttachUserPolicyRequest(params)
   565  //
   566  //    err := req.Send()
   567  //    if err == nil { // resp is now filled
   568  //        fmt.Println(resp)
   569  //    }
   570  //
   571  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/AttachUserPolicy
   572  func (c *IAM) AttachUserPolicyRequest(input *AttachUserPolicyInput) (req *request.Request, output *AttachUserPolicyOutput) {
   573  	op := &request.Operation{
   574  		Name:       opAttachUserPolicy,
   575  		HTTPMethod: "POST",
   576  		HTTPPath:   "/",
   577  	}
   578  
   579  	if input == nil {
   580  		input = &AttachUserPolicyInput{}
   581  	}
   582  
   583  	output = &AttachUserPolicyOutput{}
   584  	req = c.newRequest(op, input, output)
   585  	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
   586  	return
   587  }
   588  
   589  // AttachUserPolicy API operation for AWS Identity and Access Management.
   590  //
   591  // Attaches the specified managed policy to the specified user.
   592  //
   593  // You use this operation to attach a managed policy to a user. To embed an
   594  // inline policy in a user, use PutUserPolicy.
   595  //
   596  // As a best practice, you can validate your IAM policies. To learn more, see
   597  // Validating IAM policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_policy-validator.html)
   598  // in the IAM User Guide.
   599  //
   600  // For more information about policies, see Managed policies and inline policies
   601  // (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
   602  // in the IAM User Guide.
   603  //
   604  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
   605  // with awserr.Error's Code and Message methods to get detailed information about
   606  // the error.
   607  //
   608  // See the AWS API reference guide for AWS Identity and Access Management's
   609  // API operation AttachUserPolicy for usage and error information.
   610  //
   611  // Returned Error Codes:
   612  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
   613  //   The request was rejected because it referenced a resource entity that does
   614  //   not exist. The error message describes the resource.
   615  //
   616  //   * ErrCodeLimitExceededException "LimitExceeded"
   617  //   The request was rejected because it attempted to create resources beyond
   618  //   the current Amazon Web Services account limits. The error message describes
   619  //   the limit exceeded.
   620  //
   621  //   * ErrCodeInvalidInputException "InvalidInput"
   622  //   The request was rejected because an invalid or out-of-range value was supplied
   623  //   for an input parameter.
   624  //
   625  //   * ErrCodePolicyNotAttachableException "PolicyNotAttachable"
   626  //   The request failed because Amazon Web Services service role policies can
   627  //   only be attached to the service-linked role for that service.
   628  //
   629  //   * ErrCodeServiceFailureException "ServiceFailure"
   630  //   The request processing has failed because of an unknown error, exception
   631  //   or failure.
   632  //
   633  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/AttachUserPolicy
   634  func (c *IAM) AttachUserPolicy(input *AttachUserPolicyInput) (*AttachUserPolicyOutput, error) {
   635  	req, out := c.AttachUserPolicyRequest(input)
   636  	return out, req.Send()
   637  }
   638  
   639  // AttachUserPolicyWithContext is the same as AttachUserPolicy with the addition of
   640  // the ability to pass a context and additional request options.
   641  //
   642  // See AttachUserPolicy for details on how to use this API operation.
   643  //
   644  // The context must be non-nil and will be used for request cancellation. If
   645  // the context is nil a panic will occur. In the future the SDK may create
   646  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
   647  // for more information on using Contexts.
   648  func (c *IAM) AttachUserPolicyWithContext(ctx aws.Context, input *AttachUserPolicyInput, opts ...request.Option) (*AttachUserPolicyOutput, error) {
   649  	req, out := c.AttachUserPolicyRequest(input)
   650  	req.SetContext(ctx)
   651  	req.ApplyOptions(opts...)
   652  	return out, req.Send()
   653  }
   654  
   655  const opChangePassword = "ChangePassword"
   656  
   657  // ChangePasswordRequest generates a "aws/request.Request" representing the
   658  // client's request for the ChangePassword operation. The "output" return
   659  // value will be populated with the request's response once the request completes
   660  // successfully.
   661  //
   662  // Use "Send" method on the returned Request to send the API call to the service.
   663  // the "output" return value is not valid until after Send returns without error.
   664  //
   665  // See ChangePassword for more information on using the ChangePassword
   666  // API call, and error handling.
   667  //
   668  // This method is useful when you want to inject custom logic or configuration
   669  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
   670  //
   671  //
   672  //    // Example sending a request using the ChangePasswordRequest method.
   673  //    req, resp := client.ChangePasswordRequest(params)
   674  //
   675  //    err := req.Send()
   676  //    if err == nil { // resp is now filled
   677  //        fmt.Println(resp)
   678  //    }
   679  //
   680  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ChangePassword
   681  func (c *IAM) ChangePasswordRequest(input *ChangePasswordInput) (req *request.Request, output *ChangePasswordOutput) {
   682  	op := &request.Operation{
   683  		Name:       opChangePassword,
   684  		HTTPMethod: "POST",
   685  		HTTPPath:   "/",
   686  	}
   687  
   688  	if input == nil {
   689  		input = &ChangePasswordInput{}
   690  	}
   691  
   692  	output = &ChangePasswordOutput{}
   693  	req = c.newRequest(op, input, output)
   694  	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
   695  	return
   696  }
   697  
   698  // ChangePassword API operation for AWS Identity and Access Management.
   699  //
   700  // Changes the password of the IAM user who is calling this operation. This
   701  // operation can be performed using the CLI, the Amazon Web Services API, or
   702  // the My Security Credentials page in the Amazon Web Services Management Console.
   703  // The Amazon Web Services account root user password is not affected by this
   704  // operation.
   705  //
   706  // Use UpdateLoginProfile to use the CLI, the Amazon Web Services API, or the
   707  // Users page in the IAM console to change the password for any IAM user. For
   708  // more information about modifying passwords, see Managing passwords (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_ManagingLogins.html)
   709  // in the IAM User Guide.
   710  //
   711  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
   712  // with awserr.Error's Code and Message methods to get detailed information about
   713  // the error.
   714  //
   715  // See the AWS API reference guide for AWS Identity and Access Management's
   716  // API operation ChangePassword for usage and error information.
   717  //
   718  // Returned Error Codes:
   719  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
   720  //   The request was rejected because it referenced a resource entity that does
   721  //   not exist. The error message describes the resource.
   722  //
   723  //   * ErrCodeInvalidUserTypeException "InvalidUserType"
   724  //   The request was rejected because the type of user for the transaction was
   725  //   incorrect.
   726  //
   727  //   * ErrCodeLimitExceededException "LimitExceeded"
   728  //   The request was rejected because it attempted to create resources beyond
   729  //   the current Amazon Web Services account limits. The error message describes
   730  //   the limit exceeded.
   731  //
   732  //   * ErrCodeEntityTemporarilyUnmodifiableException "EntityTemporarilyUnmodifiable"
   733  //   The request was rejected because it referenced an entity that is temporarily
   734  //   unmodifiable, such as a user name that was deleted and then recreated. The
   735  //   error indicates that the request is likely to succeed if you try again after
   736  //   waiting several minutes. The error message describes the entity.
   737  //
   738  //   * ErrCodePasswordPolicyViolationException "PasswordPolicyViolation"
   739  //   The request was rejected because the provided password did not meet the requirements
   740  //   imposed by the account password policy.
   741  //
   742  //   * ErrCodeServiceFailureException "ServiceFailure"
   743  //   The request processing has failed because of an unknown error, exception
   744  //   or failure.
   745  //
   746  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ChangePassword
   747  func (c *IAM) ChangePassword(input *ChangePasswordInput) (*ChangePasswordOutput, error) {
   748  	req, out := c.ChangePasswordRequest(input)
   749  	return out, req.Send()
   750  }
   751  
   752  // ChangePasswordWithContext is the same as ChangePassword with the addition of
   753  // the ability to pass a context and additional request options.
   754  //
   755  // See ChangePassword for details on how to use this API operation.
   756  //
   757  // The context must be non-nil and will be used for request cancellation. If
   758  // the context is nil a panic will occur. In the future the SDK may create
   759  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
   760  // for more information on using Contexts.
   761  func (c *IAM) ChangePasswordWithContext(ctx aws.Context, input *ChangePasswordInput, opts ...request.Option) (*ChangePasswordOutput, error) {
   762  	req, out := c.ChangePasswordRequest(input)
   763  	req.SetContext(ctx)
   764  	req.ApplyOptions(opts...)
   765  	return out, req.Send()
   766  }
   767  
   768  const opCreateAccessKey = "CreateAccessKey"
   769  
   770  // CreateAccessKeyRequest generates a "aws/request.Request" representing the
   771  // client's request for the CreateAccessKey operation. The "output" return
   772  // value will be populated with the request's response once the request completes
   773  // successfully.
   774  //
   775  // Use "Send" method on the returned Request to send the API call to the service.
   776  // the "output" return value is not valid until after Send returns without error.
   777  //
   778  // See CreateAccessKey for more information on using the CreateAccessKey
   779  // API call, and error handling.
   780  //
   781  // This method is useful when you want to inject custom logic or configuration
   782  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
   783  //
   784  //
   785  //    // Example sending a request using the CreateAccessKeyRequest method.
   786  //    req, resp := client.CreateAccessKeyRequest(params)
   787  //
   788  //    err := req.Send()
   789  //    if err == nil { // resp is now filled
   790  //        fmt.Println(resp)
   791  //    }
   792  //
   793  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateAccessKey
   794  func (c *IAM) CreateAccessKeyRequest(input *CreateAccessKeyInput) (req *request.Request, output *CreateAccessKeyOutput) {
   795  	op := &request.Operation{
   796  		Name:       opCreateAccessKey,
   797  		HTTPMethod: "POST",
   798  		HTTPPath:   "/",
   799  	}
   800  
   801  	if input == nil {
   802  		input = &CreateAccessKeyInput{}
   803  	}
   804  
   805  	output = &CreateAccessKeyOutput{}
   806  	req = c.newRequest(op, input, output)
   807  	return
   808  }
   809  
   810  // CreateAccessKey API operation for AWS Identity and Access Management.
   811  //
   812  // Creates a new Amazon Web Services secret access key and corresponding Amazon
   813  // Web Services access key ID for the specified user. The default status for
   814  // new keys is Active.
   815  //
   816  // If you do not specify a user name, IAM determines the user name implicitly
   817  // based on the Amazon Web Services access key ID signing the request. This
   818  // operation works for access keys under the Amazon Web Services account. Consequently,
   819  // you can use this operation to manage Amazon Web Services account root user
   820  // credentials. This is true even if the Amazon Web Services account has no
   821  // associated users.
   822  //
   823  // For information about quotas on the number of keys you can create, see IAM
   824  // and STS quotas (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html)
   825  // in the IAM User Guide.
   826  //
   827  // To ensure the security of your Amazon Web Services account, the secret access
   828  // key is accessible only during key and user creation. You must save the key
   829  // (for example, in a text file) if you want to be able to access it again.
   830  // If a secret key is lost, you can delete the access keys for the associated
   831  // user and then create new keys.
   832  //
   833  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
   834  // with awserr.Error's Code and Message methods to get detailed information about
   835  // the error.
   836  //
   837  // See the AWS API reference guide for AWS Identity and Access Management's
   838  // API operation CreateAccessKey for usage and error information.
   839  //
   840  // Returned Error Codes:
   841  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
   842  //   The request was rejected because it referenced a resource entity that does
   843  //   not exist. The error message describes the resource.
   844  //
   845  //   * ErrCodeLimitExceededException "LimitExceeded"
   846  //   The request was rejected because it attempted to create resources beyond
   847  //   the current Amazon Web Services account limits. The error message describes
   848  //   the limit exceeded.
   849  //
   850  //   * ErrCodeServiceFailureException "ServiceFailure"
   851  //   The request processing has failed because of an unknown error, exception
   852  //   or failure.
   853  //
   854  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateAccessKey
   855  func (c *IAM) CreateAccessKey(input *CreateAccessKeyInput) (*CreateAccessKeyOutput, error) {
   856  	req, out := c.CreateAccessKeyRequest(input)
   857  	return out, req.Send()
   858  }
   859  
   860  // CreateAccessKeyWithContext is the same as CreateAccessKey with the addition of
   861  // the ability to pass a context and additional request options.
   862  //
   863  // See CreateAccessKey for details on how to use this API operation.
   864  //
   865  // The context must be non-nil and will be used for request cancellation. If
   866  // the context is nil a panic will occur. In the future the SDK may create
   867  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
   868  // for more information on using Contexts.
   869  func (c *IAM) CreateAccessKeyWithContext(ctx aws.Context, input *CreateAccessKeyInput, opts ...request.Option) (*CreateAccessKeyOutput, error) {
   870  	req, out := c.CreateAccessKeyRequest(input)
   871  	req.SetContext(ctx)
   872  	req.ApplyOptions(opts...)
   873  	return out, req.Send()
   874  }
   875  
   876  const opCreateAccountAlias = "CreateAccountAlias"
   877  
   878  // CreateAccountAliasRequest generates a "aws/request.Request" representing the
   879  // client's request for the CreateAccountAlias operation. The "output" return
   880  // value will be populated with the request's response once the request completes
   881  // successfully.
   882  //
   883  // Use "Send" method on the returned Request to send the API call to the service.
   884  // the "output" return value is not valid until after Send returns without error.
   885  //
   886  // See CreateAccountAlias for more information on using the CreateAccountAlias
   887  // API call, and error handling.
   888  //
   889  // This method is useful when you want to inject custom logic or configuration
   890  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
   891  //
   892  //
   893  //    // Example sending a request using the CreateAccountAliasRequest method.
   894  //    req, resp := client.CreateAccountAliasRequest(params)
   895  //
   896  //    err := req.Send()
   897  //    if err == nil { // resp is now filled
   898  //        fmt.Println(resp)
   899  //    }
   900  //
   901  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateAccountAlias
   902  func (c *IAM) CreateAccountAliasRequest(input *CreateAccountAliasInput) (req *request.Request, output *CreateAccountAliasOutput) {
   903  	op := &request.Operation{
   904  		Name:       opCreateAccountAlias,
   905  		HTTPMethod: "POST",
   906  		HTTPPath:   "/",
   907  	}
   908  
   909  	if input == nil {
   910  		input = &CreateAccountAliasInput{}
   911  	}
   912  
   913  	output = &CreateAccountAliasOutput{}
   914  	req = c.newRequest(op, input, output)
   915  	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
   916  	return
   917  }
   918  
   919  // CreateAccountAlias API operation for AWS Identity and Access Management.
   920  //
   921  // Creates an alias for your Amazon Web Services account. For information about
   922  // using an Amazon Web Services account alias, see Using an alias for your Amazon
   923  // Web Services account ID (https://docs.aws.amazon.com/IAM/latest/UserGuide/AccountAlias.html)
   924  // in the IAM User Guide.
   925  //
   926  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
   927  // with awserr.Error's Code and Message methods to get detailed information about
   928  // the error.
   929  //
   930  // See the AWS API reference guide for AWS Identity and Access Management's
   931  // API operation CreateAccountAlias for usage and error information.
   932  //
   933  // Returned Error Codes:
   934  //   * ErrCodeEntityAlreadyExistsException "EntityAlreadyExists"
   935  //   The request was rejected because it attempted to create a resource that already
   936  //   exists.
   937  //
   938  //   * ErrCodeLimitExceededException "LimitExceeded"
   939  //   The request was rejected because it attempted to create resources beyond
   940  //   the current Amazon Web Services account limits. The error message describes
   941  //   the limit exceeded.
   942  //
   943  //   * ErrCodeServiceFailureException "ServiceFailure"
   944  //   The request processing has failed because of an unknown error, exception
   945  //   or failure.
   946  //
   947  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateAccountAlias
   948  func (c *IAM) CreateAccountAlias(input *CreateAccountAliasInput) (*CreateAccountAliasOutput, error) {
   949  	req, out := c.CreateAccountAliasRequest(input)
   950  	return out, req.Send()
   951  }
   952  
   953  // CreateAccountAliasWithContext is the same as CreateAccountAlias with the addition of
   954  // the ability to pass a context and additional request options.
   955  //
   956  // See CreateAccountAlias for details on how to use this API operation.
   957  //
   958  // The context must be non-nil and will be used for request cancellation. If
   959  // the context is nil a panic will occur. In the future the SDK may create
   960  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
   961  // for more information on using Contexts.
   962  func (c *IAM) CreateAccountAliasWithContext(ctx aws.Context, input *CreateAccountAliasInput, opts ...request.Option) (*CreateAccountAliasOutput, error) {
   963  	req, out := c.CreateAccountAliasRequest(input)
   964  	req.SetContext(ctx)
   965  	req.ApplyOptions(opts...)
   966  	return out, req.Send()
   967  }
   968  
   969  const opCreateGroup = "CreateGroup"
   970  
   971  // CreateGroupRequest generates a "aws/request.Request" representing the
   972  // client's request for the CreateGroup operation. The "output" return
   973  // value will be populated with the request's response once the request completes
   974  // successfully.
   975  //
   976  // Use "Send" method on the returned Request to send the API call to the service.
   977  // the "output" return value is not valid until after Send returns without error.
   978  //
   979  // See CreateGroup for more information on using the CreateGroup
   980  // API call, and error handling.
   981  //
   982  // This method is useful when you want to inject custom logic or configuration
   983  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
   984  //
   985  //
   986  //    // Example sending a request using the CreateGroupRequest method.
   987  //    req, resp := client.CreateGroupRequest(params)
   988  //
   989  //    err := req.Send()
   990  //    if err == nil { // resp is now filled
   991  //        fmt.Println(resp)
   992  //    }
   993  //
   994  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateGroup
   995  func (c *IAM) CreateGroupRequest(input *CreateGroupInput) (req *request.Request, output *CreateGroupOutput) {
   996  	op := &request.Operation{
   997  		Name:       opCreateGroup,
   998  		HTTPMethod: "POST",
   999  		HTTPPath:   "/",
  1000  	}
  1001  
  1002  	if input == nil {
  1003  		input = &CreateGroupInput{}
  1004  	}
  1005  
  1006  	output = &CreateGroupOutput{}
  1007  	req = c.newRequest(op, input, output)
  1008  	return
  1009  }
  1010  
  1011  // CreateGroup API operation for AWS Identity and Access Management.
  1012  //
  1013  // Creates a new group.
  1014  //
  1015  // For information about the number of groups you can create, see IAM and STS
  1016  // quotas (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html)
  1017  // in the IAM User Guide.
  1018  //
  1019  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
  1020  // with awserr.Error's Code and Message methods to get detailed information about
  1021  // the error.
  1022  //
  1023  // See the AWS API reference guide for AWS Identity and Access Management's
  1024  // API operation CreateGroup for usage and error information.
  1025  //
  1026  // Returned Error Codes:
  1027  //   * ErrCodeLimitExceededException "LimitExceeded"
  1028  //   The request was rejected because it attempted to create resources beyond
  1029  //   the current Amazon Web Services account limits. The error message describes
  1030  //   the limit exceeded.
  1031  //
  1032  //   * ErrCodeEntityAlreadyExistsException "EntityAlreadyExists"
  1033  //   The request was rejected because it attempted to create a resource that already
  1034  //   exists.
  1035  //
  1036  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
  1037  //   The request was rejected because it referenced a resource entity that does
  1038  //   not exist. The error message describes the resource.
  1039  //
  1040  //   * ErrCodeServiceFailureException "ServiceFailure"
  1041  //   The request processing has failed because of an unknown error, exception
  1042  //   or failure.
  1043  //
  1044  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateGroup
  1045  func (c *IAM) CreateGroup(input *CreateGroupInput) (*CreateGroupOutput, error) {
  1046  	req, out := c.CreateGroupRequest(input)
  1047  	return out, req.Send()
  1048  }
  1049  
  1050  // CreateGroupWithContext is the same as CreateGroup with the addition of
  1051  // the ability to pass a context and additional request options.
  1052  //
  1053  // See CreateGroup for details on how to use this API operation.
  1054  //
  1055  // The context must be non-nil and will be used for request cancellation. If
  1056  // the context is nil a panic will occur. In the future the SDK may create
  1057  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
  1058  // for more information on using Contexts.
  1059  func (c *IAM) CreateGroupWithContext(ctx aws.Context, input *CreateGroupInput, opts ...request.Option) (*CreateGroupOutput, error) {
  1060  	req, out := c.CreateGroupRequest(input)
  1061  	req.SetContext(ctx)
  1062  	req.ApplyOptions(opts...)
  1063  	return out, req.Send()
  1064  }
  1065  
  1066  const opCreateInstanceProfile = "CreateInstanceProfile"
  1067  
  1068  // CreateInstanceProfileRequest generates a "aws/request.Request" representing the
  1069  // client's request for the CreateInstanceProfile operation. The "output" return
  1070  // value will be populated with the request's response once the request completes
  1071  // successfully.
  1072  //
  1073  // Use "Send" method on the returned Request to send the API call to the service.
  1074  // the "output" return value is not valid until after Send returns without error.
  1075  //
  1076  // See CreateInstanceProfile for more information on using the CreateInstanceProfile
  1077  // API call, and error handling.
  1078  //
  1079  // This method is useful when you want to inject custom logic or configuration
  1080  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
  1081  //
  1082  //
  1083  //    // Example sending a request using the CreateInstanceProfileRequest method.
  1084  //    req, resp := client.CreateInstanceProfileRequest(params)
  1085  //
  1086  //    err := req.Send()
  1087  //    if err == nil { // resp is now filled
  1088  //        fmt.Println(resp)
  1089  //    }
  1090  //
  1091  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateInstanceProfile
  1092  func (c *IAM) CreateInstanceProfileRequest(input *CreateInstanceProfileInput) (req *request.Request, output *CreateInstanceProfileOutput) {
  1093  	op := &request.Operation{
  1094  		Name:       opCreateInstanceProfile,
  1095  		HTTPMethod: "POST",
  1096  		HTTPPath:   "/",
  1097  	}
  1098  
  1099  	if input == nil {
  1100  		input = &CreateInstanceProfileInput{}
  1101  	}
  1102  
  1103  	output = &CreateInstanceProfileOutput{}
  1104  	req = c.newRequest(op, input, output)
  1105  	return
  1106  }
  1107  
  1108  // CreateInstanceProfile API operation for AWS Identity and Access Management.
  1109  //
  1110  // Creates a new instance profile. For information about instance profiles,
  1111  // see Using roles for applications on Amazon EC2 (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use_switch-role-ec2.html)
  1112  // in the IAM User Guide, and Instance profiles (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/iam-roles-for-amazon-ec2.html#ec2-instance-profile)
  1113  // in the Amazon EC2 User Guide.
  1114  //
  1115  // For information about the number of instance profiles you can create, see
  1116  // IAM object quotas (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html)
  1117  // in the IAM User Guide.
  1118  //
  1119  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
  1120  // with awserr.Error's Code and Message methods to get detailed information about
  1121  // the error.
  1122  //
  1123  // See the AWS API reference guide for AWS Identity and Access Management's
  1124  // API operation CreateInstanceProfile for usage and error information.
  1125  //
  1126  // Returned Error Codes:
  1127  //   * ErrCodeEntityAlreadyExistsException "EntityAlreadyExists"
  1128  //   The request was rejected because it attempted to create a resource that already
  1129  //   exists.
  1130  //
  1131  //   * ErrCodeInvalidInputException "InvalidInput"
  1132  //   The request was rejected because an invalid or out-of-range value was supplied
  1133  //   for an input parameter.
  1134  //
  1135  //   * ErrCodeLimitExceededException "LimitExceeded"
  1136  //   The request was rejected because it attempted to create resources beyond
  1137  //   the current Amazon Web Services account limits. The error message describes
  1138  //   the limit exceeded.
  1139  //
  1140  //   * ErrCodeConcurrentModificationException "ConcurrentModification"
  1141  //   The request was rejected because multiple requests to change this object
  1142  //   were submitted simultaneously. Wait a few minutes and submit your request
  1143  //   again.
  1144  //
  1145  //   * ErrCodeServiceFailureException "ServiceFailure"
  1146  //   The request processing has failed because of an unknown error, exception
  1147  //   or failure.
  1148  //
  1149  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateInstanceProfile
  1150  func (c *IAM) CreateInstanceProfile(input *CreateInstanceProfileInput) (*CreateInstanceProfileOutput, error) {
  1151  	req, out := c.CreateInstanceProfileRequest(input)
  1152  	return out, req.Send()
  1153  }
  1154  
  1155  // CreateInstanceProfileWithContext is the same as CreateInstanceProfile with the addition of
  1156  // the ability to pass a context and additional request options.
  1157  //
  1158  // See CreateInstanceProfile for details on how to use this API operation.
  1159  //
  1160  // The context must be non-nil and will be used for request cancellation. If
  1161  // the context is nil a panic will occur. In the future the SDK may create
  1162  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
  1163  // for more information on using Contexts.
  1164  func (c *IAM) CreateInstanceProfileWithContext(ctx aws.Context, input *CreateInstanceProfileInput, opts ...request.Option) (*CreateInstanceProfileOutput, error) {
  1165  	req, out := c.CreateInstanceProfileRequest(input)
  1166  	req.SetContext(ctx)
  1167  	req.ApplyOptions(opts...)
  1168  	return out, req.Send()
  1169  }
  1170  
  1171  const opCreateLoginProfile = "CreateLoginProfile"
  1172  
  1173  // CreateLoginProfileRequest generates a "aws/request.Request" representing the
  1174  // client's request for the CreateLoginProfile operation. The "output" return
  1175  // value will be populated with the request's response once the request completes
  1176  // successfully.
  1177  //
  1178  // Use "Send" method on the returned Request to send the API call to the service.
  1179  // the "output" return value is not valid until after Send returns without error.
  1180  //
  1181  // See CreateLoginProfile for more information on using the CreateLoginProfile
  1182  // API call, and error handling.
  1183  //
  1184  // This method is useful when you want to inject custom logic or configuration
  1185  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
  1186  //
  1187  //
  1188  //    // Example sending a request using the CreateLoginProfileRequest method.
  1189  //    req, resp := client.CreateLoginProfileRequest(params)
  1190  //
  1191  //    err := req.Send()
  1192  //    if err == nil { // resp is now filled
  1193  //        fmt.Println(resp)
  1194  //    }
  1195  //
  1196  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateLoginProfile
  1197  func (c *IAM) CreateLoginProfileRequest(input *CreateLoginProfileInput) (req *request.Request, output *CreateLoginProfileOutput) {
  1198  	op := &request.Operation{
  1199  		Name:       opCreateLoginProfile,
  1200  		HTTPMethod: "POST",
  1201  		HTTPPath:   "/",
  1202  	}
  1203  
  1204  	if input == nil {
  1205  		input = &CreateLoginProfileInput{}
  1206  	}
  1207  
  1208  	output = &CreateLoginProfileOutput{}
  1209  	req = c.newRequest(op, input, output)
  1210  	return
  1211  }
  1212  
  1213  // CreateLoginProfile API operation for AWS Identity and Access Management.
  1214  //
  1215  // Creates a password for the specified IAM user. A password allows an IAM user
  1216  // to access Amazon Web Services services through the Amazon Web Services Management
  1217  // Console.
  1218  //
  1219  // You can use the CLI, the Amazon Web Services API, or the Users page in the
  1220  // IAM console to create a password for any IAM user. Use ChangePassword to
  1221  // update your own existing password in the My Security Credentials page in
  1222  // the Amazon Web Services Management Console.
  1223  //
  1224  // For more information about managing passwords, see Managing passwords (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_ManagingLogins.html)
  1225  // in the IAM User Guide.
  1226  //
  1227  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
  1228  // with awserr.Error's Code and Message methods to get detailed information about
  1229  // the error.
  1230  //
  1231  // See the AWS API reference guide for AWS Identity and Access Management's
  1232  // API operation CreateLoginProfile for usage and error information.
  1233  //
  1234  // Returned Error Codes:
  1235  //   * ErrCodeEntityAlreadyExistsException "EntityAlreadyExists"
  1236  //   The request was rejected because it attempted to create a resource that already
  1237  //   exists.
  1238  //
  1239  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
  1240  //   The request was rejected because it referenced a resource entity that does
  1241  //   not exist. The error message describes the resource.
  1242  //
  1243  //   * ErrCodePasswordPolicyViolationException "PasswordPolicyViolation"
  1244  //   The request was rejected because the provided password did not meet the requirements
  1245  //   imposed by the account password policy.
  1246  //
  1247  //   * ErrCodeLimitExceededException "LimitExceeded"
  1248  //   The request was rejected because it attempted to create resources beyond
  1249  //   the current Amazon Web Services account limits. The error message describes
  1250  //   the limit exceeded.
  1251  //
  1252  //   * ErrCodeServiceFailureException "ServiceFailure"
  1253  //   The request processing has failed because of an unknown error, exception
  1254  //   or failure.
  1255  //
  1256  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateLoginProfile
  1257  func (c *IAM) CreateLoginProfile(input *CreateLoginProfileInput) (*CreateLoginProfileOutput, error) {
  1258  	req, out := c.CreateLoginProfileRequest(input)
  1259  	return out, req.Send()
  1260  }
  1261  
  1262  // CreateLoginProfileWithContext is the same as CreateLoginProfile with the addition of
  1263  // the ability to pass a context and additional request options.
  1264  //
  1265  // See CreateLoginProfile for details on how to use this API operation.
  1266  //
  1267  // The context must be non-nil and will be used for request cancellation. If
  1268  // the context is nil a panic will occur. In the future the SDK may create
  1269  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
  1270  // for more information on using Contexts.
  1271  func (c *IAM) CreateLoginProfileWithContext(ctx aws.Context, input *CreateLoginProfileInput, opts ...request.Option) (*CreateLoginProfileOutput, error) {
  1272  	req, out := c.CreateLoginProfileRequest(input)
  1273  	req.SetContext(ctx)
  1274  	req.ApplyOptions(opts...)
  1275  	return out, req.Send()
  1276  }
  1277  
  1278  const opCreateOpenIDConnectProvider = "CreateOpenIDConnectProvider"
  1279  
  1280  // CreateOpenIDConnectProviderRequest generates a "aws/request.Request" representing the
  1281  // client's request for the CreateOpenIDConnectProvider operation. The "output" return
  1282  // value will be populated with the request's response once the request completes
  1283  // successfully.
  1284  //
  1285  // Use "Send" method on the returned Request to send the API call to the service.
  1286  // the "output" return value is not valid until after Send returns without error.
  1287  //
  1288  // See CreateOpenIDConnectProvider for more information on using the CreateOpenIDConnectProvider
  1289  // API call, and error handling.
  1290  //
  1291  // This method is useful when you want to inject custom logic or configuration
  1292  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
  1293  //
  1294  //
  1295  //    // Example sending a request using the CreateOpenIDConnectProviderRequest method.
  1296  //    req, resp := client.CreateOpenIDConnectProviderRequest(params)
  1297  //
  1298  //    err := req.Send()
  1299  //    if err == nil { // resp is now filled
  1300  //        fmt.Println(resp)
  1301  //    }
  1302  //
  1303  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateOpenIDConnectProvider
  1304  func (c *IAM) CreateOpenIDConnectProviderRequest(input *CreateOpenIDConnectProviderInput) (req *request.Request, output *CreateOpenIDConnectProviderOutput) {
  1305  	op := &request.Operation{
  1306  		Name:       opCreateOpenIDConnectProvider,
  1307  		HTTPMethod: "POST",
  1308  		HTTPPath:   "/",
  1309  	}
  1310  
  1311  	if input == nil {
  1312  		input = &CreateOpenIDConnectProviderInput{}
  1313  	}
  1314  
  1315  	output = &CreateOpenIDConnectProviderOutput{}
  1316  	req = c.newRequest(op, input, output)
  1317  	return
  1318  }
  1319  
  1320  // CreateOpenIDConnectProvider API operation for AWS Identity and Access Management.
  1321  //
  1322  // Creates an IAM entity to describe an identity provider (IdP) that supports
  1323  // OpenID Connect (OIDC) (http://openid.net/connect/).
  1324  //
  1325  // The OIDC provider that you create with this operation can be used as a principal
  1326  // in a role's trust policy. Such a policy establishes a trust relationship
  1327  // between Amazon Web Services and the OIDC provider.
  1328  //
  1329  // If you are using an OIDC identity provider from Google, Facebook, or Amazon
  1330  // Cognito, you don't need to create a separate IAM identity provider. These
  1331  // OIDC identity providers are already built-in to Amazon Web Services and are
  1332  // available for your use. Instead, you can move directly to creating new roles
  1333  // using your identity provider. To learn more, see Creating a role for web
  1334  // identity or OpenID connect federation (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_create_for-idp_oidc.html)
  1335  // in the IAM User Guide.
  1336  //
  1337  // When you create the IAM OIDC provider, you specify the following:
  1338  //
  1339  //    * The URL of the OIDC identity provider (IdP) to trust
  1340  //
  1341  //    * A list of client IDs (also known as audiences) that identify the application
  1342  //    or applications allowed to authenticate using the OIDC provider
  1343  //
  1344  //    * A list of thumbprints of one or more server certificates that the IdP
  1345  //    uses
  1346  //
  1347  // You get all of this information from the OIDC IdP you want to use to access
  1348  // Amazon Web Services.
  1349  //
  1350  // Amazon Web Services secures communication with some OIDC identity providers
  1351  // (IdPs) through our library of trusted certificate authorities (CAs) instead
  1352  // of using a certificate thumbprint to verify your IdP server certificate.
  1353  // These OIDC IdPs include Google, and those that use an Amazon S3 bucket to
  1354  // host a JSON Web Key Set (JWKS) endpoint. In these cases, your legacy thumbprint
  1355  // remains in your configuration, but is no longer used for validation.
  1356  //
  1357  // The trust for the OIDC provider is derived from the IAM provider that this
  1358  // operation creates. Therefore, it is best to limit access to the CreateOpenIDConnectProvider
  1359  // operation to highly privileged users.
  1360  //
  1361  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
  1362  // with awserr.Error's Code and Message methods to get detailed information about
  1363  // the error.
  1364  //
  1365  // See the AWS API reference guide for AWS Identity and Access Management's
  1366  // API operation CreateOpenIDConnectProvider for usage and error information.
  1367  //
  1368  // Returned Error Codes:
  1369  //   * ErrCodeInvalidInputException "InvalidInput"
  1370  //   The request was rejected because an invalid or out-of-range value was supplied
  1371  //   for an input parameter.
  1372  //
  1373  //   * ErrCodeEntityAlreadyExistsException "EntityAlreadyExists"
  1374  //   The request was rejected because it attempted to create a resource that already
  1375  //   exists.
  1376  //
  1377  //   * ErrCodeLimitExceededException "LimitExceeded"
  1378  //   The request was rejected because it attempted to create resources beyond
  1379  //   the current Amazon Web Services account limits. The error message describes
  1380  //   the limit exceeded.
  1381  //
  1382  //   * ErrCodeConcurrentModificationException "ConcurrentModification"
  1383  //   The request was rejected because multiple requests to change this object
  1384  //   were submitted simultaneously. Wait a few minutes and submit your request
  1385  //   again.
  1386  //
  1387  //   * ErrCodeServiceFailureException "ServiceFailure"
  1388  //   The request processing has failed because of an unknown error, exception
  1389  //   or failure.
  1390  //
  1391  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateOpenIDConnectProvider
  1392  func (c *IAM) CreateOpenIDConnectProvider(input *CreateOpenIDConnectProviderInput) (*CreateOpenIDConnectProviderOutput, error) {
  1393  	req, out := c.CreateOpenIDConnectProviderRequest(input)
  1394  	return out, req.Send()
  1395  }
  1396  
  1397  // CreateOpenIDConnectProviderWithContext is the same as CreateOpenIDConnectProvider with the addition of
  1398  // the ability to pass a context and additional request options.
  1399  //
  1400  // See CreateOpenIDConnectProvider for details on how to use this API operation.
  1401  //
  1402  // The context must be non-nil and will be used for request cancellation. If
  1403  // the context is nil a panic will occur. In the future the SDK may create
  1404  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
  1405  // for more information on using Contexts.
  1406  func (c *IAM) CreateOpenIDConnectProviderWithContext(ctx aws.Context, input *CreateOpenIDConnectProviderInput, opts ...request.Option) (*CreateOpenIDConnectProviderOutput, error) {
  1407  	req, out := c.CreateOpenIDConnectProviderRequest(input)
  1408  	req.SetContext(ctx)
  1409  	req.ApplyOptions(opts...)
  1410  	return out, req.Send()
  1411  }
  1412  
  1413  const opCreatePolicy = "CreatePolicy"
  1414  
  1415  // CreatePolicyRequest generates a "aws/request.Request" representing the
  1416  // client's request for the CreatePolicy operation. The "output" return
  1417  // value will be populated with the request's response once the request completes
  1418  // successfully.
  1419  //
  1420  // Use "Send" method on the returned Request to send the API call to the service.
  1421  // the "output" return value is not valid until after Send returns without error.
  1422  //
  1423  // See CreatePolicy for more information on using the CreatePolicy
  1424  // API call, and error handling.
  1425  //
  1426  // This method is useful when you want to inject custom logic or configuration
  1427  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
  1428  //
  1429  //
  1430  //    // Example sending a request using the CreatePolicyRequest method.
  1431  //    req, resp := client.CreatePolicyRequest(params)
  1432  //
  1433  //    err := req.Send()
  1434  //    if err == nil { // resp is now filled
  1435  //        fmt.Println(resp)
  1436  //    }
  1437  //
  1438  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreatePolicy
  1439  func (c *IAM) CreatePolicyRequest(input *CreatePolicyInput) (req *request.Request, output *CreatePolicyOutput) {
  1440  	op := &request.Operation{
  1441  		Name:       opCreatePolicy,
  1442  		HTTPMethod: "POST",
  1443  		HTTPPath:   "/",
  1444  	}
  1445  
  1446  	if input == nil {
  1447  		input = &CreatePolicyInput{}
  1448  	}
  1449  
  1450  	output = &CreatePolicyOutput{}
  1451  	req = c.newRequest(op, input, output)
  1452  	return
  1453  }
  1454  
  1455  // CreatePolicy API operation for AWS Identity and Access Management.
  1456  //
  1457  // Creates a new managed policy for your Amazon Web Services account.
  1458  //
  1459  // This operation creates a policy version with a version identifier of v1 and
  1460  // sets v1 as the policy's default version. For more information about policy
  1461  // versions, see Versioning for managed policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-versions.html)
  1462  // in the IAM User Guide.
  1463  //
  1464  // As a best practice, you can validate your IAM policies. To learn more, see
  1465  // Validating IAM policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_policy-validator.html)
  1466  // in the IAM User Guide.
  1467  //
  1468  // For more information about managed policies in general, see Managed policies
  1469  // and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
  1470  // in the IAM User Guide.
  1471  //
  1472  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
  1473  // with awserr.Error's Code and Message methods to get detailed information about
  1474  // the error.
  1475  //
  1476  // See the AWS API reference guide for AWS Identity and Access Management's
  1477  // API operation CreatePolicy for usage and error information.
  1478  //
  1479  // Returned Error Codes:
  1480  //   * ErrCodeInvalidInputException "InvalidInput"
  1481  //   The request was rejected because an invalid or out-of-range value was supplied
  1482  //   for an input parameter.
  1483  //
  1484  //   * ErrCodeLimitExceededException "LimitExceeded"
  1485  //   The request was rejected because it attempted to create resources beyond
  1486  //   the current Amazon Web Services account limits. The error message describes
  1487  //   the limit exceeded.
  1488  //
  1489  //   * ErrCodeEntityAlreadyExistsException "EntityAlreadyExists"
  1490  //   The request was rejected because it attempted to create a resource that already
  1491  //   exists.
  1492  //
  1493  //   * ErrCodeMalformedPolicyDocumentException "MalformedPolicyDocument"
  1494  //   The request was rejected because the policy document was malformed. The error
  1495  //   message describes the specific error.
  1496  //
  1497  //   * ErrCodeConcurrentModificationException "ConcurrentModification"
  1498  //   The request was rejected because multiple requests to change this object
  1499  //   were submitted simultaneously. Wait a few minutes and submit your request
  1500  //   again.
  1501  //
  1502  //   * ErrCodeServiceFailureException "ServiceFailure"
  1503  //   The request processing has failed because of an unknown error, exception
  1504  //   or failure.
  1505  //
  1506  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreatePolicy
  1507  func (c *IAM) CreatePolicy(input *CreatePolicyInput) (*CreatePolicyOutput, error) {
  1508  	req, out := c.CreatePolicyRequest(input)
  1509  	return out, req.Send()
  1510  }
  1511  
  1512  // CreatePolicyWithContext is the same as CreatePolicy with the addition of
  1513  // the ability to pass a context and additional request options.
  1514  //
  1515  // See CreatePolicy for details on how to use this API operation.
  1516  //
  1517  // The context must be non-nil and will be used for request cancellation. If
  1518  // the context is nil a panic will occur. In the future the SDK may create
  1519  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
  1520  // for more information on using Contexts.
  1521  func (c *IAM) CreatePolicyWithContext(ctx aws.Context, input *CreatePolicyInput, opts ...request.Option) (*CreatePolicyOutput, error) {
  1522  	req, out := c.CreatePolicyRequest(input)
  1523  	req.SetContext(ctx)
  1524  	req.ApplyOptions(opts...)
  1525  	return out, req.Send()
  1526  }
  1527  
  1528  const opCreatePolicyVersion = "CreatePolicyVersion"
  1529  
  1530  // CreatePolicyVersionRequest generates a "aws/request.Request" representing the
  1531  // client's request for the CreatePolicyVersion operation. The "output" return
  1532  // value will be populated with the request's response once the request completes
  1533  // successfully.
  1534  //
  1535  // Use "Send" method on the returned Request to send the API call to the service.
  1536  // the "output" return value is not valid until after Send returns without error.
  1537  //
  1538  // See CreatePolicyVersion for more information on using the CreatePolicyVersion
  1539  // API call, and error handling.
  1540  //
  1541  // This method is useful when you want to inject custom logic or configuration
  1542  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
  1543  //
  1544  //
  1545  //    // Example sending a request using the CreatePolicyVersionRequest method.
  1546  //    req, resp := client.CreatePolicyVersionRequest(params)
  1547  //
  1548  //    err := req.Send()
  1549  //    if err == nil { // resp is now filled
  1550  //        fmt.Println(resp)
  1551  //    }
  1552  //
  1553  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreatePolicyVersion
  1554  func (c *IAM) CreatePolicyVersionRequest(input *CreatePolicyVersionInput) (req *request.Request, output *CreatePolicyVersionOutput) {
  1555  	op := &request.Operation{
  1556  		Name:       opCreatePolicyVersion,
  1557  		HTTPMethod: "POST",
  1558  		HTTPPath:   "/",
  1559  	}
  1560  
  1561  	if input == nil {
  1562  		input = &CreatePolicyVersionInput{}
  1563  	}
  1564  
  1565  	output = &CreatePolicyVersionOutput{}
  1566  	req = c.newRequest(op, input, output)
  1567  	return
  1568  }
  1569  
  1570  // CreatePolicyVersion API operation for AWS Identity and Access Management.
  1571  //
  1572  // Creates a new version of the specified managed policy. To update a managed
  1573  // policy, you create a new policy version. A managed policy can have up to
  1574  // five versions. If the policy has five versions, you must delete an existing
  1575  // version using DeletePolicyVersion before you create a new version.
  1576  //
  1577  // Optionally, you can set the new version as the policy's default version.
  1578  // The default version is the version that is in effect for the IAM users, groups,
  1579  // and roles to which the policy is attached.
  1580  //
  1581  // For more information about managed policy versions, see Versioning for managed
  1582  // policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-versions.html)
  1583  // in the IAM User Guide.
  1584  //
  1585  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
  1586  // with awserr.Error's Code and Message methods to get detailed information about
  1587  // the error.
  1588  //
  1589  // See the AWS API reference guide for AWS Identity and Access Management's
  1590  // API operation CreatePolicyVersion for usage and error information.
  1591  //
  1592  // Returned Error Codes:
  1593  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
  1594  //   The request was rejected because it referenced a resource entity that does
  1595  //   not exist. The error message describes the resource.
  1596  //
  1597  //   * ErrCodeMalformedPolicyDocumentException "MalformedPolicyDocument"
  1598  //   The request was rejected because the policy document was malformed. The error
  1599  //   message describes the specific error.
  1600  //
  1601  //   * ErrCodeInvalidInputException "InvalidInput"
  1602  //   The request was rejected because an invalid or out-of-range value was supplied
  1603  //   for an input parameter.
  1604  //
  1605  //   * ErrCodeLimitExceededException "LimitExceeded"
  1606  //   The request was rejected because it attempted to create resources beyond
  1607  //   the current Amazon Web Services account limits. The error message describes
  1608  //   the limit exceeded.
  1609  //
  1610  //   * ErrCodeServiceFailureException "ServiceFailure"
  1611  //   The request processing has failed because of an unknown error, exception
  1612  //   or failure.
  1613  //
  1614  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreatePolicyVersion
  1615  func (c *IAM) CreatePolicyVersion(input *CreatePolicyVersionInput) (*CreatePolicyVersionOutput, error) {
  1616  	req, out := c.CreatePolicyVersionRequest(input)
  1617  	return out, req.Send()
  1618  }
  1619  
  1620  // CreatePolicyVersionWithContext is the same as CreatePolicyVersion with the addition of
  1621  // the ability to pass a context and additional request options.
  1622  //
  1623  // See CreatePolicyVersion for details on how to use this API operation.
  1624  //
  1625  // The context must be non-nil and will be used for request cancellation. If
  1626  // the context is nil a panic will occur. In the future the SDK may create
  1627  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
  1628  // for more information on using Contexts.
  1629  func (c *IAM) CreatePolicyVersionWithContext(ctx aws.Context, input *CreatePolicyVersionInput, opts ...request.Option) (*CreatePolicyVersionOutput, error) {
  1630  	req, out := c.CreatePolicyVersionRequest(input)
  1631  	req.SetContext(ctx)
  1632  	req.ApplyOptions(opts...)
  1633  	return out, req.Send()
  1634  }
  1635  
  1636  const opCreateRole = "CreateRole"
  1637  
  1638  // CreateRoleRequest generates a "aws/request.Request" representing the
  1639  // client's request for the CreateRole operation. The "output" return
  1640  // value will be populated with the request's response once the request completes
  1641  // successfully.
  1642  //
  1643  // Use "Send" method on the returned Request to send the API call to the service.
  1644  // the "output" return value is not valid until after Send returns without error.
  1645  //
  1646  // See CreateRole for more information on using the CreateRole
  1647  // API call, and error handling.
  1648  //
  1649  // This method is useful when you want to inject custom logic or configuration
  1650  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
  1651  //
  1652  //
  1653  //    // Example sending a request using the CreateRoleRequest method.
  1654  //    req, resp := client.CreateRoleRequest(params)
  1655  //
  1656  //    err := req.Send()
  1657  //    if err == nil { // resp is now filled
  1658  //        fmt.Println(resp)
  1659  //    }
  1660  //
  1661  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateRole
  1662  func (c *IAM) CreateRoleRequest(input *CreateRoleInput) (req *request.Request, output *CreateRoleOutput) {
  1663  	op := &request.Operation{
  1664  		Name:       opCreateRole,
  1665  		HTTPMethod: "POST",
  1666  		HTTPPath:   "/",
  1667  	}
  1668  
  1669  	if input == nil {
  1670  		input = &CreateRoleInput{}
  1671  	}
  1672  
  1673  	output = &CreateRoleOutput{}
  1674  	req = c.newRequest(op, input, output)
  1675  	return
  1676  }
  1677  
  1678  // CreateRole API operation for AWS Identity and Access Management.
  1679  //
  1680  // Creates a new role for your Amazon Web Services account. For more information
  1681  // about roles, see IAM roles (https://docs.aws.amazon.com/IAM/latest/UserGuide/WorkingWithRoles.html).
  1682  // For information about quotas for role names and the number of roles you can
  1683  // create, see IAM and STS quotas (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html)
  1684  // in the IAM User Guide.
  1685  //
  1686  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
  1687  // with awserr.Error's Code and Message methods to get detailed information about
  1688  // the error.
  1689  //
  1690  // See the AWS API reference guide for AWS Identity and Access Management's
  1691  // API operation CreateRole for usage and error information.
  1692  //
  1693  // Returned Error Codes:
  1694  //   * ErrCodeLimitExceededException "LimitExceeded"
  1695  //   The request was rejected because it attempted to create resources beyond
  1696  //   the current Amazon Web Services account limits. The error message describes
  1697  //   the limit exceeded.
  1698  //
  1699  //   * ErrCodeInvalidInputException "InvalidInput"
  1700  //   The request was rejected because an invalid or out-of-range value was supplied
  1701  //   for an input parameter.
  1702  //
  1703  //   * ErrCodeEntityAlreadyExistsException "EntityAlreadyExists"
  1704  //   The request was rejected because it attempted to create a resource that already
  1705  //   exists.
  1706  //
  1707  //   * ErrCodeMalformedPolicyDocumentException "MalformedPolicyDocument"
  1708  //   The request was rejected because the policy document was malformed. The error
  1709  //   message describes the specific error.
  1710  //
  1711  //   * ErrCodeConcurrentModificationException "ConcurrentModification"
  1712  //   The request was rejected because multiple requests to change this object
  1713  //   were submitted simultaneously. Wait a few minutes and submit your request
  1714  //   again.
  1715  //
  1716  //   * ErrCodeServiceFailureException "ServiceFailure"
  1717  //   The request processing has failed because of an unknown error, exception
  1718  //   or failure.
  1719  //
  1720  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateRole
  1721  func (c *IAM) CreateRole(input *CreateRoleInput) (*CreateRoleOutput, error) {
  1722  	req, out := c.CreateRoleRequest(input)
  1723  	return out, req.Send()
  1724  }
  1725  
  1726  // CreateRoleWithContext is the same as CreateRole with the addition of
  1727  // the ability to pass a context and additional request options.
  1728  //
  1729  // See CreateRole for details on how to use this API operation.
  1730  //
  1731  // The context must be non-nil and will be used for request cancellation. If
  1732  // the context is nil a panic will occur. In the future the SDK may create
  1733  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
  1734  // for more information on using Contexts.
  1735  func (c *IAM) CreateRoleWithContext(ctx aws.Context, input *CreateRoleInput, opts ...request.Option) (*CreateRoleOutput, error) {
  1736  	req, out := c.CreateRoleRequest(input)
  1737  	req.SetContext(ctx)
  1738  	req.ApplyOptions(opts...)
  1739  	return out, req.Send()
  1740  }
  1741  
  1742  const opCreateSAMLProvider = "CreateSAMLProvider"
  1743  
  1744  // CreateSAMLProviderRequest generates a "aws/request.Request" representing the
  1745  // client's request for the CreateSAMLProvider operation. The "output" return
  1746  // value will be populated with the request's response once the request completes
  1747  // successfully.
  1748  //
  1749  // Use "Send" method on the returned Request to send the API call to the service.
  1750  // the "output" return value is not valid until after Send returns without error.
  1751  //
  1752  // See CreateSAMLProvider for more information on using the CreateSAMLProvider
  1753  // API call, and error handling.
  1754  //
  1755  // This method is useful when you want to inject custom logic or configuration
  1756  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
  1757  //
  1758  //
  1759  //    // Example sending a request using the CreateSAMLProviderRequest method.
  1760  //    req, resp := client.CreateSAMLProviderRequest(params)
  1761  //
  1762  //    err := req.Send()
  1763  //    if err == nil { // resp is now filled
  1764  //        fmt.Println(resp)
  1765  //    }
  1766  //
  1767  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateSAMLProvider
  1768  func (c *IAM) CreateSAMLProviderRequest(input *CreateSAMLProviderInput) (req *request.Request, output *CreateSAMLProviderOutput) {
  1769  	op := &request.Operation{
  1770  		Name:       opCreateSAMLProvider,
  1771  		HTTPMethod: "POST",
  1772  		HTTPPath:   "/",
  1773  	}
  1774  
  1775  	if input == nil {
  1776  		input = &CreateSAMLProviderInput{}
  1777  	}
  1778  
  1779  	output = &CreateSAMLProviderOutput{}
  1780  	req = c.newRequest(op, input, output)
  1781  	return
  1782  }
  1783  
  1784  // CreateSAMLProvider API operation for AWS Identity and Access Management.
  1785  //
  1786  // Creates an IAM resource that describes an identity provider (IdP) that supports
  1787  // SAML 2.0.
  1788  //
  1789  // The SAML provider resource that you create with this operation can be used
  1790  // as a principal in an IAM role's trust policy. Such a policy can enable federated
  1791  // users who sign in using the SAML IdP to assume the role. You can create an
  1792  // IAM role that supports Web-based single sign-on (SSO) to the Amazon Web Services
  1793  // Management Console or one that supports API access to Amazon Web Services.
  1794  //
  1795  // When you create the SAML provider resource, you upload a SAML metadata document
  1796  // that you get from your IdP. That document includes the issuer's name, expiration
  1797  // information, and keys that can be used to validate the SAML authentication
  1798  // response (assertions) that the IdP sends. You must generate the metadata
  1799  // document using the identity management software that is used as your organization's
  1800  // IdP.
  1801  //
  1802  // This operation requires Signature Version 4 (https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html).
  1803  //
  1804  // For more information, see Enabling SAML 2.0 federated users to access the
  1805  // Amazon Web Services Management Console (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_enable-console-saml.html)
  1806  // and About SAML 2.0-based federation (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_saml.html)
  1807  // in the IAM User Guide.
  1808  //
  1809  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
  1810  // with awserr.Error's Code and Message methods to get detailed information about
  1811  // the error.
  1812  //
  1813  // See the AWS API reference guide for AWS Identity and Access Management's
  1814  // API operation CreateSAMLProvider for usage and error information.
  1815  //
  1816  // Returned Error Codes:
  1817  //   * ErrCodeInvalidInputException "InvalidInput"
  1818  //   The request was rejected because an invalid or out-of-range value was supplied
  1819  //   for an input parameter.
  1820  //
  1821  //   * ErrCodeEntityAlreadyExistsException "EntityAlreadyExists"
  1822  //   The request was rejected because it attempted to create a resource that already
  1823  //   exists.
  1824  //
  1825  //   * ErrCodeLimitExceededException "LimitExceeded"
  1826  //   The request was rejected because it attempted to create resources beyond
  1827  //   the current Amazon Web Services account limits. The error message describes
  1828  //   the limit exceeded.
  1829  //
  1830  //   * ErrCodeConcurrentModificationException "ConcurrentModification"
  1831  //   The request was rejected because multiple requests to change this object
  1832  //   were submitted simultaneously. Wait a few minutes and submit your request
  1833  //   again.
  1834  //
  1835  //   * ErrCodeServiceFailureException "ServiceFailure"
  1836  //   The request processing has failed because of an unknown error, exception
  1837  //   or failure.
  1838  //
  1839  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateSAMLProvider
  1840  func (c *IAM) CreateSAMLProvider(input *CreateSAMLProviderInput) (*CreateSAMLProviderOutput, error) {
  1841  	req, out := c.CreateSAMLProviderRequest(input)
  1842  	return out, req.Send()
  1843  }
  1844  
  1845  // CreateSAMLProviderWithContext is the same as CreateSAMLProvider with the addition of
  1846  // the ability to pass a context and additional request options.
  1847  //
  1848  // See CreateSAMLProvider for details on how to use this API operation.
  1849  //
  1850  // The context must be non-nil and will be used for request cancellation. If
  1851  // the context is nil a panic will occur. In the future the SDK may create
  1852  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
  1853  // for more information on using Contexts.
  1854  func (c *IAM) CreateSAMLProviderWithContext(ctx aws.Context, input *CreateSAMLProviderInput, opts ...request.Option) (*CreateSAMLProviderOutput, error) {
  1855  	req, out := c.CreateSAMLProviderRequest(input)
  1856  	req.SetContext(ctx)
  1857  	req.ApplyOptions(opts...)
  1858  	return out, req.Send()
  1859  }
  1860  
  1861  const opCreateServiceLinkedRole = "CreateServiceLinkedRole"
  1862  
  1863  // CreateServiceLinkedRoleRequest generates a "aws/request.Request" representing the
  1864  // client's request for the CreateServiceLinkedRole operation. The "output" return
  1865  // value will be populated with the request's response once the request completes
  1866  // successfully.
  1867  //
  1868  // Use "Send" method on the returned Request to send the API call to the service.
  1869  // the "output" return value is not valid until after Send returns without error.
  1870  //
  1871  // See CreateServiceLinkedRole for more information on using the CreateServiceLinkedRole
  1872  // API call, and error handling.
  1873  //
  1874  // This method is useful when you want to inject custom logic or configuration
  1875  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
  1876  //
  1877  //
  1878  //    // Example sending a request using the CreateServiceLinkedRoleRequest method.
  1879  //    req, resp := client.CreateServiceLinkedRoleRequest(params)
  1880  //
  1881  //    err := req.Send()
  1882  //    if err == nil { // resp is now filled
  1883  //        fmt.Println(resp)
  1884  //    }
  1885  //
  1886  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateServiceLinkedRole
  1887  func (c *IAM) CreateServiceLinkedRoleRequest(input *CreateServiceLinkedRoleInput) (req *request.Request, output *CreateServiceLinkedRoleOutput) {
  1888  	op := &request.Operation{
  1889  		Name:       opCreateServiceLinkedRole,
  1890  		HTTPMethod: "POST",
  1891  		HTTPPath:   "/",
  1892  	}
  1893  
  1894  	if input == nil {
  1895  		input = &CreateServiceLinkedRoleInput{}
  1896  	}
  1897  
  1898  	output = &CreateServiceLinkedRoleOutput{}
  1899  	req = c.newRequest(op, input, output)
  1900  	return
  1901  }
  1902  
  1903  // CreateServiceLinkedRole API operation for AWS Identity and Access Management.
  1904  //
  1905  // Creates an IAM role that is linked to a specific Amazon Web Services service.
  1906  // The service controls the attached policies and when the role can be deleted.
  1907  // This helps ensure that the service is not broken by an unexpectedly changed
  1908  // or deleted role, which could put your Amazon Web Services resources into
  1909  // an unknown state. Allowing the service to control the role helps improve
  1910  // service stability and proper cleanup when a service and its role are no longer
  1911  // needed. For more information, see Using service-linked roles (https://docs.aws.amazon.com/IAM/latest/UserGuide/using-service-linked-roles.html)
  1912  // in the IAM User Guide.
  1913  //
  1914  // To attach a policy to this service-linked role, you must make the request
  1915  // using the Amazon Web Services service that depends on this role.
  1916  //
  1917  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
  1918  // with awserr.Error's Code and Message methods to get detailed information about
  1919  // the error.
  1920  //
  1921  // See the AWS API reference guide for AWS Identity and Access Management's
  1922  // API operation CreateServiceLinkedRole for usage and error information.
  1923  //
  1924  // Returned Error Codes:
  1925  //   * ErrCodeInvalidInputException "InvalidInput"
  1926  //   The request was rejected because an invalid or out-of-range value was supplied
  1927  //   for an input parameter.
  1928  //
  1929  //   * ErrCodeLimitExceededException "LimitExceeded"
  1930  //   The request was rejected because it attempted to create resources beyond
  1931  //   the current Amazon Web Services account limits. The error message describes
  1932  //   the limit exceeded.
  1933  //
  1934  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
  1935  //   The request was rejected because it referenced a resource entity that does
  1936  //   not exist. The error message describes the resource.
  1937  //
  1938  //   * ErrCodeServiceFailureException "ServiceFailure"
  1939  //   The request processing has failed because of an unknown error, exception
  1940  //   or failure.
  1941  //
  1942  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateServiceLinkedRole
  1943  func (c *IAM) CreateServiceLinkedRole(input *CreateServiceLinkedRoleInput) (*CreateServiceLinkedRoleOutput, error) {
  1944  	req, out := c.CreateServiceLinkedRoleRequest(input)
  1945  	return out, req.Send()
  1946  }
  1947  
  1948  // CreateServiceLinkedRoleWithContext is the same as CreateServiceLinkedRole with the addition of
  1949  // the ability to pass a context and additional request options.
  1950  //
  1951  // See CreateServiceLinkedRole for details on how to use this API operation.
  1952  //
  1953  // The context must be non-nil and will be used for request cancellation. If
  1954  // the context is nil a panic will occur. In the future the SDK may create
  1955  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
  1956  // for more information on using Contexts.
  1957  func (c *IAM) CreateServiceLinkedRoleWithContext(ctx aws.Context, input *CreateServiceLinkedRoleInput, opts ...request.Option) (*CreateServiceLinkedRoleOutput, error) {
  1958  	req, out := c.CreateServiceLinkedRoleRequest(input)
  1959  	req.SetContext(ctx)
  1960  	req.ApplyOptions(opts...)
  1961  	return out, req.Send()
  1962  }
  1963  
  1964  const opCreateServiceSpecificCredential = "CreateServiceSpecificCredential"
  1965  
  1966  // CreateServiceSpecificCredentialRequest generates a "aws/request.Request" representing the
  1967  // client's request for the CreateServiceSpecificCredential operation. The "output" return
  1968  // value will be populated with the request's response once the request completes
  1969  // successfully.
  1970  //
  1971  // Use "Send" method on the returned Request to send the API call to the service.
  1972  // the "output" return value is not valid until after Send returns without error.
  1973  //
  1974  // See CreateServiceSpecificCredential for more information on using the CreateServiceSpecificCredential
  1975  // API call, and error handling.
  1976  //
  1977  // This method is useful when you want to inject custom logic or configuration
  1978  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
  1979  //
  1980  //
  1981  //    // Example sending a request using the CreateServiceSpecificCredentialRequest method.
  1982  //    req, resp := client.CreateServiceSpecificCredentialRequest(params)
  1983  //
  1984  //    err := req.Send()
  1985  //    if err == nil { // resp is now filled
  1986  //        fmt.Println(resp)
  1987  //    }
  1988  //
  1989  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateServiceSpecificCredential
  1990  func (c *IAM) CreateServiceSpecificCredentialRequest(input *CreateServiceSpecificCredentialInput) (req *request.Request, output *CreateServiceSpecificCredentialOutput) {
  1991  	op := &request.Operation{
  1992  		Name:       opCreateServiceSpecificCredential,
  1993  		HTTPMethod: "POST",
  1994  		HTTPPath:   "/",
  1995  	}
  1996  
  1997  	if input == nil {
  1998  		input = &CreateServiceSpecificCredentialInput{}
  1999  	}
  2000  
  2001  	output = &CreateServiceSpecificCredentialOutput{}
  2002  	req = c.newRequest(op, input, output)
  2003  	return
  2004  }
  2005  
  2006  // CreateServiceSpecificCredential API operation for AWS Identity and Access Management.
  2007  //
  2008  // Generates a set of credentials consisting of a user name and password that
  2009  // can be used to access the service specified in the request. These credentials
  2010  // are generated by IAM, and can be used only for the specified service.
  2011  //
  2012  // You can have a maximum of two sets of service-specific credentials for each
  2013  // supported service per user.
  2014  //
  2015  // You can create service-specific credentials for CodeCommit and Amazon Keyspaces
  2016  // (for Apache Cassandra).
  2017  //
  2018  // You can reset the password to a new service-generated value by calling ResetServiceSpecificCredential.
  2019  //
  2020  // For more information about service-specific credentials, see Using IAM with
  2021  // CodeCommit: Git credentials, SSH keys, and Amazon Web Services access keys
  2022  // (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_ssh-keys.html)
  2023  // in the IAM User Guide.
  2024  //
  2025  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
  2026  // with awserr.Error's Code and Message methods to get detailed information about
  2027  // the error.
  2028  //
  2029  // See the AWS API reference guide for AWS Identity and Access Management's
  2030  // API operation CreateServiceSpecificCredential for usage and error information.
  2031  //
  2032  // Returned Error Codes:
  2033  //   * ErrCodeLimitExceededException "LimitExceeded"
  2034  //   The request was rejected because it attempted to create resources beyond
  2035  //   the current Amazon Web Services account limits. The error message describes
  2036  //   the limit exceeded.
  2037  //
  2038  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
  2039  //   The request was rejected because it referenced a resource entity that does
  2040  //   not exist. The error message describes the resource.
  2041  //
  2042  //   * ErrCodeServiceNotSupportedException "NotSupportedService"
  2043  //   The specified service does not support service-specific credentials.
  2044  //
  2045  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateServiceSpecificCredential
  2046  func (c *IAM) CreateServiceSpecificCredential(input *CreateServiceSpecificCredentialInput) (*CreateServiceSpecificCredentialOutput, error) {
  2047  	req, out := c.CreateServiceSpecificCredentialRequest(input)
  2048  	return out, req.Send()
  2049  }
  2050  
  2051  // CreateServiceSpecificCredentialWithContext is the same as CreateServiceSpecificCredential with the addition of
  2052  // the ability to pass a context and additional request options.
  2053  //
  2054  // See CreateServiceSpecificCredential for details on how to use this API operation.
  2055  //
  2056  // The context must be non-nil and will be used for request cancellation. If
  2057  // the context is nil a panic will occur. In the future the SDK may create
  2058  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
  2059  // for more information on using Contexts.
  2060  func (c *IAM) CreateServiceSpecificCredentialWithContext(ctx aws.Context, input *CreateServiceSpecificCredentialInput, opts ...request.Option) (*CreateServiceSpecificCredentialOutput, error) {
  2061  	req, out := c.CreateServiceSpecificCredentialRequest(input)
  2062  	req.SetContext(ctx)
  2063  	req.ApplyOptions(opts...)
  2064  	return out, req.Send()
  2065  }
  2066  
  2067  const opCreateUser = "CreateUser"
  2068  
  2069  // CreateUserRequest generates a "aws/request.Request" representing the
  2070  // client's request for the CreateUser operation. The "output" return
  2071  // value will be populated with the request's response once the request completes
  2072  // successfully.
  2073  //
  2074  // Use "Send" method on the returned Request to send the API call to the service.
  2075  // the "output" return value is not valid until after Send returns without error.
  2076  //
  2077  // See CreateUser for more information on using the CreateUser
  2078  // API call, and error handling.
  2079  //
  2080  // This method is useful when you want to inject custom logic or configuration
  2081  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
  2082  //
  2083  //
  2084  //    // Example sending a request using the CreateUserRequest method.
  2085  //    req, resp := client.CreateUserRequest(params)
  2086  //
  2087  //    err := req.Send()
  2088  //    if err == nil { // resp is now filled
  2089  //        fmt.Println(resp)
  2090  //    }
  2091  //
  2092  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateUser
  2093  func (c *IAM) CreateUserRequest(input *CreateUserInput) (req *request.Request, output *CreateUserOutput) {
  2094  	op := &request.Operation{
  2095  		Name:       opCreateUser,
  2096  		HTTPMethod: "POST",
  2097  		HTTPPath:   "/",
  2098  	}
  2099  
  2100  	if input == nil {
  2101  		input = &CreateUserInput{}
  2102  	}
  2103  
  2104  	output = &CreateUserOutput{}
  2105  	req = c.newRequest(op, input, output)
  2106  	return
  2107  }
  2108  
  2109  // CreateUser API operation for AWS Identity and Access Management.
  2110  //
  2111  // Creates a new IAM user for your Amazon Web Services account.
  2112  //
  2113  // For information about quotas for the number of IAM users you can create,
  2114  // see IAM and STS quotas (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html)
  2115  // in the IAM User Guide.
  2116  //
  2117  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
  2118  // with awserr.Error's Code and Message methods to get detailed information about
  2119  // the error.
  2120  //
  2121  // See the AWS API reference guide for AWS Identity and Access Management's
  2122  // API operation CreateUser for usage and error information.
  2123  //
  2124  // Returned Error Codes:
  2125  //   * ErrCodeLimitExceededException "LimitExceeded"
  2126  //   The request was rejected because it attempted to create resources beyond
  2127  //   the current Amazon Web Services account limits. The error message describes
  2128  //   the limit exceeded.
  2129  //
  2130  //   * ErrCodeEntityAlreadyExistsException "EntityAlreadyExists"
  2131  //   The request was rejected because it attempted to create a resource that already
  2132  //   exists.
  2133  //
  2134  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
  2135  //   The request was rejected because it referenced a resource entity that does
  2136  //   not exist. The error message describes the resource.
  2137  //
  2138  //   * ErrCodeInvalidInputException "InvalidInput"
  2139  //   The request was rejected because an invalid or out-of-range value was supplied
  2140  //   for an input parameter.
  2141  //
  2142  //   * ErrCodeConcurrentModificationException "ConcurrentModification"
  2143  //   The request was rejected because multiple requests to change this object
  2144  //   were submitted simultaneously. Wait a few minutes and submit your request
  2145  //   again.
  2146  //
  2147  //   * ErrCodeServiceFailureException "ServiceFailure"
  2148  //   The request processing has failed because of an unknown error, exception
  2149  //   or failure.
  2150  //
  2151  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateUser
  2152  func (c *IAM) CreateUser(input *CreateUserInput) (*CreateUserOutput, error) {
  2153  	req, out := c.CreateUserRequest(input)
  2154  	return out, req.Send()
  2155  }
  2156  
  2157  // CreateUserWithContext is the same as CreateUser with the addition of
  2158  // the ability to pass a context and additional request options.
  2159  //
  2160  // See CreateUser for details on how to use this API operation.
  2161  //
  2162  // The context must be non-nil and will be used for request cancellation. If
  2163  // the context is nil a panic will occur. In the future the SDK may create
  2164  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
  2165  // for more information on using Contexts.
  2166  func (c *IAM) CreateUserWithContext(ctx aws.Context, input *CreateUserInput, opts ...request.Option) (*CreateUserOutput, error) {
  2167  	req, out := c.CreateUserRequest(input)
  2168  	req.SetContext(ctx)
  2169  	req.ApplyOptions(opts...)
  2170  	return out, req.Send()
  2171  }
  2172  
  2173  const opCreateVirtualMFADevice = "CreateVirtualMFADevice"
  2174  
  2175  // CreateVirtualMFADeviceRequest generates a "aws/request.Request" representing the
  2176  // client's request for the CreateVirtualMFADevice operation. The "output" return
  2177  // value will be populated with the request's response once the request completes
  2178  // successfully.
  2179  //
  2180  // Use "Send" method on the returned Request to send the API call to the service.
  2181  // the "output" return value is not valid until after Send returns without error.
  2182  //
  2183  // See CreateVirtualMFADevice for more information on using the CreateVirtualMFADevice
  2184  // API call, and error handling.
  2185  //
  2186  // This method is useful when you want to inject custom logic or configuration
  2187  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
  2188  //
  2189  //
  2190  //    // Example sending a request using the CreateVirtualMFADeviceRequest method.
  2191  //    req, resp := client.CreateVirtualMFADeviceRequest(params)
  2192  //
  2193  //    err := req.Send()
  2194  //    if err == nil { // resp is now filled
  2195  //        fmt.Println(resp)
  2196  //    }
  2197  //
  2198  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateVirtualMFADevice
  2199  func (c *IAM) CreateVirtualMFADeviceRequest(input *CreateVirtualMFADeviceInput) (req *request.Request, output *CreateVirtualMFADeviceOutput) {
  2200  	op := &request.Operation{
  2201  		Name:       opCreateVirtualMFADevice,
  2202  		HTTPMethod: "POST",
  2203  		HTTPPath:   "/",
  2204  	}
  2205  
  2206  	if input == nil {
  2207  		input = &CreateVirtualMFADeviceInput{}
  2208  	}
  2209  
  2210  	output = &CreateVirtualMFADeviceOutput{}
  2211  	req = c.newRequest(op, input, output)
  2212  	return
  2213  }
  2214  
  2215  // CreateVirtualMFADevice API operation for AWS Identity and Access Management.
  2216  //
  2217  // Creates a new virtual MFA device for the Amazon Web Services account. After
  2218  // creating the virtual MFA, use EnableMFADevice to attach the MFA device to
  2219  // an IAM user. For more information about creating and working with virtual
  2220  // MFA devices, see Using a virtual MFA device (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_VirtualMFA.html)
  2221  // in the IAM User Guide.
  2222  //
  2223  // For information about the maximum number of MFA devices you can create, see
  2224  // IAM and STS quotas (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html)
  2225  // in the IAM User Guide.
  2226  //
  2227  // The seed information contained in the QR code and the Base32 string should
  2228  // be treated like any other secret access information. In other words, protect
  2229  // the seed information as you would your Amazon Web Services access keys or
  2230  // your passwords. After you provision your virtual device, you should ensure
  2231  // that the information is destroyed following secure procedures.
  2232  //
  2233  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
  2234  // with awserr.Error's Code and Message methods to get detailed information about
  2235  // the error.
  2236  //
  2237  // See the AWS API reference guide for AWS Identity and Access Management's
  2238  // API operation CreateVirtualMFADevice for usage and error information.
  2239  //
  2240  // Returned Error Codes:
  2241  //   * ErrCodeLimitExceededException "LimitExceeded"
  2242  //   The request was rejected because it attempted to create resources beyond
  2243  //   the current Amazon Web Services account limits. The error message describes
  2244  //   the limit exceeded.
  2245  //
  2246  //   * ErrCodeInvalidInputException "InvalidInput"
  2247  //   The request was rejected because an invalid or out-of-range value was supplied
  2248  //   for an input parameter.
  2249  //
  2250  //   * ErrCodeEntityAlreadyExistsException "EntityAlreadyExists"
  2251  //   The request was rejected because it attempted to create a resource that already
  2252  //   exists.
  2253  //
  2254  //   * ErrCodeConcurrentModificationException "ConcurrentModification"
  2255  //   The request was rejected because multiple requests to change this object
  2256  //   were submitted simultaneously. Wait a few minutes and submit your request
  2257  //   again.
  2258  //
  2259  //   * ErrCodeServiceFailureException "ServiceFailure"
  2260  //   The request processing has failed because of an unknown error, exception
  2261  //   or failure.
  2262  //
  2263  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateVirtualMFADevice
  2264  func (c *IAM) CreateVirtualMFADevice(input *CreateVirtualMFADeviceInput) (*CreateVirtualMFADeviceOutput, error) {
  2265  	req, out := c.CreateVirtualMFADeviceRequest(input)
  2266  	return out, req.Send()
  2267  }
  2268  
  2269  // CreateVirtualMFADeviceWithContext is the same as CreateVirtualMFADevice with the addition of
  2270  // the ability to pass a context and additional request options.
  2271  //
  2272  // See CreateVirtualMFADevice for details on how to use this API operation.
  2273  //
  2274  // The context must be non-nil and will be used for request cancellation. If
  2275  // the context is nil a panic will occur. In the future the SDK may create
  2276  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
  2277  // for more information on using Contexts.
  2278  func (c *IAM) CreateVirtualMFADeviceWithContext(ctx aws.Context, input *CreateVirtualMFADeviceInput, opts ...request.Option) (*CreateVirtualMFADeviceOutput, error) {
  2279  	req, out := c.CreateVirtualMFADeviceRequest(input)
  2280  	req.SetContext(ctx)
  2281  	req.ApplyOptions(opts...)
  2282  	return out, req.Send()
  2283  }
  2284  
  2285  const opDeactivateMFADevice = "DeactivateMFADevice"
  2286  
  2287  // DeactivateMFADeviceRequest generates a "aws/request.Request" representing the
  2288  // client's request for the DeactivateMFADevice operation. The "output" return
  2289  // value will be populated with the request's response once the request completes
  2290  // successfully.
  2291  //
  2292  // Use "Send" method on the returned Request to send the API call to the service.
  2293  // the "output" return value is not valid until after Send returns without error.
  2294  //
  2295  // See DeactivateMFADevice for more information on using the DeactivateMFADevice
  2296  // API call, and error handling.
  2297  //
  2298  // This method is useful when you want to inject custom logic or configuration
  2299  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
  2300  //
  2301  //
  2302  //    // Example sending a request using the DeactivateMFADeviceRequest method.
  2303  //    req, resp := client.DeactivateMFADeviceRequest(params)
  2304  //
  2305  //    err := req.Send()
  2306  //    if err == nil { // resp is now filled
  2307  //        fmt.Println(resp)
  2308  //    }
  2309  //
  2310  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeactivateMFADevice
  2311  func (c *IAM) DeactivateMFADeviceRequest(input *DeactivateMFADeviceInput) (req *request.Request, output *DeactivateMFADeviceOutput) {
  2312  	op := &request.Operation{
  2313  		Name:       opDeactivateMFADevice,
  2314  		HTTPMethod: "POST",
  2315  		HTTPPath:   "/",
  2316  	}
  2317  
  2318  	if input == nil {
  2319  		input = &DeactivateMFADeviceInput{}
  2320  	}
  2321  
  2322  	output = &DeactivateMFADeviceOutput{}
  2323  	req = c.newRequest(op, input, output)
  2324  	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
  2325  	return
  2326  }
  2327  
  2328  // DeactivateMFADevice API operation for AWS Identity and Access Management.
  2329  //
  2330  // Deactivates the specified MFA device and removes it from association with
  2331  // the user name for which it was originally enabled.
  2332  //
  2333  // For more information about creating and working with virtual MFA devices,
  2334  // see Enabling a virtual multi-factor authentication (MFA) device (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_VirtualMFA.html)
  2335  // in the IAM User Guide.
  2336  //
  2337  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
  2338  // with awserr.Error's Code and Message methods to get detailed information about
  2339  // the error.
  2340  //
  2341  // See the AWS API reference guide for AWS Identity and Access Management's
  2342  // API operation DeactivateMFADevice for usage and error information.
  2343  //
  2344  // Returned Error Codes:
  2345  //   * ErrCodeEntityTemporarilyUnmodifiableException "EntityTemporarilyUnmodifiable"
  2346  //   The request was rejected because it referenced an entity that is temporarily
  2347  //   unmodifiable, such as a user name that was deleted and then recreated. The
  2348  //   error indicates that the request is likely to succeed if you try again after
  2349  //   waiting several minutes. The error message describes the entity.
  2350  //
  2351  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
  2352  //   The request was rejected because it referenced a resource entity that does
  2353  //   not exist. The error message describes the resource.
  2354  //
  2355  //   * ErrCodeLimitExceededException "LimitExceeded"
  2356  //   The request was rejected because it attempted to create resources beyond
  2357  //   the current Amazon Web Services account limits. The error message describes
  2358  //   the limit exceeded.
  2359  //
  2360  //   * ErrCodeServiceFailureException "ServiceFailure"
  2361  //   The request processing has failed because of an unknown error, exception
  2362  //   or failure.
  2363  //
  2364  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeactivateMFADevice
  2365  func (c *IAM) DeactivateMFADevice(input *DeactivateMFADeviceInput) (*DeactivateMFADeviceOutput, error) {
  2366  	req, out := c.DeactivateMFADeviceRequest(input)
  2367  	return out, req.Send()
  2368  }
  2369  
  2370  // DeactivateMFADeviceWithContext is the same as DeactivateMFADevice with the addition of
  2371  // the ability to pass a context and additional request options.
  2372  //
  2373  // See DeactivateMFADevice for details on how to use this API operation.
  2374  //
  2375  // The context must be non-nil and will be used for request cancellation. If
  2376  // the context is nil a panic will occur. In the future the SDK may create
  2377  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
  2378  // for more information on using Contexts.
  2379  func (c *IAM) DeactivateMFADeviceWithContext(ctx aws.Context, input *DeactivateMFADeviceInput, opts ...request.Option) (*DeactivateMFADeviceOutput, error) {
  2380  	req, out := c.DeactivateMFADeviceRequest(input)
  2381  	req.SetContext(ctx)
  2382  	req.ApplyOptions(opts...)
  2383  	return out, req.Send()
  2384  }
  2385  
  2386  const opDeleteAccessKey = "DeleteAccessKey"
  2387  
  2388  // DeleteAccessKeyRequest generates a "aws/request.Request" representing the
  2389  // client's request for the DeleteAccessKey operation. The "output" return
  2390  // value will be populated with the request's response once the request completes
  2391  // successfully.
  2392  //
  2393  // Use "Send" method on the returned Request to send the API call to the service.
  2394  // the "output" return value is not valid until after Send returns without error.
  2395  //
  2396  // See DeleteAccessKey for more information on using the DeleteAccessKey
  2397  // API call, and error handling.
  2398  //
  2399  // This method is useful when you want to inject custom logic or configuration
  2400  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
  2401  //
  2402  //
  2403  //    // Example sending a request using the DeleteAccessKeyRequest method.
  2404  //    req, resp := client.DeleteAccessKeyRequest(params)
  2405  //
  2406  //    err := req.Send()
  2407  //    if err == nil { // resp is now filled
  2408  //        fmt.Println(resp)
  2409  //    }
  2410  //
  2411  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteAccessKey
  2412  func (c *IAM) DeleteAccessKeyRequest(input *DeleteAccessKeyInput) (req *request.Request, output *DeleteAccessKeyOutput) {
  2413  	op := &request.Operation{
  2414  		Name:       opDeleteAccessKey,
  2415  		HTTPMethod: "POST",
  2416  		HTTPPath:   "/",
  2417  	}
  2418  
  2419  	if input == nil {
  2420  		input = &DeleteAccessKeyInput{}
  2421  	}
  2422  
  2423  	output = &DeleteAccessKeyOutput{}
  2424  	req = c.newRequest(op, input, output)
  2425  	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
  2426  	return
  2427  }
  2428  
  2429  // DeleteAccessKey API operation for AWS Identity and Access Management.
  2430  //
  2431  // Deletes the access key pair associated with the specified IAM user.
  2432  //
  2433  // If you do not specify a user name, IAM determines the user name implicitly
  2434  // based on the Amazon Web Services access key ID signing the request. This
  2435  // operation works for access keys under the Amazon Web Services account. Consequently,
  2436  // you can use this operation to manage Amazon Web Services account root user
  2437  // credentials even if the Amazon Web Services account has no associated users.
  2438  //
  2439  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
  2440  // with awserr.Error's Code and Message methods to get detailed information about
  2441  // the error.
  2442  //
  2443  // See the AWS API reference guide for AWS Identity and Access Management's
  2444  // API operation DeleteAccessKey for usage and error information.
  2445  //
  2446  // Returned Error Codes:
  2447  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
  2448  //   The request was rejected because it referenced a resource entity that does
  2449  //   not exist. The error message describes the resource.
  2450  //
  2451  //   * ErrCodeLimitExceededException "LimitExceeded"
  2452  //   The request was rejected because it attempted to create resources beyond
  2453  //   the current Amazon Web Services account limits. The error message describes
  2454  //   the limit exceeded.
  2455  //
  2456  //   * ErrCodeServiceFailureException "ServiceFailure"
  2457  //   The request processing has failed because of an unknown error, exception
  2458  //   or failure.
  2459  //
  2460  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteAccessKey
  2461  func (c *IAM) DeleteAccessKey(input *DeleteAccessKeyInput) (*DeleteAccessKeyOutput, error) {
  2462  	req, out := c.DeleteAccessKeyRequest(input)
  2463  	return out, req.Send()
  2464  }
  2465  
  2466  // DeleteAccessKeyWithContext is the same as DeleteAccessKey with the addition of
  2467  // the ability to pass a context and additional request options.
  2468  //
  2469  // See DeleteAccessKey for details on how to use this API operation.
  2470  //
  2471  // The context must be non-nil and will be used for request cancellation. If
  2472  // the context is nil a panic will occur. In the future the SDK may create
  2473  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
  2474  // for more information on using Contexts.
  2475  func (c *IAM) DeleteAccessKeyWithContext(ctx aws.Context, input *DeleteAccessKeyInput, opts ...request.Option) (*DeleteAccessKeyOutput, error) {
  2476  	req, out := c.DeleteAccessKeyRequest(input)
  2477  	req.SetContext(ctx)
  2478  	req.ApplyOptions(opts...)
  2479  	return out, req.Send()
  2480  }
  2481  
  2482  const opDeleteAccountAlias = "DeleteAccountAlias"
  2483  
  2484  // DeleteAccountAliasRequest generates a "aws/request.Request" representing the
  2485  // client's request for the DeleteAccountAlias operation. The "output" return
  2486  // value will be populated with the request's response once the request completes
  2487  // successfully.
  2488  //
  2489  // Use "Send" method on the returned Request to send the API call to the service.
  2490  // the "output" return value is not valid until after Send returns without error.
  2491  //
  2492  // See DeleteAccountAlias for more information on using the DeleteAccountAlias
  2493  // API call, and error handling.
  2494  //
  2495  // This method is useful when you want to inject custom logic or configuration
  2496  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
  2497  //
  2498  //
  2499  //    // Example sending a request using the DeleteAccountAliasRequest method.
  2500  //    req, resp := client.DeleteAccountAliasRequest(params)
  2501  //
  2502  //    err := req.Send()
  2503  //    if err == nil { // resp is now filled
  2504  //        fmt.Println(resp)
  2505  //    }
  2506  //
  2507  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteAccountAlias
  2508  func (c *IAM) DeleteAccountAliasRequest(input *DeleteAccountAliasInput) (req *request.Request, output *DeleteAccountAliasOutput) {
  2509  	op := &request.Operation{
  2510  		Name:       opDeleteAccountAlias,
  2511  		HTTPMethod: "POST",
  2512  		HTTPPath:   "/",
  2513  	}
  2514  
  2515  	if input == nil {
  2516  		input = &DeleteAccountAliasInput{}
  2517  	}
  2518  
  2519  	output = &DeleteAccountAliasOutput{}
  2520  	req = c.newRequest(op, input, output)
  2521  	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
  2522  	return
  2523  }
  2524  
  2525  // DeleteAccountAlias API operation for AWS Identity and Access Management.
  2526  //
  2527  // Deletes the specified Amazon Web Services account alias. For information
  2528  // about using an Amazon Web Services account alias, see Using an alias for
  2529  // your Amazon Web Services account ID (https://docs.aws.amazon.com/IAM/latest/UserGuide/AccountAlias.html)
  2530  // in the IAM User Guide.
  2531  //
  2532  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
  2533  // with awserr.Error's Code and Message methods to get detailed information about
  2534  // the error.
  2535  //
  2536  // See the AWS API reference guide for AWS Identity and Access Management's
  2537  // API operation DeleteAccountAlias for usage and error information.
  2538  //
  2539  // Returned Error Codes:
  2540  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
  2541  //   The request was rejected because it referenced a resource entity that does
  2542  //   not exist. The error message describes the resource.
  2543  //
  2544  //   * ErrCodeLimitExceededException "LimitExceeded"
  2545  //   The request was rejected because it attempted to create resources beyond
  2546  //   the current Amazon Web Services account limits. The error message describes
  2547  //   the limit exceeded.
  2548  //
  2549  //   * ErrCodeServiceFailureException "ServiceFailure"
  2550  //   The request processing has failed because of an unknown error, exception
  2551  //   or failure.
  2552  //
  2553  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteAccountAlias
  2554  func (c *IAM) DeleteAccountAlias(input *DeleteAccountAliasInput) (*DeleteAccountAliasOutput, error) {
  2555  	req, out := c.DeleteAccountAliasRequest(input)
  2556  	return out, req.Send()
  2557  }
  2558  
  2559  // DeleteAccountAliasWithContext is the same as DeleteAccountAlias with the addition of
  2560  // the ability to pass a context and additional request options.
  2561  //
  2562  // See DeleteAccountAlias for details on how to use this API operation.
  2563  //
  2564  // The context must be non-nil and will be used for request cancellation. If
  2565  // the context is nil a panic will occur. In the future the SDK may create
  2566  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
  2567  // for more information on using Contexts.
  2568  func (c *IAM) DeleteAccountAliasWithContext(ctx aws.Context, input *DeleteAccountAliasInput, opts ...request.Option) (*DeleteAccountAliasOutput, error) {
  2569  	req, out := c.DeleteAccountAliasRequest(input)
  2570  	req.SetContext(ctx)
  2571  	req.ApplyOptions(opts...)
  2572  	return out, req.Send()
  2573  }
  2574  
  2575  const opDeleteAccountPasswordPolicy = "DeleteAccountPasswordPolicy"
  2576  
  2577  // DeleteAccountPasswordPolicyRequest generates a "aws/request.Request" representing the
  2578  // client's request for the DeleteAccountPasswordPolicy operation. The "output" return
  2579  // value will be populated with the request's response once the request completes
  2580  // successfully.
  2581  //
  2582  // Use "Send" method on the returned Request to send the API call to the service.
  2583  // the "output" return value is not valid until after Send returns without error.
  2584  //
  2585  // See DeleteAccountPasswordPolicy for more information on using the DeleteAccountPasswordPolicy
  2586  // API call, and error handling.
  2587  //
  2588  // This method is useful when you want to inject custom logic or configuration
  2589  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
  2590  //
  2591  //
  2592  //    // Example sending a request using the DeleteAccountPasswordPolicyRequest method.
  2593  //    req, resp := client.DeleteAccountPasswordPolicyRequest(params)
  2594  //
  2595  //    err := req.Send()
  2596  //    if err == nil { // resp is now filled
  2597  //        fmt.Println(resp)
  2598  //    }
  2599  //
  2600  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteAccountPasswordPolicy
  2601  func (c *IAM) DeleteAccountPasswordPolicyRequest(input *DeleteAccountPasswordPolicyInput) (req *request.Request, output *DeleteAccountPasswordPolicyOutput) {
  2602  	op := &request.Operation{
  2603  		Name:       opDeleteAccountPasswordPolicy,
  2604  		HTTPMethod: "POST",
  2605  		HTTPPath:   "/",
  2606  	}
  2607  
  2608  	if input == nil {
  2609  		input = &DeleteAccountPasswordPolicyInput{}
  2610  	}
  2611  
  2612  	output = &DeleteAccountPasswordPolicyOutput{}
  2613  	req = c.newRequest(op, input, output)
  2614  	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
  2615  	return
  2616  }
  2617  
  2618  // DeleteAccountPasswordPolicy API operation for AWS Identity and Access Management.
  2619  //
  2620  // Deletes the password policy for the Amazon Web Services account. There are
  2621  // no parameters.
  2622  //
  2623  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
  2624  // with awserr.Error's Code and Message methods to get detailed information about
  2625  // the error.
  2626  //
  2627  // See the AWS API reference guide for AWS Identity and Access Management's
  2628  // API operation DeleteAccountPasswordPolicy for usage and error information.
  2629  //
  2630  // Returned Error Codes:
  2631  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
  2632  //   The request was rejected because it referenced a resource entity that does
  2633  //   not exist. The error message describes the resource.
  2634  //
  2635  //   * ErrCodeLimitExceededException "LimitExceeded"
  2636  //   The request was rejected because it attempted to create resources beyond
  2637  //   the current Amazon Web Services account limits. The error message describes
  2638  //   the limit exceeded.
  2639  //
  2640  //   * ErrCodeServiceFailureException "ServiceFailure"
  2641  //   The request processing has failed because of an unknown error, exception
  2642  //   or failure.
  2643  //
  2644  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteAccountPasswordPolicy
  2645  func (c *IAM) DeleteAccountPasswordPolicy(input *DeleteAccountPasswordPolicyInput) (*DeleteAccountPasswordPolicyOutput, error) {
  2646  	req, out := c.DeleteAccountPasswordPolicyRequest(input)
  2647  	return out, req.Send()
  2648  }
  2649  
  2650  // DeleteAccountPasswordPolicyWithContext is the same as DeleteAccountPasswordPolicy with the addition of
  2651  // the ability to pass a context and additional request options.
  2652  //
  2653  // See DeleteAccountPasswordPolicy for details on how to use this API operation.
  2654  //
  2655  // The context must be non-nil and will be used for request cancellation. If
  2656  // the context is nil a panic will occur. In the future the SDK may create
  2657  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
  2658  // for more information on using Contexts.
  2659  func (c *IAM) DeleteAccountPasswordPolicyWithContext(ctx aws.Context, input *DeleteAccountPasswordPolicyInput, opts ...request.Option) (*DeleteAccountPasswordPolicyOutput, error) {
  2660  	req, out := c.DeleteAccountPasswordPolicyRequest(input)
  2661  	req.SetContext(ctx)
  2662  	req.ApplyOptions(opts...)
  2663  	return out, req.Send()
  2664  }
  2665  
  2666  const opDeleteGroup = "DeleteGroup"
  2667  
  2668  // DeleteGroupRequest generates a "aws/request.Request" representing the
  2669  // client's request for the DeleteGroup operation. The "output" return
  2670  // value will be populated with the request's response once the request completes
  2671  // successfully.
  2672  //
  2673  // Use "Send" method on the returned Request to send the API call to the service.
  2674  // the "output" return value is not valid until after Send returns without error.
  2675  //
  2676  // See DeleteGroup for more information on using the DeleteGroup
  2677  // API call, and error handling.
  2678  //
  2679  // This method is useful when you want to inject custom logic or configuration
  2680  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
  2681  //
  2682  //
  2683  //    // Example sending a request using the DeleteGroupRequest method.
  2684  //    req, resp := client.DeleteGroupRequest(params)
  2685  //
  2686  //    err := req.Send()
  2687  //    if err == nil { // resp is now filled
  2688  //        fmt.Println(resp)
  2689  //    }
  2690  //
  2691  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteGroup
  2692  func (c *IAM) DeleteGroupRequest(input *DeleteGroupInput) (req *request.Request, output *DeleteGroupOutput) {
  2693  	op := &request.Operation{
  2694  		Name:       opDeleteGroup,
  2695  		HTTPMethod: "POST",
  2696  		HTTPPath:   "/",
  2697  	}
  2698  
  2699  	if input == nil {
  2700  		input = &DeleteGroupInput{}
  2701  	}
  2702  
  2703  	output = &DeleteGroupOutput{}
  2704  	req = c.newRequest(op, input, output)
  2705  	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
  2706  	return
  2707  }
  2708  
  2709  // DeleteGroup API operation for AWS Identity and Access Management.
  2710  //
  2711  // Deletes the specified IAM group. The group must not contain any users or
  2712  // have any attached policies.
  2713  //
  2714  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
  2715  // with awserr.Error's Code and Message methods to get detailed information about
  2716  // the error.
  2717  //
  2718  // See the AWS API reference guide for AWS Identity and Access Management's
  2719  // API operation DeleteGroup for usage and error information.
  2720  //
  2721  // Returned Error Codes:
  2722  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
  2723  //   The request was rejected because it referenced a resource entity that does
  2724  //   not exist. The error message describes the resource.
  2725  //
  2726  //   * ErrCodeDeleteConflictException "DeleteConflict"
  2727  //   The request was rejected because it attempted to delete a resource that has
  2728  //   attached subordinate entities. The error message describes these entities.
  2729  //
  2730  //   * ErrCodeLimitExceededException "LimitExceeded"
  2731  //   The request was rejected because it attempted to create resources beyond
  2732  //   the current Amazon Web Services account limits. The error message describes
  2733  //   the limit exceeded.
  2734  //
  2735  //   * ErrCodeServiceFailureException "ServiceFailure"
  2736  //   The request processing has failed because of an unknown error, exception
  2737  //   or failure.
  2738  //
  2739  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteGroup
  2740  func (c *IAM) DeleteGroup(input *DeleteGroupInput) (*DeleteGroupOutput, error) {
  2741  	req, out := c.DeleteGroupRequest(input)
  2742  	return out, req.Send()
  2743  }
  2744  
  2745  // DeleteGroupWithContext is the same as DeleteGroup with the addition of
  2746  // the ability to pass a context and additional request options.
  2747  //
  2748  // See DeleteGroup for details on how to use this API operation.
  2749  //
  2750  // The context must be non-nil and will be used for request cancellation. If
  2751  // the context is nil a panic will occur. In the future the SDK may create
  2752  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
  2753  // for more information on using Contexts.
  2754  func (c *IAM) DeleteGroupWithContext(ctx aws.Context, input *DeleteGroupInput, opts ...request.Option) (*DeleteGroupOutput, error) {
  2755  	req, out := c.DeleteGroupRequest(input)
  2756  	req.SetContext(ctx)
  2757  	req.ApplyOptions(opts...)
  2758  	return out, req.Send()
  2759  }
  2760  
  2761  const opDeleteGroupPolicy = "DeleteGroupPolicy"
  2762  
  2763  // DeleteGroupPolicyRequest generates a "aws/request.Request" representing the
  2764  // client's request for the DeleteGroupPolicy operation. The "output" return
  2765  // value will be populated with the request's response once the request completes
  2766  // successfully.
  2767  //
  2768  // Use "Send" method on the returned Request to send the API call to the service.
  2769  // the "output" return value is not valid until after Send returns without error.
  2770  //
  2771  // See DeleteGroupPolicy for more information on using the DeleteGroupPolicy
  2772  // API call, and error handling.
  2773  //
  2774  // This method is useful when you want to inject custom logic or configuration
  2775  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
  2776  //
  2777  //
  2778  //    // Example sending a request using the DeleteGroupPolicyRequest method.
  2779  //    req, resp := client.DeleteGroupPolicyRequest(params)
  2780  //
  2781  //    err := req.Send()
  2782  //    if err == nil { // resp is now filled
  2783  //        fmt.Println(resp)
  2784  //    }
  2785  //
  2786  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteGroupPolicy
  2787  func (c *IAM) DeleteGroupPolicyRequest(input *DeleteGroupPolicyInput) (req *request.Request, output *DeleteGroupPolicyOutput) {
  2788  	op := &request.Operation{
  2789  		Name:       opDeleteGroupPolicy,
  2790  		HTTPMethod: "POST",
  2791  		HTTPPath:   "/",
  2792  	}
  2793  
  2794  	if input == nil {
  2795  		input = &DeleteGroupPolicyInput{}
  2796  	}
  2797  
  2798  	output = &DeleteGroupPolicyOutput{}
  2799  	req = c.newRequest(op, input, output)
  2800  	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
  2801  	return
  2802  }
  2803  
  2804  // DeleteGroupPolicy API operation for AWS Identity and Access Management.
  2805  //
  2806  // Deletes the specified inline policy that is embedded in the specified IAM
  2807  // group.
  2808  //
  2809  // A group can also have managed policies attached to it. To detach a managed
  2810  // policy from a group, use DetachGroupPolicy. For more information about policies,
  2811  // refer to Managed policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
  2812  // in the IAM User Guide.
  2813  //
  2814  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
  2815  // with awserr.Error's Code and Message methods to get detailed information about
  2816  // the error.
  2817  //
  2818  // See the AWS API reference guide for AWS Identity and Access Management's
  2819  // API operation DeleteGroupPolicy for usage and error information.
  2820  //
  2821  // Returned Error Codes:
  2822  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
  2823  //   The request was rejected because it referenced a resource entity that does
  2824  //   not exist. The error message describes the resource.
  2825  //
  2826  //   * ErrCodeLimitExceededException "LimitExceeded"
  2827  //   The request was rejected because it attempted to create resources beyond
  2828  //   the current Amazon Web Services account limits. The error message describes
  2829  //   the limit exceeded.
  2830  //
  2831  //   * ErrCodeServiceFailureException "ServiceFailure"
  2832  //   The request processing has failed because of an unknown error, exception
  2833  //   or failure.
  2834  //
  2835  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteGroupPolicy
  2836  func (c *IAM) DeleteGroupPolicy(input *DeleteGroupPolicyInput) (*DeleteGroupPolicyOutput, error) {
  2837  	req, out := c.DeleteGroupPolicyRequest(input)
  2838  	return out, req.Send()
  2839  }
  2840  
  2841  // DeleteGroupPolicyWithContext is the same as DeleteGroupPolicy with the addition of
  2842  // the ability to pass a context and additional request options.
  2843  //
  2844  // See DeleteGroupPolicy for details on how to use this API operation.
  2845  //
  2846  // The context must be non-nil and will be used for request cancellation. If
  2847  // the context is nil a panic will occur. In the future the SDK may create
  2848  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
  2849  // for more information on using Contexts.
  2850  func (c *IAM) DeleteGroupPolicyWithContext(ctx aws.Context, input *DeleteGroupPolicyInput, opts ...request.Option) (*DeleteGroupPolicyOutput, error) {
  2851  	req, out := c.DeleteGroupPolicyRequest(input)
  2852  	req.SetContext(ctx)
  2853  	req.ApplyOptions(opts...)
  2854  	return out, req.Send()
  2855  }
  2856  
  2857  const opDeleteInstanceProfile = "DeleteInstanceProfile"
  2858  
  2859  // DeleteInstanceProfileRequest generates a "aws/request.Request" representing the
  2860  // client's request for the DeleteInstanceProfile operation. The "output" return
  2861  // value will be populated with the request's response once the request completes
  2862  // successfully.
  2863  //
  2864  // Use "Send" method on the returned Request to send the API call to the service.
  2865  // the "output" return value is not valid until after Send returns without error.
  2866  //
  2867  // See DeleteInstanceProfile for more information on using the DeleteInstanceProfile
  2868  // API call, and error handling.
  2869  //
  2870  // This method is useful when you want to inject custom logic or configuration
  2871  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
  2872  //
  2873  //
  2874  //    // Example sending a request using the DeleteInstanceProfileRequest method.
  2875  //    req, resp := client.DeleteInstanceProfileRequest(params)
  2876  //
  2877  //    err := req.Send()
  2878  //    if err == nil { // resp is now filled
  2879  //        fmt.Println(resp)
  2880  //    }
  2881  //
  2882  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteInstanceProfile
  2883  func (c *IAM) DeleteInstanceProfileRequest(input *DeleteInstanceProfileInput) (req *request.Request, output *DeleteInstanceProfileOutput) {
  2884  	op := &request.Operation{
  2885  		Name:       opDeleteInstanceProfile,
  2886  		HTTPMethod: "POST",
  2887  		HTTPPath:   "/",
  2888  	}
  2889  
  2890  	if input == nil {
  2891  		input = &DeleteInstanceProfileInput{}
  2892  	}
  2893  
  2894  	output = &DeleteInstanceProfileOutput{}
  2895  	req = c.newRequest(op, input, output)
  2896  	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
  2897  	return
  2898  }
  2899  
  2900  // DeleteInstanceProfile API operation for AWS Identity and Access Management.
  2901  //
  2902  // Deletes the specified instance profile. The instance profile must not have
  2903  // an associated role.
  2904  //
  2905  // Make sure that you do not have any Amazon EC2 instances running with the
  2906  // instance profile you are about to delete. Deleting a role or instance profile
  2907  // that is associated with a running instance will break any applications running
  2908  // on the instance.
  2909  //
  2910  // For more information about instance profiles, see About instance profiles
  2911  // (https://docs.aws.amazon.com/IAM/latest/UserGuide/AboutInstanceProfiles.html).
  2912  //
  2913  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
  2914  // with awserr.Error's Code and Message methods to get detailed information about
  2915  // the error.
  2916  //
  2917  // See the AWS API reference guide for AWS Identity and Access Management's
  2918  // API operation DeleteInstanceProfile for usage and error information.
  2919  //
  2920  // Returned Error Codes:
  2921  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
  2922  //   The request was rejected because it referenced a resource entity that does
  2923  //   not exist. The error message describes the resource.
  2924  //
  2925  //   * ErrCodeDeleteConflictException "DeleteConflict"
  2926  //   The request was rejected because it attempted to delete a resource that has
  2927  //   attached subordinate entities. The error message describes these entities.
  2928  //
  2929  //   * ErrCodeLimitExceededException "LimitExceeded"
  2930  //   The request was rejected because it attempted to create resources beyond
  2931  //   the current Amazon Web Services account limits. The error message describes
  2932  //   the limit exceeded.
  2933  //
  2934  //   * ErrCodeServiceFailureException "ServiceFailure"
  2935  //   The request processing has failed because of an unknown error, exception
  2936  //   or failure.
  2937  //
  2938  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteInstanceProfile
  2939  func (c *IAM) DeleteInstanceProfile(input *DeleteInstanceProfileInput) (*DeleteInstanceProfileOutput, error) {
  2940  	req, out := c.DeleteInstanceProfileRequest(input)
  2941  	return out, req.Send()
  2942  }
  2943  
  2944  // DeleteInstanceProfileWithContext is the same as DeleteInstanceProfile with the addition of
  2945  // the ability to pass a context and additional request options.
  2946  //
  2947  // See DeleteInstanceProfile for details on how to use this API operation.
  2948  //
  2949  // The context must be non-nil and will be used for request cancellation. If
  2950  // the context is nil a panic will occur. In the future the SDK may create
  2951  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
  2952  // for more information on using Contexts.
  2953  func (c *IAM) DeleteInstanceProfileWithContext(ctx aws.Context, input *DeleteInstanceProfileInput, opts ...request.Option) (*DeleteInstanceProfileOutput, error) {
  2954  	req, out := c.DeleteInstanceProfileRequest(input)
  2955  	req.SetContext(ctx)
  2956  	req.ApplyOptions(opts...)
  2957  	return out, req.Send()
  2958  }
  2959  
  2960  const opDeleteLoginProfile = "DeleteLoginProfile"
  2961  
  2962  // DeleteLoginProfileRequest generates a "aws/request.Request" representing the
  2963  // client's request for the DeleteLoginProfile operation. The "output" return
  2964  // value will be populated with the request's response once the request completes
  2965  // successfully.
  2966  //
  2967  // Use "Send" method on the returned Request to send the API call to the service.
  2968  // the "output" return value is not valid until after Send returns without error.
  2969  //
  2970  // See DeleteLoginProfile for more information on using the DeleteLoginProfile
  2971  // API call, and error handling.
  2972  //
  2973  // This method is useful when you want to inject custom logic or configuration
  2974  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
  2975  //
  2976  //
  2977  //    // Example sending a request using the DeleteLoginProfileRequest method.
  2978  //    req, resp := client.DeleteLoginProfileRequest(params)
  2979  //
  2980  //    err := req.Send()
  2981  //    if err == nil { // resp is now filled
  2982  //        fmt.Println(resp)
  2983  //    }
  2984  //
  2985  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteLoginProfile
  2986  func (c *IAM) DeleteLoginProfileRequest(input *DeleteLoginProfileInput) (req *request.Request, output *DeleteLoginProfileOutput) {
  2987  	op := &request.Operation{
  2988  		Name:       opDeleteLoginProfile,
  2989  		HTTPMethod: "POST",
  2990  		HTTPPath:   "/",
  2991  	}
  2992  
  2993  	if input == nil {
  2994  		input = &DeleteLoginProfileInput{}
  2995  	}
  2996  
  2997  	output = &DeleteLoginProfileOutput{}
  2998  	req = c.newRequest(op, input, output)
  2999  	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
  3000  	return
  3001  }
  3002  
  3003  // DeleteLoginProfile API operation for AWS Identity and Access Management.
  3004  //
  3005  // Deletes the password for the specified IAM user, which terminates the user's
  3006  // ability to access Amazon Web Services services through the Amazon Web Services
  3007  // Management Console.
  3008  //
  3009  // You can use the CLI, the Amazon Web Services API, or the Users page in the
  3010  // IAM console to delete a password for any IAM user. You can use ChangePassword
  3011  // to update, but not delete, your own password in the My Security Credentials
  3012  // page in the Amazon Web Services Management Console.
  3013  //
  3014  // Deleting a user's password does not prevent a user from accessing Amazon
  3015  // Web Services through the command line interface or the API. To prevent all
  3016  // user access, you must also either make any access keys inactive or delete
  3017  // them. For more information about making keys inactive or deleting them, see
  3018  // UpdateAccessKey and DeleteAccessKey.
  3019  //
  3020  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
  3021  // with awserr.Error's Code and Message methods to get detailed information about
  3022  // the error.
  3023  //
  3024  // See the AWS API reference guide for AWS Identity and Access Management's
  3025  // API operation DeleteLoginProfile for usage and error information.
  3026  //
  3027  // Returned Error Codes:
  3028  //   * ErrCodeEntityTemporarilyUnmodifiableException "EntityTemporarilyUnmodifiable"
  3029  //   The request was rejected because it referenced an entity that is temporarily
  3030  //   unmodifiable, such as a user name that was deleted and then recreated. The
  3031  //   error indicates that the request is likely to succeed if you try again after
  3032  //   waiting several minutes. The error message describes the entity.
  3033  //
  3034  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
  3035  //   The request was rejected because it referenced a resource entity that does
  3036  //   not exist. The error message describes the resource.
  3037  //
  3038  //   * ErrCodeLimitExceededException "LimitExceeded"
  3039  //   The request was rejected because it attempted to create resources beyond
  3040  //   the current Amazon Web Services account limits. The error message describes
  3041  //   the limit exceeded.
  3042  //
  3043  //   * ErrCodeServiceFailureException "ServiceFailure"
  3044  //   The request processing has failed because of an unknown error, exception
  3045  //   or failure.
  3046  //
  3047  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteLoginProfile
  3048  func (c *IAM) DeleteLoginProfile(input *DeleteLoginProfileInput) (*DeleteLoginProfileOutput, error) {
  3049  	req, out := c.DeleteLoginProfileRequest(input)
  3050  	return out, req.Send()
  3051  }
  3052  
  3053  // DeleteLoginProfileWithContext is the same as DeleteLoginProfile with the addition of
  3054  // the ability to pass a context and additional request options.
  3055  //
  3056  // See DeleteLoginProfile for details on how to use this API operation.
  3057  //
  3058  // The context must be non-nil and will be used for request cancellation. If
  3059  // the context is nil a panic will occur. In the future the SDK may create
  3060  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
  3061  // for more information on using Contexts.
  3062  func (c *IAM) DeleteLoginProfileWithContext(ctx aws.Context, input *DeleteLoginProfileInput, opts ...request.Option) (*DeleteLoginProfileOutput, error) {
  3063  	req, out := c.DeleteLoginProfileRequest(input)
  3064  	req.SetContext(ctx)
  3065  	req.ApplyOptions(opts...)
  3066  	return out, req.Send()
  3067  }
  3068  
  3069  const opDeleteOpenIDConnectProvider = "DeleteOpenIDConnectProvider"
  3070  
  3071  // DeleteOpenIDConnectProviderRequest generates a "aws/request.Request" representing the
  3072  // client's request for the DeleteOpenIDConnectProvider operation. The "output" return
  3073  // value will be populated with the request's response once the request completes
  3074  // successfully.
  3075  //
  3076  // Use "Send" method on the returned Request to send the API call to the service.
  3077  // the "output" return value is not valid until after Send returns without error.
  3078  //
  3079  // See DeleteOpenIDConnectProvider for more information on using the DeleteOpenIDConnectProvider
  3080  // API call, and error handling.
  3081  //
  3082  // This method is useful when you want to inject custom logic or configuration
  3083  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
  3084  //
  3085  //
  3086  //    // Example sending a request using the DeleteOpenIDConnectProviderRequest method.
  3087  //    req, resp := client.DeleteOpenIDConnectProviderRequest(params)
  3088  //
  3089  //    err := req.Send()
  3090  //    if err == nil { // resp is now filled
  3091  //        fmt.Println(resp)
  3092  //    }
  3093  //
  3094  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteOpenIDConnectProvider
  3095  func (c *IAM) DeleteOpenIDConnectProviderRequest(input *DeleteOpenIDConnectProviderInput) (req *request.Request, output *DeleteOpenIDConnectProviderOutput) {
  3096  	op := &request.Operation{
  3097  		Name:       opDeleteOpenIDConnectProvider,
  3098  		HTTPMethod: "POST",
  3099  		HTTPPath:   "/",
  3100  	}
  3101  
  3102  	if input == nil {
  3103  		input = &DeleteOpenIDConnectProviderInput{}
  3104  	}
  3105  
  3106  	output = &DeleteOpenIDConnectProviderOutput{}
  3107  	req = c.newRequest(op, input, output)
  3108  	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
  3109  	return
  3110  }
  3111  
  3112  // DeleteOpenIDConnectProvider API operation for AWS Identity and Access Management.
  3113  //
  3114  // Deletes an OpenID Connect identity provider (IdP) resource object in IAM.
  3115  //
  3116  // Deleting an IAM OIDC provider resource does not update any roles that reference
  3117  // the provider as a principal in their trust policies. Any attempt to assume
  3118  // a role that references a deleted provider fails.
  3119  //
  3120  // This operation is idempotent; it does not fail or return an error if you
  3121  // call the operation for a provider that does not exist.
  3122  //
  3123  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
  3124  // with awserr.Error's Code and Message methods to get detailed information about
  3125  // the error.
  3126  //
  3127  // See the AWS API reference guide for AWS Identity and Access Management's
  3128  // API operation DeleteOpenIDConnectProvider for usage and error information.
  3129  //
  3130  // Returned Error Codes:
  3131  //   * ErrCodeInvalidInputException "InvalidInput"
  3132  //   The request was rejected because an invalid or out-of-range value was supplied
  3133  //   for an input parameter.
  3134  //
  3135  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
  3136  //   The request was rejected because it referenced a resource entity that does
  3137  //   not exist. The error message describes the resource.
  3138  //
  3139  //   * ErrCodeServiceFailureException "ServiceFailure"
  3140  //   The request processing has failed because of an unknown error, exception
  3141  //   or failure.
  3142  //
  3143  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteOpenIDConnectProvider
  3144  func (c *IAM) DeleteOpenIDConnectProvider(input *DeleteOpenIDConnectProviderInput) (*DeleteOpenIDConnectProviderOutput, error) {
  3145  	req, out := c.DeleteOpenIDConnectProviderRequest(input)
  3146  	return out, req.Send()
  3147  }
  3148  
  3149  // DeleteOpenIDConnectProviderWithContext is the same as DeleteOpenIDConnectProvider with the addition of
  3150  // the ability to pass a context and additional request options.
  3151  //
  3152  // See DeleteOpenIDConnectProvider for details on how to use this API operation.
  3153  //
  3154  // The context must be non-nil and will be used for request cancellation. If
  3155  // the context is nil a panic will occur. In the future the SDK may create
  3156  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
  3157  // for more information on using Contexts.
  3158  func (c *IAM) DeleteOpenIDConnectProviderWithContext(ctx aws.Context, input *DeleteOpenIDConnectProviderInput, opts ...request.Option) (*DeleteOpenIDConnectProviderOutput, error) {
  3159  	req, out := c.DeleteOpenIDConnectProviderRequest(input)
  3160  	req.SetContext(ctx)
  3161  	req.ApplyOptions(opts...)
  3162  	return out, req.Send()
  3163  }
  3164  
  3165  const opDeletePolicy = "DeletePolicy"
  3166  
  3167  // DeletePolicyRequest generates a "aws/request.Request" representing the
  3168  // client's request for the DeletePolicy operation. The "output" return
  3169  // value will be populated with the request's response once the request completes
  3170  // successfully.
  3171  //
  3172  // Use "Send" method on the returned Request to send the API call to the service.
  3173  // the "output" return value is not valid until after Send returns without error.
  3174  //
  3175  // See DeletePolicy for more information on using the DeletePolicy
  3176  // API call, and error handling.
  3177  //
  3178  // This method is useful when you want to inject custom logic or configuration
  3179  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
  3180  //
  3181  //
  3182  //    // Example sending a request using the DeletePolicyRequest method.
  3183  //    req, resp := client.DeletePolicyRequest(params)
  3184  //
  3185  //    err := req.Send()
  3186  //    if err == nil { // resp is now filled
  3187  //        fmt.Println(resp)
  3188  //    }
  3189  //
  3190  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeletePolicy
  3191  func (c *IAM) DeletePolicyRequest(input *DeletePolicyInput) (req *request.Request, output *DeletePolicyOutput) {
  3192  	op := &request.Operation{
  3193  		Name:       opDeletePolicy,
  3194  		HTTPMethod: "POST",
  3195  		HTTPPath:   "/",
  3196  	}
  3197  
  3198  	if input == nil {
  3199  		input = &DeletePolicyInput{}
  3200  	}
  3201  
  3202  	output = &DeletePolicyOutput{}
  3203  	req = c.newRequest(op, input, output)
  3204  	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
  3205  	return
  3206  }
  3207  
  3208  // DeletePolicy API operation for AWS Identity and Access Management.
  3209  //
  3210  // Deletes the specified managed policy.
  3211  //
  3212  // Before you can delete a managed policy, you must first detach the policy
  3213  // from all users, groups, and roles that it is attached to. In addition, you
  3214  // must delete all the policy's versions. The following steps describe the process
  3215  // for deleting a managed policy:
  3216  //
  3217  //    * Detach the policy from all users, groups, and roles that the policy
  3218  //    is attached to, using DetachUserPolicy, DetachGroupPolicy, or DetachRolePolicy.
  3219  //    To list all the users, groups, and roles that a policy is attached to,
  3220  //    use ListEntitiesForPolicy.
  3221  //
  3222  //    * Delete all versions of the policy using DeletePolicyVersion. To list
  3223  //    the policy's versions, use ListPolicyVersions. You cannot use DeletePolicyVersion
  3224  //    to delete the version that is marked as the default version. You delete
  3225  //    the policy's default version in the next step of the process.
  3226  //
  3227  //    * Delete the policy (this automatically deletes the policy's default version)
  3228  //    using this operation.
  3229  //
  3230  // For information about managed policies, see Managed policies and inline policies
  3231  // (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
  3232  // in the IAM User Guide.
  3233  //
  3234  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
  3235  // with awserr.Error's Code and Message methods to get detailed information about
  3236  // the error.
  3237  //
  3238  // See the AWS API reference guide for AWS Identity and Access Management's
  3239  // API operation DeletePolicy for usage and error information.
  3240  //
  3241  // Returned Error Codes:
  3242  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
  3243  //   The request was rejected because it referenced a resource entity that does
  3244  //   not exist. The error message describes the resource.
  3245  //
  3246  //   * ErrCodeLimitExceededException "LimitExceeded"
  3247  //   The request was rejected because it attempted to create resources beyond
  3248  //   the current Amazon Web Services account limits. The error message describes
  3249  //   the limit exceeded.
  3250  //
  3251  //   * ErrCodeInvalidInputException "InvalidInput"
  3252  //   The request was rejected because an invalid or out-of-range value was supplied
  3253  //   for an input parameter.
  3254  //
  3255  //   * ErrCodeDeleteConflictException "DeleteConflict"
  3256  //   The request was rejected because it attempted to delete a resource that has
  3257  //   attached subordinate entities. The error message describes these entities.
  3258  //
  3259  //   * ErrCodeServiceFailureException "ServiceFailure"
  3260  //   The request processing has failed because of an unknown error, exception
  3261  //   or failure.
  3262  //
  3263  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeletePolicy
  3264  func (c *IAM) DeletePolicy(input *DeletePolicyInput) (*DeletePolicyOutput, error) {
  3265  	req, out := c.DeletePolicyRequest(input)
  3266  	return out, req.Send()
  3267  }
  3268  
  3269  // DeletePolicyWithContext is the same as DeletePolicy with the addition of
  3270  // the ability to pass a context and additional request options.
  3271  //
  3272  // See DeletePolicy for details on how to use this API operation.
  3273  //
  3274  // The context must be non-nil and will be used for request cancellation. If
  3275  // the context is nil a panic will occur. In the future the SDK may create
  3276  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
  3277  // for more information on using Contexts.
  3278  func (c *IAM) DeletePolicyWithContext(ctx aws.Context, input *DeletePolicyInput, opts ...request.Option) (*DeletePolicyOutput, error) {
  3279  	req, out := c.DeletePolicyRequest(input)
  3280  	req.SetContext(ctx)
  3281  	req.ApplyOptions(opts...)
  3282  	return out, req.Send()
  3283  }
  3284  
  3285  const opDeletePolicyVersion = "DeletePolicyVersion"
  3286  
  3287  // DeletePolicyVersionRequest generates a "aws/request.Request" representing the
  3288  // client's request for the DeletePolicyVersion operation. The "output" return
  3289  // value will be populated with the request's response once the request completes
  3290  // successfully.
  3291  //
  3292  // Use "Send" method on the returned Request to send the API call to the service.
  3293  // the "output" return value is not valid until after Send returns without error.
  3294  //
  3295  // See DeletePolicyVersion for more information on using the DeletePolicyVersion
  3296  // API call, and error handling.
  3297  //
  3298  // This method is useful when you want to inject custom logic or configuration
  3299  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
  3300  //
  3301  //
  3302  //    // Example sending a request using the DeletePolicyVersionRequest method.
  3303  //    req, resp := client.DeletePolicyVersionRequest(params)
  3304  //
  3305  //    err := req.Send()
  3306  //    if err == nil { // resp is now filled
  3307  //        fmt.Println(resp)
  3308  //    }
  3309  //
  3310  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeletePolicyVersion
  3311  func (c *IAM) DeletePolicyVersionRequest(input *DeletePolicyVersionInput) (req *request.Request, output *DeletePolicyVersionOutput) {
  3312  	op := &request.Operation{
  3313  		Name:       opDeletePolicyVersion,
  3314  		HTTPMethod: "POST",
  3315  		HTTPPath:   "/",
  3316  	}
  3317  
  3318  	if input == nil {
  3319  		input = &DeletePolicyVersionInput{}
  3320  	}
  3321  
  3322  	output = &DeletePolicyVersionOutput{}
  3323  	req = c.newRequest(op, input, output)
  3324  	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
  3325  	return
  3326  }
  3327  
  3328  // DeletePolicyVersion API operation for AWS Identity and Access Management.
  3329  //
  3330  // Deletes the specified version from the specified managed policy.
  3331  //
  3332  // You cannot delete the default version from a policy using this operation.
  3333  // To delete the default version from a policy, use DeletePolicy. To find out
  3334  // which version of a policy is marked as the default version, use ListPolicyVersions.
  3335  //
  3336  // For information about versions for managed policies, see Versioning for managed
  3337  // policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-versions.html)
  3338  // in the IAM User Guide.
  3339  //
  3340  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
  3341  // with awserr.Error's Code and Message methods to get detailed information about
  3342  // the error.
  3343  //
  3344  // See the AWS API reference guide for AWS Identity and Access Management's
  3345  // API operation DeletePolicyVersion for usage and error information.
  3346  //
  3347  // Returned Error Codes:
  3348  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
  3349  //   The request was rejected because it referenced a resource entity that does
  3350  //   not exist. The error message describes the resource.
  3351  //
  3352  //   * ErrCodeLimitExceededException "LimitExceeded"
  3353  //   The request was rejected because it attempted to create resources beyond
  3354  //   the current Amazon Web Services account limits. The error message describes
  3355  //   the limit exceeded.
  3356  //
  3357  //   * ErrCodeInvalidInputException "InvalidInput"
  3358  //   The request was rejected because an invalid or out-of-range value was supplied
  3359  //   for an input parameter.
  3360  //
  3361  //   * ErrCodeDeleteConflictException "DeleteConflict"
  3362  //   The request was rejected because it attempted to delete a resource that has
  3363  //   attached subordinate entities. The error message describes these entities.
  3364  //
  3365  //   * ErrCodeServiceFailureException "ServiceFailure"
  3366  //   The request processing has failed because of an unknown error, exception
  3367  //   or failure.
  3368  //
  3369  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeletePolicyVersion
  3370  func (c *IAM) DeletePolicyVersion(input *DeletePolicyVersionInput) (*DeletePolicyVersionOutput, error) {
  3371  	req, out := c.DeletePolicyVersionRequest(input)
  3372  	return out, req.Send()
  3373  }
  3374  
  3375  // DeletePolicyVersionWithContext is the same as DeletePolicyVersion with the addition of
  3376  // the ability to pass a context and additional request options.
  3377  //
  3378  // See DeletePolicyVersion for details on how to use this API operation.
  3379  //
  3380  // The context must be non-nil and will be used for request cancellation. If
  3381  // the context is nil a panic will occur. In the future the SDK may create
  3382  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
  3383  // for more information on using Contexts.
  3384  func (c *IAM) DeletePolicyVersionWithContext(ctx aws.Context, input *DeletePolicyVersionInput, opts ...request.Option) (*DeletePolicyVersionOutput, error) {
  3385  	req, out := c.DeletePolicyVersionRequest(input)
  3386  	req.SetContext(ctx)
  3387  	req.ApplyOptions(opts...)
  3388  	return out, req.Send()
  3389  }
  3390  
  3391  const opDeleteRole = "DeleteRole"
  3392  
  3393  // DeleteRoleRequest generates a "aws/request.Request" representing the
  3394  // client's request for the DeleteRole operation. The "output" return
  3395  // value will be populated with the request's response once the request completes
  3396  // successfully.
  3397  //
  3398  // Use "Send" method on the returned Request to send the API call to the service.
  3399  // the "output" return value is not valid until after Send returns without error.
  3400  //
  3401  // See DeleteRole for more information on using the DeleteRole
  3402  // API call, and error handling.
  3403  //
  3404  // This method is useful when you want to inject custom logic or configuration
  3405  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
  3406  //
  3407  //
  3408  //    // Example sending a request using the DeleteRoleRequest method.
  3409  //    req, resp := client.DeleteRoleRequest(params)
  3410  //
  3411  //    err := req.Send()
  3412  //    if err == nil { // resp is now filled
  3413  //        fmt.Println(resp)
  3414  //    }
  3415  //
  3416  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteRole
  3417  func (c *IAM) DeleteRoleRequest(input *DeleteRoleInput) (req *request.Request, output *DeleteRoleOutput) {
  3418  	op := &request.Operation{
  3419  		Name:       opDeleteRole,
  3420  		HTTPMethod: "POST",
  3421  		HTTPPath:   "/",
  3422  	}
  3423  
  3424  	if input == nil {
  3425  		input = &DeleteRoleInput{}
  3426  	}
  3427  
  3428  	output = &DeleteRoleOutput{}
  3429  	req = c.newRequest(op, input, output)
  3430  	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
  3431  	return
  3432  }
  3433  
  3434  // DeleteRole API operation for AWS Identity and Access Management.
  3435  //
  3436  // Deletes the specified role. The role must not have any policies attached.
  3437  // For more information about roles, see Working with roles (https://docs.aws.amazon.com/IAM/latest/UserGuide/WorkingWithRoles.html).
  3438  //
  3439  // Make sure that you do not have any Amazon EC2 instances running with the
  3440  // role you are about to delete. Deleting a role or instance profile that is
  3441  // associated with a running instance will break any applications running on
  3442  // the instance.
  3443  //
  3444  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
  3445  // with awserr.Error's Code and Message methods to get detailed information about
  3446  // the error.
  3447  //
  3448  // See the AWS API reference guide for AWS Identity and Access Management's
  3449  // API operation DeleteRole for usage and error information.
  3450  //
  3451  // Returned Error Codes:
  3452  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
  3453  //   The request was rejected because it referenced a resource entity that does
  3454  //   not exist. The error message describes the resource.
  3455  //
  3456  //   * ErrCodeDeleteConflictException "DeleteConflict"
  3457  //   The request was rejected because it attempted to delete a resource that has
  3458  //   attached subordinate entities. The error message describes these entities.
  3459  //
  3460  //   * ErrCodeLimitExceededException "LimitExceeded"
  3461  //   The request was rejected because it attempted to create resources beyond
  3462  //   the current Amazon Web Services account limits. The error message describes
  3463  //   the limit exceeded.
  3464  //
  3465  //   * ErrCodeUnmodifiableEntityException "UnmodifiableEntity"
  3466  //   The request was rejected because only the service that depends on the service-linked
  3467  //   role can modify or delete the role on your behalf. The error message includes
  3468  //   the name of the service that depends on this service-linked role. You must
  3469  //   request the change through that service.
  3470  //
  3471  //   * ErrCodeConcurrentModificationException "ConcurrentModification"
  3472  //   The request was rejected because multiple requests to change this object
  3473  //   were submitted simultaneously. Wait a few minutes and submit your request
  3474  //   again.
  3475  //
  3476  //   * ErrCodeServiceFailureException "ServiceFailure"
  3477  //   The request processing has failed because of an unknown error, exception
  3478  //   or failure.
  3479  //
  3480  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteRole
  3481  func (c *IAM) DeleteRole(input *DeleteRoleInput) (*DeleteRoleOutput, error) {
  3482  	req, out := c.DeleteRoleRequest(input)
  3483  	return out, req.Send()
  3484  }
  3485  
  3486  // DeleteRoleWithContext is the same as DeleteRole with the addition of
  3487  // the ability to pass a context and additional request options.
  3488  //
  3489  // See DeleteRole for details on how to use this API operation.
  3490  //
  3491  // The context must be non-nil and will be used for request cancellation. If
  3492  // the context is nil a panic will occur. In the future the SDK may create
  3493  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
  3494  // for more information on using Contexts.
  3495  func (c *IAM) DeleteRoleWithContext(ctx aws.Context, input *DeleteRoleInput, opts ...request.Option) (*DeleteRoleOutput, error) {
  3496  	req, out := c.DeleteRoleRequest(input)
  3497  	req.SetContext(ctx)
  3498  	req.ApplyOptions(opts...)
  3499  	return out, req.Send()
  3500  }
  3501  
  3502  const opDeleteRolePermissionsBoundary = "DeleteRolePermissionsBoundary"
  3503  
  3504  // DeleteRolePermissionsBoundaryRequest generates a "aws/request.Request" representing the
  3505  // client's request for the DeleteRolePermissionsBoundary operation. The "output" return
  3506  // value will be populated with the request's response once the request completes
  3507  // successfully.
  3508  //
  3509  // Use "Send" method on the returned Request to send the API call to the service.
  3510  // the "output" return value is not valid until after Send returns without error.
  3511  //
  3512  // See DeleteRolePermissionsBoundary for more information on using the DeleteRolePermissionsBoundary
  3513  // API call, and error handling.
  3514  //
  3515  // This method is useful when you want to inject custom logic or configuration
  3516  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
  3517  //
  3518  //
  3519  //    // Example sending a request using the DeleteRolePermissionsBoundaryRequest method.
  3520  //    req, resp := client.DeleteRolePermissionsBoundaryRequest(params)
  3521  //
  3522  //    err := req.Send()
  3523  //    if err == nil { // resp is now filled
  3524  //        fmt.Println(resp)
  3525  //    }
  3526  //
  3527  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteRolePermissionsBoundary
  3528  func (c *IAM) DeleteRolePermissionsBoundaryRequest(input *DeleteRolePermissionsBoundaryInput) (req *request.Request, output *DeleteRolePermissionsBoundaryOutput) {
  3529  	op := &request.Operation{
  3530  		Name:       opDeleteRolePermissionsBoundary,
  3531  		HTTPMethod: "POST",
  3532  		HTTPPath:   "/",
  3533  	}
  3534  
  3535  	if input == nil {
  3536  		input = &DeleteRolePermissionsBoundaryInput{}
  3537  	}
  3538  
  3539  	output = &DeleteRolePermissionsBoundaryOutput{}
  3540  	req = c.newRequest(op, input, output)
  3541  	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
  3542  	return
  3543  }
  3544  
  3545  // DeleteRolePermissionsBoundary API operation for AWS Identity and Access Management.
  3546  //
  3547  // Deletes the permissions boundary for the specified IAM role.
  3548  //
  3549  // Deleting the permissions boundary for a role might increase its permissions.
  3550  // For example, it might allow anyone who assumes the role to perform all the
  3551  // actions granted in its permissions policies.
  3552  //
  3553  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
  3554  // with awserr.Error's Code and Message methods to get detailed information about
  3555  // the error.
  3556  //
  3557  // See the AWS API reference guide for AWS Identity and Access Management's
  3558  // API operation DeleteRolePermissionsBoundary for usage and error information.
  3559  //
  3560  // Returned Error Codes:
  3561  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
  3562  //   The request was rejected because it referenced a resource entity that does
  3563  //   not exist. The error message describes the resource.
  3564  //
  3565  //   * ErrCodeUnmodifiableEntityException "UnmodifiableEntity"
  3566  //   The request was rejected because only the service that depends on the service-linked
  3567  //   role can modify or delete the role on your behalf. The error message includes
  3568  //   the name of the service that depends on this service-linked role. You must
  3569  //   request the change through that service.
  3570  //
  3571  //   * ErrCodeServiceFailureException "ServiceFailure"
  3572  //   The request processing has failed because of an unknown error, exception
  3573  //   or failure.
  3574  //
  3575  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteRolePermissionsBoundary
  3576  func (c *IAM) DeleteRolePermissionsBoundary(input *DeleteRolePermissionsBoundaryInput) (*DeleteRolePermissionsBoundaryOutput, error) {
  3577  	req, out := c.DeleteRolePermissionsBoundaryRequest(input)
  3578  	return out, req.Send()
  3579  }
  3580  
  3581  // DeleteRolePermissionsBoundaryWithContext is the same as DeleteRolePermissionsBoundary with the addition of
  3582  // the ability to pass a context and additional request options.
  3583  //
  3584  // See DeleteRolePermissionsBoundary for details on how to use this API operation.
  3585  //
  3586  // The context must be non-nil and will be used for request cancellation. If
  3587  // the context is nil a panic will occur. In the future the SDK may create
  3588  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
  3589  // for more information on using Contexts.
  3590  func (c *IAM) DeleteRolePermissionsBoundaryWithContext(ctx aws.Context, input *DeleteRolePermissionsBoundaryInput, opts ...request.Option) (*DeleteRolePermissionsBoundaryOutput, error) {
  3591  	req, out := c.DeleteRolePermissionsBoundaryRequest(input)
  3592  	req.SetContext(ctx)
  3593  	req.ApplyOptions(opts...)
  3594  	return out, req.Send()
  3595  }
  3596  
  3597  const opDeleteRolePolicy = "DeleteRolePolicy"
  3598  
  3599  // DeleteRolePolicyRequest generates a "aws/request.Request" representing the
  3600  // client's request for the DeleteRolePolicy operation. The "output" return
  3601  // value will be populated with the request's response once the request completes
  3602  // successfully.
  3603  //
  3604  // Use "Send" method on the returned Request to send the API call to the service.
  3605  // the "output" return value is not valid until after Send returns without error.
  3606  //
  3607  // See DeleteRolePolicy for more information on using the DeleteRolePolicy
  3608  // API call, and error handling.
  3609  //
  3610  // This method is useful when you want to inject custom logic or configuration
  3611  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
  3612  //
  3613  //
  3614  //    // Example sending a request using the DeleteRolePolicyRequest method.
  3615  //    req, resp := client.DeleteRolePolicyRequest(params)
  3616  //
  3617  //    err := req.Send()
  3618  //    if err == nil { // resp is now filled
  3619  //        fmt.Println(resp)
  3620  //    }
  3621  //
  3622  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteRolePolicy
  3623  func (c *IAM) DeleteRolePolicyRequest(input *DeleteRolePolicyInput) (req *request.Request, output *DeleteRolePolicyOutput) {
  3624  	op := &request.Operation{
  3625  		Name:       opDeleteRolePolicy,
  3626  		HTTPMethod: "POST",
  3627  		HTTPPath:   "/",
  3628  	}
  3629  
  3630  	if input == nil {
  3631  		input = &DeleteRolePolicyInput{}
  3632  	}
  3633  
  3634  	output = &DeleteRolePolicyOutput{}
  3635  	req = c.newRequest(op, input, output)
  3636  	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
  3637  	return
  3638  }
  3639  
  3640  // DeleteRolePolicy API operation for AWS Identity and Access Management.
  3641  //
  3642  // Deletes the specified inline policy that is embedded in the specified IAM
  3643  // role.
  3644  //
  3645  // A role can also have managed policies attached to it. To detach a managed
  3646  // policy from a role, use DetachRolePolicy. For more information about policies,
  3647  // refer to Managed policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
  3648  // in the IAM User Guide.
  3649  //
  3650  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
  3651  // with awserr.Error's Code and Message methods to get detailed information about
  3652  // the error.
  3653  //
  3654  // See the AWS API reference guide for AWS Identity and Access Management's
  3655  // API operation DeleteRolePolicy for usage and error information.
  3656  //
  3657  // Returned Error Codes:
  3658  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
  3659  //   The request was rejected because it referenced a resource entity that does
  3660  //   not exist. The error message describes the resource.
  3661  //
  3662  //   * ErrCodeLimitExceededException "LimitExceeded"
  3663  //   The request was rejected because it attempted to create resources beyond
  3664  //   the current Amazon Web Services account limits. The error message describes
  3665  //   the limit exceeded.
  3666  //
  3667  //   * ErrCodeUnmodifiableEntityException "UnmodifiableEntity"
  3668  //   The request was rejected because only the service that depends on the service-linked
  3669  //   role can modify or delete the role on your behalf. The error message includes
  3670  //   the name of the service that depends on this service-linked role. You must
  3671  //   request the change through that service.
  3672  //
  3673  //   * ErrCodeServiceFailureException "ServiceFailure"
  3674  //   The request processing has failed because of an unknown error, exception
  3675  //   or failure.
  3676  //
  3677  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteRolePolicy
  3678  func (c *IAM) DeleteRolePolicy(input *DeleteRolePolicyInput) (*DeleteRolePolicyOutput, error) {
  3679  	req, out := c.DeleteRolePolicyRequest(input)
  3680  	return out, req.Send()
  3681  }
  3682  
  3683  // DeleteRolePolicyWithContext is the same as DeleteRolePolicy with the addition of
  3684  // the ability to pass a context and additional request options.
  3685  //
  3686  // See DeleteRolePolicy for details on how to use this API operation.
  3687  //
  3688  // The context must be non-nil and will be used for request cancellation. If
  3689  // the context is nil a panic will occur. In the future the SDK may create
  3690  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
  3691  // for more information on using Contexts.
  3692  func (c *IAM) DeleteRolePolicyWithContext(ctx aws.Context, input *DeleteRolePolicyInput, opts ...request.Option) (*DeleteRolePolicyOutput, error) {
  3693  	req, out := c.DeleteRolePolicyRequest(input)
  3694  	req.SetContext(ctx)
  3695  	req.ApplyOptions(opts...)
  3696  	return out, req.Send()
  3697  }
  3698  
  3699  const opDeleteSAMLProvider = "DeleteSAMLProvider"
  3700  
  3701  // DeleteSAMLProviderRequest generates a "aws/request.Request" representing the
  3702  // client's request for the DeleteSAMLProvider operation. The "output" return
  3703  // value will be populated with the request's response once the request completes
  3704  // successfully.
  3705  //
  3706  // Use "Send" method on the returned Request to send the API call to the service.
  3707  // the "output" return value is not valid until after Send returns without error.
  3708  //
  3709  // See DeleteSAMLProvider for more information on using the DeleteSAMLProvider
  3710  // API call, and error handling.
  3711  //
  3712  // This method is useful when you want to inject custom logic or configuration
  3713  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
  3714  //
  3715  //
  3716  //    // Example sending a request using the DeleteSAMLProviderRequest method.
  3717  //    req, resp := client.DeleteSAMLProviderRequest(params)
  3718  //
  3719  //    err := req.Send()
  3720  //    if err == nil { // resp is now filled
  3721  //        fmt.Println(resp)
  3722  //    }
  3723  //
  3724  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteSAMLProvider
  3725  func (c *IAM) DeleteSAMLProviderRequest(input *DeleteSAMLProviderInput) (req *request.Request, output *DeleteSAMLProviderOutput) {
  3726  	op := &request.Operation{
  3727  		Name:       opDeleteSAMLProvider,
  3728  		HTTPMethod: "POST",
  3729  		HTTPPath:   "/",
  3730  	}
  3731  
  3732  	if input == nil {
  3733  		input = &DeleteSAMLProviderInput{}
  3734  	}
  3735  
  3736  	output = &DeleteSAMLProviderOutput{}
  3737  	req = c.newRequest(op, input, output)
  3738  	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
  3739  	return
  3740  }
  3741  
  3742  // DeleteSAMLProvider API operation for AWS Identity and Access Management.
  3743  //
  3744  // Deletes a SAML provider resource in IAM.
  3745  //
  3746  // Deleting the provider resource from IAM does not update any roles that reference
  3747  // the SAML provider resource's ARN as a principal in their trust policies.
  3748  // Any attempt to assume a role that references a non-existent provider resource
  3749  // ARN fails.
  3750  //
  3751  // This operation requires Signature Version 4 (https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html).
  3752  //
  3753  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
  3754  // with awserr.Error's Code and Message methods to get detailed information about
  3755  // the error.
  3756  //
  3757  // See the AWS API reference guide for AWS Identity and Access Management's
  3758  // API operation DeleteSAMLProvider for usage and error information.
  3759  //
  3760  // Returned Error Codes:
  3761  //   * ErrCodeInvalidInputException "InvalidInput"
  3762  //   The request was rejected because an invalid or out-of-range value was supplied
  3763  //   for an input parameter.
  3764  //
  3765  //   * ErrCodeLimitExceededException "LimitExceeded"
  3766  //   The request was rejected because it attempted to create resources beyond
  3767  //   the current Amazon Web Services account limits. The error message describes
  3768  //   the limit exceeded.
  3769  //
  3770  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
  3771  //   The request was rejected because it referenced a resource entity that does
  3772  //   not exist. The error message describes the resource.
  3773  //
  3774  //   * ErrCodeServiceFailureException "ServiceFailure"
  3775  //   The request processing has failed because of an unknown error, exception
  3776  //   or failure.
  3777  //
  3778  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteSAMLProvider
  3779  func (c *IAM) DeleteSAMLProvider(input *DeleteSAMLProviderInput) (*DeleteSAMLProviderOutput, error) {
  3780  	req, out := c.DeleteSAMLProviderRequest(input)
  3781  	return out, req.Send()
  3782  }
  3783  
  3784  // DeleteSAMLProviderWithContext is the same as DeleteSAMLProvider with the addition of
  3785  // the ability to pass a context and additional request options.
  3786  //
  3787  // See DeleteSAMLProvider for details on how to use this API operation.
  3788  //
  3789  // The context must be non-nil and will be used for request cancellation. If
  3790  // the context is nil a panic will occur. In the future the SDK may create
  3791  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
  3792  // for more information on using Contexts.
  3793  func (c *IAM) DeleteSAMLProviderWithContext(ctx aws.Context, input *DeleteSAMLProviderInput, opts ...request.Option) (*DeleteSAMLProviderOutput, error) {
  3794  	req, out := c.DeleteSAMLProviderRequest(input)
  3795  	req.SetContext(ctx)
  3796  	req.ApplyOptions(opts...)
  3797  	return out, req.Send()
  3798  }
  3799  
  3800  const opDeleteSSHPublicKey = "DeleteSSHPublicKey"
  3801  
  3802  // DeleteSSHPublicKeyRequest generates a "aws/request.Request" representing the
  3803  // client's request for the DeleteSSHPublicKey operation. The "output" return
  3804  // value will be populated with the request's response once the request completes
  3805  // successfully.
  3806  //
  3807  // Use "Send" method on the returned Request to send the API call to the service.
  3808  // the "output" return value is not valid until after Send returns without error.
  3809  //
  3810  // See DeleteSSHPublicKey for more information on using the DeleteSSHPublicKey
  3811  // API call, and error handling.
  3812  //
  3813  // This method is useful when you want to inject custom logic or configuration
  3814  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
  3815  //
  3816  //
  3817  //    // Example sending a request using the DeleteSSHPublicKeyRequest method.
  3818  //    req, resp := client.DeleteSSHPublicKeyRequest(params)
  3819  //
  3820  //    err := req.Send()
  3821  //    if err == nil { // resp is now filled
  3822  //        fmt.Println(resp)
  3823  //    }
  3824  //
  3825  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteSSHPublicKey
  3826  func (c *IAM) DeleteSSHPublicKeyRequest(input *DeleteSSHPublicKeyInput) (req *request.Request, output *DeleteSSHPublicKeyOutput) {
  3827  	op := &request.Operation{
  3828  		Name:       opDeleteSSHPublicKey,
  3829  		HTTPMethod: "POST",
  3830  		HTTPPath:   "/",
  3831  	}
  3832  
  3833  	if input == nil {
  3834  		input = &DeleteSSHPublicKeyInput{}
  3835  	}
  3836  
  3837  	output = &DeleteSSHPublicKeyOutput{}
  3838  	req = c.newRequest(op, input, output)
  3839  	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
  3840  	return
  3841  }
  3842  
  3843  // DeleteSSHPublicKey API operation for AWS Identity and Access Management.
  3844  //
  3845  // Deletes the specified SSH public key.
  3846  //
  3847  // The SSH public key deleted by this operation is used only for authenticating
  3848  // the associated IAM user to an CodeCommit repository. For more information
  3849  // about using SSH keys to authenticate to an CodeCommit repository, see Set
  3850  // up CodeCommit for SSH connections (https://docs.aws.amazon.com/codecommit/latest/userguide/setting-up-credentials-ssh.html)
  3851  // in the CodeCommit User Guide.
  3852  //
  3853  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
  3854  // with awserr.Error's Code and Message methods to get detailed information about
  3855  // the error.
  3856  //
  3857  // See the AWS API reference guide for AWS Identity and Access Management's
  3858  // API operation DeleteSSHPublicKey for usage and error information.
  3859  //
  3860  // Returned Error Codes:
  3861  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
  3862  //   The request was rejected because it referenced a resource entity that does
  3863  //   not exist. The error message describes the resource.
  3864  //
  3865  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteSSHPublicKey
  3866  func (c *IAM) DeleteSSHPublicKey(input *DeleteSSHPublicKeyInput) (*DeleteSSHPublicKeyOutput, error) {
  3867  	req, out := c.DeleteSSHPublicKeyRequest(input)
  3868  	return out, req.Send()
  3869  }
  3870  
  3871  // DeleteSSHPublicKeyWithContext is the same as DeleteSSHPublicKey with the addition of
  3872  // the ability to pass a context and additional request options.
  3873  //
  3874  // See DeleteSSHPublicKey for details on how to use this API operation.
  3875  //
  3876  // The context must be non-nil and will be used for request cancellation. If
  3877  // the context is nil a panic will occur. In the future the SDK may create
  3878  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
  3879  // for more information on using Contexts.
  3880  func (c *IAM) DeleteSSHPublicKeyWithContext(ctx aws.Context, input *DeleteSSHPublicKeyInput, opts ...request.Option) (*DeleteSSHPublicKeyOutput, error) {
  3881  	req, out := c.DeleteSSHPublicKeyRequest(input)
  3882  	req.SetContext(ctx)
  3883  	req.ApplyOptions(opts...)
  3884  	return out, req.Send()
  3885  }
  3886  
  3887  const opDeleteServerCertificate = "DeleteServerCertificate"
  3888  
  3889  // DeleteServerCertificateRequest generates a "aws/request.Request" representing the
  3890  // client's request for the DeleteServerCertificate operation. The "output" return
  3891  // value will be populated with the request's response once the request completes
  3892  // successfully.
  3893  //
  3894  // Use "Send" method on the returned Request to send the API call to the service.
  3895  // the "output" return value is not valid until after Send returns without error.
  3896  //
  3897  // See DeleteServerCertificate for more information on using the DeleteServerCertificate
  3898  // API call, and error handling.
  3899  //
  3900  // This method is useful when you want to inject custom logic or configuration
  3901  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
  3902  //
  3903  //
  3904  //    // Example sending a request using the DeleteServerCertificateRequest method.
  3905  //    req, resp := client.DeleteServerCertificateRequest(params)
  3906  //
  3907  //    err := req.Send()
  3908  //    if err == nil { // resp is now filled
  3909  //        fmt.Println(resp)
  3910  //    }
  3911  //
  3912  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteServerCertificate
  3913  func (c *IAM) DeleteServerCertificateRequest(input *DeleteServerCertificateInput) (req *request.Request, output *DeleteServerCertificateOutput) {
  3914  	op := &request.Operation{
  3915  		Name:       opDeleteServerCertificate,
  3916  		HTTPMethod: "POST",
  3917  		HTTPPath:   "/",
  3918  	}
  3919  
  3920  	if input == nil {
  3921  		input = &DeleteServerCertificateInput{}
  3922  	}
  3923  
  3924  	output = &DeleteServerCertificateOutput{}
  3925  	req = c.newRequest(op, input, output)
  3926  	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
  3927  	return
  3928  }
  3929  
  3930  // DeleteServerCertificate API operation for AWS Identity and Access Management.
  3931  //
  3932  // Deletes the specified server certificate.
  3933  //
  3934  // For more information about working with server certificates, see Working
  3935  // with server certificates (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_server-certs.html)
  3936  // in the IAM User Guide. This topic also includes a list of Amazon Web Services
  3937  // services that can use the server certificates that you manage with IAM.
  3938  //
  3939  // If you are using a server certificate with Elastic Load Balancing, deleting
  3940  // the certificate could have implications for your application. If Elastic
  3941  // Load Balancing doesn't detect the deletion of bound certificates, it may
  3942  // continue to use the certificates. This could cause Elastic Load Balancing
  3943  // to stop accepting traffic. We recommend that you remove the reference to
  3944  // the certificate from Elastic Load Balancing before using this command to
  3945  // delete the certificate. For more information, see DeleteLoadBalancerListeners
  3946  // (https://docs.aws.amazon.com/ElasticLoadBalancing/latest/APIReference/API_DeleteLoadBalancerListeners.html)
  3947  // in the Elastic Load Balancing API Reference.
  3948  //
  3949  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
  3950  // with awserr.Error's Code and Message methods to get detailed information about
  3951  // the error.
  3952  //
  3953  // See the AWS API reference guide for AWS Identity and Access Management's
  3954  // API operation DeleteServerCertificate for usage and error information.
  3955  //
  3956  // Returned Error Codes:
  3957  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
  3958  //   The request was rejected because it referenced a resource entity that does
  3959  //   not exist. The error message describes the resource.
  3960  //
  3961  //   * ErrCodeDeleteConflictException "DeleteConflict"
  3962  //   The request was rejected because it attempted to delete a resource that has
  3963  //   attached subordinate entities. The error message describes these entities.
  3964  //
  3965  //   * ErrCodeLimitExceededException "LimitExceeded"
  3966  //   The request was rejected because it attempted to create resources beyond
  3967  //   the current Amazon Web Services account limits. The error message describes
  3968  //   the limit exceeded.
  3969  //
  3970  //   * ErrCodeServiceFailureException "ServiceFailure"
  3971  //   The request processing has failed because of an unknown error, exception
  3972  //   or failure.
  3973  //
  3974  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteServerCertificate
  3975  func (c *IAM) DeleteServerCertificate(input *DeleteServerCertificateInput) (*DeleteServerCertificateOutput, error) {
  3976  	req, out := c.DeleteServerCertificateRequest(input)
  3977  	return out, req.Send()
  3978  }
  3979  
  3980  // DeleteServerCertificateWithContext is the same as DeleteServerCertificate with the addition of
  3981  // the ability to pass a context and additional request options.
  3982  //
  3983  // See DeleteServerCertificate for details on how to use this API operation.
  3984  //
  3985  // The context must be non-nil and will be used for request cancellation. If
  3986  // the context is nil a panic will occur. In the future the SDK may create
  3987  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
  3988  // for more information on using Contexts.
  3989  func (c *IAM) DeleteServerCertificateWithContext(ctx aws.Context, input *DeleteServerCertificateInput, opts ...request.Option) (*DeleteServerCertificateOutput, error) {
  3990  	req, out := c.DeleteServerCertificateRequest(input)
  3991  	req.SetContext(ctx)
  3992  	req.ApplyOptions(opts...)
  3993  	return out, req.Send()
  3994  }
  3995  
  3996  const opDeleteServiceLinkedRole = "DeleteServiceLinkedRole"
  3997  
  3998  // DeleteServiceLinkedRoleRequest generates a "aws/request.Request" representing the
  3999  // client's request for the DeleteServiceLinkedRole operation. The "output" return
  4000  // value will be populated with the request's response once the request completes
  4001  // successfully.
  4002  //
  4003  // Use "Send" method on the returned Request to send the API call to the service.
  4004  // the "output" return value is not valid until after Send returns without error.
  4005  //
  4006  // See DeleteServiceLinkedRole for more information on using the DeleteServiceLinkedRole
  4007  // API call, and error handling.
  4008  //
  4009  // This method is useful when you want to inject custom logic or configuration
  4010  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
  4011  //
  4012  //
  4013  //    // Example sending a request using the DeleteServiceLinkedRoleRequest method.
  4014  //    req, resp := client.DeleteServiceLinkedRoleRequest(params)
  4015  //
  4016  //    err := req.Send()
  4017  //    if err == nil { // resp is now filled
  4018  //        fmt.Println(resp)
  4019  //    }
  4020  //
  4021  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteServiceLinkedRole
  4022  func (c *IAM) DeleteServiceLinkedRoleRequest(input *DeleteServiceLinkedRoleInput) (req *request.Request, output *DeleteServiceLinkedRoleOutput) {
  4023  	op := &request.Operation{
  4024  		Name:       opDeleteServiceLinkedRole,
  4025  		HTTPMethod: "POST",
  4026  		HTTPPath:   "/",
  4027  	}
  4028  
  4029  	if input == nil {
  4030  		input = &DeleteServiceLinkedRoleInput{}
  4031  	}
  4032  
  4033  	output = &DeleteServiceLinkedRoleOutput{}
  4034  	req = c.newRequest(op, input, output)
  4035  	return
  4036  }
  4037  
  4038  // DeleteServiceLinkedRole API operation for AWS Identity and Access Management.
  4039  //
  4040  // Submits a service-linked role deletion request and returns a DeletionTaskId,
  4041  // which you can use to check the status of the deletion. Before you call this
  4042  // operation, confirm that the role has no active sessions and that any resources
  4043  // used by the role in the linked service are deleted. If you call this operation
  4044  // more than once for the same service-linked role and an earlier deletion task
  4045  // is not complete, then the DeletionTaskId of the earlier request is returned.
  4046  //
  4047  // If you submit a deletion request for a service-linked role whose linked service
  4048  // is still accessing a resource, then the deletion task fails. If it fails,
  4049  // the GetServiceLinkedRoleDeletionStatus operation returns the reason for the
  4050  // failure, usually including the resources that must be deleted. To delete
  4051  // the service-linked role, you must first remove those resources from the linked
  4052  // service and then submit the deletion request again. Resources are specific
  4053  // to the service that is linked to the role. For more information about removing
  4054  // resources from a service, see the Amazon Web Services documentation (http://docs.aws.amazon.com/)
  4055  // for your service.
  4056  //
  4057  // For more information about service-linked roles, see Roles terms and concepts:
  4058  // Amazon Web Services service-linked role (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_terms-and-concepts.html#iam-term-service-linked-role)
  4059  // in the IAM User Guide.
  4060  //
  4061  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
  4062  // with awserr.Error's Code and Message methods to get detailed information about
  4063  // the error.
  4064  //
  4065  // See the AWS API reference guide for AWS Identity and Access Management's
  4066  // API operation DeleteServiceLinkedRole for usage and error information.
  4067  //
  4068  // Returned Error Codes:
  4069  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
  4070  //   The request was rejected because it referenced a resource entity that does
  4071  //   not exist. The error message describes the resource.
  4072  //
  4073  //   * ErrCodeLimitExceededException "LimitExceeded"
  4074  //   The request was rejected because it attempted to create resources beyond
  4075  //   the current Amazon Web Services account limits. The error message describes
  4076  //   the limit exceeded.
  4077  //
  4078  //   * ErrCodeServiceFailureException "ServiceFailure"
  4079  //   The request processing has failed because of an unknown error, exception
  4080  //   or failure.
  4081  //
  4082  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteServiceLinkedRole
  4083  func (c *IAM) DeleteServiceLinkedRole(input *DeleteServiceLinkedRoleInput) (*DeleteServiceLinkedRoleOutput, error) {
  4084  	req, out := c.DeleteServiceLinkedRoleRequest(input)
  4085  	return out, req.Send()
  4086  }
  4087  
  4088  // DeleteServiceLinkedRoleWithContext is the same as DeleteServiceLinkedRole with the addition of
  4089  // the ability to pass a context and additional request options.
  4090  //
  4091  // See DeleteServiceLinkedRole for details on how to use this API operation.
  4092  //
  4093  // The context must be non-nil and will be used for request cancellation. If
  4094  // the context is nil a panic will occur. In the future the SDK may create
  4095  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
  4096  // for more information on using Contexts.
  4097  func (c *IAM) DeleteServiceLinkedRoleWithContext(ctx aws.Context, input *DeleteServiceLinkedRoleInput, opts ...request.Option) (*DeleteServiceLinkedRoleOutput, error) {
  4098  	req, out := c.DeleteServiceLinkedRoleRequest(input)
  4099  	req.SetContext(ctx)
  4100  	req.ApplyOptions(opts...)
  4101  	return out, req.Send()
  4102  }
  4103  
  4104  const opDeleteServiceSpecificCredential = "DeleteServiceSpecificCredential"
  4105  
  4106  // DeleteServiceSpecificCredentialRequest generates a "aws/request.Request" representing the
  4107  // client's request for the DeleteServiceSpecificCredential operation. The "output" return
  4108  // value will be populated with the request's response once the request completes
  4109  // successfully.
  4110  //
  4111  // Use "Send" method on the returned Request to send the API call to the service.
  4112  // the "output" return value is not valid until after Send returns without error.
  4113  //
  4114  // See DeleteServiceSpecificCredential for more information on using the DeleteServiceSpecificCredential
  4115  // API call, and error handling.
  4116  //
  4117  // This method is useful when you want to inject custom logic or configuration
  4118  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
  4119  //
  4120  //
  4121  //    // Example sending a request using the DeleteServiceSpecificCredentialRequest method.
  4122  //    req, resp := client.DeleteServiceSpecificCredentialRequest(params)
  4123  //
  4124  //    err := req.Send()
  4125  //    if err == nil { // resp is now filled
  4126  //        fmt.Println(resp)
  4127  //    }
  4128  //
  4129  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteServiceSpecificCredential
  4130  func (c *IAM) DeleteServiceSpecificCredentialRequest(input *DeleteServiceSpecificCredentialInput) (req *request.Request, output *DeleteServiceSpecificCredentialOutput) {
  4131  	op := &request.Operation{
  4132  		Name:       opDeleteServiceSpecificCredential,
  4133  		HTTPMethod: "POST",
  4134  		HTTPPath:   "/",
  4135  	}
  4136  
  4137  	if input == nil {
  4138  		input = &DeleteServiceSpecificCredentialInput{}
  4139  	}
  4140  
  4141  	output = &DeleteServiceSpecificCredentialOutput{}
  4142  	req = c.newRequest(op, input, output)
  4143  	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
  4144  	return
  4145  }
  4146  
  4147  // DeleteServiceSpecificCredential API operation for AWS Identity and Access Management.
  4148  //
  4149  // Deletes the specified service-specific credential.
  4150  //
  4151  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
  4152  // with awserr.Error's Code and Message methods to get detailed information about
  4153  // the error.
  4154  //
  4155  // See the AWS API reference guide for AWS Identity and Access Management's
  4156  // API operation DeleteServiceSpecificCredential for usage and error information.
  4157  //
  4158  // Returned Error Codes:
  4159  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
  4160  //   The request was rejected because it referenced a resource entity that does
  4161  //   not exist. The error message describes the resource.
  4162  //
  4163  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteServiceSpecificCredential
  4164  func (c *IAM) DeleteServiceSpecificCredential(input *DeleteServiceSpecificCredentialInput) (*DeleteServiceSpecificCredentialOutput, error) {
  4165  	req, out := c.DeleteServiceSpecificCredentialRequest(input)
  4166  	return out, req.Send()
  4167  }
  4168  
  4169  // DeleteServiceSpecificCredentialWithContext is the same as DeleteServiceSpecificCredential with the addition of
  4170  // the ability to pass a context and additional request options.
  4171  //
  4172  // See DeleteServiceSpecificCredential for details on how to use this API operation.
  4173  //
  4174  // The context must be non-nil and will be used for request cancellation. If
  4175  // the context is nil a panic will occur. In the future the SDK may create
  4176  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
  4177  // for more information on using Contexts.
  4178  func (c *IAM) DeleteServiceSpecificCredentialWithContext(ctx aws.Context, input *DeleteServiceSpecificCredentialInput, opts ...request.Option) (*DeleteServiceSpecificCredentialOutput, error) {
  4179  	req, out := c.DeleteServiceSpecificCredentialRequest(input)
  4180  	req.SetContext(ctx)
  4181  	req.ApplyOptions(opts...)
  4182  	return out, req.Send()
  4183  }
  4184  
  4185  const opDeleteSigningCertificate = "DeleteSigningCertificate"
  4186  
  4187  // DeleteSigningCertificateRequest generates a "aws/request.Request" representing the
  4188  // client's request for the DeleteSigningCertificate operation. The "output" return
  4189  // value will be populated with the request's response once the request completes
  4190  // successfully.
  4191  //
  4192  // Use "Send" method on the returned Request to send the API call to the service.
  4193  // the "output" return value is not valid until after Send returns without error.
  4194  //
  4195  // See DeleteSigningCertificate for more information on using the DeleteSigningCertificate
  4196  // API call, and error handling.
  4197  //
  4198  // This method is useful when you want to inject custom logic or configuration
  4199  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
  4200  //
  4201  //
  4202  //    // Example sending a request using the DeleteSigningCertificateRequest method.
  4203  //    req, resp := client.DeleteSigningCertificateRequest(params)
  4204  //
  4205  //    err := req.Send()
  4206  //    if err == nil { // resp is now filled
  4207  //        fmt.Println(resp)
  4208  //    }
  4209  //
  4210  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteSigningCertificate
  4211  func (c *IAM) DeleteSigningCertificateRequest(input *DeleteSigningCertificateInput) (req *request.Request, output *DeleteSigningCertificateOutput) {
  4212  	op := &request.Operation{
  4213  		Name:       opDeleteSigningCertificate,
  4214  		HTTPMethod: "POST",
  4215  		HTTPPath:   "/",
  4216  	}
  4217  
  4218  	if input == nil {
  4219  		input = &DeleteSigningCertificateInput{}
  4220  	}
  4221  
  4222  	output = &DeleteSigningCertificateOutput{}
  4223  	req = c.newRequest(op, input, output)
  4224  	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
  4225  	return
  4226  }
  4227  
  4228  // DeleteSigningCertificate API operation for AWS Identity and Access Management.
  4229  //
  4230  // Deletes a signing certificate associated with the specified IAM user.
  4231  //
  4232  // If you do not specify a user name, IAM determines the user name implicitly
  4233  // based on the Amazon Web Services access key ID signing the request. This
  4234  // operation works for access keys under the Amazon Web Services account. Consequently,
  4235  // you can use this operation to manage Amazon Web Services account root user
  4236  // credentials even if the Amazon Web Services account has no associated IAM
  4237  // users.
  4238  //
  4239  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
  4240  // with awserr.Error's Code and Message methods to get detailed information about
  4241  // the error.
  4242  //
  4243  // See the AWS API reference guide for AWS Identity and Access Management's
  4244  // API operation DeleteSigningCertificate for usage and error information.
  4245  //
  4246  // Returned Error Codes:
  4247  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
  4248  //   The request was rejected because it referenced a resource entity that does
  4249  //   not exist. The error message describes the resource.
  4250  //
  4251  //   * ErrCodeLimitExceededException "LimitExceeded"
  4252  //   The request was rejected because it attempted to create resources beyond
  4253  //   the current Amazon Web Services account limits. The error message describes
  4254  //   the limit exceeded.
  4255  //
  4256  //   * ErrCodeServiceFailureException "ServiceFailure"
  4257  //   The request processing has failed because of an unknown error, exception
  4258  //   or failure.
  4259  //
  4260  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteSigningCertificate
  4261  func (c *IAM) DeleteSigningCertificate(input *DeleteSigningCertificateInput) (*DeleteSigningCertificateOutput, error) {
  4262  	req, out := c.DeleteSigningCertificateRequest(input)
  4263  	return out, req.Send()
  4264  }
  4265  
  4266  // DeleteSigningCertificateWithContext is the same as DeleteSigningCertificate with the addition of
  4267  // the ability to pass a context and additional request options.
  4268  //
  4269  // See DeleteSigningCertificate for details on how to use this API operation.
  4270  //
  4271  // The context must be non-nil and will be used for request cancellation. If
  4272  // the context is nil a panic will occur. In the future the SDK may create
  4273  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
  4274  // for more information on using Contexts.
  4275  func (c *IAM) DeleteSigningCertificateWithContext(ctx aws.Context, input *DeleteSigningCertificateInput, opts ...request.Option) (*DeleteSigningCertificateOutput, error) {
  4276  	req, out := c.DeleteSigningCertificateRequest(input)
  4277  	req.SetContext(ctx)
  4278  	req.ApplyOptions(opts...)
  4279  	return out, req.Send()
  4280  }
  4281  
  4282  const opDeleteUser = "DeleteUser"
  4283  
  4284  // DeleteUserRequest generates a "aws/request.Request" representing the
  4285  // client's request for the DeleteUser operation. The "output" return
  4286  // value will be populated with the request's response once the request completes
  4287  // successfully.
  4288  //
  4289  // Use "Send" method on the returned Request to send the API call to the service.
  4290  // the "output" return value is not valid until after Send returns without error.
  4291  //
  4292  // See DeleteUser for more information on using the DeleteUser
  4293  // API call, and error handling.
  4294  //
  4295  // This method is useful when you want to inject custom logic or configuration
  4296  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
  4297  //
  4298  //
  4299  //    // Example sending a request using the DeleteUserRequest method.
  4300  //    req, resp := client.DeleteUserRequest(params)
  4301  //
  4302  //    err := req.Send()
  4303  //    if err == nil { // resp is now filled
  4304  //        fmt.Println(resp)
  4305  //    }
  4306  //
  4307  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteUser
  4308  func (c *IAM) DeleteUserRequest(input *DeleteUserInput) (req *request.Request, output *DeleteUserOutput) {
  4309  	op := &request.Operation{
  4310  		Name:       opDeleteUser,
  4311  		HTTPMethod: "POST",
  4312  		HTTPPath:   "/",
  4313  	}
  4314  
  4315  	if input == nil {
  4316  		input = &DeleteUserInput{}
  4317  	}
  4318  
  4319  	output = &DeleteUserOutput{}
  4320  	req = c.newRequest(op, input, output)
  4321  	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
  4322  	return
  4323  }
  4324  
  4325  // DeleteUser API operation for AWS Identity and Access Management.
  4326  //
  4327  // Deletes the specified IAM user. Unlike the Amazon Web Services Management
  4328  // Console, when you delete a user programmatically, you must delete the items
  4329  // attached to the user manually, or the deletion fails. For more information,
  4330  // see Deleting an IAM user (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_users_manage.html#id_users_deleting_cli).
  4331  // Before attempting to delete a user, remove the following items:
  4332  //
  4333  //    * Password (DeleteLoginProfile)
  4334  //
  4335  //    * Access keys (DeleteAccessKey)
  4336  //
  4337  //    * Signing certificate (DeleteSigningCertificate)
  4338  //
  4339  //    * SSH public key (DeleteSSHPublicKey)
  4340  //
  4341  //    * Git credentials (DeleteServiceSpecificCredential)
  4342  //
  4343  //    * Multi-factor authentication (MFA) device (DeactivateMFADevice, DeleteVirtualMFADevice)
  4344  //
  4345  //    * Inline policies (DeleteUserPolicy)
  4346  //
  4347  //    * Attached managed policies (DetachUserPolicy)
  4348  //
  4349  //    * Group memberships (RemoveUserFromGroup)
  4350  //
  4351  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
  4352  // with awserr.Error's Code and Message methods to get detailed information about
  4353  // the error.
  4354  //
  4355  // See the AWS API reference guide for AWS Identity and Access Management's
  4356  // API operation DeleteUser for usage and error information.
  4357  //
  4358  // Returned Error Codes:
  4359  //   * ErrCodeLimitExceededException "LimitExceeded"
  4360  //   The request was rejected because it attempted to create resources beyond
  4361  //   the current Amazon Web Services account limits. The error message describes
  4362  //   the limit exceeded.
  4363  //
  4364  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
  4365  //   The request was rejected because it referenced a resource entity that does
  4366  //   not exist. The error message describes the resource.
  4367  //
  4368  //   * ErrCodeDeleteConflictException "DeleteConflict"
  4369  //   The request was rejected because it attempted to delete a resource that has
  4370  //   attached subordinate entities. The error message describes these entities.
  4371  //
  4372  //   * ErrCodeConcurrentModificationException "ConcurrentModification"
  4373  //   The request was rejected because multiple requests to change this object
  4374  //   were submitted simultaneously. Wait a few minutes and submit your request
  4375  //   again.
  4376  //
  4377  //   * ErrCodeServiceFailureException "ServiceFailure"
  4378  //   The request processing has failed because of an unknown error, exception
  4379  //   or failure.
  4380  //
  4381  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteUser
  4382  func (c *IAM) DeleteUser(input *DeleteUserInput) (*DeleteUserOutput, error) {
  4383  	req, out := c.DeleteUserRequest(input)
  4384  	return out, req.Send()
  4385  }
  4386  
  4387  // DeleteUserWithContext is the same as DeleteUser with the addition of
  4388  // the ability to pass a context and additional request options.
  4389  //
  4390  // See DeleteUser for details on how to use this API operation.
  4391  //
  4392  // The context must be non-nil and will be used for request cancellation. If
  4393  // the context is nil a panic will occur. In the future the SDK may create
  4394  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
  4395  // for more information on using Contexts.
  4396  func (c *IAM) DeleteUserWithContext(ctx aws.Context, input *DeleteUserInput, opts ...request.Option) (*DeleteUserOutput, error) {
  4397  	req, out := c.DeleteUserRequest(input)
  4398  	req.SetContext(ctx)
  4399  	req.ApplyOptions(opts...)
  4400  	return out, req.Send()
  4401  }
  4402  
  4403  const opDeleteUserPermissionsBoundary = "DeleteUserPermissionsBoundary"
  4404  
  4405  // DeleteUserPermissionsBoundaryRequest generates a "aws/request.Request" representing the
  4406  // client's request for the DeleteUserPermissionsBoundary operation. The "output" return
  4407  // value will be populated with the request's response once the request completes
  4408  // successfully.
  4409  //
  4410  // Use "Send" method on the returned Request to send the API call to the service.
  4411  // the "output" return value is not valid until after Send returns without error.
  4412  //
  4413  // See DeleteUserPermissionsBoundary for more information on using the DeleteUserPermissionsBoundary
  4414  // API call, and error handling.
  4415  //
  4416  // This method is useful when you want to inject custom logic or configuration
  4417  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
  4418  //
  4419  //
  4420  //    // Example sending a request using the DeleteUserPermissionsBoundaryRequest method.
  4421  //    req, resp := client.DeleteUserPermissionsBoundaryRequest(params)
  4422  //
  4423  //    err := req.Send()
  4424  //    if err == nil { // resp is now filled
  4425  //        fmt.Println(resp)
  4426  //    }
  4427  //
  4428  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteUserPermissionsBoundary
  4429  func (c *IAM) DeleteUserPermissionsBoundaryRequest(input *DeleteUserPermissionsBoundaryInput) (req *request.Request, output *DeleteUserPermissionsBoundaryOutput) {
  4430  	op := &request.Operation{
  4431  		Name:       opDeleteUserPermissionsBoundary,
  4432  		HTTPMethod: "POST",
  4433  		HTTPPath:   "/",
  4434  	}
  4435  
  4436  	if input == nil {
  4437  		input = &DeleteUserPermissionsBoundaryInput{}
  4438  	}
  4439  
  4440  	output = &DeleteUserPermissionsBoundaryOutput{}
  4441  	req = c.newRequest(op, input, output)
  4442  	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
  4443  	return
  4444  }
  4445  
  4446  // DeleteUserPermissionsBoundary API operation for AWS Identity and Access Management.
  4447  //
  4448  // Deletes the permissions boundary for the specified IAM user.
  4449  //
  4450  // Deleting the permissions boundary for a user might increase its permissions
  4451  // by allowing the user to perform all the actions granted in its permissions
  4452  // policies.
  4453  //
  4454  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
  4455  // with awserr.Error's Code and Message methods to get detailed information about
  4456  // the error.
  4457  //
  4458  // See the AWS API reference guide for AWS Identity and Access Management's
  4459  // API operation DeleteUserPermissionsBoundary for usage and error information.
  4460  //
  4461  // Returned Error Codes:
  4462  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
  4463  //   The request was rejected because it referenced a resource entity that does
  4464  //   not exist. The error message describes the resource.
  4465  //
  4466  //   * ErrCodeServiceFailureException "ServiceFailure"
  4467  //   The request processing has failed because of an unknown error, exception
  4468  //   or failure.
  4469  //
  4470  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteUserPermissionsBoundary
  4471  func (c *IAM) DeleteUserPermissionsBoundary(input *DeleteUserPermissionsBoundaryInput) (*DeleteUserPermissionsBoundaryOutput, error) {
  4472  	req, out := c.DeleteUserPermissionsBoundaryRequest(input)
  4473  	return out, req.Send()
  4474  }
  4475  
  4476  // DeleteUserPermissionsBoundaryWithContext is the same as DeleteUserPermissionsBoundary with the addition of
  4477  // the ability to pass a context and additional request options.
  4478  //
  4479  // See DeleteUserPermissionsBoundary for details on how to use this API operation.
  4480  //
  4481  // The context must be non-nil and will be used for request cancellation. If
  4482  // the context is nil a panic will occur. In the future the SDK may create
  4483  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
  4484  // for more information on using Contexts.
  4485  func (c *IAM) DeleteUserPermissionsBoundaryWithContext(ctx aws.Context, input *DeleteUserPermissionsBoundaryInput, opts ...request.Option) (*DeleteUserPermissionsBoundaryOutput, error) {
  4486  	req, out := c.DeleteUserPermissionsBoundaryRequest(input)
  4487  	req.SetContext(ctx)
  4488  	req.ApplyOptions(opts...)
  4489  	return out, req.Send()
  4490  }
  4491  
  4492  const opDeleteUserPolicy = "DeleteUserPolicy"
  4493  
  4494  // DeleteUserPolicyRequest generates a "aws/request.Request" representing the
  4495  // client's request for the DeleteUserPolicy operation. The "output" return
  4496  // value will be populated with the request's response once the request completes
  4497  // successfully.
  4498  //
  4499  // Use "Send" method on the returned Request to send the API call to the service.
  4500  // the "output" return value is not valid until after Send returns without error.
  4501  //
  4502  // See DeleteUserPolicy for more information on using the DeleteUserPolicy
  4503  // API call, and error handling.
  4504  //
  4505  // This method is useful when you want to inject custom logic or configuration
  4506  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
  4507  //
  4508  //
  4509  //    // Example sending a request using the DeleteUserPolicyRequest method.
  4510  //    req, resp := client.DeleteUserPolicyRequest(params)
  4511  //
  4512  //    err := req.Send()
  4513  //    if err == nil { // resp is now filled
  4514  //        fmt.Println(resp)
  4515  //    }
  4516  //
  4517  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteUserPolicy
  4518  func (c *IAM) DeleteUserPolicyRequest(input *DeleteUserPolicyInput) (req *request.Request, output *DeleteUserPolicyOutput) {
  4519  	op := &request.Operation{
  4520  		Name:       opDeleteUserPolicy,
  4521  		HTTPMethod: "POST",
  4522  		HTTPPath:   "/",
  4523  	}
  4524  
  4525  	if input == nil {
  4526  		input = &DeleteUserPolicyInput{}
  4527  	}
  4528  
  4529  	output = &DeleteUserPolicyOutput{}
  4530  	req = c.newRequest(op, input, output)
  4531  	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
  4532  	return
  4533  }
  4534  
  4535  // DeleteUserPolicy API operation for AWS Identity and Access Management.
  4536  //
  4537  // Deletes the specified inline policy that is embedded in the specified IAM
  4538  // user.
  4539  //
  4540  // A user can also have managed policies attached to it. To detach a managed
  4541  // policy from a user, use DetachUserPolicy. For more information about policies,
  4542  // refer to Managed policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
  4543  // in the IAM User Guide.
  4544  //
  4545  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
  4546  // with awserr.Error's Code and Message methods to get detailed information about
  4547  // the error.
  4548  //
  4549  // See the AWS API reference guide for AWS Identity and Access Management's
  4550  // API operation DeleteUserPolicy for usage and error information.
  4551  //
  4552  // Returned Error Codes:
  4553  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
  4554  //   The request was rejected because it referenced a resource entity that does
  4555  //   not exist. The error message describes the resource.
  4556  //
  4557  //   * ErrCodeLimitExceededException "LimitExceeded"
  4558  //   The request was rejected because it attempted to create resources beyond
  4559  //   the current Amazon Web Services account limits. The error message describes
  4560  //   the limit exceeded.
  4561  //
  4562  //   * ErrCodeServiceFailureException "ServiceFailure"
  4563  //   The request processing has failed because of an unknown error, exception
  4564  //   or failure.
  4565  //
  4566  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteUserPolicy
  4567  func (c *IAM) DeleteUserPolicy(input *DeleteUserPolicyInput) (*DeleteUserPolicyOutput, error) {
  4568  	req, out := c.DeleteUserPolicyRequest(input)
  4569  	return out, req.Send()
  4570  }
  4571  
  4572  // DeleteUserPolicyWithContext is the same as DeleteUserPolicy with the addition of
  4573  // the ability to pass a context and additional request options.
  4574  //
  4575  // See DeleteUserPolicy for details on how to use this API operation.
  4576  //
  4577  // The context must be non-nil and will be used for request cancellation. If
  4578  // the context is nil a panic will occur. In the future the SDK may create
  4579  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
  4580  // for more information on using Contexts.
  4581  func (c *IAM) DeleteUserPolicyWithContext(ctx aws.Context, input *DeleteUserPolicyInput, opts ...request.Option) (*DeleteUserPolicyOutput, error) {
  4582  	req, out := c.DeleteUserPolicyRequest(input)
  4583  	req.SetContext(ctx)
  4584  	req.ApplyOptions(opts...)
  4585  	return out, req.Send()
  4586  }
  4587  
  4588  const opDeleteVirtualMFADevice = "DeleteVirtualMFADevice"
  4589  
  4590  // DeleteVirtualMFADeviceRequest generates a "aws/request.Request" representing the
  4591  // client's request for the DeleteVirtualMFADevice operation. The "output" return
  4592  // value will be populated with the request's response once the request completes
  4593  // successfully.
  4594  //
  4595  // Use "Send" method on the returned Request to send the API call to the service.
  4596  // the "output" return value is not valid until after Send returns without error.
  4597  //
  4598  // See DeleteVirtualMFADevice for more information on using the DeleteVirtualMFADevice
  4599  // API call, and error handling.
  4600  //
  4601  // This method is useful when you want to inject custom logic or configuration
  4602  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
  4603  //
  4604  //
  4605  //    // Example sending a request using the DeleteVirtualMFADeviceRequest method.
  4606  //    req, resp := client.DeleteVirtualMFADeviceRequest(params)
  4607  //
  4608  //    err := req.Send()
  4609  //    if err == nil { // resp is now filled
  4610  //        fmt.Println(resp)
  4611  //    }
  4612  //
  4613  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteVirtualMFADevice
  4614  func (c *IAM) DeleteVirtualMFADeviceRequest(input *DeleteVirtualMFADeviceInput) (req *request.Request, output *DeleteVirtualMFADeviceOutput) {
  4615  	op := &request.Operation{
  4616  		Name:       opDeleteVirtualMFADevice,
  4617  		HTTPMethod: "POST",
  4618  		HTTPPath:   "/",
  4619  	}
  4620  
  4621  	if input == nil {
  4622  		input = &DeleteVirtualMFADeviceInput{}
  4623  	}
  4624  
  4625  	output = &DeleteVirtualMFADeviceOutput{}
  4626  	req = c.newRequest(op, input, output)
  4627  	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
  4628  	return
  4629  }
  4630  
  4631  // DeleteVirtualMFADevice API operation for AWS Identity and Access Management.
  4632  //
  4633  // Deletes a virtual MFA device.
  4634  //
  4635  // You must deactivate a user's virtual MFA device before you can delete it.
  4636  // For information about deactivating MFA devices, see DeactivateMFADevice.
  4637  //
  4638  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
  4639  // with awserr.Error's Code and Message methods to get detailed information about
  4640  // the error.
  4641  //
  4642  // See the AWS API reference guide for AWS Identity and Access Management's
  4643  // API operation DeleteVirtualMFADevice for usage and error information.
  4644  //
  4645  // Returned Error Codes:
  4646  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
  4647  //   The request was rejected because it referenced a resource entity that does
  4648  //   not exist. The error message describes the resource.
  4649  //
  4650  //   * ErrCodeDeleteConflictException "DeleteConflict"
  4651  //   The request was rejected because it attempted to delete a resource that has
  4652  //   attached subordinate entities. The error message describes these entities.
  4653  //
  4654  //   * ErrCodeLimitExceededException "LimitExceeded"
  4655  //   The request was rejected because it attempted to create resources beyond
  4656  //   the current Amazon Web Services account limits. The error message describes
  4657  //   the limit exceeded.
  4658  //
  4659  //   * ErrCodeServiceFailureException "ServiceFailure"
  4660  //   The request processing has failed because of an unknown error, exception
  4661  //   or failure.
  4662  //
  4663  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteVirtualMFADevice
  4664  func (c *IAM) DeleteVirtualMFADevice(input *DeleteVirtualMFADeviceInput) (*DeleteVirtualMFADeviceOutput, error) {
  4665  	req, out := c.DeleteVirtualMFADeviceRequest(input)
  4666  	return out, req.Send()
  4667  }
  4668  
  4669  // DeleteVirtualMFADeviceWithContext is the same as DeleteVirtualMFADevice with the addition of
  4670  // the ability to pass a context and additional request options.
  4671  //
  4672  // See DeleteVirtualMFADevice for details on how to use this API operation.
  4673  //
  4674  // The context must be non-nil and will be used for request cancellation. If
  4675  // the context is nil a panic will occur. In the future the SDK may create
  4676  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
  4677  // for more information on using Contexts.
  4678  func (c *IAM) DeleteVirtualMFADeviceWithContext(ctx aws.Context, input *DeleteVirtualMFADeviceInput, opts ...request.Option) (*DeleteVirtualMFADeviceOutput, error) {
  4679  	req, out := c.DeleteVirtualMFADeviceRequest(input)
  4680  	req.SetContext(ctx)
  4681  	req.ApplyOptions(opts...)
  4682  	return out, req.Send()
  4683  }
  4684  
  4685  const opDetachGroupPolicy = "DetachGroupPolicy"
  4686  
  4687  // DetachGroupPolicyRequest generates a "aws/request.Request" representing the
  4688  // client's request for the DetachGroupPolicy operation. The "output" return
  4689  // value will be populated with the request's response once the request completes
  4690  // successfully.
  4691  //
  4692  // Use "Send" method on the returned Request to send the API call to the service.
  4693  // the "output" return value is not valid until after Send returns without error.
  4694  //
  4695  // See DetachGroupPolicy for more information on using the DetachGroupPolicy
  4696  // API call, and error handling.
  4697  //
  4698  // This method is useful when you want to inject custom logic or configuration
  4699  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
  4700  //
  4701  //
  4702  //    // Example sending a request using the DetachGroupPolicyRequest method.
  4703  //    req, resp := client.DetachGroupPolicyRequest(params)
  4704  //
  4705  //    err := req.Send()
  4706  //    if err == nil { // resp is now filled
  4707  //        fmt.Println(resp)
  4708  //    }
  4709  //
  4710  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DetachGroupPolicy
  4711  func (c *IAM) DetachGroupPolicyRequest(input *DetachGroupPolicyInput) (req *request.Request, output *DetachGroupPolicyOutput) {
  4712  	op := &request.Operation{
  4713  		Name:       opDetachGroupPolicy,
  4714  		HTTPMethod: "POST",
  4715  		HTTPPath:   "/",
  4716  	}
  4717  
  4718  	if input == nil {
  4719  		input = &DetachGroupPolicyInput{}
  4720  	}
  4721  
  4722  	output = &DetachGroupPolicyOutput{}
  4723  	req = c.newRequest(op, input, output)
  4724  	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
  4725  	return
  4726  }
  4727  
  4728  // DetachGroupPolicy API operation for AWS Identity and Access Management.
  4729  //
  4730  // Removes the specified managed policy from the specified IAM group.
  4731  //
  4732  // A group can also have inline policies embedded with it. To delete an inline
  4733  // policy, use DeleteGroupPolicy. For information about policies, see Managed
  4734  // policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
  4735  // in the IAM User Guide.
  4736  //
  4737  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
  4738  // with awserr.Error's Code and Message methods to get detailed information about
  4739  // the error.
  4740  //
  4741  // See the AWS API reference guide for AWS Identity and Access Management's
  4742  // API operation DetachGroupPolicy for usage and error information.
  4743  //
  4744  // Returned Error Codes:
  4745  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
  4746  //   The request was rejected because it referenced a resource entity that does
  4747  //   not exist. The error message describes the resource.
  4748  //
  4749  //   * ErrCodeLimitExceededException "LimitExceeded"
  4750  //   The request was rejected because it attempted to create resources beyond
  4751  //   the current Amazon Web Services account limits. The error message describes
  4752  //   the limit exceeded.
  4753  //
  4754  //   * ErrCodeInvalidInputException "InvalidInput"
  4755  //   The request was rejected because an invalid or out-of-range value was supplied
  4756  //   for an input parameter.
  4757  //
  4758  //   * ErrCodeServiceFailureException "ServiceFailure"
  4759  //   The request processing has failed because of an unknown error, exception
  4760  //   or failure.
  4761  //
  4762  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DetachGroupPolicy
  4763  func (c *IAM) DetachGroupPolicy(input *DetachGroupPolicyInput) (*DetachGroupPolicyOutput, error) {
  4764  	req, out := c.DetachGroupPolicyRequest(input)
  4765  	return out, req.Send()
  4766  }
  4767  
  4768  // DetachGroupPolicyWithContext is the same as DetachGroupPolicy with the addition of
  4769  // the ability to pass a context and additional request options.
  4770  //
  4771  // See DetachGroupPolicy for details on how to use this API operation.
  4772  //
  4773  // The context must be non-nil and will be used for request cancellation. If
  4774  // the context is nil a panic will occur. In the future the SDK may create
  4775  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
  4776  // for more information on using Contexts.
  4777  func (c *IAM) DetachGroupPolicyWithContext(ctx aws.Context, input *DetachGroupPolicyInput, opts ...request.Option) (*DetachGroupPolicyOutput, error) {
  4778  	req, out := c.DetachGroupPolicyRequest(input)
  4779  	req.SetContext(ctx)
  4780  	req.ApplyOptions(opts...)
  4781  	return out, req.Send()
  4782  }
  4783  
  4784  const opDetachRolePolicy = "DetachRolePolicy"
  4785  
  4786  // DetachRolePolicyRequest generates a "aws/request.Request" representing the
  4787  // client's request for the DetachRolePolicy operation. The "output" return
  4788  // value will be populated with the request's response once the request completes
  4789  // successfully.
  4790  //
  4791  // Use "Send" method on the returned Request to send the API call to the service.
  4792  // the "output" return value is not valid until after Send returns without error.
  4793  //
  4794  // See DetachRolePolicy for more information on using the DetachRolePolicy
  4795  // API call, and error handling.
  4796  //
  4797  // This method is useful when you want to inject custom logic or configuration
  4798  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
  4799  //
  4800  //
  4801  //    // Example sending a request using the DetachRolePolicyRequest method.
  4802  //    req, resp := client.DetachRolePolicyRequest(params)
  4803  //
  4804  //    err := req.Send()
  4805  //    if err == nil { // resp is now filled
  4806  //        fmt.Println(resp)
  4807  //    }
  4808  //
  4809  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DetachRolePolicy
  4810  func (c *IAM) DetachRolePolicyRequest(input *DetachRolePolicyInput) (req *request.Request, output *DetachRolePolicyOutput) {
  4811  	op := &request.Operation{
  4812  		Name:       opDetachRolePolicy,
  4813  		HTTPMethod: "POST",
  4814  		HTTPPath:   "/",
  4815  	}
  4816  
  4817  	if input == nil {
  4818  		input = &DetachRolePolicyInput{}
  4819  	}
  4820  
  4821  	output = &DetachRolePolicyOutput{}
  4822  	req = c.newRequest(op, input, output)
  4823  	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
  4824  	return
  4825  }
  4826  
  4827  // DetachRolePolicy API operation for AWS Identity and Access Management.
  4828  //
  4829  // Removes the specified managed policy from the specified role.
  4830  //
  4831  // A role can also have inline policies embedded with it. To delete an inline
  4832  // policy, use DeleteRolePolicy. For information about policies, see Managed
  4833  // policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
  4834  // in the IAM User Guide.
  4835  //
  4836  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
  4837  // with awserr.Error's Code and Message methods to get detailed information about
  4838  // the error.
  4839  //
  4840  // See the AWS API reference guide for AWS Identity and Access Management's
  4841  // API operation DetachRolePolicy for usage and error information.
  4842  //
  4843  // Returned Error Codes:
  4844  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
  4845  //   The request was rejected because it referenced a resource entity that does
  4846  //   not exist. The error message describes the resource.
  4847  //
  4848  //   * ErrCodeLimitExceededException "LimitExceeded"
  4849  //   The request was rejected because it attempted to create resources beyond
  4850  //   the current Amazon Web Services account limits. The error message describes
  4851  //   the limit exceeded.
  4852  //
  4853  //   * ErrCodeInvalidInputException "InvalidInput"
  4854  //   The request was rejected because an invalid or out-of-range value was supplied
  4855  //   for an input parameter.
  4856  //
  4857  //   * ErrCodeUnmodifiableEntityException "UnmodifiableEntity"
  4858  //   The request was rejected because only the service that depends on the service-linked
  4859  //   role can modify or delete the role on your behalf. The error message includes
  4860  //   the name of the service that depends on this service-linked role. You must
  4861  //   request the change through that service.
  4862  //
  4863  //   * ErrCodeServiceFailureException "ServiceFailure"
  4864  //   The request processing has failed because of an unknown error, exception
  4865  //   or failure.
  4866  //
  4867  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DetachRolePolicy
  4868  func (c *IAM) DetachRolePolicy(input *DetachRolePolicyInput) (*DetachRolePolicyOutput, error) {
  4869  	req, out := c.DetachRolePolicyRequest(input)
  4870  	return out, req.Send()
  4871  }
  4872  
  4873  // DetachRolePolicyWithContext is the same as DetachRolePolicy with the addition of
  4874  // the ability to pass a context and additional request options.
  4875  //
  4876  // See DetachRolePolicy for details on how to use this API operation.
  4877  //
  4878  // The context must be non-nil and will be used for request cancellation. If
  4879  // the context is nil a panic will occur. In the future the SDK may create
  4880  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
  4881  // for more information on using Contexts.
  4882  func (c *IAM) DetachRolePolicyWithContext(ctx aws.Context, input *DetachRolePolicyInput, opts ...request.Option) (*DetachRolePolicyOutput, error) {
  4883  	req, out := c.DetachRolePolicyRequest(input)
  4884  	req.SetContext(ctx)
  4885  	req.ApplyOptions(opts...)
  4886  	return out, req.Send()
  4887  }
  4888  
  4889  const opDetachUserPolicy = "DetachUserPolicy"
  4890  
  4891  // DetachUserPolicyRequest generates a "aws/request.Request" representing the
  4892  // client's request for the DetachUserPolicy operation. The "output" return
  4893  // value will be populated with the request's response once the request completes
  4894  // successfully.
  4895  //
  4896  // Use "Send" method on the returned Request to send the API call to the service.
  4897  // the "output" return value is not valid until after Send returns without error.
  4898  //
  4899  // See DetachUserPolicy for more information on using the DetachUserPolicy
  4900  // API call, and error handling.
  4901  //
  4902  // This method is useful when you want to inject custom logic or configuration
  4903  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
  4904  //
  4905  //
  4906  //    // Example sending a request using the DetachUserPolicyRequest method.
  4907  //    req, resp := client.DetachUserPolicyRequest(params)
  4908  //
  4909  //    err := req.Send()
  4910  //    if err == nil { // resp is now filled
  4911  //        fmt.Println(resp)
  4912  //    }
  4913  //
  4914  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DetachUserPolicy
  4915  func (c *IAM) DetachUserPolicyRequest(input *DetachUserPolicyInput) (req *request.Request, output *DetachUserPolicyOutput) {
  4916  	op := &request.Operation{
  4917  		Name:       opDetachUserPolicy,
  4918  		HTTPMethod: "POST",
  4919  		HTTPPath:   "/",
  4920  	}
  4921  
  4922  	if input == nil {
  4923  		input = &DetachUserPolicyInput{}
  4924  	}
  4925  
  4926  	output = &DetachUserPolicyOutput{}
  4927  	req = c.newRequest(op, input, output)
  4928  	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
  4929  	return
  4930  }
  4931  
  4932  // DetachUserPolicy API operation for AWS Identity and Access Management.
  4933  //
  4934  // Removes the specified managed policy from the specified user.
  4935  //
  4936  // A user can also have inline policies embedded with it. To delete an inline
  4937  // policy, use DeleteUserPolicy. For information about policies, see Managed
  4938  // policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
  4939  // in the IAM User Guide.
  4940  //
  4941  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
  4942  // with awserr.Error's Code and Message methods to get detailed information about
  4943  // the error.
  4944  //
  4945  // See the AWS API reference guide for AWS Identity and Access Management's
  4946  // API operation DetachUserPolicy for usage and error information.
  4947  //
  4948  // Returned Error Codes:
  4949  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
  4950  //   The request was rejected because it referenced a resource entity that does
  4951  //   not exist. The error message describes the resource.
  4952  //
  4953  //   * ErrCodeLimitExceededException "LimitExceeded"
  4954  //   The request was rejected because it attempted to create resources beyond
  4955  //   the current Amazon Web Services account limits. The error message describes
  4956  //   the limit exceeded.
  4957  //
  4958  //   * ErrCodeInvalidInputException "InvalidInput"
  4959  //   The request was rejected because an invalid or out-of-range value was supplied
  4960  //   for an input parameter.
  4961  //
  4962  //   * ErrCodeServiceFailureException "ServiceFailure"
  4963  //   The request processing has failed because of an unknown error, exception
  4964  //   or failure.
  4965  //
  4966  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DetachUserPolicy
  4967  func (c *IAM) DetachUserPolicy(input *DetachUserPolicyInput) (*DetachUserPolicyOutput, error) {
  4968  	req, out := c.DetachUserPolicyRequest(input)
  4969  	return out, req.Send()
  4970  }
  4971  
  4972  // DetachUserPolicyWithContext is the same as DetachUserPolicy with the addition of
  4973  // the ability to pass a context and additional request options.
  4974  //
  4975  // See DetachUserPolicy for details on how to use this API operation.
  4976  //
  4977  // The context must be non-nil and will be used for request cancellation. If
  4978  // the context is nil a panic will occur. In the future the SDK may create
  4979  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
  4980  // for more information on using Contexts.
  4981  func (c *IAM) DetachUserPolicyWithContext(ctx aws.Context, input *DetachUserPolicyInput, opts ...request.Option) (*DetachUserPolicyOutput, error) {
  4982  	req, out := c.DetachUserPolicyRequest(input)
  4983  	req.SetContext(ctx)
  4984  	req.ApplyOptions(opts...)
  4985  	return out, req.Send()
  4986  }
  4987  
  4988  const opEnableMFADevice = "EnableMFADevice"
  4989  
  4990  // EnableMFADeviceRequest generates a "aws/request.Request" representing the
  4991  // client's request for the EnableMFADevice operation. The "output" return
  4992  // value will be populated with the request's response once the request completes
  4993  // successfully.
  4994  //
  4995  // Use "Send" method on the returned Request to send the API call to the service.
  4996  // the "output" return value is not valid until after Send returns without error.
  4997  //
  4998  // See EnableMFADevice for more information on using the EnableMFADevice
  4999  // API call, and error handling.
  5000  //
  5001  // This method is useful when you want to inject custom logic or configuration
  5002  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
  5003  //
  5004  //
  5005  //    // Example sending a request using the EnableMFADeviceRequest method.
  5006  //    req, resp := client.EnableMFADeviceRequest(params)
  5007  //
  5008  //    err := req.Send()
  5009  //    if err == nil { // resp is now filled
  5010  //        fmt.Println(resp)
  5011  //    }
  5012  //
  5013  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/EnableMFADevice
  5014  func (c *IAM) EnableMFADeviceRequest(input *EnableMFADeviceInput) (req *request.Request, output *EnableMFADeviceOutput) {
  5015  	op := &request.Operation{
  5016  		Name:       opEnableMFADevice,
  5017  		HTTPMethod: "POST",
  5018  		HTTPPath:   "/",
  5019  	}
  5020  
  5021  	if input == nil {
  5022  		input = &EnableMFADeviceInput{}
  5023  	}
  5024  
  5025  	output = &EnableMFADeviceOutput{}
  5026  	req = c.newRequest(op, input, output)
  5027  	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
  5028  	return
  5029  }
  5030  
  5031  // EnableMFADevice API operation for AWS Identity and Access Management.
  5032  //
  5033  // Enables the specified MFA device and associates it with the specified IAM
  5034  // user. When enabled, the MFA device is required for every subsequent login
  5035  // by the IAM user associated with the device.
  5036  //
  5037  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
  5038  // with awserr.Error's Code and Message methods to get detailed information about
  5039  // the error.
  5040  //
  5041  // See the AWS API reference guide for AWS Identity and Access Management's
  5042  // API operation EnableMFADevice for usage and error information.
  5043  //
  5044  // Returned Error Codes:
  5045  //   * ErrCodeEntityAlreadyExistsException "EntityAlreadyExists"
  5046  //   The request was rejected because it attempted to create a resource that already
  5047  //   exists.
  5048  //
  5049  //   * ErrCodeEntityTemporarilyUnmodifiableException "EntityTemporarilyUnmodifiable"
  5050  //   The request was rejected because it referenced an entity that is temporarily
  5051  //   unmodifiable, such as a user name that was deleted and then recreated. The
  5052  //   error indicates that the request is likely to succeed if you try again after
  5053  //   waiting several minutes. The error message describes the entity.
  5054  //
  5055  //   * ErrCodeInvalidAuthenticationCodeException "InvalidAuthenticationCode"
  5056  //   The request was rejected because the authentication code was not recognized.
  5057  //   The error message describes the specific error.
  5058  //
  5059  //   * ErrCodeLimitExceededException "LimitExceeded"
  5060  //   The request was rejected because it attempted to create resources beyond
  5061  //   the current Amazon Web Services account limits. The error message describes
  5062  //   the limit exceeded.
  5063  //
  5064  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
  5065  //   The request was rejected because it referenced a resource entity that does
  5066  //   not exist. The error message describes the resource.
  5067  //
  5068  //   * ErrCodeServiceFailureException "ServiceFailure"
  5069  //   The request processing has failed because of an unknown error, exception
  5070  //   or failure.
  5071  //
  5072  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/EnableMFADevice
  5073  func (c *IAM) EnableMFADevice(input *EnableMFADeviceInput) (*EnableMFADeviceOutput, error) {
  5074  	req, out := c.EnableMFADeviceRequest(input)
  5075  	return out, req.Send()
  5076  }
  5077  
  5078  // EnableMFADeviceWithContext is the same as EnableMFADevice with the addition of
  5079  // the ability to pass a context and additional request options.
  5080  //
  5081  // See EnableMFADevice for details on how to use this API operation.
  5082  //
  5083  // The context must be non-nil and will be used for request cancellation. If
  5084  // the context is nil a panic will occur. In the future the SDK may create
  5085  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
  5086  // for more information on using Contexts.
  5087  func (c *IAM) EnableMFADeviceWithContext(ctx aws.Context, input *EnableMFADeviceInput, opts ...request.Option) (*EnableMFADeviceOutput, error) {
  5088  	req, out := c.EnableMFADeviceRequest(input)
  5089  	req.SetContext(ctx)
  5090  	req.ApplyOptions(opts...)
  5091  	return out, req.Send()
  5092  }
  5093  
  5094  const opGenerateCredentialReport = "GenerateCredentialReport"
  5095  
  5096  // GenerateCredentialReportRequest generates a "aws/request.Request" representing the
  5097  // client's request for the GenerateCredentialReport operation. The "output" return
  5098  // value will be populated with the request's response once the request completes
  5099  // successfully.
  5100  //
  5101  // Use "Send" method on the returned Request to send the API call to the service.
  5102  // the "output" return value is not valid until after Send returns without error.
  5103  //
  5104  // See GenerateCredentialReport for more information on using the GenerateCredentialReport
  5105  // API call, and error handling.
  5106  //
  5107  // This method is useful when you want to inject custom logic or configuration
  5108  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
  5109  //
  5110  //
  5111  //    // Example sending a request using the GenerateCredentialReportRequest method.
  5112  //    req, resp := client.GenerateCredentialReportRequest(params)
  5113  //
  5114  //    err := req.Send()
  5115  //    if err == nil { // resp is now filled
  5116  //        fmt.Println(resp)
  5117  //    }
  5118  //
  5119  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GenerateCredentialReport
  5120  func (c *IAM) GenerateCredentialReportRequest(input *GenerateCredentialReportInput) (req *request.Request, output *GenerateCredentialReportOutput) {
  5121  	op := &request.Operation{
  5122  		Name:       opGenerateCredentialReport,
  5123  		HTTPMethod: "POST",
  5124  		HTTPPath:   "/",
  5125  	}
  5126  
  5127  	if input == nil {
  5128  		input = &GenerateCredentialReportInput{}
  5129  	}
  5130  
  5131  	output = &GenerateCredentialReportOutput{}
  5132  	req = c.newRequest(op, input, output)
  5133  	return
  5134  }
  5135  
  5136  // GenerateCredentialReport API operation for AWS Identity and Access Management.
  5137  //
  5138  // Generates a credential report for the Amazon Web Services account. For more
  5139  // information about the credential report, see Getting credential reports (https://docs.aws.amazon.com/IAM/latest/UserGuide/credential-reports.html)
  5140  // in the IAM User Guide.
  5141  //
  5142  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
  5143  // with awserr.Error's Code and Message methods to get detailed information about
  5144  // the error.
  5145  //
  5146  // See the AWS API reference guide for AWS Identity and Access Management's
  5147  // API operation GenerateCredentialReport for usage and error information.
  5148  //
  5149  // Returned Error Codes:
  5150  //   * ErrCodeLimitExceededException "LimitExceeded"
  5151  //   The request was rejected because it attempted to create resources beyond
  5152  //   the current Amazon Web Services account limits. The error message describes
  5153  //   the limit exceeded.
  5154  //
  5155  //   * ErrCodeServiceFailureException "ServiceFailure"
  5156  //   The request processing has failed because of an unknown error, exception
  5157  //   or failure.
  5158  //
  5159  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GenerateCredentialReport
  5160  func (c *IAM) GenerateCredentialReport(input *GenerateCredentialReportInput) (*GenerateCredentialReportOutput, error) {
  5161  	req, out := c.GenerateCredentialReportRequest(input)
  5162  	return out, req.Send()
  5163  }
  5164  
  5165  // GenerateCredentialReportWithContext is the same as GenerateCredentialReport with the addition of
  5166  // the ability to pass a context and additional request options.
  5167  //
  5168  // See GenerateCredentialReport for details on how to use this API operation.
  5169  //
  5170  // The context must be non-nil and will be used for request cancellation. If
  5171  // the context is nil a panic will occur. In the future the SDK may create
  5172  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
  5173  // for more information on using Contexts.
  5174  func (c *IAM) GenerateCredentialReportWithContext(ctx aws.Context, input *GenerateCredentialReportInput, opts ...request.Option) (*GenerateCredentialReportOutput, error) {
  5175  	req, out := c.GenerateCredentialReportRequest(input)
  5176  	req.SetContext(ctx)
  5177  	req.ApplyOptions(opts...)
  5178  	return out, req.Send()
  5179  }
  5180  
  5181  const opGenerateOrganizationsAccessReport = "GenerateOrganizationsAccessReport"
  5182  
  5183  // GenerateOrganizationsAccessReportRequest generates a "aws/request.Request" representing the
  5184  // client's request for the GenerateOrganizationsAccessReport operation. The "output" return
  5185  // value will be populated with the request's response once the request completes
  5186  // successfully.
  5187  //
  5188  // Use "Send" method on the returned Request to send the API call to the service.
  5189  // the "output" return value is not valid until after Send returns without error.
  5190  //
  5191  // See GenerateOrganizationsAccessReport for more information on using the GenerateOrganizationsAccessReport
  5192  // API call, and error handling.
  5193  //
  5194  // This method is useful when you want to inject custom logic or configuration
  5195  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
  5196  //
  5197  //
  5198  //    // Example sending a request using the GenerateOrganizationsAccessReportRequest method.
  5199  //    req, resp := client.GenerateOrganizationsAccessReportRequest(params)
  5200  //
  5201  //    err := req.Send()
  5202  //    if err == nil { // resp is now filled
  5203  //        fmt.Println(resp)
  5204  //    }
  5205  //
  5206  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GenerateOrganizationsAccessReport
  5207  func (c *IAM) GenerateOrganizationsAccessReportRequest(input *GenerateOrganizationsAccessReportInput) (req *request.Request, output *GenerateOrganizationsAccessReportOutput) {
  5208  	op := &request.Operation{
  5209  		Name:       opGenerateOrganizationsAccessReport,
  5210  		HTTPMethod: "POST",
  5211  		HTTPPath:   "/",
  5212  	}
  5213  
  5214  	if input == nil {
  5215  		input = &GenerateOrganizationsAccessReportInput{}
  5216  	}
  5217  
  5218  	output = &GenerateOrganizationsAccessReportOutput{}
  5219  	req = c.newRequest(op, input, output)
  5220  	return
  5221  }
  5222  
  5223  // GenerateOrganizationsAccessReport API operation for AWS Identity and Access Management.
  5224  //
  5225  // Generates a report for service last accessed data for Organizations. You
  5226  // can generate a report for any entities (organization root, organizational
  5227  // unit, or account) or policies in your organization.
  5228  //
  5229  // To call this operation, you must be signed in using your Organizations management
  5230  // account credentials. You can use your long-term IAM user or root user credentials,
  5231  // or temporary credentials from assuming an IAM role. SCPs must be enabled
  5232  // for your organization root. You must have the required IAM and Organizations
  5233  // permissions. For more information, see Refining permissions using service
  5234  // last accessed data (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html)
  5235  // in the IAM User Guide.
  5236  //
  5237  // You can generate a service last accessed data report for entities by specifying
  5238  // only the entity's path. This data includes a list of services that are allowed
  5239  // by any service control policies (SCPs) that apply to the entity.
  5240  //
  5241  // You can generate a service last accessed data report for a policy by specifying
  5242  // an entity's path and an optional Organizations policy ID. This data includes
  5243  // a list of services that are allowed by the specified SCP.
  5244  //
  5245  // For each service in both report types, the data includes the most recent
  5246  // account activity that the policy allows to account principals in the entity
  5247  // or the entity's children. For important information about the data, reporting
  5248  // period, permissions required, troubleshooting, and supported Regions see
  5249  // Reducing permissions using service last accessed data (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html)
  5250  // in the IAM User Guide.
  5251  //
  5252  // The data includes all attempts to access Amazon Web Services, not just the
  5253  // successful ones. This includes all attempts that were made using the Amazon
  5254  // Web Services Management Console, the Amazon Web Services API through any
  5255  // of the SDKs, or any of the command line tools. An unexpected entry in the
  5256  // service last accessed data does not mean that an account has been compromised,
  5257  // because the request might have been denied. Refer to your CloudTrail logs
  5258  // as the authoritative source for information about all API calls and whether
  5259  // they were successful or denied access. For more information, see Logging
  5260  // IAM events with CloudTrail (https://docs.aws.amazon.com/IAM/latest/UserGuide/cloudtrail-integration.html)
  5261  // in the IAM User Guide.
  5262  //
  5263  // This operation returns a JobId. Use this parameter in the GetOrganizationsAccessReport
  5264  // operation to check the status of the report generation. To check the status
  5265  // of this request, use the JobId parameter in the GetOrganizationsAccessReport
  5266  // operation and test the JobStatus response parameter. When the job is complete,
  5267  // you can retrieve the report.
  5268  //
  5269  // To generate a service last accessed data report for entities, specify an
  5270  // entity path without specifying the optional Organizations policy ID. The
  5271  // type of entity that you specify determines the data returned in the report.
  5272  //
  5273  //    * Root – When you specify the organizations root as the entity, the
  5274  //    resulting report lists all of the services allowed by SCPs that are attached
  5275  //    to your root. For each service, the report includes data for all accounts
  5276  //    in your organization except the management account, because the management
  5277  //    account is not limited by SCPs.
  5278  //
  5279  //    * OU – When you specify an organizational unit (OU) as the entity, the
  5280  //    resulting report lists all of the services allowed by SCPs that are attached
  5281  //    to the OU and its parents. For each service, the report includes data
  5282  //    for all accounts in the OU or its children. This data excludes the management
  5283  //    account, because the management account is not limited by SCPs.
  5284  //
  5285  //    * management account – When you specify the management account, the
  5286  //    resulting report lists all Amazon Web Services services, because the management
  5287  //    account is not limited by SCPs. For each service, the report includes
  5288  //    data for only the management account.
  5289  //
  5290  //    * Account – When you specify another account as the entity, the resulting
  5291  //    report lists all of the services allowed by SCPs that are attached to
  5292  //    the account and its parents. For each service, the report includes data
  5293  //    for only the specified account.
  5294  //
  5295  // To generate a service last accessed data report for policies, specify an
  5296  // entity path and the optional Organizations policy ID. The type of entity
  5297  // that you specify determines the data returned for each service.
  5298  //
  5299  //    * Root – When you specify the root entity and a policy ID, the resulting
  5300  //    report lists all of the services that are allowed by the specified SCP.
  5301  //    For each service, the report includes data for all accounts in your organization
  5302  //    to which the SCP applies. This data excludes the management account, because
  5303  //    the management account is not limited by SCPs. If the SCP is not attached
  5304  //    to any entities in the organization, then the report will return a list
  5305  //    of services with no data.
  5306  //
  5307  //    * OU – When you specify an OU entity and a policy ID, the resulting
  5308  //    report lists all of the services that are allowed by the specified SCP.
  5309  //    For each service, the report includes data for all accounts in the OU
  5310  //    or its children to which the SCP applies. This means that other accounts
  5311  //    outside the OU that are affected by the SCP might not be included in the
  5312  //    data. This data excludes the management account, because the management
  5313  //    account is not limited by SCPs. If the SCP is not attached to the OU or
  5314  //    one of its children, the report will return a list of services with no
  5315  //    data.
  5316  //
  5317  //    * management account – When you specify the management account, the
  5318  //    resulting report lists all Amazon Web Services services, because the management
  5319  //    account is not limited by SCPs. If you specify a policy ID in the CLI
  5320  //    or API, the policy is ignored. For each service, the report includes data
  5321  //    for only the management account.
  5322  //
  5323  //    * Account – When you specify another account entity and a policy ID,
  5324  //    the resulting report lists all of the services that are allowed by the
  5325  //    specified SCP. For each service, the report includes data for only the
  5326  //    specified account. This means that other accounts in the organization
  5327  //    that are affected by the SCP might not be included in the data. If the
  5328  //    SCP is not attached to the account, the report will return a list of services
  5329  //    with no data.
  5330  //
  5331  // Service last accessed data does not use other policy types when determining
  5332  // whether a principal could access a service. These other policy types include
  5333  // identity-based policies, resource-based policies, access control lists, IAM
  5334  // permissions boundaries, and STS assume role policies. It only applies SCP
  5335  // logic. For more about the evaluation of policy types, see Evaluating policies
  5336  // (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluation-logic.html#policy-eval-basics)
  5337  // in the IAM User Guide.
  5338  //
  5339  // For more information about service last accessed data, see Reducing policy
  5340  // scope by viewing user activity (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html)
  5341  // in the IAM User Guide.
  5342  //
  5343  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
  5344  // with awserr.Error's Code and Message methods to get detailed information about
  5345  // the error.
  5346  //
  5347  // See the AWS API reference guide for AWS Identity and Access Management's
  5348  // API operation GenerateOrganizationsAccessReport for usage and error information.
  5349  //
  5350  // Returned Error Codes:
  5351  //   * ErrCodeReportGenerationLimitExceededException "ReportGenerationLimitExceeded"
  5352  //   The request failed because the maximum number of concurrent requests for
  5353  //   this account are already running.
  5354  //
  5355  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GenerateOrganizationsAccessReport
  5356  func (c *IAM) GenerateOrganizationsAccessReport(input *GenerateOrganizationsAccessReportInput) (*GenerateOrganizationsAccessReportOutput, error) {
  5357  	req, out := c.GenerateOrganizationsAccessReportRequest(input)
  5358  	return out, req.Send()
  5359  }
  5360  
  5361  // GenerateOrganizationsAccessReportWithContext is the same as GenerateOrganizationsAccessReport with the addition of
  5362  // the ability to pass a context and additional request options.
  5363  //
  5364  // See GenerateOrganizationsAccessReport for details on how to use this API operation.
  5365  //
  5366  // The context must be non-nil and will be used for request cancellation. If
  5367  // the context is nil a panic will occur. In the future the SDK may create
  5368  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
  5369  // for more information on using Contexts.
  5370  func (c *IAM) GenerateOrganizationsAccessReportWithContext(ctx aws.Context, input *GenerateOrganizationsAccessReportInput, opts ...request.Option) (*GenerateOrganizationsAccessReportOutput, error) {
  5371  	req, out := c.GenerateOrganizationsAccessReportRequest(input)
  5372  	req.SetContext(ctx)
  5373  	req.ApplyOptions(opts...)
  5374  	return out, req.Send()
  5375  }
  5376  
  5377  const opGenerateServiceLastAccessedDetails = "GenerateServiceLastAccessedDetails"
  5378  
  5379  // GenerateServiceLastAccessedDetailsRequest generates a "aws/request.Request" representing the
  5380  // client's request for the GenerateServiceLastAccessedDetails operation. The "output" return
  5381  // value will be populated with the request's response once the request completes
  5382  // successfully.
  5383  //
  5384  // Use "Send" method on the returned Request to send the API call to the service.
  5385  // the "output" return value is not valid until after Send returns without error.
  5386  //
  5387  // See GenerateServiceLastAccessedDetails for more information on using the GenerateServiceLastAccessedDetails
  5388  // API call, and error handling.
  5389  //
  5390  // This method is useful when you want to inject custom logic or configuration
  5391  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
  5392  //
  5393  //
  5394  //    // Example sending a request using the GenerateServiceLastAccessedDetailsRequest method.
  5395  //    req, resp := client.GenerateServiceLastAccessedDetailsRequest(params)
  5396  //
  5397  //    err := req.Send()
  5398  //    if err == nil { // resp is now filled
  5399  //        fmt.Println(resp)
  5400  //    }
  5401  //
  5402  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GenerateServiceLastAccessedDetails
  5403  func (c *IAM) GenerateServiceLastAccessedDetailsRequest(input *GenerateServiceLastAccessedDetailsInput) (req *request.Request, output *GenerateServiceLastAccessedDetailsOutput) {
  5404  	op := &request.Operation{
  5405  		Name:       opGenerateServiceLastAccessedDetails,
  5406  		HTTPMethod: "POST",
  5407  		HTTPPath:   "/",
  5408  	}
  5409  
  5410  	if input == nil {
  5411  		input = &GenerateServiceLastAccessedDetailsInput{}
  5412  	}
  5413  
  5414  	output = &GenerateServiceLastAccessedDetailsOutput{}
  5415  	req = c.newRequest(op, input, output)
  5416  	return
  5417  }
  5418  
  5419  // GenerateServiceLastAccessedDetails API operation for AWS Identity and Access Management.
  5420  //
  5421  // Generates a report that includes details about when an IAM resource (user,
  5422  // group, role, or policy) was last used in an attempt to access Amazon Web
  5423  // Services services. Recent activity usually appears within four hours. IAM
  5424  // reports activity for the last 365 days, or less if your Region began supporting
  5425  // this feature within the last year. For more information, see Regions where
  5426  // data is tracked (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#access-advisor_tracking-period).
  5427  //
  5428  // The service last accessed data includes all attempts to access an Amazon
  5429  // Web Services API, not just the successful ones. This includes all attempts
  5430  // that were made using the Amazon Web Services Management Console, the Amazon
  5431  // Web Services API through any of the SDKs, or any of the command line tools.
  5432  // An unexpected entry in the service last accessed data does not mean that
  5433  // your account has been compromised, because the request might have been denied.
  5434  // Refer to your CloudTrail logs as the authoritative source for information
  5435  // about all API calls and whether they were successful or denied access. For
  5436  // more information, see Logging IAM events with CloudTrail (https://docs.aws.amazon.com/IAM/latest/UserGuide/cloudtrail-integration.html)
  5437  // in the IAM User Guide.
  5438  //
  5439  // The GenerateServiceLastAccessedDetails operation returns a JobId. Use this
  5440  // parameter in the following operations to retrieve the following details from
  5441  // your report:
  5442  //
  5443  //    * GetServiceLastAccessedDetails – Use this operation for users, groups,
  5444  //    roles, or policies to list every Amazon Web Services service that the
  5445  //    resource could access using permissions policies. For each service, the
  5446  //    response includes information about the most recent access attempt. The
  5447  //    JobId returned by GenerateServiceLastAccessedDetail must be used by the
  5448  //    same role within a session, or by the same user when used to call GetServiceLastAccessedDetail.
  5449  //
  5450  //    * GetServiceLastAccessedDetailsWithEntities – Use this operation for
  5451  //    groups and policies to list information about the associated entities
  5452  //    (users or roles) that attempted to access a specific Amazon Web Services
  5453  //    service.
  5454  //
  5455  // To check the status of the GenerateServiceLastAccessedDetails request, use
  5456  // the JobId parameter in the same operations and test the JobStatus response
  5457  // parameter.
  5458  //
  5459  // For additional information about the permissions policies that allow an identity
  5460  // (user, group, or role) to access specific services, use the ListPoliciesGrantingServiceAccess
  5461  // operation.
  5462  //
  5463  // Service last accessed data does not use other policy types when determining
  5464  // whether a resource could access a service. These other policy types include
  5465  // resource-based policies, access control lists, Organizations policies, IAM
  5466  // permissions boundaries, and STS assume role policies. It only applies permissions
  5467  // policy logic. For more about the evaluation of policy types, see Evaluating
  5468  // policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluation-logic.html#policy-eval-basics)
  5469  // in the IAM User Guide.
  5470  //
  5471  // For more information about service and action last accessed data, see Reducing
  5472  // permissions using service last accessed data (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html)
  5473  // in the IAM User Guide.
  5474  //
  5475  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
  5476  // with awserr.Error's Code and Message methods to get detailed information about
  5477  // the error.
  5478  //
  5479  // See the AWS API reference guide for AWS Identity and Access Management's
  5480  // API operation GenerateServiceLastAccessedDetails for usage and error information.
  5481  //
  5482  // Returned Error Codes:
  5483  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
  5484  //   The request was rejected because it referenced a resource entity that does
  5485  //   not exist. The error message describes the resource.
  5486  //
  5487  //   * ErrCodeInvalidInputException "InvalidInput"
  5488  //   The request was rejected because an invalid or out-of-range value was supplied
  5489  //   for an input parameter.
  5490  //
  5491  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GenerateServiceLastAccessedDetails
  5492  func (c *IAM) GenerateServiceLastAccessedDetails(input *GenerateServiceLastAccessedDetailsInput) (*GenerateServiceLastAccessedDetailsOutput, error) {
  5493  	req, out := c.GenerateServiceLastAccessedDetailsRequest(input)
  5494  	return out, req.Send()
  5495  }
  5496  
  5497  // GenerateServiceLastAccessedDetailsWithContext is the same as GenerateServiceLastAccessedDetails with the addition of
  5498  // the ability to pass a context and additional request options.
  5499  //
  5500  // See GenerateServiceLastAccessedDetails for details on how to use this API operation.
  5501  //
  5502  // The context must be non-nil and will be used for request cancellation. If
  5503  // the context is nil a panic will occur. In the future the SDK may create
  5504  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
  5505  // for more information on using Contexts.
  5506  func (c *IAM) GenerateServiceLastAccessedDetailsWithContext(ctx aws.Context, input *GenerateServiceLastAccessedDetailsInput, opts ...request.Option) (*GenerateServiceLastAccessedDetailsOutput, error) {
  5507  	req, out := c.GenerateServiceLastAccessedDetailsRequest(input)
  5508  	req.SetContext(ctx)
  5509  	req.ApplyOptions(opts...)
  5510  	return out, req.Send()
  5511  }
  5512  
  5513  const opGetAccessKeyLastUsed = "GetAccessKeyLastUsed"
  5514  
  5515  // GetAccessKeyLastUsedRequest generates a "aws/request.Request" representing the
  5516  // client's request for the GetAccessKeyLastUsed operation. The "output" return
  5517  // value will be populated with the request's response once the request completes
  5518  // successfully.
  5519  //
  5520  // Use "Send" method on the returned Request to send the API call to the service.
  5521  // the "output" return value is not valid until after Send returns without error.
  5522  //
  5523  // See GetAccessKeyLastUsed for more information on using the GetAccessKeyLastUsed
  5524  // API call, and error handling.
  5525  //
  5526  // This method is useful when you want to inject custom logic or configuration
  5527  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
  5528  //
  5529  //
  5530  //    // Example sending a request using the GetAccessKeyLastUsedRequest method.
  5531  //    req, resp := client.GetAccessKeyLastUsedRequest(params)
  5532  //
  5533  //    err := req.Send()
  5534  //    if err == nil { // resp is now filled
  5535  //        fmt.Println(resp)
  5536  //    }
  5537  //
  5538  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetAccessKeyLastUsed
  5539  func (c *IAM) GetAccessKeyLastUsedRequest(input *GetAccessKeyLastUsedInput) (req *request.Request, output *GetAccessKeyLastUsedOutput) {
  5540  	op := &request.Operation{
  5541  		Name:       opGetAccessKeyLastUsed,
  5542  		HTTPMethod: "POST",
  5543  		HTTPPath:   "/",
  5544  	}
  5545  
  5546  	if input == nil {
  5547  		input = &GetAccessKeyLastUsedInput{}
  5548  	}
  5549  
  5550  	output = &GetAccessKeyLastUsedOutput{}
  5551  	req = c.newRequest(op, input, output)
  5552  	return
  5553  }
  5554  
  5555  // GetAccessKeyLastUsed API operation for AWS Identity and Access Management.
  5556  //
  5557  // Retrieves information about when the specified access key was last used.
  5558  // The information includes the date and time of last use, along with the Amazon
  5559  // Web Services service and Region that were specified in the last request made
  5560  // with that key.
  5561  //
  5562  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
  5563  // with awserr.Error's Code and Message methods to get detailed information about
  5564  // the error.
  5565  //
  5566  // See the AWS API reference guide for AWS Identity and Access Management's
  5567  // API operation GetAccessKeyLastUsed for usage and error information.
  5568  //
  5569  // Returned Error Codes:
  5570  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
  5571  //   The request was rejected because it referenced a resource entity that does
  5572  //   not exist. The error message describes the resource.
  5573  //
  5574  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetAccessKeyLastUsed
  5575  func (c *IAM) GetAccessKeyLastUsed(input *GetAccessKeyLastUsedInput) (*GetAccessKeyLastUsedOutput, error) {
  5576  	req, out := c.GetAccessKeyLastUsedRequest(input)
  5577  	return out, req.Send()
  5578  }
  5579  
  5580  // GetAccessKeyLastUsedWithContext is the same as GetAccessKeyLastUsed with the addition of
  5581  // the ability to pass a context and additional request options.
  5582  //
  5583  // See GetAccessKeyLastUsed for details on how to use this API operation.
  5584  //
  5585  // The context must be non-nil and will be used for request cancellation. If
  5586  // the context is nil a panic will occur. In the future the SDK may create
  5587  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
  5588  // for more information on using Contexts.
  5589  func (c *IAM) GetAccessKeyLastUsedWithContext(ctx aws.Context, input *GetAccessKeyLastUsedInput, opts ...request.Option) (*GetAccessKeyLastUsedOutput, error) {
  5590  	req, out := c.GetAccessKeyLastUsedRequest(input)
  5591  	req.SetContext(ctx)
  5592  	req.ApplyOptions(opts...)
  5593  	return out, req.Send()
  5594  }
  5595  
  5596  const opGetAccountAuthorizationDetails = "GetAccountAuthorizationDetails"
  5597  
  5598  // GetAccountAuthorizationDetailsRequest generates a "aws/request.Request" representing the
  5599  // client's request for the GetAccountAuthorizationDetails operation. The "output" return
  5600  // value will be populated with the request's response once the request completes
  5601  // successfully.
  5602  //
  5603  // Use "Send" method on the returned Request to send the API call to the service.
  5604  // the "output" return value is not valid until after Send returns without error.
  5605  //
  5606  // See GetAccountAuthorizationDetails for more information on using the GetAccountAuthorizationDetails
  5607  // API call, and error handling.
  5608  //
  5609  // This method is useful when you want to inject custom logic or configuration
  5610  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
  5611  //
  5612  //
  5613  //    // Example sending a request using the GetAccountAuthorizationDetailsRequest method.
  5614  //    req, resp := client.GetAccountAuthorizationDetailsRequest(params)
  5615  //
  5616  //    err := req.Send()
  5617  //    if err == nil { // resp is now filled
  5618  //        fmt.Println(resp)
  5619  //    }
  5620  //
  5621  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetAccountAuthorizationDetails
  5622  func (c *IAM) GetAccountAuthorizationDetailsRequest(input *GetAccountAuthorizationDetailsInput) (req *request.Request, output *GetAccountAuthorizationDetailsOutput) {
  5623  	op := &request.Operation{
  5624  		Name:       opGetAccountAuthorizationDetails,
  5625  		HTTPMethod: "POST",
  5626  		HTTPPath:   "/",
  5627  		Paginator: &request.Paginator{
  5628  			InputTokens:     []string{"Marker"},
  5629  			OutputTokens:    []string{"Marker"},
  5630  			LimitToken:      "MaxItems",
  5631  			TruncationToken: "IsTruncated",
  5632  		},
  5633  	}
  5634  
  5635  	if input == nil {
  5636  		input = &GetAccountAuthorizationDetailsInput{}
  5637  	}
  5638  
  5639  	output = &GetAccountAuthorizationDetailsOutput{}
  5640  	req = c.newRequest(op, input, output)
  5641  	return
  5642  }
  5643  
  5644  // GetAccountAuthorizationDetails API operation for AWS Identity and Access Management.
  5645  //
  5646  // Retrieves information about all IAM users, groups, roles, and policies in
  5647  // your Amazon Web Services account, including their relationships to one another.
  5648  // Use this operation to obtain a snapshot of the configuration of IAM permissions
  5649  // (users, groups, roles, and policies) in your account.
  5650  //
  5651  // Policies returned by this operation are URL-encoded compliant with RFC 3986
  5652  // (https://tools.ietf.org/html/rfc3986). You can use a URL decoding method
  5653  // to convert the policy back to plain JSON text. For example, if you use Java,
  5654  // you can use the decode method of the java.net.URLDecoder utility class in
  5655  // the Java SDK. Other languages and SDKs provide similar functionality.
  5656  //
  5657  // You can optionally filter the results using the Filter parameter. You can
  5658  // paginate the results using the MaxItems and Marker parameters.
  5659  //
  5660  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
  5661  // with awserr.Error's Code and Message methods to get detailed information about
  5662  // the error.
  5663  //
  5664  // See the AWS API reference guide for AWS Identity and Access Management's
  5665  // API operation GetAccountAuthorizationDetails for usage and error information.
  5666  //
  5667  // Returned Error Codes:
  5668  //   * ErrCodeServiceFailureException "ServiceFailure"
  5669  //   The request processing has failed because of an unknown error, exception
  5670  //   or failure.
  5671  //
  5672  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetAccountAuthorizationDetails
  5673  func (c *IAM) GetAccountAuthorizationDetails(input *GetAccountAuthorizationDetailsInput) (*GetAccountAuthorizationDetailsOutput, error) {
  5674  	req, out := c.GetAccountAuthorizationDetailsRequest(input)
  5675  	return out, req.Send()
  5676  }
  5677  
  5678  // GetAccountAuthorizationDetailsWithContext is the same as GetAccountAuthorizationDetails with the addition of
  5679  // the ability to pass a context and additional request options.
  5680  //
  5681  // See GetAccountAuthorizationDetails for details on how to use this API operation.
  5682  //
  5683  // The context must be non-nil and will be used for request cancellation. If
  5684  // the context is nil a panic will occur. In the future the SDK may create
  5685  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
  5686  // for more information on using Contexts.
  5687  func (c *IAM) GetAccountAuthorizationDetailsWithContext(ctx aws.Context, input *GetAccountAuthorizationDetailsInput, opts ...request.Option) (*GetAccountAuthorizationDetailsOutput, error) {
  5688  	req, out := c.GetAccountAuthorizationDetailsRequest(input)
  5689  	req.SetContext(ctx)
  5690  	req.ApplyOptions(opts...)
  5691  	return out, req.Send()
  5692  }
  5693  
  5694  // GetAccountAuthorizationDetailsPages iterates over the pages of a GetAccountAuthorizationDetails operation,
  5695  // calling the "fn" function with the response data for each page. To stop
  5696  // iterating, return false from the fn function.
  5697  //
  5698  // See GetAccountAuthorizationDetails method for more information on how to use this operation.
  5699  //
  5700  // Note: This operation can generate multiple requests to a service.
  5701  //
  5702  //    // Example iterating over at most 3 pages of a GetAccountAuthorizationDetails operation.
  5703  //    pageNum := 0
  5704  //    err := client.GetAccountAuthorizationDetailsPages(params,
  5705  //        func(page *iam.GetAccountAuthorizationDetailsOutput, lastPage bool) bool {
  5706  //            pageNum++
  5707  //            fmt.Println(page)
  5708  //            return pageNum <= 3
  5709  //        })
  5710  //
  5711  func (c *IAM) GetAccountAuthorizationDetailsPages(input *GetAccountAuthorizationDetailsInput, fn func(*GetAccountAuthorizationDetailsOutput, bool) bool) error {
  5712  	return c.GetAccountAuthorizationDetailsPagesWithContext(aws.BackgroundContext(), input, fn)
  5713  }
  5714  
  5715  // GetAccountAuthorizationDetailsPagesWithContext same as GetAccountAuthorizationDetailsPages except
  5716  // it takes a Context and allows setting request options on the pages.
  5717  //
  5718  // The context must be non-nil and will be used for request cancellation. If
  5719  // the context is nil a panic will occur. In the future the SDK may create
  5720  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
  5721  // for more information on using Contexts.
  5722  func (c *IAM) GetAccountAuthorizationDetailsPagesWithContext(ctx aws.Context, input *GetAccountAuthorizationDetailsInput, fn func(*GetAccountAuthorizationDetailsOutput, bool) bool, opts ...request.Option) error {
  5723  	p := request.Pagination{
  5724  		NewRequest: func() (*request.Request, error) {
  5725  			var inCpy *GetAccountAuthorizationDetailsInput
  5726  			if input != nil {
  5727  				tmp := *input
  5728  				inCpy = &tmp
  5729  			}
  5730  			req, _ := c.GetAccountAuthorizationDetailsRequest(inCpy)
  5731  			req.SetContext(ctx)
  5732  			req.ApplyOptions(opts...)
  5733  			return req, nil
  5734  		},
  5735  	}
  5736  
  5737  	for p.Next() {
  5738  		if !fn(p.Page().(*GetAccountAuthorizationDetailsOutput), !p.HasNextPage()) {
  5739  			break
  5740  		}
  5741  	}
  5742  
  5743  	return p.Err()
  5744  }
  5745  
  5746  const opGetAccountPasswordPolicy = "GetAccountPasswordPolicy"
  5747  
  5748  // GetAccountPasswordPolicyRequest generates a "aws/request.Request" representing the
  5749  // client's request for the GetAccountPasswordPolicy operation. The "output" return
  5750  // value will be populated with the request's response once the request completes
  5751  // successfully.
  5752  //
  5753  // Use "Send" method on the returned Request to send the API call to the service.
  5754  // the "output" return value is not valid until after Send returns without error.
  5755  //
  5756  // See GetAccountPasswordPolicy for more information on using the GetAccountPasswordPolicy
  5757  // API call, and error handling.
  5758  //
  5759  // This method is useful when you want to inject custom logic or configuration
  5760  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
  5761  //
  5762  //
  5763  //    // Example sending a request using the GetAccountPasswordPolicyRequest method.
  5764  //    req, resp := client.GetAccountPasswordPolicyRequest(params)
  5765  //
  5766  //    err := req.Send()
  5767  //    if err == nil { // resp is now filled
  5768  //        fmt.Println(resp)
  5769  //    }
  5770  //
  5771  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetAccountPasswordPolicy
  5772  func (c *IAM) GetAccountPasswordPolicyRequest(input *GetAccountPasswordPolicyInput) (req *request.Request, output *GetAccountPasswordPolicyOutput) {
  5773  	op := &request.Operation{
  5774  		Name:       opGetAccountPasswordPolicy,
  5775  		HTTPMethod: "POST",
  5776  		HTTPPath:   "/",
  5777  	}
  5778  
  5779  	if input == nil {
  5780  		input = &GetAccountPasswordPolicyInput{}
  5781  	}
  5782  
  5783  	output = &GetAccountPasswordPolicyOutput{}
  5784  	req = c.newRequest(op, input, output)
  5785  	return
  5786  }
  5787  
  5788  // GetAccountPasswordPolicy API operation for AWS Identity and Access Management.
  5789  //
  5790  // Retrieves the password policy for the Amazon Web Services account. This tells
  5791  // you the complexity requirements and mandatory rotation periods for the IAM
  5792  // user passwords in your account. For more information about using a password
  5793  // policy, see Managing an IAM password policy (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_ManagingPasswordPolicies.html).
  5794  //
  5795  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
  5796  // with awserr.Error's Code and Message methods to get detailed information about
  5797  // the error.
  5798  //
  5799  // See the AWS API reference guide for AWS Identity and Access Management's
  5800  // API operation GetAccountPasswordPolicy for usage and error information.
  5801  //
  5802  // Returned Error Codes:
  5803  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
  5804  //   The request was rejected because it referenced a resource entity that does
  5805  //   not exist. The error message describes the resource.
  5806  //
  5807  //   * ErrCodeServiceFailureException "ServiceFailure"
  5808  //   The request processing has failed because of an unknown error, exception
  5809  //   or failure.
  5810  //
  5811  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetAccountPasswordPolicy
  5812  func (c *IAM) GetAccountPasswordPolicy(input *GetAccountPasswordPolicyInput) (*GetAccountPasswordPolicyOutput, error) {
  5813  	req, out := c.GetAccountPasswordPolicyRequest(input)
  5814  	return out, req.Send()
  5815  }
  5816  
  5817  // GetAccountPasswordPolicyWithContext is the same as GetAccountPasswordPolicy with the addition of
  5818  // the ability to pass a context and additional request options.
  5819  //
  5820  // See GetAccountPasswordPolicy for details on how to use this API operation.
  5821  //
  5822  // The context must be non-nil and will be used for request cancellation. If
  5823  // the context is nil a panic will occur. In the future the SDK may create
  5824  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
  5825  // for more information on using Contexts.
  5826  func (c *IAM) GetAccountPasswordPolicyWithContext(ctx aws.Context, input *GetAccountPasswordPolicyInput, opts ...request.Option) (*GetAccountPasswordPolicyOutput, error) {
  5827  	req, out := c.GetAccountPasswordPolicyRequest(input)
  5828  	req.SetContext(ctx)
  5829  	req.ApplyOptions(opts...)
  5830  	return out, req.Send()
  5831  }
  5832  
  5833  const opGetAccountSummary = "GetAccountSummary"
  5834  
  5835  // GetAccountSummaryRequest generates a "aws/request.Request" representing the
  5836  // client's request for the GetAccountSummary operation. The "output" return
  5837  // value will be populated with the request's response once the request completes
  5838  // successfully.
  5839  //
  5840  // Use "Send" method on the returned Request to send the API call to the service.
  5841  // the "output" return value is not valid until after Send returns without error.
  5842  //
  5843  // See GetAccountSummary for more information on using the GetAccountSummary
  5844  // API call, and error handling.
  5845  //
  5846  // This method is useful when you want to inject custom logic or configuration
  5847  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
  5848  //
  5849  //
  5850  //    // Example sending a request using the GetAccountSummaryRequest method.
  5851  //    req, resp := client.GetAccountSummaryRequest(params)
  5852  //
  5853  //    err := req.Send()
  5854  //    if err == nil { // resp is now filled
  5855  //        fmt.Println(resp)
  5856  //    }
  5857  //
  5858  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetAccountSummary
  5859  func (c *IAM) GetAccountSummaryRequest(input *GetAccountSummaryInput) (req *request.Request, output *GetAccountSummaryOutput) {
  5860  	op := &request.Operation{
  5861  		Name:       opGetAccountSummary,
  5862  		HTTPMethod: "POST",
  5863  		HTTPPath:   "/",
  5864  	}
  5865  
  5866  	if input == nil {
  5867  		input = &GetAccountSummaryInput{}
  5868  	}
  5869  
  5870  	output = &GetAccountSummaryOutput{}
  5871  	req = c.newRequest(op, input, output)
  5872  	return
  5873  }
  5874  
  5875  // GetAccountSummary API operation for AWS Identity and Access Management.
  5876  //
  5877  // Retrieves information about IAM entity usage and IAM quotas in the Amazon
  5878  // Web Services account.
  5879  //
  5880  // For information about IAM quotas, see IAM and STS quotas (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html)
  5881  // in the IAM User Guide.
  5882  //
  5883  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
  5884  // with awserr.Error's Code and Message methods to get detailed information about
  5885  // the error.
  5886  //
  5887  // See the AWS API reference guide for AWS Identity and Access Management's
  5888  // API operation GetAccountSummary for usage and error information.
  5889  //
  5890  // Returned Error Codes:
  5891  //   * ErrCodeServiceFailureException "ServiceFailure"
  5892  //   The request processing has failed because of an unknown error, exception
  5893  //   or failure.
  5894  //
  5895  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetAccountSummary
  5896  func (c *IAM) GetAccountSummary(input *GetAccountSummaryInput) (*GetAccountSummaryOutput, error) {
  5897  	req, out := c.GetAccountSummaryRequest(input)
  5898  	return out, req.Send()
  5899  }
  5900  
  5901  // GetAccountSummaryWithContext is the same as GetAccountSummary with the addition of
  5902  // the ability to pass a context and additional request options.
  5903  //
  5904  // See GetAccountSummary for details on how to use this API operation.
  5905  //
  5906  // The context must be non-nil and will be used for request cancellation. If
  5907  // the context is nil a panic will occur. In the future the SDK may create
  5908  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
  5909  // for more information on using Contexts.
  5910  func (c *IAM) GetAccountSummaryWithContext(ctx aws.Context, input *GetAccountSummaryInput, opts ...request.Option) (*GetAccountSummaryOutput, error) {
  5911  	req, out := c.GetAccountSummaryRequest(input)
  5912  	req.SetContext(ctx)
  5913  	req.ApplyOptions(opts...)
  5914  	return out, req.Send()
  5915  }
  5916  
  5917  const opGetContextKeysForCustomPolicy = "GetContextKeysForCustomPolicy"
  5918  
  5919  // GetContextKeysForCustomPolicyRequest generates a "aws/request.Request" representing the
  5920  // client's request for the GetContextKeysForCustomPolicy operation. The "output" return
  5921  // value will be populated with the request's response once the request completes
  5922  // successfully.
  5923  //
  5924  // Use "Send" method on the returned Request to send the API call to the service.
  5925  // the "output" return value is not valid until after Send returns without error.
  5926  //
  5927  // See GetContextKeysForCustomPolicy for more information on using the GetContextKeysForCustomPolicy
  5928  // API call, and error handling.
  5929  //
  5930  // This method is useful when you want to inject custom logic or configuration
  5931  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
  5932  //
  5933  //
  5934  //    // Example sending a request using the GetContextKeysForCustomPolicyRequest method.
  5935  //    req, resp := client.GetContextKeysForCustomPolicyRequest(params)
  5936  //
  5937  //    err := req.Send()
  5938  //    if err == nil { // resp is now filled
  5939  //        fmt.Println(resp)
  5940  //    }
  5941  //
  5942  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetContextKeysForCustomPolicy
  5943  func (c *IAM) GetContextKeysForCustomPolicyRequest(input *GetContextKeysForCustomPolicyInput) (req *request.Request, output *GetContextKeysForPolicyResponse) {
  5944  	op := &request.Operation{
  5945  		Name:       opGetContextKeysForCustomPolicy,
  5946  		HTTPMethod: "POST",
  5947  		HTTPPath:   "/",
  5948  	}
  5949  
  5950  	if input == nil {
  5951  		input = &GetContextKeysForCustomPolicyInput{}
  5952  	}
  5953  
  5954  	output = &GetContextKeysForPolicyResponse{}
  5955  	req = c.newRequest(op, input, output)
  5956  	return
  5957  }
  5958  
  5959  // GetContextKeysForCustomPolicy API operation for AWS Identity and Access Management.
  5960  //
  5961  // Gets a list of all of the context keys referenced in the input policies.
  5962  // The policies are supplied as a list of one or more strings. To get the context
  5963  // keys from policies associated with an IAM user, group, or role, use GetContextKeysForPrincipalPolicy.
  5964  //
  5965  // Context keys are variables maintained by Amazon Web Services and its services
  5966  // that provide details about the context of an API query request. Context keys
  5967  // can be evaluated by testing against a value specified in an IAM policy. Use
  5968  // GetContextKeysForCustomPolicy to understand what key names and values you
  5969  // must supply when you call SimulateCustomPolicy. Note that all parameters
  5970  // are shown in unencoded form here for clarity but must be URL encoded to be
  5971  // included as a part of a real HTML request.
  5972  //
  5973  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
  5974  // with awserr.Error's Code and Message methods to get detailed information about
  5975  // the error.
  5976  //
  5977  // See the AWS API reference guide for AWS Identity and Access Management's
  5978  // API operation GetContextKeysForCustomPolicy for usage and error information.
  5979  //
  5980  // Returned Error Codes:
  5981  //   * ErrCodeInvalidInputException "InvalidInput"
  5982  //   The request was rejected because an invalid or out-of-range value was supplied
  5983  //   for an input parameter.
  5984  //
  5985  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetContextKeysForCustomPolicy
  5986  func (c *IAM) GetContextKeysForCustomPolicy(input *GetContextKeysForCustomPolicyInput) (*GetContextKeysForPolicyResponse, error) {
  5987  	req, out := c.GetContextKeysForCustomPolicyRequest(input)
  5988  	return out, req.Send()
  5989  }
  5990  
  5991  // GetContextKeysForCustomPolicyWithContext is the same as GetContextKeysForCustomPolicy with the addition of
  5992  // the ability to pass a context and additional request options.
  5993  //
  5994  // See GetContextKeysForCustomPolicy for details on how to use this API operation.
  5995  //
  5996  // The context must be non-nil and will be used for request cancellation. If
  5997  // the context is nil a panic will occur. In the future the SDK may create
  5998  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
  5999  // for more information on using Contexts.
  6000  func (c *IAM) GetContextKeysForCustomPolicyWithContext(ctx aws.Context, input *GetContextKeysForCustomPolicyInput, opts ...request.Option) (*GetContextKeysForPolicyResponse, error) {
  6001  	req, out := c.GetContextKeysForCustomPolicyRequest(input)
  6002  	req.SetContext(ctx)
  6003  	req.ApplyOptions(opts...)
  6004  	return out, req.Send()
  6005  }
  6006  
  6007  const opGetContextKeysForPrincipalPolicy = "GetContextKeysForPrincipalPolicy"
  6008  
  6009  // GetContextKeysForPrincipalPolicyRequest generates a "aws/request.Request" representing the
  6010  // client's request for the GetContextKeysForPrincipalPolicy operation. The "output" return
  6011  // value will be populated with the request's response once the request completes
  6012  // successfully.
  6013  //
  6014  // Use "Send" method on the returned Request to send the API call to the service.
  6015  // the "output" return value is not valid until after Send returns without error.
  6016  //
  6017  // See GetContextKeysForPrincipalPolicy for more information on using the GetContextKeysForPrincipalPolicy
  6018  // API call, and error handling.
  6019  //
  6020  // This method is useful when you want to inject custom logic or configuration
  6021  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
  6022  //
  6023  //
  6024  //    // Example sending a request using the GetContextKeysForPrincipalPolicyRequest method.
  6025  //    req, resp := client.GetContextKeysForPrincipalPolicyRequest(params)
  6026  //
  6027  //    err := req.Send()
  6028  //    if err == nil { // resp is now filled
  6029  //        fmt.Println(resp)
  6030  //    }
  6031  //
  6032  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetContextKeysForPrincipalPolicy
  6033  func (c *IAM) GetContextKeysForPrincipalPolicyRequest(input *GetContextKeysForPrincipalPolicyInput) (req *request.Request, output *GetContextKeysForPolicyResponse) {
  6034  	op := &request.Operation{
  6035  		Name:       opGetContextKeysForPrincipalPolicy,
  6036  		HTTPMethod: "POST",
  6037  		HTTPPath:   "/",
  6038  	}
  6039  
  6040  	if input == nil {
  6041  		input = &GetContextKeysForPrincipalPolicyInput{}
  6042  	}
  6043  
  6044  	output = &GetContextKeysForPolicyResponse{}
  6045  	req = c.newRequest(op, input, output)
  6046  	return
  6047  }
  6048  
  6049  // GetContextKeysForPrincipalPolicy API operation for AWS Identity and Access Management.
  6050  //
  6051  // Gets a list of all of the context keys referenced in all the IAM policies
  6052  // that are attached to the specified IAM entity. The entity can be an IAM user,
  6053  // group, or role. If you specify a user, then the request also includes all
  6054  // of the policies attached to groups that the user is a member of.
  6055  //
  6056  // You can optionally include a list of one or more additional policies, specified
  6057  // as strings. If you want to include only a list of policies by string, use
  6058  // GetContextKeysForCustomPolicy instead.
  6059  //
  6060  // Note: This operation discloses information about the permissions granted
  6061  // to other users. If you do not want users to see other user's permissions,
  6062  // then consider allowing them to use GetContextKeysForCustomPolicy instead.
  6063  //
  6064  // Context keys are variables maintained by Amazon Web Services and its services
  6065  // that provide details about the context of an API query request. Context keys
  6066  // can be evaluated by testing against a value in an IAM policy. Use GetContextKeysForPrincipalPolicy
  6067  // to understand what key names and values you must supply when you call SimulatePrincipalPolicy.
  6068  //
  6069  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
  6070  // with awserr.Error's Code and Message methods to get detailed information about
  6071  // the error.
  6072  //
  6073  // See the AWS API reference guide for AWS Identity and Access Management's
  6074  // API operation GetContextKeysForPrincipalPolicy for usage and error information.
  6075  //
  6076  // Returned Error Codes:
  6077  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
  6078  //   The request was rejected because it referenced a resource entity that does
  6079  //   not exist. The error message describes the resource.
  6080  //
  6081  //   * ErrCodeInvalidInputException "InvalidInput"
  6082  //   The request was rejected because an invalid or out-of-range value was supplied
  6083  //   for an input parameter.
  6084  //
  6085  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetContextKeysForPrincipalPolicy
  6086  func (c *IAM) GetContextKeysForPrincipalPolicy(input *GetContextKeysForPrincipalPolicyInput) (*GetContextKeysForPolicyResponse, error) {
  6087  	req, out := c.GetContextKeysForPrincipalPolicyRequest(input)
  6088  	return out, req.Send()
  6089  }
  6090  
  6091  // GetContextKeysForPrincipalPolicyWithContext is the same as GetContextKeysForPrincipalPolicy with the addition of
  6092  // the ability to pass a context and additional request options.
  6093  //
  6094  // See GetContextKeysForPrincipalPolicy for details on how to use this API operation.
  6095  //
  6096  // The context must be non-nil and will be used for request cancellation. If
  6097  // the context is nil a panic will occur. In the future the SDK may create
  6098  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
  6099  // for more information on using Contexts.
  6100  func (c *IAM) GetContextKeysForPrincipalPolicyWithContext(ctx aws.Context, input *GetContextKeysForPrincipalPolicyInput, opts ...request.Option) (*GetContextKeysForPolicyResponse, error) {
  6101  	req, out := c.GetContextKeysForPrincipalPolicyRequest(input)
  6102  	req.SetContext(ctx)
  6103  	req.ApplyOptions(opts...)
  6104  	return out, req.Send()
  6105  }
  6106  
  6107  const opGetCredentialReport = "GetCredentialReport"
  6108  
  6109  // GetCredentialReportRequest generates a "aws/request.Request" representing the
  6110  // client's request for the GetCredentialReport operation. The "output" return
  6111  // value will be populated with the request's response once the request completes
  6112  // successfully.
  6113  //
  6114  // Use "Send" method on the returned Request to send the API call to the service.
  6115  // the "output" return value is not valid until after Send returns without error.
  6116  //
  6117  // See GetCredentialReport for more information on using the GetCredentialReport
  6118  // API call, and error handling.
  6119  //
  6120  // This method is useful when you want to inject custom logic or configuration
  6121  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
  6122  //
  6123  //
  6124  //    // Example sending a request using the GetCredentialReportRequest method.
  6125  //    req, resp := client.GetCredentialReportRequest(params)
  6126  //
  6127  //    err := req.Send()
  6128  //    if err == nil { // resp is now filled
  6129  //        fmt.Println(resp)
  6130  //    }
  6131  //
  6132  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetCredentialReport
  6133  func (c *IAM) GetCredentialReportRequest(input *GetCredentialReportInput) (req *request.Request, output *GetCredentialReportOutput) {
  6134  	op := &request.Operation{
  6135  		Name:       opGetCredentialReport,
  6136  		HTTPMethod: "POST",
  6137  		HTTPPath:   "/",
  6138  	}
  6139  
  6140  	if input == nil {
  6141  		input = &GetCredentialReportInput{}
  6142  	}
  6143  
  6144  	output = &GetCredentialReportOutput{}
  6145  	req = c.newRequest(op, input, output)
  6146  	return
  6147  }
  6148  
  6149  // GetCredentialReport API operation for AWS Identity and Access Management.
  6150  //
  6151  // Retrieves a credential report for the Amazon Web Services account. For more
  6152  // information about the credential report, see Getting credential reports (https://docs.aws.amazon.com/IAM/latest/UserGuide/credential-reports.html)
  6153  // in the IAM User Guide.
  6154  //
  6155  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
  6156  // with awserr.Error's Code and Message methods to get detailed information about
  6157  // the error.
  6158  //
  6159  // See the AWS API reference guide for AWS Identity and Access Management's
  6160  // API operation GetCredentialReport for usage and error information.
  6161  //
  6162  // Returned Error Codes:
  6163  //   * ErrCodeCredentialReportNotPresentException "ReportNotPresent"
  6164  //   The request was rejected because the credential report does not exist. To
  6165  //   generate a credential report, use GenerateCredentialReport.
  6166  //
  6167  //   * ErrCodeCredentialReportExpiredException "ReportExpired"
  6168  //   The request was rejected because the most recent credential report has expired.
  6169  //   To generate a new credential report, use GenerateCredentialReport. For more
  6170  //   information about credential report expiration, see Getting credential reports
  6171  //   (https://docs.aws.amazon.com/IAM/latest/UserGuide/credential-reports.html)
  6172  //   in the IAM User Guide.
  6173  //
  6174  //   * ErrCodeCredentialReportNotReadyException "ReportInProgress"
  6175  //   The request was rejected because the credential report is still being generated.
  6176  //
  6177  //   * ErrCodeServiceFailureException "ServiceFailure"
  6178  //   The request processing has failed because of an unknown error, exception
  6179  //   or failure.
  6180  //
  6181  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetCredentialReport
  6182  func (c *IAM) GetCredentialReport(input *GetCredentialReportInput) (*GetCredentialReportOutput, error) {
  6183  	req, out := c.GetCredentialReportRequest(input)
  6184  	return out, req.Send()
  6185  }
  6186  
  6187  // GetCredentialReportWithContext is the same as GetCredentialReport with the addition of
  6188  // the ability to pass a context and additional request options.
  6189  //
  6190  // See GetCredentialReport for details on how to use this API operation.
  6191  //
  6192  // The context must be non-nil and will be used for request cancellation. If
  6193  // the context is nil a panic will occur. In the future the SDK may create
  6194  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
  6195  // for more information on using Contexts.
  6196  func (c *IAM) GetCredentialReportWithContext(ctx aws.Context, input *GetCredentialReportInput, opts ...request.Option) (*GetCredentialReportOutput, error) {
  6197  	req, out := c.GetCredentialReportRequest(input)
  6198  	req.SetContext(ctx)
  6199  	req.ApplyOptions(opts...)
  6200  	return out, req.Send()
  6201  }
  6202  
  6203  const opGetGroup = "GetGroup"
  6204  
  6205  // GetGroupRequest generates a "aws/request.Request" representing the
  6206  // client's request for the GetGroup operation. The "output" return
  6207  // value will be populated with the request's response once the request completes
  6208  // successfully.
  6209  //
  6210  // Use "Send" method on the returned Request to send the API call to the service.
  6211  // the "output" return value is not valid until after Send returns without error.
  6212  //
  6213  // See GetGroup for more information on using the GetGroup
  6214  // API call, and error handling.
  6215  //
  6216  // This method is useful when you want to inject custom logic or configuration
  6217  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
  6218  //
  6219  //
  6220  //    // Example sending a request using the GetGroupRequest method.
  6221  //    req, resp := client.GetGroupRequest(params)
  6222  //
  6223  //    err := req.Send()
  6224  //    if err == nil { // resp is now filled
  6225  //        fmt.Println(resp)
  6226  //    }
  6227  //
  6228  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetGroup
  6229  func (c *IAM) GetGroupRequest(input *GetGroupInput) (req *request.Request, output *GetGroupOutput) {
  6230  	op := &request.Operation{
  6231  		Name:       opGetGroup,
  6232  		HTTPMethod: "POST",
  6233  		HTTPPath:   "/",
  6234  		Paginator: &request.Paginator{
  6235  			InputTokens:     []string{"Marker"},
  6236  			OutputTokens:    []string{"Marker"},
  6237  			LimitToken:      "MaxItems",
  6238  			TruncationToken: "IsTruncated",
  6239  		},
  6240  	}
  6241  
  6242  	if input == nil {
  6243  		input = &GetGroupInput{}
  6244  	}
  6245  
  6246  	output = &GetGroupOutput{}
  6247  	req = c.newRequest(op, input, output)
  6248  	return
  6249  }
  6250  
  6251  // GetGroup API operation for AWS Identity and Access Management.
  6252  //
  6253  // Returns a list of IAM users that are in the specified IAM group. You can
  6254  // paginate the results using the MaxItems and Marker parameters.
  6255  //
  6256  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
  6257  // with awserr.Error's Code and Message methods to get detailed information about
  6258  // the error.
  6259  //
  6260  // See the AWS API reference guide for AWS Identity and Access Management's
  6261  // API operation GetGroup for usage and error information.
  6262  //
  6263  // Returned Error Codes:
  6264  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
  6265  //   The request was rejected because it referenced a resource entity that does
  6266  //   not exist. The error message describes the resource.
  6267  //
  6268  //   * ErrCodeServiceFailureException "ServiceFailure"
  6269  //   The request processing has failed because of an unknown error, exception
  6270  //   or failure.
  6271  //
  6272  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetGroup
  6273  func (c *IAM) GetGroup(input *GetGroupInput) (*GetGroupOutput, error) {
  6274  	req, out := c.GetGroupRequest(input)
  6275  	return out, req.Send()
  6276  }
  6277  
  6278  // GetGroupWithContext is the same as GetGroup with the addition of
  6279  // the ability to pass a context and additional request options.
  6280  //
  6281  // See GetGroup for details on how to use this API operation.
  6282  //
  6283  // The context must be non-nil and will be used for request cancellation. If
  6284  // the context is nil a panic will occur. In the future the SDK may create
  6285  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
  6286  // for more information on using Contexts.
  6287  func (c *IAM) GetGroupWithContext(ctx aws.Context, input *GetGroupInput, opts ...request.Option) (*GetGroupOutput, error) {
  6288  	req, out := c.GetGroupRequest(input)
  6289  	req.SetContext(ctx)
  6290  	req.ApplyOptions(opts...)
  6291  	return out, req.Send()
  6292  }
  6293  
  6294  // GetGroupPages iterates over the pages of a GetGroup operation,
  6295  // calling the "fn" function with the response data for each page. To stop
  6296  // iterating, return false from the fn function.
  6297  //
  6298  // See GetGroup method for more information on how to use this operation.
  6299  //
  6300  // Note: This operation can generate multiple requests to a service.
  6301  //
  6302  //    // Example iterating over at most 3 pages of a GetGroup operation.
  6303  //    pageNum := 0
  6304  //    err := client.GetGroupPages(params,
  6305  //        func(page *iam.GetGroupOutput, lastPage bool) bool {
  6306  //            pageNum++
  6307  //            fmt.Println(page)
  6308  //            return pageNum <= 3
  6309  //        })
  6310  //
  6311  func (c *IAM) GetGroupPages(input *GetGroupInput, fn func(*GetGroupOutput, bool) bool) error {
  6312  	return c.GetGroupPagesWithContext(aws.BackgroundContext(), input, fn)
  6313  }
  6314  
  6315  // GetGroupPagesWithContext same as GetGroupPages except
  6316  // it takes a Context and allows setting request options on the pages.
  6317  //
  6318  // The context must be non-nil and will be used for request cancellation. If
  6319  // the context is nil a panic will occur. In the future the SDK may create
  6320  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
  6321  // for more information on using Contexts.
  6322  func (c *IAM) GetGroupPagesWithContext(ctx aws.Context, input *GetGroupInput, fn func(*GetGroupOutput, bool) bool, opts ...request.Option) error {
  6323  	p := request.Pagination{
  6324  		NewRequest: func() (*request.Request, error) {
  6325  			var inCpy *GetGroupInput
  6326  			if input != nil {
  6327  				tmp := *input
  6328  				inCpy = &tmp
  6329  			}
  6330  			req, _ := c.GetGroupRequest(inCpy)
  6331  			req.SetContext(ctx)
  6332  			req.ApplyOptions(opts...)
  6333  			return req, nil
  6334  		},
  6335  	}
  6336  
  6337  	for p.Next() {
  6338  		if !fn(p.Page().(*GetGroupOutput), !p.HasNextPage()) {
  6339  			break
  6340  		}
  6341  	}
  6342  
  6343  	return p.Err()
  6344  }
  6345  
  6346  const opGetGroupPolicy = "GetGroupPolicy"
  6347  
  6348  // GetGroupPolicyRequest generates a "aws/request.Request" representing the
  6349  // client's request for the GetGroupPolicy operation. The "output" return
  6350  // value will be populated with the request's response once the request completes
  6351  // successfully.
  6352  //
  6353  // Use "Send" method on the returned Request to send the API call to the service.
  6354  // the "output" return value is not valid until after Send returns without error.
  6355  //
  6356  // See GetGroupPolicy for more information on using the GetGroupPolicy
  6357  // API call, and error handling.
  6358  //
  6359  // This method is useful when you want to inject custom logic or configuration
  6360  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
  6361  //
  6362  //
  6363  //    // Example sending a request using the GetGroupPolicyRequest method.
  6364  //    req, resp := client.GetGroupPolicyRequest(params)
  6365  //
  6366  //    err := req.Send()
  6367  //    if err == nil { // resp is now filled
  6368  //        fmt.Println(resp)
  6369  //    }
  6370  //
  6371  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetGroupPolicy
  6372  func (c *IAM) GetGroupPolicyRequest(input *GetGroupPolicyInput) (req *request.Request, output *GetGroupPolicyOutput) {
  6373  	op := &request.Operation{
  6374  		Name:       opGetGroupPolicy,
  6375  		HTTPMethod: "POST",
  6376  		HTTPPath:   "/",
  6377  	}
  6378  
  6379  	if input == nil {
  6380  		input = &GetGroupPolicyInput{}
  6381  	}
  6382  
  6383  	output = &GetGroupPolicyOutput{}
  6384  	req = c.newRequest(op, input, output)
  6385  	return
  6386  }
  6387  
  6388  // GetGroupPolicy API operation for AWS Identity and Access Management.
  6389  //
  6390  // Retrieves the specified inline policy document that is embedded in the specified
  6391  // IAM group.
  6392  //
  6393  // Policies returned by this operation are URL-encoded compliant with RFC 3986
  6394  // (https://tools.ietf.org/html/rfc3986). You can use a URL decoding method
  6395  // to convert the policy back to plain JSON text. For example, if you use Java,
  6396  // you can use the decode method of the java.net.URLDecoder utility class in
  6397  // the Java SDK. Other languages and SDKs provide similar functionality.
  6398  //
  6399  // An IAM group can also have managed policies attached to it. To retrieve a
  6400  // managed policy document that is attached to a group, use GetPolicy to determine
  6401  // the policy's default version, then use GetPolicyVersion to retrieve the policy
  6402  // document.
  6403  //
  6404  // For more information about policies, see Managed policies and inline policies
  6405  // (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
  6406  // in the IAM User Guide.
  6407  //
  6408  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
  6409  // with awserr.Error's Code and Message methods to get detailed information about
  6410  // the error.
  6411  //
  6412  // See the AWS API reference guide for AWS Identity and Access Management's
  6413  // API operation GetGroupPolicy for usage and error information.
  6414  //
  6415  // Returned Error Codes:
  6416  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
  6417  //   The request was rejected because it referenced a resource entity that does
  6418  //   not exist. The error message describes the resource.
  6419  //
  6420  //   * ErrCodeServiceFailureException "ServiceFailure"
  6421  //   The request processing has failed because of an unknown error, exception
  6422  //   or failure.
  6423  //
  6424  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetGroupPolicy
  6425  func (c *IAM) GetGroupPolicy(input *GetGroupPolicyInput) (*GetGroupPolicyOutput, error) {
  6426  	req, out := c.GetGroupPolicyRequest(input)
  6427  	return out, req.Send()
  6428  }
  6429  
  6430  // GetGroupPolicyWithContext is the same as GetGroupPolicy with the addition of
  6431  // the ability to pass a context and additional request options.
  6432  //
  6433  // See GetGroupPolicy for details on how to use this API operation.
  6434  //
  6435  // The context must be non-nil and will be used for request cancellation. If
  6436  // the context is nil a panic will occur. In the future the SDK may create
  6437  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
  6438  // for more information on using Contexts.
  6439  func (c *IAM) GetGroupPolicyWithContext(ctx aws.Context, input *GetGroupPolicyInput, opts ...request.Option) (*GetGroupPolicyOutput, error) {
  6440  	req, out := c.GetGroupPolicyRequest(input)
  6441  	req.SetContext(ctx)
  6442  	req.ApplyOptions(opts...)
  6443  	return out, req.Send()
  6444  }
  6445  
  6446  const opGetInstanceProfile = "GetInstanceProfile"
  6447  
  6448  // GetInstanceProfileRequest generates a "aws/request.Request" representing the
  6449  // client's request for the GetInstanceProfile operation. The "output" return
  6450  // value will be populated with the request's response once the request completes
  6451  // successfully.
  6452  //
  6453  // Use "Send" method on the returned Request to send the API call to the service.
  6454  // the "output" return value is not valid until after Send returns without error.
  6455  //
  6456  // See GetInstanceProfile for more information on using the GetInstanceProfile
  6457  // API call, and error handling.
  6458  //
  6459  // This method is useful when you want to inject custom logic or configuration
  6460  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
  6461  //
  6462  //
  6463  //    // Example sending a request using the GetInstanceProfileRequest method.
  6464  //    req, resp := client.GetInstanceProfileRequest(params)
  6465  //
  6466  //    err := req.Send()
  6467  //    if err == nil { // resp is now filled
  6468  //        fmt.Println(resp)
  6469  //    }
  6470  //
  6471  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetInstanceProfile
  6472  func (c *IAM) GetInstanceProfileRequest(input *GetInstanceProfileInput) (req *request.Request, output *GetInstanceProfileOutput) {
  6473  	op := &request.Operation{
  6474  		Name:       opGetInstanceProfile,
  6475  		HTTPMethod: "POST",
  6476  		HTTPPath:   "/",
  6477  	}
  6478  
  6479  	if input == nil {
  6480  		input = &GetInstanceProfileInput{}
  6481  	}
  6482  
  6483  	output = &GetInstanceProfileOutput{}
  6484  	req = c.newRequest(op, input, output)
  6485  	return
  6486  }
  6487  
  6488  // GetInstanceProfile API operation for AWS Identity and Access Management.
  6489  //
  6490  // Retrieves information about the specified instance profile, including the
  6491  // instance profile's path, GUID, ARN, and role. For more information about
  6492  // instance profiles, see About instance profiles (https://docs.aws.amazon.com/IAM/latest/UserGuide/AboutInstanceProfiles.html)
  6493  // in the IAM User Guide.
  6494  //
  6495  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
  6496  // with awserr.Error's Code and Message methods to get detailed information about
  6497  // the error.
  6498  //
  6499  // See the AWS API reference guide for AWS Identity and Access Management's
  6500  // API operation GetInstanceProfile for usage and error information.
  6501  //
  6502  // Returned Error Codes:
  6503  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
  6504  //   The request was rejected because it referenced a resource entity that does
  6505  //   not exist. The error message describes the resource.
  6506  //
  6507  //   * ErrCodeServiceFailureException "ServiceFailure"
  6508  //   The request processing has failed because of an unknown error, exception
  6509  //   or failure.
  6510  //
  6511  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetInstanceProfile
  6512  func (c *IAM) GetInstanceProfile(input *GetInstanceProfileInput) (*GetInstanceProfileOutput, error) {
  6513  	req, out := c.GetInstanceProfileRequest(input)
  6514  	return out, req.Send()
  6515  }
  6516  
  6517  // GetInstanceProfileWithContext is the same as GetInstanceProfile with the addition of
  6518  // the ability to pass a context and additional request options.
  6519  //
  6520  // See GetInstanceProfile for details on how to use this API operation.
  6521  //
  6522  // The context must be non-nil and will be used for request cancellation. If
  6523  // the context is nil a panic will occur. In the future the SDK may create
  6524  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
  6525  // for more information on using Contexts.
  6526  func (c *IAM) GetInstanceProfileWithContext(ctx aws.Context, input *GetInstanceProfileInput, opts ...request.Option) (*GetInstanceProfileOutput, error) {
  6527  	req, out := c.GetInstanceProfileRequest(input)
  6528  	req.SetContext(ctx)
  6529  	req.ApplyOptions(opts...)
  6530  	return out, req.Send()
  6531  }
  6532  
  6533  const opGetLoginProfile = "GetLoginProfile"
  6534  
  6535  // GetLoginProfileRequest generates a "aws/request.Request" representing the
  6536  // client's request for the GetLoginProfile operation. The "output" return
  6537  // value will be populated with the request's response once the request completes
  6538  // successfully.
  6539  //
  6540  // Use "Send" method on the returned Request to send the API call to the service.
  6541  // the "output" return value is not valid until after Send returns without error.
  6542  //
  6543  // See GetLoginProfile for more information on using the GetLoginProfile
  6544  // API call, and error handling.
  6545  //
  6546  // This method is useful when you want to inject custom logic or configuration
  6547  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
  6548  //
  6549  //
  6550  //    // Example sending a request using the GetLoginProfileRequest method.
  6551  //    req, resp := client.GetLoginProfileRequest(params)
  6552  //
  6553  //    err := req.Send()
  6554  //    if err == nil { // resp is now filled
  6555  //        fmt.Println(resp)
  6556  //    }
  6557  //
  6558  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetLoginProfile
  6559  func (c *IAM) GetLoginProfileRequest(input *GetLoginProfileInput) (req *request.Request, output *GetLoginProfileOutput) {
  6560  	op := &request.Operation{
  6561  		Name:       opGetLoginProfile,
  6562  		HTTPMethod: "POST",
  6563  		HTTPPath:   "/",
  6564  	}
  6565  
  6566  	if input == nil {
  6567  		input = &GetLoginProfileInput{}
  6568  	}
  6569  
  6570  	output = &GetLoginProfileOutput{}
  6571  	req = c.newRequest(op, input, output)
  6572  	return
  6573  }
  6574  
  6575  // GetLoginProfile API operation for AWS Identity and Access Management.
  6576  //
  6577  // Retrieves the user name for the specified IAM user. A login profile is created
  6578  // when you create a password for the user to access the Amazon Web Services
  6579  // Management Console. If the user does not exist or does not have a password,
  6580  // the operation returns a 404 (NoSuchEntity) error.
  6581  //
  6582  // If you create an IAM user with access to the console, the CreateDate reflects
  6583  // the date you created the initial password for the user.
  6584  //
  6585  // If you create an IAM user with programmatic access, and then later add a
  6586  // password for the user to access the Amazon Web Services Management Console,
  6587  // the CreateDate reflects the initial password creation date. A user with programmatic
  6588  // access does not have a login profile unless you create a password for the
  6589  // user to access the Amazon Web Services Management Console.
  6590  //
  6591  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
  6592  // with awserr.Error's Code and Message methods to get detailed information about
  6593  // the error.
  6594  //
  6595  // See the AWS API reference guide for AWS Identity and Access Management's
  6596  // API operation GetLoginProfile for usage and error information.
  6597  //
  6598  // Returned Error Codes:
  6599  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
  6600  //   The request was rejected because it referenced a resource entity that does
  6601  //   not exist. The error message describes the resource.
  6602  //
  6603  //   * ErrCodeServiceFailureException "ServiceFailure"
  6604  //   The request processing has failed because of an unknown error, exception
  6605  //   or failure.
  6606  //
  6607  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetLoginProfile
  6608  func (c *IAM) GetLoginProfile(input *GetLoginProfileInput) (*GetLoginProfileOutput, error) {
  6609  	req, out := c.GetLoginProfileRequest(input)
  6610  	return out, req.Send()
  6611  }
  6612  
  6613  // GetLoginProfileWithContext is the same as GetLoginProfile with the addition of
  6614  // the ability to pass a context and additional request options.
  6615  //
  6616  // See GetLoginProfile for details on how to use this API operation.
  6617  //
  6618  // The context must be non-nil and will be used for request cancellation. If
  6619  // the context is nil a panic will occur. In the future the SDK may create
  6620  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
  6621  // for more information on using Contexts.
  6622  func (c *IAM) GetLoginProfileWithContext(ctx aws.Context, input *GetLoginProfileInput, opts ...request.Option) (*GetLoginProfileOutput, error) {
  6623  	req, out := c.GetLoginProfileRequest(input)
  6624  	req.SetContext(ctx)
  6625  	req.ApplyOptions(opts...)
  6626  	return out, req.Send()
  6627  }
  6628  
  6629  const opGetOpenIDConnectProvider = "GetOpenIDConnectProvider"
  6630  
  6631  // GetOpenIDConnectProviderRequest generates a "aws/request.Request" representing the
  6632  // client's request for the GetOpenIDConnectProvider operation. The "output" return
  6633  // value will be populated with the request's response once the request completes
  6634  // successfully.
  6635  //
  6636  // Use "Send" method on the returned Request to send the API call to the service.
  6637  // the "output" return value is not valid until after Send returns without error.
  6638  //
  6639  // See GetOpenIDConnectProvider for more information on using the GetOpenIDConnectProvider
  6640  // API call, and error handling.
  6641  //
  6642  // This method is useful when you want to inject custom logic or configuration
  6643  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
  6644  //
  6645  //
  6646  //    // Example sending a request using the GetOpenIDConnectProviderRequest method.
  6647  //    req, resp := client.GetOpenIDConnectProviderRequest(params)
  6648  //
  6649  //    err := req.Send()
  6650  //    if err == nil { // resp is now filled
  6651  //        fmt.Println(resp)
  6652  //    }
  6653  //
  6654  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetOpenIDConnectProvider
  6655  func (c *IAM) GetOpenIDConnectProviderRequest(input *GetOpenIDConnectProviderInput) (req *request.Request, output *GetOpenIDConnectProviderOutput) {
  6656  	op := &request.Operation{
  6657  		Name:       opGetOpenIDConnectProvider,
  6658  		HTTPMethod: "POST",
  6659  		HTTPPath:   "/",
  6660  	}
  6661  
  6662  	if input == nil {
  6663  		input = &GetOpenIDConnectProviderInput{}
  6664  	}
  6665  
  6666  	output = &GetOpenIDConnectProviderOutput{}
  6667  	req = c.newRequest(op, input, output)
  6668  	return
  6669  }
  6670  
  6671  // GetOpenIDConnectProvider API operation for AWS Identity and Access Management.
  6672  //
  6673  // Returns information about the specified OpenID Connect (OIDC) provider resource
  6674  // object in IAM.
  6675  //
  6676  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
  6677  // with awserr.Error's Code and Message methods to get detailed information about
  6678  // the error.
  6679  //
  6680  // See the AWS API reference guide for AWS Identity and Access Management's
  6681  // API operation GetOpenIDConnectProvider for usage and error information.
  6682  //
  6683  // Returned Error Codes:
  6684  //   * ErrCodeInvalidInputException "InvalidInput"
  6685  //   The request was rejected because an invalid or out-of-range value was supplied
  6686  //   for an input parameter.
  6687  //
  6688  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
  6689  //   The request was rejected because it referenced a resource entity that does
  6690  //   not exist. The error message describes the resource.
  6691  //
  6692  //   * ErrCodeServiceFailureException "ServiceFailure"
  6693  //   The request processing has failed because of an unknown error, exception
  6694  //   or failure.
  6695  //
  6696  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetOpenIDConnectProvider
  6697  func (c *IAM) GetOpenIDConnectProvider(input *GetOpenIDConnectProviderInput) (*GetOpenIDConnectProviderOutput, error) {
  6698  	req, out := c.GetOpenIDConnectProviderRequest(input)
  6699  	return out, req.Send()
  6700  }
  6701  
  6702  // GetOpenIDConnectProviderWithContext is the same as GetOpenIDConnectProvider with the addition of
  6703  // the ability to pass a context and additional request options.
  6704  //
  6705  // See GetOpenIDConnectProvider for details on how to use this API operation.
  6706  //
  6707  // The context must be non-nil and will be used for request cancellation. If
  6708  // the context is nil a panic will occur. In the future the SDK may create
  6709  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
  6710  // for more information on using Contexts.
  6711  func (c *IAM) GetOpenIDConnectProviderWithContext(ctx aws.Context, input *GetOpenIDConnectProviderInput, opts ...request.Option) (*GetOpenIDConnectProviderOutput, error) {
  6712  	req, out := c.GetOpenIDConnectProviderRequest(input)
  6713  	req.SetContext(ctx)
  6714  	req.ApplyOptions(opts...)
  6715  	return out, req.Send()
  6716  }
  6717  
  6718  const opGetOrganizationsAccessReport = "GetOrganizationsAccessReport"
  6719  
  6720  // GetOrganizationsAccessReportRequest generates a "aws/request.Request" representing the
  6721  // client's request for the GetOrganizationsAccessReport operation. The "output" return
  6722  // value will be populated with the request's response once the request completes
  6723  // successfully.
  6724  //
  6725  // Use "Send" method on the returned Request to send the API call to the service.
  6726  // the "output" return value is not valid until after Send returns without error.
  6727  //
  6728  // See GetOrganizationsAccessReport for more information on using the GetOrganizationsAccessReport
  6729  // API call, and error handling.
  6730  //
  6731  // This method is useful when you want to inject custom logic or configuration
  6732  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
  6733  //
  6734  //
  6735  //    // Example sending a request using the GetOrganizationsAccessReportRequest method.
  6736  //    req, resp := client.GetOrganizationsAccessReportRequest(params)
  6737  //
  6738  //    err := req.Send()
  6739  //    if err == nil { // resp is now filled
  6740  //        fmt.Println(resp)
  6741  //    }
  6742  //
  6743  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetOrganizationsAccessReport
  6744  func (c *IAM) GetOrganizationsAccessReportRequest(input *GetOrganizationsAccessReportInput) (req *request.Request, output *GetOrganizationsAccessReportOutput) {
  6745  	op := &request.Operation{
  6746  		Name:       opGetOrganizationsAccessReport,
  6747  		HTTPMethod: "POST",
  6748  		HTTPPath:   "/",
  6749  	}
  6750  
  6751  	if input == nil {
  6752  		input = &GetOrganizationsAccessReportInput{}
  6753  	}
  6754  
  6755  	output = &GetOrganizationsAccessReportOutput{}
  6756  	req = c.newRequest(op, input, output)
  6757  	return
  6758  }
  6759  
  6760  // GetOrganizationsAccessReport API operation for AWS Identity and Access Management.
  6761  //
  6762  // Retrieves the service last accessed data report for Organizations that was
  6763  // previously generated using the GenerateOrganizationsAccessReport operation.
  6764  // This operation retrieves the status of your report job and the report contents.
  6765  //
  6766  // Depending on the parameters that you passed when you generated the report,
  6767  // the data returned could include different information. For details, see GenerateOrganizationsAccessReport.
  6768  //
  6769  // To call this operation, you must be signed in to the management account in
  6770  // your organization. SCPs must be enabled for your organization root. You must
  6771  // have permissions to perform this operation. For more information, see Refining
  6772  // permissions using service last accessed data (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html)
  6773  // in the IAM User Guide.
  6774  //
  6775  // For each service that principals in an account (root users, IAM users, or
  6776  // IAM roles) could access using SCPs, the operation returns details about the
  6777  // most recent access attempt. If there was no attempt, the service is listed
  6778  // without details about the most recent attempt to access the service. If the
  6779  // operation fails, it returns the reason that it failed.
  6780  //
  6781  // By default, the list is sorted by service namespace.
  6782  //
  6783  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
  6784  // with awserr.Error's Code and Message methods to get detailed information about
  6785  // the error.
  6786  //
  6787  // See the AWS API reference guide for AWS Identity and Access Management's
  6788  // API operation GetOrganizationsAccessReport for usage and error information.
  6789  //
  6790  // Returned Error Codes:
  6791  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
  6792  //   The request was rejected because it referenced a resource entity that does
  6793  //   not exist. The error message describes the resource.
  6794  //
  6795  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetOrganizationsAccessReport
  6796  func (c *IAM) GetOrganizationsAccessReport(input *GetOrganizationsAccessReportInput) (*GetOrganizationsAccessReportOutput, error) {
  6797  	req, out := c.GetOrganizationsAccessReportRequest(input)
  6798  	return out, req.Send()
  6799  }
  6800  
  6801  // GetOrganizationsAccessReportWithContext is the same as GetOrganizationsAccessReport with the addition of
  6802  // the ability to pass a context and additional request options.
  6803  //
  6804  // See GetOrganizationsAccessReport for details on how to use this API operation.
  6805  //
  6806  // The context must be non-nil and will be used for request cancellation. If
  6807  // the context is nil a panic will occur. In the future the SDK may create
  6808  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
  6809  // for more information on using Contexts.
  6810  func (c *IAM) GetOrganizationsAccessReportWithContext(ctx aws.Context, input *GetOrganizationsAccessReportInput, opts ...request.Option) (*GetOrganizationsAccessReportOutput, error) {
  6811  	req, out := c.GetOrganizationsAccessReportRequest(input)
  6812  	req.SetContext(ctx)
  6813  	req.ApplyOptions(opts...)
  6814  	return out, req.Send()
  6815  }
  6816  
  6817  const opGetPolicy = "GetPolicy"
  6818  
  6819  // GetPolicyRequest generates a "aws/request.Request" representing the
  6820  // client's request for the GetPolicy operation. The "output" return
  6821  // value will be populated with the request's response once the request completes
  6822  // successfully.
  6823  //
  6824  // Use "Send" method on the returned Request to send the API call to the service.
  6825  // the "output" return value is not valid until after Send returns without error.
  6826  //
  6827  // See GetPolicy for more information on using the GetPolicy
  6828  // API call, and error handling.
  6829  //
  6830  // This method is useful when you want to inject custom logic or configuration
  6831  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
  6832  //
  6833  //
  6834  //    // Example sending a request using the GetPolicyRequest method.
  6835  //    req, resp := client.GetPolicyRequest(params)
  6836  //
  6837  //    err := req.Send()
  6838  //    if err == nil { // resp is now filled
  6839  //        fmt.Println(resp)
  6840  //    }
  6841  //
  6842  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetPolicy
  6843  func (c *IAM) GetPolicyRequest(input *GetPolicyInput) (req *request.Request, output *GetPolicyOutput) {
  6844  	op := &request.Operation{
  6845  		Name:       opGetPolicy,
  6846  		HTTPMethod: "POST",
  6847  		HTTPPath:   "/",
  6848  	}
  6849  
  6850  	if input == nil {
  6851  		input = &GetPolicyInput{}
  6852  	}
  6853  
  6854  	output = &GetPolicyOutput{}
  6855  	req = c.newRequest(op, input, output)
  6856  	return
  6857  }
  6858  
  6859  // GetPolicy API operation for AWS Identity and Access Management.
  6860  //
  6861  // Retrieves information about the specified managed policy, including the policy's
  6862  // default version and the total number of IAM users, groups, and roles to which
  6863  // the policy is attached. To retrieve the list of the specific users, groups,
  6864  // and roles that the policy is attached to, use ListEntitiesForPolicy. This
  6865  // operation returns metadata about the policy. To retrieve the actual policy
  6866  // document for a specific version of the policy, use GetPolicyVersion.
  6867  //
  6868  // This operation retrieves information about managed policies. To retrieve
  6869  // information about an inline policy that is embedded with an IAM user, group,
  6870  // or role, use GetUserPolicy, GetGroupPolicy, or GetRolePolicy.
  6871  //
  6872  // For more information about policies, see Managed policies and inline policies
  6873  // (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
  6874  // in the IAM User Guide.
  6875  //
  6876  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
  6877  // with awserr.Error's Code and Message methods to get detailed information about
  6878  // the error.
  6879  //
  6880  // See the AWS API reference guide for AWS Identity and Access Management's
  6881  // API operation GetPolicy for usage and error information.
  6882  //
  6883  // Returned Error Codes:
  6884  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
  6885  //   The request was rejected because it referenced a resource entity that does
  6886  //   not exist. The error message describes the resource.
  6887  //
  6888  //   * ErrCodeInvalidInputException "InvalidInput"
  6889  //   The request was rejected because an invalid or out-of-range value was supplied
  6890  //   for an input parameter.
  6891  //
  6892  //   * ErrCodeServiceFailureException "ServiceFailure"
  6893  //   The request processing has failed because of an unknown error, exception
  6894  //   or failure.
  6895  //
  6896  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetPolicy
  6897  func (c *IAM) GetPolicy(input *GetPolicyInput) (*GetPolicyOutput, error) {
  6898  	req, out := c.GetPolicyRequest(input)
  6899  	return out, req.Send()
  6900  }
  6901  
  6902  // GetPolicyWithContext is the same as GetPolicy with the addition of
  6903  // the ability to pass a context and additional request options.
  6904  //
  6905  // See GetPolicy for details on how to use this API operation.
  6906  //
  6907  // The context must be non-nil and will be used for request cancellation. If
  6908  // the context is nil a panic will occur. In the future the SDK may create
  6909  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
  6910  // for more information on using Contexts.
  6911  func (c *IAM) GetPolicyWithContext(ctx aws.Context, input *GetPolicyInput, opts ...request.Option) (*GetPolicyOutput, error) {
  6912  	req, out := c.GetPolicyRequest(input)
  6913  	req.SetContext(ctx)
  6914  	req.ApplyOptions(opts...)
  6915  	return out, req.Send()
  6916  }
  6917  
  6918  const opGetPolicyVersion = "GetPolicyVersion"
  6919  
  6920  // GetPolicyVersionRequest generates a "aws/request.Request" representing the
  6921  // client's request for the GetPolicyVersion operation. The "output" return
  6922  // value will be populated with the request's response once the request completes
  6923  // successfully.
  6924  //
  6925  // Use "Send" method on the returned Request to send the API call to the service.
  6926  // the "output" return value is not valid until after Send returns without error.
  6927  //
  6928  // See GetPolicyVersion for more information on using the GetPolicyVersion
  6929  // API call, and error handling.
  6930  //
  6931  // This method is useful when you want to inject custom logic or configuration
  6932  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
  6933  //
  6934  //
  6935  //    // Example sending a request using the GetPolicyVersionRequest method.
  6936  //    req, resp := client.GetPolicyVersionRequest(params)
  6937  //
  6938  //    err := req.Send()
  6939  //    if err == nil { // resp is now filled
  6940  //        fmt.Println(resp)
  6941  //    }
  6942  //
  6943  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetPolicyVersion
  6944  func (c *IAM) GetPolicyVersionRequest(input *GetPolicyVersionInput) (req *request.Request, output *GetPolicyVersionOutput) {
  6945  	op := &request.Operation{
  6946  		Name:       opGetPolicyVersion,
  6947  		HTTPMethod: "POST",
  6948  		HTTPPath:   "/",
  6949  	}
  6950  
  6951  	if input == nil {
  6952  		input = &GetPolicyVersionInput{}
  6953  	}
  6954  
  6955  	output = &GetPolicyVersionOutput{}
  6956  	req = c.newRequest(op, input, output)
  6957  	return
  6958  }
  6959  
  6960  // GetPolicyVersion API operation for AWS Identity and Access Management.
  6961  //
  6962  // Retrieves information about the specified version of the specified managed
  6963  // policy, including the policy document.
  6964  //
  6965  // Policies returned by this operation are URL-encoded compliant with RFC 3986
  6966  // (https://tools.ietf.org/html/rfc3986). You can use a URL decoding method
  6967  // to convert the policy back to plain JSON text. For example, if you use Java,
  6968  // you can use the decode method of the java.net.URLDecoder utility class in
  6969  // the Java SDK. Other languages and SDKs provide similar functionality.
  6970  //
  6971  // To list the available versions for a policy, use ListPolicyVersions.
  6972  //
  6973  // This operation retrieves information about managed policies. To retrieve
  6974  // information about an inline policy that is embedded in a user, group, or
  6975  // role, use GetUserPolicy, GetGroupPolicy, or GetRolePolicy.
  6976  //
  6977  // For more information about the types of policies, see Managed policies and
  6978  // inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
  6979  // in the IAM User Guide.
  6980  //
  6981  // For more information about managed policy versions, see Versioning for managed
  6982  // policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-versions.html)
  6983  // in the IAM User Guide.
  6984  //
  6985  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
  6986  // with awserr.Error's Code and Message methods to get detailed information about
  6987  // the error.
  6988  //
  6989  // See the AWS API reference guide for AWS Identity and Access Management's
  6990  // API operation GetPolicyVersion for usage and error information.
  6991  //
  6992  // Returned Error Codes:
  6993  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
  6994  //   The request was rejected because it referenced a resource entity that does
  6995  //   not exist. The error message describes the resource.
  6996  //
  6997  //   * ErrCodeInvalidInputException "InvalidInput"
  6998  //   The request was rejected because an invalid or out-of-range value was supplied
  6999  //   for an input parameter.
  7000  //
  7001  //   * ErrCodeServiceFailureException "ServiceFailure"
  7002  //   The request processing has failed because of an unknown error, exception
  7003  //   or failure.
  7004  //
  7005  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetPolicyVersion
  7006  func (c *IAM) GetPolicyVersion(input *GetPolicyVersionInput) (*GetPolicyVersionOutput, error) {
  7007  	req, out := c.GetPolicyVersionRequest(input)
  7008  	return out, req.Send()
  7009  }
  7010  
  7011  // GetPolicyVersionWithContext is the same as GetPolicyVersion with the addition of
  7012  // the ability to pass a context and additional request options.
  7013  //
  7014  // See GetPolicyVersion for details on how to use this API operation.
  7015  //
  7016  // The context must be non-nil and will be used for request cancellation. If
  7017  // the context is nil a panic will occur. In the future the SDK may create
  7018  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
  7019  // for more information on using Contexts.
  7020  func (c *IAM) GetPolicyVersionWithContext(ctx aws.Context, input *GetPolicyVersionInput, opts ...request.Option) (*GetPolicyVersionOutput, error) {
  7021  	req, out := c.GetPolicyVersionRequest(input)
  7022  	req.SetContext(ctx)
  7023  	req.ApplyOptions(opts...)
  7024  	return out, req.Send()
  7025  }
  7026  
  7027  const opGetRole = "GetRole"
  7028  
  7029  // GetRoleRequest generates a "aws/request.Request" representing the
  7030  // client's request for the GetRole operation. The "output" return
  7031  // value will be populated with the request's response once the request completes
  7032  // successfully.
  7033  //
  7034  // Use "Send" method on the returned Request to send the API call to the service.
  7035  // the "output" return value is not valid until after Send returns without error.
  7036  //
  7037  // See GetRole for more information on using the GetRole
  7038  // API call, and error handling.
  7039  //
  7040  // This method is useful when you want to inject custom logic or configuration
  7041  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
  7042  //
  7043  //
  7044  //    // Example sending a request using the GetRoleRequest method.
  7045  //    req, resp := client.GetRoleRequest(params)
  7046  //
  7047  //    err := req.Send()
  7048  //    if err == nil { // resp is now filled
  7049  //        fmt.Println(resp)
  7050  //    }
  7051  //
  7052  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetRole
  7053  func (c *IAM) GetRoleRequest(input *GetRoleInput) (req *request.Request, output *GetRoleOutput) {
  7054  	op := &request.Operation{
  7055  		Name:       opGetRole,
  7056  		HTTPMethod: "POST",
  7057  		HTTPPath:   "/",
  7058  	}
  7059  
  7060  	if input == nil {
  7061  		input = &GetRoleInput{}
  7062  	}
  7063  
  7064  	output = &GetRoleOutput{}
  7065  	req = c.newRequest(op, input, output)
  7066  	return
  7067  }
  7068  
  7069  // GetRole API operation for AWS Identity and Access Management.
  7070  //
  7071  // Retrieves information about the specified role, including the role's path,
  7072  // GUID, ARN, and the role's trust policy that grants permission to assume the
  7073  // role. For more information about roles, see Working with roles (https://docs.aws.amazon.com/IAM/latest/UserGuide/WorkingWithRoles.html).
  7074  //
  7075  // Policies returned by this operation are URL-encoded compliant with RFC 3986
  7076  // (https://tools.ietf.org/html/rfc3986). You can use a URL decoding method
  7077  // to convert the policy back to plain JSON text. For example, if you use Java,
  7078  // you can use the decode method of the java.net.URLDecoder utility class in
  7079  // the Java SDK. Other languages and SDKs provide similar functionality.
  7080  //
  7081  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
  7082  // with awserr.Error's Code and Message methods to get detailed information about
  7083  // the error.
  7084  //
  7085  // See the AWS API reference guide for AWS Identity and Access Management's
  7086  // API operation GetRole for usage and error information.
  7087  //
  7088  // Returned Error Codes:
  7089  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
  7090  //   The request was rejected because it referenced a resource entity that does
  7091  //   not exist. The error message describes the resource.
  7092  //
  7093  //   * ErrCodeServiceFailureException "ServiceFailure"
  7094  //   The request processing has failed because of an unknown error, exception
  7095  //   or failure.
  7096  //
  7097  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetRole
  7098  func (c *IAM) GetRole(input *GetRoleInput) (*GetRoleOutput, error) {
  7099  	req, out := c.GetRoleRequest(input)
  7100  	return out, req.Send()
  7101  }
  7102  
  7103  // GetRoleWithContext is the same as GetRole with the addition of
  7104  // the ability to pass a context and additional request options.
  7105  //
  7106  // See GetRole for details on how to use this API operation.
  7107  //
  7108  // The context must be non-nil and will be used for request cancellation. If
  7109  // the context is nil a panic will occur. In the future the SDK may create
  7110  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
  7111  // for more information on using Contexts.
  7112  func (c *IAM) GetRoleWithContext(ctx aws.Context, input *GetRoleInput, opts ...request.Option) (*GetRoleOutput, error) {
  7113  	req, out := c.GetRoleRequest(input)
  7114  	req.SetContext(ctx)
  7115  	req.ApplyOptions(opts...)
  7116  	return out, req.Send()
  7117  }
  7118  
  7119  const opGetRolePolicy = "GetRolePolicy"
  7120  
  7121  // GetRolePolicyRequest generates a "aws/request.Request" representing the
  7122  // client's request for the GetRolePolicy operation. The "output" return
  7123  // value will be populated with the request's response once the request completes
  7124  // successfully.
  7125  //
  7126  // Use "Send" method on the returned Request to send the API call to the service.
  7127  // the "output" return value is not valid until after Send returns without error.
  7128  //
  7129  // See GetRolePolicy for more information on using the GetRolePolicy
  7130  // API call, and error handling.
  7131  //
  7132  // This method is useful when you want to inject custom logic or configuration
  7133  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
  7134  //
  7135  //
  7136  //    // Example sending a request using the GetRolePolicyRequest method.
  7137  //    req, resp := client.GetRolePolicyRequest(params)
  7138  //
  7139  //    err := req.Send()
  7140  //    if err == nil { // resp is now filled
  7141  //        fmt.Println(resp)
  7142  //    }
  7143  //
  7144  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetRolePolicy
  7145  func (c *IAM) GetRolePolicyRequest(input *GetRolePolicyInput) (req *request.Request, output *GetRolePolicyOutput) {
  7146  	op := &request.Operation{
  7147  		Name:       opGetRolePolicy,
  7148  		HTTPMethod: "POST",
  7149  		HTTPPath:   "/",
  7150  	}
  7151  
  7152  	if input == nil {
  7153  		input = &GetRolePolicyInput{}
  7154  	}
  7155  
  7156  	output = &GetRolePolicyOutput{}
  7157  	req = c.newRequest(op, input, output)
  7158  	return
  7159  }
  7160  
  7161  // GetRolePolicy API operation for AWS Identity and Access Management.
  7162  //
  7163  // Retrieves the specified inline policy document that is embedded with the
  7164  // specified IAM role.
  7165  //
  7166  // Policies returned by this operation are URL-encoded compliant with RFC 3986
  7167  // (https://tools.ietf.org/html/rfc3986). You can use a URL decoding method
  7168  // to convert the policy back to plain JSON text. For example, if you use Java,
  7169  // you can use the decode method of the java.net.URLDecoder utility class in
  7170  // the Java SDK. Other languages and SDKs provide similar functionality.
  7171  //
  7172  // An IAM role can also have managed policies attached to it. To retrieve a
  7173  // managed policy document that is attached to a role, use GetPolicy to determine
  7174  // the policy's default version, then use GetPolicyVersion to retrieve the policy
  7175  // document.
  7176  //
  7177  // For more information about policies, see Managed policies and inline policies
  7178  // (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
  7179  // in the IAM User Guide.
  7180  //
  7181  // For more information about roles, see Using roles to delegate permissions
  7182  // and federate identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/roles-toplevel.html).
  7183  //
  7184  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
  7185  // with awserr.Error's Code and Message methods to get detailed information about
  7186  // the error.
  7187  //
  7188  // See the AWS API reference guide for AWS Identity and Access Management's
  7189  // API operation GetRolePolicy for usage and error information.
  7190  //
  7191  // Returned Error Codes:
  7192  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
  7193  //   The request was rejected because it referenced a resource entity that does
  7194  //   not exist. The error message describes the resource.
  7195  //
  7196  //   * ErrCodeServiceFailureException "ServiceFailure"
  7197  //   The request processing has failed because of an unknown error, exception
  7198  //   or failure.
  7199  //
  7200  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetRolePolicy
  7201  func (c *IAM) GetRolePolicy(input *GetRolePolicyInput) (*GetRolePolicyOutput, error) {
  7202  	req, out := c.GetRolePolicyRequest(input)
  7203  	return out, req.Send()
  7204  }
  7205  
  7206  // GetRolePolicyWithContext is the same as GetRolePolicy with the addition of
  7207  // the ability to pass a context and additional request options.
  7208  //
  7209  // See GetRolePolicy for details on how to use this API operation.
  7210  //
  7211  // The context must be non-nil and will be used for request cancellation. If
  7212  // the context is nil a panic will occur. In the future the SDK may create
  7213  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
  7214  // for more information on using Contexts.
  7215  func (c *IAM) GetRolePolicyWithContext(ctx aws.Context, input *GetRolePolicyInput, opts ...request.Option) (*GetRolePolicyOutput, error) {
  7216  	req, out := c.GetRolePolicyRequest(input)
  7217  	req.SetContext(ctx)
  7218  	req.ApplyOptions(opts...)
  7219  	return out, req.Send()
  7220  }
  7221  
  7222  const opGetSAMLProvider = "GetSAMLProvider"
  7223  
  7224  // GetSAMLProviderRequest generates a "aws/request.Request" representing the
  7225  // client's request for the GetSAMLProvider operation. The "output" return
  7226  // value will be populated with the request's response once the request completes
  7227  // successfully.
  7228  //
  7229  // Use "Send" method on the returned Request to send the API call to the service.
  7230  // the "output" return value is not valid until after Send returns without error.
  7231  //
  7232  // See GetSAMLProvider for more information on using the GetSAMLProvider
  7233  // API call, and error handling.
  7234  //
  7235  // This method is useful when you want to inject custom logic or configuration
  7236  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
  7237  //
  7238  //
  7239  //    // Example sending a request using the GetSAMLProviderRequest method.
  7240  //    req, resp := client.GetSAMLProviderRequest(params)
  7241  //
  7242  //    err := req.Send()
  7243  //    if err == nil { // resp is now filled
  7244  //        fmt.Println(resp)
  7245  //    }
  7246  //
  7247  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetSAMLProvider
  7248  func (c *IAM) GetSAMLProviderRequest(input *GetSAMLProviderInput) (req *request.Request, output *GetSAMLProviderOutput) {
  7249  	op := &request.Operation{
  7250  		Name:       opGetSAMLProvider,
  7251  		HTTPMethod: "POST",
  7252  		HTTPPath:   "/",
  7253  	}
  7254  
  7255  	if input == nil {
  7256  		input = &GetSAMLProviderInput{}
  7257  	}
  7258  
  7259  	output = &GetSAMLProviderOutput{}
  7260  	req = c.newRequest(op, input, output)
  7261  	return
  7262  }
  7263  
  7264  // GetSAMLProvider API operation for AWS Identity and Access Management.
  7265  //
  7266  // Returns the SAML provider metadocument that was uploaded when the IAM SAML
  7267  // provider resource object was created or updated.
  7268  //
  7269  // This operation requires Signature Version 4 (https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html).
  7270  //
  7271  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
  7272  // with awserr.Error's Code and Message methods to get detailed information about
  7273  // the error.
  7274  //
  7275  // See the AWS API reference guide for AWS Identity and Access Management's
  7276  // API operation GetSAMLProvider for usage and error information.
  7277  //
  7278  // Returned Error Codes:
  7279  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
  7280  //   The request was rejected because it referenced a resource entity that does
  7281  //   not exist. The error message describes the resource.
  7282  //
  7283  //   * ErrCodeInvalidInputException "InvalidInput"
  7284  //   The request was rejected because an invalid or out-of-range value was supplied
  7285  //   for an input parameter.
  7286  //
  7287  //   * ErrCodeServiceFailureException "ServiceFailure"
  7288  //   The request processing has failed because of an unknown error, exception
  7289  //   or failure.
  7290  //
  7291  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetSAMLProvider
  7292  func (c *IAM) GetSAMLProvider(input *GetSAMLProviderInput) (*GetSAMLProviderOutput, error) {
  7293  	req, out := c.GetSAMLProviderRequest(input)
  7294  	return out, req.Send()
  7295  }
  7296  
  7297  // GetSAMLProviderWithContext is the same as GetSAMLProvider with the addition of
  7298  // the ability to pass a context and additional request options.
  7299  //
  7300  // See GetSAMLProvider for details on how to use this API operation.
  7301  //
  7302  // The context must be non-nil and will be used for request cancellation. If
  7303  // the context is nil a panic will occur. In the future the SDK may create
  7304  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
  7305  // for more information on using Contexts.
  7306  func (c *IAM) GetSAMLProviderWithContext(ctx aws.Context, input *GetSAMLProviderInput, opts ...request.Option) (*GetSAMLProviderOutput, error) {
  7307  	req, out := c.GetSAMLProviderRequest(input)
  7308  	req.SetContext(ctx)
  7309  	req.ApplyOptions(opts...)
  7310  	return out, req.Send()
  7311  }
  7312  
  7313  const opGetSSHPublicKey = "GetSSHPublicKey"
  7314  
  7315  // GetSSHPublicKeyRequest generates a "aws/request.Request" representing the
  7316  // client's request for the GetSSHPublicKey operation. The "output" return
  7317  // value will be populated with the request's response once the request completes
  7318  // successfully.
  7319  //
  7320  // Use "Send" method on the returned Request to send the API call to the service.
  7321  // the "output" return value is not valid until after Send returns without error.
  7322  //
  7323  // See GetSSHPublicKey for more information on using the GetSSHPublicKey
  7324  // API call, and error handling.
  7325  //
  7326  // This method is useful when you want to inject custom logic or configuration
  7327  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
  7328  //
  7329  //
  7330  //    // Example sending a request using the GetSSHPublicKeyRequest method.
  7331  //    req, resp := client.GetSSHPublicKeyRequest(params)
  7332  //
  7333  //    err := req.Send()
  7334  //    if err == nil { // resp is now filled
  7335  //        fmt.Println(resp)
  7336  //    }
  7337  //
  7338  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetSSHPublicKey
  7339  func (c *IAM) GetSSHPublicKeyRequest(input *GetSSHPublicKeyInput) (req *request.Request, output *GetSSHPublicKeyOutput) {
  7340  	op := &request.Operation{
  7341  		Name:       opGetSSHPublicKey,
  7342  		HTTPMethod: "POST",
  7343  		HTTPPath:   "/",
  7344  	}
  7345  
  7346  	if input == nil {
  7347  		input = &GetSSHPublicKeyInput{}
  7348  	}
  7349  
  7350  	output = &GetSSHPublicKeyOutput{}
  7351  	req = c.newRequest(op, input, output)
  7352  	return
  7353  }
  7354  
  7355  // GetSSHPublicKey API operation for AWS Identity and Access Management.
  7356  //
  7357  // Retrieves the specified SSH public key, including metadata about the key.
  7358  //
  7359  // The SSH public key retrieved by this operation is used only for authenticating
  7360  // the associated IAM user to an CodeCommit repository. For more information
  7361  // about using SSH keys to authenticate to an CodeCommit repository, see Set
  7362  // up CodeCommit for SSH connections (https://docs.aws.amazon.com/codecommit/latest/userguide/setting-up-credentials-ssh.html)
  7363  // in the CodeCommit User Guide.
  7364  //
  7365  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
  7366  // with awserr.Error's Code and Message methods to get detailed information about
  7367  // the error.
  7368  //
  7369  // See the AWS API reference guide for AWS Identity and Access Management's
  7370  // API operation GetSSHPublicKey for usage and error information.
  7371  //
  7372  // Returned Error Codes:
  7373  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
  7374  //   The request was rejected because it referenced a resource entity that does
  7375  //   not exist. The error message describes the resource.
  7376  //
  7377  //   * ErrCodeUnrecognizedPublicKeyEncodingException "UnrecognizedPublicKeyEncoding"
  7378  //   The request was rejected because the public key encoding format is unsupported
  7379  //   or unrecognized.
  7380  //
  7381  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetSSHPublicKey
  7382  func (c *IAM) GetSSHPublicKey(input *GetSSHPublicKeyInput) (*GetSSHPublicKeyOutput, error) {
  7383  	req, out := c.GetSSHPublicKeyRequest(input)
  7384  	return out, req.Send()
  7385  }
  7386  
  7387  // GetSSHPublicKeyWithContext is the same as GetSSHPublicKey with the addition of
  7388  // the ability to pass a context and additional request options.
  7389  //
  7390  // See GetSSHPublicKey for details on how to use this API operation.
  7391  //
  7392  // The context must be non-nil and will be used for request cancellation. If
  7393  // the context is nil a panic will occur. In the future the SDK may create
  7394  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
  7395  // for more information on using Contexts.
  7396  func (c *IAM) GetSSHPublicKeyWithContext(ctx aws.Context, input *GetSSHPublicKeyInput, opts ...request.Option) (*GetSSHPublicKeyOutput, error) {
  7397  	req, out := c.GetSSHPublicKeyRequest(input)
  7398  	req.SetContext(ctx)
  7399  	req.ApplyOptions(opts...)
  7400  	return out, req.Send()
  7401  }
  7402  
  7403  const opGetServerCertificate = "GetServerCertificate"
  7404  
  7405  // GetServerCertificateRequest generates a "aws/request.Request" representing the
  7406  // client's request for the GetServerCertificate operation. The "output" return
  7407  // value will be populated with the request's response once the request completes
  7408  // successfully.
  7409  //
  7410  // Use "Send" method on the returned Request to send the API call to the service.
  7411  // the "output" return value is not valid until after Send returns without error.
  7412  //
  7413  // See GetServerCertificate for more information on using the GetServerCertificate
  7414  // API call, and error handling.
  7415  //
  7416  // This method is useful when you want to inject custom logic or configuration
  7417  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
  7418  //
  7419  //
  7420  //    // Example sending a request using the GetServerCertificateRequest method.
  7421  //    req, resp := client.GetServerCertificateRequest(params)
  7422  //
  7423  //    err := req.Send()
  7424  //    if err == nil { // resp is now filled
  7425  //        fmt.Println(resp)
  7426  //    }
  7427  //
  7428  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetServerCertificate
  7429  func (c *IAM) GetServerCertificateRequest(input *GetServerCertificateInput) (req *request.Request, output *GetServerCertificateOutput) {
  7430  	op := &request.Operation{
  7431  		Name:       opGetServerCertificate,
  7432  		HTTPMethod: "POST",
  7433  		HTTPPath:   "/",
  7434  	}
  7435  
  7436  	if input == nil {
  7437  		input = &GetServerCertificateInput{}
  7438  	}
  7439  
  7440  	output = &GetServerCertificateOutput{}
  7441  	req = c.newRequest(op, input, output)
  7442  	return
  7443  }
  7444  
  7445  // GetServerCertificate API operation for AWS Identity and Access Management.
  7446  //
  7447  // Retrieves information about the specified server certificate stored in IAM.
  7448  //
  7449  // For more information about working with server certificates, see Working
  7450  // with server certificates (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_server-certs.html)
  7451  // in the IAM User Guide. This topic includes a list of Amazon Web Services
  7452  // services that can use the server certificates that you manage with IAM.
  7453  //
  7454  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
  7455  // with awserr.Error's Code and Message methods to get detailed information about
  7456  // the error.
  7457  //
  7458  // See the AWS API reference guide for AWS Identity and Access Management's
  7459  // API operation GetServerCertificate for usage and error information.
  7460  //
  7461  // Returned Error Codes:
  7462  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
  7463  //   The request was rejected because it referenced a resource entity that does
  7464  //   not exist. The error message describes the resource.
  7465  //
  7466  //   * ErrCodeServiceFailureException "ServiceFailure"
  7467  //   The request processing has failed because of an unknown error, exception
  7468  //   or failure.
  7469  //
  7470  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetServerCertificate
  7471  func (c *IAM) GetServerCertificate(input *GetServerCertificateInput) (*GetServerCertificateOutput, error) {
  7472  	req, out := c.GetServerCertificateRequest(input)
  7473  	return out, req.Send()
  7474  }
  7475  
  7476  // GetServerCertificateWithContext is the same as GetServerCertificate with the addition of
  7477  // the ability to pass a context and additional request options.
  7478  //
  7479  // See GetServerCertificate for details on how to use this API operation.
  7480  //
  7481  // The context must be non-nil and will be used for request cancellation. If
  7482  // the context is nil a panic will occur. In the future the SDK may create
  7483  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
  7484  // for more information on using Contexts.
  7485  func (c *IAM) GetServerCertificateWithContext(ctx aws.Context, input *GetServerCertificateInput, opts ...request.Option) (*GetServerCertificateOutput, error) {
  7486  	req, out := c.GetServerCertificateRequest(input)
  7487  	req.SetContext(ctx)
  7488  	req.ApplyOptions(opts...)
  7489  	return out, req.Send()
  7490  }
  7491  
  7492  const opGetServiceLastAccessedDetails = "GetServiceLastAccessedDetails"
  7493  
  7494  // GetServiceLastAccessedDetailsRequest generates a "aws/request.Request" representing the
  7495  // client's request for the GetServiceLastAccessedDetails operation. The "output" return
  7496  // value will be populated with the request's response once the request completes
  7497  // successfully.
  7498  //
  7499  // Use "Send" method on the returned Request to send the API call to the service.
  7500  // the "output" return value is not valid until after Send returns without error.
  7501  //
  7502  // See GetServiceLastAccessedDetails for more information on using the GetServiceLastAccessedDetails
  7503  // API call, and error handling.
  7504  //
  7505  // This method is useful when you want to inject custom logic or configuration
  7506  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
  7507  //
  7508  //
  7509  //    // Example sending a request using the GetServiceLastAccessedDetailsRequest method.
  7510  //    req, resp := client.GetServiceLastAccessedDetailsRequest(params)
  7511  //
  7512  //    err := req.Send()
  7513  //    if err == nil { // resp is now filled
  7514  //        fmt.Println(resp)
  7515  //    }
  7516  //
  7517  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetServiceLastAccessedDetails
  7518  func (c *IAM) GetServiceLastAccessedDetailsRequest(input *GetServiceLastAccessedDetailsInput) (req *request.Request, output *GetServiceLastAccessedDetailsOutput) {
  7519  	op := &request.Operation{
  7520  		Name:       opGetServiceLastAccessedDetails,
  7521  		HTTPMethod: "POST",
  7522  		HTTPPath:   "/",
  7523  	}
  7524  
  7525  	if input == nil {
  7526  		input = &GetServiceLastAccessedDetailsInput{}
  7527  	}
  7528  
  7529  	output = &GetServiceLastAccessedDetailsOutput{}
  7530  	req = c.newRequest(op, input, output)
  7531  	return
  7532  }
  7533  
  7534  // GetServiceLastAccessedDetails API operation for AWS Identity and Access Management.
  7535  //
  7536  // Retrieves a service last accessed report that was created using the GenerateServiceLastAccessedDetails
  7537  // operation. You can use the JobId parameter in GetServiceLastAccessedDetails
  7538  // to retrieve the status of your report job. When the report is complete, you
  7539  // can retrieve the generated report. The report includes a list of Amazon Web
  7540  // Services services that the resource (user, group, role, or managed policy)
  7541  // can access.
  7542  //
  7543  // Service last accessed data does not use other policy types when determining
  7544  // whether a resource could access a service. These other policy types include
  7545  // resource-based policies, access control lists, Organizations policies, IAM
  7546  // permissions boundaries, and STS assume role policies. It only applies permissions
  7547  // policy logic. For more about the evaluation of policy types, see Evaluating
  7548  // policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluation-logic.html#policy-eval-basics)
  7549  // in the IAM User Guide.
  7550  //
  7551  // For each service that the resource could access using permissions policies,
  7552  // the operation returns details about the most recent access attempt. If there
  7553  // was no attempt, the service is listed without details about the most recent
  7554  // attempt to access the service. If the operation fails, the GetServiceLastAccessedDetails
  7555  // operation returns the reason that it failed.
  7556  //
  7557  // The GetServiceLastAccessedDetails operation returns a list of services. This
  7558  // list includes the number of entities that have attempted to access the service
  7559  // and the date and time of the last attempt. It also returns the ARN of the
  7560  // following entity, depending on the resource ARN that you used to generate
  7561  // the report:
  7562  //
  7563  //    * User – Returns the user ARN that you used to generate the report
  7564  //
  7565  //    * Group – Returns the ARN of the group member (user) that last attempted
  7566  //    to access the service
  7567  //
  7568  //    * Role – Returns the role ARN that you used to generate the report
  7569  //
  7570  //    * Policy – Returns the ARN of the user or role that last used the policy
  7571  //    to attempt to access the service
  7572  //
  7573  // By default, the list is sorted by service namespace.
  7574  //
  7575  // If you specified ACTION_LEVEL granularity when you generated the report,
  7576  // this operation returns service and action last accessed data. This includes
  7577  // the most recent access attempt for each tracked action within a service.
  7578  // Otherwise, this operation returns only service data.
  7579  //
  7580  // For more information about service and action last accessed data, see Reducing
  7581  // permissions using service last accessed data (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html)
  7582  // in the IAM User Guide.
  7583  //
  7584  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
  7585  // with awserr.Error's Code and Message methods to get detailed information about
  7586  // the error.
  7587  //
  7588  // See the AWS API reference guide for AWS Identity and Access Management's
  7589  // API operation GetServiceLastAccessedDetails for usage and error information.
  7590  //
  7591  // Returned Error Codes:
  7592  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
  7593  //   The request was rejected because it referenced a resource entity that does
  7594  //   not exist. The error message describes the resource.
  7595  //
  7596  //   * ErrCodeInvalidInputException "InvalidInput"
  7597  //   The request was rejected because an invalid or out-of-range value was supplied
  7598  //   for an input parameter.
  7599  //
  7600  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetServiceLastAccessedDetails
  7601  func (c *IAM) GetServiceLastAccessedDetails(input *GetServiceLastAccessedDetailsInput) (*GetServiceLastAccessedDetailsOutput, error) {
  7602  	req, out := c.GetServiceLastAccessedDetailsRequest(input)
  7603  	return out, req.Send()
  7604  }
  7605  
  7606  // GetServiceLastAccessedDetailsWithContext is the same as GetServiceLastAccessedDetails with the addition of
  7607  // the ability to pass a context and additional request options.
  7608  //
  7609  // See GetServiceLastAccessedDetails for details on how to use this API operation.
  7610  //
  7611  // The context must be non-nil and will be used for request cancellation. If
  7612  // the context is nil a panic will occur. In the future the SDK may create
  7613  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
  7614  // for more information on using Contexts.
  7615  func (c *IAM) GetServiceLastAccessedDetailsWithContext(ctx aws.Context, input *GetServiceLastAccessedDetailsInput, opts ...request.Option) (*GetServiceLastAccessedDetailsOutput, error) {
  7616  	req, out := c.GetServiceLastAccessedDetailsRequest(input)
  7617  	req.SetContext(ctx)
  7618  	req.ApplyOptions(opts...)
  7619  	return out, req.Send()
  7620  }
  7621  
  7622  const opGetServiceLastAccessedDetailsWithEntities = "GetServiceLastAccessedDetailsWithEntities"
  7623  
  7624  // GetServiceLastAccessedDetailsWithEntitiesRequest generates a "aws/request.Request" representing the
  7625  // client's request for the GetServiceLastAccessedDetailsWithEntities operation. The "output" return
  7626  // value will be populated with the request's response once the request completes
  7627  // successfully.
  7628  //
  7629  // Use "Send" method on the returned Request to send the API call to the service.
  7630  // the "output" return value is not valid until after Send returns without error.
  7631  //
  7632  // See GetServiceLastAccessedDetailsWithEntities for more information on using the GetServiceLastAccessedDetailsWithEntities
  7633  // API call, and error handling.
  7634  //
  7635  // This method is useful when you want to inject custom logic or configuration
  7636  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
  7637  //
  7638  //
  7639  //    // Example sending a request using the GetServiceLastAccessedDetailsWithEntitiesRequest method.
  7640  //    req, resp := client.GetServiceLastAccessedDetailsWithEntitiesRequest(params)
  7641  //
  7642  //    err := req.Send()
  7643  //    if err == nil { // resp is now filled
  7644  //        fmt.Println(resp)
  7645  //    }
  7646  //
  7647  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetServiceLastAccessedDetailsWithEntities
  7648  func (c *IAM) GetServiceLastAccessedDetailsWithEntitiesRequest(input *GetServiceLastAccessedDetailsWithEntitiesInput) (req *request.Request, output *GetServiceLastAccessedDetailsWithEntitiesOutput) {
  7649  	op := &request.Operation{
  7650  		Name:       opGetServiceLastAccessedDetailsWithEntities,
  7651  		HTTPMethod: "POST",
  7652  		HTTPPath:   "/",
  7653  	}
  7654  
  7655  	if input == nil {
  7656  		input = &GetServiceLastAccessedDetailsWithEntitiesInput{}
  7657  	}
  7658  
  7659  	output = &GetServiceLastAccessedDetailsWithEntitiesOutput{}
  7660  	req = c.newRequest(op, input, output)
  7661  	return
  7662  }
  7663  
  7664  // GetServiceLastAccessedDetailsWithEntities API operation for AWS Identity and Access Management.
  7665  //
  7666  // After you generate a group or policy report using the GenerateServiceLastAccessedDetails
  7667  // operation, you can use the JobId parameter in GetServiceLastAccessedDetailsWithEntities.
  7668  // This operation retrieves the status of your report job and a list of entities
  7669  // that could have used group or policy permissions to access the specified
  7670  // service.
  7671  //
  7672  //    * Group – For a group report, this operation returns a list of users
  7673  //    in the group that could have used the group’s policies in an attempt
  7674  //    to access the service.
  7675  //
  7676  //    * Policy – For a policy report, this operation returns a list of entities
  7677  //    (users or roles) that could have used the policy in an attempt to access
  7678  //    the service.
  7679  //
  7680  // You can also use this operation for user or role reports to retrieve details
  7681  // about those entities.
  7682  //
  7683  // If the operation fails, the GetServiceLastAccessedDetailsWithEntities operation
  7684  // returns the reason that it failed.
  7685  //
  7686  // By default, the list of associated entities is sorted by date, with the most
  7687  // recent access listed first.
  7688  //
  7689  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
  7690  // with awserr.Error's Code and Message methods to get detailed information about
  7691  // the error.
  7692  //
  7693  // See the AWS API reference guide for AWS Identity and Access Management's
  7694  // API operation GetServiceLastAccessedDetailsWithEntities for usage and error information.
  7695  //
  7696  // Returned Error Codes:
  7697  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
  7698  //   The request was rejected because it referenced a resource entity that does
  7699  //   not exist. The error message describes the resource.
  7700  //
  7701  //   * ErrCodeInvalidInputException "InvalidInput"
  7702  //   The request was rejected because an invalid or out-of-range value was supplied
  7703  //   for an input parameter.
  7704  //
  7705  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetServiceLastAccessedDetailsWithEntities
  7706  func (c *IAM) GetServiceLastAccessedDetailsWithEntities(input *GetServiceLastAccessedDetailsWithEntitiesInput) (*GetServiceLastAccessedDetailsWithEntitiesOutput, error) {
  7707  	req, out := c.GetServiceLastAccessedDetailsWithEntitiesRequest(input)
  7708  	return out, req.Send()
  7709  }
  7710  
  7711  // GetServiceLastAccessedDetailsWithEntitiesWithContext is the same as GetServiceLastAccessedDetailsWithEntities with the addition of
  7712  // the ability to pass a context and additional request options.
  7713  //
  7714  // See GetServiceLastAccessedDetailsWithEntities for details on how to use this API operation.
  7715  //
  7716  // The context must be non-nil and will be used for request cancellation. If
  7717  // the context is nil a panic will occur. In the future the SDK may create
  7718  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
  7719  // for more information on using Contexts.
  7720  func (c *IAM) GetServiceLastAccessedDetailsWithEntitiesWithContext(ctx aws.Context, input *GetServiceLastAccessedDetailsWithEntitiesInput, opts ...request.Option) (*GetServiceLastAccessedDetailsWithEntitiesOutput, error) {
  7721  	req, out := c.GetServiceLastAccessedDetailsWithEntitiesRequest(input)
  7722  	req.SetContext(ctx)
  7723  	req.ApplyOptions(opts...)
  7724  	return out, req.Send()
  7725  }
  7726  
  7727  const opGetServiceLinkedRoleDeletionStatus = "GetServiceLinkedRoleDeletionStatus"
  7728  
  7729  // GetServiceLinkedRoleDeletionStatusRequest generates a "aws/request.Request" representing the
  7730  // client's request for the GetServiceLinkedRoleDeletionStatus operation. The "output" return
  7731  // value will be populated with the request's response once the request completes
  7732  // successfully.
  7733  //
  7734  // Use "Send" method on the returned Request to send the API call to the service.
  7735  // the "output" return value is not valid until after Send returns without error.
  7736  //
  7737  // See GetServiceLinkedRoleDeletionStatus for more information on using the GetServiceLinkedRoleDeletionStatus
  7738  // API call, and error handling.
  7739  //
  7740  // This method is useful when you want to inject custom logic or configuration
  7741  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
  7742  //
  7743  //
  7744  //    // Example sending a request using the GetServiceLinkedRoleDeletionStatusRequest method.
  7745  //    req, resp := client.GetServiceLinkedRoleDeletionStatusRequest(params)
  7746  //
  7747  //    err := req.Send()
  7748  //    if err == nil { // resp is now filled
  7749  //        fmt.Println(resp)
  7750  //    }
  7751  //
  7752  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetServiceLinkedRoleDeletionStatus
  7753  func (c *IAM) GetServiceLinkedRoleDeletionStatusRequest(input *GetServiceLinkedRoleDeletionStatusInput) (req *request.Request, output *GetServiceLinkedRoleDeletionStatusOutput) {
  7754  	op := &request.Operation{
  7755  		Name:       opGetServiceLinkedRoleDeletionStatus,
  7756  		HTTPMethod: "POST",
  7757  		HTTPPath:   "/",
  7758  	}
  7759  
  7760  	if input == nil {
  7761  		input = &GetServiceLinkedRoleDeletionStatusInput{}
  7762  	}
  7763  
  7764  	output = &GetServiceLinkedRoleDeletionStatusOutput{}
  7765  	req = c.newRequest(op, input, output)
  7766  	return
  7767  }
  7768  
  7769  // GetServiceLinkedRoleDeletionStatus API operation for AWS Identity and Access Management.
  7770  //
  7771  // Retrieves the status of your service-linked role deletion. After you use
  7772  // DeleteServiceLinkedRole to submit a service-linked role for deletion, you
  7773  // can use the DeletionTaskId parameter in GetServiceLinkedRoleDeletionStatus
  7774  // to check the status of the deletion. If the deletion fails, this operation
  7775  // returns the reason that it failed, if that information is returned by the
  7776  // service.
  7777  //
  7778  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
  7779  // with awserr.Error's Code and Message methods to get detailed information about
  7780  // the error.
  7781  //
  7782  // See the AWS API reference guide for AWS Identity and Access Management's
  7783  // API operation GetServiceLinkedRoleDeletionStatus for usage and error information.
  7784  //
  7785  // Returned Error Codes:
  7786  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
  7787  //   The request was rejected because it referenced a resource entity that does
  7788  //   not exist. The error message describes the resource.
  7789  //
  7790  //   * ErrCodeInvalidInputException "InvalidInput"
  7791  //   The request was rejected because an invalid or out-of-range value was supplied
  7792  //   for an input parameter.
  7793  //
  7794  //   * ErrCodeServiceFailureException "ServiceFailure"
  7795  //   The request processing has failed because of an unknown error, exception
  7796  //   or failure.
  7797  //
  7798  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetServiceLinkedRoleDeletionStatus
  7799  func (c *IAM) GetServiceLinkedRoleDeletionStatus(input *GetServiceLinkedRoleDeletionStatusInput) (*GetServiceLinkedRoleDeletionStatusOutput, error) {
  7800  	req, out := c.GetServiceLinkedRoleDeletionStatusRequest(input)
  7801  	return out, req.Send()
  7802  }
  7803  
  7804  // GetServiceLinkedRoleDeletionStatusWithContext is the same as GetServiceLinkedRoleDeletionStatus with the addition of
  7805  // the ability to pass a context and additional request options.
  7806  //
  7807  // See GetServiceLinkedRoleDeletionStatus for details on how to use this API operation.
  7808  //
  7809  // The context must be non-nil and will be used for request cancellation. If
  7810  // the context is nil a panic will occur. In the future the SDK may create
  7811  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
  7812  // for more information on using Contexts.
  7813  func (c *IAM) GetServiceLinkedRoleDeletionStatusWithContext(ctx aws.Context, input *GetServiceLinkedRoleDeletionStatusInput, opts ...request.Option) (*GetServiceLinkedRoleDeletionStatusOutput, error) {
  7814  	req, out := c.GetServiceLinkedRoleDeletionStatusRequest(input)
  7815  	req.SetContext(ctx)
  7816  	req.ApplyOptions(opts...)
  7817  	return out, req.Send()
  7818  }
  7819  
  7820  const opGetUser = "GetUser"
  7821  
  7822  // GetUserRequest generates a "aws/request.Request" representing the
  7823  // client's request for the GetUser operation. The "output" return
  7824  // value will be populated with the request's response once the request completes
  7825  // successfully.
  7826  //
  7827  // Use "Send" method on the returned Request to send the API call to the service.
  7828  // the "output" return value is not valid until after Send returns without error.
  7829  //
  7830  // See GetUser for more information on using the GetUser
  7831  // API call, and error handling.
  7832  //
  7833  // This method is useful when you want to inject custom logic or configuration
  7834  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
  7835  //
  7836  //
  7837  //    // Example sending a request using the GetUserRequest method.
  7838  //    req, resp := client.GetUserRequest(params)
  7839  //
  7840  //    err := req.Send()
  7841  //    if err == nil { // resp is now filled
  7842  //        fmt.Println(resp)
  7843  //    }
  7844  //
  7845  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetUser
  7846  func (c *IAM) GetUserRequest(input *GetUserInput) (req *request.Request, output *GetUserOutput) {
  7847  	op := &request.Operation{
  7848  		Name:       opGetUser,
  7849  		HTTPMethod: "POST",
  7850  		HTTPPath:   "/",
  7851  	}
  7852  
  7853  	if input == nil {
  7854  		input = &GetUserInput{}
  7855  	}
  7856  
  7857  	output = &GetUserOutput{}
  7858  	req = c.newRequest(op, input, output)
  7859  	return
  7860  }
  7861  
  7862  // GetUser API operation for AWS Identity and Access Management.
  7863  //
  7864  // Retrieves information about the specified IAM user, including the user's
  7865  // creation date, path, unique ID, and ARN.
  7866  //
  7867  // If you do not specify a user name, IAM determines the user name implicitly
  7868  // based on the Amazon Web Services access key ID used to sign the request to
  7869  // this operation.
  7870  //
  7871  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
  7872  // with awserr.Error's Code and Message methods to get detailed information about
  7873  // the error.
  7874  //
  7875  // See the AWS API reference guide for AWS Identity and Access Management's
  7876  // API operation GetUser for usage and error information.
  7877  //
  7878  // Returned Error Codes:
  7879  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
  7880  //   The request was rejected because it referenced a resource entity that does
  7881  //   not exist. The error message describes the resource.
  7882  //
  7883  //   * ErrCodeServiceFailureException "ServiceFailure"
  7884  //   The request processing has failed because of an unknown error, exception
  7885  //   or failure.
  7886  //
  7887  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetUser
  7888  func (c *IAM) GetUser(input *GetUserInput) (*GetUserOutput, error) {
  7889  	req, out := c.GetUserRequest(input)
  7890  	return out, req.Send()
  7891  }
  7892  
  7893  // GetUserWithContext is the same as GetUser with the addition of
  7894  // the ability to pass a context and additional request options.
  7895  //
  7896  // See GetUser for details on how to use this API operation.
  7897  //
  7898  // The context must be non-nil and will be used for request cancellation. If
  7899  // the context is nil a panic will occur. In the future the SDK may create
  7900  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
  7901  // for more information on using Contexts.
  7902  func (c *IAM) GetUserWithContext(ctx aws.Context, input *GetUserInput, opts ...request.Option) (*GetUserOutput, error) {
  7903  	req, out := c.GetUserRequest(input)
  7904  	req.SetContext(ctx)
  7905  	req.ApplyOptions(opts...)
  7906  	return out, req.Send()
  7907  }
  7908  
  7909  const opGetUserPolicy = "GetUserPolicy"
  7910  
  7911  // GetUserPolicyRequest generates a "aws/request.Request" representing the
  7912  // client's request for the GetUserPolicy operation. The "output" return
  7913  // value will be populated with the request's response once the request completes
  7914  // successfully.
  7915  //
  7916  // Use "Send" method on the returned Request to send the API call to the service.
  7917  // the "output" return value is not valid until after Send returns without error.
  7918  //
  7919  // See GetUserPolicy for more information on using the GetUserPolicy
  7920  // API call, and error handling.
  7921  //
  7922  // This method is useful when you want to inject custom logic or configuration
  7923  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
  7924  //
  7925  //
  7926  //    // Example sending a request using the GetUserPolicyRequest method.
  7927  //    req, resp := client.GetUserPolicyRequest(params)
  7928  //
  7929  //    err := req.Send()
  7930  //    if err == nil { // resp is now filled
  7931  //        fmt.Println(resp)
  7932  //    }
  7933  //
  7934  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetUserPolicy
  7935  func (c *IAM) GetUserPolicyRequest(input *GetUserPolicyInput) (req *request.Request, output *GetUserPolicyOutput) {
  7936  	op := &request.Operation{
  7937  		Name:       opGetUserPolicy,
  7938  		HTTPMethod: "POST",
  7939  		HTTPPath:   "/",
  7940  	}
  7941  
  7942  	if input == nil {
  7943  		input = &GetUserPolicyInput{}
  7944  	}
  7945  
  7946  	output = &GetUserPolicyOutput{}
  7947  	req = c.newRequest(op, input, output)
  7948  	return
  7949  }
  7950  
  7951  // GetUserPolicy API operation for AWS Identity and Access Management.
  7952  //
  7953  // Retrieves the specified inline policy document that is embedded in the specified
  7954  // IAM user.
  7955  //
  7956  // Policies returned by this operation are URL-encoded compliant with RFC 3986
  7957  // (https://tools.ietf.org/html/rfc3986). You can use a URL decoding method
  7958  // to convert the policy back to plain JSON text. For example, if you use Java,
  7959  // you can use the decode method of the java.net.URLDecoder utility class in
  7960  // the Java SDK. Other languages and SDKs provide similar functionality.
  7961  //
  7962  // An IAM user can also have managed policies attached to it. To retrieve a
  7963  // managed policy document that is attached to a user, use GetPolicy to determine
  7964  // the policy's default version. Then use GetPolicyVersion to retrieve the policy
  7965  // document.
  7966  //
  7967  // For more information about policies, see Managed policies and inline policies
  7968  // (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
  7969  // in the IAM User Guide.
  7970  //
  7971  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
  7972  // with awserr.Error's Code and Message methods to get detailed information about
  7973  // the error.
  7974  //
  7975  // See the AWS API reference guide for AWS Identity and Access Management's
  7976  // API operation GetUserPolicy for usage and error information.
  7977  //
  7978  // Returned Error Codes:
  7979  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
  7980  //   The request was rejected because it referenced a resource entity that does
  7981  //   not exist. The error message describes the resource.
  7982  //
  7983  //   * ErrCodeServiceFailureException "ServiceFailure"
  7984  //   The request processing has failed because of an unknown error, exception
  7985  //   or failure.
  7986  //
  7987  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetUserPolicy
  7988  func (c *IAM) GetUserPolicy(input *GetUserPolicyInput) (*GetUserPolicyOutput, error) {
  7989  	req, out := c.GetUserPolicyRequest(input)
  7990  	return out, req.Send()
  7991  }
  7992  
  7993  // GetUserPolicyWithContext is the same as GetUserPolicy with the addition of
  7994  // the ability to pass a context and additional request options.
  7995  //
  7996  // See GetUserPolicy for details on how to use this API operation.
  7997  //
  7998  // The context must be non-nil and will be used for request cancellation. If
  7999  // the context is nil a panic will occur. In the future the SDK may create
  8000  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
  8001  // for more information on using Contexts.
  8002  func (c *IAM) GetUserPolicyWithContext(ctx aws.Context, input *GetUserPolicyInput, opts ...request.Option) (*GetUserPolicyOutput, error) {
  8003  	req, out := c.GetUserPolicyRequest(input)
  8004  	req.SetContext(ctx)
  8005  	req.ApplyOptions(opts...)
  8006  	return out, req.Send()
  8007  }
  8008  
  8009  const opListAccessKeys = "ListAccessKeys"
  8010  
  8011  // ListAccessKeysRequest generates a "aws/request.Request" representing the
  8012  // client's request for the ListAccessKeys operation. The "output" return
  8013  // value will be populated with the request's response once the request completes
  8014  // successfully.
  8015  //
  8016  // Use "Send" method on the returned Request to send the API call to the service.
  8017  // the "output" return value is not valid until after Send returns without error.
  8018  //
  8019  // See ListAccessKeys for more information on using the ListAccessKeys
  8020  // API call, and error handling.
  8021  //
  8022  // This method is useful when you want to inject custom logic or configuration
  8023  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
  8024  //
  8025  //
  8026  //    // Example sending a request using the ListAccessKeysRequest method.
  8027  //    req, resp := client.ListAccessKeysRequest(params)
  8028  //
  8029  //    err := req.Send()
  8030  //    if err == nil { // resp is now filled
  8031  //        fmt.Println(resp)
  8032  //    }
  8033  //
  8034  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListAccessKeys
  8035  func (c *IAM) ListAccessKeysRequest(input *ListAccessKeysInput) (req *request.Request, output *ListAccessKeysOutput) {
  8036  	op := &request.Operation{
  8037  		Name:       opListAccessKeys,
  8038  		HTTPMethod: "POST",
  8039  		HTTPPath:   "/",
  8040  		Paginator: &request.Paginator{
  8041  			InputTokens:     []string{"Marker"},
  8042  			OutputTokens:    []string{"Marker"},
  8043  			LimitToken:      "MaxItems",
  8044  			TruncationToken: "IsTruncated",
  8045  		},
  8046  	}
  8047  
  8048  	if input == nil {
  8049  		input = &ListAccessKeysInput{}
  8050  	}
  8051  
  8052  	output = &ListAccessKeysOutput{}
  8053  	req = c.newRequest(op, input, output)
  8054  	return
  8055  }
  8056  
  8057  // ListAccessKeys API operation for AWS Identity and Access Management.
  8058  //
  8059  // Returns information about the access key IDs associated with the specified
  8060  // IAM user. If there is none, the operation returns an empty list.
  8061  //
  8062  // Although each user is limited to a small number of keys, you can still paginate
  8063  // the results using the MaxItems and Marker parameters.
  8064  //
  8065  // If the UserName field is not specified, the user name is determined implicitly
  8066  // based on the Amazon Web Services access key ID used to sign the request.
  8067  // This operation works for access keys under the Amazon Web Services account.
  8068  // Consequently, you can use this operation to manage Amazon Web Services account
  8069  // root user credentials even if the Amazon Web Services account has no associated
  8070  // users.
  8071  //
  8072  // To ensure the security of your Amazon Web Services account, the secret access
  8073  // key is accessible only during key and user creation.
  8074  //
  8075  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
  8076  // with awserr.Error's Code and Message methods to get detailed information about
  8077  // the error.
  8078  //
  8079  // See the AWS API reference guide for AWS Identity and Access Management's
  8080  // API operation ListAccessKeys for usage and error information.
  8081  //
  8082  // Returned Error Codes:
  8083  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
  8084  //   The request was rejected because it referenced a resource entity that does
  8085  //   not exist. The error message describes the resource.
  8086  //
  8087  //   * ErrCodeServiceFailureException "ServiceFailure"
  8088  //   The request processing has failed because of an unknown error, exception
  8089  //   or failure.
  8090  //
  8091  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListAccessKeys
  8092  func (c *IAM) ListAccessKeys(input *ListAccessKeysInput) (*ListAccessKeysOutput, error) {
  8093  	req, out := c.ListAccessKeysRequest(input)
  8094  	return out, req.Send()
  8095  }
  8096  
  8097  // ListAccessKeysWithContext is the same as ListAccessKeys with the addition of
  8098  // the ability to pass a context and additional request options.
  8099  //
  8100  // See ListAccessKeys for details on how to use this API operation.
  8101  //
  8102  // The context must be non-nil and will be used for request cancellation. If
  8103  // the context is nil a panic will occur. In the future the SDK may create
  8104  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
  8105  // for more information on using Contexts.
  8106  func (c *IAM) ListAccessKeysWithContext(ctx aws.Context, input *ListAccessKeysInput, opts ...request.Option) (*ListAccessKeysOutput, error) {
  8107  	req, out := c.ListAccessKeysRequest(input)
  8108  	req.SetContext(ctx)
  8109  	req.ApplyOptions(opts...)
  8110  	return out, req.Send()
  8111  }
  8112  
  8113  // ListAccessKeysPages iterates over the pages of a ListAccessKeys operation,
  8114  // calling the "fn" function with the response data for each page. To stop
  8115  // iterating, return false from the fn function.
  8116  //
  8117  // See ListAccessKeys method for more information on how to use this operation.
  8118  //
  8119  // Note: This operation can generate multiple requests to a service.
  8120  //
  8121  //    // Example iterating over at most 3 pages of a ListAccessKeys operation.
  8122  //    pageNum := 0
  8123  //    err := client.ListAccessKeysPages(params,
  8124  //        func(page *iam.ListAccessKeysOutput, lastPage bool) bool {
  8125  //            pageNum++
  8126  //            fmt.Println(page)
  8127  //            return pageNum <= 3
  8128  //        })
  8129  //
  8130  func (c *IAM) ListAccessKeysPages(input *ListAccessKeysInput, fn func(*ListAccessKeysOutput, bool) bool) error {
  8131  	return c.ListAccessKeysPagesWithContext(aws.BackgroundContext(), input, fn)
  8132  }
  8133  
  8134  // ListAccessKeysPagesWithContext same as ListAccessKeysPages except
  8135  // it takes a Context and allows setting request options on the pages.
  8136  //
  8137  // The context must be non-nil and will be used for request cancellation. If
  8138  // the context is nil a panic will occur. In the future the SDK may create
  8139  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
  8140  // for more information on using Contexts.
  8141  func (c *IAM) ListAccessKeysPagesWithContext(ctx aws.Context, input *ListAccessKeysInput, fn func(*ListAccessKeysOutput, bool) bool, opts ...request.Option) error {
  8142  	p := request.Pagination{
  8143  		NewRequest: func() (*request.Request, error) {
  8144  			var inCpy *ListAccessKeysInput
  8145  			if input != nil {
  8146  				tmp := *input
  8147  				inCpy = &tmp
  8148  			}
  8149  			req, _ := c.ListAccessKeysRequest(inCpy)
  8150  			req.SetContext(ctx)
  8151  			req.ApplyOptions(opts...)
  8152  			return req, nil
  8153  		},
  8154  	}
  8155  
  8156  	for p.Next() {
  8157  		if !fn(p.Page().(*ListAccessKeysOutput), !p.HasNextPage()) {
  8158  			break
  8159  		}
  8160  	}
  8161  
  8162  	return p.Err()
  8163  }
  8164  
  8165  const opListAccountAliases = "ListAccountAliases"
  8166  
  8167  // ListAccountAliasesRequest generates a "aws/request.Request" representing the
  8168  // client's request for the ListAccountAliases operation. The "output" return
  8169  // value will be populated with the request's response once the request completes
  8170  // successfully.
  8171  //
  8172  // Use "Send" method on the returned Request to send the API call to the service.
  8173  // the "output" return value is not valid until after Send returns without error.
  8174  //
  8175  // See ListAccountAliases for more information on using the ListAccountAliases
  8176  // API call, and error handling.
  8177  //
  8178  // This method is useful when you want to inject custom logic or configuration
  8179  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
  8180  //
  8181  //
  8182  //    // Example sending a request using the ListAccountAliasesRequest method.
  8183  //    req, resp := client.ListAccountAliasesRequest(params)
  8184  //
  8185  //    err := req.Send()
  8186  //    if err == nil { // resp is now filled
  8187  //        fmt.Println(resp)
  8188  //    }
  8189  //
  8190  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListAccountAliases
  8191  func (c *IAM) ListAccountAliasesRequest(input *ListAccountAliasesInput) (req *request.Request, output *ListAccountAliasesOutput) {
  8192  	op := &request.Operation{
  8193  		Name:       opListAccountAliases,
  8194  		HTTPMethod: "POST",
  8195  		HTTPPath:   "/",
  8196  		Paginator: &request.Paginator{
  8197  			InputTokens:     []string{"Marker"},
  8198  			OutputTokens:    []string{"Marker"},
  8199  			LimitToken:      "MaxItems",
  8200  			TruncationToken: "IsTruncated",
  8201  		},
  8202  	}
  8203  
  8204  	if input == nil {
  8205  		input = &ListAccountAliasesInput{}
  8206  	}
  8207  
  8208  	output = &ListAccountAliasesOutput{}
  8209  	req = c.newRequest(op, input, output)
  8210  	return
  8211  }
  8212  
  8213  // ListAccountAliases API operation for AWS Identity and Access Management.
  8214  //
  8215  // Lists the account alias associated with the Amazon Web Services account (Note:
  8216  // you can have only one). For information about using an Amazon Web Services
  8217  // account alias, see Using an alias for your Amazon Web Services account ID
  8218  // (https://docs.aws.amazon.com/IAM/latest/UserGuide/AccountAlias.html) in the
  8219  // IAM User Guide.
  8220  //
  8221  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
  8222  // with awserr.Error's Code and Message methods to get detailed information about
  8223  // the error.
  8224  //
  8225  // See the AWS API reference guide for AWS Identity and Access Management's
  8226  // API operation ListAccountAliases for usage and error information.
  8227  //
  8228  // Returned Error Codes:
  8229  //   * ErrCodeServiceFailureException "ServiceFailure"
  8230  //   The request processing has failed because of an unknown error, exception
  8231  //   or failure.
  8232  //
  8233  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListAccountAliases
  8234  func (c *IAM) ListAccountAliases(input *ListAccountAliasesInput) (*ListAccountAliasesOutput, error) {
  8235  	req, out := c.ListAccountAliasesRequest(input)
  8236  	return out, req.Send()
  8237  }
  8238  
  8239  // ListAccountAliasesWithContext is the same as ListAccountAliases with the addition of
  8240  // the ability to pass a context and additional request options.
  8241  //
  8242  // See ListAccountAliases for details on how to use this API operation.
  8243  //
  8244  // The context must be non-nil and will be used for request cancellation. If
  8245  // the context is nil a panic will occur. In the future the SDK may create
  8246  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
  8247  // for more information on using Contexts.
  8248  func (c *IAM) ListAccountAliasesWithContext(ctx aws.Context, input *ListAccountAliasesInput, opts ...request.Option) (*ListAccountAliasesOutput, error) {
  8249  	req, out := c.ListAccountAliasesRequest(input)
  8250  	req.SetContext(ctx)
  8251  	req.ApplyOptions(opts...)
  8252  	return out, req.Send()
  8253  }
  8254  
  8255  // ListAccountAliasesPages iterates over the pages of a ListAccountAliases operation,
  8256  // calling the "fn" function with the response data for each page. To stop
  8257  // iterating, return false from the fn function.
  8258  //
  8259  // See ListAccountAliases method for more information on how to use this operation.
  8260  //
  8261  // Note: This operation can generate multiple requests to a service.
  8262  //
  8263  //    // Example iterating over at most 3 pages of a ListAccountAliases operation.
  8264  //    pageNum := 0
  8265  //    err := client.ListAccountAliasesPages(params,
  8266  //        func(page *iam.ListAccountAliasesOutput, lastPage bool) bool {
  8267  //            pageNum++
  8268  //            fmt.Println(page)
  8269  //            return pageNum <= 3
  8270  //        })
  8271  //
  8272  func (c *IAM) ListAccountAliasesPages(input *ListAccountAliasesInput, fn func(*ListAccountAliasesOutput, bool) bool) error {
  8273  	return c.ListAccountAliasesPagesWithContext(aws.BackgroundContext(), input, fn)
  8274  }
  8275  
  8276  // ListAccountAliasesPagesWithContext same as ListAccountAliasesPages except
  8277  // it takes a Context and allows setting request options on the pages.
  8278  //
  8279  // The context must be non-nil and will be used for request cancellation. If
  8280  // the context is nil a panic will occur. In the future the SDK may create
  8281  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
  8282  // for more information on using Contexts.
  8283  func (c *IAM) ListAccountAliasesPagesWithContext(ctx aws.Context, input *ListAccountAliasesInput, fn func(*ListAccountAliasesOutput, bool) bool, opts ...request.Option) error {
  8284  	p := request.Pagination{
  8285  		NewRequest: func() (*request.Request, error) {
  8286  			var inCpy *ListAccountAliasesInput
  8287  			if input != nil {
  8288  				tmp := *input
  8289  				inCpy = &tmp
  8290  			}
  8291  			req, _ := c.ListAccountAliasesRequest(inCpy)
  8292  			req.SetContext(ctx)
  8293  			req.ApplyOptions(opts...)
  8294  			return req, nil
  8295  		},
  8296  	}
  8297  
  8298  	for p.Next() {
  8299  		if !fn(p.Page().(*ListAccountAliasesOutput), !p.HasNextPage()) {
  8300  			break
  8301  		}
  8302  	}
  8303  
  8304  	return p.Err()
  8305  }
  8306  
  8307  const opListAttachedGroupPolicies = "ListAttachedGroupPolicies"
  8308  
  8309  // ListAttachedGroupPoliciesRequest generates a "aws/request.Request" representing the
  8310  // client's request for the ListAttachedGroupPolicies operation. The "output" return
  8311  // value will be populated with the request's response once the request completes
  8312  // successfully.
  8313  //
  8314  // Use "Send" method on the returned Request to send the API call to the service.
  8315  // the "output" return value is not valid until after Send returns without error.
  8316  //
  8317  // See ListAttachedGroupPolicies for more information on using the ListAttachedGroupPolicies
  8318  // API call, and error handling.
  8319  //
  8320  // This method is useful when you want to inject custom logic or configuration
  8321  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
  8322  //
  8323  //
  8324  //    // Example sending a request using the ListAttachedGroupPoliciesRequest method.
  8325  //    req, resp := client.ListAttachedGroupPoliciesRequest(params)
  8326  //
  8327  //    err := req.Send()
  8328  //    if err == nil { // resp is now filled
  8329  //        fmt.Println(resp)
  8330  //    }
  8331  //
  8332  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListAttachedGroupPolicies
  8333  func (c *IAM) ListAttachedGroupPoliciesRequest(input *ListAttachedGroupPoliciesInput) (req *request.Request, output *ListAttachedGroupPoliciesOutput) {
  8334  	op := &request.Operation{
  8335  		Name:       opListAttachedGroupPolicies,
  8336  		HTTPMethod: "POST",
  8337  		HTTPPath:   "/",
  8338  		Paginator: &request.Paginator{
  8339  			InputTokens:     []string{"Marker"},
  8340  			OutputTokens:    []string{"Marker"},
  8341  			LimitToken:      "MaxItems",
  8342  			TruncationToken: "IsTruncated",
  8343  		},
  8344  	}
  8345  
  8346  	if input == nil {
  8347  		input = &ListAttachedGroupPoliciesInput{}
  8348  	}
  8349  
  8350  	output = &ListAttachedGroupPoliciesOutput{}
  8351  	req = c.newRequest(op, input, output)
  8352  	return
  8353  }
  8354  
  8355  // ListAttachedGroupPolicies API operation for AWS Identity and Access Management.
  8356  //
  8357  // Lists all managed policies that are attached to the specified IAM group.
  8358  //
  8359  // An IAM group can also have inline policies embedded with it. To list the
  8360  // inline policies for a group, use ListGroupPolicies. For information about
  8361  // policies, see Managed policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
  8362  // in the IAM User Guide.
  8363  //
  8364  // You can paginate the results using the MaxItems and Marker parameters. You
  8365  // can use the PathPrefix parameter to limit the list of policies to only those
  8366  // matching the specified path prefix. If there are no policies attached to
  8367  // the specified group (or none that match the specified path prefix), the operation
  8368  // returns an empty list.
  8369  //
  8370  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
  8371  // with awserr.Error's Code and Message methods to get detailed information about
  8372  // the error.
  8373  //
  8374  // See the AWS API reference guide for AWS Identity and Access Management's
  8375  // API operation ListAttachedGroupPolicies for usage and error information.
  8376  //
  8377  // Returned Error Codes:
  8378  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
  8379  //   The request was rejected because it referenced a resource entity that does
  8380  //   not exist. The error message describes the resource.
  8381  //
  8382  //   * ErrCodeInvalidInputException "InvalidInput"
  8383  //   The request was rejected because an invalid or out-of-range value was supplied
  8384  //   for an input parameter.
  8385  //
  8386  //   * ErrCodeServiceFailureException "ServiceFailure"
  8387  //   The request processing has failed because of an unknown error, exception
  8388  //   or failure.
  8389  //
  8390  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListAttachedGroupPolicies
  8391  func (c *IAM) ListAttachedGroupPolicies(input *ListAttachedGroupPoliciesInput) (*ListAttachedGroupPoliciesOutput, error) {
  8392  	req, out := c.ListAttachedGroupPoliciesRequest(input)
  8393  	return out, req.Send()
  8394  }
  8395  
  8396  // ListAttachedGroupPoliciesWithContext is the same as ListAttachedGroupPolicies with the addition of
  8397  // the ability to pass a context and additional request options.
  8398  //
  8399  // See ListAttachedGroupPolicies for details on how to use this API operation.
  8400  //
  8401  // The context must be non-nil and will be used for request cancellation. If
  8402  // the context is nil a panic will occur. In the future the SDK may create
  8403  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
  8404  // for more information on using Contexts.
  8405  func (c *IAM) ListAttachedGroupPoliciesWithContext(ctx aws.Context, input *ListAttachedGroupPoliciesInput, opts ...request.Option) (*ListAttachedGroupPoliciesOutput, error) {
  8406  	req, out := c.ListAttachedGroupPoliciesRequest(input)
  8407  	req.SetContext(ctx)
  8408  	req.ApplyOptions(opts...)
  8409  	return out, req.Send()
  8410  }
  8411  
  8412  // ListAttachedGroupPoliciesPages iterates over the pages of a ListAttachedGroupPolicies operation,
  8413  // calling the "fn" function with the response data for each page. To stop
  8414  // iterating, return false from the fn function.
  8415  //
  8416  // See ListAttachedGroupPolicies method for more information on how to use this operation.
  8417  //
  8418  // Note: This operation can generate multiple requests to a service.
  8419  //
  8420  //    // Example iterating over at most 3 pages of a ListAttachedGroupPolicies operation.
  8421  //    pageNum := 0
  8422  //    err := client.ListAttachedGroupPoliciesPages(params,
  8423  //        func(page *iam.ListAttachedGroupPoliciesOutput, lastPage bool) bool {
  8424  //            pageNum++
  8425  //            fmt.Println(page)
  8426  //            return pageNum <= 3
  8427  //        })
  8428  //
  8429  func (c *IAM) ListAttachedGroupPoliciesPages(input *ListAttachedGroupPoliciesInput, fn func(*ListAttachedGroupPoliciesOutput, bool) bool) error {
  8430  	return c.ListAttachedGroupPoliciesPagesWithContext(aws.BackgroundContext(), input, fn)
  8431  }
  8432  
  8433  // ListAttachedGroupPoliciesPagesWithContext same as ListAttachedGroupPoliciesPages except
  8434  // it takes a Context and allows setting request options on the pages.
  8435  //
  8436  // The context must be non-nil and will be used for request cancellation. If
  8437  // the context is nil a panic will occur. In the future the SDK may create
  8438  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
  8439  // for more information on using Contexts.
  8440  func (c *IAM) ListAttachedGroupPoliciesPagesWithContext(ctx aws.Context, input *ListAttachedGroupPoliciesInput, fn func(*ListAttachedGroupPoliciesOutput, bool) bool, opts ...request.Option) error {
  8441  	p := request.Pagination{
  8442  		NewRequest: func() (*request.Request, error) {
  8443  			var inCpy *ListAttachedGroupPoliciesInput
  8444  			if input != nil {
  8445  				tmp := *input
  8446  				inCpy = &tmp
  8447  			}
  8448  			req, _ := c.ListAttachedGroupPoliciesRequest(inCpy)
  8449  			req.SetContext(ctx)
  8450  			req.ApplyOptions(opts...)
  8451  			return req, nil
  8452  		},
  8453  	}
  8454  
  8455  	for p.Next() {
  8456  		if !fn(p.Page().(*ListAttachedGroupPoliciesOutput), !p.HasNextPage()) {
  8457  			break
  8458  		}
  8459  	}
  8460  
  8461  	return p.Err()
  8462  }
  8463  
  8464  const opListAttachedRolePolicies = "ListAttachedRolePolicies"
  8465  
  8466  // ListAttachedRolePoliciesRequest generates a "aws/request.Request" representing the
  8467  // client's request for the ListAttachedRolePolicies operation. The "output" return
  8468  // value will be populated with the request's response once the request completes
  8469  // successfully.
  8470  //
  8471  // Use "Send" method on the returned Request to send the API call to the service.
  8472  // the "output" return value is not valid until after Send returns without error.
  8473  //
  8474  // See ListAttachedRolePolicies for more information on using the ListAttachedRolePolicies
  8475  // API call, and error handling.
  8476  //
  8477  // This method is useful when you want to inject custom logic or configuration
  8478  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
  8479  //
  8480  //
  8481  //    // Example sending a request using the ListAttachedRolePoliciesRequest method.
  8482  //    req, resp := client.ListAttachedRolePoliciesRequest(params)
  8483  //
  8484  //    err := req.Send()
  8485  //    if err == nil { // resp is now filled
  8486  //        fmt.Println(resp)
  8487  //    }
  8488  //
  8489  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListAttachedRolePolicies
  8490  func (c *IAM) ListAttachedRolePoliciesRequest(input *ListAttachedRolePoliciesInput) (req *request.Request, output *ListAttachedRolePoliciesOutput) {
  8491  	op := &request.Operation{
  8492  		Name:       opListAttachedRolePolicies,
  8493  		HTTPMethod: "POST",
  8494  		HTTPPath:   "/",
  8495  		Paginator: &request.Paginator{
  8496  			InputTokens:     []string{"Marker"},
  8497  			OutputTokens:    []string{"Marker"},
  8498  			LimitToken:      "MaxItems",
  8499  			TruncationToken: "IsTruncated",
  8500  		},
  8501  	}
  8502  
  8503  	if input == nil {
  8504  		input = &ListAttachedRolePoliciesInput{}
  8505  	}
  8506  
  8507  	output = &ListAttachedRolePoliciesOutput{}
  8508  	req = c.newRequest(op, input, output)
  8509  	return
  8510  }
  8511  
  8512  // ListAttachedRolePolicies API operation for AWS Identity and Access Management.
  8513  //
  8514  // Lists all managed policies that are attached to the specified IAM role.
  8515  //
  8516  // An IAM role can also have inline policies embedded with it. To list the inline
  8517  // policies for a role, use ListRolePolicies. For information about policies,
  8518  // see Managed policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
  8519  // in the IAM User Guide.
  8520  //
  8521  // You can paginate the results using the MaxItems and Marker parameters. You
  8522  // can use the PathPrefix parameter to limit the list of policies to only those
  8523  // matching the specified path prefix. If there are no policies attached to
  8524  // the specified role (or none that match the specified path prefix), the operation
  8525  // returns an empty list.
  8526  //
  8527  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
  8528  // with awserr.Error's Code and Message methods to get detailed information about
  8529  // the error.
  8530  //
  8531  // See the AWS API reference guide for AWS Identity and Access Management's
  8532  // API operation ListAttachedRolePolicies for usage and error information.
  8533  //
  8534  // Returned Error Codes:
  8535  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
  8536  //   The request was rejected because it referenced a resource entity that does
  8537  //   not exist. The error message describes the resource.
  8538  //
  8539  //   * ErrCodeInvalidInputException "InvalidInput"
  8540  //   The request was rejected because an invalid or out-of-range value was supplied
  8541  //   for an input parameter.
  8542  //
  8543  //   * ErrCodeServiceFailureException "ServiceFailure"
  8544  //   The request processing has failed because of an unknown error, exception
  8545  //   or failure.
  8546  //
  8547  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListAttachedRolePolicies
  8548  func (c *IAM) ListAttachedRolePolicies(input *ListAttachedRolePoliciesInput) (*ListAttachedRolePoliciesOutput, error) {
  8549  	req, out := c.ListAttachedRolePoliciesRequest(input)
  8550  	return out, req.Send()
  8551  }
  8552  
  8553  // ListAttachedRolePoliciesWithContext is the same as ListAttachedRolePolicies with the addition of
  8554  // the ability to pass a context and additional request options.
  8555  //
  8556  // See ListAttachedRolePolicies for details on how to use this API operation.
  8557  //
  8558  // The context must be non-nil and will be used for request cancellation. If
  8559  // the context is nil a panic will occur. In the future the SDK may create
  8560  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
  8561  // for more information on using Contexts.
  8562  func (c *IAM) ListAttachedRolePoliciesWithContext(ctx aws.Context, input *ListAttachedRolePoliciesInput, opts ...request.Option) (*ListAttachedRolePoliciesOutput, error) {
  8563  	req, out := c.ListAttachedRolePoliciesRequest(input)
  8564  	req.SetContext(ctx)
  8565  	req.ApplyOptions(opts...)
  8566  	return out, req.Send()
  8567  }
  8568  
  8569  // ListAttachedRolePoliciesPages iterates over the pages of a ListAttachedRolePolicies operation,
  8570  // calling the "fn" function with the response data for each page. To stop
  8571  // iterating, return false from the fn function.
  8572  //
  8573  // See ListAttachedRolePolicies method for more information on how to use this operation.
  8574  //
  8575  // Note: This operation can generate multiple requests to a service.
  8576  //
  8577  //    // Example iterating over at most 3 pages of a ListAttachedRolePolicies operation.
  8578  //    pageNum := 0
  8579  //    err := client.ListAttachedRolePoliciesPages(params,
  8580  //        func(page *iam.ListAttachedRolePoliciesOutput, lastPage bool) bool {
  8581  //            pageNum++
  8582  //            fmt.Println(page)
  8583  //            return pageNum <= 3
  8584  //        })
  8585  //
  8586  func (c *IAM) ListAttachedRolePoliciesPages(input *ListAttachedRolePoliciesInput, fn func(*ListAttachedRolePoliciesOutput, bool) bool) error {
  8587  	return c.ListAttachedRolePoliciesPagesWithContext(aws.BackgroundContext(), input, fn)
  8588  }
  8589  
  8590  // ListAttachedRolePoliciesPagesWithContext same as ListAttachedRolePoliciesPages except
  8591  // it takes a Context and allows setting request options on the pages.
  8592  //
  8593  // The context must be non-nil and will be used for request cancellation. If
  8594  // the context is nil a panic will occur. In the future the SDK may create
  8595  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
  8596  // for more information on using Contexts.
  8597  func (c *IAM) ListAttachedRolePoliciesPagesWithContext(ctx aws.Context, input *ListAttachedRolePoliciesInput, fn func(*ListAttachedRolePoliciesOutput, bool) bool, opts ...request.Option) error {
  8598  	p := request.Pagination{
  8599  		NewRequest: func() (*request.Request, error) {
  8600  			var inCpy *ListAttachedRolePoliciesInput
  8601  			if input != nil {
  8602  				tmp := *input
  8603  				inCpy = &tmp
  8604  			}
  8605  			req, _ := c.ListAttachedRolePoliciesRequest(inCpy)
  8606  			req.SetContext(ctx)
  8607  			req.ApplyOptions(opts...)
  8608  			return req, nil
  8609  		},
  8610  	}
  8611  
  8612  	for p.Next() {
  8613  		if !fn(p.Page().(*ListAttachedRolePoliciesOutput), !p.HasNextPage()) {
  8614  			break
  8615  		}
  8616  	}
  8617  
  8618  	return p.Err()
  8619  }
  8620  
  8621  const opListAttachedUserPolicies = "ListAttachedUserPolicies"
  8622  
  8623  // ListAttachedUserPoliciesRequest generates a "aws/request.Request" representing the
  8624  // client's request for the ListAttachedUserPolicies operation. The "output" return
  8625  // value will be populated with the request's response once the request completes
  8626  // successfully.
  8627  //
  8628  // Use "Send" method on the returned Request to send the API call to the service.
  8629  // the "output" return value is not valid until after Send returns without error.
  8630  //
  8631  // See ListAttachedUserPolicies for more information on using the ListAttachedUserPolicies
  8632  // API call, and error handling.
  8633  //
  8634  // This method is useful when you want to inject custom logic or configuration
  8635  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
  8636  //
  8637  //
  8638  //    // Example sending a request using the ListAttachedUserPoliciesRequest method.
  8639  //    req, resp := client.ListAttachedUserPoliciesRequest(params)
  8640  //
  8641  //    err := req.Send()
  8642  //    if err == nil { // resp is now filled
  8643  //        fmt.Println(resp)
  8644  //    }
  8645  //
  8646  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListAttachedUserPolicies
  8647  func (c *IAM) ListAttachedUserPoliciesRequest(input *ListAttachedUserPoliciesInput) (req *request.Request, output *ListAttachedUserPoliciesOutput) {
  8648  	op := &request.Operation{
  8649  		Name:       opListAttachedUserPolicies,
  8650  		HTTPMethod: "POST",
  8651  		HTTPPath:   "/",
  8652  		Paginator: &request.Paginator{
  8653  			InputTokens:     []string{"Marker"},
  8654  			OutputTokens:    []string{"Marker"},
  8655  			LimitToken:      "MaxItems",
  8656  			TruncationToken: "IsTruncated",
  8657  		},
  8658  	}
  8659  
  8660  	if input == nil {
  8661  		input = &ListAttachedUserPoliciesInput{}
  8662  	}
  8663  
  8664  	output = &ListAttachedUserPoliciesOutput{}
  8665  	req = c.newRequest(op, input, output)
  8666  	return
  8667  }
  8668  
  8669  // ListAttachedUserPolicies API operation for AWS Identity and Access Management.
  8670  //
  8671  // Lists all managed policies that are attached to the specified IAM user.
  8672  //
  8673  // An IAM user can also have inline policies embedded with it. To list the inline
  8674  // policies for a user, use ListUserPolicies. For information about policies,
  8675  // see Managed policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
  8676  // in the IAM User Guide.
  8677  //
  8678  // You can paginate the results using the MaxItems and Marker parameters. You
  8679  // can use the PathPrefix parameter to limit the list of policies to only those
  8680  // matching the specified path prefix. If there are no policies attached to
  8681  // the specified group (or none that match the specified path prefix), the operation
  8682  // returns an empty list.
  8683  //
  8684  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
  8685  // with awserr.Error's Code and Message methods to get detailed information about
  8686  // the error.
  8687  //
  8688  // See the AWS API reference guide for AWS Identity and Access Management's
  8689  // API operation ListAttachedUserPolicies for usage and error information.
  8690  //
  8691  // Returned Error Codes:
  8692  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
  8693  //   The request was rejected because it referenced a resource entity that does
  8694  //   not exist. The error message describes the resource.
  8695  //
  8696  //   * ErrCodeInvalidInputException "InvalidInput"
  8697  //   The request was rejected because an invalid or out-of-range value was supplied
  8698  //   for an input parameter.
  8699  //
  8700  //   * ErrCodeServiceFailureException "ServiceFailure"
  8701  //   The request processing has failed because of an unknown error, exception
  8702  //   or failure.
  8703  //
  8704  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListAttachedUserPolicies
  8705  func (c *IAM) ListAttachedUserPolicies(input *ListAttachedUserPoliciesInput) (*ListAttachedUserPoliciesOutput, error) {
  8706  	req, out := c.ListAttachedUserPoliciesRequest(input)
  8707  	return out, req.Send()
  8708  }
  8709  
  8710  // ListAttachedUserPoliciesWithContext is the same as ListAttachedUserPolicies with the addition of
  8711  // the ability to pass a context and additional request options.
  8712  //
  8713  // See ListAttachedUserPolicies for details on how to use this API operation.
  8714  //
  8715  // The context must be non-nil and will be used for request cancellation. If
  8716  // the context is nil a panic will occur. In the future the SDK may create
  8717  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
  8718  // for more information on using Contexts.
  8719  func (c *IAM) ListAttachedUserPoliciesWithContext(ctx aws.Context, input *ListAttachedUserPoliciesInput, opts ...request.Option) (*ListAttachedUserPoliciesOutput, error) {
  8720  	req, out := c.ListAttachedUserPoliciesRequest(input)
  8721  	req.SetContext(ctx)
  8722  	req.ApplyOptions(opts...)
  8723  	return out, req.Send()
  8724  }
  8725  
  8726  // ListAttachedUserPoliciesPages iterates over the pages of a ListAttachedUserPolicies operation,
  8727  // calling the "fn" function with the response data for each page. To stop
  8728  // iterating, return false from the fn function.
  8729  //
  8730  // See ListAttachedUserPolicies method for more information on how to use this operation.
  8731  //
  8732  // Note: This operation can generate multiple requests to a service.
  8733  //
  8734  //    // Example iterating over at most 3 pages of a ListAttachedUserPolicies operation.
  8735  //    pageNum := 0
  8736  //    err := client.ListAttachedUserPoliciesPages(params,
  8737  //        func(page *iam.ListAttachedUserPoliciesOutput, lastPage bool) bool {
  8738  //            pageNum++
  8739  //            fmt.Println(page)
  8740  //            return pageNum <= 3
  8741  //        })
  8742  //
  8743  func (c *IAM) ListAttachedUserPoliciesPages(input *ListAttachedUserPoliciesInput, fn func(*ListAttachedUserPoliciesOutput, bool) bool) error {
  8744  	return c.ListAttachedUserPoliciesPagesWithContext(aws.BackgroundContext(), input, fn)
  8745  }
  8746  
  8747  // ListAttachedUserPoliciesPagesWithContext same as ListAttachedUserPoliciesPages except
  8748  // it takes a Context and allows setting request options on the pages.
  8749  //
  8750  // The context must be non-nil and will be used for request cancellation. If
  8751  // the context is nil a panic will occur. In the future the SDK may create
  8752  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
  8753  // for more information on using Contexts.
  8754  func (c *IAM) ListAttachedUserPoliciesPagesWithContext(ctx aws.Context, input *ListAttachedUserPoliciesInput, fn func(*ListAttachedUserPoliciesOutput, bool) bool, opts ...request.Option) error {
  8755  	p := request.Pagination{
  8756  		NewRequest: func() (*request.Request, error) {
  8757  			var inCpy *ListAttachedUserPoliciesInput
  8758  			if input != nil {
  8759  				tmp := *input
  8760  				inCpy = &tmp
  8761  			}
  8762  			req, _ := c.ListAttachedUserPoliciesRequest(inCpy)
  8763  			req.SetContext(ctx)
  8764  			req.ApplyOptions(opts...)
  8765  			return req, nil
  8766  		},
  8767  	}
  8768  
  8769  	for p.Next() {
  8770  		if !fn(p.Page().(*ListAttachedUserPoliciesOutput), !p.HasNextPage()) {
  8771  			break
  8772  		}
  8773  	}
  8774  
  8775  	return p.Err()
  8776  }
  8777  
  8778  const opListEntitiesForPolicy = "ListEntitiesForPolicy"
  8779  
  8780  // ListEntitiesForPolicyRequest generates a "aws/request.Request" representing the
  8781  // client's request for the ListEntitiesForPolicy operation. The "output" return
  8782  // value will be populated with the request's response once the request completes
  8783  // successfully.
  8784  //
  8785  // Use "Send" method on the returned Request to send the API call to the service.
  8786  // the "output" return value is not valid until after Send returns without error.
  8787  //
  8788  // See ListEntitiesForPolicy for more information on using the ListEntitiesForPolicy
  8789  // API call, and error handling.
  8790  //
  8791  // This method is useful when you want to inject custom logic or configuration
  8792  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
  8793  //
  8794  //
  8795  //    // Example sending a request using the ListEntitiesForPolicyRequest method.
  8796  //    req, resp := client.ListEntitiesForPolicyRequest(params)
  8797  //
  8798  //    err := req.Send()
  8799  //    if err == nil { // resp is now filled
  8800  //        fmt.Println(resp)
  8801  //    }
  8802  //
  8803  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListEntitiesForPolicy
  8804  func (c *IAM) ListEntitiesForPolicyRequest(input *ListEntitiesForPolicyInput) (req *request.Request, output *ListEntitiesForPolicyOutput) {
  8805  	op := &request.Operation{
  8806  		Name:       opListEntitiesForPolicy,
  8807  		HTTPMethod: "POST",
  8808  		HTTPPath:   "/",
  8809  		Paginator: &request.Paginator{
  8810  			InputTokens:     []string{"Marker"},
  8811  			OutputTokens:    []string{"Marker"},
  8812  			LimitToken:      "MaxItems",
  8813  			TruncationToken: "IsTruncated",
  8814  		},
  8815  	}
  8816  
  8817  	if input == nil {
  8818  		input = &ListEntitiesForPolicyInput{}
  8819  	}
  8820  
  8821  	output = &ListEntitiesForPolicyOutput{}
  8822  	req = c.newRequest(op, input, output)
  8823  	return
  8824  }
  8825  
  8826  // ListEntitiesForPolicy API operation for AWS Identity and Access Management.
  8827  //
  8828  // Lists all IAM users, groups, and roles that the specified managed policy
  8829  // is attached to.
  8830  //
  8831  // You can use the optional EntityFilter parameter to limit the results to a
  8832  // particular type of entity (users, groups, or roles). For example, to list
  8833  // only the roles that are attached to the specified policy, set EntityFilter
  8834  // to Role.
  8835  //
  8836  // You can paginate the results using the MaxItems and Marker parameters.
  8837  //
  8838  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
  8839  // with awserr.Error's Code and Message methods to get detailed information about
  8840  // the error.
  8841  //
  8842  // See the AWS API reference guide for AWS Identity and Access Management's
  8843  // API operation ListEntitiesForPolicy for usage and error information.
  8844  //
  8845  // Returned Error Codes:
  8846  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
  8847  //   The request was rejected because it referenced a resource entity that does
  8848  //   not exist. The error message describes the resource.
  8849  //
  8850  //   * ErrCodeInvalidInputException "InvalidInput"
  8851  //   The request was rejected because an invalid or out-of-range value was supplied
  8852  //   for an input parameter.
  8853  //
  8854  //   * ErrCodeServiceFailureException "ServiceFailure"
  8855  //   The request processing has failed because of an unknown error, exception
  8856  //   or failure.
  8857  //
  8858  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListEntitiesForPolicy
  8859  func (c *IAM) ListEntitiesForPolicy(input *ListEntitiesForPolicyInput) (*ListEntitiesForPolicyOutput, error) {
  8860  	req, out := c.ListEntitiesForPolicyRequest(input)
  8861  	return out, req.Send()
  8862  }
  8863  
  8864  // ListEntitiesForPolicyWithContext is the same as ListEntitiesForPolicy with the addition of
  8865  // the ability to pass a context and additional request options.
  8866  //
  8867  // See ListEntitiesForPolicy for details on how to use this API operation.
  8868  //
  8869  // The context must be non-nil and will be used for request cancellation. If
  8870  // the context is nil a panic will occur. In the future the SDK may create
  8871  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
  8872  // for more information on using Contexts.
  8873  func (c *IAM) ListEntitiesForPolicyWithContext(ctx aws.Context, input *ListEntitiesForPolicyInput, opts ...request.Option) (*ListEntitiesForPolicyOutput, error) {
  8874  	req, out := c.ListEntitiesForPolicyRequest(input)
  8875  	req.SetContext(ctx)
  8876  	req.ApplyOptions(opts...)
  8877  	return out, req.Send()
  8878  }
  8879  
  8880  // ListEntitiesForPolicyPages iterates over the pages of a ListEntitiesForPolicy operation,
  8881  // calling the "fn" function with the response data for each page. To stop
  8882  // iterating, return false from the fn function.
  8883  //
  8884  // See ListEntitiesForPolicy method for more information on how to use this operation.
  8885  //
  8886  // Note: This operation can generate multiple requests to a service.
  8887  //
  8888  //    // Example iterating over at most 3 pages of a ListEntitiesForPolicy operation.
  8889  //    pageNum := 0
  8890  //    err := client.ListEntitiesForPolicyPages(params,
  8891  //        func(page *iam.ListEntitiesForPolicyOutput, lastPage bool) bool {
  8892  //            pageNum++
  8893  //            fmt.Println(page)
  8894  //            return pageNum <= 3
  8895  //        })
  8896  //
  8897  func (c *IAM) ListEntitiesForPolicyPages(input *ListEntitiesForPolicyInput, fn func(*ListEntitiesForPolicyOutput, bool) bool) error {
  8898  	return c.ListEntitiesForPolicyPagesWithContext(aws.BackgroundContext(), input, fn)
  8899  }
  8900  
  8901  // ListEntitiesForPolicyPagesWithContext same as ListEntitiesForPolicyPages except
  8902  // it takes a Context and allows setting request options on the pages.
  8903  //
  8904  // The context must be non-nil and will be used for request cancellation. If
  8905  // the context is nil a panic will occur. In the future the SDK may create
  8906  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
  8907  // for more information on using Contexts.
  8908  func (c *IAM) ListEntitiesForPolicyPagesWithContext(ctx aws.Context, input *ListEntitiesForPolicyInput, fn func(*ListEntitiesForPolicyOutput, bool) bool, opts ...request.Option) error {
  8909  	p := request.Pagination{
  8910  		NewRequest: func() (*request.Request, error) {
  8911  			var inCpy *ListEntitiesForPolicyInput
  8912  			if input != nil {
  8913  				tmp := *input
  8914  				inCpy = &tmp
  8915  			}
  8916  			req, _ := c.ListEntitiesForPolicyRequest(inCpy)
  8917  			req.SetContext(ctx)
  8918  			req.ApplyOptions(opts...)
  8919  			return req, nil
  8920  		},
  8921  	}
  8922  
  8923  	for p.Next() {
  8924  		if !fn(p.Page().(*ListEntitiesForPolicyOutput), !p.HasNextPage()) {
  8925  			break
  8926  		}
  8927  	}
  8928  
  8929  	return p.Err()
  8930  }
  8931  
  8932  const opListGroupPolicies = "ListGroupPolicies"
  8933  
  8934  // ListGroupPoliciesRequest generates a "aws/request.Request" representing the
  8935  // client's request for the ListGroupPolicies operation. The "output" return
  8936  // value will be populated with the request's response once the request completes
  8937  // successfully.
  8938  //
  8939  // Use "Send" method on the returned Request to send the API call to the service.
  8940  // the "output" return value is not valid until after Send returns without error.
  8941  //
  8942  // See ListGroupPolicies for more information on using the ListGroupPolicies
  8943  // API call, and error handling.
  8944  //
  8945  // This method is useful when you want to inject custom logic or configuration
  8946  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
  8947  //
  8948  //
  8949  //    // Example sending a request using the ListGroupPoliciesRequest method.
  8950  //    req, resp := client.ListGroupPoliciesRequest(params)
  8951  //
  8952  //    err := req.Send()
  8953  //    if err == nil { // resp is now filled
  8954  //        fmt.Println(resp)
  8955  //    }
  8956  //
  8957  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListGroupPolicies
  8958  func (c *IAM) ListGroupPoliciesRequest(input *ListGroupPoliciesInput) (req *request.Request, output *ListGroupPoliciesOutput) {
  8959  	op := &request.Operation{
  8960  		Name:       opListGroupPolicies,
  8961  		HTTPMethod: "POST",
  8962  		HTTPPath:   "/",
  8963  		Paginator: &request.Paginator{
  8964  			InputTokens:     []string{"Marker"},
  8965  			OutputTokens:    []string{"Marker"},
  8966  			LimitToken:      "MaxItems",
  8967  			TruncationToken: "IsTruncated",
  8968  		},
  8969  	}
  8970  
  8971  	if input == nil {
  8972  		input = &ListGroupPoliciesInput{}
  8973  	}
  8974  
  8975  	output = &ListGroupPoliciesOutput{}
  8976  	req = c.newRequest(op, input, output)
  8977  	return
  8978  }
  8979  
  8980  // ListGroupPolicies API operation for AWS Identity and Access Management.
  8981  //
  8982  // Lists the names of the inline policies that are embedded in the specified
  8983  // IAM group.
  8984  //
  8985  // An IAM group can also have managed policies attached to it. To list the managed
  8986  // policies that are attached to a group, use ListAttachedGroupPolicies. For
  8987  // more information about policies, see Managed policies and inline policies
  8988  // (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
  8989  // in the IAM User Guide.
  8990  //
  8991  // You can paginate the results using the MaxItems and Marker parameters. If
  8992  // there are no inline policies embedded with the specified group, the operation
  8993  // returns an empty list.
  8994  //
  8995  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
  8996  // with awserr.Error's Code and Message methods to get detailed information about
  8997  // the error.
  8998  //
  8999  // See the AWS API reference guide for AWS Identity and Access Management's
  9000  // API operation ListGroupPolicies for usage and error information.
  9001  //
  9002  // Returned Error Codes:
  9003  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
  9004  //   The request was rejected because it referenced a resource entity that does
  9005  //   not exist. The error message describes the resource.
  9006  //
  9007  //   * ErrCodeServiceFailureException "ServiceFailure"
  9008  //   The request processing has failed because of an unknown error, exception
  9009  //   or failure.
  9010  //
  9011  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListGroupPolicies
  9012  func (c *IAM) ListGroupPolicies(input *ListGroupPoliciesInput) (*ListGroupPoliciesOutput, error) {
  9013  	req, out := c.ListGroupPoliciesRequest(input)
  9014  	return out, req.Send()
  9015  }
  9016  
  9017  // ListGroupPoliciesWithContext is the same as ListGroupPolicies with the addition of
  9018  // the ability to pass a context and additional request options.
  9019  //
  9020  // See ListGroupPolicies for details on how to use this API operation.
  9021  //
  9022  // The context must be non-nil and will be used for request cancellation. If
  9023  // the context is nil a panic will occur. In the future the SDK may create
  9024  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
  9025  // for more information on using Contexts.
  9026  func (c *IAM) ListGroupPoliciesWithContext(ctx aws.Context, input *ListGroupPoliciesInput, opts ...request.Option) (*ListGroupPoliciesOutput, error) {
  9027  	req, out := c.ListGroupPoliciesRequest(input)
  9028  	req.SetContext(ctx)
  9029  	req.ApplyOptions(opts...)
  9030  	return out, req.Send()
  9031  }
  9032  
  9033  // ListGroupPoliciesPages iterates over the pages of a ListGroupPolicies operation,
  9034  // calling the "fn" function with the response data for each page. To stop
  9035  // iterating, return false from the fn function.
  9036  //
  9037  // See ListGroupPolicies method for more information on how to use this operation.
  9038  //
  9039  // Note: This operation can generate multiple requests to a service.
  9040  //
  9041  //    // Example iterating over at most 3 pages of a ListGroupPolicies operation.
  9042  //    pageNum := 0
  9043  //    err := client.ListGroupPoliciesPages(params,
  9044  //        func(page *iam.ListGroupPoliciesOutput, lastPage bool) bool {
  9045  //            pageNum++
  9046  //            fmt.Println(page)
  9047  //            return pageNum <= 3
  9048  //        })
  9049  //
  9050  func (c *IAM) ListGroupPoliciesPages(input *ListGroupPoliciesInput, fn func(*ListGroupPoliciesOutput, bool) bool) error {
  9051  	return c.ListGroupPoliciesPagesWithContext(aws.BackgroundContext(), input, fn)
  9052  }
  9053  
  9054  // ListGroupPoliciesPagesWithContext same as ListGroupPoliciesPages except
  9055  // it takes a Context and allows setting request options on the pages.
  9056  //
  9057  // The context must be non-nil and will be used for request cancellation. If
  9058  // the context is nil a panic will occur. In the future the SDK may create
  9059  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
  9060  // for more information on using Contexts.
  9061  func (c *IAM) ListGroupPoliciesPagesWithContext(ctx aws.Context, input *ListGroupPoliciesInput, fn func(*ListGroupPoliciesOutput, bool) bool, opts ...request.Option) error {
  9062  	p := request.Pagination{
  9063  		NewRequest: func() (*request.Request, error) {
  9064  			var inCpy *ListGroupPoliciesInput
  9065  			if input != nil {
  9066  				tmp := *input
  9067  				inCpy = &tmp
  9068  			}
  9069  			req, _ := c.ListGroupPoliciesRequest(inCpy)
  9070  			req.SetContext(ctx)
  9071  			req.ApplyOptions(opts...)
  9072  			return req, nil
  9073  		},
  9074  	}
  9075  
  9076  	for p.Next() {
  9077  		if !fn(p.Page().(*ListGroupPoliciesOutput), !p.HasNextPage()) {
  9078  			break
  9079  		}
  9080  	}
  9081  
  9082  	return p.Err()
  9083  }
  9084  
  9085  const opListGroups = "ListGroups"
  9086  
  9087  // ListGroupsRequest generates a "aws/request.Request" representing the
  9088  // client's request for the ListGroups operation. The "output" return
  9089  // value will be populated with the request's response once the request completes
  9090  // successfully.
  9091  //
  9092  // Use "Send" method on the returned Request to send the API call to the service.
  9093  // the "output" return value is not valid until after Send returns without error.
  9094  //
  9095  // See ListGroups for more information on using the ListGroups
  9096  // API call, and error handling.
  9097  //
  9098  // This method is useful when you want to inject custom logic or configuration
  9099  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
  9100  //
  9101  //
  9102  //    // Example sending a request using the ListGroupsRequest method.
  9103  //    req, resp := client.ListGroupsRequest(params)
  9104  //
  9105  //    err := req.Send()
  9106  //    if err == nil { // resp is now filled
  9107  //        fmt.Println(resp)
  9108  //    }
  9109  //
  9110  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListGroups
  9111  func (c *IAM) ListGroupsRequest(input *ListGroupsInput) (req *request.Request, output *ListGroupsOutput) {
  9112  	op := &request.Operation{
  9113  		Name:       opListGroups,
  9114  		HTTPMethod: "POST",
  9115  		HTTPPath:   "/",
  9116  		Paginator: &request.Paginator{
  9117  			InputTokens:     []string{"Marker"},
  9118  			OutputTokens:    []string{"Marker"},
  9119  			LimitToken:      "MaxItems",
  9120  			TruncationToken: "IsTruncated",
  9121  		},
  9122  	}
  9123  
  9124  	if input == nil {
  9125  		input = &ListGroupsInput{}
  9126  	}
  9127  
  9128  	output = &ListGroupsOutput{}
  9129  	req = c.newRequest(op, input, output)
  9130  	return
  9131  }
  9132  
  9133  // ListGroups API operation for AWS Identity and Access Management.
  9134  //
  9135  // Lists the IAM groups that have the specified path prefix.
  9136  //
  9137  // You can paginate the results using the MaxItems and Marker parameters.
  9138  //
  9139  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
  9140  // with awserr.Error's Code and Message methods to get detailed information about
  9141  // the error.
  9142  //
  9143  // See the AWS API reference guide for AWS Identity and Access Management's
  9144  // API operation ListGroups for usage and error information.
  9145  //
  9146  // Returned Error Codes:
  9147  //   * ErrCodeServiceFailureException "ServiceFailure"
  9148  //   The request processing has failed because of an unknown error, exception
  9149  //   or failure.
  9150  //
  9151  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListGroups
  9152  func (c *IAM) ListGroups(input *ListGroupsInput) (*ListGroupsOutput, error) {
  9153  	req, out := c.ListGroupsRequest(input)
  9154  	return out, req.Send()
  9155  }
  9156  
  9157  // ListGroupsWithContext is the same as ListGroups with the addition of
  9158  // the ability to pass a context and additional request options.
  9159  //
  9160  // See ListGroups for details on how to use this API operation.
  9161  //
  9162  // The context must be non-nil and will be used for request cancellation. If
  9163  // the context is nil a panic will occur. In the future the SDK may create
  9164  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
  9165  // for more information on using Contexts.
  9166  func (c *IAM) ListGroupsWithContext(ctx aws.Context, input *ListGroupsInput, opts ...request.Option) (*ListGroupsOutput, error) {
  9167  	req, out := c.ListGroupsRequest(input)
  9168  	req.SetContext(ctx)
  9169  	req.ApplyOptions(opts...)
  9170  	return out, req.Send()
  9171  }
  9172  
  9173  // ListGroupsPages iterates over the pages of a ListGroups operation,
  9174  // calling the "fn" function with the response data for each page. To stop
  9175  // iterating, return false from the fn function.
  9176  //
  9177  // See ListGroups method for more information on how to use this operation.
  9178  //
  9179  // Note: This operation can generate multiple requests to a service.
  9180  //
  9181  //    // Example iterating over at most 3 pages of a ListGroups operation.
  9182  //    pageNum := 0
  9183  //    err := client.ListGroupsPages(params,
  9184  //        func(page *iam.ListGroupsOutput, lastPage bool) bool {
  9185  //            pageNum++
  9186  //            fmt.Println(page)
  9187  //            return pageNum <= 3
  9188  //        })
  9189  //
  9190  func (c *IAM) ListGroupsPages(input *ListGroupsInput, fn func(*ListGroupsOutput, bool) bool) error {
  9191  	return c.ListGroupsPagesWithContext(aws.BackgroundContext(), input, fn)
  9192  }
  9193  
  9194  // ListGroupsPagesWithContext same as ListGroupsPages except
  9195  // it takes a Context and allows setting request options on the pages.
  9196  //
  9197  // The context must be non-nil and will be used for request cancellation. If
  9198  // the context is nil a panic will occur. In the future the SDK may create
  9199  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
  9200  // for more information on using Contexts.
  9201  func (c *IAM) ListGroupsPagesWithContext(ctx aws.Context, input *ListGroupsInput, fn func(*ListGroupsOutput, bool) bool, opts ...request.Option) error {
  9202  	p := request.Pagination{
  9203  		NewRequest: func() (*request.Request, error) {
  9204  			var inCpy *ListGroupsInput
  9205  			if input != nil {
  9206  				tmp := *input
  9207  				inCpy = &tmp
  9208  			}
  9209  			req, _ := c.ListGroupsRequest(inCpy)
  9210  			req.SetContext(ctx)
  9211  			req.ApplyOptions(opts...)
  9212  			return req, nil
  9213  		},
  9214  	}
  9215  
  9216  	for p.Next() {
  9217  		if !fn(p.Page().(*ListGroupsOutput), !p.HasNextPage()) {
  9218  			break
  9219  		}
  9220  	}
  9221  
  9222  	return p.Err()
  9223  }
  9224  
  9225  const opListGroupsForUser = "ListGroupsForUser"
  9226  
  9227  // ListGroupsForUserRequest generates a "aws/request.Request" representing the
  9228  // client's request for the ListGroupsForUser operation. The "output" return
  9229  // value will be populated with the request's response once the request completes
  9230  // successfully.
  9231  //
  9232  // Use "Send" method on the returned Request to send the API call to the service.
  9233  // the "output" return value is not valid until after Send returns without error.
  9234  //
  9235  // See ListGroupsForUser for more information on using the ListGroupsForUser
  9236  // API call, and error handling.
  9237  //
  9238  // This method is useful when you want to inject custom logic or configuration
  9239  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
  9240  //
  9241  //
  9242  //    // Example sending a request using the ListGroupsForUserRequest method.
  9243  //    req, resp := client.ListGroupsForUserRequest(params)
  9244  //
  9245  //    err := req.Send()
  9246  //    if err == nil { // resp is now filled
  9247  //        fmt.Println(resp)
  9248  //    }
  9249  //
  9250  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListGroupsForUser
  9251  func (c *IAM) ListGroupsForUserRequest(input *ListGroupsForUserInput) (req *request.Request, output *ListGroupsForUserOutput) {
  9252  	op := &request.Operation{
  9253  		Name:       opListGroupsForUser,
  9254  		HTTPMethod: "POST",
  9255  		HTTPPath:   "/",
  9256  		Paginator: &request.Paginator{
  9257  			InputTokens:     []string{"Marker"},
  9258  			OutputTokens:    []string{"Marker"},
  9259  			LimitToken:      "MaxItems",
  9260  			TruncationToken: "IsTruncated",
  9261  		},
  9262  	}
  9263  
  9264  	if input == nil {
  9265  		input = &ListGroupsForUserInput{}
  9266  	}
  9267  
  9268  	output = &ListGroupsForUserOutput{}
  9269  	req = c.newRequest(op, input, output)
  9270  	return
  9271  }
  9272  
  9273  // ListGroupsForUser API operation for AWS Identity and Access Management.
  9274  //
  9275  // Lists the IAM groups that the specified IAM user belongs to.
  9276  //
  9277  // You can paginate the results using the MaxItems and Marker parameters.
  9278  //
  9279  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
  9280  // with awserr.Error's Code and Message methods to get detailed information about
  9281  // the error.
  9282  //
  9283  // See the AWS API reference guide for AWS Identity and Access Management's
  9284  // API operation ListGroupsForUser for usage and error information.
  9285  //
  9286  // Returned Error Codes:
  9287  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
  9288  //   The request was rejected because it referenced a resource entity that does
  9289  //   not exist. The error message describes the resource.
  9290  //
  9291  //   * ErrCodeServiceFailureException "ServiceFailure"
  9292  //   The request processing has failed because of an unknown error, exception
  9293  //   or failure.
  9294  //
  9295  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListGroupsForUser
  9296  func (c *IAM) ListGroupsForUser(input *ListGroupsForUserInput) (*ListGroupsForUserOutput, error) {
  9297  	req, out := c.ListGroupsForUserRequest(input)
  9298  	return out, req.Send()
  9299  }
  9300  
  9301  // ListGroupsForUserWithContext is the same as ListGroupsForUser with the addition of
  9302  // the ability to pass a context and additional request options.
  9303  //
  9304  // See ListGroupsForUser for details on how to use this API operation.
  9305  //
  9306  // The context must be non-nil and will be used for request cancellation. If
  9307  // the context is nil a panic will occur. In the future the SDK may create
  9308  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
  9309  // for more information on using Contexts.
  9310  func (c *IAM) ListGroupsForUserWithContext(ctx aws.Context, input *ListGroupsForUserInput, opts ...request.Option) (*ListGroupsForUserOutput, error) {
  9311  	req, out := c.ListGroupsForUserRequest(input)
  9312  	req.SetContext(ctx)
  9313  	req.ApplyOptions(opts...)
  9314  	return out, req.Send()
  9315  }
  9316  
  9317  // ListGroupsForUserPages iterates over the pages of a ListGroupsForUser operation,
  9318  // calling the "fn" function with the response data for each page. To stop
  9319  // iterating, return false from the fn function.
  9320  //
  9321  // See ListGroupsForUser method for more information on how to use this operation.
  9322  //
  9323  // Note: This operation can generate multiple requests to a service.
  9324  //
  9325  //    // Example iterating over at most 3 pages of a ListGroupsForUser operation.
  9326  //    pageNum := 0
  9327  //    err := client.ListGroupsForUserPages(params,
  9328  //        func(page *iam.ListGroupsForUserOutput, lastPage bool) bool {
  9329  //            pageNum++
  9330  //            fmt.Println(page)
  9331  //            return pageNum <= 3
  9332  //        })
  9333  //
  9334  func (c *IAM) ListGroupsForUserPages(input *ListGroupsForUserInput, fn func(*ListGroupsForUserOutput, bool) bool) error {
  9335  	return c.ListGroupsForUserPagesWithContext(aws.BackgroundContext(), input, fn)
  9336  }
  9337  
  9338  // ListGroupsForUserPagesWithContext same as ListGroupsForUserPages except
  9339  // it takes a Context and allows setting request options on the pages.
  9340  //
  9341  // The context must be non-nil and will be used for request cancellation. If
  9342  // the context is nil a panic will occur. In the future the SDK may create
  9343  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
  9344  // for more information on using Contexts.
  9345  func (c *IAM) ListGroupsForUserPagesWithContext(ctx aws.Context, input *ListGroupsForUserInput, fn func(*ListGroupsForUserOutput, bool) bool, opts ...request.Option) error {
  9346  	p := request.Pagination{
  9347  		NewRequest: func() (*request.Request, error) {
  9348  			var inCpy *ListGroupsForUserInput
  9349  			if input != nil {
  9350  				tmp := *input
  9351  				inCpy = &tmp
  9352  			}
  9353  			req, _ := c.ListGroupsForUserRequest(inCpy)
  9354  			req.SetContext(ctx)
  9355  			req.ApplyOptions(opts...)
  9356  			return req, nil
  9357  		},
  9358  	}
  9359  
  9360  	for p.Next() {
  9361  		if !fn(p.Page().(*ListGroupsForUserOutput), !p.HasNextPage()) {
  9362  			break
  9363  		}
  9364  	}
  9365  
  9366  	return p.Err()
  9367  }
  9368  
  9369  const opListInstanceProfileTags = "ListInstanceProfileTags"
  9370  
  9371  // ListInstanceProfileTagsRequest generates a "aws/request.Request" representing the
  9372  // client's request for the ListInstanceProfileTags operation. The "output" return
  9373  // value will be populated with the request's response once the request completes
  9374  // successfully.
  9375  //
  9376  // Use "Send" method on the returned Request to send the API call to the service.
  9377  // the "output" return value is not valid until after Send returns without error.
  9378  //
  9379  // See ListInstanceProfileTags for more information on using the ListInstanceProfileTags
  9380  // API call, and error handling.
  9381  //
  9382  // This method is useful when you want to inject custom logic or configuration
  9383  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
  9384  //
  9385  //
  9386  //    // Example sending a request using the ListInstanceProfileTagsRequest method.
  9387  //    req, resp := client.ListInstanceProfileTagsRequest(params)
  9388  //
  9389  //    err := req.Send()
  9390  //    if err == nil { // resp is now filled
  9391  //        fmt.Println(resp)
  9392  //    }
  9393  //
  9394  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListInstanceProfileTags
  9395  func (c *IAM) ListInstanceProfileTagsRequest(input *ListInstanceProfileTagsInput) (req *request.Request, output *ListInstanceProfileTagsOutput) {
  9396  	op := &request.Operation{
  9397  		Name:       opListInstanceProfileTags,
  9398  		HTTPMethod: "POST",
  9399  		HTTPPath:   "/",
  9400  	}
  9401  
  9402  	if input == nil {
  9403  		input = &ListInstanceProfileTagsInput{}
  9404  	}
  9405  
  9406  	output = &ListInstanceProfileTagsOutput{}
  9407  	req = c.newRequest(op, input, output)
  9408  	return
  9409  }
  9410  
  9411  // ListInstanceProfileTags API operation for AWS Identity and Access Management.
  9412  //
  9413  // Lists the tags that are attached to the specified IAM instance profile. The
  9414  // returned list of tags is sorted by tag key. For more information about tagging,
  9415  // see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
  9416  // in the IAM User Guide.
  9417  //
  9418  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
  9419  // with awserr.Error's Code and Message methods to get detailed information about
  9420  // the error.
  9421  //
  9422  // See the AWS API reference guide for AWS Identity and Access Management's
  9423  // API operation ListInstanceProfileTags for usage and error information.
  9424  //
  9425  // Returned Error Codes:
  9426  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
  9427  //   The request was rejected because it referenced a resource entity that does
  9428  //   not exist. The error message describes the resource.
  9429  //
  9430  //   * ErrCodeServiceFailureException "ServiceFailure"
  9431  //   The request processing has failed because of an unknown error, exception
  9432  //   or failure.
  9433  //
  9434  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListInstanceProfileTags
  9435  func (c *IAM) ListInstanceProfileTags(input *ListInstanceProfileTagsInput) (*ListInstanceProfileTagsOutput, error) {
  9436  	req, out := c.ListInstanceProfileTagsRequest(input)
  9437  	return out, req.Send()
  9438  }
  9439  
  9440  // ListInstanceProfileTagsWithContext is the same as ListInstanceProfileTags with the addition of
  9441  // the ability to pass a context and additional request options.
  9442  //
  9443  // See ListInstanceProfileTags for details on how to use this API operation.
  9444  //
  9445  // The context must be non-nil and will be used for request cancellation. If
  9446  // the context is nil a panic will occur. In the future the SDK may create
  9447  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
  9448  // for more information on using Contexts.
  9449  func (c *IAM) ListInstanceProfileTagsWithContext(ctx aws.Context, input *ListInstanceProfileTagsInput, opts ...request.Option) (*ListInstanceProfileTagsOutput, error) {
  9450  	req, out := c.ListInstanceProfileTagsRequest(input)
  9451  	req.SetContext(ctx)
  9452  	req.ApplyOptions(opts...)
  9453  	return out, req.Send()
  9454  }
  9455  
  9456  const opListInstanceProfiles = "ListInstanceProfiles"
  9457  
  9458  // ListInstanceProfilesRequest generates a "aws/request.Request" representing the
  9459  // client's request for the ListInstanceProfiles operation. The "output" return
  9460  // value will be populated with the request's response once the request completes
  9461  // successfully.
  9462  //
  9463  // Use "Send" method on the returned Request to send the API call to the service.
  9464  // the "output" return value is not valid until after Send returns without error.
  9465  //
  9466  // See ListInstanceProfiles for more information on using the ListInstanceProfiles
  9467  // API call, and error handling.
  9468  //
  9469  // This method is useful when you want to inject custom logic or configuration
  9470  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
  9471  //
  9472  //
  9473  //    // Example sending a request using the ListInstanceProfilesRequest method.
  9474  //    req, resp := client.ListInstanceProfilesRequest(params)
  9475  //
  9476  //    err := req.Send()
  9477  //    if err == nil { // resp is now filled
  9478  //        fmt.Println(resp)
  9479  //    }
  9480  //
  9481  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListInstanceProfiles
  9482  func (c *IAM) ListInstanceProfilesRequest(input *ListInstanceProfilesInput) (req *request.Request, output *ListInstanceProfilesOutput) {
  9483  	op := &request.Operation{
  9484  		Name:       opListInstanceProfiles,
  9485  		HTTPMethod: "POST",
  9486  		HTTPPath:   "/",
  9487  		Paginator: &request.Paginator{
  9488  			InputTokens:     []string{"Marker"},
  9489  			OutputTokens:    []string{"Marker"},
  9490  			LimitToken:      "MaxItems",
  9491  			TruncationToken: "IsTruncated",
  9492  		},
  9493  	}
  9494  
  9495  	if input == nil {
  9496  		input = &ListInstanceProfilesInput{}
  9497  	}
  9498  
  9499  	output = &ListInstanceProfilesOutput{}
  9500  	req = c.newRequest(op, input, output)
  9501  	return
  9502  }
  9503  
  9504  // ListInstanceProfiles API operation for AWS Identity and Access Management.
  9505  //
  9506  // Lists the instance profiles that have the specified path prefix. If there
  9507  // are none, the operation returns an empty list. For more information about
  9508  // instance profiles, see About instance profiles (https://docs.aws.amazon.com/IAM/latest/UserGuide/AboutInstanceProfiles.html).
  9509  //
  9510  // IAM resource-listing operations return a subset of the available attributes
  9511  // for the resource. For example, this operation does not return tags, even
  9512  // though they are an attribute of the returned object. To view all of the information
  9513  // for an instance profile, see GetInstanceProfile.
  9514  //
  9515  // You can paginate the results using the MaxItems and Marker parameters.
  9516  //
  9517  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
  9518  // with awserr.Error's Code and Message methods to get detailed information about
  9519  // the error.
  9520  //
  9521  // See the AWS API reference guide for AWS Identity and Access Management's
  9522  // API operation ListInstanceProfiles for usage and error information.
  9523  //
  9524  // Returned Error Codes:
  9525  //   * ErrCodeServiceFailureException "ServiceFailure"
  9526  //   The request processing has failed because of an unknown error, exception
  9527  //   or failure.
  9528  //
  9529  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListInstanceProfiles
  9530  func (c *IAM) ListInstanceProfiles(input *ListInstanceProfilesInput) (*ListInstanceProfilesOutput, error) {
  9531  	req, out := c.ListInstanceProfilesRequest(input)
  9532  	return out, req.Send()
  9533  }
  9534  
  9535  // ListInstanceProfilesWithContext is the same as ListInstanceProfiles with the addition of
  9536  // the ability to pass a context and additional request options.
  9537  //
  9538  // See ListInstanceProfiles for details on how to use this API operation.
  9539  //
  9540  // The context must be non-nil and will be used for request cancellation. If
  9541  // the context is nil a panic will occur. In the future the SDK may create
  9542  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
  9543  // for more information on using Contexts.
  9544  func (c *IAM) ListInstanceProfilesWithContext(ctx aws.Context, input *ListInstanceProfilesInput, opts ...request.Option) (*ListInstanceProfilesOutput, error) {
  9545  	req, out := c.ListInstanceProfilesRequest(input)
  9546  	req.SetContext(ctx)
  9547  	req.ApplyOptions(opts...)
  9548  	return out, req.Send()
  9549  }
  9550  
  9551  // ListInstanceProfilesPages iterates over the pages of a ListInstanceProfiles operation,
  9552  // calling the "fn" function with the response data for each page. To stop
  9553  // iterating, return false from the fn function.
  9554  //
  9555  // See ListInstanceProfiles method for more information on how to use this operation.
  9556  //
  9557  // Note: This operation can generate multiple requests to a service.
  9558  //
  9559  //    // Example iterating over at most 3 pages of a ListInstanceProfiles operation.
  9560  //    pageNum := 0
  9561  //    err := client.ListInstanceProfilesPages(params,
  9562  //        func(page *iam.ListInstanceProfilesOutput, lastPage bool) bool {
  9563  //            pageNum++
  9564  //            fmt.Println(page)
  9565  //            return pageNum <= 3
  9566  //        })
  9567  //
  9568  func (c *IAM) ListInstanceProfilesPages(input *ListInstanceProfilesInput, fn func(*ListInstanceProfilesOutput, bool) bool) error {
  9569  	return c.ListInstanceProfilesPagesWithContext(aws.BackgroundContext(), input, fn)
  9570  }
  9571  
  9572  // ListInstanceProfilesPagesWithContext same as ListInstanceProfilesPages except
  9573  // it takes a Context and allows setting request options on the pages.
  9574  //
  9575  // The context must be non-nil and will be used for request cancellation. If
  9576  // the context is nil a panic will occur. In the future the SDK may create
  9577  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
  9578  // for more information on using Contexts.
  9579  func (c *IAM) ListInstanceProfilesPagesWithContext(ctx aws.Context, input *ListInstanceProfilesInput, fn func(*ListInstanceProfilesOutput, bool) bool, opts ...request.Option) error {
  9580  	p := request.Pagination{
  9581  		NewRequest: func() (*request.Request, error) {
  9582  			var inCpy *ListInstanceProfilesInput
  9583  			if input != nil {
  9584  				tmp := *input
  9585  				inCpy = &tmp
  9586  			}
  9587  			req, _ := c.ListInstanceProfilesRequest(inCpy)
  9588  			req.SetContext(ctx)
  9589  			req.ApplyOptions(opts...)
  9590  			return req, nil
  9591  		},
  9592  	}
  9593  
  9594  	for p.Next() {
  9595  		if !fn(p.Page().(*ListInstanceProfilesOutput), !p.HasNextPage()) {
  9596  			break
  9597  		}
  9598  	}
  9599  
  9600  	return p.Err()
  9601  }
  9602  
  9603  const opListInstanceProfilesForRole = "ListInstanceProfilesForRole"
  9604  
  9605  // ListInstanceProfilesForRoleRequest generates a "aws/request.Request" representing the
  9606  // client's request for the ListInstanceProfilesForRole operation. The "output" return
  9607  // value will be populated with the request's response once the request completes
  9608  // successfully.
  9609  //
  9610  // Use "Send" method on the returned Request to send the API call to the service.
  9611  // the "output" return value is not valid until after Send returns without error.
  9612  //
  9613  // See ListInstanceProfilesForRole for more information on using the ListInstanceProfilesForRole
  9614  // API call, and error handling.
  9615  //
  9616  // This method is useful when you want to inject custom logic or configuration
  9617  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
  9618  //
  9619  //
  9620  //    // Example sending a request using the ListInstanceProfilesForRoleRequest method.
  9621  //    req, resp := client.ListInstanceProfilesForRoleRequest(params)
  9622  //
  9623  //    err := req.Send()
  9624  //    if err == nil { // resp is now filled
  9625  //        fmt.Println(resp)
  9626  //    }
  9627  //
  9628  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListInstanceProfilesForRole
  9629  func (c *IAM) ListInstanceProfilesForRoleRequest(input *ListInstanceProfilesForRoleInput) (req *request.Request, output *ListInstanceProfilesForRoleOutput) {
  9630  	op := &request.Operation{
  9631  		Name:       opListInstanceProfilesForRole,
  9632  		HTTPMethod: "POST",
  9633  		HTTPPath:   "/",
  9634  		Paginator: &request.Paginator{
  9635  			InputTokens:     []string{"Marker"},
  9636  			OutputTokens:    []string{"Marker"},
  9637  			LimitToken:      "MaxItems",
  9638  			TruncationToken: "IsTruncated",
  9639  		},
  9640  	}
  9641  
  9642  	if input == nil {
  9643  		input = &ListInstanceProfilesForRoleInput{}
  9644  	}
  9645  
  9646  	output = &ListInstanceProfilesForRoleOutput{}
  9647  	req = c.newRequest(op, input, output)
  9648  	return
  9649  }
  9650  
  9651  // ListInstanceProfilesForRole API operation for AWS Identity and Access Management.
  9652  //
  9653  // Lists the instance profiles that have the specified associated IAM role.
  9654  // If there are none, the operation returns an empty list. For more information
  9655  // about instance profiles, go to About instance profiles (https://docs.aws.amazon.com/IAM/latest/UserGuide/AboutInstanceProfiles.html).
  9656  //
  9657  // You can paginate the results using the MaxItems and Marker parameters.
  9658  //
  9659  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
  9660  // with awserr.Error's Code and Message methods to get detailed information about
  9661  // the error.
  9662  //
  9663  // See the AWS API reference guide for AWS Identity and Access Management's
  9664  // API operation ListInstanceProfilesForRole for usage and error information.
  9665  //
  9666  // Returned Error Codes:
  9667  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
  9668  //   The request was rejected because it referenced a resource entity that does
  9669  //   not exist. The error message describes the resource.
  9670  //
  9671  //   * ErrCodeServiceFailureException "ServiceFailure"
  9672  //   The request processing has failed because of an unknown error, exception
  9673  //   or failure.
  9674  //
  9675  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListInstanceProfilesForRole
  9676  func (c *IAM) ListInstanceProfilesForRole(input *ListInstanceProfilesForRoleInput) (*ListInstanceProfilesForRoleOutput, error) {
  9677  	req, out := c.ListInstanceProfilesForRoleRequest(input)
  9678  	return out, req.Send()
  9679  }
  9680  
  9681  // ListInstanceProfilesForRoleWithContext is the same as ListInstanceProfilesForRole with the addition of
  9682  // the ability to pass a context and additional request options.
  9683  //
  9684  // See ListInstanceProfilesForRole for details on how to use this API operation.
  9685  //
  9686  // The context must be non-nil and will be used for request cancellation. If
  9687  // the context is nil a panic will occur. In the future the SDK may create
  9688  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
  9689  // for more information on using Contexts.
  9690  func (c *IAM) ListInstanceProfilesForRoleWithContext(ctx aws.Context, input *ListInstanceProfilesForRoleInput, opts ...request.Option) (*ListInstanceProfilesForRoleOutput, error) {
  9691  	req, out := c.ListInstanceProfilesForRoleRequest(input)
  9692  	req.SetContext(ctx)
  9693  	req.ApplyOptions(opts...)
  9694  	return out, req.Send()
  9695  }
  9696  
  9697  // ListInstanceProfilesForRolePages iterates over the pages of a ListInstanceProfilesForRole operation,
  9698  // calling the "fn" function with the response data for each page. To stop
  9699  // iterating, return false from the fn function.
  9700  //
  9701  // See ListInstanceProfilesForRole method for more information on how to use this operation.
  9702  //
  9703  // Note: This operation can generate multiple requests to a service.
  9704  //
  9705  //    // Example iterating over at most 3 pages of a ListInstanceProfilesForRole operation.
  9706  //    pageNum := 0
  9707  //    err := client.ListInstanceProfilesForRolePages(params,
  9708  //        func(page *iam.ListInstanceProfilesForRoleOutput, lastPage bool) bool {
  9709  //            pageNum++
  9710  //            fmt.Println(page)
  9711  //            return pageNum <= 3
  9712  //        })
  9713  //
  9714  func (c *IAM) ListInstanceProfilesForRolePages(input *ListInstanceProfilesForRoleInput, fn func(*ListInstanceProfilesForRoleOutput, bool) bool) error {
  9715  	return c.ListInstanceProfilesForRolePagesWithContext(aws.BackgroundContext(), input, fn)
  9716  }
  9717  
  9718  // ListInstanceProfilesForRolePagesWithContext same as ListInstanceProfilesForRolePages except
  9719  // it takes a Context and allows setting request options on the pages.
  9720  //
  9721  // The context must be non-nil and will be used for request cancellation. If
  9722  // the context is nil a panic will occur. In the future the SDK may create
  9723  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
  9724  // for more information on using Contexts.
  9725  func (c *IAM) ListInstanceProfilesForRolePagesWithContext(ctx aws.Context, input *ListInstanceProfilesForRoleInput, fn func(*ListInstanceProfilesForRoleOutput, bool) bool, opts ...request.Option) error {
  9726  	p := request.Pagination{
  9727  		NewRequest: func() (*request.Request, error) {
  9728  			var inCpy *ListInstanceProfilesForRoleInput
  9729  			if input != nil {
  9730  				tmp := *input
  9731  				inCpy = &tmp
  9732  			}
  9733  			req, _ := c.ListInstanceProfilesForRoleRequest(inCpy)
  9734  			req.SetContext(ctx)
  9735  			req.ApplyOptions(opts...)
  9736  			return req, nil
  9737  		},
  9738  	}
  9739  
  9740  	for p.Next() {
  9741  		if !fn(p.Page().(*ListInstanceProfilesForRoleOutput), !p.HasNextPage()) {
  9742  			break
  9743  		}
  9744  	}
  9745  
  9746  	return p.Err()
  9747  }
  9748  
  9749  const opListMFADeviceTags = "ListMFADeviceTags"
  9750  
  9751  // ListMFADeviceTagsRequest generates a "aws/request.Request" representing the
  9752  // client's request for the ListMFADeviceTags operation. The "output" return
  9753  // value will be populated with the request's response once the request completes
  9754  // successfully.
  9755  //
  9756  // Use "Send" method on the returned Request to send the API call to the service.
  9757  // the "output" return value is not valid until after Send returns without error.
  9758  //
  9759  // See ListMFADeviceTags for more information on using the ListMFADeviceTags
  9760  // API call, and error handling.
  9761  //
  9762  // This method is useful when you want to inject custom logic or configuration
  9763  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
  9764  //
  9765  //
  9766  //    // Example sending a request using the ListMFADeviceTagsRequest method.
  9767  //    req, resp := client.ListMFADeviceTagsRequest(params)
  9768  //
  9769  //    err := req.Send()
  9770  //    if err == nil { // resp is now filled
  9771  //        fmt.Println(resp)
  9772  //    }
  9773  //
  9774  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListMFADeviceTags
  9775  func (c *IAM) ListMFADeviceTagsRequest(input *ListMFADeviceTagsInput) (req *request.Request, output *ListMFADeviceTagsOutput) {
  9776  	op := &request.Operation{
  9777  		Name:       opListMFADeviceTags,
  9778  		HTTPMethod: "POST",
  9779  		HTTPPath:   "/",
  9780  	}
  9781  
  9782  	if input == nil {
  9783  		input = &ListMFADeviceTagsInput{}
  9784  	}
  9785  
  9786  	output = &ListMFADeviceTagsOutput{}
  9787  	req = c.newRequest(op, input, output)
  9788  	return
  9789  }
  9790  
  9791  // ListMFADeviceTags API operation for AWS Identity and Access Management.
  9792  //
  9793  // Lists the tags that are attached to the specified IAM virtual multi-factor
  9794  // authentication (MFA) device. The returned list of tags is sorted by tag key.
  9795  // For more information about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
  9796  // in the IAM User Guide.
  9797  //
  9798  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
  9799  // with awserr.Error's Code and Message methods to get detailed information about
  9800  // the error.
  9801  //
  9802  // See the AWS API reference guide for AWS Identity and Access Management's
  9803  // API operation ListMFADeviceTags for usage and error information.
  9804  //
  9805  // Returned Error Codes:
  9806  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
  9807  //   The request was rejected because it referenced a resource entity that does
  9808  //   not exist. The error message describes the resource.
  9809  //
  9810  //   * ErrCodeInvalidInputException "InvalidInput"
  9811  //   The request was rejected because an invalid or out-of-range value was supplied
  9812  //   for an input parameter.
  9813  //
  9814  //   * ErrCodeServiceFailureException "ServiceFailure"
  9815  //   The request processing has failed because of an unknown error, exception
  9816  //   or failure.
  9817  //
  9818  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListMFADeviceTags
  9819  func (c *IAM) ListMFADeviceTags(input *ListMFADeviceTagsInput) (*ListMFADeviceTagsOutput, error) {
  9820  	req, out := c.ListMFADeviceTagsRequest(input)
  9821  	return out, req.Send()
  9822  }
  9823  
  9824  // ListMFADeviceTagsWithContext is the same as ListMFADeviceTags with the addition of
  9825  // the ability to pass a context and additional request options.
  9826  //
  9827  // See ListMFADeviceTags for details on how to use this API operation.
  9828  //
  9829  // The context must be non-nil and will be used for request cancellation. If
  9830  // the context is nil a panic will occur. In the future the SDK may create
  9831  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
  9832  // for more information on using Contexts.
  9833  func (c *IAM) ListMFADeviceTagsWithContext(ctx aws.Context, input *ListMFADeviceTagsInput, opts ...request.Option) (*ListMFADeviceTagsOutput, error) {
  9834  	req, out := c.ListMFADeviceTagsRequest(input)
  9835  	req.SetContext(ctx)
  9836  	req.ApplyOptions(opts...)
  9837  	return out, req.Send()
  9838  }
  9839  
  9840  const opListMFADevices = "ListMFADevices"
  9841  
  9842  // ListMFADevicesRequest generates a "aws/request.Request" representing the
  9843  // client's request for the ListMFADevices operation. The "output" return
  9844  // value will be populated with the request's response once the request completes
  9845  // successfully.
  9846  //
  9847  // Use "Send" method on the returned Request to send the API call to the service.
  9848  // the "output" return value is not valid until after Send returns without error.
  9849  //
  9850  // See ListMFADevices for more information on using the ListMFADevices
  9851  // API call, and error handling.
  9852  //
  9853  // This method is useful when you want to inject custom logic or configuration
  9854  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
  9855  //
  9856  //
  9857  //    // Example sending a request using the ListMFADevicesRequest method.
  9858  //    req, resp := client.ListMFADevicesRequest(params)
  9859  //
  9860  //    err := req.Send()
  9861  //    if err == nil { // resp is now filled
  9862  //        fmt.Println(resp)
  9863  //    }
  9864  //
  9865  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListMFADevices
  9866  func (c *IAM) ListMFADevicesRequest(input *ListMFADevicesInput) (req *request.Request, output *ListMFADevicesOutput) {
  9867  	op := &request.Operation{
  9868  		Name:       opListMFADevices,
  9869  		HTTPMethod: "POST",
  9870  		HTTPPath:   "/",
  9871  		Paginator: &request.Paginator{
  9872  			InputTokens:     []string{"Marker"},
  9873  			OutputTokens:    []string{"Marker"},
  9874  			LimitToken:      "MaxItems",
  9875  			TruncationToken: "IsTruncated",
  9876  		},
  9877  	}
  9878  
  9879  	if input == nil {
  9880  		input = &ListMFADevicesInput{}
  9881  	}
  9882  
  9883  	output = &ListMFADevicesOutput{}
  9884  	req = c.newRequest(op, input, output)
  9885  	return
  9886  }
  9887  
  9888  // ListMFADevices API operation for AWS Identity and Access Management.
  9889  //
  9890  // Lists the MFA devices for an IAM user. If the request includes a IAM user
  9891  // name, then this operation lists all the MFA devices associated with the specified
  9892  // user. If you do not specify a user name, IAM determines the user name implicitly
  9893  // based on the Amazon Web Services access key ID signing the request for this
  9894  // operation.
  9895  //
  9896  // You can paginate the results using the MaxItems and Marker parameters.
  9897  //
  9898  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
  9899  // with awserr.Error's Code and Message methods to get detailed information about
  9900  // the error.
  9901  //
  9902  // See the AWS API reference guide for AWS Identity and Access Management's
  9903  // API operation ListMFADevices for usage and error information.
  9904  //
  9905  // Returned Error Codes:
  9906  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
  9907  //   The request was rejected because it referenced a resource entity that does
  9908  //   not exist. The error message describes the resource.
  9909  //
  9910  //   * ErrCodeServiceFailureException "ServiceFailure"
  9911  //   The request processing has failed because of an unknown error, exception
  9912  //   or failure.
  9913  //
  9914  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListMFADevices
  9915  func (c *IAM) ListMFADevices(input *ListMFADevicesInput) (*ListMFADevicesOutput, error) {
  9916  	req, out := c.ListMFADevicesRequest(input)
  9917  	return out, req.Send()
  9918  }
  9919  
  9920  // ListMFADevicesWithContext is the same as ListMFADevices with the addition of
  9921  // the ability to pass a context and additional request options.
  9922  //
  9923  // See ListMFADevices for details on how to use this API operation.
  9924  //
  9925  // The context must be non-nil and will be used for request cancellation. If
  9926  // the context is nil a panic will occur. In the future the SDK may create
  9927  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
  9928  // for more information on using Contexts.
  9929  func (c *IAM) ListMFADevicesWithContext(ctx aws.Context, input *ListMFADevicesInput, opts ...request.Option) (*ListMFADevicesOutput, error) {
  9930  	req, out := c.ListMFADevicesRequest(input)
  9931  	req.SetContext(ctx)
  9932  	req.ApplyOptions(opts...)
  9933  	return out, req.Send()
  9934  }
  9935  
  9936  // ListMFADevicesPages iterates over the pages of a ListMFADevices operation,
  9937  // calling the "fn" function with the response data for each page. To stop
  9938  // iterating, return false from the fn function.
  9939  //
  9940  // See ListMFADevices method for more information on how to use this operation.
  9941  //
  9942  // Note: This operation can generate multiple requests to a service.
  9943  //
  9944  //    // Example iterating over at most 3 pages of a ListMFADevices operation.
  9945  //    pageNum := 0
  9946  //    err := client.ListMFADevicesPages(params,
  9947  //        func(page *iam.ListMFADevicesOutput, lastPage bool) bool {
  9948  //            pageNum++
  9949  //            fmt.Println(page)
  9950  //            return pageNum <= 3
  9951  //        })
  9952  //
  9953  func (c *IAM) ListMFADevicesPages(input *ListMFADevicesInput, fn func(*ListMFADevicesOutput, bool) bool) error {
  9954  	return c.ListMFADevicesPagesWithContext(aws.BackgroundContext(), input, fn)
  9955  }
  9956  
  9957  // ListMFADevicesPagesWithContext same as ListMFADevicesPages except
  9958  // it takes a Context and allows setting request options on the pages.
  9959  //
  9960  // The context must be non-nil and will be used for request cancellation. If
  9961  // the context is nil a panic will occur. In the future the SDK may create
  9962  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
  9963  // for more information on using Contexts.
  9964  func (c *IAM) ListMFADevicesPagesWithContext(ctx aws.Context, input *ListMFADevicesInput, fn func(*ListMFADevicesOutput, bool) bool, opts ...request.Option) error {
  9965  	p := request.Pagination{
  9966  		NewRequest: func() (*request.Request, error) {
  9967  			var inCpy *ListMFADevicesInput
  9968  			if input != nil {
  9969  				tmp := *input
  9970  				inCpy = &tmp
  9971  			}
  9972  			req, _ := c.ListMFADevicesRequest(inCpy)
  9973  			req.SetContext(ctx)
  9974  			req.ApplyOptions(opts...)
  9975  			return req, nil
  9976  		},
  9977  	}
  9978  
  9979  	for p.Next() {
  9980  		if !fn(p.Page().(*ListMFADevicesOutput), !p.HasNextPage()) {
  9981  			break
  9982  		}
  9983  	}
  9984  
  9985  	return p.Err()
  9986  }
  9987  
  9988  const opListOpenIDConnectProviderTags = "ListOpenIDConnectProviderTags"
  9989  
  9990  // ListOpenIDConnectProviderTagsRequest generates a "aws/request.Request" representing the
  9991  // client's request for the ListOpenIDConnectProviderTags operation. The "output" return
  9992  // value will be populated with the request's response once the request completes
  9993  // successfully.
  9994  //
  9995  // Use "Send" method on the returned Request to send the API call to the service.
  9996  // the "output" return value is not valid until after Send returns without error.
  9997  //
  9998  // See ListOpenIDConnectProviderTags for more information on using the ListOpenIDConnectProviderTags
  9999  // API call, and error handling.
 10000  //
 10001  // This method is useful when you want to inject custom logic or configuration
 10002  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
 10003  //
 10004  //
 10005  //    // Example sending a request using the ListOpenIDConnectProviderTagsRequest method.
 10006  //    req, resp := client.ListOpenIDConnectProviderTagsRequest(params)
 10007  //
 10008  //    err := req.Send()
 10009  //    if err == nil { // resp is now filled
 10010  //        fmt.Println(resp)
 10011  //    }
 10012  //
 10013  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListOpenIDConnectProviderTags
 10014  func (c *IAM) ListOpenIDConnectProviderTagsRequest(input *ListOpenIDConnectProviderTagsInput) (req *request.Request, output *ListOpenIDConnectProviderTagsOutput) {
 10015  	op := &request.Operation{
 10016  		Name:       opListOpenIDConnectProviderTags,
 10017  		HTTPMethod: "POST",
 10018  		HTTPPath:   "/",
 10019  	}
 10020  
 10021  	if input == nil {
 10022  		input = &ListOpenIDConnectProviderTagsInput{}
 10023  	}
 10024  
 10025  	output = &ListOpenIDConnectProviderTagsOutput{}
 10026  	req = c.newRequest(op, input, output)
 10027  	return
 10028  }
 10029  
 10030  // ListOpenIDConnectProviderTags API operation for AWS Identity and Access Management.
 10031  //
 10032  // Lists the tags that are attached to the specified OpenID Connect (OIDC)-compatible
 10033  // identity provider. The returned list of tags is sorted by tag key. For more
 10034  // information, see About web identity federation (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_oidc.html).
 10035  //
 10036  // For more information about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
 10037  // in the IAM User Guide.
 10038  //
 10039  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 10040  // with awserr.Error's Code and Message methods to get detailed information about
 10041  // the error.
 10042  //
 10043  // See the AWS API reference guide for AWS Identity and Access Management's
 10044  // API operation ListOpenIDConnectProviderTags for usage and error information.
 10045  //
 10046  // Returned Error Codes:
 10047  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
 10048  //   The request was rejected because it referenced a resource entity that does
 10049  //   not exist. The error message describes the resource.
 10050  //
 10051  //   * ErrCodeServiceFailureException "ServiceFailure"
 10052  //   The request processing has failed because of an unknown error, exception
 10053  //   or failure.
 10054  //
 10055  //   * ErrCodeInvalidInputException "InvalidInput"
 10056  //   The request was rejected because an invalid or out-of-range value was supplied
 10057  //   for an input parameter.
 10058  //
 10059  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListOpenIDConnectProviderTags
 10060  func (c *IAM) ListOpenIDConnectProviderTags(input *ListOpenIDConnectProviderTagsInput) (*ListOpenIDConnectProviderTagsOutput, error) {
 10061  	req, out := c.ListOpenIDConnectProviderTagsRequest(input)
 10062  	return out, req.Send()
 10063  }
 10064  
 10065  // ListOpenIDConnectProviderTagsWithContext is the same as ListOpenIDConnectProviderTags with the addition of
 10066  // the ability to pass a context and additional request options.
 10067  //
 10068  // See ListOpenIDConnectProviderTags for details on how to use this API operation.
 10069  //
 10070  // The context must be non-nil and will be used for request cancellation. If
 10071  // the context is nil a panic will occur. In the future the SDK may create
 10072  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 10073  // for more information on using Contexts.
 10074  func (c *IAM) ListOpenIDConnectProviderTagsWithContext(ctx aws.Context, input *ListOpenIDConnectProviderTagsInput, opts ...request.Option) (*ListOpenIDConnectProviderTagsOutput, error) {
 10075  	req, out := c.ListOpenIDConnectProviderTagsRequest(input)
 10076  	req.SetContext(ctx)
 10077  	req.ApplyOptions(opts...)
 10078  	return out, req.Send()
 10079  }
 10080  
 10081  const opListOpenIDConnectProviders = "ListOpenIDConnectProviders"
 10082  
 10083  // ListOpenIDConnectProvidersRequest generates a "aws/request.Request" representing the
 10084  // client's request for the ListOpenIDConnectProviders operation. The "output" return
 10085  // value will be populated with the request's response once the request completes
 10086  // successfully.
 10087  //
 10088  // Use "Send" method on the returned Request to send the API call to the service.
 10089  // the "output" return value is not valid until after Send returns without error.
 10090  //
 10091  // See ListOpenIDConnectProviders for more information on using the ListOpenIDConnectProviders
 10092  // API call, and error handling.
 10093  //
 10094  // This method is useful when you want to inject custom logic or configuration
 10095  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
 10096  //
 10097  //
 10098  //    // Example sending a request using the ListOpenIDConnectProvidersRequest method.
 10099  //    req, resp := client.ListOpenIDConnectProvidersRequest(params)
 10100  //
 10101  //    err := req.Send()
 10102  //    if err == nil { // resp is now filled
 10103  //        fmt.Println(resp)
 10104  //    }
 10105  //
 10106  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListOpenIDConnectProviders
 10107  func (c *IAM) ListOpenIDConnectProvidersRequest(input *ListOpenIDConnectProvidersInput) (req *request.Request, output *ListOpenIDConnectProvidersOutput) {
 10108  	op := &request.Operation{
 10109  		Name:       opListOpenIDConnectProviders,
 10110  		HTTPMethod: "POST",
 10111  		HTTPPath:   "/",
 10112  	}
 10113  
 10114  	if input == nil {
 10115  		input = &ListOpenIDConnectProvidersInput{}
 10116  	}
 10117  
 10118  	output = &ListOpenIDConnectProvidersOutput{}
 10119  	req = c.newRequest(op, input, output)
 10120  	return
 10121  }
 10122  
 10123  // ListOpenIDConnectProviders API operation for AWS Identity and Access Management.
 10124  //
 10125  // Lists information about the IAM OpenID Connect (OIDC) provider resource objects
 10126  // defined in the Amazon Web Services account.
 10127  //
 10128  // IAM resource-listing operations return a subset of the available attributes
 10129  // for the resource. For example, this operation does not return tags, even
 10130  // though they are an attribute of the returned object. To view all of the information
 10131  // for an OIDC provider, see GetOpenIDConnectProvider.
 10132  //
 10133  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 10134  // with awserr.Error's Code and Message methods to get detailed information about
 10135  // the error.
 10136  //
 10137  // See the AWS API reference guide for AWS Identity and Access Management's
 10138  // API operation ListOpenIDConnectProviders for usage and error information.
 10139  //
 10140  // Returned Error Codes:
 10141  //   * ErrCodeServiceFailureException "ServiceFailure"
 10142  //   The request processing has failed because of an unknown error, exception
 10143  //   or failure.
 10144  //
 10145  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListOpenIDConnectProviders
 10146  func (c *IAM) ListOpenIDConnectProviders(input *ListOpenIDConnectProvidersInput) (*ListOpenIDConnectProvidersOutput, error) {
 10147  	req, out := c.ListOpenIDConnectProvidersRequest(input)
 10148  	return out, req.Send()
 10149  }
 10150  
 10151  // ListOpenIDConnectProvidersWithContext is the same as ListOpenIDConnectProviders with the addition of
 10152  // the ability to pass a context and additional request options.
 10153  //
 10154  // See ListOpenIDConnectProviders for details on how to use this API operation.
 10155  //
 10156  // The context must be non-nil and will be used for request cancellation. If
 10157  // the context is nil a panic will occur. In the future the SDK may create
 10158  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 10159  // for more information on using Contexts.
 10160  func (c *IAM) ListOpenIDConnectProvidersWithContext(ctx aws.Context, input *ListOpenIDConnectProvidersInput, opts ...request.Option) (*ListOpenIDConnectProvidersOutput, error) {
 10161  	req, out := c.ListOpenIDConnectProvidersRequest(input)
 10162  	req.SetContext(ctx)
 10163  	req.ApplyOptions(opts...)
 10164  	return out, req.Send()
 10165  }
 10166  
 10167  const opListPolicies = "ListPolicies"
 10168  
 10169  // ListPoliciesRequest generates a "aws/request.Request" representing the
 10170  // client's request for the ListPolicies operation. The "output" return
 10171  // value will be populated with the request's response once the request completes
 10172  // successfully.
 10173  //
 10174  // Use "Send" method on the returned Request to send the API call to the service.
 10175  // the "output" return value is not valid until after Send returns without error.
 10176  //
 10177  // See ListPolicies for more information on using the ListPolicies
 10178  // API call, and error handling.
 10179  //
 10180  // This method is useful when you want to inject custom logic or configuration
 10181  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
 10182  //
 10183  //
 10184  //    // Example sending a request using the ListPoliciesRequest method.
 10185  //    req, resp := client.ListPoliciesRequest(params)
 10186  //
 10187  //    err := req.Send()
 10188  //    if err == nil { // resp is now filled
 10189  //        fmt.Println(resp)
 10190  //    }
 10191  //
 10192  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListPolicies
 10193  func (c *IAM) ListPoliciesRequest(input *ListPoliciesInput) (req *request.Request, output *ListPoliciesOutput) {
 10194  	op := &request.Operation{
 10195  		Name:       opListPolicies,
 10196  		HTTPMethod: "POST",
 10197  		HTTPPath:   "/",
 10198  		Paginator: &request.Paginator{
 10199  			InputTokens:     []string{"Marker"},
 10200  			OutputTokens:    []string{"Marker"},
 10201  			LimitToken:      "MaxItems",
 10202  			TruncationToken: "IsTruncated",
 10203  		},
 10204  	}
 10205  
 10206  	if input == nil {
 10207  		input = &ListPoliciesInput{}
 10208  	}
 10209  
 10210  	output = &ListPoliciesOutput{}
 10211  	req = c.newRequest(op, input, output)
 10212  	return
 10213  }
 10214  
 10215  // ListPolicies API operation for AWS Identity and Access Management.
 10216  //
 10217  // Lists all the managed policies that are available in your Amazon Web Services
 10218  // account, including your own customer-defined managed policies and all Amazon
 10219  // Web Services managed policies.
 10220  //
 10221  // You can filter the list of policies that is returned using the optional OnlyAttached,
 10222  // Scope, and PathPrefix parameters. For example, to list only the customer
 10223  // managed policies in your Amazon Web Services account, set Scope to Local.
 10224  // To list only Amazon Web Services managed policies, set Scope to AWS.
 10225  //
 10226  // You can paginate the results using the MaxItems and Marker parameters.
 10227  //
 10228  // For more information about managed policies, see Managed policies and inline
 10229  // policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
 10230  // in the IAM User Guide.
 10231  //
 10232  // IAM resource-listing operations return a subset of the available attributes
 10233  // for the resource. For example, this operation does not return tags, even
 10234  // though they are an attribute of the returned object. To view all of the information
 10235  // for a customer manged policy, see GetPolicy.
 10236  //
 10237  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 10238  // with awserr.Error's Code and Message methods to get detailed information about
 10239  // the error.
 10240  //
 10241  // See the AWS API reference guide for AWS Identity and Access Management's
 10242  // API operation ListPolicies for usage and error information.
 10243  //
 10244  // Returned Error Codes:
 10245  //   * ErrCodeServiceFailureException "ServiceFailure"
 10246  //   The request processing has failed because of an unknown error, exception
 10247  //   or failure.
 10248  //
 10249  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListPolicies
 10250  func (c *IAM) ListPolicies(input *ListPoliciesInput) (*ListPoliciesOutput, error) {
 10251  	req, out := c.ListPoliciesRequest(input)
 10252  	return out, req.Send()
 10253  }
 10254  
 10255  // ListPoliciesWithContext is the same as ListPolicies with the addition of
 10256  // the ability to pass a context and additional request options.
 10257  //
 10258  // See ListPolicies for details on how to use this API operation.
 10259  //
 10260  // The context must be non-nil and will be used for request cancellation. If
 10261  // the context is nil a panic will occur. In the future the SDK may create
 10262  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 10263  // for more information on using Contexts.
 10264  func (c *IAM) ListPoliciesWithContext(ctx aws.Context, input *ListPoliciesInput, opts ...request.Option) (*ListPoliciesOutput, error) {
 10265  	req, out := c.ListPoliciesRequest(input)
 10266  	req.SetContext(ctx)
 10267  	req.ApplyOptions(opts...)
 10268  	return out, req.Send()
 10269  }
 10270  
 10271  // ListPoliciesPages iterates over the pages of a ListPolicies operation,
 10272  // calling the "fn" function with the response data for each page. To stop
 10273  // iterating, return false from the fn function.
 10274  //
 10275  // See ListPolicies method for more information on how to use this operation.
 10276  //
 10277  // Note: This operation can generate multiple requests to a service.
 10278  //
 10279  //    // Example iterating over at most 3 pages of a ListPolicies operation.
 10280  //    pageNum := 0
 10281  //    err := client.ListPoliciesPages(params,
 10282  //        func(page *iam.ListPoliciesOutput, lastPage bool) bool {
 10283  //            pageNum++
 10284  //            fmt.Println(page)
 10285  //            return pageNum <= 3
 10286  //        })
 10287  //
 10288  func (c *IAM) ListPoliciesPages(input *ListPoliciesInput, fn func(*ListPoliciesOutput, bool) bool) error {
 10289  	return c.ListPoliciesPagesWithContext(aws.BackgroundContext(), input, fn)
 10290  }
 10291  
 10292  // ListPoliciesPagesWithContext same as ListPoliciesPages except
 10293  // it takes a Context and allows setting request options on the pages.
 10294  //
 10295  // The context must be non-nil and will be used for request cancellation. If
 10296  // the context is nil a panic will occur. In the future the SDK may create
 10297  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 10298  // for more information on using Contexts.
 10299  func (c *IAM) ListPoliciesPagesWithContext(ctx aws.Context, input *ListPoliciesInput, fn func(*ListPoliciesOutput, bool) bool, opts ...request.Option) error {
 10300  	p := request.Pagination{
 10301  		NewRequest: func() (*request.Request, error) {
 10302  			var inCpy *ListPoliciesInput
 10303  			if input != nil {
 10304  				tmp := *input
 10305  				inCpy = &tmp
 10306  			}
 10307  			req, _ := c.ListPoliciesRequest(inCpy)
 10308  			req.SetContext(ctx)
 10309  			req.ApplyOptions(opts...)
 10310  			return req, nil
 10311  		},
 10312  	}
 10313  
 10314  	for p.Next() {
 10315  		if !fn(p.Page().(*ListPoliciesOutput), !p.HasNextPage()) {
 10316  			break
 10317  		}
 10318  	}
 10319  
 10320  	return p.Err()
 10321  }
 10322  
 10323  const opListPoliciesGrantingServiceAccess = "ListPoliciesGrantingServiceAccess"
 10324  
 10325  // ListPoliciesGrantingServiceAccessRequest generates a "aws/request.Request" representing the
 10326  // client's request for the ListPoliciesGrantingServiceAccess operation. The "output" return
 10327  // value will be populated with the request's response once the request completes
 10328  // successfully.
 10329  //
 10330  // Use "Send" method on the returned Request to send the API call to the service.
 10331  // the "output" return value is not valid until after Send returns without error.
 10332  //
 10333  // See ListPoliciesGrantingServiceAccess for more information on using the ListPoliciesGrantingServiceAccess
 10334  // API call, and error handling.
 10335  //
 10336  // This method is useful when you want to inject custom logic or configuration
 10337  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
 10338  //
 10339  //
 10340  //    // Example sending a request using the ListPoliciesGrantingServiceAccessRequest method.
 10341  //    req, resp := client.ListPoliciesGrantingServiceAccessRequest(params)
 10342  //
 10343  //    err := req.Send()
 10344  //    if err == nil { // resp is now filled
 10345  //        fmt.Println(resp)
 10346  //    }
 10347  //
 10348  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListPoliciesGrantingServiceAccess
 10349  func (c *IAM) ListPoliciesGrantingServiceAccessRequest(input *ListPoliciesGrantingServiceAccessInput) (req *request.Request, output *ListPoliciesGrantingServiceAccessOutput) {
 10350  	op := &request.Operation{
 10351  		Name:       opListPoliciesGrantingServiceAccess,
 10352  		HTTPMethod: "POST",
 10353  		HTTPPath:   "/",
 10354  	}
 10355  
 10356  	if input == nil {
 10357  		input = &ListPoliciesGrantingServiceAccessInput{}
 10358  	}
 10359  
 10360  	output = &ListPoliciesGrantingServiceAccessOutput{}
 10361  	req = c.newRequest(op, input, output)
 10362  	return
 10363  }
 10364  
 10365  // ListPoliciesGrantingServiceAccess API operation for AWS Identity and Access Management.
 10366  //
 10367  // Retrieves a list of policies that the IAM identity (user, group, or role)
 10368  // can use to access each specified service.
 10369  //
 10370  // This operation does not use other policy types when determining whether a
 10371  // resource could access a service. These other policy types include resource-based
 10372  // policies, access control lists, Organizations policies, IAM permissions boundaries,
 10373  // and STS assume role policies. It only applies permissions policy logic. For
 10374  // more about the evaluation of policy types, see Evaluating policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluation-logic.html#policy-eval-basics)
 10375  // in the IAM User Guide.
 10376  //
 10377  // The list of policies returned by the operation depends on the ARN of the
 10378  // identity that you provide.
 10379  //
 10380  //    * User – The list of policies includes the managed and inline policies
 10381  //    that are attached to the user directly. The list also includes any additional
 10382  //    managed and inline policies that are attached to the group to which the
 10383  //    user belongs.
 10384  //
 10385  //    * Group – The list of policies includes only the managed and inline
 10386  //    policies that are attached to the group directly. Policies that are attached
 10387  //    to the group’s user are not included.
 10388  //
 10389  //    * Role – The list of policies includes only the managed and inline policies
 10390  //    that are attached to the role.
 10391  //
 10392  // For each managed policy, this operation returns the ARN and policy name.
 10393  // For each inline policy, it returns the policy name and the entity to which
 10394  // it is attached. Inline policies do not have an ARN. For more information
 10395  // about these policy types, see Managed policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_managed-vs-inline.html)
 10396  // in the IAM User Guide.
 10397  //
 10398  // Policies that are attached to users and roles as permissions boundaries are
 10399  // not returned. To view which managed policy is currently used to set the permissions
 10400  // boundary for a user or role, use the GetUser or GetRole operations.
 10401  //
 10402  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 10403  // with awserr.Error's Code and Message methods to get detailed information about
 10404  // the error.
 10405  //
 10406  // See the AWS API reference guide for AWS Identity and Access Management's
 10407  // API operation ListPoliciesGrantingServiceAccess for usage and error information.
 10408  //
 10409  // Returned Error Codes:
 10410  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
 10411  //   The request was rejected because it referenced a resource entity that does
 10412  //   not exist. The error message describes the resource.
 10413  //
 10414  //   * ErrCodeInvalidInputException "InvalidInput"
 10415  //   The request was rejected because an invalid or out-of-range value was supplied
 10416  //   for an input parameter.
 10417  //
 10418  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListPoliciesGrantingServiceAccess
 10419  func (c *IAM) ListPoliciesGrantingServiceAccess(input *ListPoliciesGrantingServiceAccessInput) (*ListPoliciesGrantingServiceAccessOutput, error) {
 10420  	req, out := c.ListPoliciesGrantingServiceAccessRequest(input)
 10421  	return out, req.Send()
 10422  }
 10423  
 10424  // ListPoliciesGrantingServiceAccessWithContext is the same as ListPoliciesGrantingServiceAccess with the addition of
 10425  // the ability to pass a context and additional request options.
 10426  //
 10427  // See ListPoliciesGrantingServiceAccess for details on how to use this API operation.
 10428  //
 10429  // The context must be non-nil and will be used for request cancellation. If
 10430  // the context is nil a panic will occur. In the future the SDK may create
 10431  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 10432  // for more information on using Contexts.
 10433  func (c *IAM) ListPoliciesGrantingServiceAccessWithContext(ctx aws.Context, input *ListPoliciesGrantingServiceAccessInput, opts ...request.Option) (*ListPoliciesGrantingServiceAccessOutput, error) {
 10434  	req, out := c.ListPoliciesGrantingServiceAccessRequest(input)
 10435  	req.SetContext(ctx)
 10436  	req.ApplyOptions(opts...)
 10437  	return out, req.Send()
 10438  }
 10439  
 10440  const opListPolicyTags = "ListPolicyTags"
 10441  
 10442  // ListPolicyTagsRequest generates a "aws/request.Request" representing the
 10443  // client's request for the ListPolicyTags operation. The "output" return
 10444  // value will be populated with the request's response once the request completes
 10445  // successfully.
 10446  //
 10447  // Use "Send" method on the returned Request to send the API call to the service.
 10448  // the "output" return value is not valid until after Send returns without error.
 10449  //
 10450  // See ListPolicyTags for more information on using the ListPolicyTags
 10451  // API call, and error handling.
 10452  //
 10453  // This method is useful when you want to inject custom logic or configuration
 10454  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
 10455  //
 10456  //
 10457  //    // Example sending a request using the ListPolicyTagsRequest method.
 10458  //    req, resp := client.ListPolicyTagsRequest(params)
 10459  //
 10460  //    err := req.Send()
 10461  //    if err == nil { // resp is now filled
 10462  //        fmt.Println(resp)
 10463  //    }
 10464  //
 10465  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListPolicyTags
 10466  func (c *IAM) ListPolicyTagsRequest(input *ListPolicyTagsInput) (req *request.Request, output *ListPolicyTagsOutput) {
 10467  	op := &request.Operation{
 10468  		Name:       opListPolicyTags,
 10469  		HTTPMethod: "POST",
 10470  		HTTPPath:   "/",
 10471  	}
 10472  
 10473  	if input == nil {
 10474  		input = &ListPolicyTagsInput{}
 10475  	}
 10476  
 10477  	output = &ListPolicyTagsOutput{}
 10478  	req = c.newRequest(op, input, output)
 10479  	return
 10480  }
 10481  
 10482  // ListPolicyTags API operation for AWS Identity and Access Management.
 10483  //
 10484  // Lists the tags that are attached to the specified IAM customer managed policy.
 10485  // The returned list of tags is sorted by tag key. For more information about
 10486  // tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
 10487  // in the IAM User Guide.
 10488  //
 10489  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 10490  // with awserr.Error's Code and Message methods to get detailed information about
 10491  // the error.
 10492  //
 10493  // See the AWS API reference guide for AWS Identity and Access Management's
 10494  // API operation ListPolicyTags for usage and error information.
 10495  //
 10496  // Returned Error Codes:
 10497  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
 10498  //   The request was rejected because it referenced a resource entity that does
 10499  //   not exist. The error message describes the resource.
 10500  //
 10501  //   * ErrCodeServiceFailureException "ServiceFailure"
 10502  //   The request processing has failed because of an unknown error, exception
 10503  //   or failure.
 10504  //
 10505  //   * ErrCodeInvalidInputException "InvalidInput"
 10506  //   The request was rejected because an invalid or out-of-range value was supplied
 10507  //   for an input parameter.
 10508  //
 10509  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListPolicyTags
 10510  func (c *IAM) ListPolicyTags(input *ListPolicyTagsInput) (*ListPolicyTagsOutput, error) {
 10511  	req, out := c.ListPolicyTagsRequest(input)
 10512  	return out, req.Send()
 10513  }
 10514  
 10515  // ListPolicyTagsWithContext is the same as ListPolicyTags with the addition of
 10516  // the ability to pass a context and additional request options.
 10517  //
 10518  // See ListPolicyTags for details on how to use this API operation.
 10519  //
 10520  // The context must be non-nil and will be used for request cancellation. If
 10521  // the context is nil a panic will occur. In the future the SDK may create
 10522  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 10523  // for more information on using Contexts.
 10524  func (c *IAM) ListPolicyTagsWithContext(ctx aws.Context, input *ListPolicyTagsInput, opts ...request.Option) (*ListPolicyTagsOutput, error) {
 10525  	req, out := c.ListPolicyTagsRequest(input)
 10526  	req.SetContext(ctx)
 10527  	req.ApplyOptions(opts...)
 10528  	return out, req.Send()
 10529  }
 10530  
 10531  const opListPolicyVersions = "ListPolicyVersions"
 10532  
 10533  // ListPolicyVersionsRequest generates a "aws/request.Request" representing the
 10534  // client's request for the ListPolicyVersions operation. The "output" return
 10535  // value will be populated with the request's response once the request completes
 10536  // successfully.
 10537  //
 10538  // Use "Send" method on the returned Request to send the API call to the service.
 10539  // the "output" return value is not valid until after Send returns without error.
 10540  //
 10541  // See ListPolicyVersions for more information on using the ListPolicyVersions
 10542  // API call, and error handling.
 10543  //
 10544  // This method is useful when you want to inject custom logic or configuration
 10545  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
 10546  //
 10547  //
 10548  //    // Example sending a request using the ListPolicyVersionsRequest method.
 10549  //    req, resp := client.ListPolicyVersionsRequest(params)
 10550  //
 10551  //    err := req.Send()
 10552  //    if err == nil { // resp is now filled
 10553  //        fmt.Println(resp)
 10554  //    }
 10555  //
 10556  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListPolicyVersions
 10557  func (c *IAM) ListPolicyVersionsRequest(input *ListPolicyVersionsInput) (req *request.Request, output *ListPolicyVersionsOutput) {
 10558  	op := &request.Operation{
 10559  		Name:       opListPolicyVersions,
 10560  		HTTPMethod: "POST",
 10561  		HTTPPath:   "/",
 10562  		Paginator: &request.Paginator{
 10563  			InputTokens:     []string{"Marker"},
 10564  			OutputTokens:    []string{"Marker"},
 10565  			LimitToken:      "MaxItems",
 10566  			TruncationToken: "IsTruncated",
 10567  		},
 10568  	}
 10569  
 10570  	if input == nil {
 10571  		input = &ListPolicyVersionsInput{}
 10572  	}
 10573  
 10574  	output = &ListPolicyVersionsOutput{}
 10575  	req = c.newRequest(op, input, output)
 10576  	return
 10577  }
 10578  
 10579  // ListPolicyVersions API operation for AWS Identity and Access Management.
 10580  //
 10581  // Lists information about the versions of the specified managed policy, including
 10582  // the version that is currently set as the policy's default version.
 10583  //
 10584  // For more information about managed policies, see Managed policies and inline
 10585  // policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
 10586  // in the IAM User Guide.
 10587  //
 10588  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 10589  // with awserr.Error's Code and Message methods to get detailed information about
 10590  // the error.
 10591  //
 10592  // See the AWS API reference guide for AWS Identity and Access Management's
 10593  // API operation ListPolicyVersions for usage and error information.
 10594  //
 10595  // Returned Error Codes:
 10596  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
 10597  //   The request was rejected because it referenced a resource entity that does
 10598  //   not exist. The error message describes the resource.
 10599  //
 10600  //   * ErrCodeInvalidInputException "InvalidInput"
 10601  //   The request was rejected because an invalid or out-of-range value was supplied
 10602  //   for an input parameter.
 10603  //
 10604  //   * ErrCodeServiceFailureException "ServiceFailure"
 10605  //   The request processing has failed because of an unknown error, exception
 10606  //   or failure.
 10607  //
 10608  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListPolicyVersions
 10609  func (c *IAM) ListPolicyVersions(input *ListPolicyVersionsInput) (*ListPolicyVersionsOutput, error) {
 10610  	req, out := c.ListPolicyVersionsRequest(input)
 10611  	return out, req.Send()
 10612  }
 10613  
 10614  // ListPolicyVersionsWithContext is the same as ListPolicyVersions with the addition of
 10615  // the ability to pass a context and additional request options.
 10616  //
 10617  // See ListPolicyVersions for details on how to use this API operation.
 10618  //
 10619  // The context must be non-nil and will be used for request cancellation. If
 10620  // the context is nil a panic will occur. In the future the SDK may create
 10621  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 10622  // for more information on using Contexts.
 10623  func (c *IAM) ListPolicyVersionsWithContext(ctx aws.Context, input *ListPolicyVersionsInput, opts ...request.Option) (*ListPolicyVersionsOutput, error) {
 10624  	req, out := c.ListPolicyVersionsRequest(input)
 10625  	req.SetContext(ctx)
 10626  	req.ApplyOptions(opts...)
 10627  	return out, req.Send()
 10628  }
 10629  
 10630  // ListPolicyVersionsPages iterates over the pages of a ListPolicyVersions operation,
 10631  // calling the "fn" function with the response data for each page. To stop
 10632  // iterating, return false from the fn function.
 10633  //
 10634  // See ListPolicyVersions method for more information on how to use this operation.
 10635  //
 10636  // Note: This operation can generate multiple requests to a service.
 10637  //
 10638  //    // Example iterating over at most 3 pages of a ListPolicyVersions operation.
 10639  //    pageNum := 0
 10640  //    err := client.ListPolicyVersionsPages(params,
 10641  //        func(page *iam.ListPolicyVersionsOutput, lastPage bool) bool {
 10642  //            pageNum++
 10643  //            fmt.Println(page)
 10644  //            return pageNum <= 3
 10645  //        })
 10646  //
 10647  func (c *IAM) ListPolicyVersionsPages(input *ListPolicyVersionsInput, fn func(*ListPolicyVersionsOutput, bool) bool) error {
 10648  	return c.ListPolicyVersionsPagesWithContext(aws.BackgroundContext(), input, fn)
 10649  }
 10650  
 10651  // ListPolicyVersionsPagesWithContext same as ListPolicyVersionsPages except
 10652  // it takes a Context and allows setting request options on the pages.
 10653  //
 10654  // The context must be non-nil and will be used for request cancellation. If
 10655  // the context is nil a panic will occur. In the future the SDK may create
 10656  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 10657  // for more information on using Contexts.
 10658  func (c *IAM) ListPolicyVersionsPagesWithContext(ctx aws.Context, input *ListPolicyVersionsInput, fn func(*ListPolicyVersionsOutput, bool) bool, opts ...request.Option) error {
 10659  	p := request.Pagination{
 10660  		NewRequest: func() (*request.Request, error) {
 10661  			var inCpy *ListPolicyVersionsInput
 10662  			if input != nil {
 10663  				tmp := *input
 10664  				inCpy = &tmp
 10665  			}
 10666  			req, _ := c.ListPolicyVersionsRequest(inCpy)
 10667  			req.SetContext(ctx)
 10668  			req.ApplyOptions(opts...)
 10669  			return req, nil
 10670  		},
 10671  	}
 10672  
 10673  	for p.Next() {
 10674  		if !fn(p.Page().(*ListPolicyVersionsOutput), !p.HasNextPage()) {
 10675  			break
 10676  		}
 10677  	}
 10678  
 10679  	return p.Err()
 10680  }
 10681  
 10682  const opListRolePolicies = "ListRolePolicies"
 10683  
 10684  // ListRolePoliciesRequest generates a "aws/request.Request" representing the
 10685  // client's request for the ListRolePolicies operation. The "output" return
 10686  // value will be populated with the request's response once the request completes
 10687  // successfully.
 10688  //
 10689  // Use "Send" method on the returned Request to send the API call to the service.
 10690  // the "output" return value is not valid until after Send returns without error.
 10691  //
 10692  // See ListRolePolicies for more information on using the ListRolePolicies
 10693  // API call, and error handling.
 10694  //
 10695  // This method is useful when you want to inject custom logic or configuration
 10696  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
 10697  //
 10698  //
 10699  //    // Example sending a request using the ListRolePoliciesRequest method.
 10700  //    req, resp := client.ListRolePoliciesRequest(params)
 10701  //
 10702  //    err := req.Send()
 10703  //    if err == nil { // resp is now filled
 10704  //        fmt.Println(resp)
 10705  //    }
 10706  //
 10707  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListRolePolicies
 10708  func (c *IAM) ListRolePoliciesRequest(input *ListRolePoliciesInput) (req *request.Request, output *ListRolePoliciesOutput) {
 10709  	op := &request.Operation{
 10710  		Name:       opListRolePolicies,
 10711  		HTTPMethod: "POST",
 10712  		HTTPPath:   "/",
 10713  		Paginator: &request.Paginator{
 10714  			InputTokens:     []string{"Marker"},
 10715  			OutputTokens:    []string{"Marker"},
 10716  			LimitToken:      "MaxItems",
 10717  			TruncationToken: "IsTruncated",
 10718  		},
 10719  	}
 10720  
 10721  	if input == nil {
 10722  		input = &ListRolePoliciesInput{}
 10723  	}
 10724  
 10725  	output = &ListRolePoliciesOutput{}
 10726  	req = c.newRequest(op, input, output)
 10727  	return
 10728  }
 10729  
 10730  // ListRolePolicies API operation for AWS Identity and Access Management.
 10731  //
 10732  // Lists the names of the inline policies that are embedded in the specified
 10733  // IAM role.
 10734  //
 10735  // An IAM role can also have managed policies attached to it. To list the managed
 10736  // policies that are attached to a role, use ListAttachedRolePolicies. For more
 10737  // information about policies, see Managed policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
 10738  // in the IAM User Guide.
 10739  //
 10740  // You can paginate the results using the MaxItems and Marker parameters. If
 10741  // there are no inline policies embedded with the specified role, the operation
 10742  // returns an empty list.
 10743  //
 10744  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 10745  // with awserr.Error's Code and Message methods to get detailed information about
 10746  // the error.
 10747  //
 10748  // See the AWS API reference guide for AWS Identity and Access Management's
 10749  // API operation ListRolePolicies for usage and error information.
 10750  //
 10751  // Returned Error Codes:
 10752  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
 10753  //   The request was rejected because it referenced a resource entity that does
 10754  //   not exist. The error message describes the resource.
 10755  //
 10756  //   * ErrCodeServiceFailureException "ServiceFailure"
 10757  //   The request processing has failed because of an unknown error, exception
 10758  //   or failure.
 10759  //
 10760  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListRolePolicies
 10761  func (c *IAM) ListRolePolicies(input *ListRolePoliciesInput) (*ListRolePoliciesOutput, error) {
 10762  	req, out := c.ListRolePoliciesRequest(input)
 10763  	return out, req.Send()
 10764  }
 10765  
 10766  // ListRolePoliciesWithContext is the same as ListRolePolicies with the addition of
 10767  // the ability to pass a context and additional request options.
 10768  //
 10769  // See ListRolePolicies for details on how to use this API operation.
 10770  //
 10771  // The context must be non-nil and will be used for request cancellation. If
 10772  // the context is nil a panic will occur. In the future the SDK may create
 10773  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 10774  // for more information on using Contexts.
 10775  func (c *IAM) ListRolePoliciesWithContext(ctx aws.Context, input *ListRolePoliciesInput, opts ...request.Option) (*ListRolePoliciesOutput, error) {
 10776  	req, out := c.ListRolePoliciesRequest(input)
 10777  	req.SetContext(ctx)
 10778  	req.ApplyOptions(opts...)
 10779  	return out, req.Send()
 10780  }
 10781  
 10782  // ListRolePoliciesPages iterates over the pages of a ListRolePolicies operation,
 10783  // calling the "fn" function with the response data for each page. To stop
 10784  // iterating, return false from the fn function.
 10785  //
 10786  // See ListRolePolicies method for more information on how to use this operation.
 10787  //
 10788  // Note: This operation can generate multiple requests to a service.
 10789  //
 10790  //    // Example iterating over at most 3 pages of a ListRolePolicies operation.
 10791  //    pageNum := 0
 10792  //    err := client.ListRolePoliciesPages(params,
 10793  //        func(page *iam.ListRolePoliciesOutput, lastPage bool) bool {
 10794  //            pageNum++
 10795  //            fmt.Println(page)
 10796  //            return pageNum <= 3
 10797  //        })
 10798  //
 10799  func (c *IAM) ListRolePoliciesPages(input *ListRolePoliciesInput, fn func(*ListRolePoliciesOutput, bool) bool) error {
 10800  	return c.ListRolePoliciesPagesWithContext(aws.BackgroundContext(), input, fn)
 10801  }
 10802  
 10803  // ListRolePoliciesPagesWithContext same as ListRolePoliciesPages except
 10804  // it takes a Context and allows setting request options on the pages.
 10805  //
 10806  // The context must be non-nil and will be used for request cancellation. If
 10807  // the context is nil a panic will occur. In the future the SDK may create
 10808  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 10809  // for more information on using Contexts.
 10810  func (c *IAM) ListRolePoliciesPagesWithContext(ctx aws.Context, input *ListRolePoliciesInput, fn func(*ListRolePoliciesOutput, bool) bool, opts ...request.Option) error {
 10811  	p := request.Pagination{
 10812  		NewRequest: func() (*request.Request, error) {
 10813  			var inCpy *ListRolePoliciesInput
 10814  			if input != nil {
 10815  				tmp := *input
 10816  				inCpy = &tmp
 10817  			}
 10818  			req, _ := c.ListRolePoliciesRequest(inCpy)
 10819  			req.SetContext(ctx)
 10820  			req.ApplyOptions(opts...)
 10821  			return req, nil
 10822  		},
 10823  	}
 10824  
 10825  	for p.Next() {
 10826  		if !fn(p.Page().(*ListRolePoliciesOutput), !p.HasNextPage()) {
 10827  			break
 10828  		}
 10829  	}
 10830  
 10831  	return p.Err()
 10832  }
 10833  
 10834  const opListRoleTags = "ListRoleTags"
 10835  
 10836  // ListRoleTagsRequest generates a "aws/request.Request" representing the
 10837  // client's request for the ListRoleTags operation. The "output" return
 10838  // value will be populated with the request's response once the request completes
 10839  // successfully.
 10840  //
 10841  // Use "Send" method on the returned Request to send the API call to the service.
 10842  // the "output" return value is not valid until after Send returns without error.
 10843  //
 10844  // See ListRoleTags for more information on using the ListRoleTags
 10845  // API call, and error handling.
 10846  //
 10847  // This method is useful when you want to inject custom logic or configuration
 10848  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
 10849  //
 10850  //
 10851  //    // Example sending a request using the ListRoleTagsRequest method.
 10852  //    req, resp := client.ListRoleTagsRequest(params)
 10853  //
 10854  //    err := req.Send()
 10855  //    if err == nil { // resp is now filled
 10856  //        fmt.Println(resp)
 10857  //    }
 10858  //
 10859  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListRoleTags
 10860  func (c *IAM) ListRoleTagsRequest(input *ListRoleTagsInput) (req *request.Request, output *ListRoleTagsOutput) {
 10861  	op := &request.Operation{
 10862  		Name:       opListRoleTags,
 10863  		HTTPMethod: "POST",
 10864  		HTTPPath:   "/",
 10865  	}
 10866  
 10867  	if input == nil {
 10868  		input = &ListRoleTagsInput{}
 10869  	}
 10870  
 10871  	output = &ListRoleTagsOutput{}
 10872  	req = c.newRequest(op, input, output)
 10873  	return
 10874  }
 10875  
 10876  // ListRoleTags API operation for AWS Identity and Access Management.
 10877  //
 10878  // Lists the tags that are attached to the specified role. The returned list
 10879  // of tags is sorted by tag key. For more information about tagging, see Tagging
 10880  // IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
 10881  // in the IAM User Guide.
 10882  //
 10883  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 10884  // with awserr.Error's Code and Message methods to get detailed information about
 10885  // the error.
 10886  //
 10887  // See the AWS API reference guide for AWS Identity and Access Management's
 10888  // API operation ListRoleTags for usage and error information.
 10889  //
 10890  // Returned Error Codes:
 10891  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
 10892  //   The request was rejected because it referenced a resource entity that does
 10893  //   not exist. The error message describes the resource.
 10894  //
 10895  //   * ErrCodeServiceFailureException "ServiceFailure"
 10896  //   The request processing has failed because of an unknown error, exception
 10897  //   or failure.
 10898  //
 10899  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListRoleTags
 10900  func (c *IAM) ListRoleTags(input *ListRoleTagsInput) (*ListRoleTagsOutput, error) {
 10901  	req, out := c.ListRoleTagsRequest(input)
 10902  	return out, req.Send()
 10903  }
 10904  
 10905  // ListRoleTagsWithContext is the same as ListRoleTags with the addition of
 10906  // the ability to pass a context and additional request options.
 10907  //
 10908  // See ListRoleTags for details on how to use this API operation.
 10909  //
 10910  // The context must be non-nil and will be used for request cancellation. If
 10911  // the context is nil a panic will occur. In the future the SDK may create
 10912  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 10913  // for more information on using Contexts.
 10914  func (c *IAM) ListRoleTagsWithContext(ctx aws.Context, input *ListRoleTagsInput, opts ...request.Option) (*ListRoleTagsOutput, error) {
 10915  	req, out := c.ListRoleTagsRequest(input)
 10916  	req.SetContext(ctx)
 10917  	req.ApplyOptions(opts...)
 10918  	return out, req.Send()
 10919  }
 10920  
 10921  const opListRoles = "ListRoles"
 10922  
 10923  // ListRolesRequest generates a "aws/request.Request" representing the
 10924  // client's request for the ListRoles operation. The "output" return
 10925  // value will be populated with the request's response once the request completes
 10926  // successfully.
 10927  //
 10928  // Use "Send" method on the returned Request to send the API call to the service.
 10929  // the "output" return value is not valid until after Send returns without error.
 10930  //
 10931  // See ListRoles for more information on using the ListRoles
 10932  // API call, and error handling.
 10933  //
 10934  // This method is useful when you want to inject custom logic or configuration
 10935  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
 10936  //
 10937  //
 10938  //    // Example sending a request using the ListRolesRequest method.
 10939  //    req, resp := client.ListRolesRequest(params)
 10940  //
 10941  //    err := req.Send()
 10942  //    if err == nil { // resp is now filled
 10943  //        fmt.Println(resp)
 10944  //    }
 10945  //
 10946  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListRoles
 10947  func (c *IAM) ListRolesRequest(input *ListRolesInput) (req *request.Request, output *ListRolesOutput) {
 10948  	op := &request.Operation{
 10949  		Name:       opListRoles,
 10950  		HTTPMethod: "POST",
 10951  		HTTPPath:   "/",
 10952  		Paginator: &request.Paginator{
 10953  			InputTokens:     []string{"Marker"},
 10954  			OutputTokens:    []string{"Marker"},
 10955  			LimitToken:      "MaxItems",
 10956  			TruncationToken: "IsTruncated",
 10957  		},
 10958  	}
 10959  
 10960  	if input == nil {
 10961  		input = &ListRolesInput{}
 10962  	}
 10963  
 10964  	output = &ListRolesOutput{}
 10965  	req = c.newRequest(op, input, output)
 10966  	return
 10967  }
 10968  
 10969  // ListRoles API operation for AWS Identity and Access Management.
 10970  //
 10971  // Lists the IAM roles that have the specified path prefix. If there are none,
 10972  // the operation returns an empty list. For more information about roles, see
 10973  // Working with roles (https://docs.aws.amazon.com/IAM/latest/UserGuide/WorkingWithRoles.html).
 10974  //
 10975  // IAM resource-listing operations return a subset of the available attributes
 10976  // for the resource. For example, this operation does not return tags, even
 10977  // though they are an attribute of the returned object. To view all of the information
 10978  // for a role, see GetRole.
 10979  //
 10980  // You can paginate the results using the MaxItems and Marker parameters.
 10981  //
 10982  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 10983  // with awserr.Error's Code and Message methods to get detailed information about
 10984  // the error.
 10985  //
 10986  // See the AWS API reference guide for AWS Identity and Access Management's
 10987  // API operation ListRoles for usage and error information.
 10988  //
 10989  // Returned Error Codes:
 10990  //   * ErrCodeServiceFailureException "ServiceFailure"
 10991  //   The request processing has failed because of an unknown error, exception
 10992  //   or failure.
 10993  //
 10994  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListRoles
 10995  func (c *IAM) ListRoles(input *ListRolesInput) (*ListRolesOutput, error) {
 10996  	req, out := c.ListRolesRequest(input)
 10997  	return out, req.Send()
 10998  }
 10999  
 11000  // ListRolesWithContext is the same as ListRoles with the addition of
 11001  // the ability to pass a context and additional request options.
 11002  //
 11003  // See ListRoles for details on how to use this API operation.
 11004  //
 11005  // The context must be non-nil and will be used for request cancellation. If
 11006  // the context is nil a panic will occur. In the future the SDK may create
 11007  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 11008  // for more information on using Contexts.
 11009  func (c *IAM) ListRolesWithContext(ctx aws.Context, input *ListRolesInput, opts ...request.Option) (*ListRolesOutput, error) {
 11010  	req, out := c.ListRolesRequest(input)
 11011  	req.SetContext(ctx)
 11012  	req.ApplyOptions(opts...)
 11013  	return out, req.Send()
 11014  }
 11015  
 11016  // ListRolesPages iterates over the pages of a ListRoles operation,
 11017  // calling the "fn" function with the response data for each page. To stop
 11018  // iterating, return false from the fn function.
 11019  //
 11020  // See ListRoles method for more information on how to use this operation.
 11021  //
 11022  // Note: This operation can generate multiple requests to a service.
 11023  //
 11024  //    // Example iterating over at most 3 pages of a ListRoles operation.
 11025  //    pageNum := 0
 11026  //    err := client.ListRolesPages(params,
 11027  //        func(page *iam.ListRolesOutput, lastPage bool) bool {
 11028  //            pageNum++
 11029  //            fmt.Println(page)
 11030  //            return pageNum <= 3
 11031  //        })
 11032  //
 11033  func (c *IAM) ListRolesPages(input *ListRolesInput, fn func(*ListRolesOutput, bool) bool) error {
 11034  	return c.ListRolesPagesWithContext(aws.BackgroundContext(), input, fn)
 11035  }
 11036  
 11037  // ListRolesPagesWithContext same as ListRolesPages except
 11038  // it takes a Context and allows setting request options on the pages.
 11039  //
 11040  // The context must be non-nil and will be used for request cancellation. If
 11041  // the context is nil a panic will occur. In the future the SDK may create
 11042  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 11043  // for more information on using Contexts.
 11044  func (c *IAM) ListRolesPagesWithContext(ctx aws.Context, input *ListRolesInput, fn func(*ListRolesOutput, bool) bool, opts ...request.Option) error {
 11045  	p := request.Pagination{
 11046  		NewRequest: func() (*request.Request, error) {
 11047  			var inCpy *ListRolesInput
 11048  			if input != nil {
 11049  				tmp := *input
 11050  				inCpy = &tmp
 11051  			}
 11052  			req, _ := c.ListRolesRequest(inCpy)
 11053  			req.SetContext(ctx)
 11054  			req.ApplyOptions(opts...)
 11055  			return req, nil
 11056  		},
 11057  	}
 11058  
 11059  	for p.Next() {
 11060  		if !fn(p.Page().(*ListRolesOutput), !p.HasNextPage()) {
 11061  			break
 11062  		}
 11063  	}
 11064  
 11065  	return p.Err()
 11066  }
 11067  
 11068  const opListSAMLProviderTags = "ListSAMLProviderTags"
 11069  
 11070  // ListSAMLProviderTagsRequest generates a "aws/request.Request" representing the
 11071  // client's request for the ListSAMLProviderTags operation. The "output" return
 11072  // value will be populated with the request's response once the request completes
 11073  // successfully.
 11074  //
 11075  // Use "Send" method on the returned Request to send the API call to the service.
 11076  // the "output" return value is not valid until after Send returns without error.
 11077  //
 11078  // See ListSAMLProviderTags for more information on using the ListSAMLProviderTags
 11079  // API call, and error handling.
 11080  //
 11081  // This method is useful when you want to inject custom logic or configuration
 11082  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
 11083  //
 11084  //
 11085  //    // Example sending a request using the ListSAMLProviderTagsRequest method.
 11086  //    req, resp := client.ListSAMLProviderTagsRequest(params)
 11087  //
 11088  //    err := req.Send()
 11089  //    if err == nil { // resp is now filled
 11090  //        fmt.Println(resp)
 11091  //    }
 11092  //
 11093  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListSAMLProviderTags
 11094  func (c *IAM) ListSAMLProviderTagsRequest(input *ListSAMLProviderTagsInput) (req *request.Request, output *ListSAMLProviderTagsOutput) {
 11095  	op := &request.Operation{
 11096  		Name:       opListSAMLProviderTags,
 11097  		HTTPMethod: "POST",
 11098  		HTTPPath:   "/",
 11099  	}
 11100  
 11101  	if input == nil {
 11102  		input = &ListSAMLProviderTagsInput{}
 11103  	}
 11104  
 11105  	output = &ListSAMLProviderTagsOutput{}
 11106  	req = c.newRequest(op, input, output)
 11107  	return
 11108  }
 11109  
 11110  // ListSAMLProviderTags API operation for AWS Identity and Access Management.
 11111  //
 11112  // Lists the tags that are attached to the specified Security Assertion Markup
 11113  // Language (SAML) identity provider. The returned list of tags is sorted by
 11114  // tag key. For more information, see About SAML 2.0-based federation (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_saml.html).
 11115  //
 11116  // For more information about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
 11117  // in the IAM User Guide.
 11118  //
 11119  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 11120  // with awserr.Error's Code and Message methods to get detailed information about
 11121  // the error.
 11122  //
 11123  // See the AWS API reference guide for AWS Identity and Access Management's
 11124  // API operation ListSAMLProviderTags for usage and error information.
 11125  //
 11126  // Returned Error Codes:
 11127  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
 11128  //   The request was rejected because it referenced a resource entity that does
 11129  //   not exist. The error message describes the resource.
 11130  //
 11131  //   * ErrCodeServiceFailureException "ServiceFailure"
 11132  //   The request processing has failed because of an unknown error, exception
 11133  //   or failure.
 11134  //
 11135  //   * ErrCodeInvalidInputException "InvalidInput"
 11136  //   The request was rejected because an invalid or out-of-range value was supplied
 11137  //   for an input parameter.
 11138  //
 11139  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListSAMLProviderTags
 11140  func (c *IAM) ListSAMLProviderTags(input *ListSAMLProviderTagsInput) (*ListSAMLProviderTagsOutput, error) {
 11141  	req, out := c.ListSAMLProviderTagsRequest(input)
 11142  	return out, req.Send()
 11143  }
 11144  
 11145  // ListSAMLProviderTagsWithContext is the same as ListSAMLProviderTags with the addition of
 11146  // the ability to pass a context and additional request options.
 11147  //
 11148  // See ListSAMLProviderTags for details on how to use this API operation.
 11149  //
 11150  // The context must be non-nil and will be used for request cancellation. If
 11151  // the context is nil a panic will occur. In the future the SDK may create
 11152  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 11153  // for more information on using Contexts.
 11154  func (c *IAM) ListSAMLProviderTagsWithContext(ctx aws.Context, input *ListSAMLProviderTagsInput, opts ...request.Option) (*ListSAMLProviderTagsOutput, error) {
 11155  	req, out := c.ListSAMLProviderTagsRequest(input)
 11156  	req.SetContext(ctx)
 11157  	req.ApplyOptions(opts...)
 11158  	return out, req.Send()
 11159  }
 11160  
 11161  const opListSAMLProviders = "ListSAMLProviders"
 11162  
 11163  // ListSAMLProvidersRequest generates a "aws/request.Request" representing the
 11164  // client's request for the ListSAMLProviders operation. The "output" return
 11165  // value will be populated with the request's response once the request completes
 11166  // successfully.
 11167  //
 11168  // Use "Send" method on the returned Request to send the API call to the service.
 11169  // the "output" return value is not valid until after Send returns without error.
 11170  //
 11171  // See ListSAMLProviders for more information on using the ListSAMLProviders
 11172  // API call, and error handling.
 11173  //
 11174  // This method is useful when you want to inject custom logic or configuration
 11175  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
 11176  //
 11177  //
 11178  //    // Example sending a request using the ListSAMLProvidersRequest method.
 11179  //    req, resp := client.ListSAMLProvidersRequest(params)
 11180  //
 11181  //    err := req.Send()
 11182  //    if err == nil { // resp is now filled
 11183  //        fmt.Println(resp)
 11184  //    }
 11185  //
 11186  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListSAMLProviders
 11187  func (c *IAM) ListSAMLProvidersRequest(input *ListSAMLProvidersInput) (req *request.Request, output *ListSAMLProvidersOutput) {
 11188  	op := &request.Operation{
 11189  		Name:       opListSAMLProviders,
 11190  		HTTPMethod: "POST",
 11191  		HTTPPath:   "/",
 11192  	}
 11193  
 11194  	if input == nil {
 11195  		input = &ListSAMLProvidersInput{}
 11196  	}
 11197  
 11198  	output = &ListSAMLProvidersOutput{}
 11199  	req = c.newRequest(op, input, output)
 11200  	return
 11201  }
 11202  
 11203  // ListSAMLProviders API operation for AWS Identity and Access Management.
 11204  //
 11205  // Lists the SAML provider resource objects defined in IAM in the account. IAM
 11206  // resource-listing operations return a subset of the available attributes for
 11207  // the resource. For example, this operation does not return tags, even though
 11208  // they are an attribute of the returned object. To view all of the information
 11209  // for a SAML provider, see GetSAMLProvider.
 11210  //
 11211  // This operation requires Signature Version 4 (https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html).
 11212  //
 11213  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 11214  // with awserr.Error's Code and Message methods to get detailed information about
 11215  // the error.
 11216  //
 11217  // See the AWS API reference guide for AWS Identity and Access Management's
 11218  // API operation ListSAMLProviders for usage and error information.
 11219  //
 11220  // Returned Error Codes:
 11221  //   * ErrCodeServiceFailureException "ServiceFailure"
 11222  //   The request processing has failed because of an unknown error, exception
 11223  //   or failure.
 11224  //
 11225  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListSAMLProviders
 11226  func (c *IAM) ListSAMLProviders(input *ListSAMLProvidersInput) (*ListSAMLProvidersOutput, error) {
 11227  	req, out := c.ListSAMLProvidersRequest(input)
 11228  	return out, req.Send()
 11229  }
 11230  
 11231  // ListSAMLProvidersWithContext is the same as ListSAMLProviders with the addition of
 11232  // the ability to pass a context and additional request options.
 11233  //
 11234  // See ListSAMLProviders for details on how to use this API operation.
 11235  //
 11236  // The context must be non-nil and will be used for request cancellation. If
 11237  // the context is nil a panic will occur. In the future the SDK may create
 11238  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 11239  // for more information on using Contexts.
 11240  func (c *IAM) ListSAMLProvidersWithContext(ctx aws.Context, input *ListSAMLProvidersInput, opts ...request.Option) (*ListSAMLProvidersOutput, error) {
 11241  	req, out := c.ListSAMLProvidersRequest(input)
 11242  	req.SetContext(ctx)
 11243  	req.ApplyOptions(opts...)
 11244  	return out, req.Send()
 11245  }
 11246  
 11247  const opListSSHPublicKeys = "ListSSHPublicKeys"
 11248  
 11249  // ListSSHPublicKeysRequest generates a "aws/request.Request" representing the
 11250  // client's request for the ListSSHPublicKeys operation. The "output" return
 11251  // value will be populated with the request's response once the request completes
 11252  // successfully.
 11253  //
 11254  // Use "Send" method on the returned Request to send the API call to the service.
 11255  // the "output" return value is not valid until after Send returns without error.
 11256  //
 11257  // See ListSSHPublicKeys for more information on using the ListSSHPublicKeys
 11258  // API call, and error handling.
 11259  //
 11260  // This method is useful when you want to inject custom logic or configuration
 11261  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
 11262  //
 11263  //
 11264  //    // Example sending a request using the ListSSHPublicKeysRequest method.
 11265  //    req, resp := client.ListSSHPublicKeysRequest(params)
 11266  //
 11267  //    err := req.Send()
 11268  //    if err == nil { // resp is now filled
 11269  //        fmt.Println(resp)
 11270  //    }
 11271  //
 11272  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListSSHPublicKeys
 11273  func (c *IAM) ListSSHPublicKeysRequest(input *ListSSHPublicKeysInput) (req *request.Request, output *ListSSHPublicKeysOutput) {
 11274  	op := &request.Operation{
 11275  		Name:       opListSSHPublicKeys,
 11276  		HTTPMethod: "POST",
 11277  		HTTPPath:   "/",
 11278  		Paginator: &request.Paginator{
 11279  			InputTokens:     []string{"Marker"},
 11280  			OutputTokens:    []string{"Marker"},
 11281  			LimitToken:      "MaxItems",
 11282  			TruncationToken: "IsTruncated",
 11283  		},
 11284  	}
 11285  
 11286  	if input == nil {
 11287  		input = &ListSSHPublicKeysInput{}
 11288  	}
 11289  
 11290  	output = &ListSSHPublicKeysOutput{}
 11291  	req = c.newRequest(op, input, output)
 11292  	return
 11293  }
 11294  
 11295  // ListSSHPublicKeys API operation for AWS Identity and Access Management.
 11296  //
 11297  // Returns information about the SSH public keys associated with the specified
 11298  // IAM user. If none exists, the operation returns an empty list.
 11299  //
 11300  // The SSH public keys returned by this operation are used only for authenticating
 11301  // the IAM user to an CodeCommit repository. For more information about using
 11302  // SSH keys to authenticate to an CodeCommit repository, see Set up CodeCommit
 11303  // for SSH connections (https://docs.aws.amazon.com/codecommit/latest/userguide/setting-up-credentials-ssh.html)
 11304  // in the CodeCommit User Guide.
 11305  //
 11306  // Although each user is limited to a small number of keys, you can still paginate
 11307  // the results using the MaxItems and Marker parameters.
 11308  //
 11309  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 11310  // with awserr.Error's Code and Message methods to get detailed information about
 11311  // the error.
 11312  //
 11313  // See the AWS API reference guide for AWS Identity and Access Management's
 11314  // API operation ListSSHPublicKeys for usage and error information.
 11315  //
 11316  // Returned Error Codes:
 11317  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
 11318  //   The request was rejected because it referenced a resource entity that does
 11319  //   not exist. The error message describes the resource.
 11320  //
 11321  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListSSHPublicKeys
 11322  func (c *IAM) ListSSHPublicKeys(input *ListSSHPublicKeysInput) (*ListSSHPublicKeysOutput, error) {
 11323  	req, out := c.ListSSHPublicKeysRequest(input)
 11324  	return out, req.Send()
 11325  }
 11326  
 11327  // ListSSHPublicKeysWithContext is the same as ListSSHPublicKeys with the addition of
 11328  // the ability to pass a context and additional request options.
 11329  //
 11330  // See ListSSHPublicKeys for details on how to use this API operation.
 11331  //
 11332  // The context must be non-nil and will be used for request cancellation. If
 11333  // the context is nil a panic will occur. In the future the SDK may create
 11334  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 11335  // for more information on using Contexts.
 11336  func (c *IAM) ListSSHPublicKeysWithContext(ctx aws.Context, input *ListSSHPublicKeysInput, opts ...request.Option) (*ListSSHPublicKeysOutput, error) {
 11337  	req, out := c.ListSSHPublicKeysRequest(input)
 11338  	req.SetContext(ctx)
 11339  	req.ApplyOptions(opts...)
 11340  	return out, req.Send()
 11341  }
 11342  
 11343  // ListSSHPublicKeysPages iterates over the pages of a ListSSHPublicKeys operation,
 11344  // calling the "fn" function with the response data for each page. To stop
 11345  // iterating, return false from the fn function.
 11346  //
 11347  // See ListSSHPublicKeys method for more information on how to use this operation.
 11348  //
 11349  // Note: This operation can generate multiple requests to a service.
 11350  //
 11351  //    // Example iterating over at most 3 pages of a ListSSHPublicKeys operation.
 11352  //    pageNum := 0
 11353  //    err := client.ListSSHPublicKeysPages(params,
 11354  //        func(page *iam.ListSSHPublicKeysOutput, lastPage bool) bool {
 11355  //            pageNum++
 11356  //            fmt.Println(page)
 11357  //            return pageNum <= 3
 11358  //        })
 11359  //
 11360  func (c *IAM) ListSSHPublicKeysPages(input *ListSSHPublicKeysInput, fn func(*ListSSHPublicKeysOutput, bool) bool) error {
 11361  	return c.ListSSHPublicKeysPagesWithContext(aws.BackgroundContext(), input, fn)
 11362  }
 11363  
 11364  // ListSSHPublicKeysPagesWithContext same as ListSSHPublicKeysPages except
 11365  // it takes a Context and allows setting request options on the pages.
 11366  //
 11367  // The context must be non-nil and will be used for request cancellation. If
 11368  // the context is nil a panic will occur. In the future the SDK may create
 11369  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 11370  // for more information on using Contexts.
 11371  func (c *IAM) ListSSHPublicKeysPagesWithContext(ctx aws.Context, input *ListSSHPublicKeysInput, fn func(*ListSSHPublicKeysOutput, bool) bool, opts ...request.Option) error {
 11372  	p := request.Pagination{
 11373  		NewRequest: func() (*request.Request, error) {
 11374  			var inCpy *ListSSHPublicKeysInput
 11375  			if input != nil {
 11376  				tmp := *input
 11377  				inCpy = &tmp
 11378  			}
 11379  			req, _ := c.ListSSHPublicKeysRequest(inCpy)
 11380  			req.SetContext(ctx)
 11381  			req.ApplyOptions(opts...)
 11382  			return req, nil
 11383  		},
 11384  	}
 11385  
 11386  	for p.Next() {
 11387  		if !fn(p.Page().(*ListSSHPublicKeysOutput), !p.HasNextPage()) {
 11388  			break
 11389  		}
 11390  	}
 11391  
 11392  	return p.Err()
 11393  }
 11394  
 11395  const opListServerCertificateTags = "ListServerCertificateTags"
 11396  
 11397  // ListServerCertificateTagsRequest generates a "aws/request.Request" representing the
 11398  // client's request for the ListServerCertificateTags operation. The "output" return
 11399  // value will be populated with the request's response once the request completes
 11400  // successfully.
 11401  //
 11402  // Use "Send" method on the returned Request to send the API call to the service.
 11403  // the "output" return value is not valid until after Send returns without error.
 11404  //
 11405  // See ListServerCertificateTags for more information on using the ListServerCertificateTags
 11406  // API call, and error handling.
 11407  //
 11408  // This method is useful when you want to inject custom logic or configuration
 11409  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
 11410  //
 11411  //
 11412  //    // Example sending a request using the ListServerCertificateTagsRequest method.
 11413  //    req, resp := client.ListServerCertificateTagsRequest(params)
 11414  //
 11415  //    err := req.Send()
 11416  //    if err == nil { // resp is now filled
 11417  //        fmt.Println(resp)
 11418  //    }
 11419  //
 11420  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListServerCertificateTags
 11421  func (c *IAM) ListServerCertificateTagsRequest(input *ListServerCertificateTagsInput) (req *request.Request, output *ListServerCertificateTagsOutput) {
 11422  	op := &request.Operation{
 11423  		Name:       opListServerCertificateTags,
 11424  		HTTPMethod: "POST",
 11425  		HTTPPath:   "/",
 11426  	}
 11427  
 11428  	if input == nil {
 11429  		input = &ListServerCertificateTagsInput{}
 11430  	}
 11431  
 11432  	output = &ListServerCertificateTagsOutput{}
 11433  	req = c.newRequest(op, input, output)
 11434  	return
 11435  }
 11436  
 11437  // ListServerCertificateTags API operation for AWS Identity and Access Management.
 11438  //
 11439  // Lists the tags that are attached to the specified IAM server certificate.
 11440  // The returned list of tags is sorted by tag key. For more information about
 11441  // tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
 11442  // in the IAM User Guide.
 11443  //
 11444  // For certificates in a Region supported by Certificate Manager (ACM), we recommend
 11445  // that you don't use IAM server certificates. Instead, use ACM to provision,
 11446  // manage, and deploy your server certificates. For more information about IAM
 11447  // server certificates, Working with server certificates (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_server-certs.html)
 11448  // in the IAM User Guide.
 11449  //
 11450  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 11451  // with awserr.Error's Code and Message methods to get detailed information about
 11452  // the error.
 11453  //
 11454  // See the AWS API reference guide for AWS Identity and Access Management's
 11455  // API operation ListServerCertificateTags for usage and error information.
 11456  //
 11457  // Returned Error Codes:
 11458  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
 11459  //   The request was rejected because it referenced a resource entity that does
 11460  //   not exist. The error message describes the resource.
 11461  //
 11462  //   * ErrCodeServiceFailureException "ServiceFailure"
 11463  //   The request processing has failed because of an unknown error, exception
 11464  //   or failure.
 11465  //
 11466  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListServerCertificateTags
 11467  func (c *IAM) ListServerCertificateTags(input *ListServerCertificateTagsInput) (*ListServerCertificateTagsOutput, error) {
 11468  	req, out := c.ListServerCertificateTagsRequest(input)
 11469  	return out, req.Send()
 11470  }
 11471  
 11472  // ListServerCertificateTagsWithContext is the same as ListServerCertificateTags with the addition of
 11473  // the ability to pass a context and additional request options.
 11474  //
 11475  // See ListServerCertificateTags for details on how to use this API operation.
 11476  //
 11477  // The context must be non-nil and will be used for request cancellation. If
 11478  // the context is nil a panic will occur. In the future the SDK may create
 11479  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 11480  // for more information on using Contexts.
 11481  func (c *IAM) ListServerCertificateTagsWithContext(ctx aws.Context, input *ListServerCertificateTagsInput, opts ...request.Option) (*ListServerCertificateTagsOutput, error) {
 11482  	req, out := c.ListServerCertificateTagsRequest(input)
 11483  	req.SetContext(ctx)
 11484  	req.ApplyOptions(opts...)
 11485  	return out, req.Send()
 11486  }
 11487  
 11488  const opListServerCertificates = "ListServerCertificates"
 11489  
 11490  // ListServerCertificatesRequest generates a "aws/request.Request" representing the
 11491  // client's request for the ListServerCertificates operation. The "output" return
 11492  // value will be populated with the request's response once the request completes
 11493  // successfully.
 11494  //
 11495  // Use "Send" method on the returned Request to send the API call to the service.
 11496  // the "output" return value is not valid until after Send returns without error.
 11497  //
 11498  // See ListServerCertificates for more information on using the ListServerCertificates
 11499  // API call, and error handling.
 11500  //
 11501  // This method is useful when you want to inject custom logic or configuration
 11502  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
 11503  //
 11504  //
 11505  //    // Example sending a request using the ListServerCertificatesRequest method.
 11506  //    req, resp := client.ListServerCertificatesRequest(params)
 11507  //
 11508  //    err := req.Send()
 11509  //    if err == nil { // resp is now filled
 11510  //        fmt.Println(resp)
 11511  //    }
 11512  //
 11513  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListServerCertificates
 11514  func (c *IAM) ListServerCertificatesRequest(input *ListServerCertificatesInput) (req *request.Request, output *ListServerCertificatesOutput) {
 11515  	op := &request.Operation{
 11516  		Name:       opListServerCertificates,
 11517  		HTTPMethod: "POST",
 11518  		HTTPPath:   "/",
 11519  		Paginator: &request.Paginator{
 11520  			InputTokens:     []string{"Marker"},
 11521  			OutputTokens:    []string{"Marker"},
 11522  			LimitToken:      "MaxItems",
 11523  			TruncationToken: "IsTruncated",
 11524  		},
 11525  	}
 11526  
 11527  	if input == nil {
 11528  		input = &ListServerCertificatesInput{}
 11529  	}
 11530  
 11531  	output = &ListServerCertificatesOutput{}
 11532  	req = c.newRequest(op, input, output)
 11533  	return
 11534  }
 11535  
 11536  // ListServerCertificates API operation for AWS Identity and Access Management.
 11537  //
 11538  // Lists the server certificates stored in IAM that have the specified path
 11539  // prefix. If none exist, the operation returns an empty list.
 11540  //
 11541  // You can paginate the results using the MaxItems and Marker parameters.
 11542  //
 11543  // For more information about working with server certificates, see Working
 11544  // with server certificates (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_server-certs.html)
 11545  // in the IAM User Guide. This topic also includes a list of Amazon Web Services
 11546  // services that can use the server certificates that you manage with IAM.
 11547  //
 11548  // IAM resource-listing operations return a subset of the available attributes
 11549  // for the resource. For example, this operation does not return tags, even
 11550  // though they are an attribute of the returned object. To view all of the information
 11551  // for a servercertificate, see GetServerCertificate.
 11552  //
 11553  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 11554  // with awserr.Error's Code and Message methods to get detailed information about
 11555  // the error.
 11556  //
 11557  // See the AWS API reference guide for AWS Identity and Access Management's
 11558  // API operation ListServerCertificates for usage and error information.
 11559  //
 11560  // Returned Error Codes:
 11561  //   * ErrCodeServiceFailureException "ServiceFailure"
 11562  //   The request processing has failed because of an unknown error, exception
 11563  //   or failure.
 11564  //
 11565  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListServerCertificates
 11566  func (c *IAM) ListServerCertificates(input *ListServerCertificatesInput) (*ListServerCertificatesOutput, error) {
 11567  	req, out := c.ListServerCertificatesRequest(input)
 11568  	return out, req.Send()
 11569  }
 11570  
 11571  // ListServerCertificatesWithContext is the same as ListServerCertificates with the addition of
 11572  // the ability to pass a context and additional request options.
 11573  //
 11574  // See ListServerCertificates for details on how to use this API operation.
 11575  //
 11576  // The context must be non-nil and will be used for request cancellation. If
 11577  // the context is nil a panic will occur. In the future the SDK may create
 11578  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 11579  // for more information on using Contexts.
 11580  func (c *IAM) ListServerCertificatesWithContext(ctx aws.Context, input *ListServerCertificatesInput, opts ...request.Option) (*ListServerCertificatesOutput, error) {
 11581  	req, out := c.ListServerCertificatesRequest(input)
 11582  	req.SetContext(ctx)
 11583  	req.ApplyOptions(opts...)
 11584  	return out, req.Send()
 11585  }
 11586  
 11587  // ListServerCertificatesPages iterates over the pages of a ListServerCertificates operation,
 11588  // calling the "fn" function with the response data for each page. To stop
 11589  // iterating, return false from the fn function.
 11590  //
 11591  // See ListServerCertificates method for more information on how to use this operation.
 11592  //
 11593  // Note: This operation can generate multiple requests to a service.
 11594  //
 11595  //    // Example iterating over at most 3 pages of a ListServerCertificates operation.
 11596  //    pageNum := 0
 11597  //    err := client.ListServerCertificatesPages(params,
 11598  //        func(page *iam.ListServerCertificatesOutput, lastPage bool) bool {
 11599  //            pageNum++
 11600  //            fmt.Println(page)
 11601  //            return pageNum <= 3
 11602  //        })
 11603  //
 11604  func (c *IAM) ListServerCertificatesPages(input *ListServerCertificatesInput, fn func(*ListServerCertificatesOutput, bool) bool) error {
 11605  	return c.ListServerCertificatesPagesWithContext(aws.BackgroundContext(), input, fn)
 11606  }
 11607  
 11608  // ListServerCertificatesPagesWithContext same as ListServerCertificatesPages except
 11609  // it takes a Context and allows setting request options on the pages.
 11610  //
 11611  // The context must be non-nil and will be used for request cancellation. If
 11612  // the context is nil a panic will occur. In the future the SDK may create
 11613  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 11614  // for more information on using Contexts.
 11615  func (c *IAM) ListServerCertificatesPagesWithContext(ctx aws.Context, input *ListServerCertificatesInput, fn func(*ListServerCertificatesOutput, bool) bool, opts ...request.Option) error {
 11616  	p := request.Pagination{
 11617  		NewRequest: func() (*request.Request, error) {
 11618  			var inCpy *ListServerCertificatesInput
 11619  			if input != nil {
 11620  				tmp := *input
 11621  				inCpy = &tmp
 11622  			}
 11623  			req, _ := c.ListServerCertificatesRequest(inCpy)
 11624  			req.SetContext(ctx)
 11625  			req.ApplyOptions(opts...)
 11626  			return req, nil
 11627  		},
 11628  	}
 11629  
 11630  	for p.Next() {
 11631  		if !fn(p.Page().(*ListServerCertificatesOutput), !p.HasNextPage()) {
 11632  			break
 11633  		}
 11634  	}
 11635  
 11636  	return p.Err()
 11637  }
 11638  
 11639  const opListServiceSpecificCredentials = "ListServiceSpecificCredentials"
 11640  
 11641  // ListServiceSpecificCredentialsRequest generates a "aws/request.Request" representing the
 11642  // client's request for the ListServiceSpecificCredentials operation. The "output" return
 11643  // value will be populated with the request's response once the request completes
 11644  // successfully.
 11645  //
 11646  // Use "Send" method on the returned Request to send the API call to the service.
 11647  // the "output" return value is not valid until after Send returns without error.
 11648  //
 11649  // See ListServiceSpecificCredentials for more information on using the ListServiceSpecificCredentials
 11650  // API call, and error handling.
 11651  //
 11652  // This method is useful when you want to inject custom logic or configuration
 11653  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
 11654  //
 11655  //
 11656  //    // Example sending a request using the ListServiceSpecificCredentialsRequest method.
 11657  //    req, resp := client.ListServiceSpecificCredentialsRequest(params)
 11658  //
 11659  //    err := req.Send()
 11660  //    if err == nil { // resp is now filled
 11661  //        fmt.Println(resp)
 11662  //    }
 11663  //
 11664  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListServiceSpecificCredentials
 11665  func (c *IAM) ListServiceSpecificCredentialsRequest(input *ListServiceSpecificCredentialsInput) (req *request.Request, output *ListServiceSpecificCredentialsOutput) {
 11666  	op := &request.Operation{
 11667  		Name:       opListServiceSpecificCredentials,
 11668  		HTTPMethod: "POST",
 11669  		HTTPPath:   "/",
 11670  	}
 11671  
 11672  	if input == nil {
 11673  		input = &ListServiceSpecificCredentialsInput{}
 11674  	}
 11675  
 11676  	output = &ListServiceSpecificCredentialsOutput{}
 11677  	req = c.newRequest(op, input, output)
 11678  	return
 11679  }
 11680  
 11681  // ListServiceSpecificCredentials API operation for AWS Identity and Access Management.
 11682  //
 11683  // Returns information about the service-specific credentials associated with
 11684  // the specified IAM user. If none exists, the operation returns an empty list.
 11685  // The service-specific credentials returned by this operation are used only
 11686  // for authenticating the IAM user to a specific service. For more information
 11687  // about using service-specific credentials to authenticate to an Amazon Web
 11688  // Services service, see Set up service-specific credentials (https://docs.aws.amazon.com/codecommit/latest/userguide/setting-up-gc.html)
 11689  // in the CodeCommit User Guide.
 11690  //
 11691  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 11692  // with awserr.Error's Code and Message methods to get detailed information about
 11693  // the error.
 11694  //
 11695  // See the AWS API reference guide for AWS Identity and Access Management's
 11696  // API operation ListServiceSpecificCredentials for usage and error information.
 11697  //
 11698  // Returned Error Codes:
 11699  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
 11700  //   The request was rejected because it referenced a resource entity that does
 11701  //   not exist. The error message describes the resource.
 11702  //
 11703  //   * ErrCodeServiceNotSupportedException "NotSupportedService"
 11704  //   The specified service does not support service-specific credentials.
 11705  //
 11706  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListServiceSpecificCredentials
 11707  func (c *IAM) ListServiceSpecificCredentials(input *ListServiceSpecificCredentialsInput) (*ListServiceSpecificCredentialsOutput, error) {
 11708  	req, out := c.ListServiceSpecificCredentialsRequest(input)
 11709  	return out, req.Send()
 11710  }
 11711  
 11712  // ListServiceSpecificCredentialsWithContext is the same as ListServiceSpecificCredentials with the addition of
 11713  // the ability to pass a context and additional request options.
 11714  //
 11715  // See ListServiceSpecificCredentials for details on how to use this API operation.
 11716  //
 11717  // The context must be non-nil and will be used for request cancellation. If
 11718  // the context is nil a panic will occur. In the future the SDK may create
 11719  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 11720  // for more information on using Contexts.
 11721  func (c *IAM) ListServiceSpecificCredentialsWithContext(ctx aws.Context, input *ListServiceSpecificCredentialsInput, opts ...request.Option) (*ListServiceSpecificCredentialsOutput, error) {
 11722  	req, out := c.ListServiceSpecificCredentialsRequest(input)
 11723  	req.SetContext(ctx)
 11724  	req.ApplyOptions(opts...)
 11725  	return out, req.Send()
 11726  }
 11727  
 11728  const opListSigningCertificates = "ListSigningCertificates"
 11729  
 11730  // ListSigningCertificatesRequest generates a "aws/request.Request" representing the
 11731  // client's request for the ListSigningCertificates operation. The "output" return
 11732  // value will be populated with the request's response once the request completes
 11733  // successfully.
 11734  //
 11735  // Use "Send" method on the returned Request to send the API call to the service.
 11736  // the "output" return value is not valid until after Send returns without error.
 11737  //
 11738  // See ListSigningCertificates for more information on using the ListSigningCertificates
 11739  // API call, and error handling.
 11740  //
 11741  // This method is useful when you want to inject custom logic or configuration
 11742  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
 11743  //
 11744  //
 11745  //    // Example sending a request using the ListSigningCertificatesRequest method.
 11746  //    req, resp := client.ListSigningCertificatesRequest(params)
 11747  //
 11748  //    err := req.Send()
 11749  //    if err == nil { // resp is now filled
 11750  //        fmt.Println(resp)
 11751  //    }
 11752  //
 11753  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListSigningCertificates
 11754  func (c *IAM) ListSigningCertificatesRequest(input *ListSigningCertificatesInput) (req *request.Request, output *ListSigningCertificatesOutput) {
 11755  	op := &request.Operation{
 11756  		Name:       opListSigningCertificates,
 11757  		HTTPMethod: "POST",
 11758  		HTTPPath:   "/",
 11759  		Paginator: &request.Paginator{
 11760  			InputTokens:     []string{"Marker"},
 11761  			OutputTokens:    []string{"Marker"},
 11762  			LimitToken:      "MaxItems",
 11763  			TruncationToken: "IsTruncated",
 11764  		},
 11765  	}
 11766  
 11767  	if input == nil {
 11768  		input = &ListSigningCertificatesInput{}
 11769  	}
 11770  
 11771  	output = &ListSigningCertificatesOutput{}
 11772  	req = c.newRequest(op, input, output)
 11773  	return
 11774  }
 11775  
 11776  // ListSigningCertificates API operation for AWS Identity and Access Management.
 11777  //
 11778  // Returns information about the signing certificates associated with the specified
 11779  // IAM user. If none exists, the operation returns an empty list.
 11780  //
 11781  // Although each user is limited to a small number of signing certificates,
 11782  // you can still paginate the results using the MaxItems and Marker parameters.
 11783  //
 11784  // If the UserName field is not specified, the user name is determined implicitly
 11785  // based on the Amazon Web Services access key ID used to sign the request for
 11786  // this operation. This operation works for access keys under the Amazon Web
 11787  // Services account. Consequently, you can use this operation to manage Amazon
 11788  // Web Services account root user credentials even if the Amazon Web Services
 11789  // account has no associated users.
 11790  //
 11791  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 11792  // with awserr.Error's Code and Message methods to get detailed information about
 11793  // the error.
 11794  //
 11795  // See the AWS API reference guide for AWS Identity and Access Management's
 11796  // API operation ListSigningCertificates for usage and error information.
 11797  //
 11798  // Returned Error Codes:
 11799  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
 11800  //   The request was rejected because it referenced a resource entity that does
 11801  //   not exist. The error message describes the resource.
 11802  //
 11803  //   * ErrCodeServiceFailureException "ServiceFailure"
 11804  //   The request processing has failed because of an unknown error, exception
 11805  //   or failure.
 11806  //
 11807  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListSigningCertificates
 11808  func (c *IAM) ListSigningCertificates(input *ListSigningCertificatesInput) (*ListSigningCertificatesOutput, error) {
 11809  	req, out := c.ListSigningCertificatesRequest(input)
 11810  	return out, req.Send()
 11811  }
 11812  
 11813  // ListSigningCertificatesWithContext is the same as ListSigningCertificates with the addition of
 11814  // the ability to pass a context and additional request options.
 11815  //
 11816  // See ListSigningCertificates for details on how to use this API operation.
 11817  //
 11818  // The context must be non-nil and will be used for request cancellation. If
 11819  // the context is nil a panic will occur. In the future the SDK may create
 11820  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 11821  // for more information on using Contexts.
 11822  func (c *IAM) ListSigningCertificatesWithContext(ctx aws.Context, input *ListSigningCertificatesInput, opts ...request.Option) (*ListSigningCertificatesOutput, error) {
 11823  	req, out := c.ListSigningCertificatesRequest(input)
 11824  	req.SetContext(ctx)
 11825  	req.ApplyOptions(opts...)
 11826  	return out, req.Send()
 11827  }
 11828  
 11829  // ListSigningCertificatesPages iterates over the pages of a ListSigningCertificates operation,
 11830  // calling the "fn" function with the response data for each page. To stop
 11831  // iterating, return false from the fn function.
 11832  //
 11833  // See ListSigningCertificates method for more information on how to use this operation.
 11834  //
 11835  // Note: This operation can generate multiple requests to a service.
 11836  //
 11837  //    // Example iterating over at most 3 pages of a ListSigningCertificates operation.
 11838  //    pageNum := 0
 11839  //    err := client.ListSigningCertificatesPages(params,
 11840  //        func(page *iam.ListSigningCertificatesOutput, lastPage bool) bool {
 11841  //            pageNum++
 11842  //            fmt.Println(page)
 11843  //            return pageNum <= 3
 11844  //        })
 11845  //
 11846  func (c *IAM) ListSigningCertificatesPages(input *ListSigningCertificatesInput, fn func(*ListSigningCertificatesOutput, bool) bool) error {
 11847  	return c.ListSigningCertificatesPagesWithContext(aws.BackgroundContext(), input, fn)
 11848  }
 11849  
 11850  // ListSigningCertificatesPagesWithContext same as ListSigningCertificatesPages except
 11851  // it takes a Context and allows setting request options on the pages.
 11852  //
 11853  // The context must be non-nil and will be used for request cancellation. If
 11854  // the context is nil a panic will occur. In the future the SDK may create
 11855  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 11856  // for more information on using Contexts.
 11857  func (c *IAM) ListSigningCertificatesPagesWithContext(ctx aws.Context, input *ListSigningCertificatesInput, fn func(*ListSigningCertificatesOutput, bool) bool, opts ...request.Option) error {
 11858  	p := request.Pagination{
 11859  		NewRequest: func() (*request.Request, error) {
 11860  			var inCpy *ListSigningCertificatesInput
 11861  			if input != nil {
 11862  				tmp := *input
 11863  				inCpy = &tmp
 11864  			}
 11865  			req, _ := c.ListSigningCertificatesRequest(inCpy)
 11866  			req.SetContext(ctx)
 11867  			req.ApplyOptions(opts...)
 11868  			return req, nil
 11869  		},
 11870  	}
 11871  
 11872  	for p.Next() {
 11873  		if !fn(p.Page().(*ListSigningCertificatesOutput), !p.HasNextPage()) {
 11874  			break
 11875  		}
 11876  	}
 11877  
 11878  	return p.Err()
 11879  }
 11880  
 11881  const opListUserPolicies = "ListUserPolicies"
 11882  
 11883  // ListUserPoliciesRequest generates a "aws/request.Request" representing the
 11884  // client's request for the ListUserPolicies operation. The "output" return
 11885  // value will be populated with the request's response once the request completes
 11886  // successfully.
 11887  //
 11888  // Use "Send" method on the returned Request to send the API call to the service.
 11889  // the "output" return value is not valid until after Send returns without error.
 11890  //
 11891  // See ListUserPolicies for more information on using the ListUserPolicies
 11892  // API call, and error handling.
 11893  //
 11894  // This method is useful when you want to inject custom logic or configuration
 11895  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
 11896  //
 11897  //
 11898  //    // Example sending a request using the ListUserPoliciesRequest method.
 11899  //    req, resp := client.ListUserPoliciesRequest(params)
 11900  //
 11901  //    err := req.Send()
 11902  //    if err == nil { // resp is now filled
 11903  //        fmt.Println(resp)
 11904  //    }
 11905  //
 11906  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListUserPolicies
 11907  func (c *IAM) ListUserPoliciesRequest(input *ListUserPoliciesInput) (req *request.Request, output *ListUserPoliciesOutput) {
 11908  	op := &request.Operation{
 11909  		Name:       opListUserPolicies,
 11910  		HTTPMethod: "POST",
 11911  		HTTPPath:   "/",
 11912  		Paginator: &request.Paginator{
 11913  			InputTokens:     []string{"Marker"},
 11914  			OutputTokens:    []string{"Marker"},
 11915  			LimitToken:      "MaxItems",
 11916  			TruncationToken: "IsTruncated",
 11917  		},
 11918  	}
 11919  
 11920  	if input == nil {
 11921  		input = &ListUserPoliciesInput{}
 11922  	}
 11923  
 11924  	output = &ListUserPoliciesOutput{}
 11925  	req = c.newRequest(op, input, output)
 11926  	return
 11927  }
 11928  
 11929  // ListUserPolicies API operation for AWS Identity and Access Management.
 11930  //
 11931  // Lists the names of the inline policies embedded in the specified IAM user.
 11932  //
 11933  // An IAM user can also have managed policies attached to it. To list the managed
 11934  // policies that are attached to a user, use ListAttachedUserPolicies. For more
 11935  // information about policies, see Managed policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
 11936  // in the IAM User Guide.
 11937  //
 11938  // You can paginate the results using the MaxItems and Marker parameters. If
 11939  // there are no inline policies embedded with the specified user, the operation
 11940  // returns an empty list.
 11941  //
 11942  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 11943  // with awserr.Error's Code and Message methods to get detailed information about
 11944  // the error.
 11945  //
 11946  // See the AWS API reference guide for AWS Identity and Access Management's
 11947  // API operation ListUserPolicies for usage and error information.
 11948  //
 11949  // Returned Error Codes:
 11950  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
 11951  //   The request was rejected because it referenced a resource entity that does
 11952  //   not exist. The error message describes the resource.
 11953  //
 11954  //   * ErrCodeServiceFailureException "ServiceFailure"
 11955  //   The request processing has failed because of an unknown error, exception
 11956  //   or failure.
 11957  //
 11958  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListUserPolicies
 11959  func (c *IAM) ListUserPolicies(input *ListUserPoliciesInput) (*ListUserPoliciesOutput, error) {
 11960  	req, out := c.ListUserPoliciesRequest(input)
 11961  	return out, req.Send()
 11962  }
 11963  
 11964  // ListUserPoliciesWithContext is the same as ListUserPolicies with the addition of
 11965  // the ability to pass a context and additional request options.
 11966  //
 11967  // See ListUserPolicies for details on how to use this API operation.
 11968  //
 11969  // The context must be non-nil and will be used for request cancellation. If
 11970  // the context is nil a panic will occur. In the future the SDK may create
 11971  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 11972  // for more information on using Contexts.
 11973  func (c *IAM) ListUserPoliciesWithContext(ctx aws.Context, input *ListUserPoliciesInput, opts ...request.Option) (*ListUserPoliciesOutput, error) {
 11974  	req, out := c.ListUserPoliciesRequest(input)
 11975  	req.SetContext(ctx)
 11976  	req.ApplyOptions(opts...)
 11977  	return out, req.Send()
 11978  }
 11979  
 11980  // ListUserPoliciesPages iterates over the pages of a ListUserPolicies operation,
 11981  // calling the "fn" function with the response data for each page. To stop
 11982  // iterating, return false from the fn function.
 11983  //
 11984  // See ListUserPolicies method for more information on how to use this operation.
 11985  //
 11986  // Note: This operation can generate multiple requests to a service.
 11987  //
 11988  //    // Example iterating over at most 3 pages of a ListUserPolicies operation.
 11989  //    pageNum := 0
 11990  //    err := client.ListUserPoliciesPages(params,
 11991  //        func(page *iam.ListUserPoliciesOutput, lastPage bool) bool {
 11992  //            pageNum++
 11993  //            fmt.Println(page)
 11994  //            return pageNum <= 3
 11995  //        })
 11996  //
 11997  func (c *IAM) ListUserPoliciesPages(input *ListUserPoliciesInput, fn func(*ListUserPoliciesOutput, bool) bool) error {
 11998  	return c.ListUserPoliciesPagesWithContext(aws.BackgroundContext(), input, fn)
 11999  }
 12000  
 12001  // ListUserPoliciesPagesWithContext same as ListUserPoliciesPages except
 12002  // it takes a Context and allows setting request options on the pages.
 12003  //
 12004  // The context must be non-nil and will be used for request cancellation. If
 12005  // the context is nil a panic will occur. In the future the SDK may create
 12006  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 12007  // for more information on using Contexts.
 12008  func (c *IAM) ListUserPoliciesPagesWithContext(ctx aws.Context, input *ListUserPoliciesInput, fn func(*ListUserPoliciesOutput, bool) bool, opts ...request.Option) error {
 12009  	p := request.Pagination{
 12010  		NewRequest: func() (*request.Request, error) {
 12011  			var inCpy *ListUserPoliciesInput
 12012  			if input != nil {
 12013  				tmp := *input
 12014  				inCpy = &tmp
 12015  			}
 12016  			req, _ := c.ListUserPoliciesRequest(inCpy)
 12017  			req.SetContext(ctx)
 12018  			req.ApplyOptions(opts...)
 12019  			return req, nil
 12020  		},
 12021  	}
 12022  
 12023  	for p.Next() {
 12024  		if !fn(p.Page().(*ListUserPoliciesOutput), !p.HasNextPage()) {
 12025  			break
 12026  		}
 12027  	}
 12028  
 12029  	return p.Err()
 12030  }
 12031  
 12032  const opListUserTags = "ListUserTags"
 12033  
 12034  // ListUserTagsRequest generates a "aws/request.Request" representing the
 12035  // client's request for the ListUserTags operation. The "output" return
 12036  // value will be populated with the request's response once the request completes
 12037  // successfully.
 12038  //
 12039  // Use "Send" method on the returned Request to send the API call to the service.
 12040  // the "output" return value is not valid until after Send returns without error.
 12041  //
 12042  // See ListUserTags for more information on using the ListUserTags
 12043  // API call, and error handling.
 12044  //
 12045  // This method is useful when you want to inject custom logic or configuration
 12046  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
 12047  //
 12048  //
 12049  //    // Example sending a request using the ListUserTagsRequest method.
 12050  //    req, resp := client.ListUserTagsRequest(params)
 12051  //
 12052  //    err := req.Send()
 12053  //    if err == nil { // resp is now filled
 12054  //        fmt.Println(resp)
 12055  //    }
 12056  //
 12057  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListUserTags
 12058  func (c *IAM) ListUserTagsRequest(input *ListUserTagsInput) (req *request.Request, output *ListUserTagsOutput) {
 12059  	op := &request.Operation{
 12060  		Name:       opListUserTags,
 12061  		HTTPMethod: "POST",
 12062  		HTTPPath:   "/",
 12063  		Paginator: &request.Paginator{
 12064  			InputTokens:     []string{"Marker"},
 12065  			OutputTokens:    []string{"Marker"},
 12066  			LimitToken:      "MaxItems",
 12067  			TruncationToken: "IsTruncated",
 12068  		},
 12069  	}
 12070  
 12071  	if input == nil {
 12072  		input = &ListUserTagsInput{}
 12073  	}
 12074  
 12075  	output = &ListUserTagsOutput{}
 12076  	req = c.newRequest(op, input, output)
 12077  	return
 12078  }
 12079  
 12080  // ListUserTags API operation for AWS Identity and Access Management.
 12081  //
 12082  // Lists the tags that are attached to the specified IAM user. The returned
 12083  // list of tags is sorted by tag key. For more information about tagging, see
 12084  // Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
 12085  // in the IAM User Guide.
 12086  //
 12087  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 12088  // with awserr.Error's Code and Message methods to get detailed information about
 12089  // the error.
 12090  //
 12091  // See the AWS API reference guide for AWS Identity and Access Management's
 12092  // API operation ListUserTags for usage and error information.
 12093  //
 12094  // Returned Error Codes:
 12095  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
 12096  //   The request was rejected because it referenced a resource entity that does
 12097  //   not exist. The error message describes the resource.
 12098  //
 12099  //   * ErrCodeServiceFailureException "ServiceFailure"
 12100  //   The request processing has failed because of an unknown error, exception
 12101  //   or failure.
 12102  //
 12103  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListUserTags
 12104  func (c *IAM) ListUserTags(input *ListUserTagsInput) (*ListUserTagsOutput, error) {
 12105  	req, out := c.ListUserTagsRequest(input)
 12106  	return out, req.Send()
 12107  }
 12108  
 12109  // ListUserTagsWithContext is the same as ListUserTags with the addition of
 12110  // the ability to pass a context and additional request options.
 12111  //
 12112  // See ListUserTags for details on how to use this API operation.
 12113  //
 12114  // The context must be non-nil and will be used for request cancellation. If
 12115  // the context is nil a panic will occur. In the future the SDK may create
 12116  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 12117  // for more information on using Contexts.
 12118  func (c *IAM) ListUserTagsWithContext(ctx aws.Context, input *ListUserTagsInput, opts ...request.Option) (*ListUserTagsOutput, error) {
 12119  	req, out := c.ListUserTagsRequest(input)
 12120  	req.SetContext(ctx)
 12121  	req.ApplyOptions(opts...)
 12122  	return out, req.Send()
 12123  }
 12124  
 12125  // ListUserTagsPages iterates over the pages of a ListUserTags operation,
 12126  // calling the "fn" function with the response data for each page. To stop
 12127  // iterating, return false from the fn function.
 12128  //
 12129  // See ListUserTags method for more information on how to use this operation.
 12130  //
 12131  // Note: This operation can generate multiple requests to a service.
 12132  //
 12133  //    // Example iterating over at most 3 pages of a ListUserTags operation.
 12134  //    pageNum := 0
 12135  //    err := client.ListUserTagsPages(params,
 12136  //        func(page *iam.ListUserTagsOutput, lastPage bool) bool {
 12137  //            pageNum++
 12138  //            fmt.Println(page)
 12139  //            return pageNum <= 3
 12140  //        })
 12141  //
 12142  func (c *IAM) ListUserTagsPages(input *ListUserTagsInput, fn func(*ListUserTagsOutput, bool) bool) error {
 12143  	return c.ListUserTagsPagesWithContext(aws.BackgroundContext(), input, fn)
 12144  }
 12145  
 12146  // ListUserTagsPagesWithContext same as ListUserTagsPages except
 12147  // it takes a Context and allows setting request options on the pages.
 12148  //
 12149  // The context must be non-nil and will be used for request cancellation. If
 12150  // the context is nil a panic will occur. In the future the SDK may create
 12151  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 12152  // for more information on using Contexts.
 12153  func (c *IAM) ListUserTagsPagesWithContext(ctx aws.Context, input *ListUserTagsInput, fn func(*ListUserTagsOutput, bool) bool, opts ...request.Option) error {
 12154  	p := request.Pagination{
 12155  		NewRequest: func() (*request.Request, error) {
 12156  			var inCpy *ListUserTagsInput
 12157  			if input != nil {
 12158  				tmp := *input
 12159  				inCpy = &tmp
 12160  			}
 12161  			req, _ := c.ListUserTagsRequest(inCpy)
 12162  			req.SetContext(ctx)
 12163  			req.ApplyOptions(opts...)
 12164  			return req, nil
 12165  		},
 12166  	}
 12167  
 12168  	for p.Next() {
 12169  		if !fn(p.Page().(*ListUserTagsOutput), !p.HasNextPage()) {
 12170  			break
 12171  		}
 12172  	}
 12173  
 12174  	return p.Err()
 12175  }
 12176  
 12177  const opListUsers = "ListUsers"
 12178  
 12179  // ListUsersRequest generates a "aws/request.Request" representing the
 12180  // client's request for the ListUsers operation. The "output" return
 12181  // value will be populated with the request's response once the request completes
 12182  // successfully.
 12183  //
 12184  // Use "Send" method on the returned Request to send the API call to the service.
 12185  // the "output" return value is not valid until after Send returns without error.
 12186  //
 12187  // See ListUsers for more information on using the ListUsers
 12188  // API call, and error handling.
 12189  //
 12190  // This method is useful when you want to inject custom logic or configuration
 12191  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
 12192  //
 12193  //
 12194  //    // Example sending a request using the ListUsersRequest method.
 12195  //    req, resp := client.ListUsersRequest(params)
 12196  //
 12197  //    err := req.Send()
 12198  //    if err == nil { // resp is now filled
 12199  //        fmt.Println(resp)
 12200  //    }
 12201  //
 12202  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListUsers
 12203  func (c *IAM) ListUsersRequest(input *ListUsersInput) (req *request.Request, output *ListUsersOutput) {
 12204  	op := &request.Operation{
 12205  		Name:       opListUsers,
 12206  		HTTPMethod: "POST",
 12207  		HTTPPath:   "/",
 12208  		Paginator: &request.Paginator{
 12209  			InputTokens:     []string{"Marker"},
 12210  			OutputTokens:    []string{"Marker"},
 12211  			LimitToken:      "MaxItems",
 12212  			TruncationToken: "IsTruncated",
 12213  		},
 12214  	}
 12215  
 12216  	if input == nil {
 12217  		input = &ListUsersInput{}
 12218  	}
 12219  
 12220  	output = &ListUsersOutput{}
 12221  	req = c.newRequest(op, input, output)
 12222  	return
 12223  }
 12224  
 12225  // ListUsers API operation for AWS Identity and Access Management.
 12226  //
 12227  // Lists the IAM users that have the specified path prefix. If no path prefix
 12228  // is specified, the operation returns all users in the Amazon Web Services
 12229  // account. If there are none, the operation returns an empty list.
 12230  //
 12231  // IAM resource-listing operations return a subset of the available attributes
 12232  // for the resource. For example, this operation does not return tags, even
 12233  // though they are an attribute of the returned object. To view all of the information
 12234  // for a user, see GetUser.
 12235  //
 12236  // You can paginate the results using the MaxItems and Marker parameters.
 12237  //
 12238  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 12239  // with awserr.Error's Code and Message methods to get detailed information about
 12240  // the error.
 12241  //
 12242  // See the AWS API reference guide for AWS Identity and Access Management's
 12243  // API operation ListUsers for usage and error information.
 12244  //
 12245  // Returned Error Codes:
 12246  //   * ErrCodeServiceFailureException "ServiceFailure"
 12247  //   The request processing has failed because of an unknown error, exception
 12248  //   or failure.
 12249  //
 12250  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListUsers
 12251  func (c *IAM) ListUsers(input *ListUsersInput) (*ListUsersOutput, error) {
 12252  	req, out := c.ListUsersRequest(input)
 12253  	return out, req.Send()
 12254  }
 12255  
 12256  // ListUsersWithContext is the same as ListUsers with the addition of
 12257  // the ability to pass a context and additional request options.
 12258  //
 12259  // See ListUsers for details on how to use this API operation.
 12260  //
 12261  // The context must be non-nil and will be used for request cancellation. If
 12262  // the context is nil a panic will occur. In the future the SDK may create
 12263  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 12264  // for more information on using Contexts.
 12265  func (c *IAM) ListUsersWithContext(ctx aws.Context, input *ListUsersInput, opts ...request.Option) (*ListUsersOutput, error) {
 12266  	req, out := c.ListUsersRequest(input)
 12267  	req.SetContext(ctx)
 12268  	req.ApplyOptions(opts...)
 12269  	return out, req.Send()
 12270  }
 12271  
 12272  // ListUsersPages iterates over the pages of a ListUsers operation,
 12273  // calling the "fn" function with the response data for each page. To stop
 12274  // iterating, return false from the fn function.
 12275  //
 12276  // See ListUsers method for more information on how to use this operation.
 12277  //
 12278  // Note: This operation can generate multiple requests to a service.
 12279  //
 12280  //    // Example iterating over at most 3 pages of a ListUsers operation.
 12281  //    pageNum := 0
 12282  //    err := client.ListUsersPages(params,
 12283  //        func(page *iam.ListUsersOutput, lastPage bool) bool {
 12284  //            pageNum++
 12285  //            fmt.Println(page)
 12286  //            return pageNum <= 3
 12287  //        })
 12288  //
 12289  func (c *IAM) ListUsersPages(input *ListUsersInput, fn func(*ListUsersOutput, bool) bool) error {
 12290  	return c.ListUsersPagesWithContext(aws.BackgroundContext(), input, fn)
 12291  }
 12292  
 12293  // ListUsersPagesWithContext same as ListUsersPages except
 12294  // it takes a Context and allows setting request options on the pages.
 12295  //
 12296  // The context must be non-nil and will be used for request cancellation. If
 12297  // the context is nil a panic will occur. In the future the SDK may create
 12298  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 12299  // for more information on using Contexts.
 12300  func (c *IAM) ListUsersPagesWithContext(ctx aws.Context, input *ListUsersInput, fn func(*ListUsersOutput, bool) bool, opts ...request.Option) error {
 12301  	p := request.Pagination{
 12302  		NewRequest: func() (*request.Request, error) {
 12303  			var inCpy *ListUsersInput
 12304  			if input != nil {
 12305  				tmp := *input
 12306  				inCpy = &tmp
 12307  			}
 12308  			req, _ := c.ListUsersRequest(inCpy)
 12309  			req.SetContext(ctx)
 12310  			req.ApplyOptions(opts...)
 12311  			return req, nil
 12312  		},
 12313  	}
 12314  
 12315  	for p.Next() {
 12316  		if !fn(p.Page().(*ListUsersOutput), !p.HasNextPage()) {
 12317  			break
 12318  		}
 12319  	}
 12320  
 12321  	return p.Err()
 12322  }
 12323  
 12324  const opListVirtualMFADevices = "ListVirtualMFADevices"
 12325  
 12326  // ListVirtualMFADevicesRequest generates a "aws/request.Request" representing the
 12327  // client's request for the ListVirtualMFADevices operation. The "output" return
 12328  // value will be populated with the request's response once the request completes
 12329  // successfully.
 12330  //
 12331  // Use "Send" method on the returned Request to send the API call to the service.
 12332  // the "output" return value is not valid until after Send returns without error.
 12333  //
 12334  // See ListVirtualMFADevices for more information on using the ListVirtualMFADevices
 12335  // API call, and error handling.
 12336  //
 12337  // This method is useful when you want to inject custom logic or configuration
 12338  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
 12339  //
 12340  //
 12341  //    // Example sending a request using the ListVirtualMFADevicesRequest method.
 12342  //    req, resp := client.ListVirtualMFADevicesRequest(params)
 12343  //
 12344  //    err := req.Send()
 12345  //    if err == nil { // resp is now filled
 12346  //        fmt.Println(resp)
 12347  //    }
 12348  //
 12349  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListVirtualMFADevices
 12350  func (c *IAM) ListVirtualMFADevicesRequest(input *ListVirtualMFADevicesInput) (req *request.Request, output *ListVirtualMFADevicesOutput) {
 12351  	op := &request.Operation{
 12352  		Name:       opListVirtualMFADevices,
 12353  		HTTPMethod: "POST",
 12354  		HTTPPath:   "/",
 12355  		Paginator: &request.Paginator{
 12356  			InputTokens:     []string{"Marker"},
 12357  			OutputTokens:    []string{"Marker"},
 12358  			LimitToken:      "MaxItems",
 12359  			TruncationToken: "IsTruncated",
 12360  		},
 12361  	}
 12362  
 12363  	if input == nil {
 12364  		input = &ListVirtualMFADevicesInput{}
 12365  	}
 12366  
 12367  	output = &ListVirtualMFADevicesOutput{}
 12368  	req = c.newRequest(op, input, output)
 12369  	return
 12370  }
 12371  
 12372  // ListVirtualMFADevices API operation for AWS Identity and Access Management.
 12373  //
 12374  // Lists the virtual MFA devices defined in the Amazon Web Services account
 12375  // by assignment status. If you do not specify an assignment status, the operation
 12376  // returns a list of all virtual MFA devices. Assignment status can be Assigned,
 12377  // Unassigned, or Any.
 12378  //
 12379  // IAM resource-listing operations return a subset of the available attributes
 12380  // for the resource. For example, this operation does not return tags, even
 12381  // though they are an attribute of the returned object. To view all of the information
 12382  // for a virtual MFA device, see ListVirtualMFADevices.
 12383  //
 12384  // You can paginate the results using the MaxItems and Marker parameters.
 12385  //
 12386  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 12387  // with awserr.Error's Code and Message methods to get detailed information about
 12388  // the error.
 12389  //
 12390  // See the AWS API reference guide for AWS Identity and Access Management's
 12391  // API operation ListVirtualMFADevices for usage and error information.
 12392  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListVirtualMFADevices
 12393  func (c *IAM) ListVirtualMFADevices(input *ListVirtualMFADevicesInput) (*ListVirtualMFADevicesOutput, error) {
 12394  	req, out := c.ListVirtualMFADevicesRequest(input)
 12395  	return out, req.Send()
 12396  }
 12397  
 12398  // ListVirtualMFADevicesWithContext is the same as ListVirtualMFADevices with the addition of
 12399  // the ability to pass a context and additional request options.
 12400  //
 12401  // See ListVirtualMFADevices for details on how to use this API operation.
 12402  //
 12403  // The context must be non-nil and will be used for request cancellation. If
 12404  // the context is nil a panic will occur. In the future the SDK may create
 12405  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 12406  // for more information on using Contexts.
 12407  func (c *IAM) ListVirtualMFADevicesWithContext(ctx aws.Context, input *ListVirtualMFADevicesInput, opts ...request.Option) (*ListVirtualMFADevicesOutput, error) {
 12408  	req, out := c.ListVirtualMFADevicesRequest(input)
 12409  	req.SetContext(ctx)
 12410  	req.ApplyOptions(opts...)
 12411  	return out, req.Send()
 12412  }
 12413  
 12414  // ListVirtualMFADevicesPages iterates over the pages of a ListVirtualMFADevices operation,
 12415  // calling the "fn" function with the response data for each page. To stop
 12416  // iterating, return false from the fn function.
 12417  //
 12418  // See ListVirtualMFADevices method for more information on how to use this operation.
 12419  //
 12420  // Note: This operation can generate multiple requests to a service.
 12421  //
 12422  //    // Example iterating over at most 3 pages of a ListVirtualMFADevices operation.
 12423  //    pageNum := 0
 12424  //    err := client.ListVirtualMFADevicesPages(params,
 12425  //        func(page *iam.ListVirtualMFADevicesOutput, lastPage bool) bool {
 12426  //            pageNum++
 12427  //            fmt.Println(page)
 12428  //            return pageNum <= 3
 12429  //        })
 12430  //
 12431  func (c *IAM) ListVirtualMFADevicesPages(input *ListVirtualMFADevicesInput, fn func(*ListVirtualMFADevicesOutput, bool) bool) error {
 12432  	return c.ListVirtualMFADevicesPagesWithContext(aws.BackgroundContext(), input, fn)
 12433  }
 12434  
 12435  // ListVirtualMFADevicesPagesWithContext same as ListVirtualMFADevicesPages except
 12436  // it takes a Context and allows setting request options on the pages.
 12437  //
 12438  // The context must be non-nil and will be used for request cancellation. If
 12439  // the context is nil a panic will occur. In the future the SDK may create
 12440  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 12441  // for more information on using Contexts.
 12442  func (c *IAM) ListVirtualMFADevicesPagesWithContext(ctx aws.Context, input *ListVirtualMFADevicesInput, fn func(*ListVirtualMFADevicesOutput, bool) bool, opts ...request.Option) error {
 12443  	p := request.Pagination{
 12444  		NewRequest: func() (*request.Request, error) {
 12445  			var inCpy *ListVirtualMFADevicesInput
 12446  			if input != nil {
 12447  				tmp := *input
 12448  				inCpy = &tmp
 12449  			}
 12450  			req, _ := c.ListVirtualMFADevicesRequest(inCpy)
 12451  			req.SetContext(ctx)
 12452  			req.ApplyOptions(opts...)
 12453  			return req, nil
 12454  		},
 12455  	}
 12456  
 12457  	for p.Next() {
 12458  		if !fn(p.Page().(*ListVirtualMFADevicesOutput), !p.HasNextPage()) {
 12459  			break
 12460  		}
 12461  	}
 12462  
 12463  	return p.Err()
 12464  }
 12465  
 12466  const opPutGroupPolicy = "PutGroupPolicy"
 12467  
 12468  // PutGroupPolicyRequest generates a "aws/request.Request" representing the
 12469  // client's request for the PutGroupPolicy operation. The "output" return
 12470  // value will be populated with the request's response once the request completes
 12471  // successfully.
 12472  //
 12473  // Use "Send" method on the returned Request to send the API call to the service.
 12474  // the "output" return value is not valid until after Send returns without error.
 12475  //
 12476  // See PutGroupPolicy for more information on using the PutGroupPolicy
 12477  // API call, and error handling.
 12478  //
 12479  // This method is useful when you want to inject custom logic or configuration
 12480  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
 12481  //
 12482  //
 12483  //    // Example sending a request using the PutGroupPolicyRequest method.
 12484  //    req, resp := client.PutGroupPolicyRequest(params)
 12485  //
 12486  //    err := req.Send()
 12487  //    if err == nil { // resp is now filled
 12488  //        fmt.Println(resp)
 12489  //    }
 12490  //
 12491  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/PutGroupPolicy
 12492  func (c *IAM) PutGroupPolicyRequest(input *PutGroupPolicyInput) (req *request.Request, output *PutGroupPolicyOutput) {
 12493  	op := &request.Operation{
 12494  		Name:       opPutGroupPolicy,
 12495  		HTTPMethod: "POST",
 12496  		HTTPPath:   "/",
 12497  	}
 12498  
 12499  	if input == nil {
 12500  		input = &PutGroupPolicyInput{}
 12501  	}
 12502  
 12503  	output = &PutGroupPolicyOutput{}
 12504  	req = c.newRequest(op, input, output)
 12505  	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
 12506  	return
 12507  }
 12508  
 12509  // PutGroupPolicy API operation for AWS Identity and Access Management.
 12510  //
 12511  // Adds or updates an inline policy document that is embedded in the specified
 12512  // IAM group.
 12513  //
 12514  // A user can also have managed policies attached to it. To attach a managed
 12515  // policy to a group, use AttachGroupPolicy. To create a new managed policy,
 12516  // use CreatePolicy. For information about policies, see Managed policies and
 12517  // inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
 12518  // in the IAM User Guide.
 12519  //
 12520  // For information about the maximum number of inline policies that you can
 12521  // embed in a group, see IAM and STS quotas (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html)
 12522  // in the IAM User Guide.
 12523  //
 12524  // Because policy documents can be large, you should use POST rather than GET
 12525  // when calling PutGroupPolicy. For general information about using the Query
 12526  // API with IAM, see Making query requests (https://docs.aws.amazon.com/IAM/latest/UserGuide/IAM_UsingQueryAPI.html)
 12527  // in the IAM User Guide.
 12528  //
 12529  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 12530  // with awserr.Error's Code and Message methods to get detailed information about
 12531  // the error.
 12532  //
 12533  // See the AWS API reference guide for AWS Identity and Access Management's
 12534  // API operation PutGroupPolicy for usage and error information.
 12535  //
 12536  // Returned Error Codes:
 12537  //   * ErrCodeLimitExceededException "LimitExceeded"
 12538  //   The request was rejected because it attempted to create resources beyond
 12539  //   the current Amazon Web Services account limits. The error message describes
 12540  //   the limit exceeded.
 12541  //
 12542  //   * ErrCodeMalformedPolicyDocumentException "MalformedPolicyDocument"
 12543  //   The request was rejected because the policy document was malformed. The error
 12544  //   message describes the specific error.
 12545  //
 12546  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
 12547  //   The request was rejected because it referenced a resource entity that does
 12548  //   not exist. The error message describes the resource.
 12549  //
 12550  //   * ErrCodeServiceFailureException "ServiceFailure"
 12551  //   The request processing has failed because of an unknown error, exception
 12552  //   or failure.
 12553  //
 12554  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/PutGroupPolicy
 12555  func (c *IAM) PutGroupPolicy(input *PutGroupPolicyInput) (*PutGroupPolicyOutput, error) {
 12556  	req, out := c.PutGroupPolicyRequest(input)
 12557  	return out, req.Send()
 12558  }
 12559  
 12560  // PutGroupPolicyWithContext is the same as PutGroupPolicy with the addition of
 12561  // the ability to pass a context and additional request options.
 12562  //
 12563  // See PutGroupPolicy for details on how to use this API operation.
 12564  //
 12565  // The context must be non-nil and will be used for request cancellation. If
 12566  // the context is nil a panic will occur. In the future the SDK may create
 12567  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 12568  // for more information on using Contexts.
 12569  func (c *IAM) PutGroupPolicyWithContext(ctx aws.Context, input *PutGroupPolicyInput, opts ...request.Option) (*PutGroupPolicyOutput, error) {
 12570  	req, out := c.PutGroupPolicyRequest(input)
 12571  	req.SetContext(ctx)
 12572  	req.ApplyOptions(opts...)
 12573  	return out, req.Send()
 12574  }
 12575  
 12576  const opPutRolePermissionsBoundary = "PutRolePermissionsBoundary"
 12577  
 12578  // PutRolePermissionsBoundaryRequest generates a "aws/request.Request" representing the
 12579  // client's request for the PutRolePermissionsBoundary operation. The "output" return
 12580  // value will be populated with the request's response once the request completes
 12581  // successfully.
 12582  //
 12583  // Use "Send" method on the returned Request to send the API call to the service.
 12584  // the "output" return value is not valid until after Send returns without error.
 12585  //
 12586  // See PutRolePermissionsBoundary for more information on using the PutRolePermissionsBoundary
 12587  // API call, and error handling.
 12588  //
 12589  // This method is useful when you want to inject custom logic or configuration
 12590  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
 12591  //
 12592  //
 12593  //    // Example sending a request using the PutRolePermissionsBoundaryRequest method.
 12594  //    req, resp := client.PutRolePermissionsBoundaryRequest(params)
 12595  //
 12596  //    err := req.Send()
 12597  //    if err == nil { // resp is now filled
 12598  //        fmt.Println(resp)
 12599  //    }
 12600  //
 12601  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/PutRolePermissionsBoundary
 12602  func (c *IAM) PutRolePermissionsBoundaryRequest(input *PutRolePermissionsBoundaryInput) (req *request.Request, output *PutRolePermissionsBoundaryOutput) {
 12603  	op := &request.Operation{
 12604  		Name:       opPutRolePermissionsBoundary,
 12605  		HTTPMethod: "POST",
 12606  		HTTPPath:   "/",
 12607  	}
 12608  
 12609  	if input == nil {
 12610  		input = &PutRolePermissionsBoundaryInput{}
 12611  	}
 12612  
 12613  	output = &PutRolePermissionsBoundaryOutput{}
 12614  	req = c.newRequest(op, input, output)
 12615  	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
 12616  	return
 12617  }
 12618  
 12619  // PutRolePermissionsBoundary API operation for AWS Identity and Access Management.
 12620  //
 12621  // Adds or updates the policy that is specified as the IAM role's permissions
 12622  // boundary. You can use an Amazon Web Services managed policy or a customer
 12623  // managed policy to set the boundary for a role. Use the boundary to control
 12624  // the maximum permissions that the role can have. Setting a permissions boundary
 12625  // is an advanced feature that can affect the permissions for the role.
 12626  //
 12627  // You cannot set the boundary for a service-linked role.
 12628  //
 12629  // Policies used as permissions boundaries do not provide permissions. You must
 12630  // also attach a permissions policy to the role. To learn how the effective
 12631  // permissions for a role are evaluated, see IAM JSON policy evaluation logic
 12632  // (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluation-logic.html)
 12633  // in the IAM User Guide.
 12634  //
 12635  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 12636  // with awserr.Error's Code and Message methods to get detailed information about
 12637  // the error.
 12638  //
 12639  // See the AWS API reference guide for AWS Identity and Access Management's
 12640  // API operation PutRolePermissionsBoundary for usage and error information.
 12641  //
 12642  // Returned Error Codes:
 12643  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
 12644  //   The request was rejected because it referenced a resource entity that does
 12645  //   not exist. The error message describes the resource.
 12646  //
 12647  //   * ErrCodeInvalidInputException "InvalidInput"
 12648  //   The request was rejected because an invalid or out-of-range value was supplied
 12649  //   for an input parameter.
 12650  //
 12651  //   * ErrCodeUnmodifiableEntityException "UnmodifiableEntity"
 12652  //   The request was rejected because only the service that depends on the service-linked
 12653  //   role can modify or delete the role on your behalf. The error message includes
 12654  //   the name of the service that depends on this service-linked role. You must
 12655  //   request the change through that service.
 12656  //
 12657  //   * ErrCodePolicyNotAttachableException "PolicyNotAttachable"
 12658  //   The request failed because Amazon Web Services service role policies can
 12659  //   only be attached to the service-linked role for that service.
 12660  //
 12661  //   * ErrCodeServiceFailureException "ServiceFailure"
 12662  //   The request processing has failed because of an unknown error, exception
 12663  //   or failure.
 12664  //
 12665  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/PutRolePermissionsBoundary
 12666  func (c *IAM) PutRolePermissionsBoundary(input *PutRolePermissionsBoundaryInput) (*PutRolePermissionsBoundaryOutput, error) {
 12667  	req, out := c.PutRolePermissionsBoundaryRequest(input)
 12668  	return out, req.Send()
 12669  }
 12670  
 12671  // PutRolePermissionsBoundaryWithContext is the same as PutRolePermissionsBoundary with the addition of
 12672  // the ability to pass a context and additional request options.
 12673  //
 12674  // See PutRolePermissionsBoundary for details on how to use this API operation.
 12675  //
 12676  // The context must be non-nil and will be used for request cancellation. If
 12677  // the context is nil a panic will occur. In the future the SDK may create
 12678  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 12679  // for more information on using Contexts.
 12680  func (c *IAM) PutRolePermissionsBoundaryWithContext(ctx aws.Context, input *PutRolePermissionsBoundaryInput, opts ...request.Option) (*PutRolePermissionsBoundaryOutput, error) {
 12681  	req, out := c.PutRolePermissionsBoundaryRequest(input)
 12682  	req.SetContext(ctx)
 12683  	req.ApplyOptions(opts...)
 12684  	return out, req.Send()
 12685  }
 12686  
 12687  const opPutRolePolicy = "PutRolePolicy"
 12688  
 12689  // PutRolePolicyRequest generates a "aws/request.Request" representing the
 12690  // client's request for the PutRolePolicy operation. The "output" return
 12691  // value will be populated with the request's response once the request completes
 12692  // successfully.
 12693  //
 12694  // Use "Send" method on the returned Request to send the API call to the service.
 12695  // the "output" return value is not valid until after Send returns without error.
 12696  //
 12697  // See PutRolePolicy for more information on using the PutRolePolicy
 12698  // API call, and error handling.
 12699  //
 12700  // This method is useful when you want to inject custom logic or configuration
 12701  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
 12702  //
 12703  //
 12704  //    // Example sending a request using the PutRolePolicyRequest method.
 12705  //    req, resp := client.PutRolePolicyRequest(params)
 12706  //
 12707  //    err := req.Send()
 12708  //    if err == nil { // resp is now filled
 12709  //        fmt.Println(resp)
 12710  //    }
 12711  //
 12712  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/PutRolePolicy
 12713  func (c *IAM) PutRolePolicyRequest(input *PutRolePolicyInput) (req *request.Request, output *PutRolePolicyOutput) {
 12714  	op := &request.Operation{
 12715  		Name:       opPutRolePolicy,
 12716  		HTTPMethod: "POST",
 12717  		HTTPPath:   "/",
 12718  	}
 12719  
 12720  	if input == nil {
 12721  		input = &PutRolePolicyInput{}
 12722  	}
 12723  
 12724  	output = &PutRolePolicyOutput{}
 12725  	req = c.newRequest(op, input, output)
 12726  	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
 12727  	return
 12728  }
 12729  
 12730  // PutRolePolicy API operation for AWS Identity and Access Management.
 12731  //
 12732  // Adds or updates an inline policy document that is embedded in the specified
 12733  // IAM role.
 12734  //
 12735  // When you embed an inline policy in a role, the inline policy is used as part
 12736  // of the role's access (permissions) policy. The role's trust policy is created
 12737  // at the same time as the role, using CreateRole. You can update a role's trust
 12738  // policy using UpdateAssumeRolePolicy. For more information about IAM roles,
 12739  // see Using roles to delegate permissions and federate identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/roles-toplevel.html).
 12740  //
 12741  // A role can also have a managed policy attached to it. To attach a managed
 12742  // policy to a role, use AttachRolePolicy. To create a new managed policy, use
 12743  // CreatePolicy. For information about policies, see Managed policies and inline
 12744  // policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
 12745  // in the IAM User Guide.
 12746  //
 12747  // For information about the maximum number of inline policies that you can
 12748  // embed with a role, see IAM and STS quotas (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html)
 12749  // in the IAM User Guide.
 12750  //
 12751  // Because policy documents can be large, you should use POST rather than GET
 12752  // when calling PutRolePolicy. For general information about using the Query
 12753  // API with IAM, see Making query requests (https://docs.aws.amazon.com/IAM/latest/UserGuide/IAM_UsingQueryAPI.html)
 12754  // in the IAM User Guide.
 12755  //
 12756  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 12757  // with awserr.Error's Code and Message methods to get detailed information about
 12758  // the error.
 12759  //
 12760  // See the AWS API reference guide for AWS Identity and Access Management's
 12761  // API operation PutRolePolicy for usage and error information.
 12762  //
 12763  // Returned Error Codes:
 12764  //   * ErrCodeLimitExceededException "LimitExceeded"
 12765  //   The request was rejected because it attempted to create resources beyond
 12766  //   the current Amazon Web Services account limits. The error message describes
 12767  //   the limit exceeded.
 12768  //
 12769  //   * ErrCodeMalformedPolicyDocumentException "MalformedPolicyDocument"
 12770  //   The request was rejected because the policy document was malformed. The error
 12771  //   message describes the specific error.
 12772  //
 12773  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
 12774  //   The request was rejected because it referenced a resource entity that does
 12775  //   not exist. The error message describes the resource.
 12776  //
 12777  //   * ErrCodeUnmodifiableEntityException "UnmodifiableEntity"
 12778  //   The request was rejected because only the service that depends on the service-linked
 12779  //   role can modify or delete the role on your behalf. The error message includes
 12780  //   the name of the service that depends on this service-linked role. You must
 12781  //   request the change through that service.
 12782  //
 12783  //   * ErrCodeServiceFailureException "ServiceFailure"
 12784  //   The request processing has failed because of an unknown error, exception
 12785  //   or failure.
 12786  //
 12787  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/PutRolePolicy
 12788  func (c *IAM) PutRolePolicy(input *PutRolePolicyInput) (*PutRolePolicyOutput, error) {
 12789  	req, out := c.PutRolePolicyRequest(input)
 12790  	return out, req.Send()
 12791  }
 12792  
 12793  // PutRolePolicyWithContext is the same as PutRolePolicy with the addition of
 12794  // the ability to pass a context and additional request options.
 12795  //
 12796  // See PutRolePolicy for details on how to use this API operation.
 12797  //
 12798  // The context must be non-nil and will be used for request cancellation. If
 12799  // the context is nil a panic will occur. In the future the SDK may create
 12800  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 12801  // for more information on using Contexts.
 12802  func (c *IAM) PutRolePolicyWithContext(ctx aws.Context, input *PutRolePolicyInput, opts ...request.Option) (*PutRolePolicyOutput, error) {
 12803  	req, out := c.PutRolePolicyRequest(input)
 12804  	req.SetContext(ctx)
 12805  	req.ApplyOptions(opts...)
 12806  	return out, req.Send()
 12807  }
 12808  
 12809  const opPutUserPermissionsBoundary = "PutUserPermissionsBoundary"
 12810  
 12811  // PutUserPermissionsBoundaryRequest generates a "aws/request.Request" representing the
 12812  // client's request for the PutUserPermissionsBoundary operation. The "output" return
 12813  // value will be populated with the request's response once the request completes
 12814  // successfully.
 12815  //
 12816  // Use "Send" method on the returned Request to send the API call to the service.
 12817  // the "output" return value is not valid until after Send returns without error.
 12818  //
 12819  // See PutUserPermissionsBoundary for more information on using the PutUserPermissionsBoundary
 12820  // API call, and error handling.
 12821  //
 12822  // This method is useful when you want to inject custom logic or configuration
 12823  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
 12824  //
 12825  //
 12826  //    // Example sending a request using the PutUserPermissionsBoundaryRequest method.
 12827  //    req, resp := client.PutUserPermissionsBoundaryRequest(params)
 12828  //
 12829  //    err := req.Send()
 12830  //    if err == nil { // resp is now filled
 12831  //        fmt.Println(resp)
 12832  //    }
 12833  //
 12834  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/PutUserPermissionsBoundary
 12835  func (c *IAM) PutUserPermissionsBoundaryRequest(input *PutUserPermissionsBoundaryInput) (req *request.Request, output *PutUserPermissionsBoundaryOutput) {
 12836  	op := &request.Operation{
 12837  		Name:       opPutUserPermissionsBoundary,
 12838  		HTTPMethod: "POST",
 12839  		HTTPPath:   "/",
 12840  	}
 12841  
 12842  	if input == nil {
 12843  		input = &PutUserPermissionsBoundaryInput{}
 12844  	}
 12845  
 12846  	output = &PutUserPermissionsBoundaryOutput{}
 12847  	req = c.newRequest(op, input, output)
 12848  	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
 12849  	return
 12850  }
 12851  
 12852  // PutUserPermissionsBoundary API operation for AWS Identity and Access Management.
 12853  //
 12854  // Adds or updates the policy that is specified as the IAM user's permissions
 12855  // boundary. You can use an Amazon Web Services managed policy or a customer
 12856  // managed policy to set the boundary for a user. Use the boundary to control
 12857  // the maximum permissions that the user can have. Setting a permissions boundary
 12858  // is an advanced feature that can affect the permissions for the user.
 12859  //
 12860  // Policies that are used as permissions boundaries do not provide permissions.
 12861  // You must also attach a permissions policy to the user. To learn how the effective
 12862  // permissions for a user are evaluated, see IAM JSON policy evaluation logic
 12863  // (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluation-logic.html)
 12864  // in the IAM User Guide.
 12865  //
 12866  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 12867  // with awserr.Error's Code and Message methods to get detailed information about
 12868  // the error.
 12869  //
 12870  // See the AWS API reference guide for AWS Identity and Access Management's
 12871  // API operation PutUserPermissionsBoundary for usage and error information.
 12872  //
 12873  // Returned Error Codes:
 12874  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
 12875  //   The request was rejected because it referenced a resource entity that does
 12876  //   not exist. The error message describes the resource.
 12877  //
 12878  //   * ErrCodeInvalidInputException "InvalidInput"
 12879  //   The request was rejected because an invalid or out-of-range value was supplied
 12880  //   for an input parameter.
 12881  //
 12882  //   * ErrCodePolicyNotAttachableException "PolicyNotAttachable"
 12883  //   The request failed because Amazon Web Services service role policies can
 12884  //   only be attached to the service-linked role for that service.
 12885  //
 12886  //   * ErrCodeServiceFailureException "ServiceFailure"
 12887  //   The request processing has failed because of an unknown error, exception
 12888  //   or failure.
 12889  //
 12890  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/PutUserPermissionsBoundary
 12891  func (c *IAM) PutUserPermissionsBoundary(input *PutUserPermissionsBoundaryInput) (*PutUserPermissionsBoundaryOutput, error) {
 12892  	req, out := c.PutUserPermissionsBoundaryRequest(input)
 12893  	return out, req.Send()
 12894  }
 12895  
 12896  // PutUserPermissionsBoundaryWithContext is the same as PutUserPermissionsBoundary with the addition of
 12897  // the ability to pass a context and additional request options.
 12898  //
 12899  // See PutUserPermissionsBoundary for details on how to use this API operation.
 12900  //
 12901  // The context must be non-nil and will be used for request cancellation. If
 12902  // the context is nil a panic will occur. In the future the SDK may create
 12903  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 12904  // for more information on using Contexts.
 12905  func (c *IAM) PutUserPermissionsBoundaryWithContext(ctx aws.Context, input *PutUserPermissionsBoundaryInput, opts ...request.Option) (*PutUserPermissionsBoundaryOutput, error) {
 12906  	req, out := c.PutUserPermissionsBoundaryRequest(input)
 12907  	req.SetContext(ctx)
 12908  	req.ApplyOptions(opts...)
 12909  	return out, req.Send()
 12910  }
 12911  
 12912  const opPutUserPolicy = "PutUserPolicy"
 12913  
 12914  // PutUserPolicyRequest generates a "aws/request.Request" representing the
 12915  // client's request for the PutUserPolicy operation. The "output" return
 12916  // value will be populated with the request's response once the request completes
 12917  // successfully.
 12918  //
 12919  // Use "Send" method on the returned Request to send the API call to the service.
 12920  // the "output" return value is not valid until after Send returns without error.
 12921  //
 12922  // See PutUserPolicy for more information on using the PutUserPolicy
 12923  // API call, and error handling.
 12924  //
 12925  // This method is useful when you want to inject custom logic or configuration
 12926  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
 12927  //
 12928  //
 12929  //    // Example sending a request using the PutUserPolicyRequest method.
 12930  //    req, resp := client.PutUserPolicyRequest(params)
 12931  //
 12932  //    err := req.Send()
 12933  //    if err == nil { // resp is now filled
 12934  //        fmt.Println(resp)
 12935  //    }
 12936  //
 12937  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/PutUserPolicy
 12938  func (c *IAM) PutUserPolicyRequest(input *PutUserPolicyInput) (req *request.Request, output *PutUserPolicyOutput) {
 12939  	op := &request.Operation{
 12940  		Name:       opPutUserPolicy,
 12941  		HTTPMethod: "POST",
 12942  		HTTPPath:   "/",
 12943  	}
 12944  
 12945  	if input == nil {
 12946  		input = &PutUserPolicyInput{}
 12947  	}
 12948  
 12949  	output = &PutUserPolicyOutput{}
 12950  	req = c.newRequest(op, input, output)
 12951  	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
 12952  	return
 12953  }
 12954  
 12955  // PutUserPolicy API operation for AWS Identity and Access Management.
 12956  //
 12957  // Adds or updates an inline policy document that is embedded in the specified
 12958  // IAM user.
 12959  //
 12960  // An IAM user can also have a managed policy attached to it. To attach a managed
 12961  // policy to a user, use AttachUserPolicy. To create a new managed policy, use
 12962  // CreatePolicy. For information about policies, see Managed policies and inline
 12963  // policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
 12964  // in the IAM User Guide.
 12965  //
 12966  // For information about the maximum number of inline policies that you can
 12967  // embed in a user, see IAM and STS quotas (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html)
 12968  // in the IAM User Guide.
 12969  //
 12970  // Because policy documents can be large, you should use POST rather than GET
 12971  // when calling PutUserPolicy. For general information about using the Query
 12972  // API with IAM, see Making query requests (https://docs.aws.amazon.com/IAM/latest/UserGuide/IAM_UsingQueryAPI.html)
 12973  // in the IAM User Guide.
 12974  //
 12975  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 12976  // with awserr.Error's Code and Message methods to get detailed information about
 12977  // the error.
 12978  //
 12979  // See the AWS API reference guide for AWS Identity and Access Management's
 12980  // API operation PutUserPolicy for usage and error information.
 12981  //
 12982  // Returned Error Codes:
 12983  //   * ErrCodeLimitExceededException "LimitExceeded"
 12984  //   The request was rejected because it attempted to create resources beyond
 12985  //   the current Amazon Web Services account limits. The error message describes
 12986  //   the limit exceeded.
 12987  //
 12988  //   * ErrCodeMalformedPolicyDocumentException "MalformedPolicyDocument"
 12989  //   The request was rejected because the policy document was malformed. The error
 12990  //   message describes the specific error.
 12991  //
 12992  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
 12993  //   The request was rejected because it referenced a resource entity that does
 12994  //   not exist. The error message describes the resource.
 12995  //
 12996  //   * ErrCodeServiceFailureException "ServiceFailure"
 12997  //   The request processing has failed because of an unknown error, exception
 12998  //   or failure.
 12999  //
 13000  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/PutUserPolicy
 13001  func (c *IAM) PutUserPolicy(input *PutUserPolicyInput) (*PutUserPolicyOutput, error) {
 13002  	req, out := c.PutUserPolicyRequest(input)
 13003  	return out, req.Send()
 13004  }
 13005  
 13006  // PutUserPolicyWithContext is the same as PutUserPolicy with the addition of
 13007  // the ability to pass a context and additional request options.
 13008  //
 13009  // See PutUserPolicy for details on how to use this API operation.
 13010  //
 13011  // The context must be non-nil and will be used for request cancellation. If
 13012  // the context is nil a panic will occur. In the future the SDK may create
 13013  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 13014  // for more information on using Contexts.
 13015  func (c *IAM) PutUserPolicyWithContext(ctx aws.Context, input *PutUserPolicyInput, opts ...request.Option) (*PutUserPolicyOutput, error) {
 13016  	req, out := c.PutUserPolicyRequest(input)
 13017  	req.SetContext(ctx)
 13018  	req.ApplyOptions(opts...)
 13019  	return out, req.Send()
 13020  }
 13021  
 13022  const opRemoveClientIDFromOpenIDConnectProvider = "RemoveClientIDFromOpenIDConnectProvider"
 13023  
 13024  // RemoveClientIDFromOpenIDConnectProviderRequest generates a "aws/request.Request" representing the
 13025  // client's request for the RemoveClientIDFromOpenIDConnectProvider operation. The "output" return
 13026  // value will be populated with the request's response once the request completes
 13027  // successfully.
 13028  //
 13029  // Use "Send" method on the returned Request to send the API call to the service.
 13030  // the "output" return value is not valid until after Send returns without error.
 13031  //
 13032  // See RemoveClientIDFromOpenIDConnectProvider for more information on using the RemoveClientIDFromOpenIDConnectProvider
 13033  // API call, and error handling.
 13034  //
 13035  // This method is useful when you want to inject custom logic or configuration
 13036  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
 13037  //
 13038  //
 13039  //    // Example sending a request using the RemoveClientIDFromOpenIDConnectProviderRequest method.
 13040  //    req, resp := client.RemoveClientIDFromOpenIDConnectProviderRequest(params)
 13041  //
 13042  //    err := req.Send()
 13043  //    if err == nil { // resp is now filled
 13044  //        fmt.Println(resp)
 13045  //    }
 13046  //
 13047  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/RemoveClientIDFromOpenIDConnectProvider
 13048  func (c *IAM) RemoveClientIDFromOpenIDConnectProviderRequest(input *RemoveClientIDFromOpenIDConnectProviderInput) (req *request.Request, output *RemoveClientIDFromOpenIDConnectProviderOutput) {
 13049  	op := &request.Operation{
 13050  		Name:       opRemoveClientIDFromOpenIDConnectProvider,
 13051  		HTTPMethod: "POST",
 13052  		HTTPPath:   "/",
 13053  	}
 13054  
 13055  	if input == nil {
 13056  		input = &RemoveClientIDFromOpenIDConnectProviderInput{}
 13057  	}
 13058  
 13059  	output = &RemoveClientIDFromOpenIDConnectProviderOutput{}
 13060  	req = c.newRequest(op, input, output)
 13061  	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
 13062  	return
 13063  }
 13064  
 13065  // RemoveClientIDFromOpenIDConnectProvider API operation for AWS Identity and Access Management.
 13066  //
 13067  // Removes the specified client ID (also known as audience) from the list of
 13068  // client IDs registered for the specified IAM OpenID Connect (OIDC) provider
 13069  // resource object.
 13070  //
 13071  // This operation is idempotent; it does not fail or return an error if you
 13072  // try to remove a client ID that does not exist.
 13073  //
 13074  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 13075  // with awserr.Error's Code and Message methods to get detailed information about
 13076  // the error.
 13077  //
 13078  // See the AWS API reference guide for AWS Identity and Access Management's
 13079  // API operation RemoveClientIDFromOpenIDConnectProvider for usage and error information.
 13080  //
 13081  // Returned Error Codes:
 13082  //   * ErrCodeInvalidInputException "InvalidInput"
 13083  //   The request was rejected because an invalid or out-of-range value was supplied
 13084  //   for an input parameter.
 13085  //
 13086  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
 13087  //   The request was rejected because it referenced a resource entity that does
 13088  //   not exist. The error message describes the resource.
 13089  //
 13090  //   * ErrCodeServiceFailureException "ServiceFailure"
 13091  //   The request processing has failed because of an unknown error, exception
 13092  //   or failure.
 13093  //
 13094  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/RemoveClientIDFromOpenIDConnectProvider
 13095  func (c *IAM) RemoveClientIDFromOpenIDConnectProvider(input *RemoveClientIDFromOpenIDConnectProviderInput) (*RemoveClientIDFromOpenIDConnectProviderOutput, error) {
 13096  	req, out := c.RemoveClientIDFromOpenIDConnectProviderRequest(input)
 13097  	return out, req.Send()
 13098  }
 13099  
 13100  // RemoveClientIDFromOpenIDConnectProviderWithContext is the same as RemoveClientIDFromOpenIDConnectProvider with the addition of
 13101  // the ability to pass a context and additional request options.
 13102  //
 13103  // See RemoveClientIDFromOpenIDConnectProvider for details on how to use this API operation.
 13104  //
 13105  // The context must be non-nil and will be used for request cancellation. If
 13106  // the context is nil a panic will occur. In the future the SDK may create
 13107  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 13108  // for more information on using Contexts.
 13109  func (c *IAM) RemoveClientIDFromOpenIDConnectProviderWithContext(ctx aws.Context, input *RemoveClientIDFromOpenIDConnectProviderInput, opts ...request.Option) (*RemoveClientIDFromOpenIDConnectProviderOutput, error) {
 13110  	req, out := c.RemoveClientIDFromOpenIDConnectProviderRequest(input)
 13111  	req.SetContext(ctx)
 13112  	req.ApplyOptions(opts...)
 13113  	return out, req.Send()
 13114  }
 13115  
 13116  const opRemoveRoleFromInstanceProfile = "RemoveRoleFromInstanceProfile"
 13117  
 13118  // RemoveRoleFromInstanceProfileRequest generates a "aws/request.Request" representing the
 13119  // client's request for the RemoveRoleFromInstanceProfile operation. The "output" return
 13120  // value will be populated with the request's response once the request completes
 13121  // successfully.
 13122  //
 13123  // Use "Send" method on the returned Request to send the API call to the service.
 13124  // the "output" return value is not valid until after Send returns without error.
 13125  //
 13126  // See RemoveRoleFromInstanceProfile for more information on using the RemoveRoleFromInstanceProfile
 13127  // API call, and error handling.
 13128  //
 13129  // This method is useful when you want to inject custom logic or configuration
 13130  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
 13131  //
 13132  //
 13133  //    // Example sending a request using the RemoveRoleFromInstanceProfileRequest method.
 13134  //    req, resp := client.RemoveRoleFromInstanceProfileRequest(params)
 13135  //
 13136  //    err := req.Send()
 13137  //    if err == nil { // resp is now filled
 13138  //        fmt.Println(resp)
 13139  //    }
 13140  //
 13141  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/RemoveRoleFromInstanceProfile
 13142  func (c *IAM) RemoveRoleFromInstanceProfileRequest(input *RemoveRoleFromInstanceProfileInput) (req *request.Request, output *RemoveRoleFromInstanceProfileOutput) {
 13143  	op := &request.Operation{
 13144  		Name:       opRemoveRoleFromInstanceProfile,
 13145  		HTTPMethod: "POST",
 13146  		HTTPPath:   "/",
 13147  	}
 13148  
 13149  	if input == nil {
 13150  		input = &RemoveRoleFromInstanceProfileInput{}
 13151  	}
 13152  
 13153  	output = &RemoveRoleFromInstanceProfileOutput{}
 13154  	req = c.newRequest(op, input, output)
 13155  	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
 13156  	return
 13157  }
 13158  
 13159  // RemoveRoleFromInstanceProfile API operation for AWS Identity and Access Management.
 13160  //
 13161  // Removes the specified IAM role from the specified EC2 instance profile.
 13162  //
 13163  // Make sure that you do not have any Amazon EC2 instances running with the
 13164  // role you are about to remove from the instance profile. Removing a role from
 13165  // an instance profile that is associated with a running instance might break
 13166  // any applications running on the instance.
 13167  //
 13168  // For more information about IAM roles, see Working with roles (https://docs.aws.amazon.com/IAM/latest/UserGuide/WorkingWithRoles.html).
 13169  // For more information about instance profiles, see About instance profiles
 13170  // (https://docs.aws.amazon.com/IAM/latest/UserGuide/AboutInstanceProfiles.html).
 13171  //
 13172  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 13173  // with awserr.Error's Code and Message methods to get detailed information about
 13174  // the error.
 13175  //
 13176  // See the AWS API reference guide for AWS Identity and Access Management's
 13177  // API operation RemoveRoleFromInstanceProfile for usage and error information.
 13178  //
 13179  // Returned Error Codes:
 13180  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
 13181  //   The request was rejected because it referenced a resource entity that does
 13182  //   not exist. The error message describes the resource.
 13183  //
 13184  //   * ErrCodeLimitExceededException "LimitExceeded"
 13185  //   The request was rejected because it attempted to create resources beyond
 13186  //   the current Amazon Web Services account limits. The error message describes
 13187  //   the limit exceeded.
 13188  //
 13189  //   * ErrCodeUnmodifiableEntityException "UnmodifiableEntity"
 13190  //   The request was rejected because only the service that depends on the service-linked
 13191  //   role can modify or delete the role on your behalf. The error message includes
 13192  //   the name of the service that depends on this service-linked role. You must
 13193  //   request the change through that service.
 13194  //
 13195  //   * ErrCodeServiceFailureException "ServiceFailure"
 13196  //   The request processing has failed because of an unknown error, exception
 13197  //   or failure.
 13198  //
 13199  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/RemoveRoleFromInstanceProfile
 13200  func (c *IAM) RemoveRoleFromInstanceProfile(input *RemoveRoleFromInstanceProfileInput) (*RemoveRoleFromInstanceProfileOutput, error) {
 13201  	req, out := c.RemoveRoleFromInstanceProfileRequest(input)
 13202  	return out, req.Send()
 13203  }
 13204  
 13205  // RemoveRoleFromInstanceProfileWithContext is the same as RemoveRoleFromInstanceProfile with the addition of
 13206  // the ability to pass a context and additional request options.
 13207  //
 13208  // See RemoveRoleFromInstanceProfile for details on how to use this API operation.
 13209  //
 13210  // The context must be non-nil and will be used for request cancellation. If
 13211  // the context is nil a panic will occur. In the future the SDK may create
 13212  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 13213  // for more information on using Contexts.
 13214  func (c *IAM) RemoveRoleFromInstanceProfileWithContext(ctx aws.Context, input *RemoveRoleFromInstanceProfileInput, opts ...request.Option) (*RemoveRoleFromInstanceProfileOutput, error) {
 13215  	req, out := c.RemoveRoleFromInstanceProfileRequest(input)
 13216  	req.SetContext(ctx)
 13217  	req.ApplyOptions(opts...)
 13218  	return out, req.Send()
 13219  }
 13220  
 13221  const opRemoveUserFromGroup = "RemoveUserFromGroup"
 13222  
 13223  // RemoveUserFromGroupRequest generates a "aws/request.Request" representing the
 13224  // client's request for the RemoveUserFromGroup operation. The "output" return
 13225  // value will be populated with the request's response once the request completes
 13226  // successfully.
 13227  //
 13228  // Use "Send" method on the returned Request to send the API call to the service.
 13229  // the "output" return value is not valid until after Send returns without error.
 13230  //
 13231  // See RemoveUserFromGroup for more information on using the RemoveUserFromGroup
 13232  // API call, and error handling.
 13233  //
 13234  // This method is useful when you want to inject custom logic or configuration
 13235  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
 13236  //
 13237  //
 13238  //    // Example sending a request using the RemoveUserFromGroupRequest method.
 13239  //    req, resp := client.RemoveUserFromGroupRequest(params)
 13240  //
 13241  //    err := req.Send()
 13242  //    if err == nil { // resp is now filled
 13243  //        fmt.Println(resp)
 13244  //    }
 13245  //
 13246  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/RemoveUserFromGroup
 13247  func (c *IAM) RemoveUserFromGroupRequest(input *RemoveUserFromGroupInput) (req *request.Request, output *RemoveUserFromGroupOutput) {
 13248  	op := &request.Operation{
 13249  		Name:       opRemoveUserFromGroup,
 13250  		HTTPMethod: "POST",
 13251  		HTTPPath:   "/",
 13252  	}
 13253  
 13254  	if input == nil {
 13255  		input = &RemoveUserFromGroupInput{}
 13256  	}
 13257  
 13258  	output = &RemoveUserFromGroupOutput{}
 13259  	req = c.newRequest(op, input, output)
 13260  	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
 13261  	return
 13262  }
 13263  
 13264  // RemoveUserFromGroup API operation for AWS Identity and Access Management.
 13265  //
 13266  // Removes the specified user from the specified group.
 13267  //
 13268  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 13269  // with awserr.Error's Code and Message methods to get detailed information about
 13270  // the error.
 13271  //
 13272  // See the AWS API reference guide for AWS Identity and Access Management's
 13273  // API operation RemoveUserFromGroup for usage and error information.
 13274  //
 13275  // Returned Error Codes:
 13276  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
 13277  //   The request was rejected because it referenced a resource entity that does
 13278  //   not exist. The error message describes the resource.
 13279  //
 13280  //   * ErrCodeLimitExceededException "LimitExceeded"
 13281  //   The request was rejected because it attempted to create resources beyond
 13282  //   the current Amazon Web Services account limits. The error message describes
 13283  //   the limit exceeded.
 13284  //
 13285  //   * ErrCodeServiceFailureException "ServiceFailure"
 13286  //   The request processing has failed because of an unknown error, exception
 13287  //   or failure.
 13288  //
 13289  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/RemoveUserFromGroup
 13290  func (c *IAM) RemoveUserFromGroup(input *RemoveUserFromGroupInput) (*RemoveUserFromGroupOutput, error) {
 13291  	req, out := c.RemoveUserFromGroupRequest(input)
 13292  	return out, req.Send()
 13293  }
 13294  
 13295  // RemoveUserFromGroupWithContext is the same as RemoveUserFromGroup with the addition of
 13296  // the ability to pass a context and additional request options.
 13297  //
 13298  // See RemoveUserFromGroup for details on how to use this API operation.
 13299  //
 13300  // The context must be non-nil and will be used for request cancellation. If
 13301  // the context is nil a panic will occur. In the future the SDK may create
 13302  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 13303  // for more information on using Contexts.
 13304  func (c *IAM) RemoveUserFromGroupWithContext(ctx aws.Context, input *RemoveUserFromGroupInput, opts ...request.Option) (*RemoveUserFromGroupOutput, error) {
 13305  	req, out := c.RemoveUserFromGroupRequest(input)
 13306  	req.SetContext(ctx)
 13307  	req.ApplyOptions(opts...)
 13308  	return out, req.Send()
 13309  }
 13310  
 13311  const opResetServiceSpecificCredential = "ResetServiceSpecificCredential"
 13312  
 13313  // ResetServiceSpecificCredentialRequest generates a "aws/request.Request" representing the
 13314  // client's request for the ResetServiceSpecificCredential operation. The "output" return
 13315  // value will be populated with the request's response once the request completes
 13316  // successfully.
 13317  //
 13318  // Use "Send" method on the returned Request to send the API call to the service.
 13319  // the "output" return value is not valid until after Send returns without error.
 13320  //
 13321  // See ResetServiceSpecificCredential for more information on using the ResetServiceSpecificCredential
 13322  // API call, and error handling.
 13323  //
 13324  // This method is useful when you want to inject custom logic or configuration
 13325  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
 13326  //
 13327  //
 13328  //    // Example sending a request using the ResetServiceSpecificCredentialRequest method.
 13329  //    req, resp := client.ResetServiceSpecificCredentialRequest(params)
 13330  //
 13331  //    err := req.Send()
 13332  //    if err == nil { // resp is now filled
 13333  //        fmt.Println(resp)
 13334  //    }
 13335  //
 13336  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ResetServiceSpecificCredential
 13337  func (c *IAM) ResetServiceSpecificCredentialRequest(input *ResetServiceSpecificCredentialInput) (req *request.Request, output *ResetServiceSpecificCredentialOutput) {
 13338  	op := &request.Operation{
 13339  		Name:       opResetServiceSpecificCredential,
 13340  		HTTPMethod: "POST",
 13341  		HTTPPath:   "/",
 13342  	}
 13343  
 13344  	if input == nil {
 13345  		input = &ResetServiceSpecificCredentialInput{}
 13346  	}
 13347  
 13348  	output = &ResetServiceSpecificCredentialOutput{}
 13349  	req = c.newRequest(op, input, output)
 13350  	return
 13351  }
 13352  
 13353  // ResetServiceSpecificCredential API operation for AWS Identity and Access Management.
 13354  //
 13355  // Resets the password for a service-specific credential. The new password is
 13356  // Amazon Web Services generated and cryptographically strong. It cannot be
 13357  // configured by the user. Resetting the password immediately invalidates the
 13358  // previous password associated with this user.
 13359  //
 13360  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 13361  // with awserr.Error's Code and Message methods to get detailed information about
 13362  // the error.
 13363  //
 13364  // See the AWS API reference guide for AWS Identity and Access Management's
 13365  // API operation ResetServiceSpecificCredential for usage and error information.
 13366  //
 13367  // Returned Error Codes:
 13368  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
 13369  //   The request was rejected because it referenced a resource entity that does
 13370  //   not exist. The error message describes the resource.
 13371  //
 13372  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ResetServiceSpecificCredential
 13373  func (c *IAM) ResetServiceSpecificCredential(input *ResetServiceSpecificCredentialInput) (*ResetServiceSpecificCredentialOutput, error) {
 13374  	req, out := c.ResetServiceSpecificCredentialRequest(input)
 13375  	return out, req.Send()
 13376  }
 13377  
 13378  // ResetServiceSpecificCredentialWithContext is the same as ResetServiceSpecificCredential with the addition of
 13379  // the ability to pass a context and additional request options.
 13380  //
 13381  // See ResetServiceSpecificCredential for details on how to use this API operation.
 13382  //
 13383  // The context must be non-nil and will be used for request cancellation. If
 13384  // the context is nil a panic will occur. In the future the SDK may create
 13385  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 13386  // for more information on using Contexts.
 13387  func (c *IAM) ResetServiceSpecificCredentialWithContext(ctx aws.Context, input *ResetServiceSpecificCredentialInput, opts ...request.Option) (*ResetServiceSpecificCredentialOutput, error) {
 13388  	req, out := c.ResetServiceSpecificCredentialRequest(input)
 13389  	req.SetContext(ctx)
 13390  	req.ApplyOptions(opts...)
 13391  	return out, req.Send()
 13392  }
 13393  
 13394  const opResyncMFADevice = "ResyncMFADevice"
 13395  
 13396  // ResyncMFADeviceRequest generates a "aws/request.Request" representing the
 13397  // client's request for the ResyncMFADevice operation. The "output" return
 13398  // value will be populated with the request's response once the request completes
 13399  // successfully.
 13400  //
 13401  // Use "Send" method on the returned Request to send the API call to the service.
 13402  // the "output" return value is not valid until after Send returns without error.
 13403  //
 13404  // See ResyncMFADevice for more information on using the ResyncMFADevice
 13405  // API call, and error handling.
 13406  //
 13407  // This method is useful when you want to inject custom logic or configuration
 13408  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
 13409  //
 13410  //
 13411  //    // Example sending a request using the ResyncMFADeviceRequest method.
 13412  //    req, resp := client.ResyncMFADeviceRequest(params)
 13413  //
 13414  //    err := req.Send()
 13415  //    if err == nil { // resp is now filled
 13416  //        fmt.Println(resp)
 13417  //    }
 13418  //
 13419  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ResyncMFADevice
 13420  func (c *IAM) ResyncMFADeviceRequest(input *ResyncMFADeviceInput) (req *request.Request, output *ResyncMFADeviceOutput) {
 13421  	op := &request.Operation{
 13422  		Name:       opResyncMFADevice,
 13423  		HTTPMethod: "POST",
 13424  		HTTPPath:   "/",
 13425  	}
 13426  
 13427  	if input == nil {
 13428  		input = &ResyncMFADeviceInput{}
 13429  	}
 13430  
 13431  	output = &ResyncMFADeviceOutput{}
 13432  	req = c.newRequest(op, input, output)
 13433  	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
 13434  	return
 13435  }
 13436  
 13437  // ResyncMFADevice API operation for AWS Identity and Access Management.
 13438  //
 13439  // Synchronizes the specified MFA device with its IAM resource object on the
 13440  // Amazon Web Services servers.
 13441  //
 13442  // For more information about creating and working with virtual MFA devices,
 13443  // see Using a virtual MFA device (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_VirtualMFA.html)
 13444  // in the IAM User Guide.
 13445  //
 13446  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 13447  // with awserr.Error's Code and Message methods to get detailed information about
 13448  // the error.
 13449  //
 13450  // See the AWS API reference guide for AWS Identity and Access Management's
 13451  // API operation ResyncMFADevice for usage and error information.
 13452  //
 13453  // Returned Error Codes:
 13454  //   * ErrCodeInvalidAuthenticationCodeException "InvalidAuthenticationCode"
 13455  //   The request was rejected because the authentication code was not recognized.
 13456  //   The error message describes the specific error.
 13457  //
 13458  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
 13459  //   The request was rejected because it referenced a resource entity that does
 13460  //   not exist. The error message describes the resource.
 13461  //
 13462  //   * ErrCodeLimitExceededException "LimitExceeded"
 13463  //   The request was rejected because it attempted to create resources beyond
 13464  //   the current Amazon Web Services account limits. The error message describes
 13465  //   the limit exceeded.
 13466  //
 13467  //   * ErrCodeServiceFailureException "ServiceFailure"
 13468  //   The request processing has failed because of an unknown error, exception
 13469  //   or failure.
 13470  //
 13471  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ResyncMFADevice
 13472  func (c *IAM) ResyncMFADevice(input *ResyncMFADeviceInput) (*ResyncMFADeviceOutput, error) {
 13473  	req, out := c.ResyncMFADeviceRequest(input)
 13474  	return out, req.Send()
 13475  }
 13476  
 13477  // ResyncMFADeviceWithContext is the same as ResyncMFADevice with the addition of
 13478  // the ability to pass a context and additional request options.
 13479  //
 13480  // See ResyncMFADevice for details on how to use this API operation.
 13481  //
 13482  // The context must be non-nil and will be used for request cancellation. If
 13483  // the context is nil a panic will occur. In the future the SDK may create
 13484  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 13485  // for more information on using Contexts.
 13486  func (c *IAM) ResyncMFADeviceWithContext(ctx aws.Context, input *ResyncMFADeviceInput, opts ...request.Option) (*ResyncMFADeviceOutput, error) {
 13487  	req, out := c.ResyncMFADeviceRequest(input)
 13488  	req.SetContext(ctx)
 13489  	req.ApplyOptions(opts...)
 13490  	return out, req.Send()
 13491  }
 13492  
 13493  const opSetDefaultPolicyVersion = "SetDefaultPolicyVersion"
 13494  
 13495  // SetDefaultPolicyVersionRequest generates a "aws/request.Request" representing the
 13496  // client's request for the SetDefaultPolicyVersion operation. The "output" return
 13497  // value will be populated with the request's response once the request completes
 13498  // successfully.
 13499  //
 13500  // Use "Send" method on the returned Request to send the API call to the service.
 13501  // the "output" return value is not valid until after Send returns without error.
 13502  //
 13503  // See SetDefaultPolicyVersion for more information on using the SetDefaultPolicyVersion
 13504  // API call, and error handling.
 13505  //
 13506  // This method is useful when you want to inject custom logic or configuration
 13507  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
 13508  //
 13509  //
 13510  //    // Example sending a request using the SetDefaultPolicyVersionRequest method.
 13511  //    req, resp := client.SetDefaultPolicyVersionRequest(params)
 13512  //
 13513  //    err := req.Send()
 13514  //    if err == nil { // resp is now filled
 13515  //        fmt.Println(resp)
 13516  //    }
 13517  //
 13518  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/SetDefaultPolicyVersion
 13519  func (c *IAM) SetDefaultPolicyVersionRequest(input *SetDefaultPolicyVersionInput) (req *request.Request, output *SetDefaultPolicyVersionOutput) {
 13520  	op := &request.Operation{
 13521  		Name:       opSetDefaultPolicyVersion,
 13522  		HTTPMethod: "POST",
 13523  		HTTPPath:   "/",
 13524  	}
 13525  
 13526  	if input == nil {
 13527  		input = &SetDefaultPolicyVersionInput{}
 13528  	}
 13529  
 13530  	output = &SetDefaultPolicyVersionOutput{}
 13531  	req = c.newRequest(op, input, output)
 13532  	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
 13533  	return
 13534  }
 13535  
 13536  // SetDefaultPolicyVersion API operation for AWS Identity and Access Management.
 13537  //
 13538  // Sets the specified version of the specified policy as the policy's default
 13539  // (operative) version.
 13540  //
 13541  // This operation affects all users, groups, and roles that the policy is attached
 13542  // to. To list the users, groups, and roles that the policy is attached to,
 13543  // use ListEntitiesForPolicy.
 13544  //
 13545  // For information about managed policies, see Managed policies and inline policies
 13546  // (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
 13547  // in the IAM User Guide.
 13548  //
 13549  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 13550  // with awserr.Error's Code and Message methods to get detailed information about
 13551  // the error.
 13552  //
 13553  // See the AWS API reference guide for AWS Identity and Access Management's
 13554  // API operation SetDefaultPolicyVersion for usage and error information.
 13555  //
 13556  // Returned Error Codes:
 13557  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
 13558  //   The request was rejected because it referenced a resource entity that does
 13559  //   not exist. The error message describes the resource.
 13560  //
 13561  //   * ErrCodeInvalidInputException "InvalidInput"
 13562  //   The request was rejected because an invalid or out-of-range value was supplied
 13563  //   for an input parameter.
 13564  //
 13565  //   * ErrCodeLimitExceededException "LimitExceeded"
 13566  //   The request was rejected because it attempted to create resources beyond
 13567  //   the current Amazon Web Services account limits. The error message describes
 13568  //   the limit exceeded.
 13569  //
 13570  //   * ErrCodeServiceFailureException "ServiceFailure"
 13571  //   The request processing has failed because of an unknown error, exception
 13572  //   or failure.
 13573  //
 13574  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/SetDefaultPolicyVersion
 13575  func (c *IAM) SetDefaultPolicyVersion(input *SetDefaultPolicyVersionInput) (*SetDefaultPolicyVersionOutput, error) {
 13576  	req, out := c.SetDefaultPolicyVersionRequest(input)
 13577  	return out, req.Send()
 13578  }
 13579  
 13580  // SetDefaultPolicyVersionWithContext is the same as SetDefaultPolicyVersion with the addition of
 13581  // the ability to pass a context and additional request options.
 13582  //
 13583  // See SetDefaultPolicyVersion for details on how to use this API operation.
 13584  //
 13585  // The context must be non-nil and will be used for request cancellation. If
 13586  // the context is nil a panic will occur. In the future the SDK may create
 13587  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 13588  // for more information on using Contexts.
 13589  func (c *IAM) SetDefaultPolicyVersionWithContext(ctx aws.Context, input *SetDefaultPolicyVersionInput, opts ...request.Option) (*SetDefaultPolicyVersionOutput, error) {
 13590  	req, out := c.SetDefaultPolicyVersionRequest(input)
 13591  	req.SetContext(ctx)
 13592  	req.ApplyOptions(opts...)
 13593  	return out, req.Send()
 13594  }
 13595  
 13596  const opSetSecurityTokenServicePreferences = "SetSecurityTokenServicePreferences"
 13597  
 13598  // SetSecurityTokenServicePreferencesRequest generates a "aws/request.Request" representing the
 13599  // client's request for the SetSecurityTokenServicePreferences operation. The "output" return
 13600  // value will be populated with the request's response once the request completes
 13601  // successfully.
 13602  //
 13603  // Use "Send" method on the returned Request to send the API call to the service.
 13604  // the "output" return value is not valid until after Send returns without error.
 13605  //
 13606  // See SetSecurityTokenServicePreferences for more information on using the SetSecurityTokenServicePreferences
 13607  // API call, and error handling.
 13608  //
 13609  // This method is useful when you want to inject custom logic or configuration
 13610  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
 13611  //
 13612  //
 13613  //    // Example sending a request using the SetSecurityTokenServicePreferencesRequest method.
 13614  //    req, resp := client.SetSecurityTokenServicePreferencesRequest(params)
 13615  //
 13616  //    err := req.Send()
 13617  //    if err == nil { // resp is now filled
 13618  //        fmt.Println(resp)
 13619  //    }
 13620  //
 13621  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/SetSecurityTokenServicePreferences
 13622  func (c *IAM) SetSecurityTokenServicePreferencesRequest(input *SetSecurityTokenServicePreferencesInput) (req *request.Request, output *SetSecurityTokenServicePreferencesOutput) {
 13623  	op := &request.Operation{
 13624  		Name:       opSetSecurityTokenServicePreferences,
 13625  		HTTPMethod: "POST",
 13626  		HTTPPath:   "/",
 13627  	}
 13628  
 13629  	if input == nil {
 13630  		input = &SetSecurityTokenServicePreferencesInput{}
 13631  	}
 13632  
 13633  	output = &SetSecurityTokenServicePreferencesOutput{}
 13634  	req = c.newRequest(op, input, output)
 13635  	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
 13636  	return
 13637  }
 13638  
 13639  // SetSecurityTokenServicePreferences API operation for AWS Identity and Access Management.
 13640  //
 13641  // Sets the specified version of the global endpoint token as the token version
 13642  // used for the Amazon Web Services account.
 13643  //
 13644  // By default, Security Token Service (STS) is available as a global service,
 13645  // and all STS requests go to a single endpoint at https://sts.amazonaws.com.
 13646  // Amazon Web Services recommends using Regional STS endpoints to reduce latency,
 13647  // build in redundancy, and increase session token availability. For information
 13648  // about Regional endpoints for STS, see Security Token Service endpoints and
 13649  // quotas (https://docs.aws.amazon.com/general/latest/gr/sts.html) in the Amazon
 13650  // Web Services General Reference.
 13651  //
 13652  // If you make an STS call to the global endpoint, the resulting session tokens
 13653  // might be valid in some Regions but not others. It depends on the version
 13654  // that is set in this operation. Version 1 tokens are valid only in Amazon
 13655  // Web Services Regions that are available by default. These tokens do not work
 13656  // in manually enabled Regions, such as Asia Pacific (Hong Kong). Version 2
 13657  // tokens are valid in all Regions. However, version 2 tokens are longer and
 13658  // might affect systems where you temporarily store tokens. For information,
 13659  // see Activating and deactivating STS in an Amazon Web Services Region (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html)
 13660  // in the IAM User Guide.
 13661  //
 13662  // To view the current session token version, see the GlobalEndpointTokenVersion
 13663  // entry in the response of the GetAccountSummary operation.
 13664  //
 13665  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 13666  // with awserr.Error's Code and Message methods to get detailed information about
 13667  // the error.
 13668  //
 13669  // See the AWS API reference guide for AWS Identity and Access Management's
 13670  // API operation SetSecurityTokenServicePreferences for usage and error information.
 13671  //
 13672  // Returned Error Codes:
 13673  //   * ErrCodeServiceFailureException "ServiceFailure"
 13674  //   The request processing has failed because of an unknown error, exception
 13675  //   or failure.
 13676  //
 13677  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/SetSecurityTokenServicePreferences
 13678  func (c *IAM) SetSecurityTokenServicePreferences(input *SetSecurityTokenServicePreferencesInput) (*SetSecurityTokenServicePreferencesOutput, error) {
 13679  	req, out := c.SetSecurityTokenServicePreferencesRequest(input)
 13680  	return out, req.Send()
 13681  }
 13682  
 13683  // SetSecurityTokenServicePreferencesWithContext is the same as SetSecurityTokenServicePreferences with the addition of
 13684  // the ability to pass a context and additional request options.
 13685  //
 13686  // See SetSecurityTokenServicePreferences for details on how to use this API operation.
 13687  //
 13688  // The context must be non-nil and will be used for request cancellation. If
 13689  // the context is nil a panic will occur. In the future the SDK may create
 13690  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 13691  // for more information on using Contexts.
 13692  func (c *IAM) SetSecurityTokenServicePreferencesWithContext(ctx aws.Context, input *SetSecurityTokenServicePreferencesInput, opts ...request.Option) (*SetSecurityTokenServicePreferencesOutput, error) {
 13693  	req, out := c.SetSecurityTokenServicePreferencesRequest(input)
 13694  	req.SetContext(ctx)
 13695  	req.ApplyOptions(opts...)
 13696  	return out, req.Send()
 13697  }
 13698  
 13699  const opSimulateCustomPolicy = "SimulateCustomPolicy"
 13700  
 13701  // SimulateCustomPolicyRequest generates a "aws/request.Request" representing the
 13702  // client's request for the SimulateCustomPolicy operation. The "output" return
 13703  // value will be populated with the request's response once the request completes
 13704  // successfully.
 13705  //
 13706  // Use "Send" method on the returned Request to send the API call to the service.
 13707  // the "output" return value is not valid until after Send returns without error.
 13708  //
 13709  // See SimulateCustomPolicy for more information on using the SimulateCustomPolicy
 13710  // API call, and error handling.
 13711  //
 13712  // This method is useful when you want to inject custom logic or configuration
 13713  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
 13714  //
 13715  //
 13716  //    // Example sending a request using the SimulateCustomPolicyRequest method.
 13717  //    req, resp := client.SimulateCustomPolicyRequest(params)
 13718  //
 13719  //    err := req.Send()
 13720  //    if err == nil { // resp is now filled
 13721  //        fmt.Println(resp)
 13722  //    }
 13723  //
 13724  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/SimulateCustomPolicy
 13725  func (c *IAM) SimulateCustomPolicyRequest(input *SimulateCustomPolicyInput) (req *request.Request, output *SimulatePolicyResponse) {
 13726  	op := &request.Operation{
 13727  		Name:       opSimulateCustomPolicy,
 13728  		HTTPMethod: "POST",
 13729  		HTTPPath:   "/",
 13730  		Paginator: &request.Paginator{
 13731  			InputTokens:     []string{"Marker"},
 13732  			OutputTokens:    []string{"Marker"},
 13733  			LimitToken:      "MaxItems",
 13734  			TruncationToken: "IsTruncated",
 13735  		},
 13736  	}
 13737  
 13738  	if input == nil {
 13739  		input = &SimulateCustomPolicyInput{}
 13740  	}
 13741  
 13742  	output = &SimulatePolicyResponse{}
 13743  	req = c.newRequest(op, input, output)
 13744  	return
 13745  }
 13746  
 13747  // SimulateCustomPolicy API operation for AWS Identity and Access Management.
 13748  //
 13749  // Simulate how a set of IAM policies and optionally a resource-based policy
 13750  // works with a list of API operations and Amazon Web Services resources to
 13751  // determine the policies' effective permissions. The policies are provided
 13752  // as strings.
 13753  //
 13754  // The simulation does not perform the API operations; it only checks the authorization
 13755  // to determine if the simulated policies allow or deny the operations. You
 13756  // can simulate resources that don't exist in your account.
 13757  //
 13758  // If you want to simulate existing policies that are attached to an IAM user,
 13759  // group, or role, use SimulatePrincipalPolicy instead.
 13760  //
 13761  // Context keys are variables that are maintained by Amazon Web Services and
 13762  // its services and which provide details about the context of an API query
 13763  // request. You can use the Condition element of an IAM policy to evaluate context
 13764  // keys. To get the list of context keys that the policies require for correct
 13765  // simulation, use GetContextKeysForCustomPolicy.
 13766  //
 13767  // If the output is long, you can use MaxItems and Marker parameters to paginate
 13768  // the results.
 13769  //
 13770  // For more information about using the policy simulator, see Testing IAM policies
 13771  // with the IAM policy simulator (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_testing-policies.html)in
 13772  // the IAM User Guide.
 13773  //
 13774  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 13775  // with awserr.Error's Code and Message methods to get detailed information about
 13776  // the error.
 13777  //
 13778  // See the AWS API reference guide for AWS Identity and Access Management's
 13779  // API operation SimulateCustomPolicy for usage and error information.
 13780  //
 13781  // Returned Error Codes:
 13782  //   * ErrCodeInvalidInputException "InvalidInput"
 13783  //   The request was rejected because an invalid or out-of-range value was supplied
 13784  //   for an input parameter.
 13785  //
 13786  //   * ErrCodePolicyEvaluationException "PolicyEvaluation"
 13787  //   The request failed because a provided policy could not be successfully evaluated.
 13788  //   An additional detailed message indicates the source of the failure.
 13789  //
 13790  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/SimulateCustomPolicy
 13791  func (c *IAM) SimulateCustomPolicy(input *SimulateCustomPolicyInput) (*SimulatePolicyResponse, error) {
 13792  	req, out := c.SimulateCustomPolicyRequest(input)
 13793  	return out, req.Send()
 13794  }
 13795  
 13796  // SimulateCustomPolicyWithContext is the same as SimulateCustomPolicy with the addition of
 13797  // the ability to pass a context and additional request options.
 13798  //
 13799  // See SimulateCustomPolicy for details on how to use this API operation.
 13800  //
 13801  // The context must be non-nil and will be used for request cancellation. If
 13802  // the context is nil a panic will occur. In the future the SDK may create
 13803  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 13804  // for more information on using Contexts.
 13805  func (c *IAM) SimulateCustomPolicyWithContext(ctx aws.Context, input *SimulateCustomPolicyInput, opts ...request.Option) (*SimulatePolicyResponse, error) {
 13806  	req, out := c.SimulateCustomPolicyRequest(input)
 13807  	req.SetContext(ctx)
 13808  	req.ApplyOptions(opts...)
 13809  	return out, req.Send()
 13810  }
 13811  
 13812  // SimulateCustomPolicyPages iterates over the pages of a SimulateCustomPolicy operation,
 13813  // calling the "fn" function with the response data for each page. To stop
 13814  // iterating, return false from the fn function.
 13815  //
 13816  // See SimulateCustomPolicy method for more information on how to use this operation.
 13817  //
 13818  // Note: This operation can generate multiple requests to a service.
 13819  //
 13820  //    // Example iterating over at most 3 pages of a SimulateCustomPolicy operation.
 13821  //    pageNum := 0
 13822  //    err := client.SimulateCustomPolicyPages(params,
 13823  //        func(page *iam.SimulatePolicyResponse, lastPage bool) bool {
 13824  //            pageNum++
 13825  //            fmt.Println(page)
 13826  //            return pageNum <= 3
 13827  //        })
 13828  //
 13829  func (c *IAM) SimulateCustomPolicyPages(input *SimulateCustomPolicyInput, fn func(*SimulatePolicyResponse, bool) bool) error {
 13830  	return c.SimulateCustomPolicyPagesWithContext(aws.BackgroundContext(), input, fn)
 13831  }
 13832  
 13833  // SimulateCustomPolicyPagesWithContext same as SimulateCustomPolicyPages except
 13834  // it takes a Context and allows setting request options on the pages.
 13835  //
 13836  // The context must be non-nil and will be used for request cancellation. If
 13837  // the context is nil a panic will occur. In the future the SDK may create
 13838  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 13839  // for more information on using Contexts.
 13840  func (c *IAM) SimulateCustomPolicyPagesWithContext(ctx aws.Context, input *SimulateCustomPolicyInput, fn func(*SimulatePolicyResponse, bool) bool, opts ...request.Option) error {
 13841  	p := request.Pagination{
 13842  		NewRequest: func() (*request.Request, error) {
 13843  			var inCpy *SimulateCustomPolicyInput
 13844  			if input != nil {
 13845  				tmp := *input
 13846  				inCpy = &tmp
 13847  			}
 13848  			req, _ := c.SimulateCustomPolicyRequest(inCpy)
 13849  			req.SetContext(ctx)
 13850  			req.ApplyOptions(opts...)
 13851  			return req, nil
 13852  		},
 13853  	}
 13854  
 13855  	for p.Next() {
 13856  		if !fn(p.Page().(*SimulatePolicyResponse), !p.HasNextPage()) {
 13857  			break
 13858  		}
 13859  	}
 13860  
 13861  	return p.Err()
 13862  }
 13863  
 13864  const opSimulatePrincipalPolicy = "SimulatePrincipalPolicy"
 13865  
 13866  // SimulatePrincipalPolicyRequest generates a "aws/request.Request" representing the
 13867  // client's request for the SimulatePrincipalPolicy operation. The "output" return
 13868  // value will be populated with the request's response once the request completes
 13869  // successfully.
 13870  //
 13871  // Use "Send" method on the returned Request to send the API call to the service.
 13872  // the "output" return value is not valid until after Send returns without error.
 13873  //
 13874  // See SimulatePrincipalPolicy for more information on using the SimulatePrincipalPolicy
 13875  // API call, and error handling.
 13876  //
 13877  // This method is useful when you want to inject custom logic or configuration
 13878  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
 13879  //
 13880  //
 13881  //    // Example sending a request using the SimulatePrincipalPolicyRequest method.
 13882  //    req, resp := client.SimulatePrincipalPolicyRequest(params)
 13883  //
 13884  //    err := req.Send()
 13885  //    if err == nil { // resp is now filled
 13886  //        fmt.Println(resp)
 13887  //    }
 13888  //
 13889  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/SimulatePrincipalPolicy
 13890  func (c *IAM) SimulatePrincipalPolicyRequest(input *SimulatePrincipalPolicyInput) (req *request.Request, output *SimulatePolicyResponse) {
 13891  	op := &request.Operation{
 13892  		Name:       opSimulatePrincipalPolicy,
 13893  		HTTPMethod: "POST",
 13894  		HTTPPath:   "/",
 13895  		Paginator: &request.Paginator{
 13896  			InputTokens:     []string{"Marker"},
 13897  			OutputTokens:    []string{"Marker"},
 13898  			LimitToken:      "MaxItems",
 13899  			TruncationToken: "IsTruncated",
 13900  		},
 13901  	}
 13902  
 13903  	if input == nil {
 13904  		input = &SimulatePrincipalPolicyInput{}
 13905  	}
 13906  
 13907  	output = &SimulatePolicyResponse{}
 13908  	req = c.newRequest(op, input, output)
 13909  	return
 13910  }
 13911  
 13912  // SimulatePrincipalPolicy API operation for AWS Identity and Access Management.
 13913  //
 13914  // Simulate how a set of IAM policies attached to an IAM entity works with a
 13915  // list of API operations and Amazon Web Services resources to determine the
 13916  // policies' effective permissions. The entity can be an IAM user, group, or
 13917  // role. If you specify a user, then the simulation also includes all of the
 13918  // policies that are attached to groups that the user belongs to. You can simulate
 13919  // resources that don't exist in your account.
 13920  //
 13921  // You can optionally include a list of one or more additional policies specified
 13922  // as strings to include in the simulation. If you want to simulate only policies
 13923  // specified as strings, use SimulateCustomPolicy instead.
 13924  //
 13925  // You can also optionally include one resource-based policy to be evaluated
 13926  // with each of the resources included in the simulation.
 13927  //
 13928  // The simulation does not perform the API operations; it only checks the authorization
 13929  // to determine if the simulated policies allow or deny the operations.
 13930  //
 13931  // Note: This operation discloses information about the permissions granted
 13932  // to other users. If you do not want users to see other user's permissions,
 13933  // then consider allowing them to use SimulateCustomPolicy instead.
 13934  //
 13935  // Context keys are variables maintained by Amazon Web Services and its services
 13936  // that provide details about the context of an API query request. You can use
 13937  // the Condition element of an IAM policy to evaluate context keys. To get the
 13938  // list of context keys that the policies require for correct simulation, use
 13939  // GetContextKeysForPrincipalPolicy.
 13940  //
 13941  // If the output is long, you can use the MaxItems and Marker parameters to
 13942  // paginate the results.
 13943  //
 13944  // For more information about using the policy simulator, see Testing IAM policies
 13945  // with the IAM policy simulator (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_testing-policies.html)in
 13946  // the IAM User Guide.
 13947  //
 13948  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 13949  // with awserr.Error's Code and Message methods to get detailed information about
 13950  // the error.
 13951  //
 13952  // See the AWS API reference guide for AWS Identity and Access Management's
 13953  // API operation SimulatePrincipalPolicy for usage and error information.
 13954  //
 13955  // Returned Error Codes:
 13956  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
 13957  //   The request was rejected because it referenced a resource entity that does
 13958  //   not exist. The error message describes the resource.
 13959  //
 13960  //   * ErrCodeInvalidInputException "InvalidInput"
 13961  //   The request was rejected because an invalid or out-of-range value was supplied
 13962  //   for an input parameter.
 13963  //
 13964  //   * ErrCodePolicyEvaluationException "PolicyEvaluation"
 13965  //   The request failed because a provided policy could not be successfully evaluated.
 13966  //   An additional detailed message indicates the source of the failure.
 13967  //
 13968  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/SimulatePrincipalPolicy
 13969  func (c *IAM) SimulatePrincipalPolicy(input *SimulatePrincipalPolicyInput) (*SimulatePolicyResponse, error) {
 13970  	req, out := c.SimulatePrincipalPolicyRequest(input)
 13971  	return out, req.Send()
 13972  }
 13973  
 13974  // SimulatePrincipalPolicyWithContext is the same as SimulatePrincipalPolicy with the addition of
 13975  // the ability to pass a context and additional request options.
 13976  //
 13977  // See SimulatePrincipalPolicy for details on how to use this API operation.
 13978  //
 13979  // The context must be non-nil and will be used for request cancellation. If
 13980  // the context is nil a panic will occur. In the future the SDK may create
 13981  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 13982  // for more information on using Contexts.
 13983  func (c *IAM) SimulatePrincipalPolicyWithContext(ctx aws.Context, input *SimulatePrincipalPolicyInput, opts ...request.Option) (*SimulatePolicyResponse, error) {
 13984  	req, out := c.SimulatePrincipalPolicyRequest(input)
 13985  	req.SetContext(ctx)
 13986  	req.ApplyOptions(opts...)
 13987  	return out, req.Send()
 13988  }
 13989  
 13990  // SimulatePrincipalPolicyPages iterates over the pages of a SimulatePrincipalPolicy operation,
 13991  // calling the "fn" function with the response data for each page. To stop
 13992  // iterating, return false from the fn function.
 13993  //
 13994  // See SimulatePrincipalPolicy method for more information on how to use this operation.
 13995  //
 13996  // Note: This operation can generate multiple requests to a service.
 13997  //
 13998  //    // Example iterating over at most 3 pages of a SimulatePrincipalPolicy operation.
 13999  //    pageNum := 0
 14000  //    err := client.SimulatePrincipalPolicyPages(params,
 14001  //        func(page *iam.SimulatePolicyResponse, lastPage bool) bool {
 14002  //            pageNum++
 14003  //            fmt.Println(page)
 14004  //            return pageNum <= 3
 14005  //        })
 14006  //
 14007  func (c *IAM) SimulatePrincipalPolicyPages(input *SimulatePrincipalPolicyInput, fn func(*SimulatePolicyResponse, bool) bool) error {
 14008  	return c.SimulatePrincipalPolicyPagesWithContext(aws.BackgroundContext(), input, fn)
 14009  }
 14010  
 14011  // SimulatePrincipalPolicyPagesWithContext same as SimulatePrincipalPolicyPages except
 14012  // it takes a Context and allows setting request options on the pages.
 14013  //
 14014  // The context must be non-nil and will be used for request cancellation. If
 14015  // the context is nil a panic will occur. In the future the SDK may create
 14016  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 14017  // for more information on using Contexts.
 14018  func (c *IAM) SimulatePrincipalPolicyPagesWithContext(ctx aws.Context, input *SimulatePrincipalPolicyInput, fn func(*SimulatePolicyResponse, bool) bool, opts ...request.Option) error {
 14019  	p := request.Pagination{
 14020  		NewRequest: func() (*request.Request, error) {
 14021  			var inCpy *SimulatePrincipalPolicyInput
 14022  			if input != nil {
 14023  				tmp := *input
 14024  				inCpy = &tmp
 14025  			}
 14026  			req, _ := c.SimulatePrincipalPolicyRequest(inCpy)
 14027  			req.SetContext(ctx)
 14028  			req.ApplyOptions(opts...)
 14029  			return req, nil
 14030  		},
 14031  	}
 14032  
 14033  	for p.Next() {
 14034  		if !fn(p.Page().(*SimulatePolicyResponse), !p.HasNextPage()) {
 14035  			break
 14036  		}
 14037  	}
 14038  
 14039  	return p.Err()
 14040  }
 14041  
 14042  const opTagInstanceProfile = "TagInstanceProfile"
 14043  
 14044  // TagInstanceProfileRequest generates a "aws/request.Request" representing the
 14045  // client's request for the TagInstanceProfile operation. The "output" return
 14046  // value will be populated with the request's response once the request completes
 14047  // successfully.
 14048  //
 14049  // Use "Send" method on the returned Request to send the API call to the service.
 14050  // the "output" return value is not valid until after Send returns without error.
 14051  //
 14052  // See TagInstanceProfile for more information on using the TagInstanceProfile
 14053  // API call, and error handling.
 14054  //
 14055  // This method is useful when you want to inject custom logic or configuration
 14056  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
 14057  //
 14058  //
 14059  //    // Example sending a request using the TagInstanceProfileRequest method.
 14060  //    req, resp := client.TagInstanceProfileRequest(params)
 14061  //
 14062  //    err := req.Send()
 14063  //    if err == nil { // resp is now filled
 14064  //        fmt.Println(resp)
 14065  //    }
 14066  //
 14067  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/TagInstanceProfile
 14068  func (c *IAM) TagInstanceProfileRequest(input *TagInstanceProfileInput) (req *request.Request, output *TagInstanceProfileOutput) {
 14069  	op := &request.Operation{
 14070  		Name:       opTagInstanceProfile,
 14071  		HTTPMethod: "POST",
 14072  		HTTPPath:   "/",
 14073  	}
 14074  
 14075  	if input == nil {
 14076  		input = &TagInstanceProfileInput{}
 14077  	}
 14078  
 14079  	output = &TagInstanceProfileOutput{}
 14080  	req = c.newRequest(op, input, output)
 14081  	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
 14082  	return
 14083  }
 14084  
 14085  // TagInstanceProfile API operation for AWS Identity and Access Management.
 14086  //
 14087  // Adds one or more tags to an IAM instance profile. If a tag with the same
 14088  // key name already exists, then that tag is overwritten with the new value.
 14089  //
 14090  // Each tag consists of a key name and an associated value. By assigning tags
 14091  // to your resources, you can do the following:
 14092  //
 14093  //    * Administrative grouping and discovery - Attach tags to resources to
 14094  //    aid in organization and search. For example, you could search for all
 14095  //    resources with the key name Project and the value MyImportantProject.
 14096  //    Or search for all resources with the key name Cost Center and the value
 14097  //    41200.
 14098  //
 14099  //    * Access control - Include tags in IAM user-based and resource-based policies.
 14100  //    You can use tags to restrict access to only an IAM instance profile that
 14101  //    has a specified tag attached. For examples of policies that show how to
 14102  //    use tags to control access, see Control access using IAM tags (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_tags.html)
 14103  //    in the IAM User Guide.
 14104  //
 14105  //    * If any one of the tags is invalid or if you exceed the allowed maximum
 14106  //    number of tags, then the entire request fails and the resource is not
 14107  //    created. For more information about tagging, see Tagging IAM resources
 14108  //    (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the
 14109  //    IAM User Guide.
 14110  //
 14111  //    * Amazon Web Services always interprets the tag Value as a single string.
 14112  //    If you need to store an array, you can store comma-separated values in
 14113  //    the string. However, you must interpret the value in your code.
 14114  //
 14115  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 14116  // with awserr.Error's Code and Message methods to get detailed information about
 14117  // the error.
 14118  //
 14119  // See the AWS API reference guide for AWS Identity and Access Management's
 14120  // API operation TagInstanceProfile for usage and error information.
 14121  //
 14122  // Returned Error Codes:
 14123  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
 14124  //   The request was rejected because it referenced a resource entity that does
 14125  //   not exist. The error message describes the resource.
 14126  //
 14127  //   * ErrCodeInvalidInputException "InvalidInput"
 14128  //   The request was rejected because an invalid or out-of-range value was supplied
 14129  //   for an input parameter.
 14130  //
 14131  //   * ErrCodeLimitExceededException "LimitExceeded"
 14132  //   The request was rejected because it attempted to create resources beyond
 14133  //   the current Amazon Web Services account limits. The error message describes
 14134  //   the limit exceeded.
 14135  //
 14136  //   * ErrCodeConcurrentModificationException "ConcurrentModification"
 14137  //   The request was rejected because multiple requests to change this object
 14138  //   were submitted simultaneously. Wait a few minutes and submit your request
 14139  //   again.
 14140  //
 14141  //   * ErrCodeServiceFailureException "ServiceFailure"
 14142  //   The request processing has failed because of an unknown error, exception
 14143  //   or failure.
 14144  //
 14145  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/TagInstanceProfile
 14146  func (c *IAM) TagInstanceProfile(input *TagInstanceProfileInput) (*TagInstanceProfileOutput, error) {
 14147  	req, out := c.TagInstanceProfileRequest(input)
 14148  	return out, req.Send()
 14149  }
 14150  
 14151  // TagInstanceProfileWithContext is the same as TagInstanceProfile with the addition of
 14152  // the ability to pass a context and additional request options.
 14153  //
 14154  // See TagInstanceProfile for details on how to use this API operation.
 14155  //
 14156  // The context must be non-nil and will be used for request cancellation. If
 14157  // the context is nil a panic will occur. In the future the SDK may create
 14158  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 14159  // for more information on using Contexts.
 14160  func (c *IAM) TagInstanceProfileWithContext(ctx aws.Context, input *TagInstanceProfileInput, opts ...request.Option) (*TagInstanceProfileOutput, error) {
 14161  	req, out := c.TagInstanceProfileRequest(input)
 14162  	req.SetContext(ctx)
 14163  	req.ApplyOptions(opts...)
 14164  	return out, req.Send()
 14165  }
 14166  
 14167  const opTagMFADevice = "TagMFADevice"
 14168  
 14169  // TagMFADeviceRequest generates a "aws/request.Request" representing the
 14170  // client's request for the TagMFADevice operation. The "output" return
 14171  // value will be populated with the request's response once the request completes
 14172  // successfully.
 14173  //
 14174  // Use "Send" method on the returned Request to send the API call to the service.
 14175  // the "output" return value is not valid until after Send returns without error.
 14176  //
 14177  // See TagMFADevice for more information on using the TagMFADevice
 14178  // API call, and error handling.
 14179  //
 14180  // This method is useful when you want to inject custom logic or configuration
 14181  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
 14182  //
 14183  //
 14184  //    // Example sending a request using the TagMFADeviceRequest method.
 14185  //    req, resp := client.TagMFADeviceRequest(params)
 14186  //
 14187  //    err := req.Send()
 14188  //    if err == nil { // resp is now filled
 14189  //        fmt.Println(resp)
 14190  //    }
 14191  //
 14192  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/TagMFADevice
 14193  func (c *IAM) TagMFADeviceRequest(input *TagMFADeviceInput) (req *request.Request, output *TagMFADeviceOutput) {
 14194  	op := &request.Operation{
 14195  		Name:       opTagMFADevice,
 14196  		HTTPMethod: "POST",
 14197  		HTTPPath:   "/",
 14198  	}
 14199  
 14200  	if input == nil {
 14201  		input = &TagMFADeviceInput{}
 14202  	}
 14203  
 14204  	output = &TagMFADeviceOutput{}
 14205  	req = c.newRequest(op, input, output)
 14206  	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
 14207  	return
 14208  }
 14209  
 14210  // TagMFADevice API operation for AWS Identity and Access Management.
 14211  //
 14212  // Adds one or more tags to an IAM virtual multi-factor authentication (MFA)
 14213  // device. If a tag with the same key name already exists, then that tag is
 14214  // overwritten with the new value.
 14215  //
 14216  // A tag consists of a key name and an associated value. By assigning tags to
 14217  // your resources, you can do the following:
 14218  //
 14219  //    * Administrative grouping and discovery - Attach tags to resources to
 14220  //    aid in organization and search. For example, you could search for all
 14221  //    resources with the key name Project and the value MyImportantProject.
 14222  //    Or search for all resources with the key name Cost Center and the value
 14223  //    41200.
 14224  //
 14225  //    * Access control - Include tags in IAM user-based and resource-based policies.
 14226  //    You can use tags to restrict access to only an IAM virtual MFA device
 14227  //    that has a specified tag attached. For examples of policies that show
 14228  //    how to use tags to control access, see Control access using IAM tags (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_tags.html)
 14229  //    in the IAM User Guide.
 14230  //
 14231  //    * If any one of the tags is invalid or if you exceed the allowed maximum
 14232  //    number of tags, then the entire request fails and the resource is not
 14233  //    created. For more information about tagging, see Tagging IAM resources
 14234  //    (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the
 14235  //    IAM User Guide.
 14236  //
 14237  //    * Amazon Web Services always interprets the tag Value as a single string.
 14238  //    If you need to store an array, you can store comma-separated values in
 14239  //    the string. However, you must interpret the value in your code.
 14240  //
 14241  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 14242  // with awserr.Error's Code and Message methods to get detailed information about
 14243  // the error.
 14244  //
 14245  // See the AWS API reference guide for AWS Identity and Access Management's
 14246  // API operation TagMFADevice for usage and error information.
 14247  //
 14248  // Returned Error Codes:
 14249  //   * ErrCodeInvalidInputException "InvalidInput"
 14250  //   The request was rejected because an invalid or out-of-range value was supplied
 14251  //   for an input parameter.
 14252  //
 14253  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
 14254  //   The request was rejected because it referenced a resource entity that does
 14255  //   not exist. The error message describes the resource.
 14256  //
 14257  //   * ErrCodeLimitExceededException "LimitExceeded"
 14258  //   The request was rejected because it attempted to create resources beyond
 14259  //   the current Amazon Web Services account limits. The error message describes
 14260  //   the limit exceeded.
 14261  //
 14262  //   * ErrCodeConcurrentModificationException "ConcurrentModification"
 14263  //   The request was rejected because multiple requests to change this object
 14264  //   were submitted simultaneously. Wait a few minutes and submit your request
 14265  //   again.
 14266  //
 14267  //   * ErrCodeServiceFailureException "ServiceFailure"
 14268  //   The request processing has failed because of an unknown error, exception
 14269  //   or failure.
 14270  //
 14271  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/TagMFADevice
 14272  func (c *IAM) TagMFADevice(input *TagMFADeviceInput) (*TagMFADeviceOutput, error) {
 14273  	req, out := c.TagMFADeviceRequest(input)
 14274  	return out, req.Send()
 14275  }
 14276  
 14277  // TagMFADeviceWithContext is the same as TagMFADevice with the addition of
 14278  // the ability to pass a context and additional request options.
 14279  //
 14280  // See TagMFADevice for details on how to use this API operation.
 14281  //
 14282  // The context must be non-nil and will be used for request cancellation. If
 14283  // the context is nil a panic will occur. In the future the SDK may create
 14284  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 14285  // for more information on using Contexts.
 14286  func (c *IAM) TagMFADeviceWithContext(ctx aws.Context, input *TagMFADeviceInput, opts ...request.Option) (*TagMFADeviceOutput, error) {
 14287  	req, out := c.TagMFADeviceRequest(input)
 14288  	req.SetContext(ctx)
 14289  	req.ApplyOptions(opts...)
 14290  	return out, req.Send()
 14291  }
 14292  
 14293  const opTagOpenIDConnectProvider = "TagOpenIDConnectProvider"
 14294  
 14295  // TagOpenIDConnectProviderRequest generates a "aws/request.Request" representing the
 14296  // client's request for the TagOpenIDConnectProvider operation. The "output" return
 14297  // value will be populated with the request's response once the request completes
 14298  // successfully.
 14299  //
 14300  // Use "Send" method on the returned Request to send the API call to the service.
 14301  // the "output" return value is not valid until after Send returns without error.
 14302  //
 14303  // See TagOpenIDConnectProvider for more information on using the TagOpenIDConnectProvider
 14304  // API call, and error handling.
 14305  //
 14306  // This method is useful when you want to inject custom logic or configuration
 14307  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
 14308  //
 14309  //
 14310  //    // Example sending a request using the TagOpenIDConnectProviderRequest method.
 14311  //    req, resp := client.TagOpenIDConnectProviderRequest(params)
 14312  //
 14313  //    err := req.Send()
 14314  //    if err == nil { // resp is now filled
 14315  //        fmt.Println(resp)
 14316  //    }
 14317  //
 14318  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/TagOpenIDConnectProvider
 14319  func (c *IAM) TagOpenIDConnectProviderRequest(input *TagOpenIDConnectProviderInput) (req *request.Request, output *TagOpenIDConnectProviderOutput) {
 14320  	op := &request.Operation{
 14321  		Name:       opTagOpenIDConnectProvider,
 14322  		HTTPMethod: "POST",
 14323  		HTTPPath:   "/",
 14324  	}
 14325  
 14326  	if input == nil {
 14327  		input = &TagOpenIDConnectProviderInput{}
 14328  	}
 14329  
 14330  	output = &TagOpenIDConnectProviderOutput{}
 14331  	req = c.newRequest(op, input, output)
 14332  	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
 14333  	return
 14334  }
 14335  
 14336  // TagOpenIDConnectProvider API operation for AWS Identity and Access Management.
 14337  //
 14338  // Adds one or more tags to an OpenID Connect (OIDC)-compatible identity provider.
 14339  // For more information about these providers, see About web identity federation
 14340  // (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_oidc.html).
 14341  // If a tag with the same key name already exists, then that tag is overwritten
 14342  // with the new value.
 14343  //
 14344  // A tag consists of a key name and an associated value. By assigning tags to
 14345  // your resources, you can do the following:
 14346  //
 14347  //    * Administrative grouping and discovery - Attach tags to resources to
 14348  //    aid in organization and search. For example, you could search for all
 14349  //    resources with the key name Project and the value MyImportantProject.
 14350  //    Or search for all resources with the key name Cost Center and the value
 14351  //    41200.
 14352  //
 14353  //    * Access control - Include tags in IAM user-based and resource-based policies.
 14354  //    You can use tags to restrict access to only an OIDC provider that has
 14355  //    a specified tag attached. For examples of policies that show how to use
 14356  //    tags to control access, see Control access using IAM tags (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_tags.html)
 14357  //    in the IAM User Guide.
 14358  //
 14359  //    * If any one of the tags is invalid or if you exceed the allowed maximum
 14360  //    number of tags, then the entire request fails and the resource is not
 14361  //    created. For more information about tagging, see Tagging IAM resources
 14362  //    (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the
 14363  //    IAM User Guide.
 14364  //
 14365  //    * Amazon Web Services always interprets the tag Value as a single string.
 14366  //    If you need to store an array, you can store comma-separated values in
 14367  //    the string. However, you must interpret the value in your code.
 14368  //
 14369  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 14370  // with awserr.Error's Code and Message methods to get detailed information about
 14371  // the error.
 14372  //
 14373  // See the AWS API reference guide for AWS Identity and Access Management's
 14374  // API operation TagOpenIDConnectProvider for usage and error information.
 14375  //
 14376  // Returned Error Codes:
 14377  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
 14378  //   The request was rejected because it referenced a resource entity that does
 14379  //   not exist. The error message describes the resource.
 14380  //
 14381  //   * ErrCodeLimitExceededException "LimitExceeded"
 14382  //   The request was rejected because it attempted to create resources beyond
 14383  //   the current Amazon Web Services account limits. The error message describes
 14384  //   the limit exceeded.
 14385  //
 14386  //   * ErrCodeInvalidInputException "InvalidInput"
 14387  //   The request was rejected because an invalid or out-of-range value was supplied
 14388  //   for an input parameter.
 14389  //
 14390  //   * ErrCodeConcurrentModificationException "ConcurrentModification"
 14391  //   The request was rejected because multiple requests to change this object
 14392  //   were submitted simultaneously. Wait a few minutes and submit your request
 14393  //   again.
 14394  //
 14395  //   * ErrCodeServiceFailureException "ServiceFailure"
 14396  //   The request processing has failed because of an unknown error, exception
 14397  //   or failure.
 14398  //
 14399  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/TagOpenIDConnectProvider
 14400  func (c *IAM) TagOpenIDConnectProvider(input *TagOpenIDConnectProviderInput) (*TagOpenIDConnectProviderOutput, error) {
 14401  	req, out := c.TagOpenIDConnectProviderRequest(input)
 14402  	return out, req.Send()
 14403  }
 14404  
 14405  // TagOpenIDConnectProviderWithContext is the same as TagOpenIDConnectProvider with the addition of
 14406  // the ability to pass a context and additional request options.
 14407  //
 14408  // See TagOpenIDConnectProvider for details on how to use this API operation.
 14409  //
 14410  // The context must be non-nil and will be used for request cancellation. If
 14411  // the context is nil a panic will occur. In the future the SDK may create
 14412  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 14413  // for more information on using Contexts.
 14414  func (c *IAM) TagOpenIDConnectProviderWithContext(ctx aws.Context, input *TagOpenIDConnectProviderInput, opts ...request.Option) (*TagOpenIDConnectProviderOutput, error) {
 14415  	req, out := c.TagOpenIDConnectProviderRequest(input)
 14416  	req.SetContext(ctx)
 14417  	req.ApplyOptions(opts...)
 14418  	return out, req.Send()
 14419  }
 14420  
 14421  const opTagPolicy = "TagPolicy"
 14422  
 14423  // TagPolicyRequest generates a "aws/request.Request" representing the
 14424  // client's request for the TagPolicy operation. The "output" return
 14425  // value will be populated with the request's response once the request completes
 14426  // successfully.
 14427  //
 14428  // Use "Send" method on the returned Request to send the API call to the service.
 14429  // the "output" return value is not valid until after Send returns without error.
 14430  //
 14431  // See TagPolicy for more information on using the TagPolicy
 14432  // API call, and error handling.
 14433  //
 14434  // This method is useful when you want to inject custom logic or configuration
 14435  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
 14436  //
 14437  //
 14438  //    // Example sending a request using the TagPolicyRequest method.
 14439  //    req, resp := client.TagPolicyRequest(params)
 14440  //
 14441  //    err := req.Send()
 14442  //    if err == nil { // resp is now filled
 14443  //        fmt.Println(resp)
 14444  //    }
 14445  //
 14446  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/TagPolicy
 14447  func (c *IAM) TagPolicyRequest(input *TagPolicyInput) (req *request.Request, output *TagPolicyOutput) {
 14448  	op := &request.Operation{
 14449  		Name:       opTagPolicy,
 14450  		HTTPMethod: "POST",
 14451  		HTTPPath:   "/",
 14452  	}
 14453  
 14454  	if input == nil {
 14455  		input = &TagPolicyInput{}
 14456  	}
 14457  
 14458  	output = &TagPolicyOutput{}
 14459  	req = c.newRequest(op, input, output)
 14460  	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
 14461  	return
 14462  }
 14463  
 14464  // TagPolicy API operation for AWS Identity and Access Management.
 14465  //
 14466  // Adds one or more tags to an IAM customer managed policy. If a tag with the
 14467  // same key name already exists, then that tag is overwritten with the new value.
 14468  //
 14469  // A tag consists of a key name and an associated value. By assigning tags to
 14470  // your resources, you can do the following:
 14471  //
 14472  //    * Administrative grouping and discovery - Attach tags to resources to
 14473  //    aid in organization and search. For example, you could search for all
 14474  //    resources with the key name Project and the value MyImportantProject.
 14475  //    Or search for all resources with the key name Cost Center and the value
 14476  //    41200.
 14477  //
 14478  //    * Access control - Include tags in IAM user-based and resource-based policies.
 14479  //    You can use tags to restrict access to only an IAM customer managed policy
 14480  //    that has a specified tag attached. For examples of policies that show
 14481  //    how to use tags to control access, see Control access using IAM tags (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_tags.html)
 14482  //    in the IAM User Guide.
 14483  //
 14484  //    * If any one of the tags is invalid or if you exceed the allowed maximum
 14485  //    number of tags, then the entire request fails and the resource is not
 14486  //    created. For more information about tagging, see Tagging IAM resources
 14487  //    (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the
 14488  //    IAM User Guide.
 14489  //
 14490  //    * Amazon Web Services always interprets the tag Value as a single string.
 14491  //    If you need to store an array, you can store comma-separated values in
 14492  //    the string. However, you must interpret the value in your code.
 14493  //
 14494  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 14495  // with awserr.Error's Code and Message methods to get detailed information about
 14496  // the error.
 14497  //
 14498  // See the AWS API reference guide for AWS Identity and Access Management's
 14499  // API operation TagPolicy for usage and error information.
 14500  //
 14501  // Returned Error Codes:
 14502  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
 14503  //   The request was rejected because it referenced a resource entity that does
 14504  //   not exist. The error message describes the resource.
 14505  //
 14506  //   * ErrCodeLimitExceededException "LimitExceeded"
 14507  //   The request was rejected because it attempted to create resources beyond
 14508  //   the current Amazon Web Services account limits. The error message describes
 14509  //   the limit exceeded.
 14510  //
 14511  //   * ErrCodeInvalidInputException "InvalidInput"
 14512  //   The request was rejected because an invalid or out-of-range value was supplied
 14513  //   for an input parameter.
 14514  //
 14515  //   * ErrCodeConcurrentModificationException "ConcurrentModification"
 14516  //   The request was rejected because multiple requests to change this object
 14517  //   were submitted simultaneously. Wait a few minutes and submit your request
 14518  //   again.
 14519  //
 14520  //   * ErrCodeServiceFailureException "ServiceFailure"
 14521  //   The request processing has failed because of an unknown error, exception
 14522  //   or failure.
 14523  //
 14524  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/TagPolicy
 14525  func (c *IAM) TagPolicy(input *TagPolicyInput) (*TagPolicyOutput, error) {
 14526  	req, out := c.TagPolicyRequest(input)
 14527  	return out, req.Send()
 14528  }
 14529  
 14530  // TagPolicyWithContext is the same as TagPolicy with the addition of
 14531  // the ability to pass a context and additional request options.
 14532  //
 14533  // See TagPolicy for details on how to use this API operation.
 14534  //
 14535  // The context must be non-nil and will be used for request cancellation. If
 14536  // the context is nil a panic will occur. In the future the SDK may create
 14537  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 14538  // for more information on using Contexts.
 14539  func (c *IAM) TagPolicyWithContext(ctx aws.Context, input *TagPolicyInput, opts ...request.Option) (*TagPolicyOutput, error) {
 14540  	req, out := c.TagPolicyRequest(input)
 14541  	req.SetContext(ctx)
 14542  	req.ApplyOptions(opts...)
 14543  	return out, req.Send()
 14544  }
 14545  
 14546  const opTagRole = "TagRole"
 14547  
 14548  // TagRoleRequest generates a "aws/request.Request" representing the
 14549  // client's request for the TagRole operation. The "output" return
 14550  // value will be populated with the request's response once the request completes
 14551  // successfully.
 14552  //
 14553  // Use "Send" method on the returned Request to send the API call to the service.
 14554  // the "output" return value is not valid until after Send returns without error.
 14555  //
 14556  // See TagRole for more information on using the TagRole
 14557  // API call, and error handling.
 14558  //
 14559  // This method is useful when you want to inject custom logic or configuration
 14560  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
 14561  //
 14562  //
 14563  //    // Example sending a request using the TagRoleRequest method.
 14564  //    req, resp := client.TagRoleRequest(params)
 14565  //
 14566  //    err := req.Send()
 14567  //    if err == nil { // resp is now filled
 14568  //        fmt.Println(resp)
 14569  //    }
 14570  //
 14571  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/TagRole
 14572  func (c *IAM) TagRoleRequest(input *TagRoleInput) (req *request.Request, output *TagRoleOutput) {
 14573  	op := &request.Operation{
 14574  		Name:       opTagRole,
 14575  		HTTPMethod: "POST",
 14576  		HTTPPath:   "/",
 14577  	}
 14578  
 14579  	if input == nil {
 14580  		input = &TagRoleInput{}
 14581  	}
 14582  
 14583  	output = &TagRoleOutput{}
 14584  	req = c.newRequest(op, input, output)
 14585  	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
 14586  	return
 14587  }
 14588  
 14589  // TagRole API operation for AWS Identity and Access Management.
 14590  //
 14591  // Adds one or more tags to an IAM role. The role can be a regular role or a
 14592  // service-linked role. If a tag with the same key name already exists, then
 14593  // that tag is overwritten with the new value.
 14594  //
 14595  // A tag consists of a key name and an associated value. By assigning tags to
 14596  // your resources, you can do the following:
 14597  //
 14598  //    * Administrative grouping and discovery - Attach tags to resources to
 14599  //    aid in organization and search. For example, you could search for all
 14600  //    resources with the key name Project and the value MyImportantProject.
 14601  //    Or search for all resources with the key name Cost Center and the value
 14602  //    41200.
 14603  //
 14604  //    * Access control - Include tags in IAM user-based and resource-based policies.
 14605  //    You can use tags to restrict access to only an IAM role that has a specified
 14606  //    tag attached. You can also restrict access to only those resources that
 14607  //    have a certain tag attached. For examples of policies that show how to
 14608  //    use tags to control access, see Control access using IAM tags (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_tags.html)
 14609  //    in the IAM User Guide.
 14610  //
 14611  //    * Cost allocation - Use tags to help track which individuals and teams
 14612  //    are using which Amazon Web Services resources.
 14613  //
 14614  //    * If any one of the tags is invalid or if you exceed the allowed maximum
 14615  //    number of tags, then the entire request fails and the resource is not
 14616  //    created. For more information about tagging, see Tagging IAM resources
 14617  //    (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the
 14618  //    IAM User Guide.
 14619  //
 14620  //    * Amazon Web Services always interprets the tag Value as a single string.
 14621  //    If you need to store an array, you can store comma-separated values in
 14622  //    the string. However, you must interpret the value in your code.
 14623  //
 14624  // For more information about tagging, see Tagging IAM identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
 14625  // in the IAM User Guide.
 14626  //
 14627  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 14628  // with awserr.Error's Code and Message methods to get detailed information about
 14629  // the error.
 14630  //
 14631  // See the AWS API reference guide for AWS Identity and Access Management's
 14632  // API operation TagRole for usage and error information.
 14633  //
 14634  // Returned Error Codes:
 14635  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
 14636  //   The request was rejected because it referenced a resource entity that does
 14637  //   not exist. The error message describes the resource.
 14638  //
 14639  //   * ErrCodeLimitExceededException "LimitExceeded"
 14640  //   The request was rejected because it attempted to create resources beyond
 14641  //   the current Amazon Web Services account limits. The error message describes
 14642  //   the limit exceeded.
 14643  //
 14644  //   * ErrCodeInvalidInputException "InvalidInput"
 14645  //   The request was rejected because an invalid or out-of-range value was supplied
 14646  //   for an input parameter.
 14647  //
 14648  //   * ErrCodeConcurrentModificationException "ConcurrentModification"
 14649  //   The request was rejected because multiple requests to change this object
 14650  //   were submitted simultaneously. Wait a few minutes and submit your request
 14651  //   again.
 14652  //
 14653  //   * ErrCodeServiceFailureException "ServiceFailure"
 14654  //   The request processing has failed because of an unknown error, exception
 14655  //   or failure.
 14656  //
 14657  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/TagRole
 14658  func (c *IAM) TagRole(input *TagRoleInput) (*TagRoleOutput, error) {
 14659  	req, out := c.TagRoleRequest(input)
 14660  	return out, req.Send()
 14661  }
 14662  
 14663  // TagRoleWithContext is the same as TagRole with the addition of
 14664  // the ability to pass a context and additional request options.
 14665  //
 14666  // See TagRole for details on how to use this API operation.
 14667  //
 14668  // The context must be non-nil and will be used for request cancellation. If
 14669  // the context is nil a panic will occur. In the future the SDK may create
 14670  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 14671  // for more information on using Contexts.
 14672  func (c *IAM) TagRoleWithContext(ctx aws.Context, input *TagRoleInput, opts ...request.Option) (*TagRoleOutput, error) {
 14673  	req, out := c.TagRoleRequest(input)
 14674  	req.SetContext(ctx)
 14675  	req.ApplyOptions(opts...)
 14676  	return out, req.Send()
 14677  }
 14678  
 14679  const opTagSAMLProvider = "TagSAMLProvider"
 14680  
 14681  // TagSAMLProviderRequest generates a "aws/request.Request" representing the
 14682  // client's request for the TagSAMLProvider operation. The "output" return
 14683  // value will be populated with the request's response once the request completes
 14684  // successfully.
 14685  //
 14686  // Use "Send" method on the returned Request to send the API call to the service.
 14687  // the "output" return value is not valid until after Send returns without error.
 14688  //
 14689  // See TagSAMLProvider for more information on using the TagSAMLProvider
 14690  // API call, and error handling.
 14691  //
 14692  // This method is useful when you want to inject custom logic or configuration
 14693  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
 14694  //
 14695  //
 14696  //    // Example sending a request using the TagSAMLProviderRequest method.
 14697  //    req, resp := client.TagSAMLProviderRequest(params)
 14698  //
 14699  //    err := req.Send()
 14700  //    if err == nil { // resp is now filled
 14701  //        fmt.Println(resp)
 14702  //    }
 14703  //
 14704  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/TagSAMLProvider
 14705  func (c *IAM) TagSAMLProviderRequest(input *TagSAMLProviderInput) (req *request.Request, output *TagSAMLProviderOutput) {
 14706  	op := &request.Operation{
 14707  		Name:       opTagSAMLProvider,
 14708  		HTTPMethod: "POST",
 14709  		HTTPPath:   "/",
 14710  	}
 14711  
 14712  	if input == nil {
 14713  		input = &TagSAMLProviderInput{}
 14714  	}
 14715  
 14716  	output = &TagSAMLProviderOutput{}
 14717  	req = c.newRequest(op, input, output)
 14718  	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
 14719  	return
 14720  }
 14721  
 14722  // TagSAMLProvider API operation for AWS Identity and Access Management.
 14723  //
 14724  // Adds one or more tags to a Security Assertion Markup Language (SAML) identity
 14725  // provider. For more information about these providers, see About SAML 2.0-based
 14726  // federation (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_saml.html).
 14727  // If a tag with the same key name already exists, then that tag is overwritten
 14728  // with the new value.
 14729  //
 14730  // A tag consists of a key name and an associated value. By assigning tags to
 14731  // your resources, you can do the following:
 14732  //
 14733  //    * Administrative grouping and discovery - Attach tags to resources to
 14734  //    aid in organization and search. For example, you could search for all
 14735  //    resources with the key name Project and the value MyImportantProject.
 14736  //    Or search for all resources with the key name Cost Center and the value
 14737  //    41200.
 14738  //
 14739  //    * Access control - Include tags in IAM user-based and resource-based policies.
 14740  //    You can use tags to restrict access to only a SAML identity provider that
 14741  //    has a specified tag attached. For examples of policies that show how to
 14742  //    use tags to control access, see Control access using IAM tags (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_tags.html)
 14743  //    in the IAM User Guide.
 14744  //
 14745  //    * If any one of the tags is invalid or if you exceed the allowed maximum
 14746  //    number of tags, then the entire request fails and the resource is not
 14747  //    created. For more information about tagging, see Tagging IAM resources
 14748  //    (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the
 14749  //    IAM User Guide.
 14750  //
 14751  //    * Amazon Web Services always interprets the tag Value as a single string.
 14752  //    If you need to store an array, you can store comma-separated values in
 14753  //    the string. However, you must interpret the value in your code.
 14754  //
 14755  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 14756  // with awserr.Error's Code and Message methods to get detailed information about
 14757  // the error.
 14758  //
 14759  // See the AWS API reference guide for AWS Identity and Access Management's
 14760  // API operation TagSAMLProvider for usage and error information.
 14761  //
 14762  // Returned Error Codes:
 14763  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
 14764  //   The request was rejected because it referenced a resource entity that does
 14765  //   not exist. The error message describes the resource.
 14766  //
 14767  //   * ErrCodeLimitExceededException "LimitExceeded"
 14768  //   The request was rejected because it attempted to create resources beyond
 14769  //   the current Amazon Web Services account limits. The error message describes
 14770  //   the limit exceeded.
 14771  //
 14772  //   * ErrCodeInvalidInputException "InvalidInput"
 14773  //   The request was rejected because an invalid or out-of-range value was supplied
 14774  //   for an input parameter.
 14775  //
 14776  //   * ErrCodeConcurrentModificationException "ConcurrentModification"
 14777  //   The request was rejected because multiple requests to change this object
 14778  //   were submitted simultaneously. Wait a few minutes and submit your request
 14779  //   again.
 14780  //
 14781  //   * ErrCodeServiceFailureException "ServiceFailure"
 14782  //   The request processing has failed because of an unknown error, exception
 14783  //   or failure.
 14784  //
 14785  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/TagSAMLProvider
 14786  func (c *IAM) TagSAMLProvider(input *TagSAMLProviderInput) (*TagSAMLProviderOutput, error) {
 14787  	req, out := c.TagSAMLProviderRequest(input)
 14788  	return out, req.Send()
 14789  }
 14790  
 14791  // TagSAMLProviderWithContext is the same as TagSAMLProvider with the addition of
 14792  // the ability to pass a context and additional request options.
 14793  //
 14794  // See TagSAMLProvider for details on how to use this API operation.
 14795  //
 14796  // The context must be non-nil and will be used for request cancellation. If
 14797  // the context is nil a panic will occur. In the future the SDK may create
 14798  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 14799  // for more information on using Contexts.
 14800  func (c *IAM) TagSAMLProviderWithContext(ctx aws.Context, input *TagSAMLProviderInput, opts ...request.Option) (*TagSAMLProviderOutput, error) {
 14801  	req, out := c.TagSAMLProviderRequest(input)
 14802  	req.SetContext(ctx)
 14803  	req.ApplyOptions(opts...)
 14804  	return out, req.Send()
 14805  }
 14806  
 14807  const opTagServerCertificate = "TagServerCertificate"
 14808  
 14809  // TagServerCertificateRequest generates a "aws/request.Request" representing the
 14810  // client's request for the TagServerCertificate operation. The "output" return
 14811  // value will be populated with the request's response once the request completes
 14812  // successfully.
 14813  //
 14814  // Use "Send" method on the returned Request to send the API call to the service.
 14815  // the "output" return value is not valid until after Send returns without error.
 14816  //
 14817  // See TagServerCertificate for more information on using the TagServerCertificate
 14818  // API call, and error handling.
 14819  //
 14820  // This method is useful when you want to inject custom logic or configuration
 14821  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
 14822  //
 14823  //
 14824  //    // Example sending a request using the TagServerCertificateRequest method.
 14825  //    req, resp := client.TagServerCertificateRequest(params)
 14826  //
 14827  //    err := req.Send()
 14828  //    if err == nil { // resp is now filled
 14829  //        fmt.Println(resp)
 14830  //    }
 14831  //
 14832  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/TagServerCertificate
 14833  func (c *IAM) TagServerCertificateRequest(input *TagServerCertificateInput) (req *request.Request, output *TagServerCertificateOutput) {
 14834  	op := &request.Operation{
 14835  		Name:       opTagServerCertificate,
 14836  		HTTPMethod: "POST",
 14837  		HTTPPath:   "/",
 14838  	}
 14839  
 14840  	if input == nil {
 14841  		input = &TagServerCertificateInput{}
 14842  	}
 14843  
 14844  	output = &TagServerCertificateOutput{}
 14845  	req = c.newRequest(op, input, output)
 14846  	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
 14847  	return
 14848  }
 14849  
 14850  // TagServerCertificate API operation for AWS Identity and Access Management.
 14851  //
 14852  // Adds one or more tags to an IAM server certificate. If a tag with the same
 14853  // key name already exists, then that tag is overwritten with the new value.
 14854  //
 14855  // For certificates in a Region supported by Certificate Manager (ACM), we recommend
 14856  // that you don't use IAM server certificates. Instead, use ACM to provision,
 14857  // manage, and deploy your server certificates. For more information about IAM
 14858  // server certificates, Working with server certificates (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_server-certs.html)
 14859  // in the IAM User Guide.
 14860  //
 14861  // A tag consists of a key name and an associated value. By assigning tags to
 14862  // your resources, you can do the following:
 14863  //
 14864  //    * Administrative grouping and discovery - Attach tags to resources to
 14865  //    aid in organization and search. For example, you could search for all
 14866  //    resources with the key name Project and the value MyImportantProject.
 14867  //    Or search for all resources with the key name Cost Center and the value
 14868  //    41200.
 14869  //
 14870  //    * Access control - Include tags in IAM user-based and resource-based policies.
 14871  //    You can use tags to restrict access to only a server certificate that
 14872  //    has a specified tag attached. For examples of policies that show how to
 14873  //    use tags to control access, see Control access using IAM tags (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_tags.html)
 14874  //    in the IAM User Guide.
 14875  //
 14876  //    * Cost allocation - Use tags to help track which individuals and teams
 14877  //    are using which Amazon Web Services resources.
 14878  //
 14879  //    * If any one of the tags is invalid or if you exceed the allowed maximum
 14880  //    number of tags, then the entire request fails and the resource is not
 14881  //    created. For more information about tagging, see Tagging IAM resources
 14882  //    (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the
 14883  //    IAM User Guide.
 14884  //
 14885  //    * Amazon Web Services always interprets the tag Value as a single string.
 14886  //    If you need to store an array, you can store comma-separated values in
 14887  //    the string. However, you must interpret the value in your code.
 14888  //
 14889  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 14890  // with awserr.Error's Code and Message methods to get detailed information about
 14891  // the error.
 14892  //
 14893  // See the AWS API reference guide for AWS Identity and Access Management's
 14894  // API operation TagServerCertificate for usage and error information.
 14895  //
 14896  // Returned Error Codes:
 14897  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
 14898  //   The request was rejected because it referenced a resource entity that does
 14899  //   not exist. The error message describes the resource.
 14900  //
 14901  //   * ErrCodeInvalidInputException "InvalidInput"
 14902  //   The request was rejected because an invalid or out-of-range value was supplied
 14903  //   for an input parameter.
 14904  //
 14905  //   * ErrCodeLimitExceededException "LimitExceeded"
 14906  //   The request was rejected because it attempted to create resources beyond
 14907  //   the current Amazon Web Services account limits. The error message describes
 14908  //   the limit exceeded.
 14909  //
 14910  //   * ErrCodeConcurrentModificationException "ConcurrentModification"
 14911  //   The request was rejected because multiple requests to change this object
 14912  //   were submitted simultaneously. Wait a few minutes and submit your request
 14913  //   again.
 14914  //
 14915  //   * ErrCodeServiceFailureException "ServiceFailure"
 14916  //   The request processing has failed because of an unknown error, exception
 14917  //   or failure.
 14918  //
 14919  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/TagServerCertificate
 14920  func (c *IAM) TagServerCertificate(input *TagServerCertificateInput) (*TagServerCertificateOutput, error) {
 14921  	req, out := c.TagServerCertificateRequest(input)
 14922  	return out, req.Send()
 14923  }
 14924  
 14925  // TagServerCertificateWithContext is the same as TagServerCertificate with the addition of
 14926  // the ability to pass a context and additional request options.
 14927  //
 14928  // See TagServerCertificate for details on how to use this API operation.
 14929  //
 14930  // The context must be non-nil and will be used for request cancellation. If
 14931  // the context is nil a panic will occur. In the future the SDK may create
 14932  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 14933  // for more information on using Contexts.
 14934  func (c *IAM) TagServerCertificateWithContext(ctx aws.Context, input *TagServerCertificateInput, opts ...request.Option) (*TagServerCertificateOutput, error) {
 14935  	req, out := c.TagServerCertificateRequest(input)
 14936  	req.SetContext(ctx)
 14937  	req.ApplyOptions(opts...)
 14938  	return out, req.Send()
 14939  }
 14940  
 14941  const opTagUser = "TagUser"
 14942  
 14943  // TagUserRequest generates a "aws/request.Request" representing the
 14944  // client's request for the TagUser operation. The "output" return
 14945  // value will be populated with the request's response once the request completes
 14946  // successfully.
 14947  //
 14948  // Use "Send" method on the returned Request to send the API call to the service.
 14949  // the "output" return value is not valid until after Send returns without error.
 14950  //
 14951  // See TagUser for more information on using the TagUser
 14952  // API call, and error handling.
 14953  //
 14954  // This method is useful when you want to inject custom logic or configuration
 14955  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
 14956  //
 14957  //
 14958  //    // Example sending a request using the TagUserRequest method.
 14959  //    req, resp := client.TagUserRequest(params)
 14960  //
 14961  //    err := req.Send()
 14962  //    if err == nil { // resp is now filled
 14963  //        fmt.Println(resp)
 14964  //    }
 14965  //
 14966  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/TagUser
 14967  func (c *IAM) TagUserRequest(input *TagUserInput) (req *request.Request, output *TagUserOutput) {
 14968  	op := &request.Operation{
 14969  		Name:       opTagUser,
 14970  		HTTPMethod: "POST",
 14971  		HTTPPath:   "/",
 14972  	}
 14973  
 14974  	if input == nil {
 14975  		input = &TagUserInput{}
 14976  	}
 14977  
 14978  	output = &TagUserOutput{}
 14979  	req = c.newRequest(op, input, output)
 14980  	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
 14981  	return
 14982  }
 14983  
 14984  // TagUser API operation for AWS Identity and Access Management.
 14985  //
 14986  // Adds one or more tags to an IAM user. If a tag with the same key name already
 14987  // exists, then that tag is overwritten with the new value.
 14988  //
 14989  // A tag consists of a key name and an associated value. By assigning tags to
 14990  // your resources, you can do the following:
 14991  //
 14992  //    * Administrative grouping and discovery - Attach tags to resources to
 14993  //    aid in organization and search. For example, you could search for all
 14994  //    resources with the key name Project and the value MyImportantProject.
 14995  //    Or search for all resources with the key name Cost Center and the value
 14996  //    41200.
 14997  //
 14998  //    * Access control - Include tags in IAM user-based and resource-based policies.
 14999  //    You can use tags to restrict access to only an IAM requesting user that
 15000  //    has a specified tag attached. You can also restrict access to only those
 15001  //    resources that have a certain tag attached. For examples of policies that
 15002  //    show how to use tags to control access, see Control access using IAM tags
 15003  //    (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_tags.html) in
 15004  //    the IAM User Guide.
 15005  //
 15006  //    * Cost allocation - Use tags to help track which individuals and teams
 15007  //    are using which Amazon Web Services resources.
 15008  //
 15009  //    * If any one of the tags is invalid or if you exceed the allowed maximum
 15010  //    number of tags, then the entire request fails and the resource is not
 15011  //    created. For more information about tagging, see Tagging IAM resources
 15012  //    (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the
 15013  //    IAM User Guide.
 15014  //
 15015  //    * Amazon Web Services always interprets the tag Value as a single string.
 15016  //    If you need to store an array, you can store comma-separated values in
 15017  //    the string. However, you must interpret the value in your code.
 15018  //
 15019  // For more information about tagging, see Tagging IAM identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
 15020  // in the IAM User Guide.
 15021  //
 15022  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 15023  // with awserr.Error's Code and Message methods to get detailed information about
 15024  // the error.
 15025  //
 15026  // See the AWS API reference guide for AWS Identity and Access Management's
 15027  // API operation TagUser for usage and error information.
 15028  //
 15029  // Returned Error Codes:
 15030  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
 15031  //   The request was rejected because it referenced a resource entity that does
 15032  //   not exist. The error message describes the resource.
 15033  //
 15034  //   * ErrCodeLimitExceededException "LimitExceeded"
 15035  //   The request was rejected because it attempted to create resources beyond
 15036  //   the current Amazon Web Services account limits. The error message describes
 15037  //   the limit exceeded.
 15038  //
 15039  //   * ErrCodeInvalidInputException "InvalidInput"
 15040  //   The request was rejected because an invalid or out-of-range value was supplied
 15041  //   for an input parameter.
 15042  //
 15043  //   * ErrCodeConcurrentModificationException "ConcurrentModification"
 15044  //   The request was rejected because multiple requests to change this object
 15045  //   were submitted simultaneously. Wait a few minutes and submit your request
 15046  //   again.
 15047  //
 15048  //   * ErrCodeServiceFailureException "ServiceFailure"
 15049  //   The request processing has failed because of an unknown error, exception
 15050  //   or failure.
 15051  //
 15052  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/TagUser
 15053  func (c *IAM) TagUser(input *TagUserInput) (*TagUserOutput, error) {
 15054  	req, out := c.TagUserRequest(input)
 15055  	return out, req.Send()
 15056  }
 15057  
 15058  // TagUserWithContext is the same as TagUser with the addition of
 15059  // the ability to pass a context and additional request options.
 15060  //
 15061  // See TagUser for details on how to use this API operation.
 15062  //
 15063  // The context must be non-nil and will be used for request cancellation. If
 15064  // the context is nil a panic will occur. In the future the SDK may create
 15065  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 15066  // for more information on using Contexts.
 15067  func (c *IAM) TagUserWithContext(ctx aws.Context, input *TagUserInput, opts ...request.Option) (*TagUserOutput, error) {
 15068  	req, out := c.TagUserRequest(input)
 15069  	req.SetContext(ctx)
 15070  	req.ApplyOptions(opts...)
 15071  	return out, req.Send()
 15072  }
 15073  
 15074  const opUntagInstanceProfile = "UntagInstanceProfile"
 15075  
 15076  // UntagInstanceProfileRequest generates a "aws/request.Request" representing the
 15077  // client's request for the UntagInstanceProfile operation. The "output" return
 15078  // value will be populated with the request's response once the request completes
 15079  // successfully.
 15080  //
 15081  // Use "Send" method on the returned Request to send the API call to the service.
 15082  // the "output" return value is not valid until after Send returns without error.
 15083  //
 15084  // See UntagInstanceProfile for more information on using the UntagInstanceProfile
 15085  // API call, and error handling.
 15086  //
 15087  // This method is useful when you want to inject custom logic or configuration
 15088  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
 15089  //
 15090  //
 15091  //    // Example sending a request using the UntagInstanceProfileRequest method.
 15092  //    req, resp := client.UntagInstanceProfileRequest(params)
 15093  //
 15094  //    err := req.Send()
 15095  //    if err == nil { // resp is now filled
 15096  //        fmt.Println(resp)
 15097  //    }
 15098  //
 15099  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UntagInstanceProfile
 15100  func (c *IAM) UntagInstanceProfileRequest(input *UntagInstanceProfileInput) (req *request.Request, output *UntagInstanceProfileOutput) {
 15101  	op := &request.Operation{
 15102  		Name:       opUntagInstanceProfile,
 15103  		HTTPMethod: "POST",
 15104  		HTTPPath:   "/",
 15105  	}
 15106  
 15107  	if input == nil {
 15108  		input = &UntagInstanceProfileInput{}
 15109  	}
 15110  
 15111  	output = &UntagInstanceProfileOutput{}
 15112  	req = c.newRequest(op, input, output)
 15113  	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
 15114  	return
 15115  }
 15116  
 15117  // UntagInstanceProfile API operation for AWS Identity and Access Management.
 15118  //
 15119  // Removes the specified tags from the IAM instance profile. For more information
 15120  // about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
 15121  // in the IAM User Guide.
 15122  //
 15123  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 15124  // with awserr.Error's Code and Message methods to get detailed information about
 15125  // the error.
 15126  //
 15127  // See the AWS API reference guide for AWS Identity and Access Management's
 15128  // API operation UntagInstanceProfile for usage and error information.
 15129  //
 15130  // Returned Error Codes:
 15131  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
 15132  //   The request was rejected because it referenced a resource entity that does
 15133  //   not exist. The error message describes the resource.
 15134  //
 15135  //   * ErrCodeInvalidInputException "InvalidInput"
 15136  //   The request was rejected because an invalid or out-of-range value was supplied
 15137  //   for an input parameter.
 15138  //
 15139  //   * ErrCodeConcurrentModificationException "ConcurrentModification"
 15140  //   The request was rejected because multiple requests to change this object
 15141  //   were submitted simultaneously. Wait a few minutes and submit your request
 15142  //   again.
 15143  //
 15144  //   * ErrCodeServiceFailureException "ServiceFailure"
 15145  //   The request processing has failed because of an unknown error, exception
 15146  //   or failure.
 15147  //
 15148  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UntagInstanceProfile
 15149  func (c *IAM) UntagInstanceProfile(input *UntagInstanceProfileInput) (*UntagInstanceProfileOutput, error) {
 15150  	req, out := c.UntagInstanceProfileRequest(input)
 15151  	return out, req.Send()
 15152  }
 15153  
 15154  // UntagInstanceProfileWithContext is the same as UntagInstanceProfile with the addition of
 15155  // the ability to pass a context and additional request options.
 15156  //
 15157  // See UntagInstanceProfile for details on how to use this API operation.
 15158  //
 15159  // The context must be non-nil and will be used for request cancellation. If
 15160  // the context is nil a panic will occur. In the future the SDK may create
 15161  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 15162  // for more information on using Contexts.
 15163  func (c *IAM) UntagInstanceProfileWithContext(ctx aws.Context, input *UntagInstanceProfileInput, opts ...request.Option) (*UntagInstanceProfileOutput, error) {
 15164  	req, out := c.UntagInstanceProfileRequest(input)
 15165  	req.SetContext(ctx)
 15166  	req.ApplyOptions(opts...)
 15167  	return out, req.Send()
 15168  }
 15169  
 15170  const opUntagMFADevice = "UntagMFADevice"
 15171  
 15172  // UntagMFADeviceRequest generates a "aws/request.Request" representing the
 15173  // client's request for the UntagMFADevice operation. The "output" return
 15174  // value will be populated with the request's response once the request completes
 15175  // successfully.
 15176  //
 15177  // Use "Send" method on the returned Request to send the API call to the service.
 15178  // the "output" return value is not valid until after Send returns without error.
 15179  //
 15180  // See UntagMFADevice for more information on using the UntagMFADevice
 15181  // API call, and error handling.
 15182  //
 15183  // This method is useful when you want to inject custom logic or configuration
 15184  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
 15185  //
 15186  //
 15187  //    // Example sending a request using the UntagMFADeviceRequest method.
 15188  //    req, resp := client.UntagMFADeviceRequest(params)
 15189  //
 15190  //    err := req.Send()
 15191  //    if err == nil { // resp is now filled
 15192  //        fmt.Println(resp)
 15193  //    }
 15194  //
 15195  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UntagMFADevice
 15196  func (c *IAM) UntagMFADeviceRequest(input *UntagMFADeviceInput) (req *request.Request, output *UntagMFADeviceOutput) {
 15197  	op := &request.Operation{
 15198  		Name:       opUntagMFADevice,
 15199  		HTTPMethod: "POST",
 15200  		HTTPPath:   "/",
 15201  	}
 15202  
 15203  	if input == nil {
 15204  		input = &UntagMFADeviceInput{}
 15205  	}
 15206  
 15207  	output = &UntagMFADeviceOutput{}
 15208  	req = c.newRequest(op, input, output)
 15209  	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
 15210  	return
 15211  }
 15212  
 15213  // UntagMFADevice API operation for AWS Identity and Access Management.
 15214  //
 15215  // Removes the specified tags from the IAM virtual multi-factor authentication
 15216  // (MFA) device. For more information about tagging, see Tagging IAM resources
 15217  // (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the IAM
 15218  // User Guide.
 15219  //
 15220  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 15221  // with awserr.Error's Code and Message methods to get detailed information about
 15222  // the error.
 15223  //
 15224  // See the AWS API reference guide for AWS Identity and Access Management's
 15225  // API operation UntagMFADevice for usage and error information.
 15226  //
 15227  // Returned Error Codes:
 15228  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
 15229  //   The request was rejected because it referenced a resource entity that does
 15230  //   not exist. The error message describes the resource.
 15231  //
 15232  //   * ErrCodeInvalidInputException "InvalidInput"
 15233  //   The request was rejected because an invalid or out-of-range value was supplied
 15234  //   for an input parameter.
 15235  //
 15236  //   * ErrCodeConcurrentModificationException "ConcurrentModification"
 15237  //   The request was rejected because multiple requests to change this object
 15238  //   were submitted simultaneously. Wait a few minutes and submit your request
 15239  //   again.
 15240  //
 15241  //   * ErrCodeServiceFailureException "ServiceFailure"
 15242  //   The request processing has failed because of an unknown error, exception
 15243  //   or failure.
 15244  //
 15245  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UntagMFADevice
 15246  func (c *IAM) UntagMFADevice(input *UntagMFADeviceInput) (*UntagMFADeviceOutput, error) {
 15247  	req, out := c.UntagMFADeviceRequest(input)
 15248  	return out, req.Send()
 15249  }
 15250  
 15251  // UntagMFADeviceWithContext is the same as UntagMFADevice with the addition of
 15252  // the ability to pass a context and additional request options.
 15253  //
 15254  // See UntagMFADevice for details on how to use this API operation.
 15255  //
 15256  // The context must be non-nil and will be used for request cancellation. If
 15257  // the context is nil a panic will occur. In the future the SDK may create
 15258  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 15259  // for more information on using Contexts.
 15260  func (c *IAM) UntagMFADeviceWithContext(ctx aws.Context, input *UntagMFADeviceInput, opts ...request.Option) (*UntagMFADeviceOutput, error) {
 15261  	req, out := c.UntagMFADeviceRequest(input)
 15262  	req.SetContext(ctx)
 15263  	req.ApplyOptions(opts...)
 15264  	return out, req.Send()
 15265  }
 15266  
 15267  const opUntagOpenIDConnectProvider = "UntagOpenIDConnectProvider"
 15268  
 15269  // UntagOpenIDConnectProviderRequest generates a "aws/request.Request" representing the
 15270  // client's request for the UntagOpenIDConnectProvider operation. The "output" return
 15271  // value will be populated with the request's response once the request completes
 15272  // successfully.
 15273  //
 15274  // Use "Send" method on the returned Request to send the API call to the service.
 15275  // the "output" return value is not valid until after Send returns without error.
 15276  //
 15277  // See UntagOpenIDConnectProvider for more information on using the UntagOpenIDConnectProvider
 15278  // API call, and error handling.
 15279  //
 15280  // This method is useful when you want to inject custom logic or configuration
 15281  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
 15282  //
 15283  //
 15284  //    // Example sending a request using the UntagOpenIDConnectProviderRequest method.
 15285  //    req, resp := client.UntagOpenIDConnectProviderRequest(params)
 15286  //
 15287  //    err := req.Send()
 15288  //    if err == nil { // resp is now filled
 15289  //        fmt.Println(resp)
 15290  //    }
 15291  //
 15292  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UntagOpenIDConnectProvider
 15293  func (c *IAM) UntagOpenIDConnectProviderRequest(input *UntagOpenIDConnectProviderInput) (req *request.Request, output *UntagOpenIDConnectProviderOutput) {
 15294  	op := &request.Operation{
 15295  		Name:       opUntagOpenIDConnectProvider,
 15296  		HTTPMethod: "POST",
 15297  		HTTPPath:   "/",
 15298  	}
 15299  
 15300  	if input == nil {
 15301  		input = &UntagOpenIDConnectProviderInput{}
 15302  	}
 15303  
 15304  	output = &UntagOpenIDConnectProviderOutput{}
 15305  	req = c.newRequest(op, input, output)
 15306  	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
 15307  	return
 15308  }
 15309  
 15310  // UntagOpenIDConnectProvider API operation for AWS Identity and Access Management.
 15311  //
 15312  // Removes the specified tags from the specified OpenID Connect (OIDC)-compatible
 15313  // identity provider in IAM. For more information about OIDC providers, see
 15314  // About web identity federation (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_oidc.html).
 15315  // For more information about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
 15316  // in the IAM User Guide.
 15317  //
 15318  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 15319  // with awserr.Error's Code and Message methods to get detailed information about
 15320  // the error.
 15321  //
 15322  // See the AWS API reference guide for AWS Identity and Access Management's
 15323  // API operation UntagOpenIDConnectProvider for usage and error information.
 15324  //
 15325  // Returned Error Codes:
 15326  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
 15327  //   The request was rejected because it referenced a resource entity that does
 15328  //   not exist. The error message describes the resource.
 15329  //
 15330  //   * ErrCodeInvalidInputException "InvalidInput"
 15331  //   The request was rejected because an invalid or out-of-range value was supplied
 15332  //   for an input parameter.
 15333  //
 15334  //   * ErrCodeConcurrentModificationException "ConcurrentModification"
 15335  //   The request was rejected because multiple requests to change this object
 15336  //   were submitted simultaneously. Wait a few minutes and submit your request
 15337  //   again.
 15338  //
 15339  //   * ErrCodeServiceFailureException "ServiceFailure"
 15340  //   The request processing has failed because of an unknown error, exception
 15341  //   or failure.
 15342  //
 15343  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UntagOpenIDConnectProvider
 15344  func (c *IAM) UntagOpenIDConnectProvider(input *UntagOpenIDConnectProviderInput) (*UntagOpenIDConnectProviderOutput, error) {
 15345  	req, out := c.UntagOpenIDConnectProviderRequest(input)
 15346  	return out, req.Send()
 15347  }
 15348  
 15349  // UntagOpenIDConnectProviderWithContext is the same as UntagOpenIDConnectProvider with the addition of
 15350  // the ability to pass a context and additional request options.
 15351  //
 15352  // See UntagOpenIDConnectProvider for details on how to use this API operation.
 15353  //
 15354  // The context must be non-nil and will be used for request cancellation. If
 15355  // the context is nil a panic will occur. In the future the SDK may create
 15356  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 15357  // for more information on using Contexts.
 15358  func (c *IAM) UntagOpenIDConnectProviderWithContext(ctx aws.Context, input *UntagOpenIDConnectProviderInput, opts ...request.Option) (*UntagOpenIDConnectProviderOutput, error) {
 15359  	req, out := c.UntagOpenIDConnectProviderRequest(input)
 15360  	req.SetContext(ctx)
 15361  	req.ApplyOptions(opts...)
 15362  	return out, req.Send()
 15363  }
 15364  
 15365  const opUntagPolicy = "UntagPolicy"
 15366  
 15367  // UntagPolicyRequest generates a "aws/request.Request" representing the
 15368  // client's request for the UntagPolicy operation. The "output" return
 15369  // value will be populated with the request's response once the request completes
 15370  // successfully.
 15371  //
 15372  // Use "Send" method on the returned Request to send the API call to the service.
 15373  // the "output" return value is not valid until after Send returns without error.
 15374  //
 15375  // See UntagPolicy for more information on using the UntagPolicy
 15376  // API call, and error handling.
 15377  //
 15378  // This method is useful when you want to inject custom logic or configuration
 15379  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
 15380  //
 15381  //
 15382  //    // Example sending a request using the UntagPolicyRequest method.
 15383  //    req, resp := client.UntagPolicyRequest(params)
 15384  //
 15385  //    err := req.Send()
 15386  //    if err == nil { // resp is now filled
 15387  //        fmt.Println(resp)
 15388  //    }
 15389  //
 15390  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UntagPolicy
 15391  func (c *IAM) UntagPolicyRequest(input *UntagPolicyInput) (req *request.Request, output *UntagPolicyOutput) {
 15392  	op := &request.Operation{
 15393  		Name:       opUntagPolicy,
 15394  		HTTPMethod: "POST",
 15395  		HTTPPath:   "/",
 15396  	}
 15397  
 15398  	if input == nil {
 15399  		input = &UntagPolicyInput{}
 15400  	}
 15401  
 15402  	output = &UntagPolicyOutput{}
 15403  	req = c.newRequest(op, input, output)
 15404  	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
 15405  	return
 15406  }
 15407  
 15408  // UntagPolicy API operation for AWS Identity and Access Management.
 15409  //
 15410  // Removes the specified tags from the customer managed policy. For more information
 15411  // about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
 15412  // in the IAM User Guide.
 15413  //
 15414  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 15415  // with awserr.Error's Code and Message methods to get detailed information about
 15416  // the error.
 15417  //
 15418  // See the AWS API reference guide for AWS Identity and Access Management's
 15419  // API operation UntagPolicy for usage and error information.
 15420  //
 15421  // Returned Error Codes:
 15422  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
 15423  //   The request was rejected because it referenced a resource entity that does
 15424  //   not exist. The error message describes the resource.
 15425  //
 15426  //   * ErrCodeInvalidInputException "InvalidInput"
 15427  //   The request was rejected because an invalid or out-of-range value was supplied
 15428  //   for an input parameter.
 15429  //
 15430  //   * ErrCodeConcurrentModificationException "ConcurrentModification"
 15431  //   The request was rejected because multiple requests to change this object
 15432  //   were submitted simultaneously. Wait a few minutes and submit your request
 15433  //   again.
 15434  //
 15435  //   * ErrCodeServiceFailureException "ServiceFailure"
 15436  //   The request processing has failed because of an unknown error, exception
 15437  //   or failure.
 15438  //
 15439  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UntagPolicy
 15440  func (c *IAM) UntagPolicy(input *UntagPolicyInput) (*UntagPolicyOutput, error) {
 15441  	req, out := c.UntagPolicyRequest(input)
 15442  	return out, req.Send()
 15443  }
 15444  
 15445  // UntagPolicyWithContext is the same as UntagPolicy with the addition of
 15446  // the ability to pass a context and additional request options.
 15447  //
 15448  // See UntagPolicy for details on how to use this API operation.
 15449  //
 15450  // The context must be non-nil and will be used for request cancellation. If
 15451  // the context is nil a panic will occur. In the future the SDK may create
 15452  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 15453  // for more information on using Contexts.
 15454  func (c *IAM) UntagPolicyWithContext(ctx aws.Context, input *UntagPolicyInput, opts ...request.Option) (*UntagPolicyOutput, error) {
 15455  	req, out := c.UntagPolicyRequest(input)
 15456  	req.SetContext(ctx)
 15457  	req.ApplyOptions(opts...)
 15458  	return out, req.Send()
 15459  }
 15460  
 15461  const opUntagRole = "UntagRole"
 15462  
 15463  // UntagRoleRequest generates a "aws/request.Request" representing the
 15464  // client's request for the UntagRole operation. The "output" return
 15465  // value will be populated with the request's response once the request completes
 15466  // successfully.
 15467  //
 15468  // Use "Send" method on the returned Request to send the API call to the service.
 15469  // the "output" return value is not valid until after Send returns without error.
 15470  //
 15471  // See UntagRole for more information on using the UntagRole
 15472  // API call, and error handling.
 15473  //
 15474  // This method is useful when you want to inject custom logic or configuration
 15475  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
 15476  //
 15477  //
 15478  //    // Example sending a request using the UntagRoleRequest method.
 15479  //    req, resp := client.UntagRoleRequest(params)
 15480  //
 15481  //    err := req.Send()
 15482  //    if err == nil { // resp is now filled
 15483  //        fmt.Println(resp)
 15484  //    }
 15485  //
 15486  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UntagRole
 15487  func (c *IAM) UntagRoleRequest(input *UntagRoleInput) (req *request.Request, output *UntagRoleOutput) {
 15488  	op := &request.Operation{
 15489  		Name:       opUntagRole,
 15490  		HTTPMethod: "POST",
 15491  		HTTPPath:   "/",
 15492  	}
 15493  
 15494  	if input == nil {
 15495  		input = &UntagRoleInput{}
 15496  	}
 15497  
 15498  	output = &UntagRoleOutput{}
 15499  	req = c.newRequest(op, input, output)
 15500  	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
 15501  	return
 15502  }
 15503  
 15504  // UntagRole API operation for AWS Identity and Access Management.
 15505  //
 15506  // Removes the specified tags from the role. For more information about tagging,
 15507  // see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
 15508  // in the IAM User Guide.
 15509  //
 15510  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 15511  // with awserr.Error's Code and Message methods to get detailed information about
 15512  // the error.
 15513  //
 15514  // See the AWS API reference guide for AWS Identity and Access Management's
 15515  // API operation UntagRole for usage and error information.
 15516  //
 15517  // Returned Error Codes:
 15518  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
 15519  //   The request was rejected because it referenced a resource entity that does
 15520  //   not exist. The error message describes the resource.
 15521  //
 15522  //   * ErrCodeConcurrentModificationException "ConcurrentModification"
 15523  //   The request was rejected because multiple requests to change this object
 15524  //   were submitted simultaneously. Wait a few minutes and submit your request
 15525  //   again.
 15526  //
 15527  //   * ErrCodeServiceFailureException "ServiceFailure"
 15528  //   The request processing has failed because of an unknown error, exception
 15529  //   or failure.
 15530  //
 15531  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UntagRole
 15532  func (c *IAM) UntagRole(input *UntagRoleInput) (*UntagRoleOutput, error) {
 15533  	req, out := c.UntagRoleRequest(input)
 15534  	return out, req.Send()
 15535  }
 15536  
 15537  // UntagRoleWithContext is the same as UntagRole with the addition of
 15538  // the ability to pass a context and additional request options.
 15539  //
 15540  // See UntagRole for details on how to use this API operation.
 15541  //
 15542  // The context must be non-nil and will be used for request cancellation. If
 15543  // the context is nil a panic will occur. In the future the SDK may create
 15544  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 15545  // for more information on using Contexts.
 15546  func (c *IAM) UntagRoleWithContext(ctx aws.Context, input *UntagRoleInput, opts ...request.Option) (*UntagRoleOutput, error) {
 15547  	req, out := c.UntagRoleRequest(input)
 15548  	req.SetContext(ctx)
 15549  	req.ApplyOptions(opts...)
 15550  	return out, req.Send()
 15551  }
 15552  
 15553  const opUntagSAMLProvider = "UntagSAMLProvider"
 15554  
 15555  // UntagSAMLProviderRequest generates a "aws/request.Request" representing the
 15556  // client's request for the UntagSAMLProvider operation. The "output" return
 15557  // value will be populated with the request's response once the request completes
 15558  // successfully.
 15559  //
 15560  // Use "Send" method on the returned Request to send the API call to the service.
 15561  // the "output" return value is not valid until after Send returns without error.
 15562  //
 15563  // See UntagSAMLProvider for more information on using the UntagSAMLProvider
 15564  // API call, and error handling.
 15565  //
 15566  // This method is useful when you want to inject custom logic or configuration
 15567  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
 15568  //
 15569  //
 15570  //    // Example sending a request using the UntagSAMLProviderRequest method.
 15571  //    req, resp := client.UntagSAMLProviderRequest(params)
 15572  //
 15573  //    err := req.Send()
 15574  //    if err == nil { // resp is now filled
 15575  //        fmt.Println(resp)
 15576  //    }
 15577  //
 15578  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UntagSAMLProvider
 15579  func (c *IAM) UntagSAMLProviderRequest(input *UntagSAMLProviderInput) (req *request.Request, output *UntagSAMLProviderOutput) {
 15580  	op := &request.Operation{
 15581  		Name:       opUntagSAMLProvider,
 15582  		HTTPMethod: "POST",
 15583  		HTTPPath:   "/",
 15584  	}
 15585  
 15586  	if input == nil {
 15587  		input = &UntagSAMLProviderInput{}
 15588  	}
 15589  
 15590  	output = &UntagSAMLProviderOutput{}
 15591  	req = c.newRequest(op, input, output)
 15592  	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
 15593  	return
 15594  }
 15595  
 15596  // UntagSAMLProvider API operation for AWS Identity and Access Management.
 15597  //
 15598  // Removes the specified tags from the specified Security Assertion Markup Language
 15599  // (SAML) identity provider in IAM. For more information about these providers,
 15600  // see About web identity federation (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_oidc.html).
 15601  // For more information about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
 15602  // in the IAM User Guide.
 15603  //
 15604  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 15605  // with awserr.Error's Code and Message methods to get detailed information about
 15606  // the error.
 15607  //
 15608  // See the AWS API reference guide for AWS Identity and Access Management's
 15609  // API operation UntagSAMLProvider for usage and error information.
 15610  //
 15611  // Returned Error Codes:
 15612  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
 15613  //   The request was rejected because it referenced a resource entity that does
 15614  //   not exist. The error message describes the resource.
 15615  //
 15616  //   * ErrCodeInvalidInputException "InvalidInput"
 15617  //   The request was rejected because an invalid or out-of-range value was supplied
 15618  //   for an input parameter.
 15619  //
 15620  //   * ErrCodeConcurrentModificationException "ConcurrentModification"
 15621  //   The request was rejected because multiple requests to change this object
 15622  //   were submitted simultaneously. Wait a few minutes and submit your request
 15623  //   again.
 15624  //
 15625  //   * ErrCodeServiceFailureException "ServiceFailure"
 15626  //   The request processing has failed because of an unknown error, exception
 15627  //   or failure.
 15628  //
 15629  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UntagSAMLProvider
 15630  func (c *IAM) UntagSAMLProvider(input *UntagSAMLProviderInput) (*UntagSAMLProviderOutput, error) {
 15631  	req, out := c.UntagSAMLProviderRequest(input)
 15632  	return out, req.Send()
 15633  }
 15634  
 15635  // UntagSAMLProviderWithContext is the same as UntagSAMLProvider with the addition of
 15636  // the ability to pass a context and additional request options.
 15637  //
 15638  // See UntagSAMLProvider for details on how to use this API operation.
 15639  //
 15640  // The context must be non-nil and will be used for request cancellation. If
 15641  // the context is nil a panic will occur. In the future the SDK may create
 15642  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 15643  // for more information on using Contexts.
 15644  func (c *IAM) UntagSAMLProviderWithContext(ctx aws.Context, input *UntagSAMLProviderInput, opts ...request.Option) (*UntagSAMLProviderOutput, error) {
 15645  	req, out := c.UntagSAMLProviderRequest(input)
 15646  	req.SetContext(ctx)
 15647  	req.ApplyOptions(opts...)
 15648  	return out, req.Send()
 15649  }
 15650  
 15651  const opUntagServerCertificate = "UntagServerCertificate"
 15652  
 15653  // UntagServerCertificateRequest generates a "aws/request.Request" representing the
 15654  // client's request for the UntagServerCertificate operation. The "output" return
 15655  // value will be populated with the request's response once the request completes
 15656  // successfully.
 15657  //
 15658  // Use "Send" method on the returned Request to send the API call to the service.
 15659  // the "output" return value is not valid until after Send returns without error.
 15660  //
 15661  // See UntagServerCertificate for more information on using the UntagServerCertificate
 15662  // API call, and error handling.
 15663  //
 15664  // This method is useful when you want to inject custom logic or configuration
 15665  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
 15666  //
 15667  //
 15668  //    // Example sending a request using the UntagServerCertificateRequest method.
 15669  //    req, resp := client.UntagServerCertificateRequest(params)
 15670  //
 15671  //    err := req.Send()
 15672  //    if err == nil { // resp is now filled
 15673  //        fmt.Println(resp)
 15674  //    }
 15675  //
 15676  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UntagServerCertificate
 15677  func (c *IAM) UntagServerCertificateRequest(input *UntagServerCertificateInput) (req *request.Request, output *UntagServerCertificateOutput) {
 15678  	op := &request.Operation{
 15679  		Name:       opUntagServerCertificate,
 15680  		HTTPMethod: "POST",
 15681  		HTTPPath:   "/",
 15682  	}
 15683  
 15684  	if input == nil {
 15685  		input = &UntagServerCertificateInput{}
 15686  	}
 15687  
 15688  	output = &UntagServerCertificateOutput{}
 15689  	req = c.newRequest(op, input, output)
 15690  	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
 15691  	return
 15692  }
 15693  
 15694  // UntagServerCertificate API operation for AWS Identity and Access Management.
 15695  //
 15696  // Removes the specified tags from the IAM server certificate. For more information
 15697  // about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
 15698  // in the IAM User Guide.
 15699  //
 15700  // For certificates in a Region supported by Certificate Manager (ACM), we recommend
 15701  // that you don't use IAM server certificates. Instead, use ACM to provision,
 15702  // manage, and deploy your server certificates. For more information about IAM
 15703  // server certificates, Working with server certificates (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_server-certs.html)
 15704  // in the IAM User Guide.
 15705  //
 15706  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 15707  // with awserr.Error's Code and Message methods to get detailed information about
 15708  // the error.
 15709  //
 15710  // See the AWS API reference guide for AWS Identity and Access Management's
 15711  // API operation UntagServerCertificate for usage and error information.
 15712  //
 15713  // Returned Error Codes:
 15714  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
 15715  //   The request was rejected because it referenced a resource entity that does
 15716  //   not exist. The error message describes the resource.
 15717  //
 15718  //   * ErrCodeInvalidInputException "InvalidInput"
 15719  //   The request was rejected because an invalid or out-of-range value was supplied
 15720  //   for an input parameter.
 15721  //
 15722  //   * ErrCodeConcurrentModificationException "ConcurrentModification"
 15723  //   The request was rejected because multiple requests to change this object
 15724  //   were submitted simultaneously. Wait a few minutes and submit your request
 15725  //   again.
 15726  //
 15727  //   * ErrCodeServiceFailureException "ServiceFailure"
 15728  //   The request processing has failed because of an unknown error, exception
 15729  //   or failure.
 15730  //
 15731  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UntagServerCertificate
 15732  func (c *IAM) UntagServerCertificate(input *UntagServerCertificateInput) (*UntagServerCertificateOutput, error) {
 15733  	req, out := c.UntagServerCertificateRequest(input)
 15734  	return out, req.Send()
 15735  }
 15736  
 15737  // UntagServerCertificateWithContext is the same as UntagServerCertificate with the addition of
 15738  // the ability to pass a context and additional request options.
 15739  //
 15740  // See UntagServerCertificate for details on how to use this API operation.
 15741  //
 15742  // The context must be non-nil and will be used for request cancellation. If
 15743  // the context is nil a panic will occur. In the future the SDK may create
 15744  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 15745  // for more information on using Contexts.
 15746  func (c *IAM) UntagServerCertificateWithContext(ctx aws.Context, input *UntagServerCertificateInput, opts ...request.Option) (*UntagServerCertificateOutput, error) {
 15747  	req, out := c.UntagServerCertificateRequest(input)
 15748  	req.SetContext(ctx)
 15749  	req.ApplyOptions(opts...)
 15750  	return out, req.Send()
 15751  }
 15752  
 15753  const opUntagUser = "UntagUser"
 15754  
 15755  // UntagUserRequest generates a "aws/request.Request" representing the
 15756  // client's request for the UntagUser operation. The "output" return
 15757  // value will be populated with the request's response once the request completes
 15758  // successfully.
 15759  //
 15760  // Use "Send" method on the returned Request to send the API call to the service.
 15761  // the "output" return value is not valid until after Send returns without error.
 15762  //
 15763  // See UntagUser for more information on using the UntagUser
 15764  // API call, and error handling.
 15765  //
 15766  // This method is useful when you want to inject custom logic or configuration
 15767  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
 15768  //
 15769  //
 15770  //    // Example sending a request using the UntagUserRequest method.
 15771  //    req, resp := client.UntagUserRequest(params)
 15772  //
 15773  //    err := req.Send()
 15774  //    if err == nil { // resp is now filled
 15775  //        fmt.Println(resp)
 15776  //    }
 15777  //
 15778  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UntagUser
 15779  func (c *IAM) UntagUserRequest(input *UntagUserInput) (req *request.Request, output *UntagUserOutput) {
 15780  	op := &request.Operation{
 15781  		Name:       opUntagUser,
 15782  		HTTPMethod: "POST",
 15783  		HTTPPath:   "/",
 15784  	}
 15785  
 15786  	if input == nil {
 15787  		input = &UntagUserInput{}
 15788  	}
 15789  
 15790  	output = &UntagUserOutput{}
 15791  	req = c.newRequest(op, input, output)
 15792  	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
 15793  	return
 15794  }
 15795  
 15796  // UntagUser API operation for AWS Identity and Access Management.
 15797  //
 15798  // Removes the specified tags from the user. For more information about tagging,
 15799  // see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
 15800  // in the IAM User Guide.
 15801  //
 15802  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 15803  // with awserr.Error's Code and Message methods to get detailed information about
 15804  // the error.
 15805  //
 15806  // See the AWS API reference guide for AWS Identity and Access Management's
 15807  // API operation UntagUser for usage and error information.
 15808  //
 15809  // Returned Error Codes:
 15810  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
 15811  //   The request was rejected because it referenced a resource entity that does
 15812  //   not exist. The error message describes the resource.
 15813  //
 15814  //   * ErrCodeConcurrentModificationException "ConcurrentModification"
 15815  //   The request was rejected because multiple requests to change this object
 15816  //   were submitted simultaneously. Wait a few minutes and submit your request
 15817  //   again.
 15818  //
 15819  //   * ErrCodeServiceFailureException "ServiceFailure"
 15820  //   The request processing has failed because of an unknown error, exception
 15821  //   or failure.
 15822  //
 15823  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UntagUser
 15824  func (c *IAM) UntagUser(input *UntagUserInput) (*UntagUserOutput, error) {
 15825  	req, out := c.UntagUserRequest(input)
 15826  	return out, req.Send()
 15827  }
 15828  
 15829  // UntagUserWithContext is the same as UntagUser with the addition of
 15830  // the ability to pass a context and additional request options.
 15831  //
 15832  // See UntagUser for details on how to use this API operation.
 15833  //
 15834  // The context must be non-nil and will be used for request cancellation. If
 15835  // the context is nil a panic will occur. In the future the SDK may create
 15836  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 15837  // for more information on using Contexts.
 15838  func (c *IAM) UntagUserWithContext(ctx aws.Context, input *UntagUserInput, opts ...request.Option) (*UntagUserOutput, error) {
 15839  	req, out := c.UntagUserRequest(input)
 15840  	req.SetContext(ctx)
 15841  	req.ApplyOptions(opts...)
 15842  	return out, req.Send()
 15843  }
 15844  
 15845  const opUpdateAccessKey = "UpdateAccessKey"
 15846  
 15847  // UpdateAccessKeyRequest generates a "aws/request.Request" representing the
 15848  // client's request for the UpdateAccessKey operation. The "output" return
 15849  // value will be populated with the request's response once the request completes
 15850  // successfully.
 15851  //
 15852  // Use "Send" method on the returned Request to send the API call to the service.
 15853  // the "output" return value is not valid until after Send returns without error.
 15854  //
 15855  // See UpdateAccessKey for more information on using the UpdateAccessKey
 15856  // API call, and error handling.
 15857  //
 15858  // This method is useful when you want to inject custom logic or configuration
 15859  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
 15860  //
 15861  //
 15862  //    // Example sending a request using the UpdateAccessKeyRequest method.
 15863  //    req, resp := client.UpdateAccessKeyRequest(params)
 15864  //
 15865  //    err := req.Send()
 15866  //    if err == nil { // resp is now filled
 15867  //        fmt.Println(resp)
 15868  //    }
 15869  //
 15870  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateAccessKey
 15871  func (c *IAM) UpdateAccessKeyRequest(input *UpdateAccessKeyInput) (req *request.Request, output *UpdateAccessKeyOutput) {
 15872  	op := &request.Operation{
 15873  		Name:       opUpdateAccessKey,
 15874  		HTTPMethod: "POST",
 15875  		HTTPPath:   "/",
 15876  	}
 15877  
 15878  	if input == nil {
 15879  		input = &UpdateAccessKeyInput{}
 15880  	}
 15881  
 15882  	output = &UpdateAccessKeyOutput{}
 15883  	req = c.newRequest(op, input, output)
 15884  	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
 15885  	return
 15886  }
 15887  
 15888  // UpdateAccessKey API operation for AWS Identity and Access Management.
 15889  //
 15890  // Changes the status of the specified access key from Active to Inactive, or
 15891  // vice versa. This operation can be used to disable a user's key as part of
 15892  // a key rotation workflow.
 15893  //
 15894  // If the UserName is not specified, the user name is determined implicitly
 15895  // based on the Amazon Web Services access key ID used to sign the request.
 15896  // This operation works for access keys under the Amazon Web Services account.
 15897  // Consequently, you can use this operation to manage Amazon Web Services account
 15898  // root user credentials even if the Amazon Web Services account has no associated
 15899  // users.
 15900  //
 15901  // For information about rotating keys, see Managing keys and certificates (https://docs.aws.amazon.com/IAM/latest/UserGuide/ManagingCredentials.html)
 15902  // in the IAM User Guide.
 15903  //
 15904  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 15905  // with awserr.Error's Code and Message methods to get detailed information about
 15906  // the error.
 15907  //
 15908  // See the AWS API reference guide for AWS Identity and Access Management's
 15909  // API operation UpdateAccessKey for usage and error information.
 15910  //
 15911  // Returned Error Codes:
 15912  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
 15913  //   The request was rejected because it referenced a resource entity that does
 15914  //   not exist. The error message describes the resource.
 15915  //
 15916  //   * ErrCodeLimitExceededException "LimitExceeded"
 15917  //   The request was rejected because it attempted to create resources beyond
 15918  //   the current Amazon Web Services account limits. The error message describes
 15919  //   the limit exceeded.
 15920  //
 15921  //   * ErrCodeServiceFailureException "ServiceFailure"
 15922  //   The request processing has failed because of an unknown error, exception
 15923  //   or failure.
 15924  //
 15925  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateAccessKey
 15926  func (c *IAM) UpdateAccessKey(input *UpdateAccessKeyInput) (*UpdateAccessKeyOutput, error) {
 15927  	req, out := c.UpdateAccessKeyRequest(input)
 15928  	return out, req.Send()
 15929  }
 15930  
 15931  // UpdateAccessKeyWithContext is the same as UpdateAccessKey with the addition of
 15932  // the ability to pass a context and additional request options.
 15933  //
 15934  // See UpdateAccessKey for details on how to use this API operation.
 15935  //
 15936  // The context must be non-nil and will be used for request cancellation. If
 15937  // the context is nil a panic will occur. In the future the SDK may create
 15938  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 15939  // for more information on using Contexts.
 15940  func (c *IAM) UpdateAccessKeyWithContext(ctx aws.Context, input *UpdateAccessKeyInput, opts ...request.Option) (*UpdateAccessKeyOutput, error) {
 15941  	req, out := c.UpdateAccessKeyRequest(input)
 15942  	req.SetContext(ctx)
 15943  	req.ApplyOptions(opts...)
 15944  	return out, req.Send()
 15945  }
 15946  
 15947  const opUpdateAccountPasswordPolicy = "UpdateAccountPasswordPolicy"
 15948  
 15949  // UpdateAccountPasswordPolicyRequest generates a "aws/request.Request" representing the
 15950  // client's request for the UpdateAccountPasswordPolicy operation. The "output" return
 15951  // value will be populated with the request's response once the request completes
 15952  // successfully.
 15953  //
 15954  // Use "Send" method on the returned Request to send the API call to the service.
 15955  // the "output" return value is not valid until after Send returns without error.
 15956  //
 15957  // See UpdateAccountPasswordPolicy for more information on using the UpdateAccountPasswordPolicy
 15958  // API call, and error handling.
 15959  //
 15960  // This method is useful when you want to inject custom logic or configuration
 15961  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
 15962  //
 15963  //
 15964  //    // Example sending a request using the UpdateAccountPasswordPolicyRequest method.
 15965  //    req, resp := client.UpdateAccountPasswordPolicyRequest(params)
 15966  //
 15967  //    err := req.Send()
 15968  //    if err == nil { // resp is now filled
 15969  //        fmt.Println(resp)
 15970  //    }
 15971  //
 15972  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateAccountPasswordPolicy
 15973  func (c *IAM) UpdateAccountPasswordPolicyRequest(input *UpdateAccountPasswordPolicyInput) (req *request.Request, output *UpdateAccountPasswordPolicyOutput) {
 15974  	op := &request.Operation{
 15975  		Name:       opUpdateAccountPasswordPolicy,
 15976  		HTTPMethod: "POST",
 15977  		HTTPPath:   "/",
 15978  	}
 15979  
 15980  	if input == nil {
 15981  		input = &UpdateAccountPasswordPolicyInput{}
 15982  	}
 15983  
 15984  	output = &UpdateAccountPasswordPolicyOutput{}
 15985  	req = c.newRequest(op, input, output)
 15986  	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
 15987  	return
 15988  }
 15989  
 15990  // UpdateAccountPasswordPolicy API operation for AWS Identity and Access Management.
 15991  //
 15992  // Updates the password policy settings for the Amazon Web Services account.
 15993  //
 15994  //    * This operation does not support partial updates. No parameters are required,
 15995  //    but if you do not specify a parameter, that parameter's value reverts
 15996  //    to its default value. See the Request Parameters section for each parameter's
 15997  //    default value. Also note that some parameters do not allow the default
 15998  //    parameter to be explicitly set. Instead, to invoke the default value,
 15999  //    do not include that parameter when you invoke the operation.
 16000  //
 16001  // For more information about using a password policy, see Managing an IAM password
 16002  // policy (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_ManagingPasswordPolicies.html)
 16003  // in the IAM User Guide.
 16004  //
 16005  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 16006  // with awserr.Error's Code and Message methods to get detailed information about
 16007  // the error.
 16008  //
 16009  // See the AWS API reference guide for AWS Identity and Access Management's
 16010  // API operation UpdateAccountPasswordPolicy for usage and error information.
 16011  //
 16012  // Returned Error Codes:
 16013  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
 16014  //   The request was rejected because it referenced a resource entity that does
 16015  //   not exist. The error message describes the resource.
 16016  //
 16017  //   * ErrCodeMalformedPolicyDocumentException "MalformedPolicyDocument"
 16018  //   The request was rejected because the policy document was malformed. The error
 16019  //   message describes the specific error.
 16020  //
 16021  //   * ErrCodeLimitExceededException "LimitExceeded"
 16022  //   The request was rejected because it attempted to create resources beyond
 16023  //   the current Amazon Web Services account limits. The error message describes
 16024  //   the limit exceeded.
 16025  //
 16026  //   * ErrCodeServiceFailureException "ServiceFailure"
 16027  //   The request processing has failed because of an unknown error, exception
 16028  //   or failure.
 16029  //
 16030  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateAccountPasswordPolicy
 16031  func (c *IAM) UpdateAccountPasswordPolicy(input *UpdateAccountPasswordPolicyInput) (*UpdateAccountPasswordPolicyOutput, error) {
 16032  	req, out := c.UpdateAccountPasswordPolicyRequest(input)
 16033  	return out, req.Send()
 16034  }
 16035  
 16036  // UpdateAccountPasswordPolicyWithContext is the same as UpdateAccountPasswordPolicy with the addition of
 16037  // the ability to pass a context and additional request options.
 16038  //
 16039  // See UpdateAccountPasswordPolicy for details on how to use this API operation.
 16040  //
 16041  // The context must be non-nil and will be used for request cancellation. If
 16042  // the context is nil a panic will occur. In the future the SDK may create
 16043  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 16044  // for more information on using Contexts.
 16045  func (c *IAM) UpdateAccountPasswordPolicyWithContext(ctx aws.Context, input *UpdateAccountPasswordPolicyInput, opts ...request.Option) (*UpdateAccountPasswordPolicyOutput, error) {
 16046  	req, out := c.UpdateAccountPasswordPolicyRequest(input)
 16047  	req.SetContext(ctx)
 16048  	req.ApplyOptions(opts...)
 16049  	return out, req.Send()
 16050  }
 16051  
 16052  const opUpdateAssumeRolePolicy = "UpdateAssumeRolePolicy"
 16053  
 16054  // UpdateAssumeRolePolicyRequest generates a "aws/request.Request" representing the
 16055  // client's request for the UpdateAssumeRolePolicy operation. The "output" return
 16056  // value will be populated with the request's response once the request completes
 16057  // successfully.
 16058  //
 16059  // Use "Send" method on the returned Request to send the API call to the service.
 16060  // the "output" return value is not valid until after Send returns without error.
 16061  //
 16062  // See UpdateAssumeRolePolicy for more information on using the UpdateAssumeRolePolicy
 16063  // API call, and error handling.
 16064  //
 16065  // This method is useful when you want to inject custom logic or configuration
 16066  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
 16067  //
 16068  //
 16069  //    // Example sending a request using the UpdateAssumeRolePolicyRequest method.
 16070  //    req, resp := client.UpdateAssumeRolePolicyRequest(params)
 16071  //
 16072  //    err := req.Send()
 16073  //    if err == nil { // resp is now filled
 16074  //        fmt.Println(resp)
 16075  //    }
 16076  //
 16077  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateAssumeRolePolicy
 16078  func (c *IAM) UpdateAssumeRolePolicyRequest(input *UpdateAssumeRolePolicyInput) (req *request.Request, output *UpdateAssumeRolePolicyOutput) {
 16079  	op := &request.Operation{
 16080  		Name:       opUpdateAssumeRolePolicy,
 16081  		HTTPMethod: "POST",
 16082  		HTTPPath:   "/",
 16083  	}
 16084  
 16085  	if input == nil {
 16086  		input = &UpdateAssumeRolePolicyInput{}
 16087  	}
 16088  
 16089  	output = &UpdateAssumeRolePolicyOutput{}
 16090  	req = c.newRequest(op, input, output)
 16091  	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
 16092  	return
 16093  }
 16094  
 16095  // UpdateAssumeRolePolicy API operation for AWS Identity and Access Management.
 16096  //
 16097  // Updates the policy that grants an IAM entity permission to assume a role.
 16098  // This is typically referred to as the "role trust policy". For more information
 16099  // about roles, see Using roles to delegate permissions and federate identities
 16100  // (https://docs.aws.amazon.com/IAM/latest/UserGuide/roles-toplevel.html).
 16101  //
 16102  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 16103  // with awserr.Error's Code and Message methods to get detailed information about
 16104  // the error.
 16105  //
 16106  // See the AWS API reference guide for AWS Identity and Access Management's
 16107  // API operation UpdateAssumeRolePolicy for usage and error information.
 16108  //
 16109  // Returned Error Codes:
 16110  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
 16111  //   The request was rejected because it referenced a resource entity that does
 16112  //   not exist. The error message describes the resource.
 16113  //
 16114  //   * ErrCodeMalformedPolicyDocumentException "MalformedPolicyDocument"
 16115  //   The request was rejected because the policy document was malformed. The error
 16116  //   message describes the specific error.
 16117  //
 16118  //   * ErrCodeLimitExceededException "LimitExceeded"
 16119  //   The request was rejected because it attempted to create resources beyond
 16120  //   the current Amazon Web Services account limits. The error message describes
 16121  //   the limit exceeded.
 16122  //
 16123  //   * ErrCodeUnmodifiableEntityException "UnmodifiableEntity"
 16124  //   The request was rejected because only the service that depends on the service-linked
 16125  //   role can modify or delete the role on your behalf. The error message includes
 16126  //   the name of the service that depends on this service-linked role. You must
 16127  //   request the change through that service.
 16128  //
 16129  //   * ErrCodeServiceFailureException "ServiceFailure"
 16130  //   The request processing has failed because of an unknown error, exception
 16131  //   or failure.
 16132  //
 16133  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateAssumeRolePolicy
 16134  func (c *IAM) UpdateAssumeRolePolicy(input *UpdateAssumeRolePolicyInput) (*UpdateAssumeRolePolicyOutput, error) {
 16135  	req, out := c.UpdateAssumeRolePolicyRequest(input)
 16136  	return out, req.Send()
 16137  }
 16138  
 16139  // UpdateAssumeRolePolicyWithContext is the same as UpdateAssumeRolePolicy with the addition of
 16140  // the ability to pass a context and additional request options.
 16141  //
 16142  // See UpdateAssumeRolePolicy for details on how to use this API operation.
 16143  //
 16144  // The context must be non-nil and will be used for request cancellation. If
 16145  // the context is nil a panic will occur. In the future the SDK may create
 16146  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 16147  // for more information on using Contexts.
 16148  func (c *IAM) UpdateAssumeRolePolicyWithContext(ctx aws.Context, input *UpdateAssumeRolePolicyInput, opts ...request.Option) (*UpdateAssumeRolePolicyOutput, error) {
 16149  	req, out := c.UpdateAssumeRolePolicyRequest(input)
 16150  	req.SetContext(ctx)
 16151  	req.ApplyOptions(opts...)
 16152  	return out, req.Send()
 16153  }
 16154  
 16155  const opUpdateGroup = "UpdateGroup"
 16156  
 16157  // UpdateGroupRequest generates a "aws/request.Request" representing the
 16158  // client's request for the UpdateGroup operation. The "output" return
 16159  // value will be populated with the request's response once the request completes
 16160  // successfully.
 16161  //
 16162  // Use "Send" method on the returned Request to send the API call to the service.
 16163  // the "output" return value is not valid until after Send returns without error.
 16164  //
 16165  // See UpdateGroup for more information on using the UpdateGroup
 16166  // API call, and error handling.
 16167  //
 16168  // This method is useful when you want to inject custom logic or configuration
 16169  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
 16170  //
 16171  //
 16172  //    // Example sending a request using the UpdateGroupRequest method.
 16173  //    req, resp := client.UpdateGroupRequest(params)
 16174  //
 16175  //    err := req.Send()
 16176  //    if err == nil { // resp is now filled
 16177  //        fmt.Println(resp)
 16178  //    }
 16179  //
 16180  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateGroup
 16181  func (c *IAM) UpdateGroupRequest(input *UpdateGroupInput) (req *request.Request, output *UpdateGroupOutput) {
 16182  	op := &request.Operation{
 16183  		Name:       opUpdateGroup,
 16184  		HTTPMethod: "POST",
 16185  		HTTPPath:   "/",
 16186  	}
 16187  
 16188  	if input == nil {
 16189  		input = &UpdateGroupInput{}
 16190  	}
 16191  
 16192  	output = &UpdateGroupOutput{}
 16193  	req = c.newRequest(op, input, output)
 16194  	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
 16195  	return
 16196  }
 16197  
 16198  // UpdateGroup API operation for AWS Identity and Access Management.
 16199  //
 16200  // Updates the name and/or the path of the specified IAM group.
 16201  //
 16202  // You should understand the implications of changing a group's path or name.
 16203  // For more information, see Renaming users and groups (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_WorkingWithGroupsAndUsers.html)
 16204  // in the IAM User Guide.
 16205  //
 16206  // The person making the request (the principal), must have permission to change
 16207  // the role group with the old name and the new name. For example, to change
 16208  // the group named Managers to MGRs, the principal must have a policy that allows
 16209  // them to update both groups. If the principal has permission to update the
 16210  // Managers group, but not the MGRs group, then the update fails. For more information
 16211  // about permissions, see Access management (https://docs.aws.amazon.com/IAM/latest/UserGuide/access.html).
 16212  //
 16213  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 16214  // with awserr.Error's Code and Message methods to get detailed information about
 16215  // the error.
 16216  //
 16217  // See the AWS API reference guide for AWS Identity and Access Management's
 16218  // API operation UpdateGroup for usage and error information.
 16219  //
 16220  // Returned Error Codes:
 16221  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
 16222  //   The request was rejected because it referenced a resource entity that does
 16223  //   not exist. The error message describes the resource.
 16224  //
 16225  //   * ErrCodeEntityAlreadyExistsException "EntityAlreadyExists"
 16226  //   The request was rejected because it attempted to create a resource that already
 16227  //   exists.
 16228  //
 16229  //   * ErrCodeLimitExceededException "LimitExceeded"
 16230  //   The request was rejected because it attempted to create resources beyond
 16231  //   the current Amazon Web Services account limits. The error message describes
 16232  //   the limit exceeded.
 16233  //
 16234  //   * ErrCodeServiceFailureException "ServiceFailure"
 16235  //   The request processing has failed because of an unknown error, exception
 16236  //   or failure.
 16237  //
 16238  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateGroup
 16239  func (c *IAM) UpdateGroup(input *UpdateGroupInput) (*UpdateGroupOutput, error) {
 16240  	req, out := c.UpdateGroupRequest(input)
 16241  	return out, req.Send()
 16242  }
 16243  
 16244  // UpdateGroupWithContext is the same as UpdateGroup with the addition of
 16245  // the ability to pass a context and additional request options.
 16246  //
 16247  // See UpdateGroup for details on how to use this API operation.
 16248  //
 16249  // The context must be non-nil and will be used for request cancellation. If
 16250  // the context is nil a panic will occur. In the future the SDK may create
 16251  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 16252  // for more information on using Contexts.
 16253  func (c *IAM) UpdateGroupWithContext(ctx aws.Context, input *UpdateGroupInput, opts ...request.Option) (*UpdateGroupOutput, error) {
 16254  	req, out := c.UpdateGroupRequest(input)
 16255  	req.SetContext(ctx)
 16256  	req.ApplyOptions(opts...)
 16257  	return out, req.Send()
 16258  }
 16259  
 16260  const opUpdateLoginProfile = "UpdateLoginProfile"
 16261  
 16262  // UpdateLoginProfileRequest generates a "aws/request.Request" representing the
 16263  // client's request for the UpdateLoginProfile operation. The "output" return
 16264  // value will be populated with the request's response once the request completes
 16265  // successfully.
 16266  //
 16267  // Use "Send" method on the returned Request to send the API call to the service.
 16268  // the "output" return value is not valid until after Send returns without error.
 16269  //
 16270  // See UpdateLoginProfile for more information on using the UpdateLoginProfile
 16271  // API call, and error handling.
 16272  //
 16273  // This method is useful when you want to inject custom logic or configuration
 16274  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
 16275  //
 16276  //
 16277  //    // Example sending a request using the UpdateLoginProfileRequest method.
 16278  //    req, resp := client.UpdateLoginProfileRequest(params)
 16279  //
 16280  //    err := req.Send()
 16281  //    if err == nil { // resp is now filled
 16282  //        fmt.Println(resp)
 16283  //    }
 16284  //
 16285  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateLoginProfile
 16286  func (c *IAM) UpdateLoginProfileRequest(input *UpdateLoginProfileInput) (req *request.Request, output *UpdateLoginProfileOutput) {
 16287  	op := &request.Operation{
 16288  		Name:       opUpdateLoginProfile,
 16289  		HTTPMethod: "POST",
 16290  		HTTPPath:   "/",
 16291  	}
 16292  
 16293  	if input == nil {
 16294  		input = &UpdateLoginProfileInput{}
 16295  	}
 16296  
 16297  	output = &UpdateLoginProfileOutput{}
 16298  	req = c.newRequest(op, input, output)
 16299  	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
 16300  	return
 16301  }
 16302  
 16303  // UpdateLoginProfile API operation for AWS Identity and Access Management.
 16304  //
 16305  // Changes the password for the specified IAM user. You can use the CLI, the
 16306  // Amazon Web Services API, or the Users page in the IAM console to change the
 16307  // password for any IAM user. Use ChangePassword to change your own password
 16308  // in the My Security Credentials page in the Amazon Web Services Management
 16309  // Console.
 16310  //
 16311  // For more information about modifying passwords, see Managing passwords (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_ManagingLogins.html)
 16312  // in the IAM User Guide.
 16313  //
 16314  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 16315  // with awserr.Error's Code and Message methods to get detailed information about
 16316  // the error.
 16317  //
 16318  // See the AWS API reference guide for AWS Identity and Access Management's
 16319  // API operation UpdateLoginProfile for usage and error information.
 16320  //
 16321  // Returned Error Codes:
 16322  //   * ErrCodeEntityTemporarilyUnmodifiableException "EntityTemporarilyUnmodifiable"
 16323  //   The request was rejected because it referenced an entity that is temporarily
 16324  //   unmodifiable, such as a user name that was deleted and then recreated. The
 16325  //   error indicates that the request is likely to succeed if you try again after
 16326  //   waiting several minutes. The error message describes the entity.
 16327  //
 16328  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
 16329  //   The request was rejected because it referenced a resource entity that does
 16330  //   not exist. The error message describes the resource.
 16331  //
 16332  //   * ErrCodePasswordPolicyViolationException "PasswordPolicyViolation"
 16333  //   The request was rejected because the provided password did not meet the requirements
 16334  //   imposed by the account password policy.
 16335  //
 16336  //   * ErrCodeLimitExceededException "LimitExceeded"
 16337  //   The request was rejected because it attempted to create resources beyond
 16338  //   the current Amazon Web Services account limits. The error message describes
 16339  //   the limit exceeded.
 16340  //
 16341  //   * ErrCodeServiceFailureException "ServiceFailure"
 16342  //   The request processing has failed because of an unknown error, exception
 16343  //   or failure.
 16344  //
 16345  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateLoginProfile
 16346  func (c *IAM) UpdateLoginProfile(input *UpdateLoginProfileInput) (*UpdateLoginProfileOutput, error) {
 16347  	req, out := c.UpdateLoginProfileRequest(input)
 16348  	return out, req.Send()
 16349  }
 16350  
 16351  // UpdateLoginProfileWithContext is the same as UpdateLoginProfile with the addition of
 16352  // the ability to pass a context and additional request options.
 16353  //
 16354  // See UpdateLoginProfile for details on how to use this API operation.
 16355  //
 16356  // The context must be non-nil and will be used for request cancellation. If
 16357  // the context is nil a panic will occur. In the future the SDK may create
 16358  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 16359  // for more information on using Contexts.
 16360  func (c *IAM) UpdateLoginProfileWithContext(ctx aws.Context, input *UpdateLoginProfileInput, opts ...request.Option) (*UpdateLoginProfileOutput, error) {
 16361  	req, out := c.UpdateLoginProfileRequest(input)
 16362  	req.SetContext(ctx)
 16363  	req.ApplyOptions(opts...)
 16364  	return out, req.Send()
 16365  }
 16366  
 16367  const opUpdateOpenIDConnectProviderThumbprint = "UpdateOpenIDConnectProviderThumbprint"
 16368  
 16369  // UpdateOpenIDConnectProviderThumbprintRequest generates a "aws/request.Request" representing the
 16370  // client's request for the UpdateOpenIDConnectProviderThumbprint operation. The "output" return
 16371  // value will be populated with the request's response once the request completes
 16372  // successfully.
 16373  //
 16374  // Use "Send" method on the returned Request to send the API call to the service.
 16375  // the "output" return value is not valid until after Send returns without error.
 16376  //
 16377  // See UpdateOpenIDConnectProviderThumbprint for more information on using the UpdateOpenIDConnectProviderThumbprint
 16378  // API call, and error handling.
 16379  //
 16380  // This method is useful when you want to inject custom logic or configuration
 16381  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
 16382  //
 16383  //
 16384  //    // Example sending a request using the UpdateOpenIDConnectProviderThumbprintRequest method.
 16385  //    req, resp := client.UpdateOpenIDConnectProviderThumbprintRequest(params)
 16386  //
 16387  //    err := req.Send()
 16388  //    if err == nil { // resp is now filled
 16389  //        fmt.Println(resp)
 16390  //    }
 16391  //
 16392  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateOpenIDConnectProviderThumbprint
 16393  func (c *IAM) UpdateOpenIDConnectProviderThumbprintRequest(input *UpdateOpenIDConnectProviderThumbprintInput) (req *request.Request, output *UpdateOpenIDConnectProviderThumbprintOutput) {
 16394  	op := &request.Operation{
 16395  		Name:       opUpdateOpenIDConnectProviderThumbprint,
 16396  		HTTPMethod: "POST",
 16397  		HTTPPath:   "/",
 16398  	}
 16399  
 16400  	if input == nil {
 16401  		input = &UpdateOpenIDConnectProviderThumbprintInput{}
 16402  	}
 16403  
 16404  	output = &UpdateOpenIDConnectProviderThumbprintOutput{}
 16405  	req = c.newRequest(op, input, output)
 16406  	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
 16407  	return
 16408  }
 16409  
 16410  // UpdateOpenIDConnectProviderThumbprint API operation for AWS Identity and Access Management.
 16411  //
 16412  // Replaces the existing list of server certificate thumbprints associated with
 16413  // an OpenID Connect (OIDC) provider resource object with a new list of thumbprints.
 16414  //
 16415  // The list that you pass with this operation completely replaces the existing
 16416  // list of thumbprints. (The lists are not merged.)
 16417  //
 16418  // Typically, you need to update a thumbprint only when the identity provider
 16419  // certificate changes, which occurs rarely. However, if the provider's certificate
 16420  // does change, any attempt to assume an IAM role that specifies the OIDC provider
 16421  // as a principal fails until the certificate thumbprint is updated.
 16422  //
 16423  // Amazon Web Services secures communication with some OIDC identity providers
 16424  // (IdPs) through our library of trusted certificate authorities (CAs) instead
 16425  // of using a certificate thumbprint to verify your IdP server certificate.
 16426  // These OIDC IdPs include Google, and those that use an Amazon S3 bucket to
 16427  // host a JSON Web Key Set (JWKS) endpoint. In these cases, your legacy thumbprint
 16428  // remains in your configuration, but is no longer used for validation.
 16429  //
 16430  // Trust for the OIDC provider is derived from the provider certificate and
 16431  // is validated by the thumbprint. Therefore, it is best to limit access to
 16432  // the UpdateOpenIDConnectProviderThumbprint operation to highly privileged
 16433  // users.
 16434  //
 16435  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 16436  // with awserr.Error's Code and Message methods to get detailed information about
 16437  // the error.
 16438  //
 16439  // See the AWS API reference guide for AWS Identity and Access Management's
 16440  // API operation UpdateOpenIDConnectProviderThumbprint for usage and error information.
 16441  //
 16442  // Returned Error Codes:
 16443  //   * ErrCodeInvalidInputException "InvalidInput"
 16444  //   The request was rejected because an invalid or out-of-range value was supplied
 16445  //   for an input parameter.
 16446  //
 16447  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
 16448  //   The request was rejected because it referenced a resource entity that does
 16449  //   not exist. The error message describes the resource.
 16450  //
 16451  //   * ErrCodeServiceFailureException "ServiceFailure"
 16452  //   The request processing has failed because of an unknown error, exception
 16453  //   or failure.
 16454  //
 16455  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateOpenIDConnectProviderThumbprint
 16456  func (c *IAM) UpdateOpenIDConnectProviderThumbprint(input *UpdateOpenIDConnectProviderThumbprintInput) (*UpdateOpenIDConnectProviderThumbprintOutput, error) {
 16457  	req, out := c.UpdateOpenIDConnectProviderThumbprintRequest(input)
 16458  	return out, req.Send()
 16459  }
 16460  
 16461  // UpdateOpenIDConnectProviderThumbprintWithContext is the same as UpdateOpenIDConnectProviderThumbprint with the addition of
 16462  // the ability to pass a context and additional request options.
 16463  //
 16464  // See UpdateOpenIDConnectProviderThumbprint for details on how to use this API operation.
 16465  //
 16466  // The context must be non-nil and will be used for request cancellation. If
 16467  // the context is nil a panic will occur. In the future the SDK may create
 16468  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 16469  // for more information on using Contexts.
 16470  func (c *IAM) UpdateOpenIDConnectProviderThumbprintWithContext(ctx aws.Context, input *UpdateOpenIDConnectProviderThumbprintInput, opts ...request.Option) (*UpdateOpenIDConnectProviderThumbprintOutput, error) {
 16471  	req, out := c.UpdateOpenIDConnectProviderThumbprintRequest(input)
 16472  	req.SetContext(ctx)
 16473  	req.ApplyOptions(opts...)
 16474  	return out, req.Send()
 16475  }
 16476  
 16477  const opUpdateRole = "UpdateRole"
 16478  
 16479  // UpdateRoleRequest generates a "aws/request.Request" representing the
 16480  // client's request for the UpdateRole operation. The "output" return
 16481  // value will be populated with the request's response once the request completes
 16482  // successfully.
 16483  //
 16484  // Use "Send" method on the returned Request to send the API call to the service.
 16485  // the "output" return value is not valid until after Send returns without error.
 16486  //
 16487  // See UpdateRole for more information on using the UpdateRole
 16488  // API call, and error handling.
 16489  //
 16490  // This method is useful when you want to inject custom logic or configuration
 16491  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
 16492  //
 16493  //
 16494  //    // Example sending a request using the UpdateRoleRequest method.
 16495  //    req, resp := client.UpdateRoleRequest(params)
 16496  //
 16497  //    err := req.Send()
 16498  //    if err == nil { // resp is now filled
 16499  //        fmt.Println(resp)
 16500  //    }
 16501  //
 16502  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateRole
 16503  func (c *IAM) UpdateRoleRequest(input *UpdateRoleInput) (req *request.Request, output *UpdateRoleOutput) {
 16504  	op := &request.Operation{
 16505  		Name:       opUpdateRole,
 16506  		HTTPMethod: "POST",
 16507  		HTTPPath:   "/",
 16508  	}
 16509  
 16510  	if input == nil {
 16511  		input = &UpdateRoleInput{}
 16512  	}
 16513  
 16514  	output = &UpdateRoleOutput{}
 16515  	req = c.newRequest(op, input, output)
 16516  	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
 16517  	return
 16518  }
 16519  
 16520  // UpdateRole API operation for AWS Identity and Access Management.
 16521  //
 16522  // Updates the description or maximum session duration setting of a role.
 16523  //
 16524  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 16525  // with awserr.Error's Code and Message methods to get detailed information about
 16526  // the error.
 16527  //
 16528  // See the AWS API reference guide for AWS Identity and Access Management's
 16529  // API operation UpdateRole for usage and error information.
 16530  //
 16531  // Returned Error Codes:
 16532  //   * ErrCodeUnmodifiableEntityException "UnmodifiableEntity"
 16533  //   The request was rejected because only the service that depends on the service-linked
 16534  //   role can modify or delete the role on your behalf. The error message includes
 16535  //   the name of the service that depends on this service-linked role. You must
 16536  //   request the change through that service.
 16537  //
 16538  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
 16539  //   The request was rejected because it referenced a resource entity that does
 16540  //   not exist. The error message describes the resource.
 16541  //
 16542  //   * ErrCodeServiceFailureException "ServiceFailure"
 16543  //   The request processing has failed because of an unknown error, exception
 16544  //   or failure.
 16545  //
 16546  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateRole
 16547  func (c *IAM) UpdateRole(input *UpdateRoleInput) (*UpdateRoleOutput, error) {
 16548  	req, out := c.UpdateRoleRequest(input)
 16549  	return out, req.Send()
 16550  }
 16551  
 16552  // UpdateRoleWithContext is the same as UpdateRole with the addition of
 16553  // the ability to pass a context and additional request options.
 16554  //
 16555  // See UpdateRole for details on how to use this API operation.
 16556  //
 16557  // The context must be non-nil and will be used for request cancellation. If
 16558  // the context is nil a panic will occur. In the future the SDK may create
 16559  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 16560  // for more information on using Contexts.
 16561  func (c *IAM) UpdateRoleWithContext(ctx aws.Context, input *UpdateRoleInput, opts ...request.Option) (*UpdateRoleOutput, error) {
 16562  	req, out := c.UpdateRoleRequest(input)
 16563  	req.SetContext(ctx)
 16564  	req.ApplyOptions(opts...)
 16565  	return out, req.Send()
 16566  }
 16567  
 16568  const opUpdateRoleDescription = "UpdateRoleDescription"
 16569  
 16570  // UpdateRoleDescriptionRequest generates a "aws/request.Request" representing the
 16571  // client's request for the UpdateRoleDescription operation. The "output" return
 16572  // value will be populated with the request's response once the request completes
 16573  // successfully.
 16574  //
 16575  // Use "Send" method on the returned Request to send the API call to the service.
 16576  // the "output" return value is not valid until after Send returns without error.
 16577  //
 16578  // See UpdateRoleDescription for more information on using the UpdateRoleDescription
 16579  // API call, and error handling.
 16580  //
 16581  // This method is useful when you want to inject custom logic or configuration
 16582  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
 16583  //
 16584  //
 16585  //    // Example sending a request using the UpdateRoleDescriptionRequest method.
 16586  //    req, resp := client.UpdateRoleDescriptionRequest(params)
 16587  //
 16588  //    err := req.Send()
 16589  //    if err == nil { // resp is now filled
 16590  //        fmt.Println(resp)
 16591  //    }
 16592  //
 16593  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateRoleDescription
 16594  func (c *IAM) UpdateRoleDescriptionRequest(input *UpdateRoleDescriptionInput) (req *request.Request, output *UpdateRoleDescriptionOutput) {
 16595  	op := &request.Operation{
 16596  		Name:       opUpdateRoleDescription,
 16597  		HTTPMethod: "POST",
 16598  		HTTPPath:   "/",
 16599  	}
 16600  
 16601  	if input == nil {
 16602  		input = &UpdateRoleDescriptionInput{}
 16603  	}
 16604  
 16605  	output = &UpdateRoleDescriptionOutput{}
 16606  	req = c.newRequest(op, input, output)
 16607  	return
 16608  }
 16609  
 16610  // UpdateRoleDescription API operation for AWS Identity and Access Management.
 16611  //
 16612  // Use UpdateRole instead.
 16613  //
 16614  // Modifies only the description of a role. This operation performs the same
 16615  // function as the Description parameter in the UpdateRole operation.
 16616  //
 16617  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 16618  // with awserr.Error's Code and Message methods to get detailed information about
 16619  // the error.
 16620  //
 16621  // See the AWS API reference guide for AWS Identity and Access Management's
 16622  // API operation UpdateRoleDescription for usage and error information.
 16623  //
 16624  // Returned Error Codes:
 16625  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
 16626  //   The request was rejected because it referenced a resource entity that does
 16627  //   not exist. The error message describes the resource.
 16628  //
 16629  //   * ErrCodeUnmodifiableEntityException "UnmodifiableEntity"
 16630  //   The request was rejected because only the service that depends on the service-linked
 16631  //   role can modify or delete the role on your behalf. The error message includes
 16632  //   the name of the service that depends on this service-linked role. You must
 16633  //   request the change through that service.
 16634  //
 16635  //   * ErrCodeServiceFailureException "ServiceFailure"
 16636  //   The request processing has failed because of an unknown error, exception
 16637  //   or failure.
 16638  //
 16639  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateRoleDescription
 16640  func (c *IAM) UpdateRoleDescription(input *UpdateRoleDescriptionInput) (*UpdateRoleDescriptionOutput, error) {
 16641  	req, out := c.UpdateRoleDescriptionRequest(input)
 16642  	return out, req.Send()
 16643  }
 16644  
 16645  // UpdateRoleDescriptionWithContext is the same as UpdateRoleDescription with the addition of
 16646  // the ability to pass a context and additional request options.
 16647  //
 16648  // See UpdateRoleDescription for details on how to use this API operation.
 16649  //
 16650  // The context must be non-nil and will be used for request cancellation. If
 16651  // the context is nil a panic will occur. In the future the SDK may create
 16652  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 16653  // for more information on using Contexts.
 16654  func (c *IAM) UpdateRoleDescriptionWithContext(ctx aws.Context, input *UpdateRoleDescriptionInput, opts ...request.Option) (*UpdateRoleDescriptionOutput, error) {
 16655  	req, out := c.UpdateRoleDescriptionRequest(input)
 16656  	req.SetContext(ctx)
 16657  	req.ApplyOptions(opts...)
 16658  	return out, req.Send()
 16659  }
 16660  
 16661  const opUpdateSAMLProvider = "UpdateSAMLProvider"
 16662  
 16663  // UpdateSAMLProviderRequest generates a "aws/request.Request" representing the
 16664  // client's request for the UpdateSAMLProvider operation. The "output" return
 16665  // value will be populated with the request's response once the request completes
 16666  // successfully.
 16667  //
 16668  // Use "Send" method on the returned Request to send the API call to the service.
 16669  // the "output" return value is not valid until after Send returns without error.
 16670  //
 16671  // See UpdateSAMLProvider for more information on using the UpdateSAMLProvider
 16672  // API call, and error handling.
 16673  //
 16674  // This method is useful when you want to inject custom logic or configuration
 16675  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
 16676  //
 16677  //
 16678  //    // Example sending a request using the UpdateSAMLProviderRequest method.
 16679  //    req, resp := client.UpdateSAMLProviderRequest(params)
 16680  //
 16681  //    err := req.Send()
 16682  //    if err == nil { // resp is now filled
 16683  //        fmt.Println(resp)
 16684  //    }
 16685  //
 16686  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateSAMLProvider
 16687  func (c *IAM) UpdateSAMLProviderRequest(input *UpdateSAMLProviderInput) (req *request.Request, output *UpdateSAMLProviderOutput) {
 16688  	op := &request.Operation{
 16689  		Name:       opUpdateSAMLProvider,
 16690  		HTTPMethod: "POST",
 16691  		HTTPPath:   "/",
 16692  	}
 16693  
 16694  	if input == nil {
 16695  		input = &UpdateSAMLProviderInput{}
 16696  	}
 16697  
 16698  	output = &UpdateSAMLProviderOutput{}
 16699  	req = c.newRequest(op, input, output)
 16700  	return
 16701  }
 16702  
 16703  // UpdateSAMLProvider API operation for AWS Identity and Access Management.
 16704  //
 16705  // Updates the metadata document for an existing SAML provider resource object.
 16706  //
 16707  // This operation requires Signature Version 4 (https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html).
 16708  //
 16709  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 16710  // with awserr.Error's Code and Message methods to get detailed information about
 16711  // the error.
 16712  //
 16713  // See the AWS API reference guide for AWS Identity and Access Management's
 16714  // API operation UpdateSAMLProvider for usage and error information.
 16715  //
 16716  // Returned Error Codes:
 16717  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
 16718  //   The request was rejected because it referenced a resource entity that does
 16719  //   not exist. The error message describes the resource.
 16720  //
 16721  //   * ErrCodeInvalidInputException "InvalidInput"
 16722  //   The request was rejected because an invalid or out-of-range value was supplied
 16723  //   for an input parameter.
 16724  //
 16725  //   * ErrCodeLimitExceededException "LimitExceeded"
 16726  //   The request was rejected because it attempted to create resources beyond
 16727  //   the current Amazon Web Services account limits. The error message describes
 16728  //   the limit exceeded.
 16729  //
 16730  //   * ErrCodeServiceFailureException "ServiceFailure"
 16731  //   The request processing has failed because of an unknown error, exception
 16732  //   or failure.
 16733  //
 16734  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateSAMLProvider
 16735  func (c *IAM) UpdateSAMLProvider(input *UpdateSAMLProviderInput) (*UpdateSAMLProviderOutput, error) {
 16736  	req, out := c.UpdateSAMLProviderRequest(input)
 16737  	return out, req.Send()
 16738  }
 16739  
 16740  // UpdateSAMLProviderWithContext is the same as UpdateSAMLProvider with the addition of
 16741  // the ability to pass a context and additional request options.
 16742  //
 16743  // See UpdateSAMLProvider for details on how to use this API operation.
 16744  //
 16745  // The context must be non-nil and will be used for request cancellation. If
 16746  // the context is nil a panic will occur. In the future the SDK may create
 16747  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 16748  // for more information on using Contexts.
 16749  func (c *IAM) UpdateSAMLProviderWithContext(ctx aws.Context, input *UpdateSAMLProviderInput, opts ...request.Option) (*UpdateSAMLProviderOutput, error) {
 16750  	req, out := c.UpdateSAMLProviderRequest(input)
 16751  	req.SetContext(ctx)
 16752  	req.ApplyOptions(opts...)
 16753  	return out, req.Send()
 16754  }
 16755  
 16756  const opUpdateSSHPublicKey = "UpdateSSHPublicKey"
 16757  
 16758  // UpdateSSHPublicKeyRequest generates a "aws/request.Request" representing the
 16759  // client's request for the UpdateSSHPublicKey operation. The "output" return
 16760  // value will be populated with the request's response once the request completes
 16761  // successfully.
 16762  //
 16763  // Use "Send" method on the returned Request to send the API call to the service.
 16764  // the "output" return value is not valid until after Send returns without error.
 16765  //
 16766  // See UpdateSSHPublicKey for more information on using the UpdateSSHPublicKey
 16767  // API call, and error handling.
 16768  //
 16769  // This method is useful when you want to inject custom logic or configuration
 16770  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
 16771  //
 16772  //
 16773  //    // Example sending a request using the UpdateSSHPublicKeyRequest method.
 16774  //    req, resp := client.UpdateSSHPublicKeyRequest(params)
 16775  //
 16776  //    err := req.Send()
 16777  //    if err == nil { // resp is now filled
 16778  //        fmt.Println(resp)
 16779  //    }
 16780  //
 16781  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateSSHPublicKey
 16782  func (c *IAM) UpdateSSHPublicKeyRequest(input *UpdateSSHPublicKeyInput) (req *request.Request, output *UpdateSSHPublicKeyOutput) {
 16783  	op := &request.Operation{
 16784  		Name:       opUpdateSSHPublicKey,
 16785  		HTTPMethod: "POST",
 16786  		HTTPPath:   "/",
 16787  	}
 16788  
 16789  	if input == nil {
 16790  		input = &UpdateSSHPublicKeyInput{}
 16791  	}
 16792  
 16793  	output = &UpdateSSHPublicKeyOutput{}
 16794  	req = c.newRequest(op, input, output)
 16795  	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
 16796  	return
 16797  }
 16798  
 16799  // UpdateSSHPublicKey API operation for AWS Identity and Access Management.
 16800  //
 16801  // Sets the status of an IAM user's SSH public key to active or inactive. SSH
 16802  // public keys that are inactive cannot be used for authentication. This operation
 16803  // can be used to disable a user's SSH public key as part of a key rotation
 16804  // work flow.
 16805  //
 16806  // The SSH public key affected by this operation is used only for authenticating
 16807  // the associated IAM user to an CodeCommit repository. For more information
 16808  // about using SSH keys to authenticate to an CodeCommit repository, see Set
 16809  // up CodeCommit for SSH connections (https://docs.aws.amazon.com/codecommit/latest/userguide/setting-up-credentials-ssh.html)
 16810  // in the CodeCommit User Guide.
 16811  //
 16812  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 16813  // with awserr.Error's Code and Message methods to get detailed information about
 16814  // the error.
 16815  //
 16816  // See the AWS API reference guide for AWS Identity and Access Management's
 16817  // API operation UpdateSSHPublicKey for usage and error information.
 16818  //
 16819  // Returned Error Codes:
 16820  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
 16821  //   The request was rejected because it referenced a resource entity that does
 16822  //   not exist. The error message describes the resource.
 16823  //
 16824  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateSSHPublicKey
 16825  func (c *IAM) UpdateSSHPublicKey(input *UpdateSSHPublicKeyInput) (*UpdateSSHPublicKeyOutput, error) {
 16826  	req, out := c.UpdateSSHPublicKeyRequest(input)
 16827  	return out, req.Send()
 16828  }
 16829  
 16830  // UpdateSSHPublicKeyWithContext is the same as UpdateSSHPublicKey with the addition of
 16831  // the ability to pass a context and additional request options.
 16832  //
 16833  // See UpdateSSHPublicKey for details on how to use this API operation.
 16834  //
 16835  // The context must be non-nil and will be used for request cancellation. If
 16836  // the context is nil a panic will occur. In the future the SDK may create
 16837  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 16838  // for more information on using Contexts.
 16839  func (c *IAM) UpdateSSHPublicKeyWithContext(ctx aws.Context, input *UpdateSSHPublicKeyInput, opts ...request.Option) (*UpdateSSHPublicKeyOutput, error) {
 16840  	req, out := c.UpdateSSHPublicKeyRequest(input)
 16841  	req.SetContext(ctx)
 16842  	req.ApplyOptions(opts...)
 16843  	return out, req.Send()
 16844  }
 16845  
 16846  const opUpdateServerCertificate = "UpdateServerCertificate"
 16847  
 16848  // UpdateServerCertificateRequest generates a "aws/request.Request" representing the
 16849  // client's request for the UpdateServerCertificate operation. The "output" return
 16850  // value will be populated with the request's response once the request completes
 16851  // successfully.
 16852  //
 16853  // Use "Send" method on the returned Request to send the API call to the service.
 16854  // the "output" return value is not valid until after Send returns without error.
 16855  //
 16856  // See UpdateServerCertificate for more information on using the UpdateServerCertificate
 16857  // API call, and error handling.
 16858  //
 16859  // This method is useful when you want to inject custom logic or configuration
 16860  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
 16861  //
 16862  //
 16863  //    // Example sending a request using the UpdateServerCertificateRequest method.
 16864  //    req, resp := client.UpdateServerCertificateRequest(params)
 16865  //
 16866  //    err := req.Send()
 16867  //    if err == nil { // resp is now filled
 16868  //        fmt.Println(resp)
 16869  //    }
 16870  //
 16871  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateServerCertificate
 16872  func (c *IAM) UpdateServerCertificateRequest(input *UpdateServerCertificateInput) (req *request.Request, output *UpdateServerCertificateOutput) {
 16873  	op := &request.Operation{
 16874  		Name:       opUpdateServerCertificate,
 16875  		HTTPMethod: "POST",
 16876  		HTTPPath:   "/",
 16877  	}
 16878  
 16879  	if input == nil {
 16880  		input = &UpdateServerCertificateInput{}
 16881  	}
 16882  
 16883  	output = &UpdateServerCertificateOutput{}
 16884  	req = c.newRequest(op, input, output)
 16885  	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
 16886  	return
 16887  }
 16888  
 16889  // UpdateServerCertificate API operation for AWS Identity and Access Management.
 16890  //
 16891  // Updates the name and/or the path of the specified server certificate stored
 16892  // in IAM.
 16893  //
 16894  // For more information about working with server certificates, see Working
 16895  // with server certificates (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_server-certs.html)
 16896  // in the IAM User Guide. This topic also includes a list of Amazon Web Services
 16897  // services that can use the server certificates that you manage with IAM.
 16898  //
 16899  // You should understand the implications of changing a server certificate's
 16900  // path or name. For more information, see Renaming a server certificate (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_server-certs_manage.html#RenamingServerCerts)
 16901  // in the IAM User Guide.
 16902  //
 16903  // The person making the request (the principal), must have permission to change
 16904  // the server certificate with the old name and the new name. For example, to
 16905  // change the certificate named ProductionCert to ProdCert, the principal must
 16906  // have a policy that allows them to update both certificates. If the principal
 16907  // has permission to update the ProductionCert group, but not the ProdCert certificate,
 16908  // then the update fails. For more information about permissions, see Access
 16909  // management (https://docs.aws.amazon.com/IAM/latest/UserGuide/access.html)
 16910  // in the IAM User Guide.
 16911  //
 16912  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 16913  // with awserr.Error's Code and Message methods to get detailed information about
 16914  // the error.
 16915  //
 16916  // See the AWS API reference guide for AWS Identity and Access Management's
 16917  // API operation UpdateServerCertificate for usage and error information.
 16918  //
 16919  // Returned Error Codes:
 16920  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
 16921  //   The request was rejected because it referenced a resource entity that does
 16922  //   not exist. The error message describes the resource.
 16923  //
 16924  //   * ErrCodeEntityAlreadyExistsException "EntityAlreadyExists"
 16925  //   The request was rejected because it attempted to create a resource that already
 16926  //   exists.
 16927  //
 16928  //   * ErrCodeLimitExceededException "LimitExceeded"
 16929  //   The request was rejected because it attempted to create resources beyond
 16930  //   the current Amazon Web Services account limits. The error message describes
 16931  //   the limit exceeded.
 16932  //
 16933  //   * ErrCodeServiceFailureException "ServiceFailure"
 16934  //   The request processing has failed because of an unknown error, exception
 16935  //   or failure.
 16936  //
 16937  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateServerCertificate
 16938  func (c *IAM) UpdateServerCertificate(input *UpdateServerCertificateInput) (*UpdateServerCertificateOutput, error) {
 16939  	req, out := c.UpdateServerCertificateRequest(input)
 16940  	return out, req.Send()
 16941  }
 16942  
 16943  // UpdateServerCertificateWithContext is the same as UpdateServerCertificate with the addition of
 16944  // the ability to pass a context and additional request options.
 16945  //
 16946  // See UpdateServerCertificate for details on how to use this API operation.
 16947  //
 16948  // The context must be non-nil and will be used for request cancellation. If
 16949  // the context is nil a panic will occur. In the future the SDK may create
 16950  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 16951  // for more information on using Contexts.
 16952  func (c *IAM) UpdateServerCertificateWithContext(ctx aws.Context, input *UpdateServerCertificateInput, opts ...request.Option) (*UpdateServerCertificateOutput, error) {
 16953  	req, out := c.UpdateServerCertificateRequest(input)
 16954  	req.SetContext(ctx)
 16955  	req.ApplyOptions(opts...)
 16956  	return out, req.Send()
 16957  }
 16958  
 16959  const opUpdateServiceSpecificCredential = "UpdateServiceSpecificCredential"
 16960  
 16961  // UpdateServiceSpecificCredentialRequest generates a "aws/request.Request" representing the
 16962  // client's request for the UpdateServiceSpecificCredential operation. The "output" return
 16963  // value will be populated with the request's response once the request completes
 16964  // successfully.
 16965  //
 16966  // Use "Send" method on the returned Request to send the API call to the service.
 16967  // the "output" return value is not valid until after Send returns without error.
 16968  //
 16969  // See UpdateServiceSpecificCredential for more information on using the UpdateServiceSpecificCredential
 16970  // API call, and error handling.
 16971  //
 16972  // This method is useful when you want to inject custom logic or configuration
 16973  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
 16974  //
 16975  //
 16976  //    // Example sending a request using the UpdateServiceSpecificCredentialRequest method.
 16977  //    req, resp := client.UpdateServiceSpecificCredentialRequest(params)
 16978  //
 16979  //    err := req.Send()
 16980  //    if err == nil { // resp is now filled
 16981  //        fmt.Println(resp)
 16982  //    }
 16983  //
 16984  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateServiceSpecificCredential
 16985  func (c *IAM) UpdateServiceSpecificCredentialRequest(input *UpdateServiceSpecificCredentialInput) (req *request.Request, output *UpdateServiceSpecificCredentialOutput) {
 16986  	op := &request.Operation{
 16987  		Name:       opUpdateServiceSpecificCredential,
 16988  		HTTPMethod: "POST",
 16989  		HTTPPath:   "/",
 16990  	}
 16991  
 16992  	if input == nil {
 16993  		input = &UpdateServiceSpecificCredentialInput{}
 16994  	}
 16995  
 16996  	output = &UpdateServiceSpecificCredentialOutput{}
 16997  	req = c.newRequest(op, input, output)
 16998  	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
 16999  	return
 17000  }
 17001  
 17002  // UpdateServiceSpecificCredential API operation for AWS Identity and Access Management.
 17003  //
 17004  // Sets the status of a service-specific credential to Active or Inactive. Service-specific
 17005  // credentials that are inactive cannot be used for authentication to the service.
 17006  // This operation can be used to disable a user's service-specific credential
 17007  // as part of a credential rotation work flow.
 17008  //
 17009  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 17010  // with awserr.Error's Code and Message methods to get detailed information about
 17011  // the error.
 17012  //
 17013  // See the AWS API reference guide for AWS Identity and Access Management's
 17014  // API operation UpdateServiceSpecificCredential for usage and error information.
 17015  //
 17016  // Returned Error Codes:
 17017  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
 17018  //   The request was rejected because it referenced a resource entity that does
 17019  //   not exist. The error message describes the resource.
 17020  //
 17021  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateServiceSpecificCredential
 17022  func (c *IAM) UpdateServiceSpecificCredential(input *UpdateServiceSpecificCredentialInput) (*UpdateServiceSpecificCredentialOutput, error) {
 17023  	req, out := c.UpdateServiceSpecificCredentialRequest(input)
 17024  	return out, req.Send()
 17025  }
 17026  
 17027  // UpdateServiceSpecificCredentialWithContext is the same as UpdateServiceSpecificCredential with the addition of
 17028  // the ability to pass a context and additional request options.
 17029  //
 17030  // See UpdateServiceSpecificCredential for details on how to use this API operation.
 17031  //
 17032  // The context must be non-nil and will be used for request cancellation. If
 17033  // the context is nil a panic will occur. In the future the SDK may create
 17034  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 17035  // for more information on using Contexts.
 17036  func (c *IAM) UpdateServiceSpecificCredentialWithContext(ctx aws.Context, input *UpdateServiceSpecificCredentialInput, opts ...request.Option) (*UpdateServiceSpecificCredentialOutput, error) {
 17037  	req, out := c.UpdateServiceSpecificCredentialRequest(input)
 17038  	req.SetContext(ctx)
 17039  	req.ApplyOptions(opts...)
 17040  	return out, req.Send()
 17041  }
 17042  
 17043  const opUpdateSigningCertificate = "UpdateSigningCertificate"
 17044  
 17045  // UpdateSigningCertificateRequest generates a "aws/request.Request" representing the
 17046  // client's request for the UpdateSigningCertificate operation. The "output" return
 17047  // value will be populated with the request's response once the request completes
 17048  // successfully.
 17049  //
 17050  // Use "Send" method on the returned Request to send the API call to the service.
 17051  // the "output" return value is not valid until after Send returns without error.
 17052  //
 17053  // See UpdateSigningCertificate for more information on using the UpdateSigningCertificate
 17054  // API call, and error handling.
 17055  //
 17056  // This method is useful when you want to inject custom logic or configuration
 17057  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
 17058  //
 17059  //
 17060  //    // Example sending a request using the UpdateSigningCertificateRequest method.
 17061  //    req, resp := client.UpdateSigningCertificateRequest(params)
 17062  //
 17063  //    err := req.Send()
 17064  //    if err == nil { // resp is now filled
 17065  //        fmt.Println(resp)
 17066  //    }
 17067  //
 17068  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateSigningCertificate
 17069  func (c *IAM) UpdateSigningCertificateRequest(input *UpdateSigningCertificateInput) (req *request.Request, output *UpdateSigningCertificateOutput) {
 17070  	op := &request.Operation{
 17071  		Name:       opUpdateSigningCertificate,
 17072  		HTTPMethod: "POST",
 17073  		HTTPPath:   "/",
 17074  	}
 17075  
 17076  	if input == nil {
 17077  		input = &UpdateSigningCertificateInput{}
 17078  	}
 17079  
 17080  	output = &UpdateSigningCertificateOutput{}
 17081  	req = c.newRequest(op, input, output)
 17082  	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
 17083  	return
 17084  }
 17085  
 17086  // UpdateSigningCertificate API operation for AWS Identity and Access Management.
 17087  //
 17088  // Changes the status of the specified user signing certificate from active
 17089  // to disabled, or vice versa. This operation can be used to disable an IAM
 17090  // user's signing certificate as part of a certificate rotation work flow.
 17091  //
 17092  // If the UserName field is not specified, the user name is determined implicitly
 17093  // based on the Amazon Web Services access key ID used to sign the request.
 17094  // This operation works for access keys under the Amazon Web Services account.
 17095  // Consequently, you can use this operation to manage Amazon Web Services account
 17096  // root user credentials even if the Amazon Web Services account has no associated
 17097  // users.
 17098  //
 17099  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 17100  // with awserr.Error's Code and Message methods to get detailed information about
 17101  // the error.
 17102  //
 17103  // See the AWS API reference guide for AWS Identity and Access Management's
 17104  // API operation UpdateSigningCertificate for usage and error information.
 17105  //
 17106  // Returned Error Codes:
 17107  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
 17108  //   The request was rejected because it referenced a resource entity that does
 17109  //   not exist. The error message describes the resource.
 17110  //
 17111  //   * ErrCodeLimitExceededException "LimitExceeded"
 17112  //   The request was rejected because it attempted to create resources beyond
 17113  //   the current Amazon Web Services account limits. The error message describes
 17114  //   the limit exceeded.
 17115  //
 17116  //   * ErrCodeServiceFailureException "ServiceFailure"
 17117  //   The request processing has failed because of an unknown error, exception
 17118  //   or failure.
 17119  //
 17120  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateSigningCertificate
 17121  func (c *IAM) UpdateSigningCertificate(input *UpdateSigningCertificateInput) (*UpdateSigningCertificateOutput, error) {
 17122  	req, out := c.UpdateSigningCertificateRequest(input)
 17123  	return out, req.Send()
 17124  }
 17125  
 17126  // UpdateSigningCertificateWithContext is the same as UpdateSigningCertificate with the addition of
 17127  // the ability to pass a context and additional request options.
 17128  //
 17129  // See UpdateSigningCertificate for details on how to use this API operation.
 17130  //
 17131  // The context must be non-nil and will be used for request cancellation. If
 17132  // the context is nil a panic will occur. In the future the SDK may create
 17133  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 17134  // for more information on using Contexts.
 17135  func (c *IAM) UpdateSigningCertificateWithContext(ctx aws.Context, input *UpdateSigningCertificateInput, opts ...request.Option) (*UpdateSigningCertificateOutput, error) {
 17136  	req, out := c.UpdateSigningCertificateRequest(input)
 17137  	req.SetContext(ctx)
 17138  	req.ApplyOptions(opts...)
 17139  	return out, req.Send()
 17140  }
 17141  
 17142  const opUpdateUser = "UpdateUser"
 17143  
 17144  // UpdateUserRequest generates a "aws/request.Request" representing the
 17145  // client's request for the UpdateUser operation. The "output" return
 17146  // value will be populated with the request's response once the request completes
 17147  // successfully.
 17148  //
 17149  // Use "Send" method on the returned Request to send the API call to the service.
 17150  // the "output" return value is not valid until after Send returns without error.
 17151  //
 17152  // See UpdateUser for more information on using the UpdateUser
 17153  // API call, and error handling.
 17154  //
 17155  // This method is useful when you want to inject custom logic or configuration
 17156  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
 17157  //
 17158  //
 17159  //    // Example sending a request using the UpdateUserRequest method.
 17160  //    req, resp := client.UpdateUserRequest(params)
 17161  //
 17162  //    err := req.Send()
 17163  //    if err == nil { // resp is now filled
 17164  //        fmt.Println(resp)
 17165  //    }
 17166  //
 17167  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateUser
 17168  func (c *IAM) UpdateUserRequest(input *UpdateUserInput) (req *request.Request, output *UpdateUserOutput) {
 17169  	op := &request.Operation{
 17170  		Name:       opUpdateUser,
 17171  		HTTPMethod: "POST",
 17172  		HTTPPath:   "/",
 17173  	}
 17174  
 17175  	if input == nil {
 17176  		input = &UpdateUserInput{}
 17177  	}
 17178  
 17179  	output = &UpdateUserOutput{}
 17180  	req = c.newRequest(op, input, output)
 17181  	req.Handlers.Unmarshal.Swap(query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
 17182  	return
 17183  }
 17184  
 17185  // UpdateUser API operation for AWS Identity and Access Management.
 17186  //
 17187  // Updates the name and/or the path of the specified IAM user.
 17188  //
 17189  // You should understand the implications of changing an IAM user's path or
 17190  // name. For more information, see Renaming an IAM user (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_users_manage.html#id_users_renaming)
 17191  // and Renaming an IAM group (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_groups_manage_rename.html)
 17192  // in the IAM User Guide.
 17193  //
 17194  // To change a user name, the requester must have appropriate permissions on
 17195  // both the source object and the target object. For example, to change Bob
 17196  // to Robert, the entity making the request must have permission on Bob and
 17197  // Robert, or must have permission on all (*). For more information about permissions,
 17198  // see Permissions and policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/PermissionsAndPolicies.html).
 17199  //
 17200  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 17201  // with awserr.Error's Code and Message methods to get detailed information about
 17202  // the error.
 17203  //
 17204  // See the AWS API reference guide for AWS Identity and Access Management's
 17205  // API operation UpdateUser for usage and error information.
 17206  //
 17207  // Returned Error Codes:
 17208  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
 17209  //   The request was rejected because it referenced a resource entity that does
 17210  //   not exist. The error message describes the resource.
 17211  //
 17212  //   * ErrCodeLimitExceededException "LimitExceeded"
 17213  //   The request was rejected because it attempted to create resources beyond
 17214  //   the current Amazon Web Services account limits. The error message describes
 17215  //   the limit exceeded.
 17216  //
 17217  //   * ErrCodeEntityAlreadyExistsException "EntityAlreadyExists"
 17218  //   The request was rejected because it attempted to create a resource that already
 17219  //   exists.
 17220  //
 17221  //   * ErrCodeEntityTemporarilyUnmodifiableException "EntityTemporarilyUnmodifiable"
 17222  //   The request was rejected because it referenced an entity that is temporarily
 17223  //   unmodifiable, such as a user name that was deleted and then recreated. The
 17224  //   error indicates that the request is likely to succeed if you try again after
 17225  //   waiting several minutes. The error message describes the entity.
 17226  //
 17227  //   * ErrCodeConcurrentModificationException "ConcurrentModification"
 17228  //   The request was rejected because multiple requests to change this object
 17229  //   were submitted simultaneously. Wait a few minutes and submit your request
 17230  //   again.
 17231  //
 17232  //   * ErrCodeServiceFailureException "ServiceFailure"
 17233  //   The request processing has failed because of an unknown error, exception
 17234  //   or failure.
 17235  //
 17236  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateUser
 17237  func (c *IAM) UpdateUser(input *UpdateUserInput) (*UpdateUserOutput, error) {
 17238  	req, out := c.UpdateUserRequest(input)
 17239  	return out, req.Send()
 17240  }
 17241  
 17242  // UpdateUserWithContext is the same as UpdateUser with the addition of
 17243  // the ability to pass a context and additional request options.
 17244  //
 17245  // See UpdateUser for details on how to use this API operation.
 17246  //
 17247  // The context must be non-nil and will be used for request cancellation. If
 17248  // the context is nil a panic will occur. In the future the SDK may create
 17249  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 17250  // for more information on using Contexts.
 17251  func (c *IAM) UpdateUserWithContext(ctx aws.Context, input *UpdateUserInput, opts ...request.Option) (*UpdateUserOutput, error) {
 17252  	req, out := c.UpdateUserRequest(input)
 17253  	req.SetContext(ctx)
 17254  	req.ApplyOptions(opts...)
 17255  	return out, req.Send()
 17256  }
 17257  
 17258  const opUploadSSHPublicKey = "UploadSSHPublicKey"
 17259  
 17260  // UploadSSHPublicKeyRequest generates a "aws/request.Request" representing the
 17261  // client's request for the UploadSSHPublicKey operation. The "output" return
 17262  // value will be populated with the request's response once the request completes
 17263  // successfully.
 17264  //
 17265  // Use "Send" method on the returned Request to send the API call to the service.
 17266  // the "output" return value is not valid until after Send returns without error.
 17267  //
 17268  // See UploadSSHPublicKey for more information on using the UploadSSHPublicKey
 17269  // API call, and error handling.
 17270  //
 17271  // This method is useful when you want to inject custom logic or configuration
 17272  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
 17273  //
 17274  //
 17275  //    // Example sending a request using the UploadSSHPublicKeyRequest method.
 17276  //    req, resp := client.UploadSSHPublicKeyRequest(params)
 17277  //
 17278  //    err := req.Send()
 17279  //    if err == nil { // resp is now filled
 17280  //        fmt.Println(resp)
 17281  //    }
 17282  //
 17283  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UploadSSHPublicKey
 17284  func (c *IAM) UploadSSHPublicKeyRequest(input *UploadSSHPublicKeyInput) (req *request.Request, output *UploadSSHPublicKeyOutput) {
 17285  	op := &request.Operation{
 17286  		Name:       opUploadSSHPublicKey,
 17287  		HTTPMethod: "POST",
 17288  		HTTPPath:   "/",
 17289  	}
 17290  
 17291  	if input == nil {
 17292  		input = &UploadSSHPublicKeyInput{}
 17293  	}
 17294  
 17295  	output = &UploadSSHPublicKeyOutput{}
 17296  	req = c.newRequest(op, input, output)
 17297  	return
 17298  }
 17299  
 17300  // UploadSSHPublicKey API operation for AWS Identity and Access Management.
 17301  //
 17302  // Uploads an SSH public key and associates it with the specified IAM user.
 17303  //
 17304  // The SSH public key uploaded by this operation can be used only for authenticating
 17305  // the associated IAM user to an CodeCommit repository. For more information
 17306  // about using SSH keys to authenticate to an CodeCommit repository, see Set
 17307  // up CodeCommit for SSH connections (https://docs.aws.amazon.com/codecommit/latest/userguide/setting-up-credentials-ssh.html)
 17308  // in the CodeCommit User Guide.
 17309  //
 17310  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 17311  // with awserr.Error's Code and Message methods to get detailed information about
 17312  // the error.
 17313  //
 17314  // See the AWS API reference guide for AWS Identity and Access Management's
 17315  // API operation UploadSSHPublicKey for usage and error information.
 17316  //
 17317  // Returned Error Codes:
 17318  //   * ErrCodeLimitExceededException "LimitExceeded"
 17319  //   The request was rejected because it attempted to create resources beyond
 17320  //   the current Amazon Web Services account limits. The error message describes
 17321  //   the limit exceeded.
 17322  //
 17323  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
 17324  //   The request was rejected because it referenced a resource entity that does
 17325  //   not exist. The error message describes the resource.
 17326  //
 17327  //   * ErrCodeInvalidPublicKeyException "InvalidPublicKey"
 17328  //   The request was rejected because the public key is malformed or otherwise
 17329  //   invalid.
 17330  //
 17331  //   * ErrCodeDuplicateSSHPublicKeyException "DuplicateSSHPublicKey"
 17332  //   The request was rejected because the SSH public key is already associated
 17333  //   with the specified IAM user.
 17334  //
 17335  //   * ErrCodeUnrecognizedPublicKeyEncodingException "UnrecognizedPublicKeyEncoding"
 17336  //   The request was rejected because the public key encoding format is unsupported
 17337  //   or unrecognized.
 17338  //
 17339  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UploadSSHPublicKey
 17340  func (c *IAM) UploadSSHPublicKey(input *UploadSSHPublicKeyInput) (*UploadSSHPublicKeyOutput, error) {
 17341  	req, out := c.UploadSSHPublicKeyRequest(input)
 17342  	return out, req.Send()
 17343  }
 17344  
 17345  // UploadSSHPublicKeyWithContext is the same as UploadSSHPublicKey with the addition of
 17346  // the ability to pass a context and additional request options.
 17347  //
 17348  // See UploadSSHPublicKey for details on how to use this API operation.
 17349  //
 17350  // The context must be non-nil and will be used for request cancellation. If
 17351  // the context is nil a panic will occur. In the future the SDK may create
 17352  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 17353  // for more information on using Contexts.
 17354  func (c *IAM) UploadSSHPublicKeyWithContext(ctx aws.Context, input *UploadSSHPublicKeyInput, opts ...request.Option) (*UploadSSHPublicKeyOutput, error) {
 17355  	req, out := c.UploadSSHPublicKeyRequest(input)
 17356  	req.SetContext(ctx)
 17357  	req.ApplyOptions(opts...)
 17358  	return out, req.Send()
 17359  }
 17360  
 17361  const opUploadServerCertificate = "UploadServerCertificate"
 17362  
 17363  // UploadServerCertificateRequest generates a "aws/request.Request" representing the
 17364  // client's request for the UploadServerCertificate operation. The "output" return
 17365  // value will be populated with the request's response once the request completes
 17366  // successfully.
 17367  //
 17368  // Use "Send" method on the returned Request to send the API call to the service.
 17369  // the "output" return value is not valid until after Send returns without error.
 17370  //
 17371  // See UploadServerCertificate for more information on using the UploadServerCertificate
 17372  // API call, and error handling.
 17373  //
 17374  // This method is useful when you want to inject custom logic or configuration
 17375  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
 17376  //
 17377  //
 17378  //    // Example sending a request using the UploadServerCertificateRequest method.
 17379  //    req, resp := client.UploadServerCertificateRequest(params)
 17380  //
 17381  //    err := req.Send()
 17382  //    if err == nil { // resp is now filled
 17383  //        fmt.Println(resp)
 17384  //    }
 17385  //
 17386  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UploadServerCertificate
 17387  func (c *IAM) UploadServerCertificateRequest(input *UploadServerCertificateInput) (req *request.Request, output *UploadServerCertificateOutput) {
 17388  	op := &request.Operation{
 17389  		Name:       opUploadServerCertificate,
 17390  		HTTPMethod: "POST",
 17391  		HTTPPath:   "/",
 17392  	}
 17393  
 17394  	if input == nil {
 17395  		input = &UploadServerCertificateInput{}
 17396  	}
 17397  
 17398  	output = &UploadServerCertificateOutput{}
 17399  	req = c.newRequest(op, input, output)
 17400  	return
 17401  }
 17402  
 17403  // UploadServerCertificate API operation for AWS Identity and Access Management.
 17404  //
 17405  // Uploads a server certificate entity for the Amazon Web Services account.
 17406  // The server certificate entity includes a public key certificate, a private
 17407  // key, and an optional certificate chain, which should all be PEM-encoded.
 17408  //
 17409  // We recommend that you use Certificate Manager (https://docs.aws.amazon.com/acm/)
 17410  // to provision, manage, and deploy your server certificates. With ACM you can
 17411  // request a certificate, deploy it to Amazon Web Services resources, and let
 17412  // ACM handle certificate renewals for you. Certificates provided by ACM are
 17413  // free. For more information about using ACM, see the Certificate Manager User
 17414  // Guide (https://docs.aws.amazon.com/acm/latest/userguide/).
 17415  //
 17416  // For more information about working with server certificates, see Working
 17417  // with server certificates (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_server-certs.html)
 17418  // in the IAM User Guide. This topic includes a list of Amazon Web Services
 17419  // services that can use the server certificates that you manage with IAM.
 17420  //
 17421  // For information about the number of server certificates you can upload, see
 17422  // IAM and STS quotas (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html)
 17423  // in the IAM User Guide.
 17424  //
 17425  // Because the body of the public key certificate, private key, and the certificate
 17426  // chain can be large, you should use POST rather than GET when calling UploadServerCertificate.
 17427  // For information about setting up signatures and authorization through the
 17428  // API, see Signing Amazon Web Services API requests (https://docs.aws.amazon.com/general/latest/gr/signing_aws_api_requests.html)
 17429  // in the Amazon Web Services General Reference. For general information about
 17430  // using the Query API with IAM, see Calling the API by making HTTP query requests
 17431  // (https://docs.aws.amazon.com/IAM/latest/UserGuide/programming.html) in the
 17432  // IAM User Guide.
 17433  //
 17434  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 17435  // with awserr.Error's Code and Message methods to get detailed information about
 17436  // the error.
 17437  //
 17438  // See the AWS API reference guide for AWS Identity and Access Management's
 17439  // API operation UploadServerCertificate for usage and error information.
 17440  //
 17441  // Returned Error Codes:
 17442  //   * ErrCodeLimitExceededException "LimitExceeded"
 17443  //   The request was rejected because it attempted to create resources beyond
 17444  //   the current Amazon Web Services account limits. The error message describes
 17445  //   the limit exceeded.
 17446  //
 17447  //   * ErrCodeInvalidInputException "InvalidInput"
 17448  //   The request was rejected because an invalid or out-of-range value was supplied
 17449  //   for an input parameter.
 17450  //
 17451  //   * ErrCodeEntityAlreadyExistsException "EntityAlreadyExists"
 17452  //   The request was rejected because it attempted to create a resource that already
 17453  //   exists.
 17454  //
 17455  //   * ErrCodeMalformedCertificateException "MalformedCertificate"
 17456  //   The request was rejected because the certificate was malformed or expired.
 17457  //   The error message describes the specific error.
 17458  //
 17459  //   * ErrCodeKeyPairMismatchException "KeyPairMismatch"
 17460  //   The request was rejected because the public key certificate and the private
 17461  //   key do not match.
 17462  //
 17463  //   * ErrCodeConcurrentModificationException "ConcurrentModification"
 17464  //   The request was rejected because multiple requests to change this object
 17465  //   were submitted simultaneously. Wait a few minutes and submit your request
 17466  //   again.
 17467  //
 17468  //   * ErrCodeServiceFailureException "ServiceFailure"
 17469  //   The request processing has failed because of an unknown error, exception
 17470  //   or failure.
 17471  //
 17472  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UploadServerCertificate
 17473  func (c *IAM) UploadServerCertificate(input *UploadServerCertificateInput) (*UploadServerCertificateOutput, error) {
 17474  	req, out := c.UploadServerCertificateRequest(input)
 17475  	return out, req.Send()
 17476  }
 17477  
 17478  // UploadServerCertificateWithContext is the same as UploadServerCertificate with the addition of
 17479  // the ability to pass a context and additional request options.
 17480  //
 17481  // See UploadServerCertificate for details on how to use this API operation.
 17482  //
 17483  // The context must be non-nil and will be used for request cancellation. If
 17484  // the context is nil a panic will occur. In the future the SDK may create
 17485  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 17486  // for more information on using Contexts.
 17487  func (c *IAM) UploadServerCertificateWithContext(ctx aws.Context, input *UploadServerCertificateInput, opts ...request.Option) (*UploadServerCertificateOutput, error) {
 17488  	req, out := c.UploadServerCertificateRequest(input)
 17489  	req.SetContext(ctx)
 17490  	req.ApplyOptions(opts...)
 17491  	return out, req.Send()
 17492  }
 17493  
 17494  const opUploadSigningCertificate = "UploadSigningCertificate"
 17495  
 17496  // UploadSigningCertificateRequest generates a "aws/request.Request" representing the
 17497  // client's request for the UploadSigningCertificate operation. The "output" return
 17498  // value will be populated with the request's response once the request completes
 17499  // successfully.
 17500  //
 17501  // Use "Send" method on the returned Request to send the API call to the service.
 17502  // the "output" return value is not valid until after Send returns without error.
 17503  //
 17504  // See UploadSigningCertificate for more information on using the UploadSigningCertificate
 17505  // API call, and error handling.
 17506  //
 17507  // This method is useful when you want to inject custom logic or configuration
 17508  // into the SDK's request lifecycle. Such as custom headers, or retry logic.
 17509  //
 17510  //
 17511  //    // Example sending a request using the UploadSigningCertificateRequest method.
 17512  //    req, resp := client.UploadSigningCertificateRequest(params)
 17513  //
 17514  //    err := req.Send()
 17515  //    if err == nil { // resp is now filled
 17516  //        fmt.Println(resp)
 17517  //    }
 17518  //
 17519  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UploadSigningCertificate
 17520  func (c *IAM) UploadSigningCertificateRequest(input *UploadSigningCertificateInput) (req *request.Request, output *UploadSigningCertificateOutput) {
 17521  	op := &request.Operation{
 17522  		Name:       opUploadSigningCertificate,
 17523  		HTTPMethod: "POST",
 17524  		HTTPPath:   "/",
 17525  	}
 17526  
 17527  	if input == nil {
 17528  		input = &UploadSigningCertificateInput{}
 17529  	}
 17530  
 17531  	output = &UploadSigningCertificateOutput{}
 17532  	req = c.newRequest(op, input, output)
 17533  	return
 17534  }
 17535  
 17536  // UploadSigningCertificate API operation for AWS Identity and Access Management.
 17537  //
 17538  // Uploads an X.509 signing certificate and associates it with the specified
 17539  // IAM user. Some Amazon Web Services services require you to use certificates
 17540  // to validate requests that are signed with a corresponding private key. When
 17541  // you upload the certificate, its default status is Active.
 17542  //
 17543  // For information about when you would use an X.509 signing certificate, see
 17544  // Managing server certificates in IAM (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_server-certs.html)
 17545  // in the IAM User Guide.
 17546  //
 17547  // If the UserName is not specified, the IAM user name is determined implicitly
 17548  // based on the Amazon Web Services access key ID used to sign the request.
 17549  // This operation works for access keys under the Amazon Web Services account.
 17550  // Consequently, you can use this operation to manage Amazon Web Services account
 17551  // root user credentials even if the Amazon Web Services account has no associated
 17552  // users.
 17553  //
 17554  // Because the body of an X.509 certificate can be large, you should use POST
 17555  // rather than GET when calling UploadSigningCertificate. For information about
 17556  // setting up signatures and authorization through the API, see Signing Amazon
 17557  // Web Services API requests (https://docs.aws.amazon.com/general/latest/gr/signing_aws_api_requests.html)
 17558  // in the Amazon Web Services General Reference. For general information about
 17559  // using the Query API with IAM, see Making query requests (https://docs.aws.amazon.com/IAM/latest/UserGuide/IAM_UsingQueryAPI.html)
 17560  // in the IAM User Guide.
 17561  //
 17562  // Returns awserr.Error for service API and SDK errors. Use runtime type assertions
 17563  // with awserr.Error's Code and Message methods to get detailed information about
 17564  // the error.
 17565  //
 17566  // See the AWS API reference guide for AWS Identity and Access Management's
 17567  // API operation UploadSigningCertificate for usage and error information.
 17568  //
 17569  // Returned Error Codes:
 17570  //   * ErrCodeLimitExceededException "LimitExceeded"
 17571  //   The request was rejected because it attempted to create resources beyond
 17572  //   the current Amazon Web Services account limits. The error message describes
 17573  //   the limit exceeded.
 17574  //
 17575  //   * ErrCodeEntityAlreadyExistsException "EntityAlreadyExists"
 17576  //   The request was rejected because it attempted to create a resource that already
 17577  //   exists.
 17578  //
 17579  //   * ErrCodeMalformedCertificateException "MalformedCertificate"
 17580  //   The request was rejected because the certificate was malformed or expired.
 17581  //   The error message describes the specific error.
 17582  //
 17583  //   * ErrCodeInvalidCertificateException "InvalidCertificate"
 17584  //   The request was rejected because the certificate is invalid.
 17585  //
 17586  //   * ErrCodeDuplicateCertificateException "DuplicateCertificate"
 17587  //   The request was rejected because the same certificate is associated with
 17588  //   an IAM user in the account.
 17589  //
 17590  //   * ErrCodeNoSuchEntityException "NoSuchEntity"
 17591  //   The request was rejected because it referenced a resource entity that does
 17592  //   not exist. The error message describes the resource.
 17593  //
 17594  //   * ErrCodeServiceFailureException "ServiceFailure"
 17595  //   The request processing has failed because of an unknown error, exception
 17596  //   or failure.
 17597  //
 17598  // See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UploadSigningCertificate
 17599  func (c *IAM) UploadSigningCertificate(input *UploadSigningCertificateInput) (*UploadSigningCertificateOutput, error) {
 17600  	req, out := c.UploadSigningCertificateRequest(input)
 17601  	return out, req.Send()
 17602  }
 17603  
 17604  // UploadSigningCertificateWithContext is the same as UploadSigningCertificate with the addition of
 17605  // the ability to pass a context and additional request options.
 17606  //
 17607  // See UploadSigningCertificate for details on how to use this API operation.
 17608  //
 17609  // The context must be non-nil and will be used for request cancellation. If
 17610  // the context is nil a panic will occur. In the future the SDK may create
 17611  // sub-contexts for http.Requests. See https://golang.org/pkg/context/
 17612  // for more information on using Contexts.
 17613  func (c *IAM) UploadSigningCertificateWithContext(ctx aws.Context, input *UploadSigningCertificateInput, opts ...request.Option) (*UploadSigningCertificateOutput, error) {
 17614  	req, out := c.UploadSigningCertificateRequest(input)
 17615  	req.SetContext(ctx)
 17616  	req.ApplyOptions(opts...)
 17617  	return out, req.Send()
 17618  }
 17619  
 17620  // An object that contains details about when a principal in the reported Organizations
 17621  // entity last attempted to access an Amazon Web Services service. A principal
 17622  // can be an IAM user, an IAM role, or the Amazon Web Services account root
 17623  // user within the reported Organizations entity.
 17624  //
 17625  // This data type is a response element in the GetOrganizationsAccessReport
 17626  // operation.
 17627  type AccessDetail struct {
 17628  	_ struct{} `type:"structure"`
 17629  
 17630  	// The path of the Organizations entity (root, organizational unit, or account)
 17631  	// from which an authenticated principal last attempted to access the service.
 17632  	// Amazon Web Services does not report unauthenticated requests.
 17633  	//
 17634  	// This field is null if no principals (IAM users, IAM roles, or root users)
 17635  	// in the reported Organizations entity attempted to access the service within
 17636  	// the reporting period (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#service-last-accessed-reporting-period).
 17637  	EntityPath *string `min:"19" type:"string"`
 17638  
 17639  	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
 17640  	// when an authenticated principal most recently attempted to access the service.
 17641  	// Amazon Web Services does not report unauthenticated requests.
 17642  	//
 17643  	// This field is null if no principals in the reported Organizations entity
 17644  	// attempted to access the service within the reporting period (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#service-last-accessed-reporting-period).
 17645  	LastAuthenticatedTime *time.Time `type:"timestamp"`
 17646  
 17647  	// The Region where the last service access attempt occurred.
 17648  	//
 17649  	// This field is null if no principals in the reported Organizations entity
 17650  	// attempted to access the service within the reporting period (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#service-last-accessed-reporting-period).
 17651  	Region *string `type:"string"`
 17652  
 17653  	// The name of the service in which access was attempted.
 17654  	//
 17655  	// ServiceName is a required field
 17656  	ServiceName *string `type:"string" required:"true"`
 17657  
 17658  	// The namespace of the service in which access was attempted.
 17659  	//
 17660  	// To learn the service namespace of a service, see Actions, resources, and
 17661  	// condition keys for Amazon Web Services services (https://docs.aws.amazon.com/service-authorization/latest/reference/reference_policies_actions-resources-contextkeys.html)
 17662  	// in the Service Authorization Reference. Choose the name of the service to
 17663  	// view details for that service. In the first paragraph, find the service prefix.
 17664  	// For example, (service prefix: a4b). For more information about service namespaces,
 17665  	// see Amazon Web Services service namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html#genref-aws-service-namespaces)
 17666  	// in the Amazon Web Services General Reference.
 17667  	//
 17668  	// ServiceNamespace is a required field
 17669  	ServiceNamespace *string `min:"1" type:"string" required:"true"`
 17670  
 17671  	// The number of accounts with authenticated principals (root users, IAM users,
 17672  	// and IAM roles) that attempted to access the service in the reporting period.
 17673  	TotalAuthenticatedEntities *int64 `type:"integer"`
 17674  }
 17675  
 17676  // String returns the string representation.
 17677  //
 17678  // API parameter values that are decorated as "sensitive" in the API will not
 17679  // be included in the string output. The member name will be present, but the
 17680  // value will be replaced with "sensitive".
 17681  func (s AccessDetail) String() string {
 17682  	return awsutil.Prettify(s)
 17683  }
 17684  
 17685  // GoString returns the string representation.
 17686  //
 17687  // API parameter values that are decorated as "sensitive" in the API will not
 17688  // be included in the string output. The member name will be present, but the
 17689  // value will be replaced with "sensitive".
 17690  func (s AccessDetail) GoString() string {
 17691  	return s.String()
 17692  }
 17693  
 17694  // SetEntityPath sets the EntityPath field's value.
 17695  func (s *AccessDetail) SetEntityPath(v string) *AccessDetail {
 17696  	s.EntityPath = &v
 17697  	return s
 17698  }
 17699  
 17700  // SetLastAuthenticatedTime sets the LastAuthenticatedTime field's value.
 17701  func (s *AccessDetail) SetLastAuthenticatedTime(v time.Time) *AccessDetail {
 17702  	s.LastAuthenticatedTime = &v
 17703  	return s
 17704  }
 17705  
 17706  // SetRegion sets the Region field's value.
 17707  func (s *AccessDetail) SetRegion(v string) *AccessDetail {
 17708  	s.Region = &v
 17709  	return s
 17710  }
 17711  
 17712  // SetServiceName sets the ServiceName field's value.
 17713  func (s *AccessDetail) SetServiceName(v string) *AccessDetail {
 17714  	s.ServiceName = &v
 17715  	return s
 17716  }
 17717  
 17718  // SetServiceNamespace sets the ServiceNamespace field's value.
 17719  func (s *AccessDetail) SetServiceNamespace(v string) *AccessDetail {
 17720  	s.ServiceNamespace = &v
 17721  	return s
 17722  }
 17723  
 17724  // SetTotalAuthenticatedEntities sets the TotalAuthenticatedEntities field's value.
 17725  func (s *AccessDetail) SetTotalAuthenticatedEntities(v int64) *AccessDetail {
 17726  	s.TotalAuthenticatedEntities = &v
 17727  	return s
 17728  }
 17729  
 17730  // Contains information about an Amazon Web Services access key.
 17731  //
 17732  // This data type is used as a response element in the CreateAccessKey and ListAccessKeys
 17733  // operations.
 17734  //
 17735  // The SecretAccessKey value is returned only in response to CreateAccessKey.
 17736  // You can get a secret access key only when you first create an access key;
 17737  // you cannot recover the secret access key later. If you lose a secret access
 17738  // key, you must create a new access key.
 17739  type AccessKey struct {
 17740  	_ struct{} `type:"structure"`
 17741  
 17742  	// The ID for this access key.
 17743  	//
 17744  	// AccessKeyId is a required field
 17745  	AccessKeyId *string `min:"16" type:"string" required:"true"`
 17746  
 17747  	// The date when the access key was created.
 17748  	CreateDate *time.Time `type:"timestamp"`
 17749  
 17750  	// The secret key used to sign requests.
 17751  	//
 17752  	// SecretAccessKey is a sensitive parameter and its value will be
 17753  	// replaced with "sensitive" in string returned by AccessKey's
 17754  	// String and GoString methods.
 17755  	//
 17756  	// SecretAccessKey is a required field
 17757  	SecretAccessKey *string `type:"string" required:"true" sensitive:"true"`
 17758  
 17759  	// The status of the access key. Active means that the key is valid for API
 17760  	// calls, while Inactive means it is not.
 17761  	//
 17762  	// Status is a required field
 17763  	Status *string `type:"string" required:"true" enum:"StatusType"`
 17764  
 17765  	// The name of the IAM user that the access key is associated with.
 17766  	//
 17767  	// UserName is a required field
 17768  	UserName *string `min:"1" type:"string" required:"true"`
 17769  }
 17770  
 17771  // String returns the string representation.
 17772  //
 17773  // API parameter values that are decorated as "sensitive" in the API will not
 17774  // be included in the string output. The member name will be present, but the
 17775  // value will be replaced with "sensitive".
 17776  func (s AccessKey) String() string {
 17777  	return awsutil.Prettify(s)
 17778  }
 17779  
 17780  // GoString returns the string representation.
 17781  //
 17782  // API parameter values that are decorated as "sensitive" in the API will not
 17783  // be included in the string output. The member name will be present, but the
 17784  // value will be replaced with "sensitive".
 17785  func (s AccessKey) GoString() string {
 17786  	return s.String()
 17787  }
 17788  
 17789  // SetAccessKeyId sets the AccessKeyId field's value.
 17790  func (s *AccessKey) SetAccessKeyId(v string) *AccessKey {
 17791  	s.AccessKeyId = &v
 17792  	return s
 17793  }
 17794  
 17795  // SetCreateDate sets the CreateDate field's value.
 17796  func (s *AccessKey) SetCreateDate(v time.Time) *AccessKey {
 17797  	s.CreateDate = &v
 17798  	return s
 17799  }
 17800  
 17801  // SetSecretAccessKey sets the SecretAccessKey field's value.
 17802  func (s *AccessKey) SetSecretAccessKey(v string) *AccessKey {
 17803  	s.SecretAccessKey = &v
 17804  	return s
 17805  }
 17806  
 17807  // SetStatus sets the Status field's value.
 17808  func (s *AccessKey) SetStatus(v string) *AccessKey {
 17809  	s.Status = &v
 17810  	return s
 17811  }
 17812  
 17813  // SetUserName sets the UserName field's value.
 17814  func (s *AccessKey) SetUserName(v string) *AccessKey {
 17815  	s.UserName = &v
 17816  	return s
 17817  }
 17818  
 17819  // Contains information about the last time an Amazon Web Services access key
 17820  // was used since IAM began tracking this information on April 22, 2015.
 17821  //
 17822  // This data type is used as a response element in the GetAccessKeyLastUsed
 17823  // operation.
 17824  type AccessKeyLastUsed struct {
 17825  	_ struct{} `type:"structure"`
 17826  
 17827  	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
 17828  	// when the access key was most recently used. This field is null in the following
 17829  	// situations:
 17830  	//
 17831  	//    * The user does not have an access key.
 17832  	//
 17833  	//    * An access key exists but has not been used since IAM began tracking
 17834  	//    this information.
 17835  	//
 17836  	//    * There is no sign-in data associated with the user.
 17837  	//
 17838  	// LastUsedDate is a required field
 17839  	LastUsedDate *time.Time `type:"timestamp" required:"true"`
 17840  
 17841  	// The Amazon Web Services Region where this access key was most recently used.
 17842  	// The value for this field is "N/A" in the following situations:
 17843  	//
 17844  	//    * The user does not have an access key.
 17845  	//
 17846  	//    * An access key exists but has not been used since IAM began tracking
 17847  	//    this information.
 17848  	//
 17849  	//    * There is no sign-in data associated with the user.
 17850  	//
 17851  	// For more information about Amazon Web Services Regions, see Regions and endpoints
 17852  	// (https://docs.aws.amazon.com/general/latest/gr/rande.html) in the Amazon
 17853  	// Web Services General Reference.
 17854  	//
 17855  	// Region is a required field
 17856  	Region *string `type:"string" required:"true"`
 17857  
 17858  	// The name of the Amazon Web Services service with which this access key was
 17859  	// most recently used. The value of this field is "N/A" in the following situations:
 17860  	//
 17861  	//    * The user does not have an access key.
 17862  	//
 17863  	//    * An access key exists but has not been used since IAM started tracking
 17864  	//    this information.
 17865  	//
 17866  	//    * There is no sign-in data associated with the user.
 17867  	//
 17868  	// ServiceName is a required field
 17869  	ServiceName *string `type:"string" required:"true"`
 17870  }
 17871  
 17872  // String returns the string representation.
 17873  //
 17874  // API parameter values that are decorated as "sensitive" in the API will not
 17875  // be included in the string output. The member name will be present, but the
 17876  // value will be replaced with "sensitive".
 17877  func (s AccessKeyLastUsed) String() string {
 17878  	return awsutil.Prettify(s)
 17879  }
 17880  
 17881  // GoString returns the string representation.
 17882  //
 17883  // API parameter values that are decorated as "sensitive" in the API will not
 17884  // be included in the string output. The member name will be present, but the
 17885  // value will be replaced with "sensitive".
 17886  func (s AccessKeyLastUsed) GoString() string {
 17887  	return s.String()
 17888  }
 17889  
 17890  // SetLastUsedDate sets the LastUsedDate field's value.
 17891  func (s *AccessKeyLastUsed) SetLastUsedDate(v time.Time) *AccessKeyLastUsed {
 17892  	s.LastUsedDate = &v
 17893  	return s
 17894  }
 17895  
 17896  // SetRegion sets the Region field's value.
 17897  func (s *AccessKeyLastUsed) SetRegion(v string) *AccessKeyLastUsed {
 17898  	s.Region = &v
 17899  	return s
 17900  }
 17901  
 17902  // SetServiceName sets the ServiceName field's value.
 17903  func (s *AccessKeyLastUsed) SetServiceName(v string) *AccessKeyLastUsed {
 17904  	s.ServiceName = &v
 17905  	return s
 17906  }
 17907  
 17908  // Contains information about an Amazon Web Services access key, without its
 17909  // secret key.
 17910  //
 17911  // This data type is used as a response element in the ListAccessKeys operation.
 17912  type AccessKeyMetadata struct {
 17913  	_ struct{} `type:"structure"`
 17914  
 17915  	// The ID for this access key.
 17916  	AccessKeyId *string `min:"16" type:"string"`
 17917  
 17918  	// The date when the access key was created.
 17919  	CreateDate *time.Time `type:"timestamp"`
 17920  
 17921  	// The status of the access key. Active means that the key is valid for API
 17922  	// calls; Inactive means it is not.
 17923  	Status *string `type:"string" enum:"StatusType"`
 17924  
 17925  	// The name of the IAM user that the key is associated with.
 17926  	UserName *string `min:"1" type:"string"`
 17927  }
 17928  
 17929  // String returns the string representation.
 17930  //
 17931  // API parameter values that are decorated as "sensitive" in the API will not
 17932  // be included in the string output. The member name will be present, but the
 17933  // value will be replaced with "sensitive".
 17934  func (s AccessKeyMetadata) String() string {
 17935  	return awsutil.Prettify(s)
 17936  }
 17937  
 17938  // GoString returns the string representation.
 17939  //
 17940  // API parameter values that are decorated as "sensitive" in the API will not
 17941  // be included in the string output. The member name will be present, but the
 17942  // value will be replaced with "sensitive".
 17943  func (s AccessKeyMetadata) GoString() string {
 17944  	return s.String()
 17945  }
 17946  
 17947  // SetAccessKeyId sets the AccessKeyId field's value.
 17948  func (s *AccessKeyMetadata) SetAccessKeyId(v string) *AccessKeyMetadata {
 17949  	s.AccessKeyId = &v
 17950  	return s
 17951  }
 17952  
 17953  // SetCreateDate sets the CreateDate field's value.
 17954  func (s *AccessKeyMetadata) SetCreateDate(v time.Time) *AccessKeyMetadata {
 17955  	s.CreateDate = &v
 17956  	return s
 17957  }
 17958  
 17959  // SetStatus sets the Status field's value.
 17960  func (s *AccessKeyMetadata) SetStatus(v string) *AccessKeyMetadata {
 17961  	s.Status = &v
 17962  	return s
 17963  }
 17964  
 17965  // SetUserName sets the UserName field's value.
 17966  func (s *AccessKeyMetadata) SetUserName(v string) *AccessKeyMetadata {
 17967  	s.UserName = &v
 17968  	return s
 17969  }
 17970  
 17971  type AddClientIDToOpenIDConnectProviderInput struct {
 17972  	_ struct{} `type:"structure"`
 17973  
 17974  	// The client ID (also known as audience) to add to the IAM OpenID Connect provider
 17975  	// resource.
 17976  	//
 17977  	// ClientID is a required field
 17978  	ClientID *string `min:"1" type:"string" required:"true"`
 17979  
 17980  	// The Amazon Resource Name (ARN) of the IAM OpenID Connect (OIDC) provider
 17981  	// resource to add the client ID to. You can get a list of OIDC provider ARNs
 17982  	// by using the ListOpenIDConnectProviders operation.
 17983  	//
 17984  	// OpenIDConnectProviderArn is a required field
 17985  	OpenIDConnectProviderArn *string `min:"20" type:"string" required:"true"`
 17986  }
 17987  
 17988  // String returns the string representation.
 17989  //
 17990  // API parameter values that are decorated as "sensitive" in the API will not
 17991  // be included in the string output. The member name will be present, but the
 17992  // value will be replaced with "sensitive".
 17993  func (s AddClientIDToOpenIDConnectProviderInput) String() string {
 17994  	return awsutil.Prettify(s)
 17995  }
 17996  
 17997  // GoString returns the string representation.
 17998  //
 17999  // API parameter values that are decorated as "sensitive" in the API will not
 18000  // be included in the string output. The member name will be present, but the
 18001  // value will be replaced with "sensitive".
 18002  func (s AddClientIDToOpenIDConnectProviderInput) GoString() string {
 18003  	return s.String()
 18004  }
 18005  
 18006  // Validate inspects the fields of the type to determine if they are valid.
 18007  func (s *AddClientIDToOpenIDConnectProviderInput) Validate() error {
 18008  	invalidParams := request.ErrInvalidParams{Context: "AddClientIDToOpenIDConnectProviderInput"}
 18009  	if s.ClientID == nil {
 18010  		invalidParams.Add(request.NewErrParamRequired("ClientID"))
 18011  	}
 18012  	if s.ClientID != nil && len(*s.ClientID) < 1 {
 18013  		invalidParams.Add(request.NewErrParamMinLen("ClientID", 1))
 18014  	}
 18015  	if s.OpenIDConnectProviderArn == nil {
 18016  		invalidParams.Add(request.NewErrParamRequired("OpenIDConnectProviderArn"))
 18017  	}
 18018  	if s.OpenIDConnectProviderArn != nil && len(*s.OpenIDConnectProviderArn) < 20 {
 18019  		invalidParams.Add(request.NewErrParamMinLen("OpenIDConnectProviderArn", 20))
 18020  	}
 18021  
 18022  	if invalidParams.Len() > 0 {
 18023  		return invalidParams
 18024  	}
 18025  	return nil
 18026  }
 18027  
 18028  // SetClientID sets the ClientID field's value.
 18029  func (s *AddClientIDToOpenIDConnectProviderInput) SetClientID(v string) *AddClientIDToOpenIDConnectProviderInput {
 18030  	s.ClientID = &v
 18031  	return s
 18032  }
 18033  
 18034  // SetOpenIDConnectProviderArn sets the OpenIDConnectProviderArn field's value.
 18035  func (s *AddClientIDToOpenIDConnectProviderInput) SetOpenIDConnectProviderArn(v string) *AddClientIDToOpenIDConnectProviderInput {
 18036  	s.OpenIDConnectProviderArn = &v
 18037  	return s
 18038  }
 18039  
 18040  type AddClientIDToOpenIDConnectProviderOutput struct {
 18041  	_ struct{} `type:"structure"`
 18042  }
 18043  
 18044  // String returns the string representation.
 18045  //
 18046  // API parameter values that are decorated as "sensitive" in the API will not
 18047  // be included in the string output. The member name will be present, but the
 18048  // value will be replaced with "sensitive".
 18049  func (s AddClientIDToOpenIDConnectProviderOutput) String() string {
 18050  	return awsutil.Prettify(s)
 18051  }
 18052  
 18053  // GoString returns the string representation.
 18054  //
 18055  // API parameter values that are decorated as "sensitive" in the API will not
 18056  // be included in the string output. The member name will be present, but the
 18057  // value will be replaced with "sensitive".
 18058  func (s AddClientIDToOpenIDConnectProviderOutput) GoString() string {
 18059  	return s.String()
 18060  }
 18061  
 18062  type AddRoleToInstanceProfileInput struct {
 18063  	_ struct{} `type:"structure"`
 18064  
 18065  	// The name of the instance profile to update.
 18066  	//
 18067  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 18068  	// a string of characters consisting of upper and lowercase alphanumeric characters
 18069  	// with no spaces. You can also include any of the following characters: _+=,.@-
 18070  	//
 18071  	// InstanceProfileName is a required field
 18072  	InstanceProfileName *string `min:"1" type:"string" required:"true"`
 18073  
 18074  	// The name of the role to add.
 18075  	//
 18076  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 18077  	// a string of characters consisting of upper and lowercase alphanumeric characters
 18078  	// with no spaces. You can also include any of the following characters: _+=,.@-
 18079  	//
 18080  	// RoleName is a required field
 18081  	RoleName *string `min:"1" type:"string" required:"true"`
 18082  }
 18083  
 18084  // String returns the string representation.
 18085  //
 18086  // API parameter values that are decorated as "sensitive" in the API will not
 18087  // be included in the string output. The member name will be present, but the
 18088  // value will be replaced with "sensitive".
 18089  func (s AddRoleToInstanceProfileInput) String() string {
 18090  	return awsutil.Prettify(s)
 18091  }
 18092  
 18093  // GoString returns the string representation.
 18094  //
 18095  // API parameter values that are decorated as "sensitive" in the API will not
 18096  // be included in the string output. The member name will be present, but the
 18097  // value will be replaced with "sensitive".
 18098  func (s AddRoleToInstanceProfileInput) GoString() string {
 18099  	return s.String()
 18100  }
 18101  
 18102  // Validate inspects the fields of the type to determine if they are valid.
 18103  func (s *AddRoleToInstanceProfileInput) Validate() error {
 18104  	invalidParams := request.ErrInvalidParams{Context: "AddRoleToInstanceProfileInput"}
 18105  	if s.InstanceProfileName == nil {
 18106  		invalidParams.Add(request.NewErrParamRequired("InstanceProfileName"))
 18107  	}
 18108  	if s.InstanceProfileName != nil && len(*s.InstanceProfileName) < 1 {
 18109  		invalidParams.Add(request.NewErrParamMinLen("InstanceProfileName", 1))
 18110  	}
 18111  	if s.RoleName == nil {
 18112  		invalidParams.Add(request.NewErrParamRequired("RoleName"))
 18113  	}
 18114  	if s.RoleName != nil && len(*s.RoleName) < 1 {
 18115  		invalidParams.Add(request.NewErrParamMinLen("RoleName", 1))
 18116  	}
 18117  
 18118  	if invalidParams.Len() > 0 {
 18119  		return invalidParams
 18120  	}
 18121  	return nil
 18122  }
 18123  
 18124  // SetInstanceProfileName sets the InstanceProfileName field's value.
 18125  func (s *AddRoleToInstanceProfileInput) SetInstanceProfileName(v string) *AddRoleToInstanceProfileInput {
 18126  	s.InstanceProfileName = &v
 18127  	return s
 18128  }
 18129  
 18130  // SetRoleName sets the RoleName field's value.
 18131  func (s *AddRoleToInstanceProfileInput) SetRoleName(v string) *AddRoleToInstanceProfileInput {
 18132  	s.RoleName = &v
 18133  	return s
 18134  }
 18135  
 18136  type AddRoleToInstanceProfileOutput struct {
 18137  	_ struct{} `type:"structure"`
 18138  }
 18139  
 18140  // String returns the string representation.
 18141  //
 18142  // API parameter values that are decorated as "sensitive" in the API will not
 18143  // be included in the string output. The member name will be present, but the
 18144  // value will be replaced with "sensitive".
 18145  func (s AddRoleToInstanceProfileOutput) String() string {
 18146  	return awsutil.Prettify(s)
 18147  }
 18148  
 18149  // GoString returns the string representation.
 18150  //
 18151  // API parameter values that are decorated as "sensitive" in the API will not
 18152  // be included in the string output. The member name will be present, but the
 18153  // value will be replaced with "sensitive".
 18154  func (s AddRoleToInstanceProfileOutput) GoString() string {
 18155  	return s.String()
 18156  }
 18157  
 18158  type AddUserToGroupInput struct {
 18159  	_ struct{} `type:"structure"`
 18160  
 18161  	// The name of the group to update.
 18162  	//
 18163  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 18164  	// a string of characters consisting of upper and lowercase alphanumeric characters
 18165  	// with no spaces. You can also include any of the following characters: _+=,.@-
 18166  	//
 18167  	// GroupName is a required field
 18168  	GroupName *string `min:"1" type:"string" required:"true"`
 18169  
 18170  	// The name of the user to add.
 18171  	//
 18172  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 18173  	// a string of characters consisting of upper and lowercase alphanumeric characters
 18174  	// with no spaces. You can also include any of the following characters: _+=,.@-
 18175  	//
 18176  	// UserName is a required field
 18177  	UserName *string `min:"1" type:"string" required:"true"`
 18178  }
 18179  
 18180  // String returns the string representation.
 18181  //
 18182  // API parameter values that are decorated as "sensitive" in the API will not
 18183  // be included in the string output. The member name will be present, but the
 18184  // value will be replaced with "sensitive".
 18185  func (s AddUserToGroupInput) String() string {
 18186  	return awsutil.Prettify(s)
 18187  }
 18188  
 18189  // GoString returns the string representation.
 18190  //
 18191  // API parameter values that are decorated as "sensitive" in the API will not
 18192  // be included in the string output. The member name will be present, but the
 18193  // value will be replaced with "sensitive".
 18194  func (s AddUserToGroupInput) GoString() string {
 18195  	return s.String()
 18196  }
 18197  
 18198  // Validate inspects the fields of the type to determine if they are valid.
 18199  func (s *AddUserToGroupInput) Validate() error {
 18200  	invalidParams := request.ErrInvalidParams{Context: "AddUserToGroupInput"}
 18201  	if s.GroupName == nil {
 18202  		invalidParams.Add(request.NewErrParamRequired("GroupName"))
 18203  	}
 18204  	if s.GroupName != nil && len(*s.GroupName) < 1 {
 18205  		invalidParams.Add(request.NewErrParamMinLen("GroupName", 1))
 18206  	}
 18207  	if s.UserName == nil {
 18208  		invalidParams.Add(request.NewErrParamRequired("UserName"))
 18209  	}
 18210  	if s.UserName != nil && len(*s.UserName) < 1 {
 18211  		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
 18212  	}
 18213  
 18214  	if invalidParams.Len() > 0 {
 18215  		return invalidParams
 18216  	}
 18217  	return nil
 18218  }
 18219  
 18220  // SetGroupName sets the GroupName field's value.
 18221  func (s *AddUserToGroupInput) SetGroupName(v string) *AddUserToGroupInput {
 18222  	s.GroupName = &v
 18223  	return s
 18224  }
 18225  
 18226  // SetUserName sets the UserName field's value.
 18227  func (s *AddUserToGroupInput) SetUserName(v string) *AddUserToGroupInput {
 18228  	s.UserName = &v
 18229  	return s
 18230  }
 18231  
 18232  type AddUserToGroupOutput struct {
 18233  	_ struct{} `type:"structure"`
 18234  }
 18235  
 18236  // String returns the string representation.
 18237  //
 18238  // API parameter values that are decorated as "sensitive" in the API will not
 18239  // be included in the string output. The member name will be present, but the
 18240  // value will be replaced with "sensitive".
 18241  func (s AddUserToGroupOutput) String() string {
 18242  	return awsutil.Prettify(s)
 18243  }
 18244  
 18245  // GoString returns the string representation.
 18246  //
 18247  // API parameter values that are decorated as "sensitive" in the API will not
 18248  // be included in the string output. The member name will be present, but the
 18249  // value will be replaced with "sensitive".
 18250  func (s AddUserToGroupOutput) GoString() string {
 18251  	return s.String()
 18252  }
 18253  
 18254  type AttachGroupPolicyInput struct {
 18255  	_ struct{} `type:"structure"`
 18256  
 18257  	// The name (friendly name, not ARN) of the group to attach the policy to.
 18258  	//
 18259  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 18260  	// a string of characters consisting of upper and lowercase alphanumeric characters
 18261  	// with no spaces. You can also include any of the following characters: _+=,.@-
 18262  	//
 18263  	// GroupName is a required field
 18264  	GroupName *string `min:"1" type:"string" required:"true"`
 18265  
 18266  	// The Amazon Resource Name (ARN) of the IAM policy you want to attach.
 18267  	//
 18268  	// For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
 18269  	// in the Amazon Web Services General Reference.
 18270  	//
 18271  	// PolicyArn is a required field
 18272  	PolicyArn *string `min:"20" type:"string" required:"true"`
 18273  }
 18274  
 18275  // String returns the string representation.
 18276  //
 18277  // API parameter values that are decorated as "sensitive" in the API will not
 18278  // be included in the string output. The member name will be present, but the
 18279  // value will be replaced with "sensitive".
 18280  func (s AttachGroupPolicyInput) String() string {
 18281  	return awsutil.Prettify(s)
 18282  }
 18283  
 18284  // GoString returns the string representation.
 18285  //
 18286  // API parameter values that are decorated as "sensitive" in the API will not
 18287  // be included in the string output. The member name will be present, but the
 18288  // value will be replaced with "sensitive".
 18289  func (s AttachGroupPolicyInput) GoString() string {
 18290  	return s.String()
 18291  }
 18292  
 18293  // Validate inspects the fields of the type to determine if they are valid.
 18294  func (s *AttachGroupPolicyInput) Validate() error {
 18295  	invalidParams := request.ErrInvalidParams{Context: "AttachGroupPolicyInput"}
 18296  	if s.GroupName == nil {
 18297  		invalidParams.Add(request.NewErrParamRequired("GroupName"))
 18298  	}
 18299  	if s.GroupName != nil && len(*s.GroupName) < 1 {
 18300  		invalidParams.Add(request.NewErrParamMinLen("GroupName", 1))
 18301  	}
 18302  	if s.PolicyArn == nil {
 18303  		invalidParams.Add(request.NewErrParamRequired("PolicyArn"))
 18304  	}
 18305  	if s.PolicyArn != nil && len(*s.PolicyArn) < 20 {
 18306  		invalidParams.Add(request.NewErrParamMinLen("PolicyArn", 20))
 18307  	}
 18308  
 18309  	if invalidParams.Len() > 0 {
 18310  		return invalidParams
 18311  	}
 18312  	return nil
 18313  }
 18314  
 18315  // SetGroupName sets the GroupName field's value.
 18316  func (s *AttachGroupPolicyInput) SetGroupName(v string) *AttachGroupPolicyInput {
 18317  	s.GroupName = &v
 18318  	return s
 18319  }
 18320  
 18321  // SetPolicyArn sets the PolicyArn field's value.
 18322  func (s *AttachGroupPolicyInput) SetPolicyArn(v string) *AttachGroupPolicyInput {
 18323  	s.PolicyArn = &v
 18324  	return s
 18325  }
 18326  
 18327  type AttachGroupPolicyOutput struct {
 18328  	_ struct{} `type:"structure"`
 18329  }
 18330  
 18331  // String returns the string representation.
 18332  //
 18333  // API parameter values that are decorated as "sensitive" in the API will not
 18334  // be included in the string output. The member name will be present, but the
 18335  // value will be replaced with "sensitive".
 18336  func (s AttachGroupPolicyOutput) String() string {
 18337  	return awsutil.Prettify(s)
 18338  }
 18339  
 18340  // GoString returns the string representation.
 18341  //
 18342  // API parameter values that are decorated as "sensitive" in the API will not
 18343  // be included in the string output. The member name will be present, but the
 18344  // value will be replaced with "sensitive".
 18345  func (s AttachGroupPolicyOutput) GoString() string {
 18346  	return s.String()
 18347  }
 18348  
 18349  type AttachRolePolicyInput struct {
 18350  	_ struct{} `type:"structure"`
 18351  
 18352  	// The Amazon Resource Name (ARN) of the IAM policy you want to attach.
 18353  	//
 18354  	// For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
 18355  	// in the Amazon Web Services General Reference.
 18356  	//
 18357  	// PolicyArn is a required field
 18358  	PolicyArn *string `min:"20" type:"string" required:"true"`
 18359  
 18360  	// The name (friendly name, not ARN) of the role to attach the policy to.
 18361  	//
 18362  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 18363  	// a string of characters consisting of upper and lowercase alphanumeric characters
 18364  	// with no spaces. You can also include any of the following characters: _+=,.@-
 18365  	//
 18366  	// RoleName is a required field
 18367  	RoleName *string `min:"1" type:"string" required:"true"`
 18368  }
 18369  
 18370  // String returns the string representation.
 18371  //
 18372  // API parameter values that are decorated as "sensitive" in the API will not
 18373  // be included in the string output. The member name will be present, but the
 18374  // value will be replaced with "sensitive".
 18375  func (s AttachRolePolicyInput) String() string {
 18376  	return awsutil.Prettify(s)
 18377  }
 18378  
 18379  // GoString returns the string representation.
 18380  //
 18381  // API parameter values that are decorated as "sensitive" in the API will not
 18382  // be included in the string output. The member name will be present, but the
 18383  // value will be replaced with "sensitive".
 18384  func (s AttachRolePolicyInput) GoString() string {
 18385  	return s.String()
 18386  }
 18387  
 18388  // Validate inspects the fields of the type to determine if they are valid.
 18389  func (s *AttachRolePolicyInput) Validate() error {
 18390  	invalidParams := request.ErrInvalidParams{Context: "AttachRolePolicyInput"}
 18391  	if s.PolicyArn == nil {
 18392  		invalidParams.Add(request.NewErrParamRequired("PolicyArn"))
 18393  	}
 18394  	if s.PolicyArn != nil && len(*s.PolicyArn) < 20 {
 18395  		invalidParams.Add(request.NewErrParamMinLen("PolicyArn", 20))
 18396  	}
 18397  	if s.RoleName == nil {
 18398  		invalidParams.Add(request.NewErrParamRequired("RoleName"))
 18399  	}
 18400  	if s.RoleName != nil && len(*s.RoleName) < 1 {
 18401  		invalidParams.Add(request.NewErrParamMinLen("RoleName", 1))
 18402  	}
 18403  
 18404  	if invalidParams.Len() > 0 {
 18405  		return invalidParams
 18406  	}
 18407  	return nil
 18408  }
 18409  
 18410  // SetPolicyArn sets the PolicyArn field's value.
 18411  func (s *AttachRolePolicyInput) SetPolicyArn(v string) *AttachRolePolicyInput {
 18412  	s.PolicyArn = &v
 18413  	return s
 18414  }
 18415  
 18416  // SetRoleName sets the RoleName field's value.
 18417  func (s *AttachRolePolicyInput) SetRoleName(v string) *AttachRolePolicyInput {
 18418  	s.RoleName = &v
 18419  	return s
 18420  }
 18421  
 18422  type AttachRolePolicyOutput struct {
 18423  	_ struct{} `type:"structure"`
 18424  }
 18425  
 18426  // String returns the string representation.
 18427  //
 18428  // API parameter values that are decorated as "sensitive" in the API will not
 18429  // be included in the string output. The member name will be present, but the
 18430  // value will be replaced with "sensitive".
 18431  func (s AttachRolePolicyOutput) String() string {
 18432  	return awsutil.Prettify(s)
 18433  }
 18434  
 18435  // GoString returns the string representation.
 18436  //
 18437  // API parameter values that are decorated as "sensitive" in the API will not
 18438  // be included in the string output. The member name will be present, but the
 18439  // value will be replaced with "sensitive".
 18440  func (s AttachRolePolicyOutput) GoString() string {
 18441  	return s.String()
 18442  }
 18443  
 18444  type AttachUserPolicyInput struct {
 18445  	_ struct{} `type:"structure"`
 18446  
 18447  	// The Amazon Resource Name (ARN) of the IAM policy you want to attach.
 18448  	//
 18449  	// For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
 18450  	// in the Amazon Web Services General Reference.
 18451  	//
 18452  	// PolicyArn is a required field
 18453  	PolicyArn *string `min:"20" type:"string" required:"true"`
 18454  
 18455  	// The name (friendly name, not ARN) of the IAM user to attach the policy to.
 18456  	//
 18457  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 18458  	// a string of characters consisting of upper and lowercase alphanumeric characters
 18459  	// with no spaces. You can also include any of the following characters: _+=,.@-
 18460  	//
 18461  	// UserName is a required field
 18462  	UserName *string `min:"1" type:"string" required:"true"`
 18463  }
 18464  
 18465  // String returns the string representation.
 18466  //
 18467  // API parameter values that are decorated as "sensitive" in the API will not
 18468  // be included in the string output. The member name will be present, but the
 18469  // value will be replaced with "sensitive".
 18470  func (s AttachUserPolicyInput) String() string {
 18471  	return awsutil.Prettify(s)
 18472  }
 18473  
 18474  // GoString returns the string representation.
 18475  //
 18476  // API parameter values that are decorated as "sensitive" in the API will not
 18477  // be included in the string output. The member name will be present, but the
 18478  // value will be replaced with "sensitive".
 18479  func (s AttachUserPolicyInput) GoString() string {
 18480  	return s.String()
 18481  }
 18482  
 18483  // Validate inspects the fields of the type to determine if they are valid.
 18484  func (s *AttachUserPolicyInput) Validate() error {
 18485  	invalidParams := request.ErrInvalidParams{Context: "AttachUserPolicyInput"}
 18486  	if s.PolicyArn == nil {
 18487  		invalidParams.Add(request.NewErrParamRequired("PolicyArn"))
 18488  	}
 18489  	if s.PolicyArn != nil && len(*s.PolicyArn) < 20 {
 18490  		invalidParams.Add(request.NewErrParamMinLen("PolicyArn", 20))
 18491  	}
 18492  	if s.UserName == nil {
 18493  		invalidParams.Add(request.NewErrParamRequired("UserName"))
 18494  	}
 18495  	if s.UserName != nil && len(*s.UserName) < 1 {
 18496  		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
 18497  	}
 18498  
 18499  	if invalidParams.Len() > 0 {
 18500  		return invalidParams
 18501  	}
 18502  	return nil
 18503  }
 18504  
 18505  // SetPolicyArn sets the PolicyArn field's value.
 18506  func (s *AttachUserPolicyInput) SetPolicyArn(v string) *AttachUserPolicyInput {
 18507  	s.PolicyArn = &v
 18508  	return s
 18509  }
 18510  
 18511  // SetUserName sets the UserName field's value.
 18512  func (s *AttachUserPolicyInput) SetUserName(v string) *AttachUserPolicyInput {
 18513  	s.UserName = &v
 18514  	return s
 18515  }
 18516  
 18517  type AttachUserPolicyOutput struct {
 18518  	_ struct{} `type:"structure"`
 18519  }
 18520  
 18521  // String returns the string representation.
 18522  //
 18523  // API parameter values that are decorated as "sensitive" in the API will not
 18524  // be included in the string output. The member name will be present, but the
 18525  // value will be replaced with "sensitive".
 18526  func (s AttachUserPolicyOutput) String() string {
 18527  	return awsutil.Prettify(s)
 18528  }
 18529  
 18530  // GoString returns the string representation.
 18531  //
 18532  // API parameter values that are decorated as "sensitive" in the API will not
 18533  // be included in the string output. The member name will be present, but the
 18534  // value will be replaced with "sensitive".
 18535  func (s AttachUserPolicyOutput) GoString() string {
 18536  	return s.String()
 18537  }
 18538  
 18539  // Contains information about an attached permissions boundary.
 18540  //
 18541  // An attached permissions boundary is a managed policy that has been attached
 18542  // to a user or role to set the permissions boundary.
 18543  //
 18544  // For more information about permissions boundaries, see Permissions boundaries
 18545  // for IAM identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html)
 18546  // in the IAM User Guide.
 18547  type AttachedPermissionsBoundary struct {
 18548  	_ struct{} `type:"structure"`
 18549  
 18550  	// The ARN of the policy used to set the permissions boundary for the user or
 18551  	// role.
 18552  	PermissionsBoundaryArn *string `min:"20" type:"string"`
 18553  
 18554  	// The permissions boundary usage type that indicates what type of IAM resource
 18555  	// is used as the permissions boundary for an entity. This data type can only
 18556  	// have a value of Policy.
 18557  	PermissionsBoundaryType *string `type:"string" enum:"PermissionsBoundaryAttachmentType"`
 18558  }
 18559  
 18560  // String returns the string representation.
 18561  //
 18562  // API parameter values that are decorated as "sensitive" in the API will not
 18563  // be included in the string output. The member name will be present, but the
 18564  // value will be replaced with "sensitive".
 18565  func (s AttachedPermissionsBoundary) String() string {
 18566  	return awsutil.Prettify(s)
 18567  }
 18568  
 18569  // GoString returns the string representation.
 18570  //
 18571  // API parameter values that are decorated as "sensitive" in the API will not
 18572  // be included in the string output. The member name will be present, but the
 18573  // value will be replaced with "sensitive".
 18574  func (s AttachedPermissionsBoundary) GoString() string {
 18575  	return s.String()
 18576  }
 18577  
 18578  // SetPermissionsBoundaryArn sets the PermissionsBoundaryArn field's value.
 18579  func (s *AttachedPermissionsBoundary) SetPermissionsBoundaryArn(v string) *AttachedPermissionsBoundary {
 18580  	s.PermissionsBoundaryArn = &v
 18581  	return s
 18582  }
 18583  
 18584  // SetPermissionsBoundaryType sets the PermissionsBoundaryType field's value.
 18585  func (s *AttachedPermissionsBoundary) SetPermissionsBoundaryType(v string) *AttachedPermissionsBoundary {
 18586  	s.PermissionsBoundaryType = &v
 18587  	return s
 18588  }
 18589  
 18590  // Contains information about an attached policy.
 18591  //
 18592  // An attached policy is a managed policy that has been attached to a user,
 18593  // group, or role. This data type is used as a response element in the ListAttachedGroupPolicies,
 18594  // ListAttachedRolePolicies, ListAttachedUserPolicies, and GetAccountAuthorizationDetails
 18595  // operations.
 18596  //
 18597  // For more information about managed policies, refer to Managed policies and
 18598  // inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
 18599  // in the IAM User Guide.
 18600  type AttachedPolicy struct {
 18601  	_ struct{} `type:"structure"`
 18602  
 18603  	// The Amazon Resource Name (ARN). ARNs are unique identifiers for Amazon Web
 18604  	// Services resources.
 18605  	//
 18606  	// For more information about ARNs, go to Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
 18607  	// in the Amazon Web Services General Reference.
 18608  	PolicyArn *string `min:"20" type:"string"`
 18609  
 18610  	// The friendly name of the attached policy.
 18611  	PolicyName *string `min:"1" type:"string"`
 18612  }
 18613  
 18614  // String returns the string representation.
 18615  //
 18616  // API parameter values that are decorated as "sensitive" in the API will not
 18617  // be included in the string output. The member name will be present, but the
 18618  // value will be replaced with "sensitive".
 18619  func (s AttachedPolicy) String() string {
 18620  	return awsutil.Prettify(s)
 18621  }
 18622  
 18623  // GoString returns the string representation.
 18624  //
 18625  // API parameter values that are decorated as "sensitive" in the API will not
 18626  // be included in the string output. The member name will be present, but the
 18627  // value will be replaced with "sensitive".
 18628  func (s AttachedPolicy) GoString() string {
 18629  	return s.String()
 18630  }
 18631  
 18632  // SetPolicyArn sets the PolicyArn field's value.
 18633  func (s *AttachedPolicy) SetPolicyArn(v string) *AttachedPolicy {
 18634  	s.PolicyArn = &v
 18635  	return s
 18636  }
 18637  
 18638  // SetPolicyName sets the PolicyName field's value.
 18639  func (s *AttachedPolicy) SetPolicyName(v string) *AttachedPolicy {
 18640  	s.PolicyName = &v
 18641  	return s
 18642  }
 18643  
 18644  type ChangePasswordInput struct {
 18645  	_ struct{} `type:"structure"`
 18646  
 18647  	// The new password. The new password must conform to the Amazon Web Services
 18648  	// account's password policy, if one exists.
 18649  	//
 18650  	// The regex pattern (http://wikipedia.org/wiki/regex) that is used to validate
 18651  	// this parameter is a string of characters. That string can include almost
 18652  	// any printable ASCII character from the space (\u0020) through the end of
 18653  	// the ASCII character range (\u00FF). You can also include the tab (\u0009),
 18654  	// line feed (\u000A), and carriage return (\u000D) characters. Any of these
 18655  	// characters are valid in a password. However, many tools, such as the Amazon
 18656  	// Web Services Management Console, might restrict the ability to type certain
 18657  	// characters because they have special meaning within that tool.
 18658  	//
 18659  	// NewPassword is a sensitive parameter and its value will be
 18660  	// replaced with "sensitive" in string returned by ChangePasswordInput's
 18661  	// String and GoString methods.
 18662  	//
 18663  	// NewPassword is a required field
 18664  	NewPassword *string `min:"1" type:"string" required:"true" sensitive:"true"`
 18665  
 18666  	// The IAM user's current password.
 18667  	//
 18668  	// OldPassword is a sensitive parameter and its value will be
 18669  	// replaced with "sensitive" in string returned by ChangePasswordInput's
 18670  	// String and GoString methods.
 18671  	//
 18672  	// OldPassword is a required field
 18673  	OldPassword *string `min:"1" type:"string" required:"true" sensitive:"true"`
 18674  }
 18675  
 18676  // String returns the string representation.
 18677  //
 18678  // API parameter values that are decorated as "sensitive" in the API will not
 18679  // be included in the string output. The member name will be present, but the
 18680  // value will be replaced with "sensitive".
 18681  func (s ChangePasswordInput) String() string {
 18682  	return awsutil.Prettify(s)
 18683  }
 18684  
 18685  // GoString returns the string representation.
 18686  //
 18687  // API parameter values that are decorated as "sensitive" in the API will not
 18688  // be included in the string output. The member name will be present, but the
 18689  // value will be replaced with "sensitive".
 18690  func (s ChangePasswordInput) GoString() string {
 18691  	return s.String()
 18692  }
 18693  
 18694  // Validate inspects the fields of the type to determine if they are valid.
 18695  func (s *ChangePasswordInput) Validate() error {
 18696  	invalidParams := request.ErrInvalidParams{Context: "ChangePasswordInput"}
 18697  	if s.NewPassword == nil {
 18698  		invalidParams.Add(request.NewErrParamRequired("NewPassword"))
 18699  	}
 18700  	if s.NewPassword != nil && len(*s.NewPassword) < 1 {
 18701  		invalidParams.Add(request.NewErrParamMinLen("NewPassword", 1))
 18702  	}
 18703  	if s.OldPassword == nil {
 18704  		invalidParams.Add(request.NewErrParamRequired("OldPassword"))
 18705  	}
 18706  	if s.OldPassword != nil && len(*s.OldPassword) < 1 {
 18707  		invalidParams.Add(request.NewErrParamMinLen("OldPassword", 1))
 18708  	}
 18709  
 18710  	if invalidParams.Len() > 0 {
 18711  		return invalidParams
 18712  	}
 18713  	return nil
 18714  }
 18715  
 18716  // SetNewPassword sets the NewPassword field's value.
 18717  func (s *ChangePasswordInput) SetNewPassword(v string) *ChangePasswordInput {
 18718  	s.NewPassword = &v
 18719  	return s
 18720  }
 18721  
 18722  // SetOldPassword sets the OldPassword field's value.
 18723  func (s *ChangePasswordInput) SetOldPassword(v string) *ChangePasswordInput {
 18724  	s.OldPassword = &v
 18725  	return s
 18726  }
 18727  
 18728  type ChangePasswordOutput struct {
 18729  	_ struct{} `type:"structure"`
 18730  }
 18731  
 18732  // String returns the string representation.
 18733  //
 18734  // API parameter values that are decorated as "sensitive" in the API will not
 18735  // be included in the string output. The member name will be present, but the
 18736  // value will be replaced with "sensitive".
 18737  func (s ChangePasswordOutput) String() string {
 18738  	return awsutil.Prettify(s)
 18739  }
 18740  
 18741  // GoString returns the string representation.
 18742  //
 18743  // API parameter values that are decorated as "sensitive" in the API will not
 18744  // be included in the string output. The member name will be present, but the
 18745  // value will be replaced with "sensitive".
 18746  func (s ChangePasswordOutput) GoString() string {
 18747  	return s.String()
 18748  }
 18749  
 18750  // Contains information about a condition context key. It includes the name
 18751  // of the key and specifies the value (or values, if the context key supports
 18752  // multiple values) to use in the simulation. This information is used when
 18753  // evaluating the Condition elements of the input policies.
 18754  //
 18755  // This data type is used as an input parameter to SimulateCustomPolicy and
 18756  // SimulatePrincipalPolicy.
 18757  type ContextEntry struct {
 18758  	_ struct{} `type:"structure"`
 18759  
 18760  	// The full name of a condition context key, including the service prefix. For
 18761  	// example, aws:SourceIp or s3:VersionId.
 18762  	ContextKeyName *string `min:"5" type:"string"`
 18763  
 18764  	// The data type of the value (or values) specified in the ContextKeyValues
 18765  	// parameter.
 18766  	ContextKeyType *string `type:"string" enum:"ContextKeyTypeEnum"`
 18767  
 18768  	// The value (or values, if the condition context key supports multiple values)
 18769  	// to provide to the simulation when the key is referenced by a Condition element
 18770  	// in an input policy.
 18771  	ContextKeyValues []*string `type:"list"`
 18772  }
 18773  
 18774  // String returns the string representation.
 18775  //
 18776  // API parameter values that are decorated as "sensitive" in the API will not
 18777  // be included in the string output. The member name will be present, but the
 18778  // value will be replaced with "sensitive".
 18779  func (s ContextEntry) String() string {
 18780  	return awsutil.Prettify(s)
 18781  }
 18782  
 18783  // GoString returns the string representation.
 18784  //
 18785  // API parameter values that are decorated as "sensitive" in the API will not
 18786  // be included in the string output. The member name will be present, but the
 18787  // value will be replaced with "sensitive".
 18788  func (s ContextEntry) GoString() string {
 18789  	return s.String()
 18790  }
 18791  
 18792  // Validate inspects the fields of the type to determine if they are valid.
 18793  func (s *ContextEntry) Validate() error {
 18794  	invalidParams := request.ErrInvalidParams{Context: "ContextEntry"}
 18795  	if s.ContextKeyName != nil && len(*s.ContextKeyName) < 5 {
 18796  		invalidParams.Add(request.NewErrParamMinLen("ContextKeyName", 5))
 18797  	}
 18798  
 18799  	if invalidParams.Len() > 0 {
 18800  		return invalidParams
 18801  	}
 18802  	return nil
 18803  }
 18804  
 18805  // SetContextKeyName sets the ContextKeyName field's value.
 18806  func (s *ContextEntry) SetContextKeyName(v string) *ContextEntry {
 18807  	s.ContextKeyName = &v
 18808  	return s
 18809  }
 18810  
 18811  // SetContextKeyType sets the ContextKeyType field's value.
 18812  func (s *ContextEntry) SetContextKeyType(v string) *ContextEntry {
 18813  	s.ContextKeyType = &v
 18814  	return s
 18815  }
 18816  
 18817  // SetContextKeyValues sets the ContextKeyValues field's value.
 18818  func (s *ContextEntry) SetContextKeyValues(v []*string) *ContextEntry {
 18819  	s.ContextKeyValues = v
 18820  	return s
 18821  }
 18822  
 18823  type CreateAccessKeyInput struct {
 18824  	_ struct{} `type:"structure"`
 18825  
 18826  	// The name of the IAM user that the new key will belong to.
 18827  	//
 18828  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 18829  	// a string of characters consisting of upper and lowercase alphanumeric characters
 18830  	// with no spaces. You can also include any of the following characters: _+=,.@-
 18831  	UserName *string `min:"1" type:"string"`
 18832  }
 18833  
 18834  // String returns the string representation.
 18835  //
 18836  // API parameter values that are decorated as "sensitive" in the API will not
 18837  // be included in the string output. The member name will be present, but the
 18838  // value will be replaced with "sensitive".
 18839  func (s CreateAccessKeyInput) String() string {
 18840  	return awsutil.Prettify(s)
 18841  }
 18842  
 18843  // GoString returns the string representation.
 18844  //
 18845  // API parameter values that are decorated as "sensitive" in the API will not
 18846  // be included in the string output. The member name will be present, but the
 18847  // value will be replaced with "sensitive".
 18848  func (s CreateAccessKeyInput) GoString() string {
 18849  	return s.String()
 18850  }
 18851  
 18852  // Validate inspects the fields of the type to determine if they are valid.
 18853  func (s *CreateAccessKeyInput) Validate() error {
 18854  	invalidParams := request.ErrInvalidParams{Context: "CreateAccessKeyInput"}
 18855  	if s.UserName != nil && len(*s.UserName) < 1 {
 18856  		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
 18857  	}
 18858  
 18859  	if invalidParams.Len() > 0 {
 18860  		return invalidParams
 18861  	}
 18862  	return nil
 18863  }
 18864  
 18865  // SetUserName sets the UserName field's value.
 18866  func (s *CreateAccessKeyInput) SetUserName(v string) *CreateAccessKeyInput {
 18867  	s.UserName = &v
 18868  	return s
 18869  }
 18870  
 18871  // Contains the response to a successful CreateAccessKey request.
 18872  type CreateAccessKeyOutput struct {
 18873  	_ struct{} `type:"structure"`
 18874  
 18875  	// A structure with details about the access key.
 18876  	//
 18877  	// AccessKey is a required field
 18878  	AccessKey *AccessKey `type:"structure" required:"true"`
 18879  }
 18880  
 18881  // String returns the string representation.
 18882  //
 18883  // API parameter values that are decorated as "sensitive" in the API will not
 18884  // be included in the string output. The member name will be present, but the
 18885  // value will be replaced with "sensitive".
 18886  func (s CreateAccessKeyOutput) String() string {
 18887  	return awsutil.Prettify(s)
 18888  }
 18889  
 18890  // GoString returns the string representation.
 18891  //
 18892  // API parameter values that are decorated as "sensitive" in the API will not
 18893  // be included in the string output. The member name will be present, but the
 18894  // value will be replaced with "sensitive".
 18895  func (s CreateAccessKeyOutput) GoString() string {
 18896  	return s.String()
 18897  }
 18898  
 18899  // SetAccessKey sets the AccessKey field's value.
 18900  func (s *CreateAccessKeyOutput) SetAccessKey(v *AccessKey) *CreateAccessKeyOutput {
 18901  	s.AccessKey = v
 18902  	return s
 18903  }
 18904  
 18905  type CreateAccountAliasInput struct {
 18906  	_ struct{} `type:"structure"`
 18907  
 18908  	// The account alias to create.
 18909  	//
 18910  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 18911  	// a string of characters consisting of lowercase letters, digits, and dashes.
 18912  	// You cannot start or finish with a dash, nor can you have two dashes in a
 18913  	// row.
 18914  	//
 18915  	// AccountAlias is a required field
 18916  	AccountAlias *string `min:"3" type:"string" required:"true"`
 18917  }
 18918  
 18919  // String returns the string representation.
 18920  //
 18921  // API parameter values that are decorated as "sensitive" in the API will not
 18922  // be included in the string output. The member name will be present, but the
 18923  // value will be replaced with "sensitive".
 18924  func (s CreateAccountAliasInput) String() string {
 18925  	return awsutil.Prettify(s)
 18926  }
 18927  
 18928  // GoString returns the string representation.
 18929  //
 18930  // API parameter values that are decorated as "sensitive" in the API will not
 18931  // be included in the string output. The member name will be present, but the
 18932  // value will be replaced with "sensitive".
 18933  func (s CreateAccountAliasInput) GoString() string {
 18934  	return s.String()
 18935  }
 18936  
 18937  // Validate inspects the fields of the type to determine if they are valid.
 18938  func (s *CreateAccountAliasInput) Validate() error {
 18939  	invalidParams := request.ErrInvalidParams{Context: "CreateAccountAliasInput"}
 18940  	if s.AccountAlias == nil {
 18941  		invalidParams.Add(request.NewErrParamRequired("AccountAlias"))
 18942  	}
 18943  	if s.AccountAlias != nil && len(*s.AccountAlias) < 3 {
 18944  		invalidParams.Add(request.NewErrParamMinLen("AccountAlias", 3))
 18945  	}
 18946  
 18947  	if invalidParams.Len() > 0 {
 18948  		return invalidParams
 18949  	}
 18950  	return nil
 18951  }
 18952  
 18953  // SetAccountAlias sets the AccountAlias field's value.
 18954  func (s *CreateAccountAliasInput) SetAccountAlias(v string) *CreateAccountAliasInput {
 18955  	s.AccountAlias = &v
 18956  	return s
 18957  }
 18958  
 18959  type CreateAccountAliasOutput struct {
 18960  	_ struct{} `type:"structure"`
 18961  }
 18962  
 18963  // String returns the string representation.
 18964  //
 18965  // API parameter values that are decorated as "sensitive" in the API will not
 18966  // be included in the string output. The member name will be present, but the
 18967  // value will be replaced with "sensitive".
 18968  func (s CreateAccountAliasOutput) String() string {
 18969  	return awsutil.Prettify(s)
 18970  }
 18971  
 18972  // GoString returns the string representation.
 18973  //
 18974  // API parameter values that are decorated as "sensitive" in the API will not
 18975  // be included in the string output. The member name will be present, but the
 18976  // value will be replaced with "sensitive".
 18977  func (s CreateAccountAliasOutput) GoString() string {
 18978  	return s.String()
 18979  }
 18980  
 18981  type CreateGroupInput struct {
 18982  	_ struct{} `type:"structure"`
 18983  
 18984  	// The name of the group to create. Do not include the path in this value.
 18985  	//
 18986  	// IAM user, group, role, and policy names must be unique within the account.
 18987  	// Names are not distinguished by case. For example, you cannot create resources
 18988  	// named both "MyResource" and "myresource".
 18989  	//
 18990  	// GroupName is a required field
 18991  	GroupName *string `min:"1" type:"string" required:"true"`
 18992  
 18993  	// The path to the group. For more information about paths, see IAM identifiers
 18994  	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
 18995  	// in the IAM User Guide.
 18996  	//
 18997  	// This parameter is optional. If it is not included, it defaults to a slash
 18998  	// (/).
 18999  	//
 19000  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 19001  	// a string of characters consisting of either a forward slash (/) by itself
 19002  	// or a string that must begin and end with forward slashes. In addition, it
 19003  	// can contain any ASCII character from the ! (\u0021) through the DEL character
 19004  	// (\u007F), including most punctuation characters, digits, and upper and lowercased
 19005  	// letters.
 19006  	Path *string `min:"1" type:"string"`
 19007  }
 19008  
 19009  // String returns the string representation.
 19010  //
 19011  // API parameter values that are decorated as "sensitive" in the API will not
 19012  // be included in the string output. The member name will be present, but the
 19013  // value will be replaced with "sensitive".
 19014  func (s CreateGroupInput) String() string {
 19015  	return awsutil.Prettify(s)
 19016  }
 19017  
 19018  // GoString returns the string representation.
 19019  //
 19020  // API parameter values that are decorated as "sensitive" in the API will not
 19021  // be included in the string output. The member name will be present, but the
 19022  // value will be replaced with "sensitive".
 19023  func (s CreateGroupInput) GoString() string {
 19024  	return s.String()
 19025  }
 19026  
 19027  // Validate inspects the fields of the type to determine if they are valid.
 19028  func (s *CreateGroupInput) Validate() error {
 19029  	invalidParams := request.ErrInvalidParams{Context: "CreateGroupInput"}
 19030  	if s.GroupName == nil {
 19031  		invalidParams.Add(request.NewErrParamRequired("GroupName"))
 19032  	}
 19033  	if s.GroupName != nil && len(*s.GroupName) < 1 {
 19034  		invalidParams.Add(request.NewErrParamMinLen("GroupName", 1))
 19035  	}
 19036  	if s.Path != nil && len(*s.Path) < 1 {
 19037  		invalidParams.Add(request.NewErrParamMinLen("Path", 1))
 19038  	}
 19039  
 19040  	if invalidParams.Len() > 0 {
 19041  		return invalidParams
 19042  	}
 19043  	return nil
 19044  }
 19045  
 19046  // SetGroupName sets the GroupName field's value.
 19047  func (s *CreateGroupInput) SetGroupName(v string) *CreateGroupInput {
 19048  	s.GroupName = &v
 19049  	return s
 19050  }
 19051  
 19052  // SetPath sets the Path field's value.
 19053  func (s *CreateGroupInput) SetPath(v string) *CreateGroupInput {
 19054  	s.Path = &v
 19055  	return s
 19056  }
 19057  
 19058  // Contains the response to a successful CreateGroup request.
 19059  type CreateGroupOutput struct {
 19060  	_ struct{} `type:"structure"`
 19061  
 19062  	// A structure containing details about the new group.
 19063  	//
 19064  	// Group is a required field
 19065  	Group *Group `type:"structure" required:"true"`
 19066  }
 19067  
 19068  // String returns the string representation.
 19069  //
 19070  // API parameter values that are decorated as "sensitive" in the API will not
 19071  // be included in the string output. The member name will be present, but the
 19072  // value will be replaced with "sensitive".
 19073  func (s CreateGroupOutput) String() string {
 19074  	return awsutil.Prettify(s)
 19075  }
 19076  
 19077  // GoString returns the string representation.
 19078  //
 19079  // API parameter values that are decorated as "sensitive" in the API will not
 19080  // be included in the string output. The member name will be present, but the
 19081  // value will be replaced with "sensitive".
 19082  func (s CreateGroupOutput) GoString() string {
 19083  	return s.String()
 19084  }
 19085  
 19086  // SetGroup sets the Group field's value.
 19087  func (s *CreateGroupOutput) SetGroup(v *Group) *CreateGroupOutput {
 19088  	s.Group = v
 19089  	return s
 19090  }
 19091  
 19092  type CreateInstanceProfileInput struct {
 19093  	_ struct{} `type:"structure"`
 19094  
 19095  	// The name of the instance profile to create.
 19096  	//
 19097  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 19098  	// a string of characters consisting of upper and lowercase alphanumeric characters
 19099  	// with no spaces. You can also include any of the following characters: _+=,.@-
 19100  	//
 19101  	// InstanceProfileName is a required field
 19102  	InstanceProfileName *string `min:"1" type:"string" required:"true"`
 19103  
 19104  	// The path to the instance profile. For more information about paths, see IAM
 19105  	// Identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
 19106  	// in the IAM User Guide.
 19107  	//
 19108  	// This parameter is optional. If it is not included, it defaults to a slash
 19109  	// (/).
 19110  	//
 19111  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 19112  	// a string of characters consisting of either a forward slash (/) by itself
 19113  	// or a string that must begin and end with forward slashes. In addition, it
 19114  	// can contain any ASCII character from the ! (\u0021) through the DEL character
 19115  	// (\u007F), including most punctuation characters, digits, and upper and lowercased
 19116  	// letters.
 19117  	Path *string `min:"1" type:"string"`
 19118  
 19119  	// A list of tags that you want to attach to the newly created IAM instance
 19120  	// profile. Each tag consists of a key name and an associated value. For more
 19121  	// information about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
 19122  	// in the IAM User Guide.
 19123  	//
 19124  	// If any one of the tags is invalid or if you exceed the allowed maximum number
 19125  	// of tags, then the entire request fails and the resource is not created.
 19126  	Tags []*Tag `type:"list"`
 19127  }
 19128  
 19129  // String returns the string representation.
 19130  //
 19131  // API parameter values that are decorated as "sensitive" in the API will not
 19132  // be included in the string output. The member name will be present, but the
 19133  // value will be replaced with "sensitive".
 19134  func (s CreateInstanceProfileInput) String() string {
 19135  	return awsutil.Prettify(s)
 19136  }
 19137  
 19138  // GoString returns the string representation.
 19139  //
 19140  // API parameter values that are decorated as "sensitive" in the API will not
 19141  // be included in the string output. The member name will be present, but the
 19142  // value will be replaced with "sensitive".
 19143  func (s CreateInstanceProfileInput) GoString() string {
 19144  	return s.String()
 19145  }
 19146  
 19147  // Validate inspects the fields of the type to determine if they are valid.
 19148  func (s *CreateInstanceProfileInput) Validate() error {
 19149  	invalidParams := request.ErrInvalidParams{Context: "CreateInstanceProfileInput"}
 19150  	if s.InstanceProfileName == nil {
 19151  		invalidParams.Add(request.NewErrParamRequired("InstanceProfileName"))
 19152  	}
 19153  	if s.InstanceProfileName != nil && len(*s.InstanceProfileName) < 1 {
 19154  		invalidParams.Add(request.NewErrParamMinLen("InstanceProfileName", 1))
 19155  	}
 19156  	if s.Path != nil && len(*s.Path) < 1 {
 19157  		invalidParams.Add(request.NewErrParamMinLen("Path", 1))
 19158  	}
 19159  	if s.Tags != nil {
 19160  		for i, v := range s.Tags {
 19161  			if v == nil {
 19162  				continue
 19163  			}
 19164  			if err := v.Validate(); err != nil {
 19165  				invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Tags", i), err.(request.ErrInvalidParams))
 19166  			}
 19167  		}
 19168  	}
 19169  
 19170  	if invalidParams.Len() > 0 {
 19171  		return invalidParams
 19172  	}
 19173  	return nil
 19174  }
 19175  
 19176  // SetInstanceProfileName sets the InstanceProfileName field's value.
 19177  func (s *CreateInstanceProfileInput) SetInstanceProfileName(v string) *CreateInstanceProfileInput {
 19178  	s.InstanceProfileName = &v
 19179  	return s
 19180  }
 19181  
 19182  // SetPath sets the Path field's value.
 19183  func (s *CreateInstanceProfileInput) SetPath(v string) *CreateInstanceProfileInput {
 19184  	s.Path = &v
 19185  	return s
 19186  }
 19187  
 19188  // SetTags sets the Tags field's value.
 19189  func (s *CreateInstanceProfileInput) SetTags(v []*Tag) *CreateInstanceProfileInput {
 19190  	s.Tags = v
 19191  	return s
 19192  }
 19193  
 19194  // Contains the response to a successful CreateInstanceProfile request.
 19195  type CreateInstanceProfileOutput struct {
 19196  	_ struct{} `type:"structure"`
 19197  
 19198  	// A structure containing details about the new instance profile.
 19199  	//
 19200  	// InstanceProfile is a required field
 19201  	InstanceProfile *InstanceProfile `type:"structure" required:"true"`
 19202  }
 19203  
 19204  // String returns the string representation.
 19205  //
 19206  // API parameter values that are decorated as "sensitive" in the API will not
 19207  // be included in the string output. The member name will be present, but the
 19208  // value will be replaced with "sensitive".
 19209  func (s CreateInstanceProfileOutput) String() string {
 19210  	return awsutil.Prettify(s)
 19211  }
 19212  
 19213  // GoString returns the string representation.
 19214  //
 19215  // API parameter values that are decorated as "sensitive" in the API will not
 19216  // be included in the string output. The member name will be present, but the
 19217  // value will be replaced with "sensitive".
 19218  func (s CreateInstanceProfileOutput) GoString() string {
 19219  	return s.String()
 19220  }
 19221  
 19222  // SetInstanceProfile sets the InstanceProfile field's value.
 19223  func (s *CreateInstanceProfileOutput) SetInstanceProfile(v *InstanceProfile) *CreateInstanceProfileOutput {
 19224  	s.InstanceProfile = v
 19225  	return s
 19226  }
 19227  
 19228  type CreateLoginProfileInput struct {
 19229  	_ struct{} `type:"structure"`
 19230  
 19231  	// The new password for the user.
 19232  	//
 19233  	// The regex pattern (http://wikipedia.org/wiki/regex) that is used to validate
 19234  	// this parameter is a string of characters. That string can include almost
 19235  	// any printable ASCII character from the space (\u0020) through the end of
 19236  	// the ASCII character range (\u00FF). You can also include the tab (\u0009),
 19237  	// line feed (\u000A), and carriage return (\u000D) characters. Any of these
 19238  	// characters are valid in a password. However, many tools, such as the Amazon
 19239  	// Web Services Management Console, might restrict the ability to type certain
 19240  	// characters because they have special meaning within that tool.
 19241  	//
 19242  	// Password is a sensitive parameter and its value will be
 19243  	// replaced with "sensitive" in string returned by CreateLoginProfileInput's
 19244  	// String and GoString methods.
 19245  	//
 19246  	// Password is a required field
 19247  	Password *string `min:"1" type:"string" required:"true" sensitive:"true"`
 19248  
 19249  	// Specifies whether the user is required to set a new password on next sign-in.
 19250  	PasswordResetRequired *bool `type:"boolean"`
 19251  
 19252  	// The name of the IAM user to create a password for. The user must already
 19253  	// exist.
 19254  	//
 19255  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 19256  	// a string of characters consisting of upper and lowercase alphanumeric characters
 19257  	// with no spaces. You can also include any of the following characters: _+=,.@-
 19258  	//
 19259  	// UserName is a required field
 19260  	UserName *string `min:"1" type:"string" required:"true"`
 19261  }
 19262  
 19263  // String returns the string representation.
 19264  //
 19265  // API parameter values that are decorated as "sensitive" in the API will not
 19266  // be included in the string output. The member name will be present, but the
 19267  // value will be replaced with "sensitive".
 19268  func (s CreateLoginProfileInput) String() string {
 19269  	return awsutil.Prettify(s)
 19270  }
 19271  
 19272  // GoString returns the string representation.
 19273  //
 19274  // API parameter values that are decorated as "sensitive" in the API will not
 19275  // be included in the string output. The member name will be present, but the
 19276  // value will be replaced with "sensitive".
 19277  func (s CreateLoginProfileInput) GoString() string {
 19278  	return s.String()
 19279  }
 19280  
 19281  // Validate inspects the fields of the type to determine if they are valid.
 19282  func (s *CreateLoginProfileInput) Validate() error {
 19283  	invalidParams := request.ErrInvalidParams{Context: "CreateLoginProfileInput"}
 19284  	if s.Password == nil {
 19285  		invalidParams.Add(request.NewErrParamRequired("Password"))
 19286  	}
 19287  	if s.Password != nil && len(*s.Password) < 1 {
 19288  		invalidParams.Add(request.NewErrParamMinLen("Password", 1))
 19289  	}
 19290  	if s.UserName == nil {
 19291  		invalidParams.Add(request.NewErrParamRequired("UserName"))
 19292  	}
 19293  	if s.UserName != nil && len(*s.UserName) < 1 {
 19294  		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
 19295  	}
 19296  
 19297  	if invalidParams.Len() > 0 {
 19298  		return invalidParams
 19299  	}
 19300  	return nil
 19301  }
 19302  
 19303  // SetPassword sets the Password field's value.
 19304  func (s *CreateLoginProfileInput) SetPassword(v string) *CreateLoginProfileInput {
 19305  	s.Password = &v
 19306  	return s
 19307  }
 19308  
 19309  // SetPasswordResetRequired sets the PasswordResetRequired field's value.
 19310  func (s *CreateLoginProfileInput) SetPasswordResetRequired(v bool) *CreateLoginProfileInput {
 19311  	s.PasswordResetRequired = &v
 19312  	return s
 19313  }
 19314  
 19315  // SetUserName sets the UserName field's value.
 19316  func (s *CreateLoginProfileInput) SetUserName(v string) *CreateLoginProfileInput {
 19317  	s.UserName = &v
 19318  	return s
 19319  }
 19320  
 19321  // Contains the response to a successful CreateLoginProfile request.
 19322  type CreateLoginProfileOutput struct {
 19323  	_ struct{} `type:"structure"`
 19324  
 19325  	// A structure containing the user name and password create date.
 19326  	//
 19327  	// LoginProfile is a required field
 19328  	LoginProfile *LoginProfile `type:"structure" required:"true"`
 19329  }
 19330  
 19331  // String returns the string representation.
 19332  //
 19333  // API parameter values that are decorated as "sensitive" in the API will not
 19334  // be included in the string output. The member name will be present, but the
 19335  // value will be replaced with "sensitive".
 19336  func (s CreateLoginProfileOutput) String() string {
 19337  	return awsutil.Prettify(s)
 19338  }
 19339  
 19340  // GoString returns the string representation.
 19341  //
 19342  // API parameter values that are decorated as "sensitive" in the API will not
 19343  // be included in the string output. The member name will be present, but the
 19344  // value will be replaced with "sensitive".
 19345  func (s CreateLoginProfileOutput) GoString() string {
 19346  	return s.String()
 19347  }
 19348  
 19349  // SetLoginProfile sets the LoginProfile field's value.
 19350  func (s *CreateLoginProfileOutput) SetLoginProfile(v *LoginProfile) *CreateLoginProfileOutput {
 19351  	s.LoginProfile = v
 19352  	return s
 19353  }
 19354  
 19355  type CreateOpenIDConnectProviderInput struct {
 19356  	_ struct{} `type:"structure"`
 19357  
 19358  	// Provides a list of client IDs, also known as audiences. When a mobile or
 19359  	// web app registers with an OpenID Connect provider, they establish a value
 19360  	// that identifies the application. This is the value that's sent as the client_id
 19361  	// parameter on OAuth requests.
 19362  	//
 19363  	// You can register multiple client IDs with the same provider. For example,
 19364  	// you might have multiple applications that use the same OIDC provider. You
 19365  	// cannot register more than 100 client IDs with a single IAM OIDC provider.
 19366  	//
 19367  	// There is no defined format for a client ID. The CreateOpenIDConnectProviderRequest
 19368  	// operation accepts client IDs up to 255 characters long.
 19369  	ClientIDList []*string `type:"list"`
 19370  
 19371  	// A list of tags that you want to attach to the new IAM OpenID Connect (OIDC)
 19372  	// provider. Each tag consists of a key name and an associated value. For more
 19373  	// information about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
 19374  	// in the IAM User Guide.
 19375  	//
 19376  	// If any one of the tags is invalid or if you exceed the allowed maximum number
 19377  	// of tags, then the entire request fails and the resource is not created.
 19378  	Tags []*Tag `type:"list"`
 19379  
 19380  	// A list of server certificate thumbprints for the OpenID Connect (OIDC) identity
 19381  	// provider's server certificates. Typically this list includes only one entry.
 19382  	// However, IAM lets you have up to five thumbprints for an OIDC provider. This
 19383  	// lets you maintain multiple thumbprints if the identity provider is rotating
 19384  	// certificates.
 19385  	//
 19386  	// The server certificate thumbprint is the hex-encoded SHA-1 hash value of
 19387  	// the X.509 certificate used by the domain where the OpenID Connect provider
 19388  	// makes its keys available. It is always a 40-character string.
 19389  	//
 19390  	// You must provide at least one thumbprint when creating an IAM OIDC provider.
 19391  	// For example, assume that the OIDC provider is server.example.com and the
 19392  	// provider stores its keys at https://keys.server.example.com/openid-connect.
 19393  	// In that case, the thumbprint string would be the hex-encoded SHA-1 hash value
 19394  	// of the certificate used by https://keys.server.example.com.
 19395  	//
 19396  	// For more information about obtaining the OIDC provider thumbprint, see Obtaining
 19397  	// the thumbprint for an OpenID Connect provider (https://docs.aws.amazon.com/IAM/latest/UserGuide/identity-providers-oidc-obtain-thumbprint.html)
 19398  	// in the IAM User Guide.
 19399  	//
 19400  	// ThumbprintList is a required field
 19401  	ThumbprintList []*string `type:"list" required:"true"`
 19402  
 19403  	// The URL of the identity provider. The URL must begin with https:// and should
 19404  	// correspond to the iss claim in the provider's OpenID Connect ID tokens. Per
 19405  	// the OIDC standard, path components are allowed but query parameters are not.
 19406  	// Typically the URL consists of only a hostname, like https://server.example.org
 19407  	// or https://example.com. The URL should not contain a port number.
 19408  	//
 19409  	// You cannot register the same provider multiple times in a single Amazon Web
 19410  	// Services account. If you try to submit a URL that has already been used for
 19411  	// an OpenID Connect provider in the Amazon Web Services account, you will get
 19412  	// an error.
 19413  	//
 19414  	// Url is a required field
 19415  	Url *string `min:"1" type:"string" required:"true"`
 19416  }
 19417  
 19418  // String returns the string representation.
 19419  //
 19420  // API parameter values that are decorated as "sensitive" in the API will not
 19421  // be included in the string output. The member name will be present, but the
 19422  // value will be replaced with "sensitive".
 19423  func (s CreateOpenIDConnectProviderInput) String() string {
 19424  	return awsutil.Prettify(s)
 19425  }
 19426  
 19427  // GoString returns the string representation.
 19428  //
 19429  // API parameter values that are decorated as "sensitive" in the API will not
 19430  // be included in the string output. The member name will be present, but the
 19431  // value will be replaced with "sensitive".
 19432  func (s CreateOpenIDConnectProviderInput) GoString() string {
 19433  	return s.String()
 19434  }
 19435  
 19436  // Validate inspects the fields of the type to determine if they are valid.
 19437  func (s *CreateOpenIDConnectProviderInput) Validate() error {
 19438  	invalidParams := request.ErrInvalidParams{Context: "CreateOpenIDConnectProviderInput"}
 19439  	if s.ThumbprintList == nil {
 19440  		invalidParams.Add(request.NewErrParamRequired("ThumbprintList"))
 19441  	}
 19442  	if s.Url == nil {
 19443  		invalidParams.Add(request.NewErrParamRequired("Url"))
 19444  	}
 19445  	if s.Url != nil && len(*s.Url) < 1 {
 19446  		invalidParams.Add(request.NewErrParamMinLen("Url", 1))
 19447  	}
 19448  	if s.Tags != nil {
 19449  		for i, v := range s.Tags {
 19450  			if v == nil {
 19451  				continue
 19452  			}
 19453  			if err := v.Validate(); err != nil {
 19454  				invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Tags", i), err.(request.ErrInvalidParams))
 19455  			}
 19456  		}
 19457  	}
 19458  
 19459  	if invalidParams.Len() > 0 {
 19460  		return invalidParams
 19461  	}
 19462  	return nil
 19463  }
 19464  
 19465  // SetClientIDList sets the ClientIDList field's value.
 19466  func (s *CreateOpenIDConnectProviderInput) SetClientIDList(v []*string) *CreateOpenIDConnectProviderInput {
 19467  	s.ClientIDList = v
 19468  	return s
 19469  }
 19470  
 19471  // SetTags sets the Tags field's value.
 19472  func (s *CreateOpenIDConnectProviderInput) SetTags(v []*Tag) *CreateOpenIDConnectProviderInput {
 19473  	s.Tags = v
 19474  	return s
 19475  }
 19476  
 19477  // SetThumbprintList sets the ThumbprintList field's value.
 19478  func (s *CreateOpenIDConnectProviderInput) SetThumbprintList(v []*string) *CreateOpenIDConnectProviderInput {
 19479  	s.ThumbprintList = v
 19480  	return s
 19481  }
 19482  
 19483  // SetUrl sets the Url field's value.
 19484  func (s *CreateOpenIDConnectProviderInput) SetUrl(v string) *CreateOpenIDConnectProviderInput {
 19485  	s.Url = &v
 19486  	return s
 19487  }
 19488  
 19489  // Contains the response to a successful CreateOpenIDConnectProvider request.
 19490  type CreateOpenIDConnectProviderOutput struct {
 19491  	_ struct{} `type:"structure"`
 19492  
 19493  	// The Amazon Resource Name (ARN) of the new IAM OpenID Connect provider that
 19494  	// is created. For more information, see OpenIDConnectProviderListEntry.
 19495  	OpenIDConnectProviderArn *string `min:"20" type:"string"`
 19496  
 19497  	// A list of tags that are attached to the new IAM OIDC provider. The returned
 19498  	// list of tags is sorted by tag key. For more information about tagging, see
 19499  	// Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
 19500  	// in the IAM User Guide.
 19501  	Tags []*Tag `type:"list"`
 19502  }
 19503  
 19504  // String returns the string representation.
 19505  //
 19506  // API parameter values that are decorated as "sensitive" in the API will not
 19507  // be included in the string output. The member name will be present, but the
 19508  // value will be replaced with "sensitive".
 19509  func (s CreateOpenIDConnectProviderOutput) String() string {
 19510  	return awsutil.Prettify(s)
 19511  }
 19512  
 19513  // GoString returns the string representation.
 19514  //
 19515  // API parameter values that are decorated as "sensitive" in the API will not
 19516  // be included in the string output. The member name will be present, but the
 19517  // value will be replaced with "sensitive".
 19518  func (s CreateOpenIDConnectProviderOutput) GoString() string {
 19519  	return s.String()
 19520  }
 19521  
 19522  // SetOpenIDConnectProviderArn sets the OpenIDConnectProviderArn field's value.
 19523  func (s *CreateOpenIDConnectProviderOutput) SetOpenIDConnectProviderArn(v string) *CreateOpenIDConnectProviderOutput {
 19524  	s.OpenIDConnectProviderArn = &v
 19525  	return s
 19526  }
 19527  
 19528  // SetTags sets the Tags field's value.
 19529  func (s *CreateOpenIDConnectProviderOutput) SetTags(v []*Tag) *CreateOpenIDConnectProviderOutput {
 19530  	s.Tags = v
 19531  	return s
 19532  }
 19533  
 19534  type CreatePolicyInput struct {
 19535  	_ struct{} `type:"structure"`
 19536  
 19537  	// A friendly description of the policy.
 19538  	//
 19539  	// Typically used to store information about the permissions defined in the
 19540  	// policy. For example, "Grants access to production DynamoDB tables."
 19541  	//
 19542  	// The policy description is immutable. After a value is assigned, it cannot
 19543  	// be changed.
 19544  	Description *string `type:"string"`
 19545  
 19546  	// The path for the policy.
 19547  	//
 19548  	// For more information about paths, see IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
 19549  	// in the IAM User Guide.
 19550  	//
 19551  	// This parameter is optional. If it is not included, it defaults to a slash
 19552  	// (/).
 19553  	//
 19554  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 19555  	// a string of characters consisting of either a forward slash (/) by itself
 19556  	// or a string that must begin and end with forward slashes. In addition, it
 19557  	// can contain any ASCII character from the ! (\u0021) through the DEL character
 19558  	// (\u007F), including most punctuation characters, digits, and upper and lowercased
 19559  	// letters.
 19560  	//
 19561  	// You cannot use an asterisk (*) in the path name.
 19562  	Path *string `min:"1" type:"string"`
 19563  
 19564  	// The JSON policy document that you want to use as the content for the new
 19565  	// policy.
 19566  	//
 19567  	// You must provide policies in JSON format in IAM. However, for CloudFormation
 19568  	// templates formatted in YAML, you can provide the policy in JSON or YAML format.
 19569  	// CloudFormation always converts a YAML policy to JSON format before submitting
 19570  	// it to IAM.
 19571  	//
 19572  	// The maximum length of the policy document that you can pass in this operation,
 19573  	// including whitespace, is listed below. To view the maximum character counts
 19574  	// of a managed policy with no whitespaces, see IAM and STS character quotas
 19575  	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html#reference_iam-quotas-entity-length).
 19576  	//
 19577  	// To learn more about JSON policy grammar, see Grammar of the IAM JSON policy
 19578  	// language (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_grammar.html)
 19579  	// in the IAM User Guide.
 19580  	//
 19581  	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
 19582  	// parameter is a string of characters consisting of the following:
 19583  	//
 19584  	//    * Any printable ASCII character ranging from the space character (\u0020)
 19585  	//    through the end of the ASCII character range
 19586  	//
 19587  	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
 19588  	//    set (through \u00FF)
 19589  	//
 19590  	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
 19591  	//    return (\u000D)
 19592  	//
 19593  	// PolicyDocument is a required field
 19594  	PolicyDocument *string `min:"1" type:"string" required:"true"`
 19595  
 19596  	// The friendly name of the policy.
 19597  	//
 19598  	// IAM user, group, role, and policy names must be unique within the account.
 19599  	// Names are not distinguished by case. For example, you cannot create resources
 19600  	// named both "MyResource" and "myresource".
 19601  	//
 19602  	// PolicyName is a required field
 19603  	PolicyName *string `min:"1" type:"string" required:"true"`
 19604  
 19605  	// A list of tags that you want to attach to the new IAM customer managed policy.
 19606  	// Each tag consists of a key name and an associated value. For more information
 19607  	// about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
 19608  	// in the IAM User Guide.
 19609  	//
 19610  	// If any one of the tags is invalid or if you exceed the allowed maximum number
 19611  	// of tags, then the entire request fails and the resource is not created.
 19612  	Tags []*Tag `type:"list"`
 19613  }
 19614  
 19615  // String returns the string representation.
 19616  //
 19617  // API parameter values that are decorated as "sensitive" in the API will not
 19618  // be included in the string output. The member name will be present, but the
 19619  // value will be replaced with "sensitive".
 19620  func (s CreatePolicyInput) String() string {
 19621  	return awsutil.Prettify(s)
 19622  }
 19623  
 19624  // GoString returns the string representation.
 19625  //
 19626  // API parameter values that are decorated as "sensitive" in the API will not
 19627  // be included in the string output. The member name will be present, but the
 19628  // value will be replaced with "sensitive".
 19629  func (s CreatePolicyInput) GoString() string {
 19630  	return s.String()
 19631  }
 19632  
 19633  // Validate inspects the fields of the type to determine if they are valid.
 19634  func (s *CreatePolicyInput) Validate() error {
 19635  	invalidParams := request.ErrInvalidParams{Context: "CreatePolicyInput"}
 19636  	if s.Path != nil && len(*s.Path) < 1 {
 19637  		invalidParams.Add(request.NewErrParamMinLen("Path", 1))
 19638  	}
 19639  	if s.PolicyDocument == nil {
 19640  		invalidParams.Add(request.NewErrParamRequired("PolicyDocument"))
 19641  	}
 19642  	if s.PolicyDocument != nil && len(*s.PolicyDocument) < 1 {
 19643  		invalidParams.Add(request.NewErrParamMinLen("PolicyDocument", 1))
 19644  	}
 19645  	if s.PolicyName == nil {
 19646  		invalidParams.Add(request.NewErrParamRequired("PolicyName"))
 19647  	}
 19648  	if s.PolicyName != nil && len(*s.PolicyName) < 1 {
 19649  		invalidParams.Add(request.NewErrParamMinLen("PolicyName", 1))
 19650  	}
 19651  	if s.Tags != nil {
 19652  		for i, v := range s.Tags {
 19653  			if v == nil {
 19654  				continue
 19655  			}
 19656  			if err := v.Validate(); err != nil {
 19657  				invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Tags", i), err.(request.ErrInvalidParams))
 19658  			}
 19659  		}
 19660  	}
 19661  
 19662  	if invalidParams.Len() > 0 {
 19663  		return invalidParams
 19664  	}
 19665  	return nil
 19666  }
 19667  
 19668  // SetDescription sets the Description field's value.
 19669  func (s *CreatePolicyInput) SetDescription(v string) *CreatePolicyInput {
 19670  	s.Description = &v
 19671  	return s
 19672  }
 19673  
 19674  // SetPath sets the Path field's value.
 19675  func (s *CreatePolicyInput) SetPath(v string) *CreatePolicyInput {
 19676  	s.Path = &v
 19677  	return s
 19678  }
 19679  
 19680  // SetPolicyDocument sets the PolicyDocument field's value.
 19681  func (s *CreatePolicyInput) SetPolicyDocument(v string) *CreatePolicyInput {
 19682  	s.PolicyDocument = &v
 19683  	return s
 19684  }
 19685  
 19686  // SetPolicyName sets the PolicyName field's value.
 19687  func (s *CreatePolicyInput) SetPolicyName(v string) *CreatePolicyInput {
 19688  	s.PolicyName = &v
 19689  	return s
 19690  }
 19691  
 19692  // SetTags sets the Tags field's value.
 19693  func (s *CreatePolicyInput) SetTags(v []*Tag) *CreatePolicyInput {
 19694  	s.Tags = v
 19695  	return s
 19696  }
 19697  
 19698  // Contains the response to a successful CreatePolicy request.
 19699  type CreatePolicyOutput struct {
 19700  	_ struct{} `type:"structure"`
 19701  
 19702  	// A structure containing details about the new policy.
 19703  	Policy *Policy `type:"structure"`
 19704  }
 19705  
 19706  // String returns the string representation.
 19707  //
 19708  // API parameter values that are decorated as "sensitive" in the API will not
 19709  // be included in the string output. The member name will be present, but the
 19710  // value will be replaced with "sensitive".
 19711  func (s CreatePolicyOutput) String() string {
 19712  	return awsutil.Prettify(s)
 19713  }
 19714  
 19715  // GoString returns the string representation.
 19716  //
 19717  // API parameter values that are decorated as "sensitive" in the API will not
 19718  // be included in the string output. The member name will be present, but the
 19719  // value will be replaced with "sensitive".
 19720  func (s CreatePolicyOutput) GoString() string {
 19721  	return s.String()
 19722  }
 19723  
 19724  // SetPolicy sets the Policy field's value.
 19725  func (s *CreatePolicyOutput) SetPolicy(v *Policy) *CreatePolicyOutput {
 19726  	s.Policy = v
 19727  	return s
 19728  }
 19729  
 19730  type CreatePolicyVersionInput struct {
 19731  	_ struct{} `type:"structure"`
 19732  
 19733  	// The Amazon Resource Name (ARN) of the IAM policy to which you want to add
 19734  	// a new version.
 19735  	//
 19736  	// For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
 19737  	// in the Amazon Web Services General Reference.
 19738  	//
 19739  	// PolicyArn is a required field
 19740  	PolicyArn *string `min:"20" type:"string" required:"true"`
 19741  
 19742  	// The JSON policy document that you want to use as the content for this new
 19743  	// version of the policy.
 19744  	//
 19745  	// You must provide policies in JSON format in IAM. However, for CloudFormation
 19746  	// templates formatted in YAML, you can provide the policy in JSON or YAML format.
 19747  	// CloudFormation always converts a YAML policy to JSON format before submitting
 19748  	// it to IAM.
 19749  	//
 19750  	// The maximum length of the policy document that you can pass in this operation,
 19751  	// including whitespace, is listed below. To view the maximum character counts
 19752  	// of a managed policy with no whitespaces, see IAM and STS character quotas
 19753  	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html#reference_iam-quotas-entity-length).
 19754  	//
 19755  	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
 19756  	// parameter is a string of characters consisting of the following:
 19757  	//
 19758  	//    * Any printable ASCII character ranging from the space character (\u0020)
 19759  	//    through the end of the ASCII character range
 19760  	//
 19761  	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
 19762  	//    set (through \u00FF)
 19763  	//
 19764  	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
 19765  	//    return (\u000D)
 19766  	//
 19767  	// PolicyDocument is a required field
 19768  	PolicyDocument *string `min:"1" type:"string" required:"true"`
 19769  
 19770  	// Specifies whether to set this version as the policy's default version.
 19771  	//
 19772  	// When this parameter is true, the new policy version becomes the operative
 19773  	// version. That is, it becomes the version that is in effect for the IAM users,
 19774  	// groups, and roles that the policy is attached to.
 19775  	//
 19776  	// For more information about managed policy versions, see Versioning for managed
 19777  	// policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-versions.html)
 19778  	// in the IAM User Guide.
 19779  	SetAsDefault *bool `type:"boolean"`
 19780  }
 19781  
 19782  // String returns the string representation.
 19783  //
 19784  // API parameter values that are decorated as "sensitive" in the API will not
 19785  // be included in the string output. The member name will be present, but the
 19786  // value will be replaced with "sensitive".
 19787  func (s CreatePolicyVersionInput) String() string {
 19788  	return awsutil.Prettify(s)
 19789  }
 19790  
 19791  // GoString returns the string representation.
 19792  //
 19793  // API parameter values that are decorated as "sensitive" in the API will not
 19794  // be included in the string output. The member name will be present, but the
 19795  // value will be replaced with "sensitive".
 19796  func (s CreatePolicyVersionInput) GoString() string {
 19797  	return s.String()
 19798  }
 19799  
 19800  // Validate inspects the fields of the type to determine if they are valid.
 19801  func (s *CreatePolicyVersionInput) Validate() error {
 19802  	invalidParams := request.ErrInvalidParams{Context: "CreatePolicyVersionInput"}
 19803  	if s.PolicyArn == nil {
 19804  		invalidParams.Add(request.NewErrParamRequired("PolicyArn"))
 19805  	}
 19806  	if s.PolicyArn != nil && len(*s.PolicyArn) < 20 {
 19807  		invalidParams.Add(request.NewErrParamMinLen("PolicyArn", 20))
 19808  	}
 19809  	if s.PolicyDocument == nil {
 19810  		invalidParams.Add(request.NewErrParamRequired("PolicyDocument"))
 19811  	}
 19812  	if s.PolicyDocument != nil && len(*s.PolicyDocument) < 1 {
 19813  		invalidParams.Add(request.NewErrParamMinLen("PolicyDocument", 1))
 19814  	}
 19815  
 19816  	if invalidParams.Len() > 0 {
 19817  		return invalidParams
 19818  	}
 19819  	return nil
 19820  }
 19821  
 19822  // SetPolicyArn sets the PolicyArn field's value.
 19823  func (s *CreatePolicyVersionInput) SetPolicyArn(v string) *CreatePolicyVersionInput {
 19824  	s.PolicyArn = &v
 19825  	return s
 19826  }
 19827  
 19828  // SetPolicyDocument sets the PolicyDocument field's value.
 19829  func (s *CreatePolicyVersionInput) SetPolicyDocument(v string) *CreatePolicyVersionInput {
 19830  	s.PolicyDocument = &v
 19831  	return s
 19832  }
 19833  
 19834  // SetSetAsDefault sets the SetAsDefault field's value.
 19835  func (s *CreatePolicyVersionInput) SetSetAsDefault(v bool) *CreatePolicyVersionInput {
 19836  	s.SetAsDefault = &v
 19837  	return s
 19838  }
 19839  
 19840  // Contains the response to a successful CreatePolicyVersion request.
 19841  type CreatePolicyVersionOutput struct {
 19842  	_ struct{} `type:"structure"`
 19843  
 19844  	// A structure containing details about the new policy version.
 19845  	PolicyVersion *PolicyVersion `type:"structure"`
 19846  }
 19847  
 19848  // String returns the string representation.
 19849  //
 19850  // API parameter values that are decorated as "sensitive" in the API will not
 19851  // be included in the string output. The member name will be present, but the
 19852  // value will be replaced with "sensitive".
 19853  func (s CreatePolicyVersionOutput) String() string {
 19854  	return awsutil.Prettify(s)
 19855  }
 19856  
 19857  // GoString returns the string representation.
 19858  //
 19859  // API parameter values that are decorated as "sensitive" in the API will not
 19860  // be included in the string output. The member name will be present, but the
 19861  // value will be replaced with "sensitive".
 19862  func (s CreatePolicyVersionOutput) GoString() string {
 19863  	return s.String()
 19864  }
 19865  
 19866  // SetPolicyVersion sets the PolicyVersion field's value.
 19867  func (s *CreatePolicyVersionOutput) SetPolicyVersion(v *PolicyVersion) *CreatePolicyVersionOutput {
 19868  	s.PolicyVersion = v
 19869  	return s
 19870  }
 19871  
 19872  type CreateRoleInput struct {
 19873  	_ struct{} `type:"structure"`
 19874  
 19875  	// The trust relationship policy document that grants an entity permission to
 19876  	// assume the role.
 19877  	//
 19878  	// In IAM, you must provide a JSON policy that has been converted to a string.
 19879  	// However, for CloudFormation templates formatted in YAML, you can provide
 19880  	// the policy in JSON or YAML format. CloudFormation always converts a YAML
 19881  	// policy to JSON format before submitting it to IAM.
 19882  	//
 19883  	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
 19884  	// parameter is a string of characters consisting of the following:
 19885  	//
 19886  	//    * Any printable ASCII character ranging from the space character (\u0020)
 19887  	//    through the end of the ASCII character range
 19888  	//
 19889  	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
 19890  	//    set (through \u00FF)
 19891  	//
 19892  	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
 19893  	//    return (\u000D)
 19894  	//
 19895  	// Upon success, the response includes the same trust policy in JSON format.
 19896  	//
 19897  	// AssumeRolePolicyDocument is a required field
 19898  	AssumeRolePolicyDocument *string `min:"1" type:"string" required:"true"`
 19899  
 19900  	// A description of the role.
 19901  	Description *string `type:"string"`
 19902  
 19903  	// The maximum session duration (in seconds) that you want to set for the specified
 19904  	// role. If you do not specify a value for this setting, the default maximum
 19905  	// of one hour is applied. This setting can have a value from 1 hour to 12 hours.
 19906  	//
 19907  	// Anyone who assumes the role from the or API can use the DurationSeconds API
 19908  	// parameter or the duration-seconds CLI parameter to request a longer session.
 19909  	// The MaxSessionDuration setting determines the maximum duration that can be
 19910  	// requested using the DurationSeconds parameter. If users don't specify a value
 19911  	// for the DurationSeconds parameter, their security credentials are valid for
 19912  	// one hour by default. This applies when you use the AssumeRole* API operations
 19913  	// or the assume-role* CLI operations but does not apply when you use those
 19914  	// operations to create a console URL. For more information, see Using IAM roles
 19915  	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use.html) in the
 19916  	// IAM User Guide.
 19917  	MaxSessionDuration *int64 `min:"3600" type:"integer"`
 19918  
 19919  	// The path to the role. For more information about paths, see IAM Identifiers
 19920  	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
 19921  	// in the IAM User Guide.
 19922  	//
 19923  	// This parameter is optional. If it is not included, it defaults to a slash
 19924  	// (/).
 19925  	//
 19926  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 19927  	// a string of characters consisting of either a forward slash (/) by itself
 19928  	// or a string that must begin and end with forward slashes. In addition, it
 19929  	// can contain any ASCII character from the ! (\u0021) through the DEL character
 19930  	// (\u007F), including most punctuation characters, digits, and upper and lowercased
 19931  	// letters.
 19932  	Path *string `min:"1" type:"string"`
 19933  
 19934  	// The ARN of the policy that is used to set the permissions boundary for the
 19935  	// role.
 19936  	PermissionsBoundary *string `min:"20" type:"string"`
 19937  
 19938  	// The name of the role to create.
 19939  	//
 19940  	// IAM user, group, role, and policy names must be unique within the account.
 19941  	// Names are not distinguished by case. For example, you cannot create resources
 19942  	// named both "MyResource" and "myresource".
 19943  	//
 19944  	// RoleName is a required field
 19945  	RoleName *string `min:"1" type:"string" required:"true"`
 19946  
 19947  	// A list of tags that you want to attach to the new role. Each tag consists
 19948  	// of a key name and an associated value. For more information about tagging,
 19949  	// see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
 19950  	// in the IAM User Guide.
 19951  	//
 19952  	// If any one of the tags is invalid or if you exceed the allowed maximum number
 19953  	// of tags, then the entire request fails and the resource is not created.
 19954  	Tags []*Tag `type:"list"`
 19955  }
 19956  
 19957  // String returns the string representation.
 19958  //
 19959  // API parameter values that are decorated as "sensitive" in the API will not
 19960  // be included in the string output. The member name will be present, but the
 19961  // value will be replaced with "sensitive".
 19962  func (s CreateRoleInput) String() string {
 19963  	return awsutil.Prettify(s)
 19964  }
 19965  
 19966  // GoString returns the string representation.
 19967  //
 19968  // API parameter values that are decorated as "sensitive" in the API will not
 19969  // be included in the string output. The member name will be present, but the
 19970  // value will be replaced with "sensitive".
 19971  func (s CreateRoleInput) GoString() string {
 19972  	return s.String()
 19973  }
 19974  
 19975  // Validate inspects the fields of the type to determine if they are valid.
 19976  func (s *CreateRoleInput) Validate() error {
 19977  	invalidParams := request.ErrInvalidParams{Context: "CreateRoleInput"}
 19978  	if s.AssumeRolePolicyDocument == nil {
 19979  		invalidParams.Add(request.NewErrParamRequired("AssumeRolePolicyDocument"))
 19980  	}
 19981  	if s.AssumeRolePolicyDocument != nil && len(*s.AssumeRolePolicyDocument) < 1 {
 19982  		invalidParams.Add(request.NewErrParamMinLen("AssumeRolePolicyDocument", 1))
 19983  	}
 19984  	if s.MaxSessionDuration != nil && *s.MaxSessionDuration < 3600 {
 19985  		invalidParams.Add(request.NewErrParamMinValue("MaxSessionDuration", 3600))
 19986  	}
 19987  	if s.Path != nil && len(*s.Path) < 1 {
 19988  		invalidParams.Add(request.NewErrParamMinLen("Path", 1))
 19989  	}
 19990  	if s.PermissionsBoundary != nil && len(*s.PermissionsBoundary) < 20 {
 19991  		invalidParams.Add(request.NewErrParamMinLen("PermissionsBoundary", 20))
 19992  	}
 19993  	if s.RoleName == nil {
 19994  		invalidParams.Add(request.NewErrParamRequired("RoleName"))
 19995  	}
 19996  	if s.RoleName != nil && len(*s.RoleName) < 1 {
 19997  		invalidParams.Add(request.NewErrParamMinLen("RoleName", 1))
 19998  	}
 19999  	if s.Tags != nil {
 20000  		for i, v := range s.Tags {
 20001  			if v == nil {
 20002  				continue
 20003  			}
 20004  			if err := v.Validate(); err != nil {
 20005  				invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Tags", i), err.(request.ErrInvalidParams))
 20006  			}
 20007  		}
 20008  	}
 20009  
 20010  	if invalidParams.Len() > 0 {
 20011  		return invalidParams
 20012  	}
 20013  	return nil
 20014  }
 20015  
 20016  // SetAssumeRolePolicyDocument sets the AssumeRolePolicyDocument field's value.
 20017  func (s *CreateRoleInput) SetAssumeRolePolicyDocument(v string) *CreateRoleInput {
 20018  	s.AssumeRolePolicyDocument = &v
 20019  	return s
 20020  }
 20021  
 20022  // SetDescription sets the Description field's value.
 20023  func (s *CreateRoleInput) SetDescription(v string) *CreateRoleInput {
 20024  	s.Description = &v
 20025  	return s
 20026  }
 20027  
 20028  // SetMaxSessionDuration sets the MaxSessionDuration field's value.
 20029  func (s *CreateRoleInput) SetMaxSessionDuration(v int64) *CreateRoleInput {
 20030  	s.MaxSessionDuration = &v
 20031  	return s
 20032  }
 20033  
 20034  // SetPath sets the Path field's value.
 20035  func (s *CreateRoleInput) SetPath(v string) *CreateRoleInput {
 20036  	s.Path = &v
 20037  	return s
 20038  }
 20039  
 20040  // SetPermissionsBoundary sets the PermissionsBoundary field's value.
 20041  func (s *CreateRoleInput) SetPermissionsBoundary(v string) *CreateRoleInput {
 20042  	s.PermissionsBoundary = &v
 20043  	return s
 20044  }
 20045  
 20046  // SetRoleName sets the RoleName field's value.
 20047  func (s *CreateRoleInput) SetRoleName(v string) *CreateRoleInput {
 20048  	s.RoleName = &v
 20049  	return s
 20050  }
 20051  
 20052  // SetTags sets the Tags field's value.
 20053  func (s *CreateRoleInput) SetTags(v []*Tag) *CreateRoleInput {
 20054  	s.Tags = v
 20055  	return s
 20056  }
 20057  
 20058  // Contains the response to a successful CreateRole request.
 20059  type CreateRoleOutput struct {
 20060  	_ struct{} `type:"structure"`
 20061  
 20062  	// A structure containing details about the new role.
 20063  	//
 20064  	// Role is a required field
 20065  	Role *Role `type:"structure" required:"true"`
 20066  }
 20067  
 20068  // String returns the string representation.
 20069  //
 20070  // API parameter values that are decorated as "sensitive" in the API will not
 20071  // be included in the string output. The member name will be present, but the
 20072  // value will be replaced with "sensitive".
 20073  func (s CreateRoleOutput) String() string {
 20074  	return awsutil.Prettify(s)
 20075  }
 20076  
 20077  // GoString returns the string representation.
 20078  //
 20079  // API parameter values that are decorated as "sensitive" in the API will not
 20080  // be included in the string output. The member name will be present, but the
 20081  // value will be replaced with "sensitive".
 20082  func (s CreateRoleOutput) GoString() string {
 20083  	return s.String()
 20084  }
 20085  
 20086  // SetRole sets the Role field's value.
 20087  func (s *CreateRoleOutput) SetRole(v *Role) *CreateRoleOutput {
 20088  	s.Role = v
 20089  	return s
 20090  }
 20091  
 20092  type CreateSAMLProviderInput struct {
 20093  	_ struct{} `type:"structure"`
 20094  
 20095  	// The name of the provider to create.
 20096  	//
 20097  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 20098  	// a string of characters consisting of upper and lowercase alphanumeric characters
 20099  	// with no spaces. You can also include any of the following characters: _+=,.@-
 20100  	//
 20101  	// Name is a required field
 20102  	Name *string `min:"1" type:"string" required:"true"`
 20103  
 20104  	// An XML document generated by an identity provider (IdP) that supports SAML
 20105  	// 2.0. The document includes the issuer's name, expiration information, and
 20106  	// keys that can be used to validate the SAML authentication response (assertions)
 20107  	// that are received from the IdP. You must generate the metadata document using
 20108  	// the identity management software that is used as your organization's IdP.
 20109  	//
 20110  	// For more information, see About SAML 2.0-based federation (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_saml.html)
 20111  	// in the IAM User Guide
 20112  	//
 20113  	// SAMLMetadataDocument is a required field
 20114  	SAMLMetadataDocument *string `min:"1000" type:"string" required:"true"`
 20115  
 20116  	// A list of tags that you want to attach to the new IAM SAML provider. Each
 20117  	// tag consists of a key name and an associated value. For more information
 20118  	// about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
 20119  	// in the IAM User Guide.
 20120  	//
 20121  	// If any one of the tags is invalid or if you exceed the allowed maximum number
 20122  	// of tags, then the entire request fails and the resource is not created.
 20123  	Tags []*Tag `type:"list"`
 20124  }
 20125  
 20126  // String returns the string representation.
 20127  //
 20128  // API parameter values that are decorated as "sensitive" in the API will not
 20129  // be included in the string output. The member name will be present, but the
 20130  // value will be replaced with "sensitive".
 20131  func (s CreateSAMLProviderInput) String() string {
 20132  	return awsutil.Prettify(s)
 20133  }
 20134  
 20135  // GoString returns the string representation.
 20136  //
 20137  // API parameter values that are decorated as "sensitive" in the API will not
 20138  // be included in the string output. The member name will be present, but the
 20139  // value will be replaced with "sensitive".
 20140  func (s CreateSAMLProviderInput) GoString() string {
 20141  	return s.String()
 20142  }
 20143  
 20144  // Validate inspects the fields of the type to determine if they are valid.
 20145  func (s *CreateSAMLProviderInput) Validate() error {
 20146  	invalidParams := request.ErrInvalidParams{Context: "CreateSAMLProviderInput"}
 20147  	if s.Name == nil {
 20148  		invalidParams.Add(request.NewErrParamRequired("Name"))
 20149  	}
 20150  	if s.Name != nil && len(*s.Name) < 1 {
 20151  		invalidParams.Add(request.NewErrParamMinLen("Name", 1))
 20152  	}
 20153  	if s.SAMLMetadataDocument == nil {
 20154  		invalidParams.Add(request.NewErrParamRequired("SAMLMetadataDocument"))
 20155  	}
 20156  	if s.SAMLMetadataDocument != nil && len(*s.SAMLMetadataDocument) < 1000 {
 20157  		invalidParams.Add(request.NewErrParamMinLen("SAMLMetadataDocument", 1000))
 20158  	}
 20159  	if s.Tags != nil {
 20160  		for i, v := range s.Tags {
 20161  			if v == nil {
 20162  				continue
 20163  			}
 20164  			if err := v.Validate(); err != nil {
 20165  				invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Tags", i), err.(request.ErrInvalidParams))
 20166  			}
 20167  		}
 20168  	}
 20169  
 20170  	if invalidParams.Len() > 0 {
 20171  		return invalidParams
 20172  	}
 20173  	return nil
 20174  }
 20175  
 20176  // SetName sets the Name field's value.
 20177  func (s *CreateSAMLProviderInput) SetName(v string) *CreateSAMLProviderInput {
 20178  	s.Name = &v
 20179  	return s
 20180  }
 20181  
 20182  // SetSAMLMetadataDocument sets the SAMLMetadataDocument field's value.
 20183  func (s *CreateSAMLProviderInput) SetSAMLMetadataDocument(v string) *CreateSAMLProviderInput {
 20184  	s.SAMLMetadataDocument = &v
 20185  	return s
 20186  }
 20187  
 20188  // SetTags sets the Tags field's value.
 20189  func (s *CreateSAMLProviderInput) SetTags(v []*Tag) *CreateSAMLProviderInput {
 20190  	s.Tags = v
 20191  	return s
 20192  }
 20193  
 20194  // Contains the response to a successful CreateSAMLProvider request.
 20195  type CreateSAMLProviderOutput struct {
 20196  	_ struct{} `type:"structure"`
 20197  
 20198  	// The Amazon Resource Name (ARN) of the new SAML provider resource in IAM.
 20199  	SAMLProviderArn *string `min:"20" type:"string"`
 20200  
 20201  	// A list of tags that are attached to the new IAM SAML provider. The returned
 20202  	// list of tags is sorted by tag key. For more information about tagging, see
 20203  	// Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
 20204  	// in the IAM User Guide.
 20205  	Tags []*Tag `type:"list"`
 20206  }
 20207  
 20208  // String returns the string representation.
 20209  //
 20210  // API parameter values that are decorated as "sensitive" in the API will not
 20211  // be included in the string output. The member name will be present, but the
 20212  // value will be replaced with "sensitive".
 20213  func (s CreateSAMLProviderOutput) String() string {
 20214  	return awsutil.Prettify(s)
 20215  }
 20216  
 20217  // GoString returns the string representation.
 20218  //
 20219  // API parameter values that are decorated as "sensitive" in the API will not
 20220  // be included in the string output. The member name will be present, but the
 20221  // value will be replaced with "sensitive".
 20222  func (s CreateSAMLProviderOutput) GoString() string {
 20223  	return s.String()
 20224  }
 20225  
 20226  // SetSAMLProviderArn sets the SAMLProviderArn field's value.
 20227  func (s *CreateSAMLProviderOutput) SetSAMLProviderArn(v string) *CreateSAMLProviderOutput {
 20228  	s.SAMLProviderArn = &v
 20229  	return s
 20230  }
 20231  
 20232  // SetTags sets the Tags field's value.
 20233  func (s *CreateSAMLProviderOutput) SetTags(v []*Tag) *CreateSAMLProviderOutput {
 20234  	s.Tags = v
 20235  	return s
 20236  }
 20237  
 20238  type CreateServiceLinkedRoleInput struct {
 20239  	_ struct{} `type:"structure"`
 20240  
 20241  	// The service principal for the Amazon Web Services service to which this role
 20242  	// is attached. You use a string similar to a URL but without the http:// in
 20243  	// front. For example: elasticbeanstalk.amazonaws.com.
 20244  	//
 20245  	// Service principals are unique and case-sensitive. To find the exact service
 20246  	// principal for your service-linked role, see Amazon Web Services services
 20247  	// that work with IAM (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-services-that-work-with-iam.html)
 20248  	// in the IAM User Guide. Look for the services that have Yes in the Service-Linked
 20249  	// Role column. Choose the Yes link to view the service-linked role documentation
 20250  	// for that service.
 20251  	//
 20252  	// AWSServiceName is a required field
 20253  	AWSServiceName *string `min:"1" type:"string" required:"true"`
 20254  
 20255  	// A string that you provide, which is combined with the service-provided prefix
 20256  	// to form the complete role name. If you make multiple requests for the same
 20257  	// service, then you must supply a different CustomSuffix for each request.
 20258  	// Otherwise the request fails with a duplicate role name error. For example,
 20259  	// you could add -1 or -debug to the suffix.
 20260  	//
 20261  	// Some services do not support the CustomSuffix parameter. If you provide an
 20262  	// optional suffix and the operation fails, try the operation again without
 20263  	// the suffix.
 20264  	CustomSuffix *string `min:"1" type:"string"`
 20265  
 20266  	// The description of the role.
 20267  	Description *string `type:"string"`
 20268  }
 20269  
 20270  // String returns the string representation.
 20271  //
 20272  // API parameter values that are decorated as "sensitive" in the API will not
 20273  // be included in the string output. The member name will be present, but the
 20274  // value will be replaced with "sensitive".
 20275  func (s CreateServiceLinkedRoleInput) String() string {
 20276  	return awsutil.Prettify(s)
 20277  }
 20278  
 20279  // GoString returns the string representation.
 20280  //
 20281  // API parameter values that are decorated as "sensitive" in the API will not
 20282  // be included in the string output. The member name will be present, but the
 20283  // value will be replaced with "sensitive".
 20284  func (s CreateServiceLinkedRoleInput) GoString() string {
 20285  	return s.String()
 20286  }
 20287  
 20288  // Validate inspects the fields of the type to determine if they are valid.
 20289  func (s *CreateServiceLinkedRoleInput) Validate() error {
 20290  	invalidParams := request.ErrInvalidParams{Context: "CreateServiceLinkedRoleInput"}
 20291  	if s.AWSServiceName == nil {
 20292  		invalidParams.Add(request.NewErrParamRequired("AWSServiceName"))
 20293  	}
 20294  	if s.AWSServiceName != nil && len(*s.AWSServiceName) < 1 {
 20295  		invalidParams.Add(request.NewErrParamMinLen("AWSServiceName", 1))
 20296  	}
 20297  	if s.CustomSuffix != nil && len(*s.CustomSuffix) < 1 {
 20298  		invalidParams.Add(request.NewErrParamMinLen("CustomSuffix", 1))
 20299  	}
 20300  
 20301  	if invalidParams.Len() > 0 {
 20302  		return invalidParams
 20303  	}
 20304  	return nil
 20305  }
 20306  
 20307  // SetAWSServiceName sets the AWSServiceName field's value.
 20308  func (s *CreateServiceLinkedRoleInput) SetAWSServiceName(v string) *CreateServiceLinkedRoleInput {
 20309  	s.AWSServiceName = &v
 20310  	return s
 20311  }
 20312  
 20313  // SetCustomSuffix sets the CustomSuffix field's value.
 20314  func (s *CreateServiceLinkedRoleInput) SetCustomSuffix(v string) *CreateServiceLinkedRoleInput {
 20315  	s.CustomSuffix = &v
 20316  	return s
 20317  }
 20318  
 20319  // SetDescription sets the Description field's value.
 20320  func (s *CreateServiceLinkedRoleInput) SetDescription(v string) *CreateServiceLinkedRoleInput {
 20321  	s.Description = &v
 20322  	return s
 20323  }
 20324  
 20325  type CreateServiceLinkedRoleOutput struct {
 20326  	_ struct{} `type:"structure"`
 20327  
 20328  	// A Role object that contains details about the newly created role.
 20329  	Role *Role `type:"structure"`
 20330  }
 20331  
 20332  // String returns the string representation.
 20333  //
 20334  // API parameter values that are decorated as "sensitive" in the API will not
 20335  // be included in the string output. The member name will be present, but the
 20336  // value will be replaced with "sensitive".
 20337  func (s CreateServiceLinkedRoleOutput) String() string {
 20338  	return awsutil.Prettify(s)
 20339  }
 20340  
 20341  // GoString returns the string representation.
 20342  //
 20343  // API parameter values that are decorated as "sensitive" in the API will not
 20344  // be included in the string output. The member name will be present, but the
 20345  // value will be replaced with "sensitive".
 20346  func (s CreateServiceLinkedRoleOutput) GoString() string {
 20347  	return s.String()
 20348  }
 20349  
 20350  // SetRole sets the Role field's value.
 20351  func (s *CreateServiceLinkedRoleOutput) SetRole(v *Role) *CreateServiceLinkedRoleOutput {
 20352  	s.Role = v
 20353  	return s
 20354  }
 20355  
 20356  type CreateServiceSpecificCredentialInput struct {
 20357  	_ struct{} `type:"structure"`
 20358  
 20359  	// The name of the Amazon Web Services service that is to be associated with
 20360  	// the credentials. The service you specify here is the only service that can
 20361  	// be accessed using these credentials.
 20362  	//
 20363  	// ServiceName is a required field
 20364  	ServiceName *string `type:"string" required:"true"`
 20365  
 20366  	// The name of the IAM user that is to be associated with the credentials. The
 20367  	// new service-specific credentials have the same permissions as the associated
 20368  	// user except that they can be used only to access the specified service.
 20369  	//
 20370  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 20371  	// a string of characters consisting of upper and lowercase alphanumeric characters
 20372  	// with no spaces. You can also include any of the following characters: _+=,.@-
 20373  	//
 20374  	// UserName is a required field
 20375  	UserName *string `min:"1" type:"string" required:"true"`
 20376  }
 20377  
 20378  // String returns the string representation.
 20379  //
 20380  // API parameter values that are decorated as "sensitive" in the API will not
 20381  // be included in the string output. The member name will be present, but the
 20382  // value will be replaced with "sensitive".
 20383  func (s CreateServiceSpecificCredentialInput) String() string {
 20384  	return awsutil.Prettify(s)
 20385  }
 20386  
 20387  // GoString returns the string representation.
 20388  //
 20389  // API parameter values that are decorated as "sensitive" in the API will not
 20390  // be included in the string output. The member name will be present, but the
 20391  // value will be replaced with "sensitive".
 20392  func (s CreateServiceSpecificCredentialInput) GoString() string {
 20393  	return s.String()
 20394  }
 20395  
 20396  // Validate inspects the fields of the type to determine if they are valid.
 20397  func (s *CreateServiceSpecificCredentialInput) Validate() error {
 20398  	invalidParams := request.ErrInvalidParams{Context: "CreateServiceSpecificCredentialInput"}
 20399  	if s.ServiceName == nil {
 20400  		invalidParams.Add(request.NewErrParamRequired("ServiceName"))
 20401  	}
 20402  	if s.UserName == nil {
 20403  		invalidParams.Add(request.NewErrParamRequired("UserName"))
 20404  	}
 20405  	if s.UserName != nil && len(*s.UserName) < 1 {
 20406  		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
 20407  	}
 20408  
 20409  	if invalidParams.Len() > 0 {
 20410  		return invalidParams
 20411  	}
 20412  	return nil
 20413  }
 20414  
 20415  // SetServiceName sets the ServiceName field's value.
 20416  func (s *CreateServiceSpecificCredentialInput) SetServiceName(v string) *CreateServiceSpecificCredentialInput {
 20417  	s.ServiceName = &v
 20418  	return s
 20419  }
 20420  
 20421  // SetUserName sets the UserName field's value.
 20422  func (s *CreateServiceSpecificCredentialInput) SetUserName(v string) *CreateServiceSpecificCredentialInput {
 20423  	s.UserName = &v
 20424  	return s
 20425  }
 20426  
 20427  type CreateServiceSpecificCredentialOutput struct {
 20428  	_ struct{} `type:"structure"`
 20429  
 20430  	// A structure that contains information about the newly created service-specific
 20431  	// credential.
 20432  	//
 20433  	// This is the only time that the password for this credential set is available.
 20434  	// It cannot be recovered later. Instead, you must reset the password with ResetServiceSpecificCredential.
 20435  	ServiceSpecificCredential *ServiceSpecificCredential `type:"structure"`
 20436  }
 20437  
 20438  // String returns the string representation.
 20439  //
 20440  // API parameter values that are decorated as "sensitive" in the API will not
 20441  // be included in the string output. The member name will be present, but the
 20442  // value will be replaced with "sensitive".
 20443  func (s CreateServiceSpecificCredentialOutput) String() string {
 20444  	return awsutil.Prettify(s)
 20445  }
 20446  
 20447  // GoString returns the string representation.
 20448  //
 20449  // API parameter values that are decorated as "sensitive" in the API will not
 20450  // be included in the string output. The member name will be present, but the
 20451  // value will be replaced with "sensitive".
 20452  func (s CreateServiceSpecificCredentialOutput) GoString() string {
 20453  	return s.String()
 20454  }
 20455  
 20456  // SetServiceSpecificCredential sets the ServiceSpecificCredential field's value.
 20457  func (s *CreateServiceSpecificCredentialOutput) SetServiceSpecificCredential(v *ServiceSpecificCredential) *CreateServiceSpecificCredentialOutput {
 20458  	s.ServiceSpecificCredential = v
 20459  	return s
 20460  }
 20461  
 20462  type CreateUserInput struct {
 20463  	_ struct{} `type:"structure"`
 20464  
 20465  	// The path for the user name. For more information about paths, see IAM identifiers
 20466  	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
 20467  	// in the IAM User Guide.
 20468  	//
 20469  	// This parameter is optional. If it is not included, it defaults to a slash
 20470  	// (/).
 20471  	//
 20472  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 20473  	// a string of characters consisting of either a forward slash (/) by itself
 20474  	// or a string that must begin and end with forward slashes. In addition, it
 20475  	// can contain any ASCII character from the ! (\u0021) through the DEL character
 20476  	// (\u007F), including most punctuation characters, digits, and upper and lowercased
 20477  	// letters.
 20478  	Path *string `min:"1" type:"string"`
 20479  
 20480  	// The ARN of the policy that is used to set the permissions boundary for the
 20481  	// user.
 20482  	PermissionsBoundary *string `min:"20" type:"string"`
 20483  
 20484  	// A list of tags that you want to attach to the new user. Each tag consists
 20485  	// of a key name and an associated value. For more information about tagging,
 20486  	// see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
 20487  	// in the IAM User Guide.
 20488  	//
 20489  	// If any one of the tags is invalid or if you exceed the allowed maximum number
 20490  	// of tags, then the entire request fails and the resource is not created.
 20491  	Tags []*Tag `type:"list"`
 20492  
 20493  	// The name of the user to create.
 20494  	//
 20495  	// IAM user, group, role, and policy names must be unique within the account.
 20496  	// Names are not distinguished by case. For example, you cannot create resources
 20497  	// named both "MyResource" and "myresource".
 20498  	//
 20499  	// UserName is a required field
 20500  	UserName *string `min:"1" type:"string" required:"true"`
 20501  }
 20502  
 20503  // String returns the string representation.
 20504  //
 20505  // API parameter values that are decorated as "sensitive" in the API will not
 20506  // be included in the string output. The member name will be present, but the
 20507  // value will be replaced with "sensitive".
 20508  func (s CreateUserInput) String() string {
 20509  	return awsutil.Prettify(s)
 20510  }
 20511  
 20512  // GoString returns the string representation.
 20513  //
 20514  // API parameter values that are decorated as "sensitive" in the API will not
 20515  // be included in the string output. The member name will be present, but the
 20516  // value will be replaced with "sensitive".
 20517  func (s CreateUserInput) GoString() string {
 20518  	return s.String()
 20519  }
 20520  
 20521  // Validate inspects the fields of the type to determine if they are valid.
 20522  func (s *CreateUserInput) Validate() error {
 20523  	invalidParams := request.ErrInvalidParams{Context: "CreateUserInput"}
 20524  	if s.Path != nil && len(*s.Path) < 1 {
 20525  		invalidParams.Add(request.NewErrParamMinLen("Path", 1))
 20526  	}
 20527  	if s.PermissionsBoundary != nil && len(*s.PermissionsBoundary) < 20 {
 20528  		invalidParams.Add(request.NewErrParamMinLen("PermissionsBoundary", 20))
 20529  	}
 20530  	if s.UserName == nil {
 20531  		invalidParams.Add(request.NewErrParamRequired("UserName"))
 20532  	}
 20533  	if s.UserName != nil && len(*s.UserName) < 1 {
 20534  		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
 20535  	}
 20536  	if s.Tags != nil {
 20537  		for i, v := range s.Tags {
 20538  			if v == nil {
 20539  				continue
 20540  			}
 20541  			if err := v.Validate(); err != nil {
 20542  				invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Tags", i), err.(request.ErrInvalidParams))
 20543  			}
 20544  		}
 20545  	}
 20546  
 20547  	if invalidParams.Len() > 0 {
 20548  		return invalidParams
 20549  	}
 20550  	return nil
 20551  }
 20552  
 20553  // SetPath sets the Path field's value.
 20554  func (s *CreateUserInput) SetPath(v string) *CreateUserInput {
 20555  	s.Path = &v
 20556  	return s
 20557  }
 20558  
 20559  // SetPermissionsBoundary sets the PermissionsBoundary field's value.
 20560  func (s *CreateUserInput) SetPermissionsBoundary(v string) *CreateUserInput {
 20561  	s.PermissionsBoundary = &v
 20562  	return s
 20563  }
 20564  
 20565  // SetTags sets the Tags field's value.
 20566  func (s *CreateUserInput) SetTags(v []*Tag) *CreateUserInput {
 20567  	s.Tags = v
 20568  	return s
 20569  }
 20570  
 20571  // SetUserName sets the UserName field's value.
 20572  func (s *CreateUserInput) SetUserName(v string) *CreateUserInput {
 20573  	s.UserName = &v
 20574  	return s
 20575  }
 20576  
 20577  // Contains the response to a successful CreateUser request.
 20578  type CreateUserOutput struct {
 20579  	_ struct{} `type:"structure"`
 20580  
 20581  	// A structure with details about the new IAM user.
 20582  	User *User `type:"structure"`
 20583  }
 20584  
 20585  // String returns the string representation.
 20586  //
 20587  // API parameter values that are decorated as "sensitive" in the API will not
 20588  // be included in the string output. The member name will be present, but the
 20589  // value will be replaced with "sensitive".
 20590  func (s CreateUserOutput) String() string {
 20591  	return awsutil.Prettify(s)
 20592  }
 20593  
 20594  // GoString returns the string representation.
 20595  //
 20596  // API parameter values that are decorated as "sensitive" in the API will not
 20597  // be included in the string output. The member name will be present, but the
 20598  // value will be replaced with "sensitive".
 20599  func (s CreateUserOutput) GoString() string {
 20600  	return s.String()
 20601  }
 20602  
 20603  // SetUser sets the User field's value.
 20604  func (s *CreateUserOutput) SetUser(v *User) *CreateUserOutput {
 20605  	s.User = v
 20606  	return s
 20607  }
 20608  
 20609  type CreateVirtualMFADeviceInput struct {
 20610  	_ struct{} `type:"structure"`
 20611  
 20612  	// The path for the virtual MFA device. For more information about paths, see
 20613  	// IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
 20614  	// in the IAM User Guide.
 20615  	//
 20616  	// This parameter is optional. If it is not included, it defaults to a slash
 20617  	// (/).
 20618  	//
 20619  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 20620  	// a string of characters consisting of either a forward slash (/) by itself
 20621  	// or a string that must begin and end with forward slashes. In addition, it
 20622  	// can contain any ASCII character from the ! (\u0021) through the DEL character
 20623  	// (\u007F), including most punctuation characters, digits, and upper and lowercased
 20624  	// letters.
 20625  	Path *string `min:"1" type:"string"`
 20626  
 20627  	// A list of tags that you want to attach to the new IAM virtual MFA device.
 20628  	// Each tag consists of a key name and an associated value. For more information
 20629  	// about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
 20630  	// in the IAM User Guide.
 20631  	//
 20632  	// If any one of the tags is invalid or if you exceed the allowed maximum number
 20633  	// of tags, then the entire request fails and the resource is not created.
 20634  	Tags []*Tag `type:"list"`
 20635  
 20636  	// The name of the virtual MFA device. Use with path to uniquely identify a
 20637  	// virtual MFA device.
 20638  	//
 20639  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 20640  	// a string of characters consisting of upper and lowercase alphanumeric characters
 20641  	// with no spaces. You can also include any of the following characters: _+=,.@-
 20642  	//
 20643  	// VirtualMFADeviceName is a required field
 20644  	VirtualMFADeviceName *string `min:"1" type:"string" required:"true"`
 20645  }
 20646  
 20647  // String returns the string representation.
 20648  //
 20649  // API parameter values that are decorated as "sensitive" in the API will not
 20650  // be included in the string output. The member name will be present, but the
 20651  // value will be replaced with "sensitive".
 20652  func (s CreateVirtualMFADeviceInput) String() string {
 20653  	return awsutil.Prettify(s)
 20654  }
 20655  
 20656  // GoString returns the string representation.
 20657  //
 20658  // API parameter values that are decorated as "sensitive" in the API will not
 20659  // be included in the string output. The member name will be present, but the
 20660  // value will be replaced with "sensitive".
 20661  func (s CreateVirtualMFADeviceInput) GoString() string {
 20662  	return s.String()
 20663  }
 20664  
 20665  // Validate inspects the fields of the type to determine if they are valid.
 20666  func (s *CreateVirtualMFADeviceInput) Validate() error {
 20667  	invalidParams := request.ErrInvalidParams{Context: "CreateVirtualMFADeviceInput"}
 20668  	if s.Path != nil && len(*s.Path) < 1 {
 20669  		invalidParams.Add(request.NewErrParamMinLen("Path", 1))
 20670  	}
 20671  	if s.VirtualMFADeviceName == nil {
 20672  		invalidParams.Add(request.NewErrParamRequired("VirtualMFADeviceName"))
 20673  	}
 20674  	if s.VirtualMFADeviceName != nil && len(*s.VirtualMFADeviceName) < 1 {
 20675  		invalidParams.Add(request.NewErrParamMinLen("VirtualMFADeviceName", 1))
 20676  	}
 20677  	if s.Tags != nil {
 20678  		for i, v := range s.Tags {
 20679  			if v == nil {
 20680  				continue
 20681  			}
 20682  			if err := v.Validate(); err != nil {
 20683  				invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Tags", i), err.(request.ErrInvalidParams))
 20684  			}
 20685  		}
 20686  	}
 20687  
 20688  	if invalidParams.Len() > 0 {
 20689  		return invalidParams
 20690  	}
 20691  	return nil
 20692  }
 20693  
 20694  // SetPath sets the Path field's value.
 20695  func (s *CreateVirtualMFADeviceInput) SetPath(v string) *CreateVirtualMFADeviceInput {
 20696  	s.Path = &v
 20697  	return s
 20698  }
 20699  
 20700  // SetTags sets the Tags field's value.
 20701  func (s *CreateVirtualMFADeviceInput) SetTags(v []*Tag) *CreateVirtualMFADeviceInput {
 20702  	s.Tags = v
 20703  	return s
 20704  }
 20705  
 20706  // SetVirtualMFADeviceName sets the VirtualMFADeviceName field's value.
 20707  func (s *CreateVirtualMFADeviceInput) SetVirtualMFADeviceName(v string) *CreateVirtualMFADeviceInput {
 20708  	s.VirtualMFADeviceName = &v
 20709  	return s
 20710  }
 20711  
 20712  // Contains the response to a successful CreateVirtualMFADevice request.
 20713  type CreateVirtualMFADeviceOutput struct {
 20714  	_ struct{} `type:"structure"`
 20715  
 20716  	// A structure containing details about the new virtual MFA device.
 20717  	//
 20718  	// VirtualMFADevice is a required field
 20719  	VirtualMFADevice *VirtualMFADevice `type:"structure" required:"true"`
 20720  }
 20721  
 20722  // String returns the string representation.
 20723  //
 20724  // API parameter values that are decorated as "sensitive" in the API will not
 20725  // be included in the string output. The member name will be present, but the
 20726  // value will be replaced with "sensitive".
 20727  func (s CreateVirtualMFADeviceOutput) String() string {
 20728  	return awsutil.Prettify(s)
 20729  }
 20730  
 20731  // GoString returns the string representation.
 20732  //
 20733  // API parameter values that are decorated as "sensitive" in the API will not
 20734  // be included in the string output. The member name will be present, but the
 20735  // value will be replaced with "sensitive".
 20736  func (s CreateVirtualMFADeviceOutput) GoString() string {
 20737  	return s.String()
 20738  }
 20739  
 20740  // SetVirtualMFADevice sets the VirtualMFADevice field's value.
 20741  func (s *CreateVirtualMFADeviceOutput) SetVirtualMFADevice(v *VirtualMFADevice) *CreateVirtualMFADeviceOutput {
 20742  	s.VirtualMFADevice = v
 20743  	return s
 20744  }
 20745  
 20746  type DeactivateMFADeviceInput struct {
 20747  	_ struct{} `type:"structure"`
 20748  
 20749  	// The serial number that uniquely identifies the MFA device. For virtual MFA
 20750  	// devices, the serial number is the device ARN.
 20751  	//
 20752  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 20753  	// a string of characters consisting of upper and lowercase alphanumeric characters
 20754  	// with no spaces. You can also include any of the following characters: =,.@:/-
 20755  	//
 20756  	// SerialNumber is a required field
 20757  	SerialNumber *string `min:"9" type:"string" required:"true"`
 20758  
 20759  	// The name of the user whose MFA device you want to deactivate.
 20760  	//
 20761  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 20762  	// a string of characters consisting of upper and lowercase alphanumeric characters
 20763  	// with no spaces. You can also include any of the following characters: _+=,.@-
 20764  	//
 20765  	// UserName is a required field
 20766  	UserName *string `min:"1" type:"string" required:"true"`
 20767  }
 20768  
 20769  // String returns the string representation.
 20770  //
 20771  // API parameter values that are decorated as "sensitive" in the API will not
 20772  // be included in the string output. The member name will be present, but the
 20773  // value will be replaced with "sensitive".
 20774  func (s DeactivateMFADeviceInput) String() string {
 20775  	return awsutil.Prettify(s)
 20776  }
 20777  
 20778  // GoString returns the string representation.
 20779  //
 20780  // API parameter values that are decorated as "sensitive" in the API will not
 20781  // be included in the string output. The member name will be present, but the
 20782  // value will be replaced with "sensitive".
 20783  func (s DeactivateMFADeviceInput) GoString() string {
 20784  	return s.String()
 20785  }
 20786  
 20787  // Validate inspects the fields of the type to determine if they are valid.
 20788  func (s *DeactivateMFADeviceInput) Validate() error {
 20789  	invalidParams := request.ErrInvalidParams{Context: "DeactivateMFADeviceInput"}
 20790  	if s.SerialNumber == nil {
 20791  		invalidParams.Add(request.NewErrParamRequired("SerialNumber"))
 20792  	}
 20793  	if s.SerialNumber != nil && len(*s.SerialNumber) < 9 {
 20794  		invalidParams.Add(request.NewErrParamMinLen("SerialNumber", 9))
 20795  	}
 20796  	if s.UserName == nil {
 20797  		invalidParams.Add(request.NewErrParamRequired("UserName"))
 20798  	}
 20799  	if s.UserName != nil && len(*s.UserName) < 1 {
 20800  		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
 20801  	}
 20802  
 20803  	if invalidParams.Len() > 0 {
 20804  		return invalidParams
 20805  	}
 20806  	return nil
 20807  }
 20808  
 20809  // SetSerialNumber sets the SerialNumber field's value.
 20810  func (s *DeactivateMFADeviceInput) SetSerialNumber(v string) *DeactivateMFADeviceInput {
 20811  	s.SerialNumber = &v
 20812  	return s
 20813  }
 20814  
 20815  // SetUserName sets the UserName field's value.
 20816  func (s *DeactivateMFADeviceInput) SetUserName(v string) *DeactivateMFADeviceInput {
 20817  	s.UserName = &v
 20818  	return s
 20819  }
 20820  
 20821  type DeactivateMFADeviceOutput struct {
 20822  	_ struct{} `type:"structure"`
 20823  }
 20824  
 20825  // String returns the string representation.
 20826  //
 20827  // API parameter values that are decorated as "sensitive" in the API will not
 20828  // be included in the string output. The member name will be present, but the
 20829  // value will be replaced with "sensitive".
 20830  func (s DeactivateMFADeviceOutput) String() string {
 20831  	return awsutil.Prettify(s)
 20832  }
 20833  
 20834  // GoString returns the string representation.
 20835  //
 20836  // API parameter values that are decorated as "sensitive" in the API will not
 20837  // be included in the string output. The member name will be present, but the
 20838  // value will be replaced with "sensitive".
 20839  func (s DeactivateMFADeviceOutput) GoString() string {
 20840  	return s.String()
 20841  }
 20842  
 20843  type DeleteAccessKeyInput struct {
 20844  	_ struct{} `type:"structure"`
 20845  
 20846  	// The access key ID for the access key ID and secret access key you want to
 20847  	// delete.
 20848  	//
 20849  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 20850  	// a string of characters that can consist of any upper or lowercased letter
 20851  	// or digit.
 20852  	//
 20853  	// AccessKeyId is a required field
 20854  	AccessKeyId *string `min:"16" type:"string" required:"true"`
 20855  
 20856  	// The name of the user whose access key pair you want to delete.
 20857  	//
 20858  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 20859  	// a string of characters consisting of upper and lowercase alphanumeric characters
 20860  	// with no spaces. You can also include any of the following characters: _+=,.@-
 20861  	UserName *string `min:"1" type:"string"`
 20862  }
 20863  
 20864  // String returns the string representation.
 20865  //
 20866  // API parameter values that are decorated as "sensitive" in the API will not
 20867  // be included in the string output. The member name will be present, but the
 20868  // value will be replaced with "sensitive".
 20869  func (s DeleteAccessKeyInput) String() string {
 20870  	return awsutil.Prettify(s)
 20871  }
 20872  
 20873  // GoString returns the string representation.
 20874  //
 20875  // API parameter values that are decorated as "sensitive" in the API will not
 20876  // be included in the string output. The member name will be present, but the
 20877  // value will be replaced with "sensitive".
 20878  func (s DeleteAccessKeyInput) GoString() string {
 20879  	return s.String()
 20880  }
 20881  
 20882  // Validate inspects the fields of the type to determine if they are valid.
 20883  func (s *DeleteAccessKeyInput) Validate() error {
 20884  	invalidParams := request.ErrInvalidParams{Context: "DeleteAccessKeyInput"}
 20885  	if s.AccessKeyId == nil {
 20886  		invalidParams.Add(request.NewErrParamRequired("AccessKeyId"))
 20887  	}
 20888  	if s.AccessKeyId != nil && len(*s.AccessKeyId) < 16 {
 20889  		invalidParams.Add(request.NewErrParamMinLen("AccessKeyId", 16))
 20890  	}
 20891  	if s.UserName != nil && len(*s.UserName) < 1 {
 20892  		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
 20893  	}
 20894  
 20895  	if invalidParams.Len() > 0 {
 20896  		return invalidParams
 20897  	}
 20898  	return nil
 20899  }
 20900  
 20901  // SetAccessKeyId sets the AccessKeyId field's value.
 20902  func (s *DeleteAccessKeyInput) SetAccessKeyId(v string) *DeleteAccessKeyInput {
 20903  	s.AccessKeyId = &v
 20904  	return s
 20905  }
 20906  
 20907  // SetUserName sets the UserName field's value.
 20908  func (s *DeleteAccessKeyInput) SetUserName(v string) *DeleteAccessKeyInput {
 20909  	s.UserName = &v
 20910  	return s
 20911  }
 20912  
 20913  type DeleteAccessKeyOutput struct {
 20914  	_ struct{} `type:"structure"`
 20915  }
 20916  
 20917  // String returns the string representation.
 20918  //
 20919  // API parameter values that are decorated as "sensitive" in the API will not
 20920  // be included in the string output. The member name will be present, but the
 20921  // value will be replaced with "sensitive".
 20922  func (s DeleteAccessKeyOutput) String() string {
 20923  	return awsutil.Prettify(s)
 20924  }
 20925  
 20926  // GoString returns the string representation.
 20927  //
 20928  // API parameter values that are decorated as "sensitive" in the API will not
 20929  // be included in the string output. The member name will be present, but the
 20930  // value will be replaced with "sensitive".
 20931  func (s DeleteAccessKeyOutput) GoString() string {
 20932  	return s.String()
 20933  }
 20934  
 20935  type DeleteAccountAliasInput struct {
 20936  	_ struct{} `type:"structure"`
 20937  
 20938  	// The name of the account alias to delete.
 20939  	//
 20940  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 20941  	// a string of characters consisting of lowercase letters, digits, and dashes.
 20942  	// You cannot start or finish with a dash, nor can you have two dashes in a
 20943  	// row.
 20944  	//
 20945  	// AccountAlias is a required field
 20946  	AccountAlias *string `min:"3" type:"string" required:"true"`
 20947  }
 20948  
 20949  // String returns the string representation.
 20950  //
 20951  // API parameter values that are decorated as "sensitive" in the API will not
 20952  // be included in the string output. The member name will be present, but the
 20953  // value will be replaced with "sensitive".
 20954  func (s DeleteAccountAliasInput) String() string {
 20955  	return awsutil.Prettify(s)
 20956  }
 20957  
 20958  // GoString returns the string representation.
 20959  //
 20960  // API parameter values that are decorated as "sensitive" in the API will not
 20961  // be included in the string output. The member name will be present, but the
 20962  // value will be replaced with "sensitive".
 20963  func (s DeleteAccountAliasInput) GoString() string {
 20964  	return s.String()
 20965  }
 20966  
 20967  // Validate inspects the fields of the type to determine if they are valid.
 20968  func (s *DeleteAccountAliasInput) Validate() error {
 20969  	invalidParams := request.ErrInvalidParams{Context: "DeleteAccountAliasInput"}
 20970  	if s.AccountAlias == nil {
 20971  		invalidParams.Add(request.NewErrParamRequired("AccountAlias"))
 20972  	}
 20973  	if s.AccountAlias != nil && len(*s.AccountAlias) < 3 {
 20974  		invalidParams.Add(request.NewErrParamMinLen("AccountAlias", 3))
 20975  	}
 20976  
 20977  	if invalidParams.Len() > 0 {
 20978  		return invalidParams
 20979  	}
 20980  	return nil
 20981  }
 20982  
 20983  // SetAccountAlias sets the AccountAlias field's value.
 20984  func (s *DeleteAccountAliasInput) SetAccountAlias(v string) *DeleteAccountAliasInput {
 20985  	s.AccountAlias = &v
 20986  	return s
 20987  }
 20988  
 20989  type DeleteAccountAliasOutput struct {
 20990  	_ struct{} `type:"structure"`
 20991  }
 20992  
 20993  // String returns the string representation.
 20994  //
 20995  // API parameter values that are decorated as "sensitive" in the API will not
 20996  // be included in the string output. The member name will be present, but the
 20997  // value will be replaced with "sensitive".
 20998  func (s DeleteAccountAliasOutput) String() string {
 20999  	return awsutil.Prettify(s)
 21000  }
 21001  
 21002  // GoString returns the string representation.
 21003  //
 21004  // API parameter values that are decorated as "sensitive" in the API will not
 21005  // be included in the string output. The member name will be present, but the
 21006  // value will be replaced with "sensitive".
 21007  func (s DeleteAccountAliasOutput) GoString() string {
 21008  	return s.String()
 21009  }
 21010  
 21011  type DeleteAccountPasswordPolicyInput struct {
 21012  	_ struct{} `type:"structure"`
 21013  }
 21014  
 21015  // String returns the string representation.
 21016  //
 21017  // API parameter values that are decorated as "sensitive" in the API will not
 21018  // be included in the string output. The member name will be present, but the
 21019  // value will be replaced with "sensitive".
 21020  func (s DeleteAccountPasswordPolicyInput) String() string {
 21021  	return awsutil.Prettify(s)
 21022  }
 21023  
 21024  // GoString returns the string representation.
 21025  //
 21026  // API parameter values that are decorated as "sensitive" in the API will not
 21027  // be included in the string output. The member name will be present, but the
 21028  // value will be replaced with "sensitive".
 21029  func (s DeleteAccountPasswordPolicyInput) GoString() string {
 21030  	return s.String()
 21031  }
 21032  
 21033  type DeleteAccountPasswordPolicyOutput struct {
 21034  	_ struct{} `type:"structure"`
 21035  }
 21036  
 21037  // String returns the string representation.
 21038  //
 21039  // API parameter values that are decorated as "sensitive" in the API will not
 21040  // be included in the string output. The member name will be present, but the
 21041  // value will be replaced with "sensitive".
 21042  func (s DeleteAccountPasswordPolicyOutput) String() string {
 21043  	return awsutil.Prettify(s)
 21044  }
 21045  
 21046  // GoString returns the string representation.
 21047  //
 21048  // API parameter values that are decorated as "sensitive" in the API will not
 21049  // be included in the string output. The member name will be present, but the
 21050  // value will be replaced with "sensitive".
 21051  func (s DeleteAccountPasswordPolicyOutput) GoString() string {
 21052  	return s.String()
 21053  }
 21054  
 21055  type DeleteGroupInput struct {
 21056  	_ struct{} `type:"structure"`
 21057  
 21058  	// The name of the IAM group to delete.
 21059  	//
 21060  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 21061  	// a string of characters consisting of upper and lowercase alphanumeric characters
 21062  	// with no spaces. You can also include any of the following characters: _+=,.@-
 21063  	//
 21064  	// GroupName is a required field
 21065  	GroupName *string `min:"1" type:"string" required:"true"`
 21066  }
 21067  
 21068  // String returns the string representation.
 21069  //
 21070  // API parameter values that are decorated as "sensitive" in the API will not
 21071  // be included in the string output. The member name will be present, but the
 21072  // value will be replaced with "sensitive".
 21073  func (s DeleteGroupInput) String() string {
 21074  	return awsutil.Prettify(s)
 21075  }
 21076  
 21077  // GoString returns the string representation.
 21078  //
 21079  // API parameter values that are decorated as "sensitive" in the API will not
 21080  // be included in the string output. The member name will be present, but the
 21081  // value will be replaced with "sensitive".
 21082  func (s DeleteGroupInput) GoString() string {
 21083  	return s.String()
 21084  }
 21085  
 21086  // Validate inspects the fields of the type to determine if they are valid.
 21087  func (s *DeleteGroupInput) Validate() error {
 21088  	invalidParams := request.ErrInvalidParams{Context: "DeleteGroupInput"}
 21089  	if s.GroupName == nil {
 21090  		invalidParams.Add(request.NewErrParamRequired("GroupName"))
 21091  	}
 21092  	if s.GroupName != nil && len(*s.GroupName) < 1 {
 21093  		invalidParams.Add(request.NewErrParamMinLen("GroupName", 1))
 21094  	}
 21095  
 21096  	if invalidParams.Len() > 0 {
 21097  		return invalidParams
 21098  	}
 21099  	return nil
 21100  }
 21101  
 21102  // SetGroupName sets the GroupName field's value.
 21103  func (s *DeleteGroupInput) SetGroupName(v string) *DeleteGroupInput {
 21104  	s.GroupName = &v
 21105  	return s
 21106  }
 21107  
 21108  type DeleteGroupOutput struct {
 21109  	_ struct{} `type:"structure"`
 21110  }
 21111  
 21112  // String returns the string representation.
 21113  //
 21114  // API parameter values that are decorated as "sensitive" in the API will not
 21115  // be included in the string output. The member name will be present, but the
 21116  // value will be replaced with "sensitive".
 21117  func (s DeleteGroupOutput) String() string {
 21118  	return awsutil.Prettify(s)
 21119  }
 21120  
 21121  // GoString returns the string representation.
 21122  //
 21123  // API parameter values that are decorated as "sensitive" in the API will not
 21124  // be included in the string output. The member name will be present, but the
 21125  // value will be replaced with "sensitive".
 21126  func (s DeleteGroupOutput) GoString() string {
 21127  	return s.String()
 21128  }
 21129  
 21130  type DeleteGroupPolicyInput struct {
 21131  	_ struct{} `type:"structure"`
 21132  
 21133  	// The name (friendly name, not ARN) identifying the group that the policy is
 21134  	// embedded in.
 21135  	//
 21136  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 21137  	// a string of characters consisting of upper and lowercase alphanumeric characters
 21138  	// with no spaces. You can also include any of the following characters: _+=,.@-
 21139  	//
 21140  	// GroupName is a required field
 21141  	GroupName *string `min:"1" type:"string" required:"true"`
 21142  
 21143  	// The name identifying the policy document to delete.
 21144  	//
 21145  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 21146  	// a string of characters consisting of upper and lowercase alphanumeric characters
 21147  	// with no spaces. You can also include any of the following characters: _+=,.@-
 21148  	//
 21149  	// PolicyName is a required field
 21150  	PolicyName *string `min:"1" type:"string" required:"true"`
 21151  }
 21152  
 21153  // String returns the string representation.
 21154  //
 21155  // API parameter values that are decorated as "sensitive" in the API will not
 21156  // be included in the string output. The member name will be present, but the
 21157  // value will be replaced with "sensitive".
 21158  func (s DeleteGroupPolicyInput) String() string {
 21159  	return awsutil.Prettify(s)
 21160  }
 21161  
 21162  // GoString returns the string representation.
 21163  //
 21164  // API parameter values that are decorated as "sensitive" in the API will not
 21165  // be included in the string output. The member name will be present, but the
 21166  // value will be replaced with "sensitive".
 21167  func (s DeleteGroupPolicyInput) GoString() string {
 21168  	return s.String()
 21169  }
 21170  
 21171  // Validate inspects the fields of the type to determine if they are valid.
 21172  func (s *DeleteGroupPolicyInput) Validate() error {
 21173  	invalidParams := request.ErrInvalidParams{Context: "DeleteGroupPolicyInput"}
 21174  	if s.GroupName == nil {
 21175  		invalidParams.Add(request.NewErrParamRequired("GroupName"))
 21176  	}
 21177  	if s.GroupName != nil && len(*s.GroupName) < 1 {
 21178  		invalidParams.Add(request.NewErrParamMinLen("GroupName", 1))
 21179  	}
 21180  	if s.PolicyName == nil {
 21181  		invalidParams.Add(request.NewErrParamRequired("PolicyName"))
 21182  	}
 21183  	if s.PolicyName != nil && len(*s.PolicyName) < 1 {
 21184  		invalidParams.Add(request.NewErrParamMinLen("PolicyName", 1))
 21185  	}
 21186  
 21187  	if invalidParams.Len() > 0 {
 21188  		return invalidParams
 21189  	}
 21190  	return nil
 21191  }
 21192  
 21193  // SetGroupName sets the GroupName field's value.
 21194  func (s *DeleteGroupPolicyInput) SetGroupName(v string) *DeleteGroupPolicyInput {
 21195  	s.GroupName = &v
 21196  	return s
 21197  }
 21198  
 21199  // SetPolicyName sets the PolicyName field's value.
 21200  func (s *DeleteGroupPolicyInput) SetPolicyName(v string) *DeleteGroupPolicyInput {
 21201  	s.PolicyName = &v
 21202  	return s
 21203  }
 21204  
 21205  type DeleteGroupPolicyOutput struct {
 21206  	_ struct{} `type:"structure"`
 21207  }
 21208  
 21209  // String returns the string representation.
 21210  //
 21211  // API parameter values that are decorated as "sensitive" in the API will not
 21212  // be included in the string output. The member name will be present, but the
 21213  // value will be replaced with "sensitive".
 21214  func (s DeleteGroupPolicyOutput) String() string {
 21215  	return awsutil.Prettify(s)
 21216  }
 21217  
 21218  // GoString returns the string representation.
 21219  //
 21220  // API parameter values that are decorated as "sensitive" in the API will not
 21221  // be included in the string output. The member name will be present, but the
 21222  // value will be replaced with "sensitive".
 21223  func (s DeleteGroupPolicyOutput) GoString() string {
 21224  	return s.String()
 21225  }
 21226  
 21227  type DeleteInstanceProfileInput struct {
 21228  	_ struct{} `type:"structure"`
 21229  
 21230  	// The name of the instance profile to delete.
 21231  	//
 21232  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 21233  	// a string of characters consisting of upper and lowercase alphanumeric characters
 21234  	// with no spaces. You can also include any of the following characters: _+=,.@-
 21235  	//
 21236  	// InstanceProfileName is a required field
 21237  	InstanceProfileName *string `min:"1" type:"string" required:"true"`
 21238  }
 21239  
 21240  // String returns the string representation.
 21241  //
 21242  // API parameter values that are decorated as "sensitive" in the API will not
 21243  // be included in the string output. The member name will be present, but the
 21244  // value will be replaced with "sensitive".
 21245  func (s DeleteInstanceProfileInput) String() string {
 21246  	return awsutil.Prettify(s)
 21247  }
 21248  
 21249  // GoString returns the string representation.
 21250  //
 21251  // API parameter values that are decorated as "sensitive" in the API will not
 21252  // be included in the string output. The member name will be present, but the
 21253  // value will be replaced with "sensitive".
 21254  func (s DeleteInstanceProfileInput) GoString() string {
 21255  	return s.String()
 21256  }
 21257  
 21258  // Validate inspects the fields of the type to determine if they are valid.
 21259  func (s *DeleteInstanceProfileInput) Validate() error {
 21260  	invalidParams := request.ErrInvalidParams{Context: "DeleteInstanceProfileInput"}
 21261  	if s.InstanceProfileName == nil {
 21262  		invalidParams.Add(request.NewErrParamRequired("InstanceProfileName"))
 21263  	}
 21264  	if s.InstanceProfileName != nil && len(*s.InstanceProfileName) < 1 {
 21265  		invalidParams.Add(request.NewErrParamMinLen("InstanceProfileName", 1))
 21266  	}
 21267  
 21268  	if invalidParams.Len() > 0 {
 21269  		return invalidParams
 21270  	}
 21271  	return nil
 21272  }
 21273  
 21274  // SetInstanceProfileName sets the InstanceProfileName field's value.
 21275  func (s *DeleteInstanceProfileInput) SetInstanceProfileName(v string) *DeleteInstanceProfileInput {
 21276  	s.InstanceProfileName = &v
 21277  	return s
 21278  }
 21279  
 21280  type DeleteInstanceProfileOutput struct {
 21281  	_ struct{} `type:"structure"`
 21282  }
 21283  
 21284  // String returns the string representation.
 21285  //
 21286  // API parameter values that are decorated as "sensitive" in the API will not
 21287  // be included in the string output. The member name will be present, but the
 21288  // value will be replaced with "sensitive".
 21289  func (s DeleteInstanceProfileOutput) String() string {
 21290  	return awsutil.Prettify(s)
 21291  }
 21292  
 21293  // GoString returns the string representation.
 21294  //
 21295  // API parameter values that are decorated as "sensitive" in the API will not
 21296  // be included in the string output. The member name will be present, but the
 21297  // value will be replaced with "sensitive".
 21298  func (s DeleteInstanceProfileOutput) GoString() string {
 21299  	return s.String()
 21300  }
 21301  
 21302  type DeleteLoginProfileInput struct {
 21303  	_ struct{} `type:"structure"`
 21304  
 21305  	// The name of the user whose password you want to delete.
 21306  	//
 21307  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 21308  	// a string of characters consisting of upper and lowercase alphanumeric characters
 21309  	// with no spaces. You can also include any of the following characters: _+=,.@-
 21310  	//
 21311  	// UserName is a required field
 21312  	UserName *string `min:"1" type:"string" required:"true"`
 21313  }
 21314  
 21315  // String returns the string representation.
 21316  //
 21317  // API parameter values that are decorated as "sensitive" in the API will not
 21318  // be included in the string output. The member name will be present, but the
 21319  // value will be replaced with "sensitive".
 21320  func (s DeleteLoginProfileInput) String() string {
 21321  	return awsutil.Prettify(s)
 21322  }
 21323  
 21324  // GoString returns the string representation.
 21325  //
 21326  // API parameter values that are decorated as "sensitive" in the API will not
 21327  // be included in the string output. The member name will be present, but the
 21328  // value will be replaced with "sensitive".
 21329  func (s DeleteLoginProfileInput) GoString() string {
 21330  	return s.String()
 21331  }
 21332  
 21333  // Validate inspects the fields of the type to determine if they are valid.
 21334  func (s *DeleteLoginProfileInput) Validate() error {
 21335  	invalidParams := request.ErrInvalidParams{Context: "DeleteLoginProfileInput"}
 21336  	if s.UserName == nil {
 21337  		invalidParams.Add(request.NewErrParamRequired("UserName"))
 21338  	}
 21339  	if s.UserName != nil && len(*s.UserName) < 1 {
 21340  		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
 21341  	}
 21342  
 21343  	if invalidParams.Len() > 0 {
 21344  		return invalidParams
 21345  	}
 21346  	return nil
 21347  }
 21348  
 21349  // SetUserName sets the UserName field's value.
 21350  func (s *DeleteLoginProfileInput) SetUserName(v string) *DeleteLoginProfileInput {
 21351  	s.UserName = &v
 21352  	return s
 21353  }
 21354  
 21355  type DeleteLoginProfileOutput struct {
 21356  	_ struct{} `type:"structure"`
 21357  }
 21358  
 21359  // String returns the string representation.
 21360  //
 21361  // API parameter values that are decorated as "sensitive" in the API will not
 21362  // be included in the string output. The member name will be present, but the
 21363  // value will be replaced with "sensitive".
 21364  func (s DeleteLoginProfileOutput) String() string {
 21365  	return awsutil.Prettify(s)
 21366  }
 21367  
 21368  // GoString returns the string representation.
 21369  //
 21370  // API parameter values that are decorated as "sensitive" in the API will not
 21371  // be included in the string output. The member name will be present, but the
 21372  // value will be replaced with "sensitive".
 21373  func (s DeleteLoginProfileOutput) GoString() string {
 21374  	return s.String()
 21375  }
 21376  
 21377  type DeleteOpenIDConnectProviderInput struct {
 21378  	_ struct{} `type:"structure"`
 21379  
 21380  	// The Amazon Resource Name (ARN) of the IAM OpenID Connect provider resource
 21381  	// object to delete. You can get a list of OpenID Connect provider resource
 21382  	// ARNs by using the ListOpenIDConnectProviders operation.
 21383  	//
 21384  	// OpenIDConnectProviderArn is a required field
 21385  	OpenIDConnectProviderArn *string `min:"20" type:"string" required:"true"`
 21386  }
 21387  
 21388  // String returns the string representation.
 21389  //
 21390  // API parameter values that are decorated as "sensitive" in the API will not
 21391  // be included in the string output. The member name will be present, but the
 21392  // value will be replaced with "sensitive".
 21393  func (s DeleteOpenIDConnectProviderInput) String() string {
 21394  	return awsutil.Prettify(s)
 21395  }
 21396  
 21397  // GoString returns the string representation.
 21398  //
 21399  // API parameter values that are decorated as "sensitive" in the API will not
 21400  // be included in the string output. The member name will be present, but the
 21401  // value will be replaced with "sensitive".
 21402  func (s DeleteOpenIDConnectProviderInput) GoString() string {
 21403  	return s.String()
 21404  }
 21405  
 21406  // Validate inspects the fields of the type to determine if they are valid.
 21407  func (s *DeleteOpenIDConnectProviderInput) Validate() error {
 21408  	invalidParams := request.ErrInvalidParams{Context: "DeleteOpenIDConnectProviderInput"}
 21409  	if s.OpenIDConnectProviderArn == nil {
 21410  		invalidParams.Add(request.NewErrParamRequired("OpenIDConnectProviderArn"))
 21411  	}
 21412  	if s.OpenIDConnectProviderArn != nil && len(*s.OpenIDConnectProviderArn) < 20 {
 21413  		invalidParams.Add(request.NewErrParamMinLen("OpenIDConnectProviderArn", 20))
 21414  	}
 21415  
 21416  	if invalidParams.Len() > 0 {
 21417  		return invalidParams
 21418  	}
 21419  	return nil
 21420  }
 21421  
 21422  // SetOpenIDConnectProviderArn sets the OpenIDConnectProviderArn field's value.
 21423  func (s *DeleteOpenIDConnectProviderInput) SetOpenIDConnectProviderArn(v string) *DeleteOpenIDConnectProviderInput {
 21424  	s.OpenIDConnectProviderArn = &v
 21425  	return s
 21426  }
 21427  
 21428  type DeleteOpenIDConnectProviderOutput struct {
 21429  	_ struct{} `type:"structure"`
 21430  }
 21431  
 21432  // String returns the string representation.
 21433  //
 21434  // API parameter values that are decorated as "sensitive" in the API will not
 21435  // be included in the string output. The member name will be present, but the
 21436  // value will be replaced with "sensitive".
 21437  func (s DeleteOpenIDConnectProviderOutput) String() string {
 21438  	return awsutil.Prettify(s)
 21439  }
 21440  
 21441  // GoString returns the string representation.
 21442  //
 21443  // API parameter values that are decorated as "sensitive" in the API will not
 21444  // be included in the string output. The member name will be present, but the
 21445  // value will be replaced with "sensitive".
 21446  func (s DeleteOpenIDConnectProviderOutput) GoString() string {
 21447  	return s.String()
 21448  }
 21449  
 21450  type DeletePolicyInput struct {
 21451  	_ struct{} `type:"structure"`
 21452  
 21453  	// The Amazon Resource Name (ARN) of the IAM policy you want to delete.
 21454  	//
 21455  	// For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
 21456  	// in the Amazon Web Services General Reference.
 21457  	//
 21458  	// PolicyArn is a required field
 21459  	PolicyArn *string `min:"20" type:"string" required:"true"`
 21460  }
 21461  
 21462  // String returns the string representation.
 21463  //
 21464  // API parameter values that are decorated as "sensitive" in the API will not
 21465  // be included in the string output. The member name will be present, but the
 21466  // value will be replaced with "sensitive".
 21467  func (s DeletePolicyInput) String() string {
 21468  	return awsutil.Prettify(s)
 21469  }
 21470  
 21471  // GoString returns the string representation.
 21472  //
 21473  // API parameter values that are decorated as "sensitive" in the API will not
 21474  // be included in the string output. The member name will be present, but the
 21475  // value will be replaced with "sensitive".
 21476  func (s DeletePolicyInput) GoString() string {
 21477  	return s.String()
 21478  }
 21479  
 21480  // Validate inspects the fields of the type to determine if they are valid.
 21481  func (s *DeletePolicyInput) Validate() error {
 21482  	invalidParams := request.ErrInvalidParams{Context: "DeletePolicyInput"}
 21483  	if s.PolicyArn == nil {
 21484  		invalidParams.Add(request.NewErrParamRequired("PolicyArn"))
 21485  	}
 21486  	if s.PolicyArn != nil && len(*s.PolicyArn) < 20 {
 21487  		invalidParams.Add(request.NewErrParamMinLen("PolicyArn", 20))
 21488  	}
 21489  
 21490  	if invalidParams.Len() > 0 {
 21491  		return invalidParams
 21492  	}
 21493  	return nil
 21494  }
 21495  
 21496  // SetPolicyArn sets the PolicyArn field's value.
 21497  func (s *DeletePolicyInput) SetPolicyArn(v string) *DeletePolicyInput {
 21498  	s.PolicyArn = &v
 21499  	return s
 21500  }
 21501  
 21502  type DeletePolicyOutput struct {
 21503  	_ struct{} `type:"structure"`
 21504  }
 21505  
 21506  // String returns the string representation.
 21507  //
 21508  // API parameter values that are decorated as "sensitive" in the API will not
 21509  // be included in the string output. The member name will be present, but the
 21510  // value will be replaced with "sensitive".
 21511  func (s DeletePolicyOutput) String() string {
 21512  	return awsutil.Prettify(s)
 21513  }
 21514  
 21515  // GoString returns the string representation.
 21516  //
 21517  // API parameter values that are decorated as "sensitive" in the API will not
 21518  // be included in the string output. The member name will be present, but the
 21519  // value will be replaced with "sensitive".
 21520  func (s DeletePolicyOutput) GoString() string {
 21521  	return s.String()
 21522  }
 21523  
 21524  type DeletePolicyVersionInput struct {
 21525  	_ struct{} `type:"structure"`
 21526  
 21527  	// The Amazon Resource Name (ARN) of the IAM policy from which you want to delete
 21528  	// a version.
 21529  	//
 21530  	// For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
 21531  	// in the Amazon Web Services General Reference.
 21532  	//
 21533  	// PolicyArn is a required field
 21534  	PolicyArn *string `min:"20" type:"string" required:"true"`
 21535  
 21536  	// The policy version to delete.
 21537  	//
 21538  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 21539  	// a string of characters that consists of the lowercase letter 'v' followed
 21540  	// by one or two digits, and optionally followed by a period '.' and a string
 21541  	// of letters and digits.
 21542  	//
 21543  	// For more information about managed policy versions, see Versioning for managed
 21544  	// policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-versions.html)
 21545  	// in the IAM User Guide.
 21546  	//
 21547  	// VersionId is a required field
 21548  	VersionId *string `type:"string" required:"true"`
 21549  }
 21550  
 21551  // String returns the string representation.
 21552  //
 21553  // API parameter values that are decorated as "sensitive" in the API will not
 21554  // be included in the string output. The member name will be present, but the
 21555  // value will be replaced with "sensitive".
 21556  func (s DeletePolicyVersionInput) String() string {
 21557  	return awsutil.Prettify(s)
 21558  }
 21559  
 21560  // GoString returns the string representation.
 21561  //
 21562  // API parameter values that are decorated as "sensitive" in the API will not
 21563  // be included in the string output. The member name will be present, but the
 21564  // value will be replaced with "sensitive".
 21565  func (s DeletePolicyVersionInput) GoString() string {
 21566  	return s.String()
 21567  }
 21568  
 21569  // Validate inspects the fields of the type to determine if they are valid.
 21570  func (s *DeletePolicyVersionInput) Validate() error {
 21571  	invalidParams := request.ErrInvalidParams{Context: "DeletePolicyVersionInput"}
 21572  	if s.PolicyArn == nil {
 21573  		invalidParams.Add(request.NewErrParamRequired("PolicyArn"))
 21574  	}
 21575  	if s.PolicyArn != nil && len(*s.PolicyArn) < 20 {
 21576  		invalidParams.Add(request.NewErrParamMinLen("PolicyArn", 20))
 21577  	}
 21578  	if s.VersionId == nil {
 21579  		invalidParams.Add(request.NewErrParamRequired("VersionId"))
 21580  	}
 21581  
 21582  	if invalidParams.Len() > 0 {
 21583  		return invalidParams
 21584  	}
 21585  	return nil
 21586  }
 21587  
 21588  // SetPolicyArn sets the PolicyArn field's value.
 21589  func (s *DeletePolicyVersionInput) SetPolicyArn(v string) *DeletePolicyVersionInput {
 21590  	s.PolicyArn = &v
 21591  	return s
 21592  }
 21593  
 21594  // SetVersionId sets the VersionId field's value.
 21595  func (s *DeletePolicyVersionInput) SetVersionId(v string) *DeletePolicyVersionInput {
 21596  	s.VersionId = &v
 21597  	return s
 21598  }
 21599  
 21600  type DeletePolicyVersionOutput struct {
 21601  	_ struct{} `type:"structure"`
 21602  }
 21603  
 21604  // String returns the string representation.
 21605  //
 21606  // API parameter values that are decorated as "sensitive" in the API will not
 21607  // be included in the string output. The member name will be present, but the
 21608  // value will be replaced with "sensitive".
 21609  func (s DeletePolicyVersionOutput) String() string {
 21610  	return awsutil.Prettify(s)
 21611  }
 21612  
 21613  // GoString returns the string representation.
 21614  //
 21615  // API parameter values that are decorated as "sensitive" in the API will not
 21616  // be included in the string output. The member name will be present, but the
 21617  // value will be replaced with "sensitive".
 21618  func (s DeletePolicyVersionOutput) GoString() string {
 21619  	return s.String()
 21620  }
 21621  
 21622  type DeleteRoleInput struct {
 21623  	_ struct{} `type:"structure"`
 21624  
 21625  	// The name of the role to delete.
 21626  	//
 21627  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 21628  	// a string of characters consisting of upper and lowercase alphanumeric characters
 21629  	// with no spaces. You can also include any of the following characters: _+=,.@-
 21630  	//
 21631  	// RoleName is a required field
 21632  	RoleName *string `min:"1" type:"string" required:"true"`
 21633  }
 21634  
 21635  // String returns the string representation.
 21636  //
 21637  // API parameter values that are decorated as "sensitive" in the API will not
 21638  // be included in the string output. The member name will be present, but the
 21639  // value will be replaced with "sensitive".
 21640  func (s DeleteRoleInput) String() string {
 21641  	return awsutil.Prettify(s)
 21642  }
 21643  
 21644  // GoString returns the string representation.
 21645  //
 21646  // API parameter values that are decorated as "sensitive" in the API will not
 21647  // be included in the string output. The member name will be present, but the
 21648  // value will be replaced with "sensitive".
 21649  func (s DeleteRoleInput) GoString() string {
 21650  	return s.String()
 21651  }
 21652  
 21653  // Validate inspects the fields of the type to determine if they are valid.
 21654  func (s *DeleteRoleInput) Validate() error {
 21655  	invalidParams := request.ErrInvalidParams{Context: "DeleteRoleInput"}
 21656  	if s.RoleName == nil {
 21657  		invalidParams.Add(request.NewErrParamRequired("RoleName"))
 21658  	}
 21659  	if s.RoleName != nil && len(*s.RoleName) < 1 {
 21660  		invalidParams.Add(request.NewErrParamMinLen("RoleName", 1))
 21661  	}
 21662  
 21663  	if invalidParams.Len() > 0 {
 21664  		return invalidParams
 21665  	}
 21666  	return nil
 21667  }
 21668  
 21669  // SetRoleName sets the RoleName field's value.
 21670  func (s *DeleteRoleInput) SetRoleName(v string) *DeleteRoleInput {
 21671  	s.RoleName = &v
 21672  	return s
 21673  }
 21674  
 21675  type DeleteRoleOutput struct {
 21676  	_ struct{} `type:"structure"`
 21677  }
 21678  
 21679  // String returns the string representation.
 21680  //
 21681  // API parameter values that are decorated as "sensitive" in the API will not
 21682  // be included in the string output. The member name will be present, but the
 21683  // value will be replaced with "sensitive".
 21684  func (s DeleteRoleOutput) String() string {
 21685  	return awsutil.Prettify(s)
 21686  }
 21687  
 21688  // GoString returns the string representation.
 21689  //
 21690  // API parameter values that are decorated as "sensitive" in the API will not
 21691  // be included in the string output. The member name will be present, but the
 21692  // value will be replaced with "sensitive".
 21693  func (s DeleteRoleOutput) GoString() string {
 21694  	return s.String()
 21695  }
 21696  
 21697  type DeleteRolePermissionsBoundaryInput struct {
 21698  	_ struct{} `type:"structure"`
 21699  
 21700  	// The name (friendly name, not ARN) of the IAM role from which you want to
 21701  	// remove the permissions boundary.
 21702  	//
 21703  	// RoleName is a required field
 21704  	RoleName *string `min:"1" type:"string" required:"true"`
 21705  }
 21706  
 21707  // String returns the string representation.
 21708  //
 21709  // API parameter values that are decorated as "sensitive" in the API will not
 21710  // be included in the string output. The member name will be present, but the
 21711  // value will be replaced with "sensitive".
 21712  func (s DeleteRolePermissionsBoundaryInput) String() string {
 21713  	return awsutil.Prettify(s)
 21714  }
 21715  
 21716  // GoString returns the string representation.
 21717  //
 21718  // API parameter values that are decorated as "sensitive" in the API will not
 21719  // be included in the string output. The member name will be present, but the
 21720  // value will be replaced with "sensitive".
 21721  func (s DeleteRolePermissionsBoundaryInput) GoString() string {
 21722  	return s.String()
 21723  }
 21724  
 21725  // Validate inspects the fields of the type to determine if they are valid.
 21726  func (s *DeleteRolePermissionsBoundaryInput) Validate() error {
 21727  	invalidParams := request.ErrInvalidParams{Context: "DeleteRolePermissionsBoundaryInput"}
 21728  	if s.RoleName == nil {
 21729  		invalidParams.Add(request.NewErrParamRequired("RoleName"))
 21730  	}
 21731  	if s.RoleName != nil && len(*s.RoleName) < 1 {
 21732  		invalidParams.Add(request.NewErrParamMinLen("RoleName", 1))
 21733  	}
 21734  
 21735  	if invalidParams.Len() > 0 {
 21736  		return invalidParams
 21737  	}
 21738  	return nil
 21739  }
 21740  
 21741  // SetRoleName sets the RoleName field's value.
 21742  func (s *DeleteRolePermissionsBoundaryInput) SetRoleName(v string) *DeleteRolePermissionsBoundaryInput {
 21743  	s.RoleName = &v
 21744  	return s
 21745  }
 21746  
 21747  type DeleteRolePermissionsBoundaryOutput struct {
 21748  	_ struct{} `type:"structure"`
 21749  }
 21750  
 21751  // String returns the string representation.
 21752  //
 21753  // API parameter values that are decorated as "sensitive" in the API will not
 21754  // be included in the string output. The member name will be present, but the
 21755  // value will be replaced with "sensitive".
 21756  func (s DeleteRolePermissionsBoundaryOutput) String() string {
 21757  	return awsutil.Prettify(s)
 21758  }
 21759  
 21760  // GoString returns the string representation.
 21761  //
 21762  // API parameter values that are decorated as "sensitive" in the API will not
 21763  // be included in the string output. The member name will be present, but the
 21764  // value will be replaced with "sensitive".
 21765  func (s DeleteRolePermissionsBoundaryOutput) GoString() string {
 21766  	return s.String()
 21767  }
 21768  
 21769  type DeleteRolePolicyInput struct {
 21770  	_ struct{} `type:"structure"`
 21771  
 21772  	// The name of the inline policy to delete from the specified IAM role.
 21773  	//
 21774  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 21775  	// a string of characters consisting of upper and lowercase alphanumeric characters
 21776  	// with no spaces. You can also include any of the following characters: _+=,.@-
 21777  	//
 21778  	// PolicyName is a required field
 21779  	PolicyName *string `min:"1" type:"string" required:"true"`
 21780  
 21781  	// The name (friendly name, not ARN) identifying the role that the policy is
 21782  	// embedded in.
 21783  	//
 21784  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 21785  	// a string of characters consisting of upper and lowercase alphanumeric characters
 21786  	// with no spaces. You can also include any of the following characters: _+=,.@-
 21787  	//
 21788  	// RoleName is a required field
 21789  	RoleName *string `min:"1" type:"string" required:"true"`
 21790  }
 21791  
 21792  // String returns the string representation.
 21793  //
 21794  // API parameter values that are decorated as "sensitive" in the API will not
 21795  // be included in the string output. The member name will be present, but the
 21796  // value will be replaced with "sensitive".
 21797  func (s DeleteRolePolicyInput) String() string {
 21798  	return awsutil.Prettify(s)
 21799  }
 21800  
 21801  // GoString returns the string representation.
 21802  //
 21803  // API parameter values that are decorated as "sensitive" in the API will not
 21804  // be included in the string output. The member name will be present, but the
 21805  // value will be replaced with "sensitive".
 21806  func (s DeleteRolePolicyInput) GoString() string {
 21807  	return s.String()
 21808  }
 21809  
 21810  // Validate inspects the fields of the type to determine if they are valid.
 21811  func (s *DeleteRolePolicyInput) Validate() error {
 21812  	invalidParams := request.ErrInvalidParams{Context: "DeleteRolePolicyInput"}
 21813  	if s.PolicyName == nil {
 21814  		invalidParams.Add(request.NewErrParamRequired("PolicyName"))
 21815  	}
 21816  	if s.PolicyName != nil && len(*s.PolicyName) < 1 {
 21817  		invalidParams.Add(request.NewErrParamMinLen("PolicyName", 1))
 21818  	}
 21819  	if s.RoleName == nil {
 21820  		invalidParams.Add(request.NewErrParamRequired("RoleName"))
 21821  	}
 21822  	if s.RoleName != nil && len(*s.RoleName) < 1 {
 21823  		invalidParams.Add(request.NewErrParamMinLen("RoleName", 1))
 21824  	}
 21825  
 21826  	if invalidParams.Len() > 0 {
 21827  		return invalidParams
 21828  	}
 21829  	return nil
 21830  }
 21831  
 21832  // SetPolicyName sets the PolicyName field's value.
 21833  func (s *DeleteRolePolicyInput) SetPolicyName(v string) *DeleteRolePolicyInput {
 21834  	s.PolicyName = &v
 21835  	return s
 21836  }
 21837  
 21838  // SetRoleName sets the RoleName field's value.
 21839  func (s *DeleteRolePolicyInput) SetRoleName(v string) *DeleteRolePolicyInput {
 21840  	s.RoleName = &v
 21841  	return s
 21842  }
 21843  
 21844  type DeleteRolePolicyOutput struct {
 21845  	_ struct{} `type:"structure"`
 21846  }
 21847  
 21848  // String returns the string representation.
 21849  //
 21850  // API parameter values that are decorated as "sensitive" in the API will not
 21851  // be included in the string output. The member name will be present, but the
 21852  // value will be replaced with "sensitive".
 21853  func (s DeleteRolePolicyOutput) String() string {
 21854  	return awsutil.Prettify(s)
 21855  }
 21856  
 21857  // GoString returns the string representation.
 21858  //
 21859  // API parameter values that are decorated as "sensitive" in the API will not
 21860  // be included in the string output. The member name will be present, but the
 21861  // value will be replaced with "sensitive".
 21862  func (s DeleteRolePolicyOutput) GoString() string {
 21863  	return s.String()
 21864  }
 21865  
 21866  type DeleteSAMLProviderInput struct {
 21867  	_ struct{} `type:"structure"`
 21868  
 21869  	// The Amazon Resource Name (ARN) of the SAML provider to delete.
 21870  	//
 21871  	// SAMLProviderArn is a required field
 21872  	SAMLProviderArn *string `min:"20" type:"string" required:"true"`
 21873  }
 21874  
 21875  // String returns the string representation.
 21876  //
 21877  // API parameter values that are decorated as "sensitive" in the API will not
 21878  // be included in the string output. The member name will be present, but the
 21879  // value will be replaced with "sensitive".
 21880  func (s DeleteSAMLProviderInput) String() string {
 21881  	return awsutil.Prettify(s)
 21882  }
 21883  
 21884  // GoString returns the string representation.
 21885  //
 21886  // API parameter values that are decorated as "sensitive" in the API will not
 21887  // be included in the string output. The member name will be present, but the
 21888  // value will be replaced with "sensitive".
 21889  func (s DeleteSAMLProviderInput) GoString() string {
 21890  	return s.String()
 21891  }
 21892  
 21893  // Validate inspects the fields of the type to determine if they are valid.
 21894  func (s *DeleteSAMLProviderInput) Validate() error {
 21895  	invalidParams := request.ErrInvalidParams{Context: "DeleteSAMLProviderInput"}
 21896  	if s.SAMLProviderArn == nil {
 21897  		invalidParams.Add(request.NewErrParamRequired("SAMLProviderArn"))
 21898  	}
 21899  	if s.SAMLProviderArn != nil && len(*s.SAMLProviderArn) < 20 {
 21900  		invalidParams.Add(request.NewErrParamMinLen("SAMLProviderArn", 20))
 21901  	}
 21902  
 21903  	if invalidParams.Len() > 0 {
 21904  		return invalidParams
 21905  	}
 21906  	return nil
 21907  }
 21908  
 21909  // SetSAMLProviderArn sets the SAMLProviderArn field's value.
 21910  func (s *DeleteSAMLProviderInput) SetSAMLProviderArn(v string) *DeleteSAMLProviderInput {
 21911  	s.SAMLProviderArn = &v
 21912  	return s
 21913  }
 21914  
 21915  type DeleteSAMLProviderOutput struct {
 21916  	_ struct{} `type:"structure"`
 21917  }
 21918  
 21919  // String returns the string representation.
 21920  //
 21921  // API parameter values that are decorated as "sensitive" in the API will not
 21922  // be included in the string output. The member name will be present, but the
 21923  // value will be replaced with "sensitive".
 21924  func (s DeleteSAMLProviderOutput) String() string {
 21925  	return awsutil.Prettify(s)
 21926  }
 21927  
 21928  // GoString returns the string representation.
 21929  //
 21930  // API parameter values that are decorated as "sensitive" in the API will not
 21931  // be included in the string output. The member name will be present, but the
 21932  // value will be replaced with "sensitive".
 21933  func (s DeleteSAMLProviderOutput) GoString() string {
 21934  	return s.String()
 21935  }
 21936  
 21937  type DeleteSSHPublicKeyInput struct {
 21938  	_ struct{} `type:"structure"`
 21939  
 21940  	// The unique identifier for the SSH public key.
 21941  	//
 21942  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 21943  	// a string of characters that can consist of any upper or lowercased letter
 21944  	// or digit.
 21945  	//
 21946  	// SSHPublicKeyId is a required field
 21947  	SSHPublicKeyId *string `min:"20" type:"string" required:"true"`
 21948  
 21949  	// The name of the IAM user associated with the SSH public key.
 21950  	//
 21951  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 21952  	// a string of characters consisting of upper and lowercase alphanumeric characters
 21953  	// with no spaces. You can also include any of the following characters: _+=,.@-
 21954  	//
 21955  	// UserName is a required field
 21956  	UserName *string `min:"1" type:"string" required:"true"`
 21957  }
 21958  
 21959  // String returns the string representation.
 21960  //
 21961  // API parameter values that are decorated as "sensitive" in the API will not
 21962  // be included in the string output. The member name will be present, but the
 21963  // value will be replaced with "sensitive".
 21964  func (s DeleteSSHPublicKeyInput) String() string {
 21965  	return awsutil.Prettify(s)
 21966  }
 21967  
 21968  // GoString returns the string representation.
 21969  //
 21970  // API parameter values that are decorated as "sensitive" in the API will not
 21971  // be included in the string output. The member name will be present, but the
 21972  // value will be replaced with "sensitive".
 21973  func (s DeleteSSHPublicKeyInput) GoString() string {
 21974  	return s.String()
 21975  }
 21976  
 21977  // Validate inspects the fields of the type to determine if they are valid.
 21978  func (s *DeleteSSHPublicKeyInput) Validate() error {
 21979  	invalidParams := request.ErrInvalidParams{Context: "DeleteSSHPublicKeyInput"}
 21980  	if s.SSHPublicKeyId == nil {
 21981  		invalidParams.Add(request.NewErrParamRequired("SSHPublicKeyId"))
 21982  	}
 21983  	if s.SSHPublicKeyId != nil && len(*s.SSHPublicKeyId) < 20 {
 21984  		invalidParams.Add(request.NewErrParamMinLen("SSHPublicKeyId", 20))
 21985  	}
 21986  	if s.UserName == nil {
 21987  		invalidParams.Add(request.NewErrParamRequired("UserName"))
 21988  	}
 21989  	if s.UserName != nil && len(*s.UserName) < 1 {
 21990  		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
 21991  	}
 21992  
 21993  	if invalidParams.Len() > 0 {
 21994  		return invalidParams
 21995  	}
 21996  	return nil
 21997  }
 21998  
 21999  // SetSSHPublicKeyId sets the SSHPublicKeyId field's value.
 22000  func (s *DeleteSSHPublicKeyInput) SetSSHPublicKeyId(v string) *DeleteSSHPublicKeyInput {
 22001  	s.SSHPublicKeyId = &v
 22002  	return s
 22003  }
 22004  
 22005  // SetUserName sets the UserName field's value.
 22006  func (s *DeleteSSHPublicKeyInput) SetUserName(v string) *DeleteSSHPublicKeyInput {
 22007  	s.UserName = &v
 22008  	return s
 22009  }
 22010  
 22011  type DeleteSSHPublicKeyOutput struct {
 22012  	_ struct{} `type:"structure"`
 22013  }
 22014  
 22015  // String returns the string representation.
 22016  //
 22017  // API parameter values that are decorated as "sensitive" in the API will not
 22018  // be included in the string output. The member name will be present, but the
 22019  // value will be replaced with "sensitive".
 22020  func (s DeleteSSHPublicKeyOutput) String() string {
 22021  	return awsutil.Prettify(s)
 22022  }
 22023  
 22024  // GoString returns the string representation.
 22025  //
 22026  // API parameter values that are decorated as "sensitive" in the API will not
 22027  // be included in the string output. The member name will be present, but the
 22028  // value will be replaced with "sensitive".
 22029  func (s DeleteSSHPublicKeyOutput) GoString() string {
 22030  	return s.String()
 22031  }
 22032  
 22033  type DeleteServerCertificateInput struct {
 22034  	_ struct{} `type:"structure"`
 22035  
 22036  	// The name of the server certificate you want to delete.
 22037  	//
 22038  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 22039  	// a string of characters consisting of upper and lowercase alphanumeric characters
 22040  	// with no spaces. You can also include any of the following characters: _+=,.@-
 22041  	//
 22042  	// ServerCertificateName is a required field
 22043  	ServerCertificateName *string `min:"1" type:"string" required:"true"`
 22044  }
 22045  
 22046  // String returns the string representation.
 22047  //
 22048  // API parameter values that are decorated as "sensitive" in the API will not
 22049  // be included in the string output. The member name will be present, but the
 22050  // value will be replaced with "sensitive".
 22051  func (s DeleteServerCertificateInput) String() string {
 22052  	return awsutil.Prettify(s)
 22053  }
 22054  
 22055  // GoString returns the string representation.
 22056  //
 22057  // API parameter values that are decorated as "sensitive" in the API will not
 22058  // be included in the string output. The member name will be present, but the
 22059  // value will be replaced with "sensitive".
 22060  func (s DeleteServerCertificateInput) GoString() string {
 22061  	return s.String()
 22062  }
 22063  
 22064  // Validate inspects the fields of the type to determine if they are valid.
 22065  func (s *DeleteServerCertificateInput) Validate() error {
 22066  	invalidParams := request.ErrInvalidParams{Context: "DeleteServerCertificateInput"}
 22067  	if s.ServerCertificateName == nil {
 22068  		invalidParams.Add(request.NewErrParamRequired("ServerCertificateName"))
 22069  	}
 22070  	if s.ServerCertificateName != nil && len(*s.ServerCertificateName) < 1 {
 22071  		invalidParams.Add(request.NewErrParamMinLen("ServerCertificateName", 1))
 22072  	}
 22073  
 22074  	if invalidParams.Len() > 0 {
 22075  		return invalidParams
 22076  	}
 22077  	return nil
 22078  }
 22079  
 22080  // SetServerCertificateName sets the ServerCertificateName field's value.
 22081  func (s *DeleteServerCertificateInput) SetServerCertificateName(v string) *DeleteServerCertificateInput {
 22082  	s.ServerCertificateName = &v
 22083  	return s
 22084  }
 22085  
 22086  type DeleteServerCertificateOutput struct {
 22087  	_ struct{} `type:"structure"`
 22088  }
 22089  
 22090  // String returns the string representation.
 22091  //
 22092  // API parameter values that are decorated as "sensitive" in the API will not
 22093  // be included in the string output. The member name will be present, but the
 22094  // value will be replaced with "sensitive".
 22095  func (s DeleteServerCertificateOutput) String() string {
 22096  	return awsutil.Prettify(s)
 22097  }
 22098  
 22099  // GoString returns the string representation.
 22100  //
 22101  // API parameter values that are decorated as "sensitive" in the API will not
 22102  // be included in the string output. The member name will be present, but the
 22103  // value will be replaced with "sensitive".
 22104  func (s DeleteServerCertificateOutput) GoString() string {
 22105  	return s.String()
 22106  }
 22107  
 22108  type DeleteServiceLinkedRoleInput struct {
 22109  	_ struct{} `type:"structure"`
 22110  
 22111  	// The name of the service-linked role to be deleted.
 22112  	//
 22113  	// RoleName is a required field
 22114  	RoleName *string `min:"1" type:"string" required:"true"`
 22115  }
 22116  
 22117  // String returns the string representation.
 22118  //
 22119  // API parameter values that are decorated as "sensitive" in the API will not
 22120  // be included in the string output. The member name will be present, but the
 22121  // value will be replaced with "sensitive".
 22122  func (s DeleteServiceLinkedRoleInput) String() string {
 22123  	return awsutil.Prettify(s)
 22124  }
 22125  
 22126  // GoString returns the string representation.
 22127  //
 22128  // API parameter values that are decorated as "sensitive" in the API will not
 22129  // be included in the string output. The member name will be present, but the
 22130  // value will be replaced with "sensitive".
 22131  func (s DeleteServiceLinkedRoleInput) GoString() string {
 22132  	return s.String()
 22133  }
 22134  
 22135  // Validate inspects the fields of the type to determine if they are valid.
 22136  func (s *DeleteServiceLinkedRoleInput) Validate() error {
 22137  	invalidParams := request.ErrInvalidParams{Context: "DeleteServiceLinkedRoleInput"}
 22138  	if s.RoleName == nil {
 22139  		invalidParams.Add(request.NewErrParamRequired("RoleName"))
 22140  	}
 22141  	if s.RoleName != nil && len(*s.RoleName) < 1 {
 22142  		invalidParams.Add(request.NewErrParamMinLen("RoleName", 1))
 22143  	}
 22144  
 22145  	if invalidParams.Len() > 0 {
 22146  		return invalidParams
 22147  	}
 22148  	return nil
 22149  }
 22150  
 22151  // SetRoleName sets the RoleName field's value.
 22152  func (s *DeleteServiceLinkedRoleInput) SetRoleName(v string) *DeleteServiceLinkedRoleInput {
 22153  	s.RoleName = &v
 22154  	return s
 22155  }
 22156  
 22157  type DeleteServiceLinkedRoleOutput struct {
 22158  	_ struct{} `type:"structure"`
 22159  
 22160  	// The deletion task identifier that you can use to check the status of the
 22161  	// deletion. This identifier is returned in the format task/aws-service-role/<service-principal-name>/<role-name>/<task-uuid>.
 22162  	//
 22163  	// DeletionTaskId is a required field
 22164  	DeletionTaskId *string `min:"1" type:"string" required:"true"`
 22165  }
 22166  
 22167  // String returns the string representation.
 22168  //
 22169  // API parameter values that are decorated as "sensitive" in the API will not
 22170  // be included in the string output. The member name will be present, but the
 22171  // value will be replaced with "sensitive".
 22172  func (s DeleteServiceLinkedRoleOutput) String() string {
 22173  	return awsutil.Prettify(s)
 22174  }
 22175  
 22176  // GoString returns the string representation.
 22177  //
 22178  // API parameter values that are decorated as "sensitive" in the API will not
 22179  // be included in the string output. The member name will be present, but the
 22180  // value will be replaced with "sensitive".
 22181  func (s DeleteServiceLinkedRoleOutput) GoString() string {
 22182  	return s.String()
 22183  }
 22184  
 22185  // SetDeletionTaskId sets the DeletionTaskId field's value.
 22186  func (s *DeleteServiceLinkedRoleOutput) SetDeletionTaskId(v string) *DeleteServiceLinkedRoleOutput {
 22187  	s.DeletionTaskId = &v
 22188  	return s
 22189  }
 22190  
 22191  type DeleteServiceSpecificCredentialInput struct {
 22192  	_ struct{} `type:"structure"`
 22193  
 22194  	// The unique identifier of the service-specific credential. You can get this
 22195  	// value by calling ListServiceSpecificCredentials.
 22196  	//
 22197  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 22198  	// a string of characters that can consist of any upper or lowercased letter
 22199  	// or digit.
 22200  	//
 22201  	// ServiceSpecificCredentialId is a required field
 22202  	ServiceSpecificCredentialId *string `min:"20" type:"string" required:"true"`
 22203  
 22204  	// The name of the IAM user associated with the service-specific credential.
 22205  	// If this value is not specified, then the operation assumes the user whose
 22206  	// credentials are used to call the operation.
 22207  	//
 22208  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 22209  	// a string of characters consisting of upper and lowercase alphanumeric characters
 22210  	// with no spaces. You can also include any of the following characters: _+=,.@-
 22211  	UserName *string `min:"1" type:"string"`
 22212  }
 22213  
 22214  // String returns the string representation.
 22215  //
 22216  // API parameter values that are decorated as "sensitive" in the API will not
 22217  // be included in the string output. The member name will be present, but the
 22218  // value will be replaced with "sensitive".
 22219  func (s DeleteServiceSpecificCredentialInput) String() string {
 22220  	return awsutil.Prettify(s)
 22221  }
 22222  
 22223  // GoString returns the string representation.
 22224  //
 22225  // API parameter values that are decorated as "sensitive" in the API will not
 22226  // be included in the string output. The member name will be present, but the
 22227  // value will be replaced with "sensitive".
 22228  func (s DeleteServiceSpecificCredentialInput) GoString() string {
 22229  	return s.String()
 22230  }
 22231  
 22232  // Validate inspects the fields of the type to determine if they are valid.
 22233  func (s *DeleteServiceSpecificCredentialInput) Validate() error {
 22234  	invalidParams := request.ErrInvalidParams{Context: "DeleteServiceSpecificCredentialInput"}
 22235  	if s.ServiceSpecificCredentialId == nil {
 22236  		invalidParams.Add(request.NewErrParamRequired("ServiceSpecificCredentialId"))
 22237  	}
 22238  	if s.ServiceSpecificCredentialId != nil && len(*s.ServiceSpecificCredentialId) < 20 {
 22239  		invalidParams.Add(request.NewErrParamMinLen("ServiceSpecificCredentialId", 20))
 22240  	}
 22241  	if s.UserName != nil && len(*s.UserName) < 1 {
 22242  		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
 22243  	}
 22244  
 22245  	if invalidParams.Len() > 0 {
 22246  		return invalidParams
 22247  	}
 22248  	return nil
 22249  }
 22250  
 22251  // SetServiceSpecificCredentialId sets the ServiceSpecificCredentialId field's value.
 22252  func (s *DeleteServiceSpecificCredentialInput) SetServiceSpecificCredentialId(v string) *DeleteServiceSpecificCredentialInput {
 22253  	s.ServiceSpecificCredentialId = &v
 22254  	return s
 22255  }
 22256  
 22257  // SetUserName sets the UserName field's value.
 22258  func (s *DeleteServiceSpecificCredentialInput) SetUserName(v string) *DeleteServiceSpecificCredentialInput {
 22259  	s.UserName = &v
 22260  	return s
 22261  }
 22262  
 22263  type DeleteServiceSpecificCredentialOutput struct {
 22264  	_ struct{} `type:"structure"`
 22265  }
 22266  
 22267  // String returns the string representation.
 22268  //
 22269  // API parameter values that are decorated as "sensitive" in the API will not
 22270  // be included in the string output. The member name will be present, but the
 22271  // value will be replaced with "sensitive".
 22272  func (s DeleteServiceSpecificCredentialOutput) String() string {
 22273  	return awsutil.Prettify(s)
 22274  }
 22275  
 22276  // GoString returns the string representation.
 22277  //
 22278  // API parameter values that are decorated as "sensitive" in the API will not
 22279  // be included in the string output. The member name will be present, but the
 22280  // value will be replaced with "sensitive".
 22281  func (s DeleteServiceSpecificCredentialOutput) GoString() string {
 22282  	return s.String()
 22283  }
 22284  
 22285  type DeleteSigningCertificateInput struct {
 22286  	_ struct{} `type:"structure"`
 22287  
 22288  	// The ID of the signing certificate to delete.
 22289  	//
 22290  	// The format of this parameter, as described by its regex (http://wikipedia.org/wiki/regex)
 22291  	// pattern, is a string of characters that can be upper- or lower-cased letters
 22292  	// or digits.
 22293  	//
 22294  	// CertificateId is a required field
 22295  	CertificateId *string `min:"24" type:"string" required:"true"`
 22296  
 22297  	// The name of the user the signing certificate belongs to.
 22298  	//
 22299  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 22300  	// a string of characters consisting of upper and lowercase alphanumeric characters
 22301  	// with no spaces. You can also include any of the following characters: _+=,.@-
 22302  	UserName *string `min:"1" type:"string"`
 22303  }
 22304  
 22305  // String returns the string representation.
 22306  //
 22307  // API parameter values that are decorated as "sensitive" in the API will not
 22308  // be included in the string output. The member name will be present, but the
 22309  // value will be replaced with "sensitive".
 22310  func (s DeleteSigningCertificateInput) String() string {
 22311  	return awsutil.Prettify(s)
 22312  }
 22313  
 22314  // GoString returns the string representation.
 22315  //
 22316  // API parameter values that are decorated as "sensitive" in the API will not
 22317  // be included in the string output. The member name will be present, but the
 22318  // value will be replaced with "sensitive".
 22319  func (s DeleteSigningCertificateInput) GoString() string {
 22320  	return s.String()
 22321  }
 22322  
 22323  // Validate inspects the fields of the type to determine if they are valid.
 22324  func (s *DeleteSigningCertificateInput) Validate() error {
 22325  	invalidParams := request.ErrInvalidParams{Context: "DeleteSigningCertificateInput"}
 22326  	if s.CertificateId == nil {
 22327  		invalidParams.Add(request.NewErrParamRequired("CertificateId"))
 22328  	}
 22329  	if s.CertificateId != nil && len(*s.CertificateId) < 24 {
 22330  		invalidParams.Add(request.NewErrParamMinLen("CertificateId", 24))
 22331  	}
 22332  	if s.UserName != nil && len(*s.UserName) < 1 {
 22333  		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
 22334  	}
 22335  
 22336  	if invalidParams.Len() > 0 {
 22337  		return invalidParams
 22338  	}
 22339  	return nil
 22340  }
 22341  
 22342  // SetCertificateId sets the CertificateId field's value.
 22343  func (s *DeleteSigningCertificateInput) SetCertificateId(v string) *DeleteSigningCertificateInput {
 22344  	s.CertificateId = &v
 22345  	return s
 22346  }
 22347  
 22348  // SetUserName sets the UserName field's value.
 22349  func (s *DeleteSigningCertificateInput) SetUserName(v string) *DeleteSigningCertificateInput {
 22350  	s.UserName = &v
 22351  	return s
 22352  }
 22353  
 22354  type DeleteSigningCertificateOutput struct {
 22355  	_ struct{} `type:"structure"`
 22356  }
 22357  
 22358  // String returns the string representation.
 22359  //
 22360  // API parameter values that are decorated as "sensitive" in the API will not
 22361  // be included in the string output. The member name will be present, but the
 22362  // value will be replaced with "sensitive".
 22363  func (s DeleteSigningCertificateOutput) String() string {
 22364  	return awsutil.Prettify(s)
 22365  }
 22366  
 22367  // GoString returns the string representation.
 22368  //
 22369  // API parameter values that are decorated as "sensitive" in the API will not
 22370  // be included in the string output. The member name will be present, but the
 22371  // value will be replaced with "sensitive".
 22372  func (s DeleteSigningCertificateOutput) GoString() string {
 22373  	return s.String()
 22374  }
 22375  
 22376  type DeleteUserInput struct {
 22377  	_ struct{} `type:"structure"`
 22378  
 22379  	// The name of the user to delete.
 22380  	//
 22381  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 22382  	// a string of characters consisting of upper and lowercase alphanumeric characters
 22383  	// with no spaces. You can also include any of the following characters: _+=,.@-
 22384  	//
 22385  	// UserName is a required field
 22386  	UserName *string `min:"1" type:"string" required:"true"`
 22387  }
 22388  
 22389  // String returns the string representation.
 22390  //
 22391  // API parameter values that are decorated as "sensitive" in the API will not
 22392  // be included in the string output. The member name will be present, but the
 22393  // value will be replaced with "sensitive".
 22394  func (s DeleteUserInput) String() string {
 22395  	return awsutil.Prettify(s)
 22396  }
 22397  
 22398  // GoString returns the string representation.
 22399  //
 22400  // API parameter values that are decorated as "sensitive" in the API will not
 22401  // be included in the string output. The member name will be present, but the
 22402  // value will be replaced with "sensitive".
 22403  func (s DeleteUserInput) GoString() string {
 22404  	return s.String()
 22405  }
 22406  
 22407  // Validate inspects the fields of the type to determine if they are valid.
 22408  func (s *DeleteUserInput) Validate() error {
 22409  	invalidParams := request.ErrInvalidParams{Context: "DeleteUserInput"}
 22410  	if s.UserName == nil {
 22411  		invalidParams.Add(request.NewErrParamRequired("UserName"))
 22412  	}
 22413  	if s.UserName != nil && len(*s.UserName) < 1 {
 22414  		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
 22415  	}
 22416  
 22417  	if invalidParams.Len() > 0 {
 22418  		return invalidParams
 22419  	}
 22420  	return nil
 22421  }
 22422  
 22423  // SetUserName sets the UserName field's value.
 22424  func (s *DeleteUserInput) SetUserName(v string) *DeleteUserInput {
 22425  	s.UserName = &v
 22426  	return s
 22427  }
 22428  
 22429  type DeleteUserOutput struct {
 22430  	_ struct{} `type:"structure"`
 22431  }
 22432  
 22433  // String returns the string representation.
 22434  //
 22435  // API parameter values that are decorated as "sensitive" in the API will not
 22436  // be included in the string output. The member name will be present, but the
 22437  // value will be replaced with "sensitive".
 22438  func (s DeleteUserOutput) String() string {
 22439  	return awsutil.Prettify(s)
 22440  }
 22441  
 22442  // GoString returns the string representation.
 22443  //
 22444  // API parameter values that are decorated as "sensitive" in the API will not
 22445  // be included in the string output. The member name will be present, but the
 22446  // value will be replaced with "sensitive".
 22447  func (s DeleteUserOutput) GoString() string {
 22448  	return s.String()
 22449  }
 22450  
 22451  type DeleteUserPermissionsBoundaryInput struct {
 22452  	_ struct{} `type:"structure"`
 22453  
 22454  	// The name (friendly name, not ARN) of the IAM user from which you want to
 22455  	// remove the permissions boundary.
 22456  	//
 22457  	// UserName is a required field
 22458  	UserName *string `min:"1" type:"string" required:"true"`
 22459  }
 22460  
 22461  // String returns the string representation.
 22462  //
 22463  // API parameter values that are decorated as "sensitive" in the API will not
 22464  // be included in the string output. The member name will be present, but the
 22465  // value will be replaced with "sensitive".
 22466  func (s DeleteUserPermissionsBoundaryInput) String() string {
 22467  	return awsutil.Prettify(s)
 22468  }
 22469  
 22470  // GoString returns the string representation.
 22471  //
 22472  // API parameter values that are decorated as "sensitive" in the API will not
 22473  // be included in the string output. The member name will be present, but the
 22474  // value will be replaced with "sensitive".
 22475  func (s DeleteUserPermissionsBoundaryInput) GoString() string {
 22476  	return s.String()
 22477  }
 22478  
 22479  // Validate inspects the fields of the type to determine if they are valid.
 22480  func (s *DeleteUserPermissionsBoundaryInput) Validate() error {
 22481  	invalidParams := request.ErrInvalidParams{Context: "DeleteUserPermissionsBoundaryInput"}
 22482  	if s.UserName == nil {
 22483  		invalidParams.Add(request.NewErrParamRequired("UserName"))
 22484  	}
 22485  	if s.UserName != nil && len(*s.UserName) < 1 {
 22486  		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
 22487  	}
 22488  
 22489  	if invalidParams.Len() > 0 {
 22490  		return invalidParams
 22491  	}
 22492  	return nil
 22493  }
 22494  
 22495  // SetUserName sets the UserName field's value.
 22496  func (s *DeleteUserPermissionsBoundaryInput) SetUserName(v string) *DeleteUserPermissionsBoundaryInput {
 22497  	s.UserName = &v
 22498  	return s
 22499  }
 22500  
 22501  type DeleteUserPermissionsBoundaryOutput struct {
 22502  	_ struct{} `type:"structure"`
 22503  }
 22504  
 22505  // String returns the string representation.
 22506  //
 22507  // API parameter values that are decorated as "sensitive" in the API will not
 22508  // be included in the string output. The member name will be present, but the
 22509  // value will be replaced with "sensitive".
 22510  func (s DeleteUserPermissionsBoundaryOutput) String() string {
 22511  	return awsutil.Prettify(s)
 22512  }
 22513  
 22514  // GoString returns the string representation.
 22515  //
 22516  // API parameter values that are decorated as "sensitive" in the API will not
 22517  // be included in the string output. The member name will be present, but the
 22518  // value will be replaced with "sensitive".
 22519  func (s DeleteUserPermissionsBoundaryOutput) GoString() string {
 22520  	return s.String()
 22521  }
 22522  
 22523  type DeleteUserPolicyInput struct {
 22524  	_ struct{} `type:"structure"`
 22525  
 22526  	// The name identifying the policy document to delete.
 22527  	//
 22528  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 22529  	// a string of characters consisting of upper and lowercase alphanumeric characters
 22530  	// with no spaces. You can also include any of the following characters: _+=,.@-
 22531  	//
 22532  	// PolicyName is a required field
 22533  	PolicyName *string `min:"1" type:"string" required:"true"`
 22534  
 22535  	// The name (friendly name, not ARN) identifying the user that the policy is
 22536  	// embedded in.
 22537  	//
 22538  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 22539  	// a string of characters consisting of upper and lowercase alphanumeric characters
 22540  	// with no spaces. You can also include any of the following characters: _+=,.@-
 22541  	//
 22542  	// UserName is a required field
 22543  	UserName *string `min:"1" type:"string" required:"true"`
 22544  }
 22545  
 22546  // String returns the string representation.
 22547  //
 22548  // API parameter values that are decorated as "sensitive" in the API will not
 22549  // be included in the string output. The member name will be present, but the
 22550  // value will be replaced with "sensitive".
 22551  func (s DeleteUserPolicyInput) String() string {
 22552  	return awsutil.Prettify(s)
 22553  }
 22554  
 22555  // GoString returns the string representation.
 22556  //
 22557  // API parameter values that are decorated as "sensitive" in the API will not
 22558  // be included in the string output. The member name will be present, but the
 22559  // value will be replaced with "sensitive".
 22560  func (s DeleteUserPolicyInput) GoString() string {
 22561  	return s.String()
 22562  }
 22563  
 22564  // Validate inspects the fields of the type to determine if they are valid.
 22565  func (s *DeleteUserPolicyInput) Validate() error {
 22566  	invalidParams := request.ErrInvalidParams{Context: "DeleteUserPolicyInput"}
 22567  	if s.PolicyName == nil {
 22568  		invalidParams.Add(request.NewErrParamRequired("PolicyName"))
 22569  	}
 22570  	if s.PolicyName != nil && len(*s.PolicyName) < 1 {
 22571  		invalidParams.Add(request.NewErrParamMinLen("PolicyName", 1))
 22572  	}
 22573  	if s.UserName == nil {
 22574  		invalidParams.Add(request.NewErrParamRequired("UserName"))
 22575  	}
 22576  	if s.UserName != nil && len(*s.UserName) < 1 {
 22577  		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
 22578  	}
 22579  
 22580  	if invalidParams.Len() > 0 {
 22581  		return invalidParams
 22582  	}
 22583  	return nil
 22584  }
 22585  
 22586  // SetPolicyName sets the PolicyName field's value.
 22587  func (s *DeleteUserPolicyInput) SetPolicyName(v string) *DeleteUserPolicyInput {
 22588  	s.PolicyName = &v
 22589  	return s
 22590  }
 22591  
 22592  // SetUserName sets the UserName field's value.
 22593  func (s *DeleteUserPolicyInput) SetUserName(v string) *DeleteUserPolicyInput {
 22594  	s.UserName = &v
 22595  	return s
 22596  }
 22597  
 22598  type DeleteUserPolicyOutput struct {
 22599  	_ struct{} `type:"structure"`
 22600  }
 22601  
 22602  // String returns the string representation.
 22603  //
 22604  // API parameter values that are decorated as "sensitive" in the API will not
 22605  // be included in the string output. The member name will be present, but the
 22606  // value will be replaced with "sensitive".
 22607  func (s DeleteUserPolicyOutput) String() string {
 22608  	return awsutil.Prettify(s)
 22609  }
 22610  
 22611  // GoString returns the string representation.
 22612  //
 22613  // API parameter values that are decorated as "sensitive" in the API will not
 22614  // be included in the string output. The member name will be present, but the
 22615  // value will be replaced with "sensitive".
 22616  func (s DeleteUserPolicyOutput) GoString() string {
 22617  	return s.String()
 22618  }
 22619  
 22620  type DeleteVirtualMFADeviceInput struct {
 22621  	_ struct{} `type:"structure"`
 22622  
 22623  	// The serial number that uniquely identifies the MFA device. For virtual MFA
 22624  	// devices, the serial number is the same as the ARN.
 22625  	//
 22626  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 22627  	// a string of characters consisting of upper and lowercase alphanumeric characters
 22628  	// with no spaces. You can also include any of the following characters: =,.@:/-
 22629  	//
 22630  	// SerialNumber is a required field
 22631  	SerialNumber *string `min:"9" type:"string" required:"true"`
 22632  }
 22633  
 22634  // String returns the string representation.
 22635  //
 22636  // API parameter values that are decorated as "sensitive" in the API will not
 22637  // be included in the string output. The member name will be present, but the
 22638  // value will be replaced with "sensitive".
 22639  func (s DeleteVirtualMFADeviceInput) String() string {
 22640  	return awsutil.Prettify(s)
 22641  }
 22642  
 22643  // GoString returns the string representation.
 22644  //
 22645  // API parameter values that are decorated as "sensitive" in the API will not
 22646  // be included in the string output. The member name will be present, but the
 22647  // value will be replaced with "sensitive".
 22648  func (s DeleteVirtualMFADeviceInput) GoString() string {
 22649  	return s.String()
 22650  }
 22651  
 22652  // Validate inspects the fields of the type to determine if they are valid.
 22653  func (s *DeleteVirtualMFADeviceInput) Validate() error {
 22654  	invalidParams := request.ErrInvalidParams{Context: "DeleteVirtualMFADeviceInput"}
 22655  	if s.SerialNumber == nil {
 22656  		invalidParams.Add(request.NewErrParamRequired("SerialNumber"))
 22657  	}
 22658  	if s.SerialNumber != nil && len(*s.SerialNumber) < 9 {
 22659  		invalidParams.Add(request.NewErrParamMinLen("SerialNumber", 9))
 22660  	}
 22661  
 22662  	if invalidParams.Len() > 0 {
 22663  		return invalidParams
 22664  	}
 22665  	return nil
 22666  }
 22667  
 22668  // SetSerialNumber sets the SerialNumber field's value.
 22669  func (s *DeleteVirtualMFADeviceInput) SetSerialNumber(v string) *DeleteVirtualMFADeviceInput {
 22670  	s.SerialNumber = &v
 22671  	return s
 22672  }
 22673  
 22674  type DeleteVirtualMFADeviceOutput struct {
 22675  	_ struct{} `type:"structure"`
 22676  }
 22677  
 22678  // String returns the string representation.
 22679  //
 22680  // API parameter values that are decorated as "sensitive" in the API will not
 22681  // be included in the string output. The member name will be present, but the
 22682  // value will be replaced with "sensitive".
 22683  func (s DeleteVirtualMFADeviceOutput) String() string {
 22684  	return awsutil.Prettify(s)
 22685  }
 22686  
 22687  // GoString returns the string representation.
 22688  //
 22689  // API parameter values that are decorated as "sensitive" in the API will not
 22690  // be included in the string output. The member name will be present, but the
 22691  // value will be replaced with "sensitive".
 22692  func (s DeleteVirtualMFADeviceOutput) GoString() string {
 22693  	return s.String()
 22694  }
 22695  
 22696  // The reason that the service-linked role deletion failed.
 22697  //
 22698  // This data type is used as a response element in the GetServiceLinkedRoleDeletionStatus
 22699  // operation.
 22700  type DeletionTaskFailureReasonType struct {
 22701  	_ struct{} `type:"structure"`
 22702  
 22703  	// A short description of the reason that the service-linked role deletion failed.
 22704  	Reason *string `type:"string"`
 22705  
 22706  	// A list of objects that contains details about the service-linked role deletion
 22707  	// failure, if that information is returned by the service. If the service-linked
 22708  	// role has active sessions or if any resources that were used by the role have
 22709  	// not been deleted from the linked service, the role can't be deleted. This
 22710  	// parameter includes a list of the resources that are associated with the role
 22711  	// and the Region in which the resources are being used.
 22712  	RoleUsageList []*RoleUsageType `type:"list"`
 22713  }
 22714  
 22715  // String returns the string representation.
 22716  //
 22717  // API parameter values that are decorated as "sensitive" in the API will not
 22718  // be included in the string output. The member name will be present, but the
 22719  // value will be replaced with "sensitive".
 22720  func (s DeletionTaskFailureReasonType) String() string {
 22721  	return awsutil.Prettify(s)
 22722  }
 22723  
 22724  // GoString returns the string representation.
 22725  //
 22726  // API parameter values that are decorated as "sensitive" in the API will not
 22727  // be included in the string output. The member name will be present, but the
 22728  // value will be replaced with "sensitive".
 22729  func (s DeletionTaskFailureReasonType) GoString() string {
 22730  	return s.String()
 22731  }
 22732  
 22733  // SetReason sets the Reason field's value.
 22734  func (s *DeletionTaskFailureReasonType) SetReason(v string) *DeletionTaskFailureReasonType {
 22735  	s.Reason = &v
 22736  	return s
 22737  }
 22738  
 22739  // SetRoleUsageList sets the RoleUsageList field's value.
 22740  func (s *DeletionTaskFailureReasonType) SetRoleUsageList(v []*RoleUsageType) *DeletionTaskFailureReasonType {
 22741  	s.RoleUsageList = v
 22742  	return s
 22743  }
 22744  
 22745  type DetachGroupPolicyInput struct {
 22746  	_ struct{} `type:"structure"`
 22747  
 22748  	// The name (friendly name, not ARN) of the IAM group to detach the policy from.
 22749  	//
 22750  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 22751  	// a string of characters consisting of upper and lowercase alphanumeric characters
 22752  	// with no spaces. You can also include any of the following characters: _+=,.@-
 22753  	//
 22754  	// GroupName is a required field
 22755  	GroupName *string `min:"1" type:"string" required:"true"`
 22756  
 22757  	// The Amazon Resource Name (ARN) of the IAM policy you want to detach.
 22758  	//
 22759  	// For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
 22760  	// in the Amazon Web Services General Reference.
 22761  	//
 22762  	// PolicyArn is a required field
 22763  	PolicyArn *string `min:"20" type:"string" required:"true"`
 22764  }
 22765  
 22766  // String returns the string representation.
 22767  //
 22768  // API parameter values that are decorated as "sensitive" in the API will not
 22769  // be included in the string output. The member name will be present, but the
 22770  // value will be replaced with "sensitive".
 22771  func (s DetachGroupPolicyInput) String() string {
 22772  	return awsutil.Prettify(s)
 22773  }
 22774  
 22775  // GoString returns the string representation.
 22776  //
 22777  // API parameter values that are decorated as "sensitive" in the API will not
 22778  // be included in the string output. The member name will be present, but the
 22779  // value will be replaced with "sensitive".
 22780  func (s DetachGroupPolicyInput) GoString() string {
 22781  	return s.String()
 22782  }
 22783  
 22784  // Validate inspects the fields of the type to determine if they are valid.
 22785  func (s *DetachGroupPolicyInput) Validate() error {
 22786  	invalidParams := request.ErrInvalidParams{Context: "DetachGroupPolicyInput"}
 22787  	if s.GroupName == nil {
 22788  		invalidParams.Add(request.NewErrParamRequired("GroupName"))
 22789  	}
 22790  	if s.GroupName != nil && len(*s.GroupName) < 1 {
 22791  		invalidParams.Add(request.NewErrParamMinLen("GroupName", 1))
 22792  	}
 22793  	if s.PolicyArn == nil {
 22794  		invalidParams.Add(request.NewErrParamRequired("PolicyArn"))
 22795  	}
 22796  	if s.PolicyArn != nil && len(*s.PolicyArn) < 20 {
 22797  		invalidParams.Add(request.NewErrParamMinLen("PolicyArn", 20))
 22798  	}
 22799  
 22800  	if invalidParams.Len() > 0 {
 22801  		return invalidParams
 22802  	}
 22803  	return nil
 22804  }
 22805  
 22806  // SetGroupName sets the GroupName field's value.
 22807  func (s *DetachGroupPolicyInput) SetGroupName(v string) *DetachGroupPolicyInput {
 22808  	s.GroupName = &v
 22809  	return s
 22810  }
 22811  
 22812  // SetPolicyArn sets the PolicyArn field's value.
 22813  func (s *DetachGroupPolicyInput) SetPolicyArn(v string) *DetachGroupPolicyInput {
 22814  	s.PolicyArn = &v
 22815  	return s
 22816  }
 22817  
 22818  type DetachGroupPolicyOutput struct {
 22819  	_ struct{} `type:"structure"`
 22820  }
 22821  
 22822  // String returns the string representation.
 22823  //
 22824  // API parameter values that are decorated as "sensitive" in the API will not
 22825  // be included in the string output. The member name will be present, but the
 22826  // value will be replaced with "sensitive".
 22827  func (s DetachGroupPolicyOutput) String() string {
 22828  	return awsutil.Prettify(s)
 22829  }
 22830  
 22831  // GoString returns the string representation.
 22832  //
 22833  // API parameter values that are decorated as "sensitive" in the API will not
 22834  // be included in the string output. The member name will be present, but the
 22835  // value will be replaced with "sensitive".
 22836  func (s DetachGroupPolicyOutput) GoString() string {
 22837  	return s.String()
 22838  }
 22839  
 22840  type DetachRolePolicyInput struct {
 22841  	_ struct{} `type:"structure"`
 22842  
 22843  	// The Amazon Resource Name (ARN) of the IAM policy you want to detach.
 22844  	//
 22845  	// For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
 22846  	// in the Amazon Web Services General Reference.
 22847  	//
 22848  	// PolicyArn is a required field
 22849  	PolicyArn *string `min:"20" type:"string" required:"true"`
 22850  
 22851  	// The name (friendly name, not ARN) of the IAM role to detach the policy from.
 22852  	//
 22853  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 22854  	// a string of characters consisting of upper and lowercase alphanumeric characters
 22855  	// with no spaces. You can also include any of the following characters: _+=,.@-
 22856  	//
 22857  	// RoleName is a required field
 22858  	RoleName *string `min:"1" type:"string" required:"true"`
 22859  }
 22860  
 22861  // String returns the string representation.
 22862  //
 22863  // API parameter values that are decorated as "sensitive" in the API will not
 22864  // be included in the string output. The member name will be present, but the
 22865  // value will be replaced with "sensitive".
 22866  func (s DetachRolePolicyInput) String() string {
 22867  	return awsutil.Prettify(s)
 22868  }
 22869  
 22870  // GoString returns the string representation.
 22871  //
 22872  // API parameter values that are decorated as "sensitive" in the API will not
 22873  // be included in the string output. The member name will be present, but the
 22874  // value will be replaced with "sensitive".
 22875  func (s DetachRolePolicyInput) GoString() string {
 22876  	return s.String()
 22877  }
 22878  
 22879  // Validate inspects the fields of the type to determine if they are valid.
 22880  func (s *DetachRolePolicyInput) Validate() error {
 22881  	invalidParams := request.ErrInvalidParams{Context: "DetachRolePolicyInput"}
 22882  	if s.PolicyArn == nil {
 22883  		invalidParams.Add(request.NewErrParamRequired("PolicyArn"))
 22884  	}
 22885  	if s.PolicyArn != nil && len(*s.PolicyArn) < 20 {
 22886  		invalidParams.Add(request.NewErrParamMinLen("PolicyArn", 20))
 22887  	}
 22888  	if s.RoleName == nil {
 22889  		invalidParams.Add(request.NewErrParamRequired("RoleName"))
 22890  	}
 22891  	if s.RoleName != nil && len(*s.RoleName) < 1 {
 22892  		invalidParams.Add(request.NewErrParamMinLen("RoleName", 1))
 22893  	}
 22894  
 22895  	if invalidParams.Len() > 0 {
 22896  		return invalidParams
 22897  	}
 22898  	return nil
 22899  }
 22900  
 22901  // SetPolicyArn sets the PolicyArn field's value.
 22902  func (s *DetachRolePolicyInput) SetPolicyArn(v string) *DetachRolePolicyInput {
 22903  	s.PolicyArn = &v
 22904  	return s
 22905  }
 22906  
 22907  // SetRoleName sets the RoleName field's value.
 22908  func (s *DetachRolePolicyInput) SetRoleName(v string) *DetachRolePolicyInput {
 22909  	s.RoleName = &v
 22910  	return s
 22911  }
 22912  
 22913  type DetachRolePolicyOutput struct {
 22914  	_ struct{} `type:"structure"`
 22915  }
 22916  
 22917  // String returns the string representation.
 22918  //
 22919  // API parameter values that are decorated as "sensitive" in the API will not
 22920  // be included in the string output. The member name will be present, but the
 22921  // value will be replaced with "sensitive".
 22922  func (s DetachRolePolicyOutput) String() string {
 22923  	return awsutil.Prettify(s)
 22924  }
 22925  
 22926  // GoString returns the string representation.
 22927  //
 22928  // API parameter values that are decorated as "sensitive" in the API will not
 22929  // be included in the string output. The member name will be present, but the
 22930  // value will be replaced with "sensitive".
 22931  func (s DetachRolePolicyOutput) GoString() string {
 22932  	return s.String()
 22933  }
 22934  
 22935  type DetachUserPolicyInput struct {
 22936  	_ struct{} `type:"structure"`
 22937  
 22938  	// The Amazon Resource Name (ARN) of the IAM policy you want to detach.
 22939  	//
 22940  	// For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
 22941  	// in the Amazon Web Services General Reference.
 22942  	//
 22943  	// PolicyArn is a required field
 22944  	PolicyArn *string `min:"20" type:"string" required:"true"`
 22945  
 22946  	// The name (friendly name, not ARN) of the IAM user to detach the policy from.
 22947  	//
 22948  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 22949  	// a string of characters consisting of upper and lowercase alphanumeric characters
 22950  	// with no spaces. You can also include any of the following characters: _+=,.@-
 22951  	//
 22952  	// UserName is a required field
 22953  	UserName *string `min:"1" type:"string" required:"true"`
 22954  }
 22955  
 22956  // String returns the string representation.
 22957  //
 22958  // API parameter values that are decorated as "sensitive" in the API will not
 22959  // be included in the string output. The member name will be present, but the
 22960  // value will be replaced with "sensitive".
 22961  func (s DetachUserPolicyInput) String() string {
 22962  	return awsutil.Prettify(s)
 22963  }
 22964  
 22965  // GoString returns the string representation.
 22966  //
 22967  // API parameter values that are decorated as "sensitive" in the API will not
 22968  // be included in the string output. The member name will be present, but the
 22969  // value will be replaced with "sensitive".
 22970  func (s DetachUserPolicyInput) GoString() string {
 22971  	return s.String()
 22972  }
 22973  
 22974  // Validate inspects the fields of the type to determine if they are valid.
 22975  func (s *DetachUserPolicyInput) Validate() error {
 22976  	invalidParams := request.ErrInvalidParams{Context: "DetachUserPolicyInput"}
 22977  	if s.PolicyArn == nil {
 22978  		invalidParams.Add(request.NewErrParamRequired("PolicyArn"))
 22979  	}
 22980  	if s.PolicyArn != nil && len(*s.PolicyArn) < 20 {
 22981  		invalidParams.Add(request.NewErrParamMinLen("PolicyArn", 20))
 22982  	}
 22983  	if s.UserName == nil {
 22984  		invalidParams.Add(request.NewErrParamRequired("UserName"))
 22985  	}
 22986  	if s.UserName != nil && len(*s.UserName) < 1 {
 22987  		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
 22988  	}
 22989  
 22990  	if invalidParams.Len() > 0 {
 22991  		return invalidParams
 22992  	}
 22993  	return nil
 22994  }
 22995  
 22996  // SetPolicyArn sets the PolicyArn field's value.
 22997  func (s *DetachUserPolicyInput) SetPolicyArn(v string) *DetachUserPolicyInput {
 22998  	s.PolicyArn = &v
 22999  	return s
 23000  }
 23001  
 23002  // SetUserName sets the UserName field's value.
 23003  func (s *DetachUserPolicyInput) SetUserName(v string) *DetachUserPolicyInput {
 23004  	s.UserName = &v
 23005  	return s
 23006  }
 23007  
 23008  type DetachUserPolicyOutput struct {
 23009  	_ struct{} `type:"structure"`
 23010  }
 23011  
 23012  // String returns the string representation.
 23013  //
 23014  // API parameter values that are decorated as "sensitive" in the API will not
 23015  // be included in the string output. The member name will be present, but the
 23016  // value will be replaced with "sensitive".
 23017  func (s DetachUserPolicyOutput) String() string {
 23018  	return awsutil.Prettify(s)
 23019  }
 23020  
 23021  // GoString returns the string representation.
 23022  //
 23023  // API parameter values that are decorated as "sensitive" in the API will not
 23024  // be included in the string output. The member name will be present, but the
 23025  // value will be replaced with "sensitive".
 23026  func (s DetachUserPolicyOutput) GoString() string {
 23027  	return s.String()
 23028  }
 23029  
 23030  type EnableMFADeviceInput struct {
 23031  	_ struct{} `type:"structure"`
 23032  
 23033  	// An authentication code emitted by the device.
 23034  	//
 23035  	// The format for this parameter is a string of six digits.
 23036  	//
 23037  	// Submit your request immediately after generating the authentication codes.
 23038  	// If you generate the codes and then wait too long to submit the request, the
 23039  	// MFA device successfully associates with the user but the MFA device becomes
 23040  	// out of sync. This happens because time-based one-time passwords (TOTP) expire
 23041  	// after a short period of time. If this happens, you can resync the device
 23042  	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_mfa_sync.html).
 23043  	//
 23044  	// AuthenticationCode1 is a required field
 23045  	AuthenticationCode1 *string `min:"6" type:"string" required:"true"`
 23046  
 23047  	// A subsequent authentication code emitted by the device.
 23048  	//
 23049  	// The format for this parameter is a string of six digits.
 23050  	//
 23051  	// Submit your request immediately after generating the authentication codes.
 23052  	// If you generate the codes and then wait too long to submit the request, the
 23053  	// MFA device successfully associates with the user but the MFA device becomes
 23054  	// out of sync. This happens because time-based one-time passwords (TOTP) expire
 23055  	// after a short period of time. If this happens, you can resync the device
 23056  	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_mfa_sync.html).
 23057  	//
 23058  	// AuthenticationCode2 is a required field
 23059  	AuthenticationCode2 *string `min:"6" type:"string" required:"true"`
 23060  
 23061  	// The serial number that uniquely identifies the MFA device. For virtual MFA
 23062  	// devices, the serial number is the device ARN.
 23063  	//
 23064  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 23065  	// a string of characters consisting of upper and lowercase alphanumeric characters
 23066  	// with no spaces. You can also include any of the following characters: =,.@:/-
 23067  	//
 23068  	// SerialNumber is a required field
 23069  	SerialNumber *string `min:"9" type:"string" required:"true"`
 23070  
 23071  	// The name of the IAM user for whom you want to enable the MFA device.
 23072  	//
 23073  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 23074  	// a string of characters consisting of upper and lowercase alphanumeric characters
 23075  	// with no spaces. You can also include any of the following characters: _+=,.@-
 23076  	//
 23077  	// UserName is a required field
 23078  	UserName *string `min:"1" type:"string" required:"true"`
 23079  }
 23080  
 23081  // String returns the string representation.
 23082  //
 23083  // API parameter values that are decorated as "sensitive" in the API will not
 23084  // be included in the string output. The member name will be present, but the
 23085  // value will be replaced with "sensitive".
 23086  func (s EnableMFADeviceInput) String() string {
 23087  	return awsutil.Prettify(s)
 23088  }
 23089  
 23090  // GoString returns the string representation.
 23091  //
 23092  // API parameter values that are decorated as "sensitive" in the API will not
 23093  // be included in the string output. The member name will be present, but the
 23094  // value will be replaced with "sensitive".
 23095  func (s EnableMFADeviceInput) GoString() string {
 23096  	return s.String()
 23097  }
 23098  
 23099  // Validate inspects the fields of the type to determine if they are valid.
 23100  func (s *EnableMFADeviceInput) Validate() error {
 23101  	invalidParams := request.ErrInvalidParams{Context: "EnableMFADeviceInput"}
 23102  	if s.AuthenticationCode1 == nil {
 23103  		invalidParams.Add(request.NewErrParamRequired("AuthenticationCode1"))
 23104  	}
 23105  	if s.AuthenticationCode1 != nil && len(*s.AuthenticationCode1) < 6 {
 23106  		invalidParams.Add(request.NewErrParamMinLen("AuthenticationCode1", 6))
 23107  	}
 23108  	if s.AuthenticationCode2 == nil {
 23109  		invalidParams.Add(request.NewErrParamRequired("AuthenticationCode2"))
 23110  	}
 23111  	if s.AuthenticationCode2 != nil && len(*s.AuthenticationCode2) < 6 {
 23112  		invalidParams.Add(request.NewErrParamMinLen("AuthenticationCode2", 6))
 23113  	}
 23114  	if s.SerialNumber == nil {
 23115  		invalidParams.Add(request.NewErrParamRequired("SerialNumber"))
 23116  	}
 23117  	if s.SerialNumber != nil && len(*s.SerialNumber) < 9 {
 23118  		invalidParams.Add(request.NewErrParamMinLen("SerialNumber", 9))
 23119  	}
 23120  	if s.UserName == nil {
 23121  		invalidParams.Add(request.NewErrParamRequired("UserName"))
 23122  	}
 23123  	if s.UserName != nil && len(*s.UserName) < 1 {
 23124  		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
 23125  	}
 23126  
 23127  	if invalidParams.Len() > 0 {
 23128  		return invalidParams
 23129  	}
 23130  	return nil
 23131  }
 23132  
 23133  // SetAuthenticationCode1 sets the AuthenticationCode1 field's value.
 23134  func (s *EnableMFADeviceInput) SetAuthenticationCode1(v string) *EnableMFADeviceInput {
 23135  	s.AuthenticationCode1 = &v
 23136  	return s
 23137  }
 23138  
 23139  // SetAuthenticationCode2 sets the AuthenticationCode2 field's value.
 23140  func (s *EnableMFADeviceInput) SetAuthenticationCode2(v string) *EnableMFADeviceInput {
 23141  	s.AuthenticationCode2 = &v
 23142  	return s
 23143  }
 23144  
 23145  // SetSerialNumber sets the SerialNumber field's value.
 23146  func (s *EnableMFADeviceInput) SetSerialNumber(v string) *EnableMFADeviceInput {
 23147  	s.SerialNumber = &v
 23148  	return s
 23149  }
 23150  
 23151  // SetUserName sets the UserName field's value.
 23152  func (s *EnableMFADeviceInput) SetUserName(v string) *EnableMFADeviceInput {
 23153  	s.UserName = &v
 23154  	return s
 23155  }
 23156  
 23157  type EnableMFADeviceOutput struct {
 23158  	_ struct{} `type:"structure"`
 23159  }
 23160  
 23161  // String returns the string representation.
 23162  //
 23163  // API parameter values that are decorated as "sensitive" in the API will not
 23164  // be included in the string output. The member name will be present, but the
 23165  // value will be replaced with "sensitive".
 23166  func (s EnableMFADeviceOutput) String() string {
 23167  	return awsutil.Prettify(s)
 23168  }
 23169  
 23170  // GoString returns the string representation.
 23171  //
 23172  // API parameter values that are decorated as "sensitive" in the API will not
 23173  // be included in the string output. The member name will be present, but the
 23174  // value will be replaced with "sensitive".
 23175  func (s EnableMFADeviceOutput) GoString() string {
 23176  	return s.String()
 23177  }
 23178  
 23179  // An object that contains details about when the IAM entities (users or roles)
 23180  // were last used in an attempt to access the specified Amazon Web Services
 23181  // service.
 23182  //
 23183  // This data type is a response element in the GetServiceLastAccessedDetailsWithEntities
 23184  // operation.
 23185  type EntityDetails struct {
 23186  	_ struct{} `type:"structure"`
 23187  
 23188  	// The EntityInfo object that contains details about the entity (user or role).
 23189  	//
 23190  	// EntityInfo is a required field
 23191  	EntityInfo *EntityInfo `type:"structure" required:"true"`
 23192  
 23193  	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
 23194  	// when the authenticated entity last attempted to access Amazon Web Services.
 23195  	// Amazon Web Services does not report unauthenticated requests.
 23196  	//
 23197  	// This field is null if no IAM entities attempted to access the service within
 23198  	// the reporting period (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#service-last-accessed-reporting-period).
 23199  	LastAuthenticated *time.Time `type:"timestamp"`
 23200  }
 23201  
 23202  // String returns the string representation.
 23203  //
 23204  // API parameter values that are decorated as "sensitive" in the API will not
 23205  // be included in the string output. The member name will be present, but the
 23206  // value will be replaced with "sensitive".
 23207  func (s EntityDetails) String() string {
 23208  	return awsutil.Prettify(s)
 23209  }
 23210  
 23211  // GoString returns the string representation.
 23212  //
 23213  // API parameter values that are decorated as "sensitive" in the API will not
 23214  // be included in the string output. The member name will be present, but the
 23215  // value will be replaced with "sensitive".
 23216  func (s EntityDetails) GoString() string {
 23217  	return s.String()
 23218  }
 23219  
 23220  // SetEntityInfo sets the EntityInfo field's value.
 23221  func (s *EntityDetails) SetEntityInfo(v *EntityInfo) *EntityDetails {
 23222  	s.EntityInfo = v
 23223  	return s
 23224  }
 23225  
 23226  // SetLastAuthenticated sets the LastAuthenticated field's value.
 23227  func (s *EntityDetails) SetLastAuthenticated(v time.Time) *EntityDetails {
 23228  	s.LastAuthenticated = &v
 23229  	return s
 23230  }
 23231  
 23232  // Contains details about the specified entity (user or role).
 23233  //
 23234  // This data type is an element of the EntityDetails object.
 23235  type EntityInfo struct {
 23236  	_ struct{} `type:"structure"`
 23237  
 23238  	// The Amazon Resource Name (ARN). ARNs are unique identifiers for Amazon Web
 23239  	// Services resources.
 23240  	//
 23241  	// For more information about ARNs, go to Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
 23242  	// in the Amazon Web Services General Reference.
 23243  	//
 23244  	// Arn is a required field
 23245  	Arn *string `min:"20" type:"string" required:"true"`
 23246  
 23247  	// The identifier of the entity (user or role).
 23248  	//
 23249  	// Id is a required field
 23250  	Id *string `min:"16" type:"string" required:"true"`
 23251  
 23252  	// The name of the entity (user or role).
 23253  	//
 23254  	// Name is a required field
 23255  	Name *string `min:"1" type:"string" required:"true"`
 23256  
 23257  	// The path to the entity (user or role). For more information about paths,
 23258  	// see IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
 23259  	// in the IAM User Guide.
 23260  	Path *string `min:"1" type:"string"`
 23261  
 23262  	// The type of entity (user or role).
 23263  	//
 23264  	// Type is a required field
 23265  	Type *string `type:"string" required:"true" enum:"PolicyOwnerEntityType"`
 23266  }
 23267  
 23268  // String returns the string representation.
 23269  //
 23270  // API parameter values that are decorated as "sensitive" in the API will not
 23271  // be included in the string output. The member name will be present, but the
 23272  // value will be replaced with "sensitive".
 23273  func (s EntityInfo) String() string {
 23274  	return awsutil.Prettify(s)
 23275  }
 23276  
 23277  // GoString returns the string representation.
 23278  //
 23279  // API parameter values that are decorated as "sensitive" in the API will not
 23280  // be included in the string output. The member name will be present, but the
 23281  // value will be replaced with "sensitive".
 23282  func (s EntityInfo) GoString() string {
 23283  	return s.String()
 23284  }
 23285  
 23286  // SetArn sets the Arn field's value.
 23287  func (s *EntityInfo) SetArn(v string) *EntityInfo {
 23288  	s.Arn = &v
 23289  	return s
 23290  }
 23291  
 23292  // SetId sets the Id field's value.
 23293  func (s *EntityInfo) SetId(v string) *EntityInfo {
 23294  	s.Id = &v
 23295  	return s
 23296  }
 23297  
 23298  // SetName sets the Name field's value.
 23299  func (s *EntityInfo) SetName(v string) *EntityInfo {
 23300  	s.Name = &v
 23301  	return s
 23302  }
 23303  
 23304  // SetPath sets the Path field's value.
 23305  func (s *EntityInfo) SetPath(v string) *EntityInfo {
 23306  	s.Path = &v
 23307  	return s
 23308  }
 23309  
 23310  // SetType sets the Type field's value.
 23311  func (s *EntityInfo) SetType(v string) *EntityInfo {
 23312  	s.Type = &v
 23313  	return s
 23314  }
 23315  
 23316  // Contains information about the reason that the operation failed.
 23317  //
 23318  // This data type is used as a response element in the GetOrganizationsAccessReport,
 23319  // GetServiceLastAccessedDetails, and GetServiceLastAccessedDetailsWithEntities
 23320  // operations.
 23321  type ErrorDetails struct {
 23322  	_ struct{} `type:"structure"`
 23323  
 23324  	// The error code associated with the operation failure.
 23325  	//
 23326  	// Code is a required field
 23327  	Code *string `type:"string" required:"true"`
 23328  
 23329  	// Detailed information about the reason that the operation failed.
 23330  	//
 23331  	// Message is a required field
 23332  	Message *string `type:"string" required:"true"`
 23333  }
 23334  
 23335  // String returns the string representation.
 23336  //
 23337  // API parameter values that are decorated as "sensitive" in the API will not
 23338  // be included in the string output. The member name will be present, but the
 23339  // value will be replaced with "sensitive".
 23340  func (s ErrorDetails) String() string {
 23341  	return awsutil.Prettify(s)
 23342  }
 23343  
 23344  // GoString returns the string representation.
 23345  //
 23346  // API parameter values that are decorated as "sensitive" in the API will not
 23347  // be included in the string output. The member name will be present, but the
 23348  // value will be replaced with "sensitive".
 23349  func (s ErrorDetails) GoString() string {
 23350  	return s.String()
 23351  }
 23352  
 23353  // SetCode sets the Code field's value.
 23354  func (s *ErrorDetails) SetCode(v string) *ErrorDetails {
 23355  	s.Code = &v
 23356  	return s
 23357  }
 23358  
 23359  // SetMessage sets the Message field's value.
 23360  func (s *ErrorDetails) SetMessage(v string) *ErrorDetails {
 23361  	s.Message = &v
 23362  	return s
 23363  }
 23364  
 23365  // Contains the results of a simulation.
 23366  //
 23367  // This data type is used by the return parameter of SimulateCustomPolicy and
 23368  // SimulatePrincipalPolicy .
 23369  type EvaluationResult struct {
 23370  	_ struct{} `type:"structure"`
 23371  
 23372  	// The name of the API operation tested on the indicated resource.
 23373  	//
 23374  	// EvalActionName is a required field
 23375  	EvalActionName *string `min:"3" type:"string" required:"true"`
 23376  
 23377  	// The result of the simulation.
 23378  	//
 23379  	// EvalDecision is a required field
 23380  	EvalDecision *string `type:"string" required:"true" enum:"PolicyEvaluationDecisionType"`
 23381  
 23382  	// Additional details about the results of the cross-account evaluation decision.
 23383  	// This parameter is populated for only cross-account simulations. It contains
 23384  	// a brief summary of how each policy type contributes to the final evaluation
 23385  	// decision.
 23386  	//
 23387  	// If the simulation evaluates policies within the same account and includes
 23388  	// a resource ARN, then the parameter is present but the response is empty.
 23389  	// If the simulation evaluates policies within the same account and specifies
 23390  	// all resources (*), then the parameter is not returned.
 23391  	//
 23392  	// When you make a cross-account request, Amazon Web Services evaluates the
 23393  	// request in the trusting account and the trusted account. The request is allowed
 23394  	// only if both evaluations return true. For more information about how policies
 23395  	// are evaluated, see Evaluating policies within a single account (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluation-logic.html#policy-eval-basics).
 23396  	//
 23397  	// If an Organizations SCP included in the evaluation denies access, the simulation
 23398  	// ends. In this case, policy evaluation does not proceed any further and this
 23399  	// parameter is not returned.
 23400  	EvalDecisionDetails map[string]*string `type:"map"`
 23401  
 23402  	// The ARN of the resource that the indicated API operation was tested on.
 23403  	EvalResourceName *string `min:"1" type:"string"`
 23404  
 23405  	// A list of the statements in the input policies that determine the result
 23406  	// for this scenario. Remember that even if multiple statements allow the operation
 23407  	// on the resource, if only one statement denies that operation, then the explicit
 23408  	// deny overrides any allow. In addition, the deny statement is the only entry
 23409  	// included in the result.
 23410  	MatchedStatements []*Statement `type:"list"`
 23411  
 23412  	// A list of context keys that are required by the included input policies but
 23413  	// that were not provided by one of the input parameters. This list is used
 23414  	// when the resource in a simulation is "*", either explicitly, or when the
 23415  	// ResourceArns parameter blank. If you include a list of resources, then any
 23416  	// missing context values are instead included under the ResourceSpecificResults
 23417  	// section. To discover the context keys used by a set of policies, you can
 23418  	// call GetContextKeysForCustomPolicy or GetContextKeysForPrincipalPolicy.
 23419  	MissingContextValues []*string `type:"list"`
 23420  
 23421  	// A structure that details how Organizations and its service control policies
 23422  	// affect the results of the simulation. Only applies if the simulated user's
 23423  	// account is part of an organization.
 23424  	OrganizationsDecisionDetail *OrganizationsDecisionDetail `type:"structure"`
 23425  
 23426  	// Contains information about the effect that a permissions boundary has on
 23427  	// a policy simulation when the boundary is applied to an IAM entity.
 23428  	PermissionsBoundaryDecisionDetail *PermissionsBoundaryDecisionDetail `type:"structure"`
 23429  
 23430  	// The individual results of the simulation of the API operation specified in
 23431  	// EvalActionName on each resource.
 23432  	ResourceSpecificResults []*ResourceSpecificResult `type:"list"`
 23433  }
 23434  
 23435  // String returns the string representation.
 23436  //
 23437  // API parameter values that are decorated as "sensitive" in the API will not
 23438  // be included in the string output. The member name will be present, but the
 23439  // value will be replaced with "sensitive".
 23440  func (s EvaluationResult) String() string {
 23441  	return awsutil.Prettify(s)
 23442  }
 23443  
 23444  // GoString returns the string representation.
 23445  //
 23446  // API parameter values that are decorated as "sensitive" in the API will not
 23447  // be included in the string output. The member name will be present, but the
 23448  // value will be replaced with "sensitive".
 23449  func (s EvaluationResult) GoString() string {
 23450  	return s.String()
 23451  }
 23452  
 23453  // SetEvalActionName sets the EvalActionName field's value.
 23454  func (s *EvaluationResult) SetEvalActionName(v string) *EvaluationResult {
 23455  	s.EvalActionName = &v
 23456  	return s
 23457  }
 23458  
 23459  // SetEvalDecision sets the EvalDecision field's value.
 23460  func (s *EvaluationResult) SetEvalDecision(v string) *EvaluationResult {
 23461  	s.EvalDecision = &v
 23462  	return s
 23463  }
 23464  
 23465  // SetEvalDecisionDetails sets the EvalDecisionDetails field's value.
 23466  func (s *EvaluationResult) SetEvalDecisionDetails(v map[string]*string) *EvaluationResult {
 23467  	s.EvalDecisionDetails = v
 23468  	return s
 23469  }
 23470  
 23471  // SetEvalResourceName sets the EvalResourceName field's value.
 23472  func (s *EvaluationResult) SetEvalResourceName(v string) *EvaluationResult {
 23473  	s.EvalResourceName = &v
 23474  	return s
 23475  }
 23476  
 23477  // SetMatchedStatements sets the MatchedStatements field's value.
 23478  func (s *EvaluationResult) SetMatchedStatements(v []*Statement) *EvaluationResult {
 23479  	s.MatchedStatements = v
 23480  	return s
 23481  }
 23482  
 23483  // SetMissingContextValues sets the MissingContextValues field's value.
 23484  func (s *EvaluationResult) SetMissingContextValues(v []*string) *EvaluationResult {
 23485  	s.MissingContextValues = v
 23486  	return s
 23487  }
 23488  
 23489  // SetOrganizationsDecisionDetail sets the OrganizationsDecisionDetail field's value.
 23490  func (s *EvaluationResult) SetOrganizationsDecisionDetail(v *OrganizationsDecisionDetail) *EvaluationResult {
 23491  	s.OrganizationsDecisionDetail = v
 23492  	return s
 23493  }
 23494  
 23495  // SetPermissionsBoundaryDecisionDetail sets the PermissionsBoundaryDecisionDetail field's value.
 23496  func (s *EvaluationResult) SetPermissionsBoundaryDecisionDetail(v *PermissionsBoundaryDecisionDetail) *EvaluationResult {
 23497  	s.PermissionsBoundaryDecisionDetail = v
 23498  	return s
 23499  }
 23500  
 23501  // SetResourceSpecificResults sets the ResourceSpecificResults field's value.
 23502  func (s *EvaluationResult) SetResourceSpecificResults(v []*ResourceSpecificResult) *EvaluationResult {
 23503  	s.ResourceSpecificResults = v
 23504  	return s
 23505  }
 23506  
 23507  type GenerateCredentialReportInput struct {
 23508  	_ struct{} `type:"structure"`
 23509  }
 23510  
 23511  // String returns the string representation.
 23512  //
 23513  // API parameter values that are decorated as "sensitive" in the API will not
 23514  // be included in the string output. The member name will be present, but the
 23515  // value will be replaced with "sensitive".
 23516  func (s GenerateCredentialReportInput) String() string {
 23517  	return awsutil.Prettify(s)
 23518  }
 23519  
 23520  // GoString returns the string representation.
 23521  //
 23522  // API parameter values that are decorated as "sensitive" in the API will not
 23523  // be included in the string output. The member name will be present, but the
 23524  // value will be replaced with "sensitive".
 23525  func (s GenerateCredentialReportInput) GoString() string {
 23526  	return s.String()
 23527  }
 23528  
 23529  // Contains the response to a successful GenerateCredentialReport request.
 23530  type GenerateCredentialReportOutput struct {
 23531  	_ struct{} `type:"structure"`
 23532  
 23533  	// Information about the credential report.
 23534  	Description *string `type:"string"`
 23535  
 23536  	// Information about the state of the credential report.
 23537  	State *string `type:"string" enum:"ReportStateType"`
 23538  }
 23539  
 23540  // String returns the string representation.
 23541  //
 23542  // API parameter values that are decorated as "sensitive" in the API will not
 23543  // be included in the string output. The member name will be present, but the
 23544  // value will be replaced with "sensitive".
 23545  func (s GenerateCredentialReportOutput) String() string {
 23546  	return awsutil.Prettify(s)
 23547  }
 23548  
 23549  // GoString returns the string representation.
 23550  //
 23551  // API parameter values that are decorated as "sensitive" in the API will not
 23552  // be included in the string output. The member name will be present, but the
 23553  // value will be replaced with "sensitive".
 23554  func (s GenerateCredentialReportOutput) GoString() string {
 23555  	return s.String()
 23556  }
 23557  
 23558  // SetDescription sets the Description field's value.
 23559  func (s *GenerateCredentialReportOutput) SetDescription(v string) *GenerateCredentialReportOutput {
 23560  	s.Description = &v
 23561  	return s
 23562  }
 23563  
 23564  // SetState sets the State field's value.
 23565  func (s *GenerateCredentialReportOutput) SetState(v string) *GenerateCredentialReportOutput {
 23566  	s.State = &v
 23567  	return s
 23568  }
 23569  
 23570  type GenerateOrganizationsAccessReportInput struct {
 23571  	_ struct{} `type:"structure"`
 23572  
 23573  	// The path of the Organizations entity (root, OU, or account). You can build
 23574  	// an entity path using the known structure of your organization. For example,
 23575  	// assume that your account ID is 123456789012 and its parent OU ID is ou-rge0-awsabcde.
 23576  	// The organization root ID is r-f6g7h8i9j0example and your organization ID
 23577  	// is o-a1b2c3d4e5. Your entity path is o-a1b2c3d4e5/r-f6g7h8i9j0example/ou-rge0-awsabcde/123456789012.
 23578  	//
 23579  	// EntityPath is a required field
 23580  	EntityPath *string `min:"19" type:"string" required:"true"`
 23581  
 23582  	// The identifier of the Organizations service control policy (SCP). This parameter
 23583  	// is optional.
 23584  	//
 23585  	// This ID is used to generate information about when an account principal that
 23586  	// is limited by the SCP attempted to access an Amazon Web Services service.
 23587  	OrganizationsPolicyId *string `type:"string"`
 23588  }
 23589  
 23590  // String returns the string representation.
 23591  //
 23592  // API parameter values that are decorated as "sensitive" in the API will not
 23593  // be included in the string output. The member name will be present, but the
 23594  // value will be replaced with "sensitive".
 23595  func (s GenerateOrganizationsAccessReportInput) String() string {
 23596  	return awsutil.Prettify(s)
 23597  }
 23598  
 23599  // GoString returns the string representation.
 23600  //
 23601  // API parameter values that are decorated as "sensitive" in the API will not
 23602  // be included in the string output. The member name will be present, but the
 23603  // value will be replaced with "sensitive".
 23604  func (s GenerateOrganizationsAccessReportInput) GoString() string {
 23605  	return s.String()
 23606  }
 23607  
 23608  // Validate inspects the fields of the type to determine if they are valid.
 23609  func (s *GenerateOrganizationsAccessReportInput) Validate() error {
 23610  	invalidParams := request.ErrInvalidParams{Context: "GenerateOrganizationsAccessReportInput"}
 23611  	if s.EntityPath == nil {
 23612  		invalidParams.Add(request.NewErrParamRequired("EntityPath"))
 23613  	}
 23614  	if s.EntityPath != nil && len(*s.EntityPath) < 19 {
 23615  		invalidParams.Add(request.NewErrParamMinLen("EntityPath", 19))
 23616  	}
 23617  
 23618  	if invalidParams.Len() > 0 {
 23619  		return invalidParams
 23620  	}
 23621  	return nil
 23622  }
 23623  
 23624  // SetEntityPath sets the EntityPath field's value.
 23625  func (s *GenerateOrganizationsAccessReportInput) SetEntityPath(v string) *GenerateOrganizationsAccessReportInput {
 23626  	s.EntityPath = &v
 23627  	return s
 23628  }
 23629  
 23630  // SetOrganizationsPolicyId sets the OrganizationsPolicyId field's value.
 23631  func (s *GenerateOrganizationsAccessReportInput) SetOrganizationsPolicyId(v string) *GenerateOrganizationsAccessReportInput {
 23632  	s.OrganizationsPolicyId = &v
 23633  	return s
 23634  }
 23635  
 23636  type GenerateOrganizationsAccessReportOutput struct {
 23637  	_ struct{} `type:"structure"`
 23638  
 23639  	// The job identifier that you can use in the GetOrganizationsAccessReport operation.
 23640  	JobId *string `min:"36" type:"string"`
 23641  }
 23642  
 23643  // String returns the string representation.
 23644  //
 23645  // API parameter values that are decorated as "sensitive" in the API will not
 23646  // be included in the string output. The member name will be present, but the
 23647  // value will be replaced with "sensitive".
 23648  func (s GenerateOrganizationsAccessReportOutput) String() string {
 23649  	return awsutil.Prettify(s)
 23650  }
 23651  
 23652  // GoString returns the string representation.
 23653  //
 23654  // API parameter values that are decorated as "sensitive" in the API will not
 23655  // be included in the string output. The member name will be present, but the
 23656  // value will be replaced with "sensitive".
 23657  func (s GenerateOrganizationsAccessReportOutput) GoString() string {
 23658  	return s.String()
 23659  }
 23660  
 23661  // SetJobId sets the JobId field's value.
 23662  func (s *GenerateOrganizationsAccessReportOutput) SetJobId(v string) *GenerateOrganizationsAccessReportOutput {
 23663  	s.JobId = &v
 23664  	return s
 23665  }
 23666  
 23667  type GenerateServiceLastAccessedDetailsInput struct {
 23668  	_ struct{} `type:"structure"`
 23669  
 23670  	// The ARN of the IAM resource (user, group, role, or managed policy) used to
 23671  	// generate information about when the resource was last used in an attempt
 23672  	// to access an Amazon Web Services service.
 23673  	//
 23674  	// Arn is a required field
 23675  	Arn *string `min:"20" type:"string" required:"true"`
 23676  
 23677  	// The level of detail that you want to generate. You can specify whether you
 23678  	// want to generate information about the last attempt to access services or
 23679  	// actions. If you specify service-level granularity, this operation generates
 23680  	// only service data. If you specify action-level granularity, it generates
 23681  	// service and action data. If you don't include this optional parameter, the
 23682  	// operation generates service data.
 23683  	Granularity *string `type:"string" enum:"AccessAdvisorUsageGranularityType"`
 23684  }
 23685  
 23686  // String returns the string representation.
 23687  //
 23688  // API parameter values that are decorated as "sensitive" in the API will not
 23689  // be included in the string output. The member name will be present, but the
 23690  // value will be replaced with "sensitive".
 23691  func (s GenerateServiceLastAccessedDetailsInput) String() string {
 23692  	return awsutil.Prettify(s)
 23693  }
 23694  
 23695  // GoString returns the string representation.
 23696  //
 23697  // API parameter values that are decorated as "sensitive" in the API will not
 23698  // be included in the string output. The member name will be present, but the
 23699  // value will be replaced with "sensitive".
 23700  func (s GenerateServiceLastAccessedDetailsInput) GoString() string {
 23701  	return s.String()
 23702  }
 23703  
 23704  // Validate inspects the fields of the type to determine if they are valid.
 23705  func (s *GenerateServiceLastAccessedDetailsInput) Validate() error {
 23706  	invalidParams := request.ErrInvalidParams{Context: "GenerateServiceLastAccessedDetailsInput"}
 23707  	if s.Arn == nil {
 23708  		invalidParams.Add(request.NewErrParamRequired("Arn"))
 23709  	}
 23710  	if s.Arn != nil && len(*s.Arn) < 20 {
 23711  		invalidParams.Add(request.NewErrParamMinLen("Arn", 20))
 23712  	}
 23713  
 23714  	if invalidParams.Len() > 0 {
 23715  		return invalidParams
 23716  	}
 23717  	return nil
 23718  }
 23719  
 23720  // SetArn sets the Arn field's value.
 23721  func (s *GenerateServiceLastAccessedDetailsInput) SetArn(v string) *GenerateServiceLastAccessedDetailsInput {
 23722  	s.Arn = &v
 23723  	return s
 23724  }
 23725  
 23726  // SetGranularity sets the Granularity field's value.
 23727  func (s *GenerateServiceLastAccessedDetailsInput) SetGranularity(v string) *GenerateServiceLastAccessedDetailsInput {
 23728  	s.Granularity = &v
 23729  	return s
 23730  }
 23731  
 23732  type GenerateServiceLastAccessedDetailsOutput struct {
 23733  	_ struct{} `type:"structure"`
 23734  
 23735  	// The JobId that you can use in the GetServiceLastAccessedDetails or GetServiceLastAccessedDetailsWithEntities
 23736  	// operations. The JobId returned by GenerateServiceLastAccessedDetail must
 23737  	// be used by the same role within a session, or by the same user when used
 23738  	// to call GetServiceLastAccessedDetail.
 23739  	JobId *string `min:"36" type:"string"`
 23740  }
 23741  
 23742  // String returns the string representation.
 23743  //
 23744  // API parameter values that are decorated as "sensitive" in the API will not
 23745  // be included in the string output. The member name will be present, but the
 23746  // value will be replaced with "sensitive".
 23747  func (s GenerateServiceLastAccessedDetailsOutput) String() string {
 23748  	return awsutil.Prettify(s)
 23749  }
 23750  
 23751  // GoString returns the string representation.
 23752  //
 23753  // API parameter values that are decorated as "sensitive" in the API will not
 23754  // be included in the string output. The member name will be present, but the
 23755  // value will be replaced with "sensitive".
 23756  func (s GenerateServiceLastAccessedDetailsOutput) GoString() string {
 23757  	return s.String()
 23758  }
 23759  
 23760  // SetJobId sets the JobId field's value.
 23761  func (s *GenerateServiceLastAccessedDetailsOutput) SetJobId(v string) *GenerateServiceLastAccessedDetailsOutput {
 23762  	s.JobId = &v
 23763  	return s
 23764  }
 23765  
 23766  type GetAccessKeyLastUsedInput struct {
 23767  	_ struct{} `type:"structure"`
 23768  
 23769  	// The identifier of an access key.
 23770  	//
 23771  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 23772  	// a string of characters that can consist of any upper or lowercased letter
 23773  	// or digit.
 23774  	//
 23775  	// AccessKeyId is a required field
 23776  	AccessKeyId *string `min:"16" type:"string" required:"true"`
 23777  }
 23778  
 23779  // String returns the string representation.
 23780  //
 23781  // API parameter values that are decorated as "sensitive" in the API will not
 23782  // be included in the string output. The member name will be present, but the
 23783  // value will be replaced with "sensitive".
 23784  func (s GetAccessKeyLastUsedInput) String() string {
 23785  	return awsutil.Prettify(s)
 23786  }
 23787  
 23788  // GoString returns the string representation.
 23789  //
 23790  // API parameter values that are decorated as "sensitive" in the API will not
 23791  // be included in the string output. The member name will be present, but the
 23792  // value will be replaced with "sensitive".
 23793  func (s GetAccessKeyLastUsedInput) GoString() string {
 23794  	return s.String()
 23795  }
 23796  
 23797  // Validate inspects the fields of the type to determine if they are valid.
 23798  func (s *GetAccessKeyLastUsedInput) Validate() error {
 23799  	invalidParams := request.ErrInvalidParams{Context: "GetAccessKeyLastUsedInput"}
 23800  	if s.AccessKeyId == nil {
 23801  		invalidParams.Add(request.NewErrParamRequired("AccessKeyId"))
 23802  	}
 23803  	if s.AccessKeyId != nil && len(*s.AccessKeyId) < 16 {
 23804  		invalidParams.Add(request.NewErrParamMinLen("AccessKeyId", 16))
 23805  	}
 23806  
 23807  	if invalidParams.Len() > 0 {
 23808  		return invalidParams
 23809  	}
 23810  	return nil
 23811  }
 23812  
 23813  // SetAccessKeyId sets the AccessKeyId field's value.
 23814  func (s *GetAccessKeyLastUsedInput) SetAccessKeyId(v string) *GetAccessKeyLastUsedInput {
 23815  	s.AccessKeyId = &v
 23816  	return s
 23817  }
 23818  
 23819  // Contains the response to a successful GetAccessKeyLastUsed request. It is
 23820  // also returned as a member of the AccessKeyMetaData structure returned by
 23821  // the ListAccessKeys action.
 23822  type GetAccessKeyLastUsedOutput struct {
 23823  	_ struct{} `type:"structure"`
 23824  
 23825  	// Contains information about the last time the access key was used.
 23826  	AccessKeyLastUsed *AccessKeyLastUsed `type:"structure"`
 23827  
 23828  	// The name of the IAM user that owns this access key.
 23829  	UserName *string `min:"1" type:"string"`
 23830  }
 23831  
 23832  // String returns the string representation.
 23833  //
 23834  // API parameter values that are decorated as "sensitive" in the API will not
 23835  // be included in the string output. The member name will be present, but the
 23836  // value will be replaced with "sensitive".
 23837  func (s GetAccessKeyLastUsedOutput) String() string {
 23838  	return awsutil.Prettify(s)
 23839  }
 23840  
 23841  // GoString returns the string representation.
 23842  //
 23843  // API parameter values that are decorated as "sensitive" in the API will not
 23844  // be included in the string output. The member name will be present, but the
 23845  // value will be replaced with "sensitive".
 23846  func (s GetAccessKeyLastUsedOutput) GoString() string {
 23847  	return s.String()
 23848  }
 23849  
 23850  // SetAccessKeyLastUsed sets the AccessKeyLastUsed field's value.
 23851  func (s *GetAccessKeyLastUsedOutput) SetAccessKeyLastUsed(v *AccessKeyLastUsed) *GetAccessKeyLastUsedOutput {
 23852  	s.AccessKeyLastUsed = v
 23853  	return s
 23854  }
 23855  
 23856  // SetUserName sets the UserName field's value.
 23857  func (s *GetAccessKeyLastUsedOutput) SetUserName(v string) *GetAccessKeyLastUsedOutput {
 23858  	s.UserName = &v
 23859  	return s
 23860  }
 23861  
 23862  type GetAccountAuthorizationDetailsInput struct {
 23863  	_ struct{} `type:"structure"`
 23864  
 23865  	// A list of entity types used to filter the results. Only the entities that
 23866  	// match the types you specify are included in the output. Use the value LocalManagedPolicy
 23867  	// to include customer managed policies.
 23868  	//
 23869  	// The format for this parameter is a comma-separated (if more than one) list
 23870  	// of strings. Each string value in the list must be one of the valid values
 23871  	// listed below.
 23872  	Filter []*string `type:"list"`
 23873  
 23874  	// Use this parameter only when paginating results and only after you receive
 23875  	// a response indicating that the results are truncated. Set it to the value
 23876  	// of the Marker element in the response that you received to indicate where
 23877  	// the next call should start.
 23878  	Marker *string `min:"1" type:"string"`
 23879  
 23880  	// Use this only when paginating results to indicate the maximum number of items
 23881  	// you want in the response. If additional items exist beyond the maximum you
 23882  	// specify, the IsTruncated response element is true.
 23883  	//
 23884  	// If you do not include this parameter, the number of items defaults to 100.
 23885  	// Note that IAM might return fewer results, even when there are more results
 23886  	// available. In that case, the IsTruncated response element returns true, and
 23887  	// Marker contains a value to include in the subsequent call that tells the
 23888  	// service where to continue from.
 23889  	MaxItems *int64 `min:"1" type:"integer"`
 23890  }
 23891  
 23892  // String returns the string representation.
 23893  //
 23894  // API parameter values that are decorated as "sensitive" in the API will not
 23895  // be included in the string output. The member name will be present, but the
 23896  // value will be replaced with "sensitive".
 23897  func (s GetAccountAuthorizationDetailsInput) String() string {
 23898  	return awsutil.Prettify(s)
 23899  }
 23900  
 23901  // GoString returns the string representation.
 23902  //
 23903  // API parameter values that are decorated as "sensitive" in the API will not
 23904  // be included in the string output. The member name will be present, but the
 23905  // value will be replaced with "sensitive".
 23906  func (s GetAccountAuthorizationDetailsInput) GoString() string {
 23907  	return s.String()
 23908  }
 23909  
 23910  // Validate inspects the fields of the type to determine if they are valid.
 23911  func (s *GetAccountAuthorizationDetailsInput) Validate() error {
 23912  	invalidParams := request.ErrInvalidParams{Context: "GetAccountAuthorizationDetailsInput"}
 23913  	if s.Marker != nil && len(*s.Marker) < 1 {
 23914  		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
 23915  	}
 23916  	if s.MaxItems != nil && *s.MaxItems < 1 {
 23917  		invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1))
 23918  	}
 23919  
 23920  	if invalidParams.Len() > 0 {
 23921  		return invalidParams
 23922  	}
 23923  	return nil
 23924  }
 23925  
 23926  // SetFilter sets the Filter field's value.
 23927  func (s *GetAccountAuthorizationDetailsInput) SetFilter(v []*string) *GetAccountAuthorizationDetailsInput {
 23928  	s.Filter = v
 23929  	return s
 23930  }
 23931  
 23932  // SetMarker sets the Marker field's value.
 23933  func (s *GetAccountAuthorizationDetailsInput) SetMarker(v string) *GetAccountAuthorizationDetailsInput {
 23934  	s.Marker = &v
 23935  	return s
 23936  }
 23937  
 23938  // SetMaxItems sets the MaxItems field's value.
 23939  func (s *GetAccountAuthorizationDetailsInput) SetMaxItems(v int64) *GetAccountAuthorizationDetailsInput {
 23940  	s.MaxItems = &v
 23941  	return s
 23942  }
 23943  
 23944  // Contains the response to a successful GetAccountAuthorizationDetails request.
 23945  type GetAccountAuthorizationDetailsOutput struct {
 23946  	_ struct{} `type:"structure"`
 23947  
 23948  	// A list containing information about IAM groups.
 23949  	GroupDetailList []*GroupDetail `type:"list"`
 23950  
 23951  	// A flag that indicates whether there are more items to return. If your results
 23952  	// were truncated, you can make a subsequent pagination request using the Marker
 23953  	// request parameter to retrieve more items. Note that IAM might return fewer
 23954  	// than the MaxItems number of results even when there are more results available.
 23955  	// We recommend that you check IsTruncated after every call to ensure that you
 23956  	// receive all your results.
 23957  	IsTruncated *bool `type:"boolean"`
 23958  
 23959  	// When IsTruncated is true, this element is present and contains the value
 23960  	// to use for the Marker parameter in a subsequent pagination request.
 23961  	Marker *string `type:"string"`
 23962  
 23963  	// A list containing information about managed policies.
 23964  	Policies []*ManagedPolicyDetail `type:"list"`
 23965  
 23966  	// A list containing information about IAM roles.
 23967  	RoleDetailList []*RoleDetail `type:"list"`
 23968  
 23969  	// A list containing information about IAM users.
 23970  	UserDetailList []*UserDetail `type:"list"`
 23971  }
 23972  
 23973  // String returns the string representation.
 23974  //
 23975  // API parameter values that are decorated as "sensitive" in the API will not
 23976  // be included in the string output. The member name will be present, but the
 23977  // value will be replaced with "sensitive".
 23978  func (s GetAccountAuthorizationDetailsOutput) String() string {
 23979  	return awsutil.Prettify(s)
 23980  }
 23981  
 23982  // GoString returns the string representation.
 23983  //
 23984  // API parameter values that are decorated as "sensitive" in the API will not
 23985  // be included in the string output. The member name will be present, but the
 23986  // value will be replaced with "sensitive".
 23987  func (s GetAccountAuthorizationDetailsOutput) GoString() string {
 23988  	return s.String()
 23989  }
 23990  
 23991  // SetGroupDetailList sets the GroupDetailList field's value.
 23992  func (s *GetAccountAuthorizationDetailsOutput) SetGroupDetailList(v []*GroupDetail) *GetAccountAuthorizationDetailsOutput {
 23993  	s.GroupDetailList = v
 23994  	return s
 23995  }
 23996  
 23997  // SetIsTruncated sets the IsTruncated field's value.
 23998  func (s *GetAccountAuthorizationDetailsOutput) SetIsTruncated(v bool) *GetAccountAuthorizationDetailsOutput {
 23999  	s.IsTruncated = &v
 24000  	return s
 24001  }
 24002  
 24003  // SetMarker sets the Marker field's value.
 24004  func (s *GetAccountAuthorizationDetailsOutput) SetMarker(v string) *GetAccountAuthorizationDetailsOutput {
 24005  	s.Marker = &v
 24006  	return s
 24007  }
 24008  
 24009  // SetPolicies sets the Policies field's value.
 24010  func (s *GetAccountAuthorizationDetailsOutput) SetPolicies(v []*ManagedPolicyDetail) *GetAccountAuthorizationDetailsOutput {
 24011  	s.Policies = v
 24012  	return s
 24013  }
 24014  
 24015  // SetRoleDetailList sets the RoleDetailList field's value.
 24016  func (s *GetAccountAuthorizationDetailsOutput) SetRoleDetailList(v []*RoleDetail) *GetAccountAuthorizationDetailsOutput {
 24017  	s.RoleDetailList = v
 24018  	return s
 24019  }
 24020  
 24021  // SetUserDetailList sets the UserDetailList field's value.
 24022  func (s *GetAccountAuthorizationDetailsOutput) SetUserDetailList(v []*UserDetail) *GetAccountAuthorizationDetailsOutput {
 24023  	s.UserDetailList = v
 24024  	return s
 24025  }
 24026  
 24027  type GetAccountPasswordPolicyInput struct {
 24028  	_ struct{} `type:"structure"`
 24029  }
 24030  
 24031  // String returns the string representation.
 24032  //
 24033  // API parameter values that are decorated as "sensitive" in the API will not
 24034  // be included in the string output. The member name will be present, but the
 24035  // value will be replaced with "sensitive".
 24036  func (s GetAccountPasswordPolicyInput) String() string {
 24037  	return awsutil.Prettify(s)
 24038  }
 24039  
 24040  // GoString returns the string representation.
 24041  //
 24042  // API parameter values that are decorated as "sensitive" in the API will not
 24043  // be included in the string output. The member name will be present, but the
 24044  // value will be replaced with "sensitive".
 24045  func (s GetAccountPasswordPolicyInput) GoString() string {
 24046  	return s.String()
 24047  }
 24048  
 24049  // Contains the response to a successful GetAccountPasswordPolicy request.
 24050  type GetAccountPasswordPolicyOutput struct {
 24051  	_ struct{} `type:"structure"`
 24052  
 24053  	// A structure that contains details about the account's password policy.
 24054  	//
 24055  	// PasswordPolicy is a required field
 24056  	PasswordPolicy *PasswordPolicy `type:"structure" required:"true"`
 24057  }
 24058  
 24059  // String returns the string representation.
 24060  //
 24061  // API parameter values that are decorated as "sensitive" in the API will not
 24062  // be included in the string output. The member name will be present, but the
 24063  // value will be replaced with "sensitive".
 24064  func (s GetAccountPasswordPolicyOutput) String() string {
 24065  	return awsutil.Prettify(s)
 24066  }
 24067  
 24068  // GoString returns the string representation.
 24069  //
 24070  // API parameter values that are decorated as "sensitive" in the API will not
 24071  // be included in the string output. The member name will be present, but the
 24072  // value will be replaced with "sensitive".
 24073  func (s GetAccountPasswordPolicyOutput) GoString() string {
 24074  	return s.String()
 24075  }
 24076  
 24077  // SetPasswordPolicy sets the PasswordPolicy field's value.
 24078  func (s *GetAccountPasswordPolicyOutput) SetPasswordPolicy(v *PasswordPolicy) *GetAccountPasswordPolicyOutput {
 24079  	s.PasswordPolicy = v
 24080  	return s
 24081  }
 24082  
 24083  type GetAccountSummaryInput struct {
 24084  	_ struct{} `type:"structure"`
 24085  }
 24086  
 24087  // String returns the string representation.
 24088  //
 24089  // API parameter values that are decorated as "sensitive" in the API will not
 24090  // be included in the string output. The member name will be present, but the
 24091  // value will be replaced with "sensitive".
 24092  func (s GetAccountSummaryInput) String() string {
 24093  	return awsutil.Prettify(s)
 24094  }
 24095  
 24096  // GoString returns the string representation.
 24097  //
 24098  // API parameter values that are decorated as "sensitive" in the API will not
 24099  // be included in the string output. The member name will be present, but the
 24100  // value will be replaced with "sensitive".
 24101  func (s GetAccountSummaryInput) GoString() string {
 24102  	return s.String()
 24103  }
 24104  
 24105  // Contains the response to a successful GetAccountSummary request.
 24106  type GetAccountSummaryOutput struct {
 24107  	_ struct{} `type:"structure"`
 24108  
 24109  	// A set of key–value pairs containing information about IAM entity usage
 24110  	// and IAM quotas.
 24111  	SummaryMap map[string]*int64 `type:"map"`
 24112  }
 24113  
 24114  // String returns the string representation.
 24115  //
 24116  // API parameter values that are decorated as "sensitive" in the API will not
 24117  // be included in the string output. The member name will be present, but the
 24118  // value will be replaced with "sensitive".
 24119  func (s GetAccountSummaryOutput) String() string {
 24120  	return awsutil.Prettify(s)
 24121  }
 24122  
 24123  // GoString returns the string representation.
 24124  //
 24125  // API parameter values that are decorated as "sensitive" in the API will not
 24126  // be included in the string output. The member name will be present, but the
 24127  // value will be replaced with "sensitive".
 24128  func (s GetAccountSummaryOutput) GoString() string {
 24129  	return s.String()
 24130  }
 24131  
 24132  // SetSummaryMap sets the SummaryMap field's value.
 24133  func (s *GetAccountSummaryOutput) SetSummaryMap(v map[string]*int64) *GetAccountSummaryOutput {
 24134  	s.SummaryMap = v
 24135  	return s
 24136  }
 24137  
 24138  type GetContextKeysForCustomPolicyInput struct {
 24139  	_ struct{} `type:"structure"`
 24140  
 24141  	// A list of policies for which you want the list of context keys referenced
 24142  	// in those policies. Each document is specified as a string containing the
 24143  	// complete, valid JSON text of an IAM policy.
 24144  	//
 24145  	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
 24146  	// parameter is a string of characters consisting of the following:
 24147  	//
 24148  	//    * Any printable ASCII character ranging from the space character (\u0020)
 24149  	//    through the end of the ASCII character range
 24150  	//
 24151  	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
 24152  	//    set (through \u00FF)
 24153  	//
 24154  	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
 24155  	//    return (\u000D)
 24156  	//
 24157  	// PolicyInputList is a required field
 24158  	PolicyInputList []*string `type:"list" required:"true"`
 24159  }
 24160  
 24161  // String returns the string representation.
 24162  //
 24163  // API parameter values that are decorated as "sensitive" in the API will not
 24164  // be included in the string output. The member name will be present, but the
 24165  // value will be replaced with "sensitive".
 24166  func (s GetContextKeysForCustomPolicyInput) String() string {
 24167  	return awsutil.Prettify(s)
 24168  }
 24169  
 24170  // GoString returns the string representation.
 24171  //
 24172  // API parameter values that are decorated as "sensitive" in the API will not
 24173  // be included in the string output. The member name will be present, but the
 24174  // value will be replaced with "sensitive".
 24175  func (s GetContextKeysForCustomPolicyInput) GoString() string {
 24176  	return s.String()
 24177  }
 24178  
 24179  // Validate inspects the fields of the type to determine if they are valid.
 24180  func (s *GetContextKeysForCustomPolicyInput) Validate() error {
 24181  	invalidParams := request.ErrInvalidParams{Context: "GetContextKeysForCustomPolicyInput"}
 24182  	if s.PolicyInputList == nil {
 24183  		invalidParams.Add(request.NewErrParamRequired("PolicyInputList"))
 24184  	}
 24185  
 24186  	if invalidParams.Len() > 0 {
 24187  		return invalidParams
 24188  	}
 24189  	return nil
 24190  }
 24191  
 24192  // SetPolicyInputList sets the PolicyInputList field's value.
 24193  func (s *GetContextKeysForCustomPolicyInput) SetPolicyInputList(v []*string) *GetContextKeysForCustomPolicyInput {
 24194  	s.PolicyInputList = v
 24195  	return s
 24196  }
 24197  
 24198  // Contains the response to a successful GetContextKeysForPrincipalPolicy or
 24199  // GetContextKeysForCustomPolicy request.
 24200  type GetContextKeysForPolicyResponse struct {
 24201  	_ struct{} `type:"structure"`
 24202  
 24203  	// The list of context keys that are referenced in the input policies.
 24204  	ContextKeyNames []*string `type:"list"`
 24205  }
 24206  
 24207  // String returns the string representation.
 24208  //
 24209  // API parameter values that are decorated as "sensitive" in the API will not
 24210  // be included in the string output. The member name will be present, but the
 24211  // value will be replaced with "sensitive".
 24212  func (s GetContextKeysForPolicyResponse) String() string {
 24213  	return awsutil.Prettify(s)
 24214  }
 24215  
 24216  // GoString returns the string representation.
 24217  //
 24218  // API parameter values that are decorated as "sensitive" in the API will not
 24219  // be included in the string output. The member name will be present, but the
 24220  // value will be replaced with "sensitive".
 24221  func (s GetContextKeysForPolicyResponse) GoString() string {
 24222  	return s.String()
 24223  }
 24224  
 24225  // SetContextKeyNames sets the ContextKeyNames field's value.
 24226  func (s *GetContextKeysForPolicyResponse) SetContextKeyNames(v []*string) *GetContextKeysForPolicyResponse {
 24227  	s.ContextKeyNames = v
 24228  	return s
 24229  }
 24230  
 24231  type GetContextKeysForPrincipalPolicyInput struct {
 24232  	_ struct{} `type:"structure"`
 24233  
 24234  	// An optional list of additional policies for which you want the list of context
 24235  	// keys that are referenced.
 24236  	//
 24237  	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
 24238  	// parameter is a string of characters consisting of the following:
 24239  	//
 24240  	//    * Any printable ASCII character ranging from the space character (\u0020)
 24241  	//    through the end of the ASCII character range
 24242  	//
 24243  	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
 24244  	//    set (through \u00FF)
 24245  	//
 24246  	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
 24247  	//    return (\u000D)
 24248  	PolicyInputList []*string `type:"list"`
 24249  
 24250  	// The ARN of a user, group, or role whose policies contain the context keys
 24251  	// that you want listed. If you specify a user, the list includes context keys
 24252  	// that are found in all policies that are attached to the user. The list also
 24253  	// includes all groups that the user is a member of. If you pick a group or
 24254  	// a role, then it includes only those context keys that are found in policies
 24255  	// attached to that entity. Note that all parameters are shown in unencoded
 24256  	// form here for clarity, but must be URL encoded to be included as a part of
 24257  	// a real HTML request.
 24258  	//
 24259  	// For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
 24260  	// in the Amazon Web Services General Reference.
 24261  	//
 24262  	// PolicySourceArn is a required field
 24263  	PolicySourceArn *string `min:"20" type:"string" required:"true"`
 24264  }
 24265  
 24266  // String returns the string representation.
 24267  //
 24268  // API parameter values that are decorated as "sensitive" in the API will not
 24269  // be included in the string output. The member name will be present, but the
 24270  // value will be replaced with "sensitive".
 24271  func (s GetContextKeysForPrincipalPolicyInput) String() string {
 24272  	return awsutil.Prettify(s)
 24273  }
 24274  
 24275  // GoString returns the string representation.
 24276  //
 24277  // API parameter values that are decorated as "sensitive" in the API will not
 24278  // be included in the string output. The member name will be present, but the
 24279  // value will be replaced with "sensitive".
 24280  func (s GetContextKeysForPrincipalPolicyInput) GoString() string {
 24281  	return s.String()
 24282  }
 24283  
 24284  // Validate inspects the fields of the type to determine if they are valid.
 24285  func (s *GetContextKeysForPrincipalPolicyInput) Validate() error {
 24286  	invalidParams := request.ErrInvalidParams{Context: "GetContextKeysForPrincipalPolicyInput"}
 24287  	if s.PolicySourceArn == nil {
 24288  		invalidParams.Add(request.NewErrParamRequired("PolicySourceArn"))
 24289  	}
 24290  	if s.PolicySourceArn != nil && len(*s.PolicySourceArn) < 20 {
 24291  		invalidParams.Add(request.NewErrParamMinLen("PolicySourceArn", 20))
 24292  	}
 24293  
 24294  	if invalidParams.Len() > 0 {
 24295  		return invalidParams
 24296  	}
 24297  	return nil
 24298  }
 24299  
 24300  // SetPolicyInputList sets the PolicyInputList field's value.
 24301  func (s *GetContextKeysForPrincipalPolicyInput) SetPolicyInputList(v []*string) *GetContextKeysForPrincipalPolicyInput {
 24302  	s.PolicyInputList = v
 24303  	return s
 24304  }
 24305  
 24306  // SetPolicySourceArn sets the PolicySourceArn field's value.
 24307  func (s *GetContextKeysForPrincipalPolicyInput) SetPolicySourceArn(v string) *GetContextKeysForPrincipalPolicyInput {
 24308  	s.PolicySourceArn = &v
 24309  	return s
 24310  }
 24311  
 24312  type GetCredentialReportInput struct {
 24313  	_ struct{} `type:"structure"`
 24314  }
 24315  
 24316  // String returns the string representation.
 24317  //
 24318  // API parameter values that are decorated as "sensitive" in the API will not
 24319  // be included in the string output. The member name will be present, but the
 24320  // value will be replaced with "sensitive".
 24321  func (s GetCredentialReportInput) String() string {
 24322  	return awsutil.Prettify(s)
 24323  }
 24324  
 24325  // GoString returns the string representation.
 24326  //
 24327  // API parameter values that are decorated as "sensitive" in the API will not
 24328  // be included in the string output. The member name will be present, but the
 24329  // value will be replaced with "sensitive".
 24330  func (s GetCredentialReportInput) GoString() string {
 24331  	return s.String()
 24332  }
 24333  
 24334  // Contains the response to a successful GetCredentialReport request.
 24335  type GetCredentialReportOutput struct {
 24336  	_ struct{} `type:"structure"`
 24337  
 24338  	// Contains the credential report. The report is Base64-encoded.
 24339  	// Content is automatically base64 encoded/decoded by the SDK.
 24340  	Content []byte `type:"blob"`
 24341  
 24342  	// The date and time when the credential report was created, in ISO 8601 date-time
 24343  	// format (http://www.iso.org/iso/iso8601).
 24344  	GeneratedTime *time.Time `type:"timestamp"`
 24345  
 24346  	// The format (MIME type) of the credential report.
 24347  	ReportFormat *string `type:"string" enum:"ReportFormatType"`
 24348  }
 24349  
 24350  // String returns the string representation.
 24351  //
 24352  // API parameter values that are decorated as "sensitive" in the API will not
 24353  // be included in the string output. The member name will be present, but the
 24354  // value will be replaced with "sensitive".
 24355  func (s GetCredentialReportOutput) String() string {
 24356  	return awsutil.Prettify(s)
 24357  }
 24358  
 24359  // GoString returns the string representation.
 24360  //
 24361  // API parameter values that are decorated as "sensitive" in the API will not
 24362  // be included in the string output. The member name will be present, but the
 24363  // value will be replaced with "sensitive".
 24364  func (s GetCredentialReportOutput) GoString() string {
 24365  	return s.String()
 24366  }
 24367  
 24368  // SetContent sets the Content field's value.
 24369  func (s *GetCredentialReportOutput) SetContent(v []byte) *GetCredentialReportOutput {
 24370  	s.Content = v
 24371  	return s
 24372  }
 24373  
 24374  // SetGeneratedTime sets the GeneratedTime field's value.
 24375  func (s *GetCredentialReportOutput) SetGeneratedTime(v time.Time) *GetCredentialReportOutput {
 24376  	s.GeneratedTime = &v
 24377  	return s
 24378  }
 24379  
 24380  // SetReportFormat sets the ReportFormat field's value.
 24381  func (s *GetCredentialReportOutput) SetReportFormat(v string) *GetCredentialReportOutput {
 24382  	s.ReportFormat = &v
 24383  	return s
 24384  }
 24385  
 24386  type GetGroupInput struct {
 24387  	_ struct{} `type:"structure"`
 24388  
 24389  	// The name of the group.
 24390  	//
 24391  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 24392  	// a string of characters consisting of upper and lowercase alphanumeric characters
 24393  	// with no spaces. You can also include any of the following characters: _+=,.@-
 24394  	//
 24395  	// GroupName is a required field
 24396  	GroupName *string `min:"1" type:"string" required:"true"`
 24397  
 24398  	// Use this parameter only when paginating results and only after you receive
 24399  	// a response indicating that the results are truncated. Set it to the value
 24400  	// of the Marker element in the response that you received to indicate where
 24401  	// the next call should start.
 24402  	Marker *string `min:"1" type:"string"`
 24403  
 24404  	// Use this only when paginating results to indicate the maximum number of items
 24405  	// you want in the response. If additional items exist beyond the maximum you
 24406  	// specify, the IsTruncated response element is true.
 24407  	//
 24408  	// If you do not include this parameter, the number of items defaults to 100.
 24409  	// Note that IAM might return fewer results, even when there are more results
 24410  	// available. In that case, the IsTruncated response element returns true, and
 24411  	// Marker contains a value to include in the subsequent call that tells the
 24412  	// service where to continue from.
 24413  	MaxItems *int64 `min:"1" type:"integer"`
 24414  }
 24415  
 24416  // String returns the string representation.
 24417  //
 24418  // API parameter values that are decorated as "sensitive" in the API will not
 24419  // be included in the string output. The member name will be present, but the
 24420  // value will be replaced with "sensitive".
 24421  func (s GetGroupInput) String() string {
 24422  	return awsutil.Prettify(s)
 24423  }
 24424  
 24425  // GoString returns the string representation.
 24426  //
 24427  // API parameter values that are decorated as "sensitive" in the API will not
 24428  // be included in the string output. The member name will be present, but the
 24429  // value will be replaced with "sensitive".
 24430  func (s GetGroupInput) GoString() string {
 24431  	return s.String()
 24432  }
 24433  
 24434  // Validate inspects the fields of the type to determine if they are valid.
 24435  func (s *GetGroupInput) Validate() error {
 24436  	invalidParams := request.ErrInvalidParams{Context: "GetGroupInput"}
 24437  	if s.GroupName == nil {
 24438  		invalidParams.Add(request.NewErrParamRequired("GroupName"))
 24439  	}
 24440  	if s.GroupName != nil && len(*s.GroupName) < 1 {
 24441  		invalidParams.Add(request.NewErrParamMinLen("GroupName", 1))
 24442  	}
 24443  	if s.Marker != nil && len(*s.Marker) < 1 {
 24444  		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
 24445  	}
 24446  	if s.MaxItems != nil && *s.MaxItems < 1 {
 24447  		invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1))
 24448  	}
 24449  
 24450  	if invalidParams.Len() > 0 {
 24451  		return invalidParams
 24452  	}
 24453  	return nil
 24454  }
 24455  
 24456  // SetGroupName sets the GroupName field's value.
 24457  func (s *GetGroupInput) SetGroupName(v string) *GetGroupInput {
 24458  	s.GroupName = &v
 24459  	return s
 24460  }
 24461  
 24462  // SetMarker sets the Marker field's value.
 24463  func (s *GetGroupInput) SetMarker(v string) *GetGroupInput {
 24464  	s.Marker = &v
 24465  	return s
 24466  }
 24467  
 24468  // SetMaxItems sets the MaxItems field's value.
 24469  func (s *GetGroupInput) SetMaxItems(v int64) *GetGroupInput {
 24470  	s.MaxItems = &v
 24471  	return s
 24472  }
 24473  
 24474  // Contains the response to a successful GetGroup request.
 24475  type GetGroupOutput struct {
 24476  	_ struct{} `type:"structure"`
 24477  
 24478  	// A structure that contains details about the group.
 24479  	//
 24480  	// Group is a required field
 24481  	Group *Group `type:"structure" required:"true"`
 24482  
 24483  	// A flag that indicates whether there are more items to return. If your results
 24484  	// were truncated, you can make a subsequent pagination request using the Marker
 24485  	// request parameter to retrieve more items. Note that IAM might return fewer
 24486  	// than the MaxItems number of results even when there are more results available.
 24487  	// We recommend that you check IsTruncated after every call to ensure that you
 24488  	// receive all your results.
 24489  	IsTruncated *bool `type:"boolean"`
 24490  
 24491  	// When IsTruncated is true, this element is present and contains the value
 24492  	// to use for the Marker parameter in a subsequent pagination request.
 24493  	Marker *string `type:"string"`
 24494  
 24495  	// A list of users in the group.
 24496  	//
 24497  	// Users is a required field
 24498  	Users []*User `type:"list" required:"true"`
 24499  }
 24500  
 24501  // String returns the string representation.
 24502  //
 24503  // API parameter values that are decorated as "sensitive" in the API will not
 24504  // be included in the string output. The member name will be present, but the
 24505  // value will be replaced with "sensitive".
 24506  func (s GetGroupOutput) String() string {
 24507  	return awsutil.Prettify(s)
 24508  }
 24509  
 24510  // GoString returns the string representation.
 24511  //
 24512  // API parameter values that are decorated as "sensitive" in the API will not
 24513  // be included in the string output. The member name will be present, but the
 24514  // value will be replaced with "sensitive".
 24515  func (s GetGroupOutput) GoString() string {
 24516  	return s.String()
 24517  }
 24518  
 24519  // SetGroup sets the Group field's value.
 24520  func (s *GetGroupOutput) SetGroup(v *Group) *GetGroupOutput {
 24521  	s.Group = v
 24522  	return s
 24523  }
 24524  
 24525  // SetIsTruncated sets the IsTruncated field's value.
 24526  func (s *GetGroupOutput) SetIsTruncated(v bool) *GetGroupOutput {
 24527  	s.IsTruncated = &v
 24528  	return s
 24529  }
 24530  
 24531  // SetMarker sets the Marker field's value.
 24532  func (s *GetGroupOutput) SetMarker(v string) *GetGroupOutput {
 24533  	s.Marker = &v
 24534  	return s
 24535  }
 24536  
 24537  // SetUsers sets the Users field's value.
 24538  func (s *GetGroupOutput) SetUsers(v []*User) *GetGroupOutput {
 24539  	s.Users = v
 24540  	return s
 24541  }
 24542  
 24543  type GetGroupPolicyInput struct {
 24544  	_ struct{} `type:"structure"`
 24545  
 24546  	// The name of the group the policy is associated with.
 24547  	//
 24548  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 24549  	// a string of characters consisting of upper and lowercase alphanumeric characters
 24550  	// with no spaces. You can also include any of the following characters: _+=,.@-
 24551  	//
 24552  	// GroupName is a required field
 24553  	GroupName *string `min:"1" type:"string" required:"true"`
 24554  
 24555  	// The name of the policy document to get.
 24556  	//
 24557  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 24558  	// a string of characters consisting of upper and lowercase alphanumeric characters
 24559  	// with no spaces. You can also include any of the following characters: _+=,.@-
 24560  	//
 24561  	// PolicyName is a required field
 24562  	PolicyName *string `min:"1" type:"string" required:"true"`
 24563  }
 24564  
 24565  // String returns the string representation.
 24566  //
 24567  // API parameter values that are decorated as "sensitive" in the API will not
 24568  // be included in the string output. The member name will be present, but the
 24569  // value will be replaced with "sensitive".
 24570  func (s GetGroupPolicyInput) String() string {
 24571  	return awsutil.Prettify(s)
 24572  }
 24573  
 24574  // GoString returns the string representation.
 24575  //
 24576  // API parameter values that are decorated as "sensitive" in the API will not
 24577  // be included in the string output. The member name will be present, but the
 24578  // value will be replaced with "sensitive".
 24579  func (s GetGroupPolicyInput) GoString() string {
 24580  	return s.String()
 24581  }
 24582  
 24583  // Validate inspects the fields of the type to determine if they are valid.
 24584  func (s *GetGroupPolicyInput) Validate() error {
 24585  	invalidParams := request.ErrInvalidParams{Context: "GetGroupPolicyInput"}
 24586  	if s.GroupName == nil {
 24587  		invalidParams.Add(request.NewErrParamRequired("GroupName"))
 24588  	}
 24589  	if s.GroupName != nil && len(*s.GroupName) < 1 {
 24590  		invalidParams.Add(request.NewErrParamMinLen("GroupName", 1))
 24591  	}
 24592  	if s.PolicyName == nil {
 24593  		invalidParams.Add(request.NewErrParamRequired("PolicyName"))
 24594  	}
 24595  	if s.PolicyName != nil && len(*s.PolicyName) < 1 {
 24596  		invalidParams.Add(request.NewErrParamMinLen("PolicyName", 1))
 24597  	}
 24598  
 24599  	if invalidParams.Len() > 0 {
 24600  		return invalidParams
 24601  	}
 24602  	return nil
 24603  }
 24604  
 24605  // SetGroupName sets the GroupName field's value.
 24606  func (s *GetGroupPolicyInput) SetGroupName(v string) *GetGroupPolicyInput {
 24607  	s.GroupName = &v
 24608  	return s
 24609  }
 24610  
 24611  // SetPolicyName sets the PolicyName field's value.
 24612  func (s *GetGroupPolicyInput) SetPolicyName(v string) *GetGroupPolicyInput {
 24613  	s.PolicyName = &v
 24614  	return s
 24615  }
 24616  
 24617  // Contains the response to a successful GetGroupPolicy request.
 24618  type GetGroupPolicyOutput struct {
 24619  	_ struct{} `type:"structure"`
 24620  
 24621  	// The group the policy is associated with.
 24622  	//
 24623  	// GroupName is a required field
 24624  	GroupName *string `min:"1" type:"string" required:"true"`
 24625  
 24626  	// The policy document.
 24627  	//
 24628  	// IAM stores policies in JSON format. However, resources that were created
 24629  	// using CloudFormation templates can be formatted in YAML. CloudFormation always
 24630  	// converts a YAML policy to JSON format before submitting it to IAM.
 24631  	//
 24632  	// PolicyDocument is a required field
 24633  	PolicyDocument *string `min:"1" type:"string" required:"true"`
 24634  
 24635  	// The name of the policy.
 24636  	//
 24637  	// PolicyName is a required field
 24638  	PolicyName *string `min:"1" type:"string" required:"true"`
 24639  }
 24640  
 24641  // String returns the string representation.
 24642  //
 24643  // API parameter values that are decorated as "sensitive" in the API will not
 24644  // be included in the string output. The member name will be present, but the
 24645  // value will be replaced with "sensitive".
 24646  func (s GetGroupPolicyOutput) String() string {
 24647  	return awsutil.Prettify(s)
 24648  }
 24649  
 24650  // GoString returns the string representation.
 24651  //
 24652  // API parameter values that are decorated as "sensitive" in the API will not
 24653  // be included in the string output. The member name will be present, but the
 24654  // value will be replaced with "sensitive".
 24655  func (s GetGroupPolicyOutput) GoString() string {
 24656  	return s.String()
 24657  }
 24658  
 24659  // SetGroupName sets the GroupName field's value.
 24660  func (s *GetGroupPolicyOutput) SetGroupName(v string) *GetGroupPolicyOutput {
 24661  	s.GroupName = &v
 24662  	return s
 24663  }
 24664  
 24665  // SetPolicyDocument sets the PolicyDocument field's value.
 24666  func (s *GetGroupPolicyOutput) SetPolicyDocument(v string) *GetGroupPolicyOutput {
 24667  	s.PolicyDocument = &v
 24668  	return s
 24669  }
 24670  
 24671  // SetPolicyName sets the PolicyName field's value.
 24672  func (s *GetGroupPolicyOutput) SetPolicyName(v string) *GetGroupPolicyOutput {
 24673  	s.PolicyName = &v
 24674  	return s
 24675  }
 24676  
 24677  type GetInstanceProfileInput struct {
 24678  	_ struct{} `type:"structure"`
 24679  
 24680  	// The name of the instance profile to get information about.
 24681  	//
 24682  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 24683  	// a string of characters consisting of upper and lowercase alphanumeric characters
 24684  	// with no spaces. You can also include any of the following characters: _+=,.@-
 24685  	//
 24686  	// InstanceProfileName is a required field
 24687  	InstanceProfileName *string `min:"1" type:"string" required:"true"`
 24688  }
 24689  
 24690  // String returns the string representation.
 24691  //
 24692  // API parameter values that are decorated as "sensitive" in the API will not
 24693  // be included in the string output. The member name will be present, but the
 24694  // value will be replaced with "sensitive".
 24695  func (s GetInstanceProfileInput) String() string {
 24696  	return awsutil.Prettify(s)
 24697  }
 24698  
 24699  // GoString returns the string representation.
 24700  //
 24701  // API parameter values that are decorated as "sensitive" in the API will not
 24702  // be included in the string output. The member name will be present, but the
 24703  // value will be replaced with "sensitive".
 24704  func (s GetInstanceProfileInput) GoString() string {
 24705  	return s.String()
 24706  }
 24707  
 24708  // Validate inspects the fields of the type to determine if they are valid.
 24709  func (s *GetInstanceProfileInput) Validate() error {
 24710  	invalidParams := request.ErrInvalidParams{Context: "GetInstanceProfileInput"}
 24711  	if s.InstanceProfileName == nil {
 24712  		invalidParams.Add(request.NewErrParamRequired("InstanceProfileName"))
 24713  	}
 24714  	if s.InstanceProfileName != nil && len(*s.InstanceProfileName) < 1 {
 24715  		invalidParams.Add(request.NewErrParamMinLen("InstanceProfileName", 1))
 24716  	}
 24717  
 24718  	if invalidParams.Len() > 0 {
 24719  		return invalidParams
 24720  	}
 24721  	return nil
 24722  }
 24723  
 24724  // SetInstanceProfileName sets the InstanceProfileName field's value.
 24725  func (s *GetInstanceProfileInput) SetInstanceProfileName(v string) *GetInstanceProfileInput {
 24726  	s.InstanceProfileName = &v
 24727  	return s
 24728  }
 24729  
 24730  // Contains the response to a successful GetInstanceProfile request.
 24731  type GetInstanceProfileOutput struct {
 24732  	_ struct{} `type:"structure"`
 24733  
 24734  	// A structure containing details about the instance profile.
 24735  	//
 24736  	// InstanceProfile is a required field
 24737  	InstanceProfile *InstanceProfile `type:"structure" required:"true"`
 24738  }
 24739  
 24740  // String returns the string representation.
 24741  //
 24742  // API parameter values that are decorated as "sensitive" in the API will not
 24743  // be included in the string output. The member name will be present, but the
 24744  // value will be replaced with "sensitive".
 24745  func (s GetInstanceProfileOutput) String() string {
 24746  	return awsutil.Prettify(s)
 24747  }
 24748  
 24749  // GoString returns the string representation.
 24750  //
 24751  // API parameter values that are decorated as "sensitive" in the API will not
 24752  // be included in the string output. The member name will be present, but the
 24753  // value will be replaced with "sensitive".
 24754  func (s GetInstanceProfileOutput) GoString() string {
 24755  	return s.String()
 24756  }
 24757  
 24758  // SetInstanceProfile sets the InstanceProfile field's value.
 24759  func (s *GetInstanceProfileOutput) SetInstanceProfile(v *InstanceProfile) *GetInstanceProfileOutput {
 24760  	s.InstanceProfile = v
 24761  	return s
 24762  }
 24763  
 24764  type GetLoginProfileInput struct {
 24765  	_ struct{} `type:"structure"`
 24766  
 24767  	// The name of the user whose login profile you want to retrieve.
 24768  	//
 24769  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 24770  	// a string of characters consisting of upper and lowercase alphanumeric characters
 24771  	// with no spaces. You can also include any of the following characters: _+=,.@-
 24772  	//
 24773  	// UserName is a required field
 24774  	UserName *string `min:"1" type:"string" required:"true"`
 24775  }
 24776  
 24777  // String returns the string representation.
 24778  //
 24779  // API parameter values that are decorated as "sensitive" in the API will not
 24780  // be included in the string output. The member name will be present, but the
 24781  // value will be replaced with "sensitive".
 24782  func (s GetLoginProfileInput) String() string {
 24783  	return awsutil.Prettify(s)
 24784  }
 24785  
 24786  // GoString returns the string representation.
 24787  //
 24788  // API parameter values that are decorated as "sensitive" in the API will not
 24789  // be included in the string output. The member name will be present, but the
 24790  // value will be replaced with "sensitive".
 24791  func (s GetLoginProfileInput) GoString() string {
 24792  	return s.String()
 24793  }
 24794  
 24795  // Validate inspects the fields of the type to determine if they are valid.
 24796  func (s *GetLoginProfileInput) Validate() error {
 24797  	invalidParams := request.ErrInvalidParams{Context: "GetLoginProfileInput"}
 24798  	if s.UserName == nil {
 24799  		invalidParams.Add(request.NewErrParamRequired("UserName"))
 24800  	}
 24801  	if s.UserName != nil && len(*s.UserName) < 1 {
 24802  		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
 24803  	}
 24804  
 24805  	if invalidParams.Len() > 0 {
 24806  		return invalidParams
 24807  	}
 24808  	return nil
 24809  }
 24810  
 24811  // SetUserName sets the UserName field's value.
 24812  func (s *GetLoginProfileInput) SetUserName(v string) *GetLoginProfileInput {
 24813  	s.UserName = &v
 24814  	return s
 24815  }
 24816  
 24817  // Contains the response to a successful GetLoginProfile request.
 24818  type GetLoginProfileOutput struct {
 24819  	_ struct{} `type:"structure"`
 24820  
 24821  	// A structure containing the user name and the profile creation date for the
 24822  	// user.
 24823  	//
 24824  	// LoginProfile is a required field
 24825  	LoginProfile *LoginProfile `type:"structure" required:"true"`
 24826  }
 24827  
 24828  // String returns the string representation.
 24829  //
 24830  // API parameter values that are decorated as "sensitive" in the API will not
 24831  // be included in the string output. The member name will be present, but the
 24832  // value will be replaced with "sensitive".
 24833  func (s GetLoginProfileOutput) String() string {
 24834  	return awsutil.Prettify(s)
 24835  }
 24836  
 24837  // GoString returns the string representation.
 24838  //
 24839  // API parameter values that are decorated as "sensitive" in the API will not
 24840  // be included in the string output. The member name will be present, but the
 24841  // value will be replaced with "sensitive".
 24842  func (s GetLoginProfileOutput) GoString() string {
 24843  	return s.String()
 24844  }
 24845  
 24846  // SetLoginProfile sets the LoginProfile field's value.
 24847  func (s *GetLoginProfileOutput) SetLoginProfile(v *LoginProfile) *GetLoginProfileOutput {
 24848  	s.LoginProfile = v
 24849  	return s
 24850  }
 24851  
 24852  type GetOpenIDConnectProviderInput struct {
 24853  	_ struct{} `type:"structure"`
 24854  
 24855  	// The Amazon Resource Name (ARN) of the OIDC provider resource object in IAM
 24856  	// to get information for. You can get a list of OIDC provider resource ARNs
 24857  	// by using the ListOpenIDConnectProviders operation.
 24858  	//
 24859  	// For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
 24860  	// in the Amazon Web Services General Reference.
 24861  	//
 24862  	// OpenIDConnectProviderArn is a required field
 24863  	OpenIDConnectProviderArn *string `min:"20" type:"string" required:"true"`
 24864  }
 24865  
 24866  // String returns the string representation.
 24867  //
 24868  // API parameter values that are decorated as "sensitive" in the API will not
 24869  // be included in the string output. The member name will be present, but the
 24870  // value will be replaced with "sensitive".
 24871  func (s GetOpenIDConnectProviderInput) String() string {
 24872  	return awsutil.Prettify(s)
 24873  }
 24874  
 24875  // GoString returns the string representation.
 24876  //
 24877  // API parameter values that are decorated as "sensitive" in the API will not
 24878  // be included in the string output. The member name will be present, but the
 24879  // value will be replaced with "sensitive".
 24880  func (s GetOpenIDConnectProviderInput) GoString() string {
 24881  	return s.String()
 24882  }
 24883  
 24884  // Validate inspects the fields of the type to determine if they are valid.
 24885  func (s *GetOpenIDConnectProviderInput) Validate() error {
 24886  	invalidParams := request.ErrInvalidParams{Context: "GetOpenIDConnectProviderInput"}
 24887  	if s.OpenIDConnectProviderArn == nil {
 24888  		invalidParams.Add(request.NewErrParamRequired("OpenIDConnectProviderArn"))
 24889  	}
 24890  	if s.OpenIDConnectProviderArn != nil && len(*s.OpenIDConnectProviderArn) < 20 {
 24891  		invalidParams.Add(request.NewErrParamMinLen("OpenIDConnectProviderArn", 20))
 24892  	}
 24893  
 24894  	if invalidParams.Len() > 0 {
 24895  		return invalidParams
 24896  	}
 24897  	return nil
 24898  }
 24899  
 24900  // SetOpenIDConnectProviderArn sets the OpenIDConnectProviderArn field's value.
 24901  func (s *GetOpenIDConnectProviderInput) SetOpenIDConnectProviderArn(v string) *GetOpenIDConnectProviderInput {
 24902  	s.OpenIDConnectProviderArn = &v
 24903  	return s
 24904  }
 24905  
 24906  // Contains the response to a successful GetOpenIDConnectProvider request.
 24907  type GetOpenIDConnectProviderOutput struct {
 24908  	_ struct{} `type:"structure"`
 24909  
 24910  	// A list of client IDs (also known as audiences) that are associated with the
 24911  	// specified IAM OIDC provider resource object. For more information, see CreateOpenIDConnectProvider.
 24912  	ClientIDList []*string `type:"list"`
 24913  
 24914  	// The date and time when the IAM OIDC provider resource object was created
 24915  	// in the Amazon Web Services account.
 24916  	CreateDate *time.Time `type:"timestamp"`
 24917  
 24918  	// A list of tags that are attached to the specified IAM OIDC provider. The
 24919  	// returned list of tags is sorted by tag key. For more information about tagging,
 24920  	// see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
 24921  	// in the IAM User Guide.
 24922  	Tags []*Tag `type:"list"`
 24923  
 24924  	// A list of certificate thumbprints that are associated with the specified
 24925  	// IAM OIDC provider resource object. For more information, see CreateOpenIDConnectProvider.
 24926  	ThumbprintList []*string `type:"list"`
 24927  
 24928  	// The URL that the IAM OIDC provider resource object is associated with. For
 24929  	// more information, see CreateOpenIDConnectProvider.
 24930  	Url *string `min:"1" type:"string"`
 24931  }
 24932  
 24933  // String returns the string representation.
 24934  //
 24935  // API parameter values that are decorated as "sensitive" in the API will not
 24936  // be included in the string output. The member name will be present, but the
 24937  // value will be replaced with "sensitive".
 24938  func (s GetOpenIDConnectProviderOutput) String() string {
 24939  	return awsutil.Prettify(s)
 24940  }
 24941  
 24942  // GoString returns the string representation.
 24943  //
 24944  // API parameter values that are decorated as "sensitive" in the API will not
 24945  // be included in the string output. The member name will be present, but the
 24946  // value will be replaced with "sensitive".
 24947  func (s GetOpenIDConnectProviderOutput) GoString() string {
 24948  	return s.String()
 24949  }
 24950  
 24951  // SetClientIDList sets the ClientIDList field's value.
 24952  func (s *GetOpenIDConnectProviderOutput) SetClientIDList(v []*string) *GetOpenIDConnectProviderOutput {
 24953  	s.ClientIDList = v
 24954  	return s
 24955  }
 24956  
 24957  // SetCreateDate sets the CreateDate field's value.
 24958  func (s *GetOpenIDConnectProviderOutput) SetCreateDate(v time.Time) *GetOpenIDConnectProviderOutput {
 24959  	s.CreateDate = &v
 24960  	return s
 24961  }
 24962  
 24963  // SetTags sets the Tags field's value.
 24964  func (s *GetOpenIDConnectProviderOutput) SetTags(v []*Tag) *GetOpenIDConnectProviderOutput {
 24965  	s.Tags = v
 24966  	return s
 24967  }
 24968  
 24969  // SetThumbprintList sets the ThumbprintList field's value.
 24970  func (s *GetOpenIDConnectProviderOutput) SetThumbprintList(v []*string) *GetOpenIDConnectProviderOutput {
 24971  	s.ThumbprintList = v
 24972  	return s
 24973  }
 24974  
 24975  // SetUrl sets the Url field's value.
 24976  func (s *GetOpenIDConnectProviderOutput) SetUrl(v string) *GetOpenIDConnectProviderOutput {
 24977  	s.Url = &v
 24978  	return s
 24979  }
 24980  
 24981  type GetOrganizationsAccessReportInput struct {
 24982  	_ struct{} `type:"structure"`
 24983  
 24984  	// The identifier of the request generated by the GenerateOrganizationsAccessReport
 24985  	// operation.
 24986  	//
 24987  	// JobId is a required field
 24988  	JobId *string `min:"36" type:"string" required:"true"`
 24989  
 24990  	// Use this parameter only when paginating results and only after you receive
 24991  	// a response indicating that the results are truncated. Set it to the value
 24992  	// of the Marker element in the response that you received to indicate where
 24993  	// the next call should start.
 24994  	Marker *string `min:"1" type:"string"`
 24995  
 24996  	// Use this only when paginating results to indicate the maximum number of items
 24997  	// you want in the response. If additional items exist beyond the maximum you
 24998  	// specify, the IsTruncated response element is true.
 24999  	//
 25000  	// If you do not include this parameter, the number of items defaults to 100.
 25001  	// Note that IAM might return fewer results, even when there are more results
 25002  	// available. In that case, the IsTruncated response element returns true, and
 25003  	// Marker contains a value to include in the subsequent call that tells the
 25004  	// service where to continue from.
 25005  	MaxItems *int64 `min:"1" type:"integer"`
 25006  
 25007  	// The key that is used to sort the results. If you choose the namespace key,
 25008  	// the results are returned in alphabetical order. If you choose the time key,
 25009  	// the results are sorted numerically by the date and time.
 25010  	SortKey *string `type:"string" enum:"SortKeyType"`
 25011  }
 25012  
 25013  // String returns the string representation.
 25014  //
 25015  // API parameter values that are decorated as "sensitive" in the API will not
 25016  // be included in the string output. The member name will be present, but the
 25017  // value will be replaced with "sensitive".
 25018  func (s GetOrganizationsAccessReportInput) String() string {
 25019  	return awsutil.Prettify(s)
 25020  }
 25021  
 25022  // GoString returns the string representation.
 25023  //
 25024  // API parameter values that are decorated as "sensitive" in the API will not
 25025  // be included in the string output. The member name will be present, but the
 25026  // value will be replaced with "sensitive".
 25027  func (s GetOrganizationsAccessReportInput) GoString() string {
 25028  	return s.String()
 25029  }
 25030  
 25031  // Validate inspects the fields of the type to determine if they are valid.
 25032  func (s *GetOrganizationsAccessReportInput) Validate() error {
 25033  	invalidParams := request.ErrInvalidParams{Context: "GetOrganizationsAccessReportInput"}
 25034  	if s.JobId == nil {
 25035  		invalidParams.Add(request.NewErrParamRequired("JobId"))
 25036  	}
 25037  	if s.JobId != nil && len(*s.JobId) < 36 {
 25038  		invalidParams.Add(request.NewErrParamMinLen("JobId", 36))
 25039  	}
 25040  	if s.Marker != nil && len(*s.Marker) < 1 {
 25041  		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
 25042  	}
 25043  	if s.MaxItems != nil && *s.MaxItems < 1 {
 25044  		invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1))
 25045  	}
 25046  
 25047  	if invalidParams.Len() > 0 {
 25048  		return invalidParams
 25049  	}
 25050  	return nil
 25051  }
 25052  
 25053  // SetJobId sets the JobId field's value.
 25054  func (s *GetOrganizationsAccessReportInput) SetJobId(v string) *GetOrganizationsAccessReportInput {
 25055  	s.JobId = &v
 25056  	return s
 25057  }
 25058  
 25059  // SetMarker sets the Marker field's value.
 25060  func (s *GetOrganizationsAccessReportInput) SetMarker(v string) *GetOrganizationsAccessReportInput {
 25061  	s.Marker = &v
 25062  	return s
 25063  }
 25064  
 25065  // SetMaxItems sets the MaxItems field's value.
 25066  func (s *GetOrganizationsAccessReportInput) SetMaxItems(v int64) *GetOrganizationsAccessReportInput {
 25067  	s.MaxItems = &v
 25068  	return s
 25069  }
 25070  
 25071  // SetSortKey sets the SortKey field's value.
 25072  func (s *GetOrganizationsAccessReportInput) SetSortKey(v string) *GetOrganizationsAccessReportInput {
 25073  	s.SortKey = &v
 25074  	return s
 25075  }
 25076  
 25077  type GetOrganizationsAccessReportOutput struct {
 25078  	_ struct{} `type:"structure"`
 25079  
 25080  	// An object that contains details about the most recent attempt to access the
 25081  	// service.
 25082  	AccessDetails []*AccessDetail `type:"list"`
 25083  
 25084  	// Contains information about the reason that the operation failed.
 25085  	//
 25086  	// This data type is used as a response element in the GetOrganizationsAccessReport,
 25087  	// GetServiceLastAccessedDetails, and GetServiceLastAccessedDetailsWithEntities
 25088  	// operations.
 25089  	ErrorDetails *ErrorDetails `type:"structure"`
 25090  
 25091  	// A flag that indicates whether there are more items to return. If your results
 25092  	// were truncated, you can make a subsequent pagination request using the Marker
 25093  	// request parameter to retrieve more items. Note that IAM might return fewer
 25094  	// than the MaxItems number of results even when there are more results available.
 25095  	// We recommend that you check IsTruncated after every call to ensure that you
 25096  	// receive all your results.
 25097  	IsTruncated *bool `type:"boolean"`
 25098  
 25099  	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
 25100  	// when the generated report job was completed or failed.
 25101  	//
 25102  	// This field is null if the job is still in progress, as indicated by a job
 25103  	// status value of IN_PROGRESS.
 25104  	JobCompletionDate *time.Time `type:"timestamp"`
 25105  
 25106  	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
 25107  	// when the report job was created.
 25108  	//
 25109  	// JobCreationDate is a required field
 25110  	JobCreationDate *time.Time `type:"timestamp" required:"true"`
 25111  
 25112  	// The status of the job.
 25113  	//
 25114  	// JobStatus is a required field
 25115  	JobStatus *string `type:"string" required:"true" enum:"JobStatusType"`
 25116  
 25117  	// When IsTruncated is true, this element is present and contains the value
 25118  	// to use for the Marker parameter in a subsequent pagination request.
 25119  	Marker *string `min:"1" type:"string"`
 25120  
 25121  	// The number of services that the applicable SCPs allow account principals
 25122  	// to access.
 25123  	NumberOfServicesAccessible *int64 `type:"integer"`
 25124  
 25125  	// The number of services that account principals are allowed but did not attempt
 25126  	// to access.
 25127  	NumberOfServicesNotAccessed *int64 `type:"integer"`
 25128  }
 25129  
 25130  // String returns the string representation.
 25131  //
 25132  // API parameter values that are decorated as "sensitive" in the API will not
 25133  // be included in the string output. The member name will be present, but the
 25134  // value will be replaced with "sensitive".
 25135  func (s GetOrganizationsAccessReportOutput) String() string {
 25136  	return awsutil.Prettify(s)
 25137  }
 25138  
 25139  // GoString returns the string representation.
 25140  //
 25141  // API parameter values that are decorated as "sensitive" in the API will not
 25142  // be included in the string output. The member name will be present, but the
 25143  // value will be replaced with "sensitive".
 25144  func (s GetOrganizationsAccessReportOutput) GoString() string {
 25145  	return s.String()
 25146  }
 25147  
 25148  // SetAccessDetails sets the AccessDetails field's value.
 25149  func (s *GetOrganizationsAccessReportOutput) SetAccessDetails(v []*AccessDetail) *GetOrganizationsAccessReportOutput {
 25150  	s.AccessDetails = v
 25151  	return s
 25152  }
 25153  
 25154  // SetErrorDetails sets the ErrorDetails field's value.
 25155  func (s *GetOrganizationsAccessReportOutput) SetErrorDetails(v *ErrorDetails) *GetOrganizationsAccessReportOutput {
 25156  	s.ErrorDetails = v
 25157  	return s
 25158  }
 25159  
 25160  // SetIsTruncated sets the IsTruncated field's value.
 25161  func (s *GetOrganizationsAccessReportOutput) SetIsTruncated(v bool) *GetOrganizationsAccessReportOutput {
 25162  	s.IsTruncated = &v
 25163  	return s
 25164  }
 25165  
 25166  // SetJobCompletionDate sets the JobCompletionDate field's value.
 25167  func (s *GetOrganizationsAccessReportOutput) SetJobCompletionDate(v time.Time) *GetOrganizationsAccessReportOutput {
 25168  	s.JobCompletionDate = &v
 25169  	return s
 25170  }
 25171  
 25172  // SetJobCreationDate sets the JobCreationDate field's value.
 25173  func (s *GetOrganizationsAccessReportOutput) SetJobCreationDate(v time.Time) *GetOrganizationsAccessReportOutput {
 25174  	s.JobCreationDate = &v
 25175  	return s
 25176  }
 25177  
 25178  // SetJobStatus sets the JobStatus field's value.
 25179  func (s *GetOrganizationsAccessReportOutput) SetJobStatus(v string) *GetOrganizationsAccessReportOutput {
 25180  	s.JobStatus = &v
 25181  	return s
 25182  }
 25183  
 25184  // SetMarker sets the Marker field's value.
 25185  func (s *GetOrganizationsAccessReportOutput) SetMarker(v string) *GetOrganizationsAccessReportOutput {
 25186  	s.Marker = &v
 25187  	return s
 25188  }
 25189  
 25190  // SetNumberOfServicesAccessible sets the NumberOfServicesAccessible field's value.
 25191  func (s *GetOrganizationsAccessReportOutput) SetNumberOfServicesAccessible(v int64) *GetOrganizationsAccessReportOutput {
 25192  	s.NumberOfServicesAccessible = &v
 25193  	return s
 25194  }
 25195  
 25196  // SetNumberOfServicesNotAccessed sets the NumberOfServicesNotAccessed field's value.
 25197  func (s *GetOrganizationsAccessReportOutput) SetNumberOfServicesNotAccessed(v int64) *GetOrganizationsAccessReportOutput {
 25198  	s.NumberOfServicesNotAccessed = &v
 25199  	return s
 25200  }
 25201  
 25202  type GetPolicyInput struct {
 25203  	_ struct{} `type:"structure"`
 25204  
 25205  	// The Amazon Resource Name (ARN) of the managed policy that you want information
 25206  	// about.
 25207  	//
 25208  	// For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
 25209  	// in the Amazon Web Services General Reference.
 25210  	//
 25211  	// PolicyArn is a required field
 25212  	PolicyArn *string `min:"20" type:"string" required:"true"`
 25213  }
 25214  
 25215  // String returns the string representation.
 25216  //
 25217  // API parameter values that are decorated as "sensitive" in the API will not
 25218  // be included in the string output. The member name will be present, but the
 25219  // value will be replaced with "sensitive".
 25220  func (s GetPolicyInput) String() string {
 25221  	return awsutil.Prettify(s)
 25222  }
 25223  
 25224  // GoString returns the string representation.
 25225  //
 25226  // API parameter values that are decorated as "sensitive" in the API will not
 25227  // be included in the string output. The member name will be present, but the
 25228  // value will be replaced with "sensitive".
 25229  func (s GetPolicyInput) GoString() string {
 25230  	return s.String()
 25231  }
 25232  
 25233  // Validate inspects the fields of the type to determine if they are valid.
 25234  func (s *GetPolicyInput) Validate() error {
 25235  	invalidParams := request.ErrInvalidParams{Context: "GetPolicyInput"}
 25236  	if s.PolicyArn == nil {
 25237  		invalidParams.Add(request.NewErrParamRequired("PolicyArn"))
 25238  	}
 25239  	if s.PolicyArn != nil && len(*s.PolicyArn) < 20 {
 25240  		invalidParams.Add(request.NewErrParamMinLen("PolicyArn", 20))
 25241  	}
 25242  
 25243  	if invalidParams.Len() > 0 {
 25244  		return invalidParams
 25245  	}
 25246  	return nil
 25247  }
 25248  
 25249  // SetPolicyArn sets the PolicyArn field's value.
 25250  func (s *GetPolicyInput) SetPolicyArn(v string) *GetPolicyInput {
 25251  	s.PolicyArn = &v
 25252  	return s
 25253  }
 25254  
 25255  // Contains the response to a successful GetPolicy request.
 25256  type GetPolicyOutput struct {
 25257  	_ struct{} `type:"structure"`
 25258  
 25259  	// A structure containing details about the policy.
 25260  	Policy *Policy `type:"structure"`
 25261  }
 25262  
 25263  // String returns the string representation.
 25264  //
 25265  // API parameter values that are decorated as "sensitive" in the API will not
 25266  // be included in the string output. The member name will be present, but the
 25267  // value will be replaced with "sensitive".
 25268  func (s GetPolicyOutput) String() string {
 25269  	return awsutil.Prettify(s)
 25270  }
 25271  
 25272  // GoString returns the string representation.
 25273  //
 25274  // API parameter values that are decorated as "sensitive" in the API will not
 25275  // be included in the string output. The member name will be present, but the
 25276  // value will be replaced with "sensitive".
 25277  func (s GetPolicyOutput) GoString() string {
 25278  	return s.String()
 25279  }
 25280  
 25281  // SetPolicy sets the Policy field's value.
 25282  func (s *GetPolicyOutput) SetPolicy(v *Policy) *GetPolicyOutput {
 25283  	s.Policy = v
 25284  	return s
 25285  }
 25286  
 25287  type GetPolicyVersionInput struct {
 25288  	_ struct{} `type:"structure"`
 25289  
 25290  	// The Amazon Resource Name (ARN) of the managed policy that you want information
 25291  	// about.
 25292  	//
 25293  	// For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
 25294  	// in the Amazon Web Services General Reference.
 25295  	//
 25296  	// PolicyArn is a required field
 25297  	PolicyArn *string `min:"20" type:"string" required:"true"`
 25298  
 25299  	// Identifies the policy version to retrieve.
 25300  	//
 25301  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 25302  	// a string of characters that consists of the lowercase letter 'v' followed
 25303  	// by one or two digits, and optionally followed by a period '.' and a string
 25304  	// of letters and digits.
 25305  	//
 25306  	// VersionId is a required field
 25307  	VersionId *string `type:"string" required:"true"`
 25308  }
 25309  
 25310  // String returns the string representation.
 25311  //
 25312  // API parameter values that are decorated as "sensitive" in the API will not
 25313  // be included in the string output. The member name will be present, but the
 25314  // value will be replaced with "sensitive".
 25315  func (s GetPolicyVersionInput) String() string {
 25316  	return awsutil.Prettify(s)
 25317  }
 25318  
 25319  // GoString returns the string representation.
 25320  //
 25321  // API parameter values that are decorated as "sensitive" in the API will not
 25322  // be included in the string output. The member name will be present, but the
 25323  // value will be replaced with "sensitive".
 25324  func (s GetPolicyVersionInput) GoString() string {
 25325  	return s.String()
 25326  }
 25327  
 25328  // Validate inspects the fields of the type to determine if they are valid.
 25329  func (s *GetPolicyVersionInput) Validate() error {
 25330  	invalidParams := request.ErrInvalidParams{Context: "GetPolicyVersionInput"}
 25331  	if s.PolicyArn == nil {
 25332  		invalidParams.Add(request.NewErrParamRequired("PolicyArn"))
 25333  	}
 25334  	if s.PolicyArn != nil && len(*s.PolicyArn) < 20 {
 25335  		invalidParams.Add(request.NewErrParamMinLen("PolicyArn", 20))
 25336  	}
 25337  	if s.VersionId == nil {
 25338  		invalidParams.Add(request.NewErrParamRequired("VersionId"))
 25339  	}
 25340  
 25341  	if invalidParams.Len() > 0 {
 25342  		return invalidParams
 25343  	}
 25344  	return nil
 25345  }
 25346  
 25347  // SetPolicyArn sets the PolicyArn field's value.
 25348  func (s *GetPolicyVersionInput) SetPolicyArn(v string) *GetPolicyVersionInput {
 25349  	s.PolicyArn = &v
 25350  	return s
 25351  }
 25352  
 25353  // SetVersionId sets the VersionId field's value.
 25354  func (s *GetPolicyVersionInput) SetVersionId(v string) *GetPolicyVersionInput {
 25355  	s.VersionId = &v
 25356  	return s
 25357  }
 25358  
 25359  // Contains the response to a successful GetPolicyVersion request.
 25360  type GetPolicyVersionOutput struct {
 25361  	_ struct{} `type:"structure"`
 25362  
 25363  	// A structure containing details about the policy version.
 25364  	PolicyVersion *PolicyVersion `type:"structure"`
 25365  }
 25366  
 25367  // String returns the string representation.
 25368  //
 25369  // API parameter values that are decorated as "sensitive" in the API will not
 25370  // be included in the string output. The member name will be present, but the
 25371  // value will be replaced with "sensitive".
 25372  func (s GetPolicyVersionOutput) String() string {
 25373  	return awsutil.Prettify(s)
 25374  }
 25375  
 25376  // GoString returns the string representation.
 25377  //
 25378  // API parameter values that are decorated as "sensitive" in the API will not
 25379  // be included in the string output. The member name will be present, but the
 25380  // value will be replaced with "sensitive".
 25381  func (s GetPolicyVersionOutput) GoString() string {
 25382  	return s.String()
 25383  }
 25384  
 25385  // SetPolicyVersion sets the PolicyVersion field's value.
 25386  func (s *GetPolicyVersionOutput) SetPolicyVersion(v *PolicyVersion) *GetPolicyVersionOutput {
 25387  	s.PolicyVersion = v
 25388  	return s
 25389  }
 25390  
 25391  type GetRoleInput struct {
 25392  	_ struct{} `type:"structure"`
 25393  
 25394  	// The name of the IAM role to get information about.
 25395  	//
 25396  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 25397  	// a string of characters consisting of upper and lowercase alphanumeric characters
 25398  	// with no spaces. You can also include any of the following characters: _+=,.@-
 25399  	//
 25400  	// RoleName is a required field
 25401  	RoleName *string `min:"1" type:"string" required:"true"`
 25402  }
 25403  
 25404  // String returns the string representation.
 25405  //
 25406  // API parameter values that are decorated as "sensitive" in the API will not
 25407  // be included in the string output. The member name will be present, but the
 25408  // value will be replaced with "sensitive".
 25409  func (s GetRoleInput) String() string {
 25410  	return awsutil.Prettify(s)
 25411  }
 25412  
 25413  // GoString returns the string representation.
 25414  //
 25415  // API parameter values that are decorated as "sensitive" in the API will not
 25416  // be included in the string output. The member name will be present, but the
 25417  // value will be replaced with "sensitive".
 25418  func (s GetRoleInput) GoString() string {
 25419  	return s.String()
 25420  }
 25421  
 25422  // Validate inspects the fields of the type to determine if they are valid.
 25423  func (s *GetRoleInput) Validate() error {
 25424  	invalidParams := request.ErrInvalidParams{Context: "GetRoleInput"}
 25425  	if s.RoleName == nil {
 25426  		invalidParams.Add(request.NewErrParamRequired("RoleName"))
 25427  	}
 25428  	if s.RoleName != nil && len(*s.RoleName) < 1 {
 25429  		invalidParams.Add(request.NewErrParamMinLen("RoleName", 1))
 25430  	}
 25431  
 25432  	if invalidParams.Len() > 0 {
 25433  		return invalidParams
 25434  	}
 25435  	return nil
 25436  }
 25437  
 25438  // SetRoleName sets the RoleName field's value.
 25439  func (s *GetRoleInput) SetRoleName(v string) *GetRoleInput {
 25440  	s.RoleName = &v
 25441  	return s
 25442  }
 25443  
 25444  // Contains the response to a successful GetRole request.
 25445  type GetRoleOutput struct {
 25446  	_ struct{} `type:"structure"`
 25447  
 25448  	// A structure containing details about the IAM role.
 25449  	//
 25450  	// Role is a required field
 25451  	Role *Role `type:"structure" required:"true"`
 25452  }
 25453  
 25454  // String returns the string representation.
 25455  //
 25456  // API parameter values that are decorated as "sensitive" in the API will not
 25457  // be included in the string output. The member name will be present, but the
 25458  // value will be replaced with "sensitive".
 25459  func (s GetRoleOutput) String() string {
 25460  	return awsutil.Prettify(s)
 25461  }
 25462  
 25463  // GoString returns the string representation.
 25464  //
 25465  // API parameter values that are decorated as "sensitive" in the API will not
 25466  // be included in the string output. The member name will be present, but the
 25467  // value will be replaced with "sensitive".
 25468  func (s GetRoleOutput) GoString() string {
 25469  	return s.String()
 25470  }
 25471  
 25472  // SetRole sets the Role field's value.
 25473  func (s *GetRoleOutput) SetRole(v *Role) *GetRoleOutput {
 25474  	s.Role = v
 25475  	return s
 25476  }
 25477  
 25478  type GetRolePolicyInput struct {
 25479  	_ struct{} `type:"structure"`
 25480  
 25481  	// The name of the policy document to get.
 25482  	//
 25483  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 25484  	// a string of characters consisting of upper and lowercase alphanumeric characters
 25485  	// with no spaces. You can also include any of the following characters: _+=,.@-
 25486  	//
 25487  	// PolicyName is a required field
 25488  	PolicyName *string `min:"1" type:"string" required:"true"`
 25489  
 25490  	// The name of the role associated with the policy.
 25491  	//
 25492  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 25493  	// a string of characters consisting of upper and lowercase alphanumeric characters
 25494  	// with no spaces. You can also include any of the following characters: _+=,.@-
 25495  	//
 25496  	// RoleName is a required field
 25497  	RoleName *string `min:"1" type:"string" required:"true"`
 25498  }
 25499  
 25500  // String returns the string representation.
 25501  //
 25502  // API parameter values that are decorated as "sensitive" in the API will not
 25503  // be included in the string output. The member name will be present, but the
 25504  // value will be replaced with "sensitive".
 25505  func (s GetRolePolicyInput) String() string {
 25506  	return awsutil.Prettify(s)
 25507  }
 25508  
 25509  // GoString returns the string representation.
 25510  //
 25511  // API parameter values that are decorated as "sensitive" in the API will not
 25512  // be included in the string output. The member name will be present, but the
 25513  // value will be replaced with "sensitive".
 25514  func (s GetRolePolicyInput) GoString() string {
 25515  	return s.String()
 25516  }
 25517  
 25518  // Validate inspects the fields of the type to determine if they are valid.
 25519  func (s *GetRolePolicyInput) Validate() error {
 25520  	invalidParams := request.ErrInvalidParams{Context: "GetRolePolicyInput"}
 25521  	if s.PolicyName == nil {
 25522  		invalidParams.Add(request.NewErrParamRequired("PolicyName"))
 25523  	}
 25524  	if s.PolicyName != nil && len(*s.PolicyName) < 1 {
 25525  		invalidParams.Add(request.NewErrParamMinLen("PolicyName", 1))
 25526  	}
 25527  	if s.RoleName == nil {
 25528  		invalidParams.Add(request.NewErrParamRequired("RoleName"))
 25529  	}
 25530  	if s.RoleName != nil && len(*s.RoleName) < 1 {
 25531  		invalidParams.Add(request.NewErrParamMinLen("RoleName", 1))
 25532  	}
 25533  
 25534  	if invalidParams.Len() > 0 {
 25535  		return invalidParams
 25536  	}
 25537  	return nil
 25538  }
 25539  
 25540  // SetPolicyName sets the PolicyName field's value.
 25541  func (s *GetRolePolicyInput) SetPolicyName(v string) *GetRolePolicyInput {
 25542  	s.PolicyName = &v
 25543  	return s
 25544  }
 25545  
 25546  // SetRoleName sets the RoleName field's value.
 25547  func (s *GetRolePolicyInput) SetRoleName(v string) *GetRolePolicyInput {
 25548  	s.RoleName = &v
 25549  	return s
 25550  }
 25551  
 25552  // Contains the response to a successful GetRolePolicy request.
 25553  type GetRolePolicyOutput struct {
 25554  	_ struct{} `type:"structure"`
 25555  
 25556  	// The policy document.
 25557  	//
 25558  	// IAM stores policies in JSON format. However, resources that were created
 25559  	// using CloudFormation templates can be formatted in YAML. CloudFormation always
 25560  	// converts a YAML policy to JSON format before submitting it to IAM.
 25561  	//
 25562  	// PolicyDocument is a required field
 25563  	PolicyDocument *string `min:"1" type:"string" required:"true"`
 25564  
 25565  	// The name of the policy.
 25566  	//
 25567  	// PolicyName is a required field
 25568  	PolicyName *string `min:"1" type:"string" required:"true"`
 25569  
 25570  	// The role the policy is associated with.
 25571  	//
 25572  	// RoleName is a required field
 25573  	RoleName *string `min:"1" type:"string" required:"true"`
 25574  }
 25575  
 25576  // String returns the string representation.
 25577  //
 25578  // API parameter values that are decorated as "sensitive" in the API will not
 25579  // be included in the string output. The member name will be present, but the
 25580  // value will be replaced with "sensitive".
 25581  func (s GetRolePolicyOutput) String() string {
 25582  	return awsutil.Prettify(s)
 25583  }
 25584  
 25585  // GoString returns the string representation.
 25586  //
 25587  // API parameter values that are decorated as "sensitive" in the API will not
 25588  // be included in the string output. The member name will be present, but the
 25589  // value will be replaced with "sensitive".
 25590  func (s GetRolePolicyOutput) GoString() string {
 25591  	return s.String()
 25592  }
 25593  
 25594  // SetPolicyDocument sets the PolicyDocument field's value.
 25595  func (s *GetRolePolicyOutput) SetPolicyDocument(v string) *GetRolePolicyOutput {
 25596  	s.PolicyDocument = &v
 25597  	return s
 25598  }
 25599  
 25600  // SetPolicyName sets the PolicyName field's value.
 25601  func (s *GetRolePolicyOutput) SetPolicyName(v string) *GetRolePolicyOutput {
 25602  	s.PolicyName = &v
 25603  	return s
 25604  }
 25605  
 25606  // SetRoleName sets the RoleName field's value.
 25607  func (s *GetRolePolicyOutput) SetRoleName(v string) *GetRolePolicyOutput {
 25608  	s.RoleName = &v
 25609  	return s
 25610  }
 25611  
 25612  type GetSAMLProviderInput struct {
 25613  	_ struct{} `type:"structure"`
 25614  
 25615  	// The Amazon Resource Name (ARN) of the SAML provider resource object in IAM
 25616  	// to get information about.
 25617  	//
 25618  	// For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
 25619  	// in the Amazon Web Services General Reference.
 25620  	//
 25621  	// SAMLProviderArn is a required field
 25622  	SAMLProviderArn *string `min:"20" type:"string" required:"true"`
 25623  }
 25624  
 25625  // String returns the string representation.
 25626  //
 25627  // API parameter values that are decorated as "sensitive" in the API will not
 25628  // be included in the string output. The member name will be present, but the
 25629  // value will be replaced with "sensitive".
 25630  func (s GetSAMLProviderInput) String() string {
 25631  	return awsutil.Prettify(s)
 25632  }
 25633  
 25634  // GoString returns the string representation.
 25635  //
 25636  // API parameter values that are decorated as "sensitive" in the API will not
 25637  // be included in the string output. The member name will be present, but the
 25638  // value will be replaced with "sensitive".
 25639  func (s GetSAMLProviderInput) GoString() string {
 25640  	return s.String()
 25641  }
 25642  
 25643  // Validate inspects the fields of the type to determine if they are valid.
 25644  func (s *GetSAMLProviderInput) Validate() error {
 25645  	invalidParams := request.ErrInvalidParams{Context: "GetSAMLProviderInput"}
 25646  	if s.SAMLProviderArn == nil {
 25647  		invalidParams.Add(request.NewErrParamRequired("SAMLProviderArn"))
 25648  	}
 25649  	if s.SAMLProviderArn != nil && len(*s.SAMLProviderArn) < 20 {
 25650  		invalidParams.Add(request.NewErrParamMinLen("SAMLProviderArn", 20))
 25651  	}
 25652  
 25653  	if invalidParams.Len() > 0 {
 25654  		return invalidParams
 25655  	}
 25656  	return nil
 25657  }
 25658  
 25659  // SetSAMLProviderArn sets the SAMLProviderArn field's value.
 25660  func (s *GetSAMLProviderInput) SetSAMLProviderArn(v string) *GetSAMLProviderInput {
 25661  	s.SAMLProviderArn = &v
 25662  	return s
 25663  }
 25664  
 25665  // Contains the response to a successful GetSAMLProvider request.
 25666  type GetSAMLProviderOutput struct {
 25667  	_ struct{} `type:"structure"`
 25668  
 25669  	// The date and time when the SAML provider was created.
 25670  	CreateDate *time.Time `type:"timestamp"`
 25671  
 25672  	// The XML metadata document that includes information about an identity provider.
 25673  	SAMLMetadataDocument *string `min:"1000" type:"string"`
 25674  
 25675  	// A list of tags that are attached to the specified IAM SAML provider. The
 25676  	// returned list of tags is sorted by tag key. For more information about tagging,
 25677  	// see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
 25678  	// in the IAM User Guide.
 25679  	Tags []*Tag `type:"list"`
 25680  
 25681  	// The expiration date and time for the SAML provider.
 25682  	ValidUntil *time.Time `type:"timestamp"`
 25683  }
 25684  
 25685  // String returns the string representation.
 25686  //
 25687  // API parameter values that are decorated as "sensitive" in the API will not
 25688  // be included in the string output. The member name will be present, but the
 25689  // value will be replaced with "sensitive".
 25690  func (s GetSAMLProviderOutput) String() string {
 25691  	return awsutil.Prettify(s)
 25692  }
 25693  
 25694  // GoString returns the string representation.
 25695  //
 25696  // API parameter values that are decorated as "sensitive" in the API will not
 25697  // be included in the string output. The member name will be present, but the
 25698  // value will be replaced with "sensitive".
 25699  func (s GetSAMLProviderOutput) GoString() string {
 25700  	return s.String()
 25701  }
 25702  
 25703  // SetCreateDate sets the CreateDate field's value.
 25704  func (s *GetSAMLProviderOutput) SetCreateDate(v time.Time) *GetSAMLProviderOutput {
 25705  	s.CreateDate = &v
 25706  	return s
 25707  }
 25708  
 25709  // SetSAMLMetadataDocument sets the SAMLMetadataDocument field's value.
 25710  func (s *GetSAMLProviderOutput) SetSAMLMetadataDocument(v string) *GetSAMLProviderOutput {
 25711  	s.SAMLMetadataDocument = &v
 25712  	return s
 25713  }
 25714  
 25715  // SetTags sets the Tags field's value.
 25716  func (s *GetSAMLProviderOutput) SetTags(v []*Tag) *GetSAMLProviderOutput {
 25717  	s.Tags = v
 25718  	return s
 25719  }
 25720  
 25721  // SetValidUntil sets the ValidUntil field's value.
 25722  func (s *GetSAMLProviderOutput) SetValidUntil(v time.Time) *GetSAMLProviderOutput {
 25723  	s.ValidUntil = &v
 25724  	return s
 25725  }
 25726  
 25727  type GetSSHPublicKeyInput struct {
 25728  	_ struct{} `type:"structure"`
 25729  
 25730  	// Specifies the public key encoding format to use in the response. To retrieve
 25731  	// the public key in ssh-rsa format, use SSH. To retrieve the public key in
 25732  	// PEM format, use PEM.
 25733  	//
 25734  	// Encoding is a required field
 25735  	Encoding *string `type:"string" required:"true" enum:"EncodingType"`
 25736  
 25737  	// The unique identifier for the SSH public key.
 25738  	//
 25739  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 25740  	// a string of characters that can consist of any upper or lowercased letter
 25741  	// or digit.
 25742  	//
 25743  	// SSHPublicKeyId is a required field
 25744  	SSHPublicKeyId *string `min:"20" type:"string" required:"true"`
 25745  
 25746  	// The name of the IAM user associated with the SSH public key.
 25747  	//
 25748  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 25749  	// a string of characters consisting of upper and lowercase alphanumeric characters
 25750  	// with no spaces. You can also include any of the following characters: _+=,.@-
 25751  	//
 25752  	// UserName is a required field
 25753  	UserName *string `min:"1" type:"string" required:"true"`
 25754  }
 25755  
 25756  // String returns the string representation.
 25757  //
 25758  // API parameter values that are decorated as "sensitive" in the API will not
 25759  // be included in the string output. The member name will be present, but the
 25760  // value will be replaced with "sensitive".
 25761  func (s GetSSHPublicKeyInput) String() string {
 25762  	return awsutil.Prettify(s)
 25763  }
 25764  
 25765  // GoString returns the string representation.
 25766  //
 25767  // API parameter values that are decorated as "sensitive" in the API will not
 25768  // be included in the string output. The member name will be present, but the
 25769  // value will be replaced with "sensitive".
 25770  func (s GetSSHPublicKeyInput) GoString() string {
 25771  	return s.String()
 25772  }
 25773  
 25774  // Validate inspects the fields of the type to determine if they are valid.
 25775  func (s *GetSSHPublicKeyInput) Validate() error {
 25776  	invalidParams := request.ErrInvalidParams{Context: "GetSSHPublicKeyInput"}
 25777  	if s.Encoding == nil {
 25778  		invalidParams.Add(request.NewErrParamRequired("Encoding"))
 25779  	}
 25780  	if s.SSHPublicKeyId == nil {
 25781  		invalidParams.Add(request.NewErrParamRequired("SSHPublicKeyId"))
 25782  	}
 25783  	if s.SSHPublicKeyId != nil && len(*s.SSHPublicKeyId) < 20 {
 25784  		invalidParams.Add(request.NewErrParamMinLen("SSHPublicKeyId", 20))
 25785  	}
 25786  	if s.UserName == nil {
 25787  		invalidParams.Add(request.NewErrParamRequired("UserName"))
 25788  	}
 25789  	if s.UserName != nil && len(*s.UserName) < 1 {
 25790  		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
 25791  	}
 25792  
 25793  	if invalidParams.Len() > 0 {
 25794  		return invalidParams
 25795  	}
 25796  	return nil
 25797  }
 25798  
 25799  // SetEncoding sets the Encoding field's value.
 25800  func (s *GetSSHPublicKeyInput) SetEncoding(v string) *GetSSHPublicKeyInput {
 25801  	s.Encoding = &v
 25802  	return s
 25803  }
 25804  
 25805  // SetSSHPublicKeyId sets the SSHPublicKeyId field's value.
 25806  func (s *GetSSHPublicKeyInput) SetSSHPublicKeyId(v string) *GetSSHPublicKeyInput {
 25807  	s.SSHPublicKeyId = &v
 25808  	return s
 25809  }
 25810  
 25811  // SetUserName sets the UserName field's value.
 25812  func (s *GetSSHPublicKeyInput) SetUserName(v string) *GetSSHPublicKeyInput {
 25813  	s.UserName = &v
 25814  	return s
 25815  }
 25816  
 25817  // Contains the response to a successful GetSSHPublicKey request.
 25818  type GetSSHPublicKeyOutput struct {
 25819  	_ struct{} `type:"structure"`
 25820  
 25821  	// A structure containing details about the SSH public key.
 25822  	SSHPublicKey *SSHPublicKey `type:"structure"`
 25823  }
 25824  
 25825  // String returns the string representation.
 25826  //
 25827  // API parameter values that are decorated as "sensitive" in the API will not
 25828  // be included in the string output. The member name will be present, but the
 25829  // value will be replaced with "sensitive".
 25830  func (s GetSSHPublicKeyOutput) String() string {
 25831  	return awsutil.Prettify(s)
 25832  }
 25833  
 25834  // GoString returns the string representation.
 25835  //
 25836  // API parameter values that are decorated as "sensitive" in the API will not
 25837  // be included in the string output. The member name will be present, but the
 25838  // value will be replaced with "sensitive".
 25839  func (s GetSSHPublicKeyOutput) GoString() string {
 25840  	return s.String()
 25841  }
 25842  
 25843  // SetSSHPublicKey sets the SSHPublicKey field's value.
 25844  func (s *GetSSHPublicKeyOutput) SetSSHPublicKey(v *SSHPublicKey) *GetSSHPublicKeyOutput {
 25845  	s.SSHPublicKey = v
 25846  	return s
 25847  }
 25848  
 25849  type GetServerCertificateInput struct {
 25850  	_ struct{} `type:"structure"`
 25851  
 25852  	// The name of the server certificate you want to retrieve information about.
 25853  	//
 25854  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 25855  	// a string of characters consisting of upper and lowercase alphanumeric characters
 25856  	// with no spaces. You can also include any of the following characters: _+=,.@-
 25857  	//
 25858  	// ServerCertificateName is a required field
 25859  	ServerCertificateName *string `min:"1" type:"string" required:"true"`
 25860  }
 25861  
 25862  // String returns the string representation.
 25863  //
 25864  // API parameter values that are decorated as "sensitive" in the API will not
 25865  // be included in the string output. The member name will be present, but the
 25866  // value will be replaced with "sensitive".
 25867  func (s GetServerCertificateInput) String() string {
 25868  	return awsutil.Prettify(s)
 25869  }
 25870  
 25871  // GoString returns the string representation.
 25872  //
 25873  // API parameter values that are decorated as "sensitive" in the API will not
 25874  // be included in the string output. The member name will be present, but the
 25875  // value will be replaced with "sensitive".
 25876  func (s GetServerCertificateInput) GoString() string {
 25877  	return s.String()
 25878  }
 25879  
 25880  // Validate inspects the fields of the type to determine if they are valid.
 25881  func (s *GetServerCertificateInput) Validate() error {
 25882  	invalidParams := request.ErrInvalidParams{Context: "GetServerCertificateInput"}
 25883  	if s.ServerCertificateName == nil {
 25884  		invalidParams.Add(request.NewErrParamRequired("ServerCertificateName"))
 25885  	}
 25886  	if s.ServerCertificateName != nil && len(*s.ServerCertificateName) < 1 {
 25887  		invalidParams.Add(request.NewErrParamMinLen("ServerCertificateName", 1))
 25888  	}
 25889  
 25890  	if invalidParams.Len() > 0 {
 25891  		return invalidParams
 25892  	}
 25893  	return nil
 25894  }
 25895  
 25896  // SetServerCertificateName sets the ServerCertificateName field's value.
 25897  func (s *GetServerCertificateInput) SetServerCertificateName(v string) *GetServerCertificateInput {
 25898  	s.ServerCertificateName = &v
 25899  	return s
 25900  }
 25901  
 25902  // Contains the response to a successful GetServerCertificate request.
 25903  type GetServerCertificateOutput struct {
 25904  	_ struct{} `type:"structure"`
 25905  
 25906  	// A structure containing details about the server certificate.
 25907  	//
 25908  	// ServerCertificate is a required field
 25909  	ServerCertificate *ServerCertificate `type:"structure" required:"true"`
 25910  }
 25911  
 25912  // String returns the string representation.
 25913  //
 25914  // API parameter values that are decorated as "sensitive" in the API will not
 25915  // be included in the string output. The member name will be present, but the
 25916  // value will be replaced with "sensitive".
 25917  func (s GetServerCertificateOutput) String() string {
 25918  	return awsutil.Prettify(s)
 25919  }
 25920  
 25921  // GoString returns the string representation.
 25922  //
 25923  // API parameter values that are decorated as "sensitive" in the API will not
 25924  // be included in the string output. The member name will be present, but the
 25925  // value will be replaced with "sensitive".
 25926  func (s GetServerCertificateOutput) GoString() string {
 25927  	return s.String()
 25928  }
 25929  
 25930  // SetServerCertificate sets the ServerCertificate field's value.
 25931  func (s *GetServerCertificateOutput) SetServerCertificate(v *ServerCertificate) *GetServerCertificateOutput {
 25932  	s.ServerCertificate = v
 25933  	return s
 25934  }
 25935  
 25936  type GetServiceLastAccessedDetailsInput struct {
 25937  	_ struct{} `type:"structure"`
 25938  
 25939  	// The ID of the request generated by the GenerateServiceLastAccessedDetails
 25940  	// operation. The JobId returned by GenerateServiceLastAccessedDetail must be
 25941  	// used by the same role within a session, or by the same user when used to
 25942  	// call GetServiceLastAccessedDetail.
 25943  	//
 25944  	// JobId is a required field
 25945  	JobId *string `min:"36" type:"string" required:"true"`
 25946  
 25947  	// Use this parameter only when paginating results and only after you receive
 25948  	// a response indicating that the results are truncated. Set it to the value
 25949  	// of the Marker element in the response that you received to indicate where
 25950  	// the next call should start.
 25951  	Marker *string `min:"1" type:"string"`
 25952  
 25953  	// Use this only when paginating results to indicate the maximum number of items
 25954  	// you want in the response. If additional items exist beyond the maximum you
 25955  	// specify, the IsTruncated response element is true.
 25956  	//
 25957  	// If you do not include this parameter, the number of items defaults to 100.
 25958  	// Note that IAM might return fewer results, even when there are more results
 25959  	// available. In that case, the IsTruncated response element returns true, and
 25960  	// Marker contains a value to include in the subsequent call that tells the
 25961  	// service where to continue from.
 25962  	MaxItems *int64 `min:"1" type:"integer"`
 25963  }
 25964  
 25965  // String returns the string representation.
 25966  //
 25967  // API parameter values that are decorated as "sensitive" in the API will not
 25968  // be included in the string output. The member name will be present, but the
 25969  // value will be replaced with "sensitive".
 25970  func (s GetServiceLastAccessedDetailsInput) String() string {
 25971  	return awsutil.Prettify(s)
 25972  }
 25973  
 25974  // GoString returns the string representation.
 25975  //
 25976  // API parameter values that are decorated as "sensitive" in the API will not
 25977  // be included in the string output. The member name will be present, but the
 25978  // value will be replaced with "sensitive".
 25979  func (s GetServiceLastAccessedDetailsInput) GoString() string {
 25980  	return s.String()
 25981  }
 25982  
 25983  // Validate inspects the fields of the type to determine if they are valid.
 25984  func (s *GetServiceLastAccessedDetailsInput) Validate() error {
 25985  	invalidParams := request.ErrInvalidParams{Context: "GetServiceLastAccessedDetailsInput"}
 25986  	if s.JobId == nil {
 25987  		invalidParams.Add(request.NewErrParamRequired("JobId"))
 25988  	}
 25989  	if s.JobId != nil && len(*s.JobId) < 36 {
 25990  		invalidParams.Add(request.NewErrParamMinLen("JobId", 36))
 25991  	}
 25992  	if s.Marker != nil && len(*s.Marker) < 1 {
 25993  		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
 25994  	}
 25995  	if s.MaxItems != nil && *s.MaxItems < 1 {
 25996  		invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1))
 25997  	}
 25998  
 25999  	if invalidParams.Len() > 0 {
 26000  		return invalidParams
 26001  	}
 26002  	return nil
 26003  }
 26004  
 26005  // SetJobId sets the JobId field's value.
 26006  func (s *GetServiceLastAccessedDetailsInput) SetJobId(v string) *GetServiceLastAccessedDetailsInput {
 26007  	s.JobId = &v
 26008  	return s
 26009  }
 26010  
 26011  // SetMarker sets the Marker field's value.
 26012  func (s *GetServiceLastAccessedDetailsInput) SetMarker(v string) *GetServiceLastAccessedDetailsInput {
 26013  	s.Marker = &v
 26014  	return s
 26015  }
 26016  
 26017  // SetMaxItems sets the MaxItems field's value.
 26018  func (s *GetServiceLastAccessedDetailsInput) SetMaxItems(v int64) *GetServiceLastAccessedDetailsInput {
 26019  	s.MaxItems = &v
 26020  	return s
 26021  }
 26022  
 26023  type GetServiceLastAccessedDetailsOutput struct {
 26024  	_ struct{} `type:"structure"`
 26025  
 26026  	// An object that contains details about the reason the operation failed.
 26027  	Error *ErrorDetails `type:"structure"`
 26028  
 26029  	// A flag that indicates whether there are more items to return. If your results
 26030  	// were truncated, you can make a subsequent pagination request using the Marker
 26031  	// request parameter to retrieve more items. Note that IAM might return fewer
 26032  	// than the MaxItems number of results even when there are more results available.
 26033  	// We recommend that you check IsTruncated after every call to ensure that you
 26034  	// receive all your results.
 26035  	IsTruncated *bool `type:"boolean"`
 26036  
 26037  	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
 26038  	// when the generated report job was completed or failed.
 26039  	//
 26040  	// This field is null if the job is still in progress, as indicated by a job
 26041  	// status value of IN_PROGRESS.
 26042  	//
 26043  	// JobCompletionDate is a required field
 26044  	JobCompletionDate *time.Time `type:"timestamp" required:"true"`
 26045  
 26046  	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
 26047  	// when the report job was created.
 26048  	//
 26049  	// JobCreationDate is a required field
 26050  	JobCreationDate *time.Time `type:"timestamp" required:"true"`
 26051  
 26052  	// The status of the job.
 26053  	//
 26054  	// JobStatus is a required field
 26055  	JobStatus *string `type:"string" required:"true" enum:"JobStatusType"`
 26056  
 26057  	// The type of job. Service jobs return information about when each service
 26058  	// was last accessed. Action jobs also include information about when tracked
 26059  	// actions within the service were last accessed.
 26060  	JobType *string `type:"string" enum:"AccessAdvisorUsageGranularityType"`
 26061  
 26062  	// When IsTruncated is true, this element is present and contains the value
 26063  	// to use for the Marker parameter in a subsequent pagination request.
 26064  	Marker *string `type:"string"`
 26065  
 26066  	// A ServiceLastAccessed object that contains details about the most recent
 26067  	// attempt to access the service.
 26068  	//
 26069  	// ServicesLastAccessed is a required field
 26070  	ServicesLastAccessed []*ServiceLastAccessed `type:"list" required:"true"`
 26071  }
 26072  
 26073  // String returns the string representation.
 26074  //
 26075  // API parameter values that are decorated as "sensitive" in the API will not
 26076  // be included in the string output. The member name will be present, but the
 26077  // value will be replaced with "sensitive".
 26078  func (s GetServiceLastAccessedDetailsOutput) String() string {
 26079  	return awsutil.Prettify(s)
 26080  }
 26081  
 26082  // GoString returns the string representation.
 26083  //
 26084  // API parameter values that are decorated as "sensitive" in the API will not
 26085  // be included in the string output. The member name will be present, but the
 26086  // value will be replaced with "sensitive".
 26087  func (s GetServiceLastAccessedDetailsOutput) GoString() string {
 26088  	return s.String()
 26089  }
 26090  
 26091  // SetError sets the Error field's value.
 26092  func (s *GetServiceLastAccessedDetailsOutput) SetError(v *ErrorDetails) *GetServiceLastAccessedDetailsOutput {
 26093  	s.Error = v
 26094  	return s
 26095  }
 26096  
 26097  // SetIsTruncated sets the IsTruncated field's value.
 26098  func (s *GetServiceLastAccessedDetailsOutput) SetIsTruncated(v bool) *GetServiceLastAccessedDetailsOutput {
 26099  	s.IsTruncated = &v
 26100  	return s
 26101  }
 26102  
 26103  // SetJobCompletionDate sets the JobCompletionDate field's value.
 26104  func (s *GetServiceLastAccessedDetailsOutput) SetJobCompletionDate(v time.Time) *GetServiceLastAccessedDetailsOutput {
 26105  	s.JobCompletionDate = &v
 26106  	return s
 26107  }
 26108  
 26109  // SetJobCreationDate sets the JobCreationDate field's value.
 26110  func (s *GetServiceLastAccessedDetailsOutput) SetJobCreationDate(v time.Time) *GetServiceLastAccessedDetailsOutput {
 26111  	s.JobCreationDate = &v
 26112  	return s
 26113  }
 26114  
 26115  // SetJobStatus sets the JobStatus field's value.
 26116  func (s *GetServiceLastAccessedDetailsOutput) SetJobStatus(v string) *GetServiceLastAccessedDetailsOutput {
 26117  	s.JobStatus = &v
 26118  	return s
 26119  }
 26120  
 26121  // SetJobType sets the JobType field's value.
 26122  func (s *GetServiceLastAccessedDetailsOutput) SetJobType(v string) *GetServiceLastAccessedDetailsOutput {
 26123  	s.JobType = &v
 26124  	return s
 26125  }
 26126  
 26127  // SetMarker sets the Marker field's value.
 26128  func (s *GetServiceLastAccessedDetailsOutput) SetMarker(v string) *GetServiceLastAccessedDetailsOutput {
 26129  	s.Marker = &v
 26130  	return s
 26131  }
 26132  
 26133  // SetServicesLastAccessed sets the ServicesLastAccessed field's value.
 26134  func (s *GetServiceLastAccessedDetailsOutput) SetServicesLastAccessed(v []*ServiceLastAccessed) *GetServiceLastAccessedDetailsOutput {
 26135  	s.ServicesLastAccessed = v
 26136  	return s
 26137  }
 26138  
 26139  type GetServiceLastAccessedDetailsWithEntitiesInput struct {
 26140  	_ struct{} `type:"structure"`
 26141  
 26142  	// The ID of the request generated by the GenerateServiceLastAccessedDetails
 26143  	// operation.
 26144  	//
 26145  	// JobId is a required field
 26146  	JobId *string `min:"36" type:"string" required:"true"`
 26147  
 26148  	// Use this parameter only when paginating results and only after you receive
 26149  	// a response indicating that the results are truncated. Set it to the value
 26150  	// of the Marker element in the response that you received to indicate where
 26151  	// the next call should start.
 26152  	Marker *string `min:"1" type:"string"`
 26153  
 26154  	// Use this only when paginating results to indicate the maximum number of items
 26155  	// you want in the response. If additional items exist beyond the maximum you
 26156  	// specify, the IsTruncated response element is true.
 26157  	//
 26158  	// If you do not include this parameter, the number of items defaults to 100.
 26159  	// Note that IAM might return fewer results, even when there are more results
 26160  	// available. In that case, the IsTruncated response element returns true, and
 26161  	// Marker contains a value to include in the subsequent call that tells the
 26162  	// service where to continue from.
 26163  	MaxItems *int64 `min:"1" type:"integer"`
 26164  
 26165  	// The service namespace for an Amazon Web Services service. Provide the service
 26166  	// namespace to learn when the IAM entity last attempted to access the specified
 26167  	// service.
 26168  	//
 26169  	// To learn the service namespace for a service, see Actions, resources, and
 26170  	// condition keys for Amazon Web Services services (https://docs.aws.amazon.com/service-authorization/latest/reference/reference_policies_actions-resources-contextkeys.html)
 26171  	// in the IAM User Guide. Choose the name of the service to view details for
 26172  	// that service. In the first paragraph, find the service prefix. For example,
 26173  	// (service prefix: a4b). For more information about service namespaces, see
 26174  	// Amazon Web Services service namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html#genref-aws-service-namespaces)
 26175  	// in the Amazon Web Services General Reference.
 26176  	//
 26177  	// ServiceNamespace is a required field
 26178  	ServiceNamespace *string `min:"1" type:"string" required:"true"`
 26179  }
 26180  
 26181  // String returns the string representation.
 26182  //
 26183  // API parameter values that are decorated as "sensitive" in the API will not
 26184  // be included in the string output. The member name will be present, but the
 26185  // value will be replaced with "sensitive".
 26186  func (s GetServiceLastAccessedDetailsWithEntitiesInput) String() string {
 26187  	return awsutil.Prettify(s)
 26188  }
 26189  
 26190  // GoString returns the string representation.
 26191  //
 26192  // API parameter values that are decorated as "sensitive" in the API will not
 26193  // be included in the string output. The member name will be present, but the
 26194  // value will be replaced with "sensitive".
 26195  func (s GetServiceLastAccessedDetailsWithEntitiesInput) GoString() string {
 26196  	return s.String()
 26197  }
 26198  
 26199  // Validate inspects the fields of the type to determine if they are valid.
 26200  func (s *GetServiceLastAccessedDetailsWithEntitiesInput) Validate() error {
 26201  	invalidParams := request.ErrInvalidParams{Context: "GetServiceLastAccessedDetailsWithEntitiesInput"}
 26202  	if s.JobId == nil {
 26203  		invalidParams.Add(request.NewErrParamRequired("JobId"))
 26204  	}
 26205  	if s.JobId != nil && len(*s.JobId) < 36 {
 26206  		invalidParams.Add(request.NewErrParamMinLen("JobId", 36))
 26207  	}
 26208  	if s.Marker != nil && len(*s.Marker) < 1 {
 26209  		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
 26210  	}
 26211  	if s.MaxItems != nil && *s.MaxItems < 1 {
 26212  		invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1))
 26213  	}
 26214  	if s.ServiceNamespace == nil {
 26215  		invalidParams.Add(request.NewErrParamRequired("ServiceNamespace"))
 26216  	}
 26217  	if s.ServiceNamespace != nil && len(*s.ServiceNamespace) < 1 {
 26218  		invalidParams.Add(request.NewErrParamMinLen("ServiceNamespace", 1))
 26219  	}
 26220  
 26221  	if invalidParams.Len() > 0 {
 26222  		return invalidParams
 26223  	}
 26224  	return nil
 26225  }
 26226  
 26227  // SetJobId sets the JobId field's value.
 26228  func (s *GetServiceLastAccessedDetailsWithEntitiesInput) SetJobId(v string) *GetServiceLastAccessedDetailsWithEntitiesInput {
 26229  	s.JobId = &v
 26230  	return s
 26231  }
 26232  
 26233  // SetMarker sets the Marker field's value.
 26234  func (s *GetServiceLastAccessedDetailsWithEntitiesInput) SetMarker(v string) *GetServiceLastAccessedDetailsWithEntitiesInput {
 26235  	s.Marker = &v
 26236  	return s
 26237  }
 26238  
 26239  // SetMaxItems sets the MaxItems field's value.
 26240  func (s *GetServiceLastAccessedDetailsWithEntitiesInput) SetMaxItems(v int64) *GetServiceLastAccessedDetailsWithEntitiesInput {
 26241  	s.MaxItems = &v
 26242  	return s
 26243  }
 26244  
 26245  // SetServiceNamespace sets the ServiceNamespace field's value.
 26246  func (s *GetServiceLastAccessedDetailsWithEntitiesInput) SetServiceNamespace(v string) *GetServiceLastAccessedDetailsWithEntitiesInput {
 26247  	s.ServiceNamespace = &v
 26248  	return s
 26249  }
 26250  
 26251  type GetServiceLastAccessedDetailsWithEntitiesOutput struct {
 26252  	_ struct{} `type:"structure"`
 26253  
 26254  	// An EntityDetailsList object that contains details about when an IAM entity
 26255  	// (user or role) used group or policy permissions in an attempt to access the
 26256  	// specified Amazon Web Services service.
 26257  	//
 26258  	// EntityDetailsList is a required field
 26259  	EntityDetailsList []*EntityDetails `type:"list" required:"true"`
 26260  
 26261  	// An object that contains details about the reason the operation failed.
 26262  	Error *ErrorDetails `type:"structure"`
 26263  
 26264  	// A flag that indicates whether there are more items to return. If your results
 26265  	// were truncated, you can make a subsequent pagination request using the Marker
 26266  	// request parameter to retrieve more items. Note that IAM might return fewer
 26267  	// than the MaxItems number of results even when there are more results available.
 26268  	// We recommend that you check IsTruncated after every call to ensure that you
 26269  	// receive all your results.
 26270  	IsTruncated *bool `type:"boolean"`
 26271  
 26272  	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
 26273  	// when the generated report job was completed or failed.
 26274  	//
 26275  	// This field is null if the job is still in progress, as indicated by a job
 26276  	// status value of IN_PROGRESS.
 26277  	//
 26278  	// JobCompletionDate is a required field
 26279  	JobCompletionDate *time.Time `type:"timestamp" required:"true"`
 26280  
 26281  	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
 26282  	// when the report job was created.
 26283  	//
 26284  	// JobCreationDate is a required field
 26285  	JobCreationDate *time.Time `type:"timestamp" required:"true"`
 26286  
 26287  	// The status of the job.
 26288  	//
 26289  	// JobStatus is a required field
 26290  	JobStatus *string `type:"string" required:"true" enum:"JobStatusType"`
 26291  
 26292  	// When IsTruncated is true, this element is present and contains the value
 26293  	// to use for the Marker parameter in a subsequent pagination request.
 26294  	Marker *string `type:"string"`
 26295  }
 26296  
 26297  // String returns the string representation.
 26298  //
 26299  // API parameter values that are decorated as "sensitive" in the API will not
 26300  // be included in the string output. The member name will be present, but the
 26301  // value will be replaced with "sensitive".
 26302  func (s GetServiceLastAccessedDetailsWithEntitiesOutput) String() string {
 26303  	return awsutil.Prettify(s)
 26304  }
 26305  
 26306  // GoString returns the string representation.
 26307  //
 26308  // API parameter values that are decorated as "sensitive" in the API will not
 26309  // be included in the string output. The member name will be present, but the
 26310  // value will be replaced with "sensitive".
 26311  func (s GetServiceLastAccessedDetailsWithEntitiesOutput) GoString() string {
 26312  	return s.String()
 26313  }
 26314  
 26315  // SetEntityDetailsList sets the EntityDetailsList field's value.
 26316  func (s *GetServiceLastAccessedDetailsWithEntitiesOutput) SetEntityDetailsList(v []*EntityDetails) *GetServiceLastAccessedDetailsWithEntitiesOutput {
 26317  	s.EntityDetailsList = v
 26318  	return s
 26319  }
 26320  
 26321  // SetError sets the Error field's value.
 26322  func (s *GetServiceLastAccessedDetailsWithEntitiesOutput) SetError(v *ErrorDetails) *GetServiceLastAccessedDetailsWithEntitiesOutput {
 26323  	s.Error = v
 26324  	return s
 26325  }
 26326  
 26327  // SetIsTruncated sets the IsTruncated field's value.
 26328  func (s *GetServiceLastAccessedDetailsWithEntitiesOutput) SetIsTruncated(v bool) *GetServiceLastAccessedDetailsWithEntitiesOutput {
 26329  	s.IsTruncated = &v
 26330  	return s
 26331  }
 26332  
 26333  // SetJobCompletionDate sets the JobCompletionDate field's value.
 26334  func (s *GetServiceLastAccessedDetailsWithEntitiesOutput) SetJobCompletionDate(v time.Time) *GetServiceLastAccessedDetailsWithEntitiesOutput {
 26335  	s.JobCompletionDate = &v
 26336  	return s
 26337  }
 26338  
 26339  // SetJobCreationDate sets the JobCreationDate field's value.
 26340  func (s *GetServiceLastAccessedDetailsWithEntitiesOutput) SetJobCreationDate(v time.Time) *GetServiceLastAccessedDetailsWithEntitiesOutput {
 26341  	s.JobCreationDate = &v
 26342  	return s
 26343  }
 26344  
 26345  // SetJobStatus sets the JobStatus field's value.
 26346  func (s *GetServiceLastAccessedDetailsWithEntitiesOutput) SetJobStatus(v string) *GetServiceLastAccessedDetailsWithEntitiesOutput {
 26347  	s.JobStatus = &v
 26348  	return s
 26349  }
 26350  
 26351  // SetMarker sets the Marker field's value.
 26352  func (s *GetServiceLastAccessedDetailsWithEntitiesOutput) SetMarker(v string) *GetServiceLastAccessedDetailsWithEntitiesOutput {
 26353  	s.Marker = &v
 26354  	return s
 26355  }
 26356  
 26357  type GetServiceLinkedRoleDeletionStatusInput struct {
 26358  	_ struct{} `type:"structure"`
 26359  
 26360  	// The deletion task identifier. This identifier is returned by the DeleteServiceLinkedRole
 26361  	// operation in the format task/aws-service-role/<service-principal-name>/<role-name>/<task-uuid>.
 26362  	//
 26363  	// DeletionTaskId is a required field
 26364  	DeletionTaskId *string `min:"1" type:"string" required:"true"`
 26365  }
 26366  
 26367  // String returns the string representation.
 26368  //
 26369  // API parameter values that are decorated as "sensitive" in the API will not
 26370  // be included in the string output. The member name will be present, but the
 26371  // value will be replaced with "sensitive".
 26372  func (s GetServiceLinkedRoleDeletionStatusInput) String() string {
 26373  	return awsutil.Prettify(s)
 26374  }
 26375  
 26376  // GoString returns the string representation.
 26377  //
 26378  // API parameter values that are decorated as "sensitive" in the API will not
 26379  // be included in the string output. The member name will be present, but the
 26380  // value will be replaced with "sensitive".
 26381  func (s GetServiceLinkedRoleDeletionStatusInput) GoString() string {
 26382  	return s.String()
 26383  }
 26384  
 26385  // Validate inspects the fields of the type to determine if they are valid.
 26386  func (s *GetServiceLinkedRoleDeletionStatusInput) Validate() error {
 26387  	invalidParams := request.ErrInvalidParams{Context: "GetServiceLinkedRoleDeletionStatusInput"}
 26388  	if s.DeletionTaskId == nil {
 26389  		invalidParams.Add(request.NewErrParamRequired("DeletionTaskId"))
 26390  	}
 26391  	if s.DeletionTaskId != nil && len(*s.DeletionTaskId) < 1 {
 26392  		invalidParams.Add(request.NewErrParamMinLen("DeletionTaskId", 1))
 26393  	}
 26394  
 26395  	if invalidParams.Len() > 0 {
 26396  		return invalidParams
 26397  	}
 26398  	return nil
 26399  }
 26400  
 26401  // SetDeletionTaskId sets the DeletionTaskId field's value.
 26402  func (s *GetServiceLinkedRoleDeletionStatusInput) SetDeletionTaskId(v string) *GetServiceLinkedRoleDeletionStatusInput {
 26403  	s.DeletionTaskId = &v
 26404  	return s
 26405  }
 26406  
 26407  type GetServiceLinkedRoleDeletionStatusOutput struct {
 26408  	_ struct{} `type:"structure"`
 26409  
 26410  	// An object that contains details about the reason the deletion failed.
 26411  	Reason *DeletionTaskFailureReasonType `type:"structure"`
 26412  
 26413  	// The status of the deletion.
 26414  	//
 26415  	// Status is a required field
 26416  	Status *string `type:"string" required:"true" enum:"DeletionTaskStatusType"`
 26417  }
 26418  
 26419  // String returns the string representation.
 26420  //
 26421  // API parameter values that are decorated as "sensitive" in the API will not
 26422  // be included in the string output. The member name will be present, but the
 26423  // value will be replaced with "sensitive".
 26424  func (s GetServiceLinkedRoleDeletionStatusOutput) String() string {
 26425  	return awsutil.Prettify(s)
 26426  }
 26427  
 26428  // GoString returns the string representation.
 26429  //
 26430  // API parameter values that are decorated as "sensitive" in the API will not
 26431  // be included in the string output. The member name will be present, but the
 26432  // value will be replaced with "sensitive".
 26433  func (s GetServiceLinkedRoleDeletionStatusOutput) GoString() string {
 26434  	return s.String()
 26435  }
 26436  
 26437  // SetReason sets the Reason field's value.
 26438  func (s *GetServiceLinkedRoleDeletionStatusOutput) SetReason(v *DeletionTaskFailureReasonType) *GetServiceLinkedRoleDeletionStatusOutput {
 26439  	s.Reason = v
 26440  	return s
 26441  }
 26442  
 26443  // SetStatus sets the Status field's value.
 26444  func (s *GetServiceLinkedRoleDeletionStatusOutput) SetStatus(v string) *GetServiceLinkedRoleDeletionStatusOutput {
 26445  	s.Status = &v
 26446  	return s
 26447  }
 26448  
 26449  type GetUserInput struct {
 26450  	_ struct{} `type:"structure"`
 26451  
 26452  	// The name of the user to get information about.
 26453  	//
 26454  	// This parameter is optional. If it is not included, it defaults to the user
 26455  	// making the request. This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 26456  	// a string of characters consisting of upper and lowercase alphanumeric characters
 26457  	// with no spaces. You can also include any of the following characters: _+=,.@-
 26458  	UserName *string `min:"1" type:"string"`
 26459  }
 26460  
 26461  // String returns the string representation.
 26462  //
 26463  // API parameter values that are decorated as "sensitive" in the API will not
 26464  // be included in the string output. The member name will be present, but the
 26465  // value will be replaced with "sensitive".
 26466  func (s GetUserInput) String() string {
 26467  	return awsutil.Prettify(s)
 26468  }
 26469  
 26470  // GoString returns the string representation.
 26471  //
 26472  // API parameter values that are decorated as "sensitive" in the API will not
 26473  // be included in the string output. The member name will be present, but the
 26474  // value will be replaced with "sensitive".
 26475  func (s GetUserInput) GoString() string {
 26476  	return s.String()
 26477  }
 26478  
 26479  // Validate inspects the fields of the type to determine if they are valid.
 26480  func (s *GetUserInput) Validate() error {
 26481  	invalidParams := request.ErrInvalidParams{Context: "GetUserInput"}
 26482  	if s.UserName != nil && len(*s.UserName) < 1 {
 26483  		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
 26484  	}
 26485  
 26486  	if invalidParams.Len() > 0 {
 26487  		return invalidParams
 26488  	}
 26489  	return nil
 26490  }
 26491  
 26492  // SetUserName sets the UserName field's value.
 26493  func (s *GetUserInput) SetUserName(v string) *GetUserInput {
 26494  	s.UserName = &v
 26495  	return s
 26496  }
 26497  
 26498  // Contains the response to a successful GetUser request.
 26499  type GetUserOutput struct {
 26500  	_ struct{} `type:"structure"`
 26501  
 26502  	// A structure containing details about the IAM user.
 26503  	//
 26504  	// Due to a service issue, password last used data does not include password
 26505  	// use from May 3, 2018 22:50 PDT to May 23, 2018 14:08 PDT. This affects last
 26506  	// sign-in (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_finding-unused.html)
 26507  	// dates shown in the IAM console and password last used dates in the IAM credential
 26508  	// report (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_getting-report.html),
 26509  	// and returned by this operation. If users signed in during the affected time,
 26510  	// the password last used date that is returned is the date the user last signed
 26511  	// in before May 3, 2018. For users that signed in after May 23, 2018 14:08
 26512  	// PDT, the returned password last used date is accurate.
 26513  	//
 26514  	// You can use password last used information to identify unused credentials
 26515  	// for deletion. For example, you might delete users who did not sign in to
 26516  	// Amazon Web Services in the last 90 days. In cases like this, we recommend
 26517  	// that you adjust your evaluation window to include dates after May 23, 2018.
 26518  	// Alternatively, if your users use access keys to access Amazon Web Services
 26519  	// programmatically you can refer to access key last used information because
 26520  	// it is accurate for all dates.
 26521  	//
 26522  	// User is a required field
 26523  	User *User `type:"structure" required:"true"`
 26524  }
 26525  
 26526  // String returns the string representation.
 26527  //
 26528  // API parameter values that are decorated as "sensitive" in the API will not
 26529  // be included in the string output. The member name will be present, but the
 26530  // value will be replaced with "sensitive".
 26531  func (s GetUserOutput) String() string {
 26532  	return awsutil.Prettify(s)
 26533  }
 26534  
 26535  // GoString returns the string representation.
 26536  //
 26537  // API parameter values that are decorated as "sensitive" in the API will not
 26538  // be included in the string output. The member name will be present, but the
 26539  // value will be replaced with "sensitive".
 26540  func (s GetUserOutput) GoString() string {
 26541  	return s.String()
 26542  }
 26543  
 26544  // SetUser sets the User field's value.
 26545  func (s *GetUserOutput) SetUser(v *User) *GetUserOutput {
 26546  	s.User = v
 26547  	return s
 26548  }
 26549  
 26550  type GetUserPolicyInput struct {
 26551  	_ struct{} `type:"structure"`
 26552  
 26553  	// The name of the policy document to get.
 26554  	//
 26555  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 26556  	// a string of characters consisting of upper and lowercase alphanumeric characters
 26557  	// with no spaces. You can also include any of the following characters: _+=,.@-
 26558  	//
 26559  	// PolicyName is a required field
 26560  	PolicyName *string `min:"1" type:"string" required:"true"`
 26561  
 26562  	// The name of the user who the policy is associated with.
 26563  	//
 26564  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 26565  	// a string of characters consisting of upper and lowercase alphanumeric characters
 26566  	// with no spaces. You can also include any of the following characters: _+=,.@-
 26567  	//
 26568  	// UserName is a required field
 26569  	UserName *string `min:"1" type:"string" required:"true"`
 26570  }
 26571  
 26572  // String returns the string representation.
 26573  //
 26574  // API parameter values that are decorated as "sensitive" in the API will not
 26575  // be included in the string output. The member name will be present, but the
 26576  // value will be replaced with "sensitive".
 26577  func (s GetUserPolicyInput) String() string {
 26578  	return awsutil.Prettify(s)
 26579  }
 26580  
 26581  // GoString returns the string representation.
 26582  //
 26583  // API parameter values that are decorated as "sensitive" in the API will not
 26584  // be included in the string output. The member name will be present, but the
 26585  // value will be replaced with "sensitive".
 26586  func (s GetUserPolicyInput) GoString() string {
 26587  	return s.String()
 26588  }
 26589  
 26590  // Validate inspects the fields of the type to determine if they are valid.
 26591  func (s *GetUserPolicyInput) Validate() error {
 26592  	invalidParams := request.ErrInvalidParams{Context: "GetUserPolicyInput"}
 26593  	if s.PolicyName == nil {
 26594  		invalidParams.Add(request.NewErrParamRequired("PolicyName"))
 26595  	}
 26596  	if s.PolicyName != nil && len(*s.PolicyName) < 1 {
 26597  		invalidParams.Add(request.NewErrParamMinLen("PolicyName", 1))
 26598  	}
 26599  	if s.UserName == nil {
 26600  		invalidParams.Add(request.NewErrParamRequired("UserName"))
 26601  	}
 26602  	if s.UserName != nil && len(*s.UserName) < 1 {
 26603  		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
 26604  	}
 26605  
 26606  	if invalidParams.Len() > 0 {
 26607  		return invalidParams
 26608  	}
 26609  	return nil
 26610  }
 26611  
 26612  // SetPolicyName sets the PolicyName field's value.
 26613  func (s *GetUserPolicyInput) SetPolicyName(v string) *GetUserPolicyInput {
 26614  	s.PolicyName = &v
 26615  	return s
 26616  }
 26617  
 26618  // SetUserName sets the UserName field's value.
 26619  func (s *GetUserPolicyInput) SetUserName(v string) *GetUserPolicyInput {
 26620  	s.UserName = &v
 26621  	return s
 26622  }
 26623  
 26624  // Contains the response to a successful GetUserPolicy request.
 26625  type GetUserPolicyOutput struct {
 26626  	_ struct{} `type:"structure"`
 26627  
 26628  	// The policy document.
 26629  	//
 26630  	// IAM stores policies in JSON format. However, resources that were created
 26631  	// using CloudFormation templates can be formatted in YAML. CloudFormation always
 26632  	// converts a YAML policy to JSON format before submitting it to IAM.
 26633  	//
 26634  	// PolicyDocument is a required field
 26635  	PolicyDocument *string `min:"1" type:"string" required:"true"`
 26636  
 26637  	// The name of the policy.
 26638  	//
 26639  	// PolicyName is a required field
 26640  	PolicyName *string `min:"1" type:"string" required:"true"`
 26641  
 26642  	// The user the policy is associated with.
 26643  	//
 26644  	// UserName is a required field
 26645  	UserName *string `min:"1" type:"string" required:"true"`
 26646  }
 26647  
 26648  // String returns the string representation.
 26649  //
 26650  // API parameter values that are decorated as "sensitive" in the API will not
 26651  // be included in the string output. The member name will be present, but the
 26652  // value will be replaced with "sensitive".
 26653  func (s GetUserPolicyOutput) String() string {
 26654  	return awsutil.Prettify(s)
 26655  }
 26656  
 26657  // GoString returns the string representation.
 26658  //
 26659  // API parameter values that are decorated as "sensitive" in the API will not
 26660  // be included in the string output. The member name will be present, but the
 26661  // value will be replaced with "sensitive".
 26662  func (s GetUserPolicyOutput) GoString() string {
 26663  	return s.String()
 26664  }
 26665  
 26666  // SetPolicyDocument sets the PolicyDocument field's value.
 26667  func (s *GetUserPolicyOutput) SetPolicyDocument(v string) *GetUserPolicyOutput {
 26668  	s.PolicyDocument = &v
 26669  	return s
 26670  }
 26671  
 26672  // SetPolicyName sets the PolicyName field's value.
 26673  func (s *GetUserPolicyOutput) SetPolicyName(v string) *GetUserPolicyOutput {
 26674  	s.PolicyName = &v
 26675  	return s
 26676  }
 26677  
 26678  // SetUserName sets the UserName field's value.
 26679  func (s *GetUserPolicyOutput) SetUserName(v string) *GetUserPolicyOutput {
 26680  	s.UserName = &v
 26681  	return s
 26682  }
 26683  
 26684  // Contains information about an IAM group entity.
 26685  //
 26686  // This data type is used as a response element in the following operations:
 26687  //
 26688  //    * CreateGroup
 26689  //
 26690  //    * GetGroup
 26691  //
 26692  //    * ListGroups
 26693  type Group struct {
 26694  	_ struct{} `type:"structure"`
 26695  
 26696  	// The Amazon Resource Name (ARN) specifying the group. For more information
 26697  	// about ARNs and how to use them in policies, see IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
 26698  	// in the IAM User Guide.
 26699  	//
 26700  	// Arn is a required field
 26701  	Arn *string `min:"20" type:"string" required:"true"`
 26702  
 26703  	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
 26704  	// when the group was created.
 26705  	//
 26706  	// CreateDate is a required field
 26707  	CreateDate *time.Time `type:"timestamp" required:"true"`
 26708  
 26709  	// The stable and unique string identifying the group. For more information
 26710  	// about IDs, see IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
 26711  	// in the IAM User Guide.
 26712  	//
 26713  	// GroupId is a required field
 26714  	GroupId *string `min:"16" type:"string" required:"true"`
 26715  
 26716  	// The friendly name that identifies the group.
 26717  	//
 26718  	// GroupName is a required field
 26719  	GroupName *string `min:"1" type:"string" required:"true"`
 26720  
 26721  	// The path to the group. For more information about paths, see IAM identifiers
 26722  	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
 26723  	// in the IAM User Guide.
 26724  	//
 26725  	// Path is a required field
 26726  	Path *string `min:"1" type:"string" required:"true"`
 26727  }
 26728  
 26729  // String returns the string representation.
 26730  //
 26731  // API parameter values that are decorated as "sensitive" in the API will not
 26732  // be included in the string output. The member name will be present, but the
 26733  // value will be replaced with "sensitive".
 26734  func (s Group) String() string {
 26735  	return awsutil.Prettify(s)
 26736  }
 26737  
 26738  // GoString returns the string representation.
 26739  //
 26740  // API parameter values that are decorated as "sensitive" in the API will not
 26741  // be included in the string output. The member name will be present, but the
 26742  // value will be replaced with "sensitive".
 26743  func (s Group) GoString() string {
 26744  	return s.String()
 26745  }
 26746  
 26747  // SetArn sets the Arn field's value.
 26748  func (s *Group) SetArn(v string) *Group {
 26749  	s.Arn = &v
 26750  	return s
 26751  }
 26752  
 26753  // SetCreateDate sets the CreateDate field's value.
 26754  func (s *Group) SetCreateDate(v time.Time) *Group {
 26755  	s.CreateDate = &v
 26756  	return s
 26757  }
 26758  
 26759  // SetGroupId sets the GroupId field's value.
 26760  func (s *Group) SetGroupId(v string) *Group {
 26761  	s.GroupId = &v
 26762  	return s
 26763  }
 26764  
 26765  // SetGroupName sets the GroupName field's value.
 26766  func (s *Group) SetGroupName(v string) *Group {
 26767  	s.GroupName = &v
 26768  	return s
 26769  }
 26770  
 26771  // SetPath sets the Path field's value.
 26772  func (s *Group) SetPath(v string) *Group {
 26773  	s.Path = &v
 26774  	return s
 26775  }
 26776  
 26777  // Contains information about an IAM group, including all of the group's policies.
 26778  //
 26779  // This data type is used as a response element in the GetAccountAuthorizationDetails
 26780  // operation.
 26781  type GroupDetail struct {
 26782  	_ struct{} `type:"structure"`
 26783  
 26784  	// The Amazon Resource Name (ARN). ARNs are unique identifiers for Amazon Web
 26785  	// Services resources.
 26786  	//
 26787  	// For more information about ARNs, go to Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
 26788  	// in the Amazon Web Services General Reference.
 26789  	Arn *string `min:"20" type:"string"`
 26790  
 26791  	// A list of the managed policies attached to the group.
 26792  	AttachedManagedPolicies []*AttachedPolicy `type:"list"`
 26793  
 26794  	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
 26795  	// when the group was created.
 26796  	CreateDate *time.Time `type:"timestamp"`
 26797  
 26798  	// The stable and unique string identifying the group. For more information
 26799  	// about IDs, see IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
 26800  	// in the IAM User Guide.
 26801  	GroupId *string `min:"16" type:"string"`
 26802  
 26803  	// The friendly name that identifies the group.
 26804  	GroupName *string `min:"1" type:"string"`
 26805  
 26806  	// A list of the inline policies embedded in the group.
 26807  	GroupPolicyList []*PolicyDetail `type:"list"`
 26808  
 26809  	// The path to the group. For more information about paths, see IAM identifiers
 26810  	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
 26811  	// in the IAM User Guide.
 26812  	Path *string `min:"1" type:"string"`
 26813  }
 26814  
 26815  // String returns the string representation.
 26816  //
 26817  // API parameter values that are decorated as "sensitive" in the API will not
 26818  // be included in the string output. The member name will be present, but the
 26819  // value will be replaced with "sensitive".
 26820  func (s GroupDetail) String() string {
 26821  	return awsutil.Prettify(s)
 26822  }
 26823  
 26824  // GoString returns the string representation.
 26825  //
 26826  // API parameter values that are decorated as "sensitive" in the API will not
 26827  // be included in the string output. The member name will be present, but the
 26828  // value will be replaced with "sensitive".
 26829  func (s GroupDetail) GoString() string {
 26830  	return s.String()
 26831  }
 26832  
 26833  // SetArn sets the Arn field's value.
 26834  func (s *GroupDetail) SetArn(v string) *GroupDetail {
 26835  	s.Arn = &v
 26836  	return s
 26837  }
 26838  
 26839  // SetAttachedManagedPolicies sets the AttachedManagedPolicies field's value.
 26840  func (s *GroupDetail) SetAttachedManagedPolicies(v []*AttachedPolicy) *GroupDetail {
 26841  	s.AttachedManagedPolicies = v
 26842  	return s
 26843  }
 26844  
 26845  // SetCreateDate sets the CreateDate field's value.
 26846  func (s *GroupDetail) SetCreateDate(v time.Time) *GroupDetail {
 26847  	s.CreateDate = &v
 26848  	return s
 26849  }
 26850  
 26851  // SetGroupId sets the GroupId field's value.
 26852  func (s *GroupDetail) SetGroupId(v string) *GroupDetail {
 26853  	s.GroupId = &v
 26854  	return s
 26855  }
 26856  
 26857  // SetGroupName sets the GroupName field's value.
 26858  func (s *GroupDetail) SetGroupName(v string) *GroupDetail {
 26859  	s.GroupName = &v
 26860  	return s
 26861  }
 26862  
 26863  // SetGroupPolicyList sets the GroupPolicyList field's value.
 26864  func (s *GroupDetail) SetGroupPolicyList(v []*PolicyDetail) *GroupDetail {
 26865  	s.GroupPolicyList = v
 26866  	return s
 26867  }
 26868  
 26869  // SetPath sets the Path field's value.
 26870  func (s *GroupDetail) SetPath(v string) *GroupDetail {
 26871  	s.Path = &v
 26872  	return s
 26873  }
 26874  
 26875  // Contains information about an instance profile.
 26876  //
 26877  // This data type is used as a response element in the following operations:
 26878  //
 26879  //    * CreateInstanceProfile
 26880  //
 26881  //    * GetInstanceProfile
 26882  //
 26883  //    * ListInstanceProfiles
 26884  //
 26885  //    * ListInstanceProfilesForRole
 26886  type InstanceProfile struct {
 26887  	_ struct{} `type:"structure"`
 26888  
 26889  	// The Amazon Resource Name (ARN) specifying the instance profile. For more
 26890  	// information about ARNs and how to use them in policies, see IAM identifiers
 26891  	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
 26892  	// in the IAM User Guide.
 26893  	//
 26894  	// Arn is a required field
 26895  	Arn *string `min:"20" type:"string" required:"true"`
 26896  
 26897  	// The date when the instance profile was created.
 26898  	//
 26899  	// CreateDate is a required field
 26900  	CreateDate *time.Time `type:"timestamp" required:"true"`
 26901  
 26902  	// The stable and unique string identifying the instance profile. For more information
 26903  	// about IDs, see IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
 26904  	// in the IAM User Guide.
 26905  	//
 26906  	// InstanceProfileId is a required field
 26907  	InstanceProfileId *string `min:"16" type:"string" required:"true"`
 26908  
 26909  	// The name identifying the instance profile.
 26910  	//
 26911  	// InstanceProfileName is a required field
 26912  	InstanceProfileName *string `min:"1" type:"string" required:"true"`
 26913  
 26914  	// The path to the instance profile. For more information about paths, see IAM
 26915  	// identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
 26916  	// in the IAM User Guide.
 26917  	//
 26918  	// Path is a required field
 26919  	Path *string `min:"1" type:"string" required:"true"`
 26920  
 26921  	// The role associated with the instance profile.
 26922  	//
 26923  	// Roles is a required field
 26924  	Roles []*Role `type:"list" required:"true"`
 26925  
 26926  	// A list of tags that are attached to the instance profile. For more information
 26927  	// about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
 26928  	// in the IAM User Guide.
 26929  	Tags []*Tag `type:"list"`
 26930  }
 26931  
 26932  // String returns the string representation.
 26933  //
 26934  // API parameter values that are decorated as "sensitive" in the API will not
 26935  // be included in the string output. The member name will be present, but the
 26936  // value will be replaced with "sensitive".
 26937  func (s InstanceProfile) String() string {
 26938  	return awsutil.Prettify(s)
 26939  }
 26940  
 26941  // GoString returns the string representation.
 26942  //
 26943  // API parameter values that are decorated as "sensitive" in the API will not
 26944  // be included in the string output. The member name will be present, but the
 26945  // value will be replaced with "sensitive".
 26946  func (s InstanceProfile) GoString() string {
 26947  	return s.String()
 26948  }
 26949  
 26950  // SetArn sets the Arn field's value.
 26951  func (s *InstanceProfile) SetArn(v string) *InstanceProfile {
 26952  	s.Arn = &v
 26953  	return s
 26954  }
 26955  
 26956  // SetCreateDate sets the CreateDate field's value.
 26957  func (s *InstanceProfile) SetCreateDate(v time.Time) *InstanceProfile {
 26958  	s.CreateDate = &v
 26959  	return s
 26960  }
 26961  
 26962  // SetInstanceProfileId sets the InstanceProfileId field's value.
 26963  func (s *InstanceProfile) SetInstanceProfileId(v string) *InstanceProfile {
 26964  	s.InstanceProfileId = &v
 26965  	return s
 26966  }
 26967  
 26968  // SetInstanceProfileName sets the InstanceProfileName field's value.
 26969  func (s *InstanceProfile) SetInstanceProfileName(v string) *InstanceProfile {
 26970  	s.InstanceProfileName = &v
 26971  	return s
 26972  }
 26973  
 26974  // SetPath sets the Path field's value.
 26975  func (s *InstanceProfile) SetPath(v string) *InstanceProfile {
 26976  	s.Path = &v
 26977  	return s
 26978  }
 26979  
 26980  // SetRoles sets the Roles field's value.
 26981  func (s *InstanceProfile) SetRoles(v []*Role) *InstanceProfile {
 26982  	s.Roles = v
 26983  	return s
 26984  }
 26985  
 26986  // SetTags sets the Tags field's value.
 26987  func (s *InstanceProfile) SetTags(v []*Tag) *InstanceProfile {
 26988  	s.Tags = v
 26989  	return s
 26990  }
 26991  
 26992  type ListAccessKeysInput struct {
 26993  	_ struct{} `type:"structure"`
 26994  
 26995  	// Use this parameter only when paginating results and only after you receive
 26996  	// a response indicating that the results are truncated. Set it to the value
 26997  	// of the Marker element in the response that you received to indicate where
 26998  	// the next call should start.
 26999  	Marker *string `min:"1" type:"string"`
 27000  
 27001  	// Use this only when paginating results to indicate the maximum number of items
 27002  	// you want in the response. If additional items exist beyond the maximum you
 27003  	// specify, the IsTruncated response element is true.
 27004  	//
 27005  	// If you do not include this parameter, the number of items defaults to 100.
 27006  	// Note that IAM might return fewer results, even when there are more results
 27007  	// available. In that case, the IsTruncated response element returns true, and
 27008  	// Marker contains a value to include in the subsequent call that tells the
 27009  	// service where to continue from.
 27010  	MaxItems *int64 `min:"1" type:"integer"`
 27011  
 27012  	// The name of the user.
 27013  	//
 27014  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 27015  	// a string of characters consisting of upper and lowercase alphanumeric characters
 27016  	// with no spaces. You can also include any of the following characters: _+=,.@-
 27017  	UserName *string `min:"1" type:"string"`
 27018  }
 27019  
 27020  // String returns the string representation.
 27021  //
 27022  // API parameter values that are decorated as "sensitive" in the API will not
 27023  // be included in the string output. The member name will be present, but the
 27024  // value will be replaced with "sensitive".
 27025  func (s ListAccessKeysInput) String() string {
 27026  	return awsutil.Prettify(s)
 27027  }
 27028  
 27029  // GoString returns the string representation.
 27030  //
 27031  // API parameter values that are decorated as "sensitive" in the API will not
 27032  // be included in the string output. The member name will be present, but the
 27033  // value will be replaced with "sensitive".
 27034  func (s ListAccessKeysInput) GoString() string {
 27035  	return s.String()
 27036  }
 27037  
 27038  // Validate inspects the fields of the type to determine if they are valid.
 27039  func (s *ListAccessKeysInput) Validate() error {
 27040  	invalidParams := request.ErrInvalidParams{Context: "ListAccessKeysInput"}
 27041  	if s.Marker != nil && len(*s.Marker) < 1 {
 27042  		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
 27043  	}
 27044  	if s.MaxItems != nil && *s.MaxItems < 1 {
 27045  		invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1))
 27046  	}
 27047  	if s.UserName != nil && len(*s.UserName) < 1 {
 27048  		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
 27049  	}
 27050  
 27051  	if invalidParams.Len() > 0 {
 27052  		return invalidParams
 27053  	}
 27054  	return nil
 27055  }
 27056  
 27057  // SetMarker sets the Marker field's value.
 27058  func (s *ListAccessKeysInput) SetMarker(v string) *ListAccessKeysInput {
 27059  	s.Marker = &v
 27060  	return s
 27061  }
 27062  
 27063  // SetMaxItems sets the MaxItems field's value.
 27064  func (s *ListAccessKeysInput) SetMaxItems(v int64) *ListAccessKeysInput {
 27065  	s.MaxItems = &v
 27066  	return s
 27067  }
 27068  
 27069  // SetUserName sets the UserName field's value.
 27070  func (s *ListAccessKeysInput) SetUserName(v string) *ListAccessKeysInput {
 27071  	s.UserName = &v
 27072  	return s
 27073  }
 27074  
 27075  // Contains the response to a successful ListAccessKeys request.
 27076  type ListAccessKeysOutput struct {
 27077  	_ struct{} `type:"structure"`
 27078  
 27079  	// A list of objects containing metadata about the access keys.
 27080  	//
 27081  	// AccessKeyMetadata is a required field
 27082  	AccessKeyMetadata []*AccessKeyMetadata `type:"list" required:"true"`
 27083  
 27084  	// A flag that indicates whether there are more items to return. If your results
 27085  	// were truncated, you can make a subsequent pagination request using the Marker
 27086  	// request parameter to retrieve more items. Note that IAM might return fewer
 27087  	// than the MaxItems number of results even when there are more results available.
 27088  	// We recommend that you check IsTruncated after every call to ensure that you
 27089  	// receive all your results.
 27090  	IsTruncated *bool `type:"boolean"`
 27091  
 27092  	// When IsTruncated is true, this element is present and contains the value
 27093  	// to use for the Marker parameter in a subsequent pagination request.
 27094  	Marker *string `type:"string"`
 27095  }
 27096  
 27097  // String returns the string representation.
 27098  //
 27099  // API parameter values that are decorated as "sensitive" in the API will not
 27100  // be included in the string output. The member name will be present, but the
 27101  // value will be replaced with "sensitive".
 27102  func (s ListAccessKeysOutput) String() string {
 27103  	return awsutil.Prettify(s)
 27104  }
 27105  
 27106  // GoString returns the string representation.
 27107  //
 27108  // API parameter values that are decorated as "sensitive" in the API will not
 27109  // be included in the string output. The member name will be present, but the
 27110  // value will be replaced with "sensitive".
 27111  func (s ListAccessKeysOutput) GoString() string {
 27112  	return s.String()
 27113  }
 27114  
 27115  // SetAccessKeyMetadata sets the AccessKeyMetadata field's value.
 27116  func (s *ListAccessKeysOutput) SetAccessKeyMetadata(v []*AccessKeyMetadata) *ListAccessKeysOutput {
 27117  	s.AccessKeyMetadata = v
 27118  	return s
 27119  }
 27120  
 27121  // SetIsTruncated sets the IsTruncated field's value.
 27122  func (s *ListAccessKeysOutput) SetIsTruncated(v bool) *ListAccessKeysOutput {
 27123  	s.IsTruncated = &v
 27124  	return s
 27125  }
 27126  
 27127  // SetMarker sets the Marker field's value.
 27128  func (s *ListAccessKeysOutput) SetMarker(v string) *ListAccessKeysOutput {
 27129  	s.Marker = &v
 27130  	return s
 27131  }
 27132  
 27133  type ListAccountAliasesInput struct {
 27134  	_ struct{} `type:"structure"`
 27135  
 27136  	// Use this parameter only when paginating results and only after you receive
 27137  	// a response indicating that the results are truncated. Set it to the value
 27138  	// of the Marker element in the response that you received to indicate where
 27139  	// the next call should start.
 27140  	Marker *string `min:"1" type:"string"`
 27141  
 27142  	// Use this only when paginating results to indicate the maximum number of items
 27143  	// you want in the response. If additional items exist beyond the maximum you
 27144  	// specify, the IsTruncated response element is true.
 27145  	//
 27146  	// If you do not include this parameter, the number of items defaults to 100.
 27147  	// Note that IAM might return fewer results, even when there are more results
 27148  	// available. In that case, the IsTruncated response element returns true, and
 27149  	// Marker contains a value to include in the subsequent call that tells the
 27150  	// service where to continue from.
 27151  	MaxItems *int64 `min:"1" type:"integer"`
 27152  }
 27153  
 27154  // String returns the string representation.
 27155  //
 27156  // API parameter values that are decorated as "sensitive" in the API will not
 27157  // be included in the string output. The member name will be present, but the
 27158  // value will be replaced with "sensitive".
 27159  func (s ListAccountAliasesInput) String() string {
 27160  	return awsutil.Prettify(s)
 27161  }
 27162  
 27163  // GoString returns the string representation.
 27164  //
 27165  // API parameter values that are decorated as "sensitive" in the API will not
 27166  // be included in the string output. The member name will be present, but the
 27167  // value will be replaced with "sensitive".
 27168  func (s ListAccountAliasesInput) GoString() string {
 27169  	return s.String()
 27170  }
 27171  
 27172  // Validate inspects the fields of the type to determine if they are valid.
 27173  func (s *ListAccountAliasesInput) Validate() error {
 27174  	invalidParams := request.ErrInvalidParams{Context: "ListAccountAliasesInput"}
 27175  	if s.Marker != nil && len(*s.Marker) < 1 {
 27176  		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
 27177  	}
 27178  	if s.MaxItems != nil && *s.MaxItems < 1 {
 27179  		invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1))
 27180  	}
 27181  
 27182  	if invalidParams.Len() > 0 {
 27183  		return invalidParams
 27184  	}
 27185  	return nil
 27186  }
 27187  
 27188  // SetMarker sets the Marker field's value.
 27189  func (s *ListAccountAliasesInput) SetMarker(v string) *ListAccountAliasesInput {
 27190  	s.Marker = &v
 27191  	return s
 27192  }
 27193  
 27194  // SetMaxItems sets the MaxItems field's value.
 27195  func (s *ListAccountAliasesInput) SetMaxItems(v int64) *ListAccountAliasesInput {
 27196  	s.MaxItems = &v
 27197  	return s
 27198  }
 27199  
 27200  // Contains the response to a successful ListAccountAliases request.
 27201  type ListAccountAliasesOutput struct {
 27202  	_ struct{} `type:"structure"`
 27203  
 27204  	// A list of aliases associated with the account. Amazon Web Services supports
 27205  	// only one alias per account.
 27206  	//
 27207  	// AccountAliases is a required field
 27208  	AccountAliases []*string `type:"list" required:"true"`
 27209  
 27210  	// A flag that indicates whether there are more items to return. If your results
 27211  	// were truncated, you can make a subsequent pagination request using the Marker
 27212  	// request parameter to retrieve more items. Note that IAM might return fewer
 27213  	// than the MaxItems number of results even when there are more results available.
 27214  	// We recommend that you check IsTruncated after every call to ensure that you
 27215  	// receive all your results.
 27216  	IsTruncated *bool `type:"boolean"`
 27217  
 27218  	// When IsTruncated is true, this element is present and contains the value
 27219  	// to use for the Marker parameter in a subsequent pagination request.
 27220  	Marker *string `type:"string"`
 27221  }
 27222  
 27223  // String returns the string representation.
 27224  //
 27225  // API parameter values that are decorated as "sensitive" in the API will not
 27226  // be included in the string output. The member name will be present, but the
 27227  // value will be replaced with "sensitive".
 27228  func (s ListAccountAliasesOutput) String() string {
 27229  	return awsutil.Prettify(s)
 27230  }
 27231  
 27232  // GoString returns the string representation.
 27233  //
 27234  // API parameter values that are decorated as "sensitive" in the API will not
 27235  // be included in the string output. The member name will be present, but the
 27236  // value will be replaced with "sensitive".
 27237  func (s ListAccountAliasesOutput) GoString() string {
 27238  	return s.String()
 27239  }
 27240  
 27241  // SetAccountAliases sets the AccountAliases field's value.
 27242  func (s *ListAccountAliasesOutput) SetAccountAliases(v []*string) *ListAccountAliasesOutput {
 27243  	s.AccountAliases = v
 27244  	return s
 27245  }
 27246  
 27247  // SetIsTruncated sets the IsTruncated field's value.
 27248  func (s *ListAccountAliasesOutput) SetIsTruncated(v bool) *ListAccountAliasesOutput {
 27249  	s.IsTruncated = &v
 27250  	return s
 27251  }
 27252  
 27253  // SetMarker sets the Marker field's value.
 27254  func (s *ListAccountAliasesOutput) SetMarker(v string) *ListAccountAliasesOutput {
 27255  	s.Marker = &v
 27256  	return s
 27257  }
 27258  
 27259  type ListAttachedGroupPoliciesInput struct {
 27260  	_ struct{} `type:"structure"`
 27261  
 27262  	// The name (friendly name, not ARN) of the group to list attached policies
 27263  	// for.
 27264  	//
 27265  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 27266  	// a string of characters consisting of upper and lowercase alphanumeric characters
 27267  	// with no spaces. You can also include any of the following characters: _+=,.@-
 27268  	//
 27269  	// GroupName is a required field
 27270  	GroupName *string `min:"1" type:"string" required:"true"`
 27271  
 27272  	// Use this parameter only when paginating results and only after you receive
 27273  	// a response indicating that the results are truncated. Set it to the value
 27274  	// of the Marker element in the response that you received to indicate where
 27275  	// the next call should start.
 27276  	Marker *string `min:"1" type:"string"`
 27277  
 27278  	// Use this only when paginating results to indicate the maximum number of items
 27279  	// you want in the response. If additional items exist beyond the maximum you
 27280  	// specify, the IsTruncated response element is true.
 27281  	//
 27282  	// If you do not include this parameter, the number of items defaults to 100.
 27283  	// Note that IAM might return fewer results, even when there are more results
 27284  	// available. In that case, the IsTruncated response element returns true, and
 27285  	// Marker contains a value to include in the subsequent call that tells the
 27286  	// service where to continue from.
 27287  	MaxItems *int64 `min:"1" type:"integer"`
 27288  
 27289  	// The path prefix for filtering the results. This parameter is optional. If
 27290  	// it is not included, it defaults to a slash (/), listing all policies.
 27291  	//
 27292  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 27293  	// a string of characters consisting of either a forward slash (/) by itself
 27294  	// or a string that must begin and end with forward slashes. In addition, it
 27295  	// can contain any ASCII character from the ! (\u0021) through the DEL character
 27296  	// (\u007F), including most punctuation characters, digits, and upper and lowercased
 27297  	// letters.
 27298  	PathPrefix *string `min:"1" type:"string"`
 27299  }
 27300  
 27301  // String returns the string representation.
 27302  //
 27303  // API parameter values that are decorated as "sensitive" in the API will not
 27304  // be included in the string output. The member name will be present, but the
 27305  // value will be replaced with "sensitive".
 27306  func (s ListAttachedGroupPoliciesInput) String() string {
 27307  	return awsutil.Prettify(s)
 27308  }
 27309  
 27310  // GoString returns the string representation.
 27311  //
 27312  // API parameter values that are decorated as "sensitive" in the API will not
 27313  // be included in the string output. The member name will be present, but the
 27314  // value will be replaced with "sensitive".
 27315  func (s ListAttachedGroupPoliciesInput) GoString() string {
 27316  	return s.String()
 27317  }
 27318  
 27319  // Validate inspects the fields of the type to determine if they are valid.
 27320  func (s *ListAttachedGroupPoliciesInput) Validate() error {
 27321  	invalidParams := request.ErrInvalidParams{Context: "ListAttachedGroupPoliciesInput"}
 27322  	if s.GroupName == nil {
 27323  		invalidParams.Add(request.NewErrParamRequired("GroupName"))
 27324  	}
 27325  	if s.GroupName != nil && len(*s.GroupName) < 1 {
 27326  		invalidParams.Add(request.NewErrParamMinLen("GroupName", 1))
 27327  	}
 27328  	if s.Marker != nil && len(*s.Marker) < 1 {
 27329  		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
 27330  	}
 27331  	if s.MaxItems != nil && *s.MaxItems < 1 {
 27332  		invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1))
 27333  	}
 27334  	if s.PathPrefix != nil && len(*s.PathPrefix) < 1 {
 27335  		invalidParams.Add(request.NewErrParamMinLen("PathPrefix", 1))
 27336  	}
 27337  
 27338  	if invalidParams.Len() > 0 {
 27339  		return invalidParams
 27340  	}
 27341  	return nil
 27342  }
 27343  
 27344  // SetGroupName sets the GroupName field's value.
 27345  func (s *ListAttachedGroupPoliciesInput) SetGroupName(v string) *ListAttachedGroupPoliciesInput {
 27346  	s.GroupName = &v
 27347  	return s
 27348  }
 27349  
 27350  // SetMarker sets the Marker field's value.
 27351  func (s *ListAttachedGroupPoliciesInput) SetMarker(v string) *ListAttachedGroupPoliciesInput {
 27352  	s.Marker = &v
 27353  	return s
 27354  }
 27355  
 27356  // SetMaxItems sets the MaxItems field's value.
 27357  func (s *ListAttachedGroupPoliciesInput) SetMaxItems(v int64) *ListAttachedGroupPoliciesInput {
 27358  	s.MaxItems = &v
 27359  	return s
 27360  }
 27361  
 27362  // SetPathPrefix sets the PathPrefix field's value.
 27363  func (s *ListAttachedGroupPoliciesInput) SetPathPrefix(v string) *ListAttachedGroupPoliciesInput {
 27364  	s.PathPrefix = &v
 27365  	return s
 27366  }
 27367  
 27368  // Contains the response to a successful ListAttachedGroupPolicies request.
 27369  type ListAttachedGroupPoliciesOutput struct {
 27370  	_ struct{} `type:"structure"`
 27371  
 27372  	// A list of the attached policies.
 27373  	AttachedPolicies []*AttachedPolicy `type:"list"`
 27374  
 27375  	// A flag that indicates whether there are more items to return. If your results
 27376  	// were truncated, you can make a subsequent pagination request using the Marker
 27377  	// request parameter to retrieve more items. Note that IAM might return fewer
 27378  	// than the MaxItems number of results even when there are more results available.
 27379  	// We recommend that you check IsTruncated after every call to ensure that you
 27380  	// receive all your results.
 27381  	IsTruncated *bool `type:"boolean"`
 27382  
 27383  	// When IsTruncated is true, this element is present and contains the value
 27384  	// to use for the Marker parameter in a subsequent pagination request.
 27385  	Marker *string `type:"string"`
 27386  }
 27387  
 27388  // String returns the string representation.
 27389  //
 27390  // API parameter values that are decorated as "sensitive" in the API will not
 27391  // be included in the string output. The member name will be present, but the
 27392  // value will be replaced with "sensitive".
 27393  func (s ListAttachedGroupPoliciesOutput) String() string {
 27394  	return awsutil.Prettify(s)
 27395  }
 27396  
 27397  // GoString returns the string representation.
 27398  //
 27399  // API parameter values that are decorated as "sensitive" in the API will not
 27400  // be included in the string output. The member name will be present, but the
 27401  // value will be replaced with "sensitive".
 27402  func (s ListAttachedGroupPoliciesOutput) GoString() string {
 27403  	return s.String()
 27404  }
 27405  
 27406  // SetAttachedPolicies sets the AttachedPolicies field's value.
 27407  func (s *ListAttachedGroupPoliciesOutput) SetAttachedPolicies(v []*AttachedPolicy) *ListAttachedGroupPoliciesOutput {
 27408  	s.AttachedPolicies = v
 27409  	return s
 27410  }
 27411  
 27412  // SetIsTruncated sets the IsTruncated field's value.
 27413  func (s *ListAttachedGroupPoliciesOutput) SetIsTruncated(v bool) *ListAttachedGroupPoliciesOutput {
 27414  	s.IsTruncated = &v
 27415  	return s
 27416  }
 27417  
 27418  // SetMarker sets the Marker field's value.
 27419  func (s *ListAttachedGroupPoliciesOutput) SetMarker(v string) *ListAttachedGroupPoliciesOutput {
 27420  	s.Marker = &v
 27421  	return s
 27422  }
 27423  
 27424  type ListAttachedRolePoliciesInput struct {
 27425  	_ struct{} `type:"structure"`
 27426  
 27427  	// Use this parameter only when paginating results and only after you receive
 27428  	// a response indicating that the results are truncated. Set it to the value
 27429  	// of the Marker element in the response that you received to indicate where
 27430  	// the next call should start.
 27431  	Marker *string `min:"1" type:"string"`
 27432  
 27433  	// Use this only when paginating results to indicate the maximum number of items
 27434  	// you want in the response. If additional items exist beyond the maximum you
 27435  	// specify, the IsTruncated response element is true.
 27436  	//
 27437  	// If you do not include this parameter, the number of items defaults to 100.
 27438  	// Note that IAM might return fewer results, even when there are more results
 27439  	// available. In that case, the IsTruncated response element returns true, and
 27440  	// Marker contains a value to include in the subsequent call that tells the
 27441  	// service where to continue from.
 27442  	MaxItems *int64 `min:"1" type:"integer"`
 27443  
 27444  	// The path prefix for filtering the results. This parameter is optional. If
 27445  	// it is not included, it defaults to a slash (/), listing all policies.
 27446  	//
 27447  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 27448  	// a string of characters consisting of either a forward slash (/) by itself
 27449  	// or a string that must begin and end with forward slashes. In addition, it
 27450  	// can contain any ASCII character from the ! (\u0021) through the DEL character
 27451  	// (\u007F), including most punctuation characters, digits, and upper and lowercased
 27452  	// letters.
 27453  	PathPrefix *string `min:"1" type:"string"`
 27454  
 27455  	// The name (friendly name, not ARN) of the role to list attached policies for.
 27456  	//
 27457  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 27458  	// a string of characters consisting of upper and lowercase alphanumeric characters
 27459  	// with no spaces. You can also include any of the following characters: _+=,.@-
 27460  	//
 27461  	// RoleName is a required field
 27462  	RoleName *string `min:"1" type:"string" required:"true"`
 27463  }
 27464  
 27465  // String returns the string representation.
 27466  //
 27467  // API parameter values that are decorated as "sensitive" in the API will not
 27468  // be included in the string output. The member name will be present, but the
 27469  // value will be replaced with "sensitive".
 27470  func (s ListAttachedRolePoliciesInput) String() string {
 27471  	return awsutil.Prettify(s)
 27472  }
 27473  
 27474  // GoString returns the string representation.
 27475  //
 27476  // API parameter values that are decorated as "sensitive" in the API will not
 27477  // be included in the string output. The member name will be present, but the
 27478  // value will be replaced with "sensitive".
 27479  func (s ListAttachedRolePoliciesInput) GoString() string {
 27480  	return s.String()
 27481  }
 27482  
 27483  // Validate inspects the fields of the type to determine if they are valid.
 27484  func (s *ListAttachedRolePoliciesInput) Validate() error {
 27485  	invalidParams := request.ErrInvalidParams{Context: "ListAttachedRolePoliciesInput"}
 27486  	if s.Marker != nil && len(*s.Marker) < 1 {
 27487  		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
 27488  	}
 27489  	if s.MaxItems != nil && *s.MaxItems < 1 {
 27490  		invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1))
 27491  	}
 27492  	if s.PathPrefix != nil && len(*s.PathPrefix) < 1 {
 27493  		invalidParams.Add(request.NewErrParamMinLen("PathPrefix", 1))
 27494  	}
 27495  	if s.RoleName == nil {
 27496  		invalidParams.Add(request.NewErrParamRequired("RoleName"))
 27497  	}
 27498  	if s.RoleName != nil && len(*s.RoleName) < 1 {
 27499  		invalidParams.Add(request.NewErrParamMinLen("RoleName", 1))
 27500  	}
 27501  
 27502  	if invalidParams.Len() > 0 {
 27503  		return invalidParams
 27504  	}
 27505  	return nil
 27506  }
 27507  
 27508  // SetMarker sets the Marker field's value.
 27509  func (s *ListAttachedRolePoliciesInput) SetMarker(v string) *ListAttachedRolePoliciesInput {
 27510  	s.Marker = &v
 27511  	return s
 27512  }
 27513  
 27514  // SetMaxItems sets the MaxItems field's value.
 27515  func (s *ListAttachedRolePoliciesInput) SetMaxItems(v int64) *ListAttachedRolePoliciesInput {
 27516  	s.MaxItems = &v
 27517  	return s
 27518  }
 27519  
 27520  // SetPathPrefix sets the PathPrefix field's value.
 27521  func (s *ListAttachedRolePoliciesInput) SetPathPrefix(v string) *ListAttachedRolePoliciesInput {
 27522  	s.PathPrefix = &v
 27523  	return s
 27524  }
 27525  
 27526  // SetRoleName sets the RoleName field's value.
 27527  func (s *ListAttachedRolePoliciesInput) SetRoleName(v string) *ListAttachedRolePoliciesInput {
 27528  	s.RoleName = &v
 27529  	return s
 27530  }
 27531  
 27532  // Contains the response to a successful ListAttachedRolePolicies request.
 27533  type ListAttachedRolePoliciesOutput struct {
 27534  	_ struct{} `type:"structure"`
 27535  
 27536  	// A list of the attached policies.
 27537  	AttachedPolicies []*AttachedPolicy `type:"list"`
 27538  
 27539  	// A flag that indicates whether there are more items to return. If your results
 27540  	// were truncated, you can make a subsequent pagination request using the Marker
 27541  	// request parameter to retrieve more items. Note that IAM might return fewer
 27542  	// than the MaxItems number of results even when there are more results available.
 27543  	// We recommend that you check IsTruncated after every call to ensure that you
 27544  	// receive all your results.
 27545  	IsTruncated *bool `type:"boolean"`
 27546  
 27547  	// When IsTruncated is true, this element is present and contains the value
 27548  	// to use for the Marker parameter in a subsequent pagination request.
 27549  	Marker *string `type:"string"`
 27550  }
 27551  
 27552  // String returns the string representation.
 27553  //
 27554  // API parameter values that are decorated as "sensitive" in the API will not
 27555  // be included in the string output. The member name will be present, but the
 27556  // value will be replaced with "sensitive".
 27557  func (s ListAttachedRolePoliciesOutput) String() string {
 27558  	return awsutil.Prettify(s)
 27559  }
 27560  
 27561  // GoString returns the string representation.
 27562  //
 27563  // API parameter values that are decorated as "sensitive" in the API will not
 27564  // be included in the string output. The member name will be present, but the
 27565  // value will be replaced with "sensitive".
 27566  func (s ListAttachedRolePoliciesOutput) GoString() string {
 27567  	return s.String()
 27568  }
 27569  
 27570  // SetAttachedPolicies sets the AttachedPolicies field's value.
 27571  func (s *ListAttachedRolePoliciesOutput) SetAttachedPolicies(v []*AttachedPolicy) *ListAttachedRolePoliciesOutput {
 27572  	s.AttachedPolicies = v
 27573  	return s
 27574  }
 27575  
 27576  // SetIsTruncated sets the IsTruncated field's value.
 27577  func (s *ListAttachedRolePoliciesOutput) SetIsTruncated(v bool) *ListAttachedRolePoliciesOutput {
 27578  	s.IsTruncated = &v
 27579  	return s
 27580  }
 27581  
 27582  // SetMarker sets the Marker field's value.
 27583  func (s *ListAttachedRolePoliciesOutput) SetMarker(v string) *ListAttachedRolePoliciesOutput {
 27584  	s.Marker = &v
 27585  	return s
 27586  }
 27587  
 27588  type ListAttachedUserPoliciesInput struct {
 27589  	_ struct{} `type:"structure"`
 27590  
 27591  	// Use this parameter only when paginating results and only after you receive
 27592  	// a response indicating that the results are truncated. Set it to the value
 27593  	// of the Marker element in the response that you received to indicate where
 27594  	// the next call should start.
 27595  	Marker *string `min:"1" type:"string"`
 27596  
 27597  	// Use this only when paginating results to indicate the maximum number of items
 27598  	// you want in the response. If additional items exist beyond the maximum you
 27599  	// specify, the IsTruncated response element is true.
 27600  	//
 27601  	// If you do not include this parameter, the number of items defaults to 100.
 27602  	// Note that IAM might return fewer results, even when there are more results
 27603  	// available. In that case, the IsTruncated response element returns true, and
 27604  	// Marker contains a value to include in the subsequent call that tells the
 27605  	// service where to continue from.
 27606  	MaxItems *int64 `min:"1" type:"integer"`
 27607  
 27608  	// The path prefix for filtering the results. This parameter is optional. If
 27609  	// it is not included, it defaults to a slash (/), listing all policies.
 27610  	//
 27611  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 27612  	// a string of characters consisting of either a forward slash (/) by itself
 27613  	// or a string that must begin and end with forward slashes. In addition, it
 27614  	// can contain any ASCII character from the ! (\u0021) through the DEL character
 27615  	// (\u007F), including most punctuation characters, digits, and upper and lowercased
 27616  	// letters.
 27617  	PathPrefix *string `min:"1" type:"string"`
 27618  
 27619  	// The name (friendly name, not ARN) of the user to list attached policies for.
 27620  	//
 27621  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 27622  	// a string of characters consisting of upper and lowercase alphanumeric characters
 27623  	// with no spaces. You can also include any of the following characters: _+=,.@-
 27624  	//
 27625  	// UserName is a required field
 27626  	UserName *string `min:"1" type:"string" required:"true"`
 27627  }
 27628  
 27629  // String returns the string representation.
 27630  //
 27631  // API parameter values that are decorated as "sensitive" in the API will not
 27632  // be included in the string output. The member name will be present, but the
 27633  // value will be replaced with "sensitive".
 27634  func (s ListAttachedUserPoliciesInput) String() string {
 27635  	return awsutil.Prettify(s)
 27636  }
 27637  
 27638  // GoString returns the string representation.
 27639  //
 27640  // API parameter values that are decorated as "sensitive" in the API will not
 27641  // be included in the string output. The member name will be present, but the
 27642  // value will be replaced with "sensitive".
 27643  func (s ListAttachedUserPoliciesInput) GoString() string {
 27644  	return s.String()
 27645  }
 27646  
 27647  // Validate inspects the fields of the type to determine if they are valid.
 27648  func (s *ListAttachedUserPoliciesInput) Validate() error {
 27649  	invalidParams := request.ErrInvalidParams{Context: "ListAttachedUserPoliciesInput"}
 27650  	if s.Marker != nil && len(*s.Marker) < 1 {
 27651  		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
 27652  	}
 27653  	if s.MaxItems != nil && *s.MaxItems < 1 {
 27654  		invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1))
 27655  	}
 27656  	if s.PathPrefix != nil && len(*s.PathPrefix) < 1 {
 27657  		invalidParams.Add(request.NewErrParamMinLen("PathPrefix", 1))
 27658  	}
 27659  	if s.UserName == nil {
 27660  		invalidParams.Add(request.NewErrParamRequired("UserName"))
 27661  	}
 27662  	if s.UserName != nil && len(*s.UserName) < 1 {
 27663  		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
 27664  	}
 27665  
 27666  	if invalidParams.Len() > 0 {
 27667  		return invalidParams
 27668  	}
 27669  	return nil
 27670  }
 27671  
 27672  // SetMarker sets the Marker field's value.
 27673  func (s *ListAttachedUserPoliciesInput) SetMarker(v string) *ListAttachedUserPoliciesInput {
 27674  	s.Marker = &v
 27675  	return s
 27676  }
 27677  
 27678  // SetMaxItems sets the MaxItems field's value.
 27679  func (s *ListAttachedUserPoliciesInput) SetMaxItems(v int64) *ListAttachedUserPoliciesInput {
 27680  	s.MaxItems = &v
 27681  	return s
 27682  }
 27683  
 27684  // SetPathPrefix sets the PathPrefix field's value.
 27685  func (s *ListAttachedUserPoliciesInput) SetPathPrefix(v string) *ListAttachedUserPoliciesInput {
 27686  	s.PathPrefix = &v
 27687  	return s
 27688  }
 27689  
 27690  // SetUserName sets the UserName field's value.
 27691  func (s *ListAttachedUserPoliciesInput) SetUserName(v string) *ListAttachedUserPoliciesInput {
 27692  	s.UserName = &v
 27693  	return s
 27694  }
 27695  
 27696  // Contains the response to a successful ListAttachedUserPolicies request.
 27697  type ListAttachedUserPoliciesOutput struct {
 27698  	_ struct{} `type:"structure"`
 27699  
 27700  	// A list of the attached policies.
 27701  	AttachedPolicies []*AttachedPolicy `type:"list"`
 27702  
 27703  	// A flag that indicates whether there are more items to return. If your results
 27704  	// were truncated, you can make a subsequent pagination request using the Marker
 27705  	// request parameter to retrieve more items. Note that IAM might return fewer
 27706  	// than the MaxItems number of results even when there are more results available.
 27707  	// We recommend that you check IsTruncated after every call to ensure that you
 27708  	// receive all your results.
 27709  	IsTruncated *bool `type:"boolean"`
 27710  
 27711  	// When IsTruncated is true, this element is present and contains the value
 27712  	// to use for the Marker parameter in a subsequent pagination request.
 27713  	Marker *string `type:"string"`
 27714  }
 27715  
 27716  // String returns the string representation.
 27717  //
 27718  // API parameter values that are decorated as "sensitive" in the API will not
 27719  // be included in the string output. The member name will be present, but the
 27720  // value will be replaced with "sensitive".
 27721  func (s ListAttachedUserPoliciesOutput) String() string {
 27722  	return awsutil.Prettify(s)
 27723  }
 27724  
 27725  // GoString returns the string representation.
 27726  //
 27727  // API parameter values that are decorated as "sensitive" in the API will not
 27728  // be included in the string output. The member name will be present, but the
 27729  // value will be replaced with "sensitive".
 27730  func (s ListAttachedUserPoliciesOutput) GoString() string {
 27731  	return s.String()
 27732  }
 27733  
 27734  // SetAttachedPolicies sets the AttachedPolicies field's value.
 27735  func (s *ListAttachedUserPoliciesOutput) SetAttachedPolicies(v []*AttachedPolicy) *ListAttachedUserPoliciesOutput {
 27736  	s.AttachedPolicies = v
 27737  	return s
 27738  }
 27739  
 27740  // SetIsTruncated sets the IsTruncated field's value.
 27741  func (s *ListAttachedUserPoliciesOutput) SetIsTruncated(v bool) *ListAttachedUserPoliciesOutput {
 27742  	s.IsTruncated = &v
 27743  	return s
 27744  }
 27745  
 27746  // SetMarker sets the Marker field's value.
 27747  func (s *ListAttachedUserPoliciesOutput) SetMarker(v string) *ListAttachedUserPoliciesOutput {
 27748  	s.Marker = &v
 27749  	return s
 27750  }
 27751  
 27752  type ListEntitiesForPolicyInput struct {
 27753  	_ struct{} `type:"structure"`
 27754  
 27755  	// The entity type to use for filtering the results.
 27756  	//
 27757  	// For example, when EntityFilter is Role, only the roles that are attached
 27758  	// to the specified policy are returned. This parameter is optional. If it is
 27759  	// not included, all attached entities (users, groups, and roles) are returned.
 27760  	// The argument for this parameter must be one of the valid values listed below.
 27761  	EntityFilter *string `type:"string" enum:"EntityType"`
 27762  
 27763  	// Use this parameter only when paginating results and only after you receive
 27764  	// a response indicating that the results are truncated. Set it to the value
 27765  	// of the Marker element in the response that you received to indicate where
 27766  	// the next call should start.
 27767  	Marker *string `min:"1" type:"string"`
 27768  
 27769  	// Use this only when paginating results to indicate the maximum number of items
 27770  	// you want in the response. If additional items exist beyond the maximum you
 27771  	// specify, the IsTruncated response element is true.
 27772  	//
 27773  	// If you do not include this parameter, the number of items defaults to 100.
 27774  	// Note that IAM might return fewer results, even when there are more results
 27775  	// available. In that case, the IsTruncated response element returns true, and
 27776  	// Marker contains a value to include in the subsequent call that tells the
 27777  	// service where to continue from.
 27778  	MaxItems *int64 `min:"1" type:"integer"`
 27779  
 27780  	// The path prefix for filtering the results. This parameter is optional. If
 27781  	// it is not included, it defaults to a slash (/), listing all entities.
 27782  	//
 27783  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 27784  	// a string of characters consisting of either a forward slash (/) by itself
 27785  	// or a string that must begin and end with forward slashes. In addition, it
 27786  	// can contain any ASCII character from the ! (\u0021) through the DEL character
 27787  	// (\u007F), including most punctuation characters, digits, and upper and lowercased
 27788  	// letters.
 27789  	PathPrefix *string `min:"1" type:"string"`
 27790  
 27791  	// The Amazon Resource Name (ARN) of the IAM policy for which you want the versions.
 27792  	//
 27793  	// For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
 27794  	// in the Amazon Web Services General Reference.
 27795  	//
 27796  	// PolicyArn is a required field
 27797  	PolicyArn *string `min:"20" type:"string" required:"true"`
 27798  
 27799  	// The policy usage method to use for filtering the results.
 27800  	//
 27801  	// To list only permissions policies, set PolicyUsageFilter to PermissionsPolicy.
 27802  	// To list only the policies used to set permissions boundaries, set the value
 27803  	// to PermissionsBoundary.
 27804  	//
 27805  	// This parameter is optional. If it is not included, all policies are returned.
 27806  	PolicyUsageFilter *string `type:"string" enum:"PolicyUsageType"`
 27807  }
 27808  
 27809  // String returns the string representation.
 27810  //
 27811  // API parameter values that are decorated as "sensitive" in the API will not
 27812  // be included in the string output. The member name will be present, but the
 27813  // value will be replaced with "sensitive".
 27814  func (s ListEntitiesForPolicyInput) String() string {
 27815  	return awsutil.Prettify(s)
 27816  }
 27817  
 27818  // GoString returns the string representation.
 27819  //
 27820  // API parameter values that are decorated as "sensitive" in the API will not
 27821  // be included in the string output. The member name will be present, but the
 27822  // value will be replaced with "sensitive".
 27823  func (s ListEntitiesForPolicyInput) GoString() string {
 27824  	return s.String()
 27825  }
 27826  
 27827  // Validate inspects the fields of the type to determine if they are valid.
 27828  func (s *ListEntitiesForPolicyInput) Validate() error {
 27829  	invalidParams := request.ErrInvalidParams{Context: "ListEntitiesForPolicyInput"}
 27830  	if s.Marker != nil && len(*s.Marker) < 1 {
 27831  		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
 27832  	}
 27833  	if s.MaxItems != nil && *s.MaxItems < 1 {
 27834  		invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1))
 27835  	}
 27836  	if s.PathPrefix != nil && len(*s.PathPrefix) < 1 {
 27837  		invalidParams.Add(request.NewErrParamMinLen("PathPrefix", 1))
 27838  	}
 27839  	if s.PolicyArn == nil {
 27840  		invalidParams.Add(request.NewErrParamRequired("PolicyArn"))
 27841  	}
 27842  	if s.PolicyArn != nil && len(*s.PolicyArn) < 20 {
 27843  		invalidParams.Add(request.NewErrParamMinLen("PolicyArn", 20))
 27844  	}
 27845  
 27846  	if invalidParams.Len() > 0 {
 27847  		return invalidParams
 27848  	}
 27849  	return nil
 27850  }
 27851  
 27852  // SetEntityFilter sets the EntityFilter field's value.
 27853  func (s *ListEntitiesForPolicyInput) SetEntityFilter(v string) *ListEntitiesForPolicyInput {
 27854  	s.EntityFilter = &v
 27855  	return s
 27856  }
 27857  
 27858  // SetMarker sets the Marker field's value.
 27859  func (s *ListEntitiesForPolicyInput) SetMarker(v string) *ListEntitiesForPolicyInput {
 27860  	s.Marker = &v
 27861  	return s
 27862  }
 27863  
 27864  // SetMaxItems sets the MaxItems field's value.
 27865  func (s *ListEntitiesForPolicyInput) SetMaxItems(v int64) *ListEntitiesForPolicyInput {
 27866  	s.MaxItems = &v
 27867  	return s
 27868  }
 27869  
 27870  // SetPathPrefix sets the PathPrefix field's value.
 27871  func (s *ListEntitiesForPolicyInput) SetPathPrefix(v string) *ListEntitiesForPolicyInput {
 27872  	s.PathPrefix = &v
 27873  	return s
 27874  }
 27875  
 27876  // SetPolicyArn sets the PolicyArn field's value.
 27877  func (s *ListEntitiesForPolicyInput) SetPolicyArn(v string) *ListEntitiesForPolicyInput {
 27878  	s.PolicyArn = &v
 27879  	return s
 27880  }
 27881  
 27882  // SetPolicyUsageFilter sets the PolicyUsageFilter field's value.
 27883  func (s *ListEntitiesForPolicyInput) SetPolicyUsageFilter(v string) *ListEntitiesForPolicyInput {
 27884  	s.PolicyUsageFilter = &v
 27885  	return s
 27886  }
 27887  
 27888  // Contains the response to a successful ListEntitiesForPolicy request.
 27889  type ListEntitiesForPolicyOutput struct {
 27890  	_ struct{} `type:"structure"`
 27891  
 27892  	// A flag that indicates whether there are more items to return. If your results
 27893  	// were truncated, you can make a subsequent pagination request using the Marker
 27894  	// request parameter to retrieve more items. Note that IAM might return fewer
 27895  	// than the MaxItems number of results even when there are more results available.
 27896  	// We recommend that you check IsTruncated after every call to ensure that you
 27897  	// receive all your results.
 27898  	IsTruncated *bool `type:"boolean"`
 27899  
 27900  	// When IsTruncated is true, this element is present and contains the value
 27901  	// to use for the Marker parameter in a subsequent pagination request.
 27902  	Marker *string `type:"string"`
 27903  
 27904  	// A list of IAM groups that the policy is attached to.
 27905  	PolicyGroups []*PolicyGroup `type:"list"`
 27906  
 27907  	// A list of IAM roles that the policy is attached to.
 27908  	PolicyRoles []*PolicyRole `type:"list"`
 27909  
 27910  	// A list of IAM users that the policy is attached to.
 27911  	PolicyUsers []*PolicyUser `type:"list"`
 27912  }
 27913  
 27914  // String returns the string representation.
 27915  //
 27916  // API parameter values that are decorated as "sensitive" in the API will not
 27917  // be included in the string output. The member name will be present, but the
 27918  // value will be replaced with "sensitive".
 27919  func (s ListEntitiesForPolicyOutput) String() string {
 27920  	return awsutil.Prettify(s)
 27921  }
 27922  
 27923  // GoString returns the string representation.
 27924  //
 27925  // API parameter values that are decorated as "sensitive" in the API will not
 27926  // be included in the string output. The member name will be present, but the
 27927  // value will be replaced with "sensitive".
 27928  func (s ListEntitiesForPolicyOutput) GoString() string {
 27929  	return s.String()
 27930  }
 27931  
 27932  // SetIsTruncated sets the IsTruncated field's value.
 27933  func (s *ListEntitiesForPolicyOutput) SetIsTruncated(v bool) *ListEntitiesForPolicyOutput {
 27934  	s.IsTruncated = &v
 27935  	return s
 27936  }
 27937  
 27938  // SetMarker sets the Marker field's value.
 27939  func (s *ListEntitiesForPolicyOutput) SetMarker(v string) *ListEntitiesForPolicyOutput {
 27940  	s.Marker = &v
 27941  	return s
 27942  }
 27943  
 27944  // SetPolicyGroups sets the PolicyGroups field's value.
 27945  func (s *ListEntitiesForPolicyOutput) SetPolicyGroups(v []*PolicyGroup) *ListEntitiesForPolicyOutput {
 27946  	s.PolicyGroups = v
 27947  	return s
 27948  }
 27949  
 27950  // SetPolicyRoles sets the PolicyRoles field's value.
 27951  func (s *ListEntitiesForPolicyOutput) SetPolicyRoles(v []*PolicyRole) *ListEntitiesForPolicyOutput {
 27952  	s.PolicyRoles = v
 27953  	return s
 27954  }
 27955  
 27956  // SetPolicyUsers sets the PolicyUsers field's value.
 27957  func (s *ListEntitiesForPolicyOutput) SetPolicyUsers(v []*PolicyUser) *ListEntitiesForPolicyOutput {
 27958  	s.PolicyUsers = v
 27959  	return s
 27960  }
 27961  
 27962  type ListGroupPoliciesInput struct {
 27963  	_ struct{} `type:"structure"`
 27964  
 27965  	// The name of the group to list policies for.
 27966  	//
 27967  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 27968  	// a string of characters consisting of upper and lowercase alphanumeric characters
 27969  	// with no spaces. You can also include any of the following characters: _+=,.@-
 27970  	//
 27971  	// GroupName is a required field
 27972  	GroupName *string `min:"1" type:"string" required:"true"`
 27973  
 27974  	// Use this parameter only when paginating results and only after you receive
 27975  	// a response indicating that the results are truncated. Set it to the value
 27976  	// of the Marker element in the response that you received to indicate where
 27977  	// the next call should start.
 27978  	Marker *string `min:"1" type:"string"`
 27979  
 27980  	// Use this only when paginating results to indicate the maximum number of items
 27981  	// you want in the response. If additional items exist beyond the maximum you
 27982  	// specify, the IsTruncated response element is true.
 27983  	//
 27984  	// If you do not include this parameter, the number of items defaults to 100.
 27985  	// Note that IAM might return fewer results, even when there are more results
 27986  	// available. In that case, the IsTruncated response element returns true, and
 27987  	// Marker contains a value to include in the subsequent call that tells the
 27988  	// service where to continue from.
 27989  	MaxItems *int64 `min:"1" type:"integer"`
 27990  }
 27991  
 27992  // String returns the string representation.
 27993  //
 27994  // API parameter values that are decorated as "sensitive" in the API will not
 27995  // be included in the string output. The member name will be present, but the
 27996  // value will be replaced with "sensitive".
 27997  func (s ListGroupPoliciesInput) String() string {
 27998  	return awsutil.Prettify(s)
 27999  }
 28000  
 28001  // GoString returns the string representation.
 28002  //
 28003  // API parameter values that are decorated as "sensitive" in the API will not
 28004  // be included in the string output. The member name will be present, but the
 28005  // value will be replaced with "sensitive".
 28006  func (s ListGroupPoliciesInput) GoString() string {
 28007  	return s.String()
 28008  }
 28009  
 28010  // Validate inspects the fields of the type to determine if they are valid.
 28011  func (s *ListGroupPoliciesInput) Validate() error {
 28012  	invalidParams := request.ErrInvalidParams{Context: "ListGroupPoliciesInput"}
 28013  	if s.GroupName == nil {
 28014  		invalidParams.Add(request.NewErrParamRequired("GroupName"))
 28015  	}
 28016  	if s.GroupName != nil && len(*s.GroupName) < 1 {
 28017  		invalidParams.Add(request.NewErrParamMinLen("GroupName", 1))
 28018  	}
 28019  	if s.Marker != nil && len(*s.Marker) < 1 {
 28020  		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
 28021  	}
 28022  	if s.MaxItems != nil && *s.MaxItems < 1 {
 28023  		invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1))
 28024  	}
 28025  
 28026  	if invalidParams.Len() > 0 {
 28027  		return invalidParams
 28028  	}
 28029  	return nil
 28030  }
 28031  
 28032  // SetGroupName sets the GroupName field's value.
 28033  func (s *ListGroupPoliciesInput) SetGroupName(v string) *ListGroupPoliciesInput {
 28034  	s.GroupName = &v
 28035  	return s
 28036  }
 28037  
 28038  // SetMarker sets the Marker field's value.
 28039  func (s *ListGroupPoliciesInput) SetMarker(v string) *ListGroupPoliciesInput {
 28040  	s.Marker = &v
 28041  	return s
 28042  }
 28043  
 28044  // SetMaxItems sets the MaxItems field's value.
 28045  func (s *ListGroupPoliciesInput) SetMaxItems(v int64) *ListGroupPoliciesInput {
 28046  	s.MaxItems = &v
 28047  	return s
 28048  }
 28049  
 28050  // Contains the response to a successful ListGroupPolicies request.
 28051  type ListGroupPoliciesOutput struct {
 28052  	_ struct{} `type:"structure"`
 28053  
 28054  	// A flag that indicates whether there are more items to return. If your results
 28055  	// were truncated, you can make a subsequent pagination request using the Marker
 28056  	// request parameter to retrieve more items. Note that IAM might return fewer
 28057  	// than the MaxItems number of results even when there are more results available.
 28058  	// We recommend that you check IsTruncated after every call to ensure that you
 28059  	// receive all your results.
 28060  	IsTruncated *bool `type:"boolean"`
 28061  
 28062  	// When IsTruncated is true, this element is present and contains the value
 28063  	// to use for the Marker parameter in a subsequent pagination request.
 28064  	Marker *string `type:"string"`
 28065  
 28066  	// A list of policy names.
 28067  	//
 28068  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 28069  	// a string of characters consisting of upper and lowercase alphanumeric characters
 28070  	// with no spaces. You can also include any of the following characters: _+=,.@-
 28071  	//
 28072  	// PolicyNames is a required field
 28073  	PolicyNames []*string `type:"list" required:"true"`
 28074  }
 28075  
 28076  // String returns the string representation.
 28077  //
 28078  // API parameter values that are decorated as "sensitive" in the API will not
 28079  // be included in the string output. The member name will be present, but the
 28080  // value will be replaced with "sensitive".
 28081  func (s ListGroupPoliciesOutput) String() string {
 28082  	return awsutil.Prettify(s)
 28083  }
 28084  
 28085  // GoString returns the string representation.
 28086  //
 28087  // API parameter values that are decorated as "sensitive" in the API will not
 28088  // be included in the string output. The member name will be present, but the
 28089  // value will be replaced with "sensitive".
 28090  func (s ListGroupPoliciesOutput) GoString() string {
 28091  	return s.String()
 28092  }
 28093  
 28094  // SetIsTruncated sets the IsTruncated field's value.
 28095  func (s *ListGroupPoliciesOutput) SetIsTruncated(v bool) *ListGroupPoliciesOutput {
 28096  	s.IsTruncated = &v
 28097  	return s
 28098  }
 28099  
 28100  // SetMarker sets the Marker field's value.
 28101  func (s *ListGroupPoliciesOutput) SetMarker(v string) *ListGroupPoliciesOutput {
 28102  	s.Marker = &v
 28103  	return s
 28104  }
 28105  
 28106  // SetPolicyNames sets the PolicyNames field's value.
 28107  func (s *ListGroupPoliciesOutput) SetPolicyNames(v []*string) *ListGroupPoliciesOutput {
 28108  	s.PolicyNames = v
 28109  	return s
 28110  }
 28111  
 28112  type ListGroupsForUserInput struct {
 28113  	_ struct{} `type:"structure"`
 28114  
 28115  	// Use this parameter only when paginating results and only after you receive
 28116  	// a response indicating that the results are truncated. Set it to the value
 28117  	// of the Marker element in the response that you received to indicate where
 28118  	// the next call should start.
 28119  	Marker *string `min:"1" type:"string"`
 28120  
 28121  	// Use this only when paginating results to indicate the maximum number of items
 28122  	// you want in the response. If additional items exist beyond the maximum you
 28123  	// specify, the IsTruncated response element is true.
 28124  	//
 28125  	// If you do not include this parameter, the number of items defaults to 100.
 28126  	// Note that IAM might return fewer results, even when there are more results
 28127  	// available. In that case, the IsTruncated response element returns true, and
 28128  	// Marker contains a value to include in the subsequent call that tells the
 28129  	// service where to continue from.
 28130  	MaxItems *int64 `min:"1" type:"integer"`
 28131  
 28132  	// The name of the user to list groups for.
 28133  	//
 28134  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 28135  	// a string of characters consisting of upper and lowercase alphanumeric characters
 28136  	// with no spaces. You can also include any of the following characters: _+=,.@-
 28137  	//
 28138  	// UserName is a required field
 28139  	UserName *string `min:"1" type:"string" required:"true"`
 28140  }
 28141  
 28142  // String returns the string representation.
 28143  //
 28144  // API parameter values that are decorated as "sensitive" in the API will not
 28145  // be included in the string output. The member name will be present, but the
 28146  // value will be replaced with "sensitive".
 28147  func (s ListGroupsForUserInput) String() string {
 28148  	return awsutil.Prettify(s)
 28149  }
 28150  
 28151  // GoString returns the string representation.
 28152  //
 28153  // API parameter values that are decorated as "sensitive" in the API will not
 28154  // be included in the string output. The member name will be present, but the
 28155  // value will be replaced with "sensitive".
 28156  func (s ListGroupsForUserInput) GoString() string {
 28157  	return s.String()
 28158  }
 28159  
 28160  // Validate inspects the fields of the type to determine if they are valid.
 28161  func (s *ListGroupsForUserInput) Validate() error {
 28162  	invalidParams := request.ErrInvalidParams{Context: "ListGroupsForUserInput"}
 28163  	if s.Marker != nil && len(*s.Marker) < 1 {
 28164  		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
 28165  	}
 28166  	if s.MaxItems != nil && *s.MaxItems < 1 {
 28167  		invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1))
 28168  	}
 28169  	if s.UserName == nil {
 28170  		invalidParams.Add(request.NewErrParamRequired("UserName"))
 28171  	}
 28172  	if s.UserName != nil && len(*s.UserName) < 1 {
 28173  		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
 28174  	}
 28175  
 28176  	if invalidParams.Len() > 0 {
 28177  		return invalidParams
 28178  	}
 28179  	return nil
 28180  }
 28181  
 28182  // SetMarker sets the Marker field's value.
 28183  func (s *ListGroupsForUserInput) SetMarker(v string) *ListGroupsForUserInput {
 28184  	s.Marker = &v
 28185  	return s
 28186  }
 28187  
 28188  // SetMaxItems sets the MaxItems field's value.
 28189  func (s *ListGroupsForUserInput) SetMaxItems(v int64) *ListGroupsForUserInput {
 28190  	s.MaxItems = &v
 28191  	return s
 28192  }
 28193  
 28194  // SetUserName sets the UserName field's value.
 28195  func (s *ListGroupsForUserInput) SetUserName(v string) *ListGroupsForUserInput {
 28196  	s.UserName = &v
 28197  	return s
 28198  }
 28199  
 28200  // Contains the response to a successful ListGroupsForUser request.
 28201  type ListGroupsForUserOutput struct {
 28202  	_ struct{} `type:"structure"`
 28203  
 28204  	// A list of groups.
 28205  	//
 28206  	// Groups is a required field
 28207  	Groups []*Group `type:"list" required:"true"`
 28208  
 28209  	// A flag that indicates whether there are more items to return. If your results
 28210  	// were truncated, you can make a subsequent pagination request using the Marker
 28211  	// request parameter to retrieve more items. Note that IAM might return fewer
 28212  	// than the MaxItems number of results even when there are more results available.
 28213  	// We recommend that you check IsTruncated after every call to ensure that you
 28214  	// receive all your results.
 28215  	IsTruncated *bool `type:"boolean"`
 28216  
 28217  	// When IsTruncated is true, this element is present and contains the value
 28218  	// to use for the Marker parameter in a subsequent pagination request.
 28219  	Marker *string `type:"string"`
 28220  }
 28221  
 28222  // String returns the string representation.
 28223  //
 28224  // API parameter values that are decorated as "sensitive" in the API will not
 28225  // be included in the string output. The member name will be present, but the
 28226  // value will be replaced with "sensitive".
 28227  func (s ListGroupsForUserOutput) String() string {
 28228  	return awsutil.Prettify(s)
 28229  }
 28230  
 28231  // GoString returns the string representation.
 28232  //
 28233  // API parameter values that are decorated as "sensitive" in the API will not
 28234  // be included in the string output. The member name will be present, but the
 28235  // value will be replaced with "sensitive".
 28236  func (s ListGroupsForUserOutput) GoString() string {
 28237  	return s.String()
 28238  }
 28239  
 28240  // SetGroups sets the Groups field's value.
 28241  func (s *ListGroupsForUserOutput) SetGroups(v []*Group) *ListGroupsForUserOutput {
 28242  	s.Groups = v
 28243  	return s
 28244  }
 28245  
 28246  // SetIsTruncated sets the IsTruncated field's value.
 28247  func (s *ListGroupsForUserOutput) SetIsTruncated(v bool) *ListGroupsForUserOutput {
 28248  	s.IsTruncated = &v
 28249  	return s
 28250  }
 28251  
 28252  // SetMarker sets the Marker field's value.
 28253  func (s *ListGroupsForUserOutput) SetMarker(v string) *ListGroupsForUserOutput {
 28254  	s.Marker = &v
 28255  	return s
 28256  }
 28257  
 28258  type ListGroupsInput struct {
 28259  	_ struct{} `type:"structure"`
 28260  
 28261  	// Use this parameter only when paginating results and only after you receive
 28262  	// a response indicating that the results are truncated. Set it to the value
 28263  	// of the Marker element in the response that you received to indicate where
 28264  	// the next call should start.
 28265  	Marker *string `min:"1" type:"string"`
 28266  
 28267  	// Use this only when paginating results to indicate the maximum number of items
 28268  	// you want in the response. If additional items exist beyond the maximum you
 28269  	// specify, the IsTruncated response element is true.
 28270  	//
 28271  	// If you do not include this parameter, the number of items defaults to 100.
 28272  	// Note that IAM might return fewer results, even when there are more results
 28273  	// available. In that case, the IsTruncated response element returns true, and
 28274  	// Marker contains a value to include in the subsequent call that tells the
 28275  	// service where to continue from.
 28276  	MaxItems *int64 `min:"1" type:"integer"`
 28277  
 28278  	// The path prefix for filtering the results. For example, the prefix /division_abc/subdivision_xyz/
 28279  	// gets all groups whose path starts with /division_abc/subdivision_xyz/.
 28280  	//
 28281  	// This parameter is optional. If it is not included, it defaults to a slash
 28282  	// (/), listing all groups. This parameter allows (through its regex pattern
 28283  	// (http://wikipedia.org/wiki/regex)) a string of characters consisting of either
 28284  	// a forward slash (/) by itself or a string that must begin and end with forward
 28285  	// slashes. In addition, it can contain any ASCII character from the ! (\u0021)
 28286  	// through the DEL character (\u007F), including most punctuation characters,
 28287  	// digits, and upper and lowercased letters.
 28288  	PathPrefix *string `min:"1" type:"string"`
 28289  }
 28290  
 28291  // String returns the string representation.
 28292  //
 28293  // API parameter values that are decorated as "sensitive" in the API will not
 28294  // be included in the string output. The member name will be present, but the
 28295  // value will be replaced with "sensitive".
 28296  func (s ListGroupsInput) String() string {
 28297  	return awsutil.Prettify(s)
 28298  }
 28299  
 28300  // GoString returns the string representation.
 28301  //
 28302  // API parameter values that are decorated as "sensitive" in the API will not
 28303  // be included in the string output. The member name will be present, but the
 28304  // value will be replaced with "sensitive".
 28305  func (s ListGroupsInput) GoString() string {
 28306  	return s.String()
 28307  }
 28308  
 28309  // Validate inspects the fields of the type to determine if they are valid.
 28310  func (s *ListGroupsInput) Validate() error {
 28311  	invalidParams := request.ErrInvalidParams{Context: "ListGroupsInput"}
 28312  	if s.Marker != nil && len(*s.Marker) < 1 {
 28313  		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
 28314  	}
 28315  	if s.MaxItems != nil && *s.MaxItems < 1 {
 28316  		invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1))
 28317  	}
 28318  	if s.PathPrefix != nil && len(*s.PathPrefix) < 1 {
 28319  		invalidParams.Add(request.NewErrParamMinLen("PathPrefix", 1))
 28320  	}
 28321  
 28322  	if invalidParams.Len() > 0 {
 28323  		return invalidParams
 28324  	}
 28325  	return nil
 28326  }
 28327  
 28328  // SetMarker sets the Marker field's value.
 28329  func (s *ListGroupsInput) SetMarker(v string) *ListGroupsInput {
 28330  	s.Marker = &v
 28331  	return s
 28332  }
 28333  
 28334  // SetMaxItems sets the MaxItems field's value.
 28335  func (s *ListGroupsInput) SetMaxItems(v int64) *ListGroupsInput {
 28336  	s.MaxItems = &v
 28337  	return s
 28338  }
 28339  
 28340  // SetPathPrefix sets the PathPrefix field's value.
 28341  func (s *ListGroupsInput) SetPathPrefix(v string) *ListGroupsInput {
 28342  	s.PathPrefix = &v
 28343  	return s
 28344  }
 28345  
 28346  // Contains the response to a successful ListGroups request.
 28347  type ListGroupsOutput struct {
 28348  	_ struct{} `type:"structure"`
 28349  
 28350  	// A list of groups.
 28351  	//
 28352  	// Groups is a required field
 28353  	Groups []*Group `type:"list" required:"true"`
 28354  
 28355  	// A flag that indicates whether there are more items to return. If your results
 28356  	// were truncated, you can make a subsequent pagination request using the Marker
 28357  	// request parameter to retrieve more items. Note that IAM might return fewer
 28358  	// than the MaxItems number of results even when there are more results available.
 28359  	// We recommend that you check IsTruncated after every call to ensure that you
 28360  	// receive all your results.
 28361  	IsTruncated *bool `type:"boolean"`
 28362  
 28363  	// When IsTruncated is true, this element is present and contains the value
 28364  	// to use for the Marker parameter in a subsequent pagination request.
 28365  	Marker *string `type:"string"`
 28366  }
 28367  
 28368  // String returns the string representation.
 28369  //
 28370  // API parameter values that are decorated as "sensitive" in the API will not
 28371  // be included in the string output. The member name will be present, but the
 28372  // value will be replaced with "sensitive".
 28373  func (s ListGroupsOutput) String() string {
 28374  	return awsutil.Prettify(s)
 28375  }
 28376  
 28377  // GoString returns the string representation.
 28378  //
 28379  // API parameter values that are decorated as "sensitive" in the API will not
 28380  // be included in the string output. The member name will be present, but the
 28381  // value will be replaced with "sensitive".
 28382  func (s ListGroupsOutput) GoString() string {
 28383  	return s.String()
 28384  }
 28385  
 28386  // SetGroups sets the Groups field's value.
 28387  func (s *ListGroupsOutput) SetGroups(v []*Group) *ListGroupsOutput {
 28388  	s.Groups = v
 28389  	return s
 28390  }
 28391  
 28392  // SetIsTruncated sets the IsTruncated field's value.
 28393  func (s *ListGroupsOutput) SetIsTruncated(v bool) *ListGroupsOutput {
 28394  	s.IsTruncated = &v
 28395  	return s
 28396  }
 28397  
 28398  // SetMarker sets the Marker field's value.
 28399  func (s *ListGroupsOutput) SetMarker(v string) *ListGroupsOutput {
 28400  	s.Marker = &v
 28401  	return s
 28402  }
 28403  
 28404  type ListInstanceProfileTagsInput struct {
 28405  	_ struct{} `type:"structure"`
 28406  
 28407  	// The name of the IAM instance profile whose tags you want to see.
 28408  	//
 28409  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 28410  	// a string of characters consisting of upper and lowercase alphanumeric characters
 28411  	// with no spaces. You can also include any of the following characters: _+=,.@-
 28412  	//
 28413  	// InstanceProfileName is a required field
 28414  	InstanceProfileName *string `min:"1" type:"string" required:"true"`
 28415  
 28416  	// Use this parameter only when paginating results and only after you receive
 28417  	// a response indicating that the results are truncated. Set it to the value
 28418  	// of the Marker element in the response that you received to indicate where
 28419  	// the next call should start.
 28420  	Marker *string `min:"1" type:"string"`
 28421  
 28422  	// Use this only when paginating results to indicate the maximum number of items
 28423  	// you want in the response. If additional items exist beyond the maximum you
 28424  	// specify, the IsTruncated response element is true.
 28425  	//
 28426  	// If you do not include this parameter, the number of items defaults to 100.
 28427  	// Note that IAM might return fewer results, even when there are more results
 28428  	// available. In that case, the IsTruncated response element returns true, and
 28429  	// Marker contains a value to include in the subsequent call that tells the
 28430  	// service where to continue from.
 28431  	MaxItems *int64 `min:"1" type:"integer"`
 28432  }
 28433  
 28434  // String returns the string representation.
 28435  //
 28436  // API parameter values that are decorated as "sensitive" in the API will not
 28437  // be included in the string output. The member name will be present, but the
 28438  // value will be replaced with "sensitive".
 28439  func (s ListInstanceProfileTagsInput) String() string {
 28440  	return awsutil.Prettify(s)
 28441  }
 28442  
 28443  // GoString returns the string representation.
 28444  //
 28445  // API parameter values that are decorated as "sensitive" in the API will not
 28446  // be included in the string output. The member name will be present, but the
 28447  // value will be replaced with "sensitive".
 28448  func (s ListInstanceProfileTagsInput) GoString() string {
 28449  	return s.String()
 28450  }
 28451  
 28452  // Validate inspects the fields of the type to determine if they are valid.
 28453  func (s *ListInstanceProfileTagsInput) Validate() error {
 28454  	invalidParams := request.ErrInvalidParams{Context: "ListInstanceProfileTagsInput"}
 28455  	if s.InstanceProfileName == nil {
 28456  		invalidParams.Add(request.NewErrParamRequired("InstanceProfileName"))
 28457  	}
 28458  	if s.InstanceProfileName != nil && len(*s.InstanceProfileName) < 1 {
 28459  		invalidParams.Add(request.NewErrParamMinLen("InstanceProfileName", 1))
 28460  	}
 28461  	if s.Marker != nil && len(*s.Marker) < 1 {
 28462  		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
 28463  	}
 28464  	if s.MaxItems != nil && *s.MaxItems < 1 {
 28465  		invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1))
 28466  	}
 28467  
 28468  	if invalidParams.Len() > 0 {
 28469  		return invalidParams
 28470  	}
 28471  	return nil
 28472  }
 28473  
 28474  // SetInstanceProfileName sets the InstanceProfileName field's value.
 28475  func (s *ListInstanceProfileTagsInput) SetInstanceProfileName(v string) *ListInstanceProfileTagsInput {
 28476  	s.InstanceProfileName = &v
 28477  	return s
 28478  }
 28479  
 28480  // SetMarker sets the Marker field's value.
 28481  func (s *ListInstanceProfileTagsInput) SetMarker(v string) *ListInstanceProfileTagsInput {
 28482  	s.Marker = &v
 28483  	return s
 28484  }
 28485  
 28486  // SetMaxItems sets the MaxItems field's value.
 28487  func (s *ListInstanceProfileTagsInput) SetMaxItems(v int64) *ListInstanceProfileTagsInput {
 28488  	s.MaxItems = &v
 28489  	return s
 28490  }
 28491  
 28492  type ListInstanceProfileTagsOutput struct {
 28493  	_ struct{} `type:"structure"`
 28494  
 28495  	// A flag that indicates whether there are more items to return. If your results
 28496  	// were truncated, you can make a subsequent pagination request using the Marker
 28497  	// request parameter to retrieve more items. Note that IAM might return fewer
 28498  	// than the MaxItems number of results even when there are more results available.
 28499  	// We recommend that you check IsTruncated after every call to ensure that you
 28500  	// receive all your results.
 28501  	IsTruncated *bool `type:"boolean"`
 28502  
 28503  	// When IsTruncated is true, this element is present and contains the value
 28504  	// to use for the Marker parameter in a subsequent pagination request.
 28505  	Marker *string `type:"string"`
 28506  
 28507  	// The list of tags that are currently attached to the IAM instance profile.
 28508  	// Each tag consists of a key name and an associated value. If no tags are attached
 28509  	// to the specified resource, the response contains an empty list.
 28510  	//
 28511  	// Tags is a required field
 28512  	Tags []*Tag `type:"list" required:"true"`
 28513  }
 28514  
 28515  // String returns the string representation.
 28516  //
 28517  // API parameter values that are decorated as "sensitive" in the API will not
 28518  // be included in the string output. The member name will be present, but the
 28519  // value will be replaced with "sensitive".
 28520  func (s ListInstanceProfileTagsOutput) String() string {
 28521  	return awsutil.Prettify(s)
 28522  }
 28523  
 28524  // GoString returns the string representation.
 28525  //
 28526  // API parameter values that are decorated as "sensitive" in the API will not
 28527  // be included in the string output. The member name will be present, but the
 28528  // value will be replaced with "sensitive".
 28529  func (s ListInstanceProfileTagsOutput) GoString() string {
 28530  	return s.String()
 28531  }
 28532  
 28533  // SetIsTruncated sets the IsTruncated field's value.
 28534  func (s *ListInstanceProfileTagsOutput) SetIsTruncated(v bool) *ListInstanceProfileTagsOutput {
 28535  	s.IsTruncated = &v
 28536  	return s
 28537  }
 28538  
 28539  // SetMarker sets the Marker field's value.
 28540  func (s *ListInstanceProfileTagsOutput) SetMarker(v string) *ListInstanceProfileTagsOutput {
 28541  	s.Marker = &v
 28542  	return s
 28543  }
 28544  
 28545  // SetTags sets the Tags field's value.
 28546  func (s *ListInstanceProfileTagsOutput) SetTags(v []*Tag) *ListInstanceProfileTagsOutput {
 28547  	s.Tags = v
 28548  	return s
 28549  }
 28550  
 28551  type ListInstanceProfilesForRoleInput struct {
 28552  	_ struct{} `type:"structure"`
 28553  
 28554  	// Use this parameter only when paginating results and only after you receive
 28555  	// a response indicating that the results are truncated. Set it to the value
 28556  	// of the Marker element in the response that you received to indicate where
 28557  	// the next call should start.
 28558  	Marker *string `min:"1" type:"string"`
 28559  
 28560  	// Use this only when paginating results to indicate the maximum number of items
 28561  	// you want in the response. If additional items exist beyond the maximum you
 28562  	// specify, the IsTruncated response element is true.
 28563  	//
 28564  	// If you do not include this parameter, the number of items defaults to 100.
 28565  	// Note that IAM might return fewer results, even when there are more results
 28566  	// available. In that case, the IsTruncated response element returns true, and
 28567  	// Marker contains a value to include in the subsequent call that tells the
 28568  	// service where to continue from.
 28569  	MaxItems *int64 `min:"1" type:"integer"`
 28570  
 28571  	// The name of the role to list instance profiles for.
 28572  	//
 28573  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 28574  	// a string of characters consisting of upper and lowercase alphanumeric characters
 28575  	// with no spaces. You can also include any of the following characters: _+=,.@-
 28576  	//
 28577  	// RoleName is a required field
 28578  	RoleName *string `min:"1" type:"string" required:"true"`
 28579  }
 28580  
 28581  // String returns the string representation.
 28582  //
 28583  // API parameter values that are decorated as "sensitive" in the API will not
 28584  // be included in the string output. The member name will be present, but the
 28585  // value will be replaced with "sensitive".
 28586  func (s ListInstanceProfilesForRoleInput) String() string {
 28587  	return awsutil.Prettify(s)
 28588  }
 28589  
 28590  // GoString returns the string representation.
 28591  //
 28592  // API parameter values that are decorated as "sensitive" in the API will not
 28593  // be included in the string output. The member name will be present, but the
 28594  // value will be replaced with "sensitive".
 28595  func (s ListInstanceProfilesForRoleInput) GoString() string {
 28596  	return s.String()
 28597  }
 28598  
 28599  // Validate inspects the fields of the type to determine if they are valid.
 28600  func (s *ListInstanceProfilesForRoleInput) Validate() error {
 28601  	invalidParams := request.ErrInvalidParams{Context: "ListInstanceProfilesForRoleInput"}
 28602  	if s.Marker != nil && len(*s.Marker) < 1 {
 28603  		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
 28604  	}
 28605  	if s.MaxItems != nil && *s.MaxItems < 1 {
 28606  		invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1))
 28607  	}
 28608  	if s.RoleName == nil {
 28609  		invalidParams.Add(request.NewErrParamRequired("RoleName"))
 28610  	}
 28611  	if s.RoleName != nil && len(*s.RoleName) < 1 {
 28612  		invalidParams.Add(request.NewErrParamMinLen("RoleName", 1))
 28613  	}
 28614  
 28615  	if invalidParams.Len() > 0 {
 28616  		return invalidParams
 28617  	}
 28618  	return nil
 28619  }
 28620  
 28621  // SetMarker sets the Marker field's value.
 28622  func (s *ListInstanceProfilesForRoleInput) SetMarker(v string) *ListInstanceProfilesForRoleInput {
 28623  	s.Marker = &v
 28624  	return s
 28625  }
 28626  
 28627  // SetMaxItems sets the MaxItems field's value.
 28628  func (s *ListInstanceProfilesForRoleInput) SetMaxItems(v int64) *ListInstanceProfilesForRoleInput {
 28629  	s.MaxItems = &v
 28630  	return s
 28631  }
 28632  
 28633  // SetRoleName sets the RoleName field's value.
 28634  func (s *ListInstanceProfilesForRoleInput) SetRoleName(v string) *ListInstanceProfilesForRoleInput {
 28635  	s.RoleName = &v
 28636  	return s
 28637  }
 28638  
 28639  // Contains the response to a successful ListInstanceProfilesForRole request.
 28640  type ListInstanceProfilesForRoleOutput struct {
 28641  	_ struct{} `type:"structure"`
 28642  
 28643  	// A list of instance profiles.
 28644  	//
 28645  	// InstanceProfiles is a required field
 28646  	InstanceProfiles []*InstanceProfile `type:"list" required:"true"`
 28647  
 28648  	// A flag that indicates whether there are more items to return. If your results
 28649  	// were truncated, you can make a subsequent pagination request using the Marker
 28650  	// request parameter to retrieve more items. Note that IAM might return fewer
 28651  	// than the MaxItems number of results even when there are more results available.
 28652  	// We recommend that you check IsTruncated after every call to ensure that you
 28653  	// receive all your results.
 28654  	IsTruncated *bool `type:"boolean"`
 28655  
 28656  	// When IsTruncated is true, this element is present and contains the value
 28657  	// to use for the Marker parameter in a subsequent pagination request.
 28658  	Marker *string `type:"string"`
 28659  }
 28660  
 28661  // String returns the string representation.
 28662  //
 28663  // API parameter values that are decorated as "sensitive" in the API will not
 28664  // be included in the string output. The member name will be present, but the
 28665  // value will be replaced with "sensitive".
 28666  func (s ListInstanceProfilesForRoleOutput) String() string {
 28667  	return awsutil.Prettify(s)
 28668  }
 28669  
 28670  // GoString returns the string representation.
 28671  //
 28672  // API parameter values that are decorated as "sensitive" in the API will not
 28673  // be included in the string output. The member name will be present, but the
 28674  // value will be replaced with "sensitive".
 28675  func (s ListInstanceProfilesForRoleOutput) GoString() string {
 28676  	return s.String()
 28677  }
 28678  
 28679  // SetInstanceProfiles sets the InstanceProfiles field's value.
 28680  func (s *ListInstanceProfilesForRoleOutput) SetInstanceProfiles(v []*InstanceProfile) *ListInstanceProfilesForRoleOutput {
 28681  	s.InstanceProfiles = v
 28682  	return s
 28683  }
 28684  
 28685  // SetIsTruncated sets the IsTruncated field's value.
 28686  func (s *ListInstanceProfilesForRoleOutput) SetIsTruncated(v bool) *ListInstanceProfilesForRoleOutput {
 28687  	s.IsTruncated = &v
 28688  	return s
 28689  }
 28690  
 28691  // SetMarker sets the Marker field's value.
 28692  func (s *ListInstanceProfilesForRoleOutput) SetMarker(v string) *ListInstanceProfilesForRoleOutput {
 28693  	s.Marker = &v
 28694  	return s
 28695  }
 28696  
 28697  type ListInstanceProfilesInput struct {
 28698  	_ struct{} `type:"structure"`
 28699  
 28700  	// Use this parameter only when paginating results and only after you receive
 28701  	// a response indicating that the results are truncated. Set it to the value
 28702  	// of the Marker element in the response that you received to indicate where
 28703  	// the next call should start.
 28704  	Marker *string `min:"1" type:"string"`
 28705  
 28706  	// Use this only when paginating results to indicate the maximum number of items
 28707  	// you want in the response. If additional items exist beyond the maximum you
 28708  	// specify, the IsTruncated response element is true.
 28709  	//
 28710  	// If you do not include this parameter, the number of items defaults to 100.
 28711  	// Note that IAM might return fewer results, even when there are more results
 28712  	// available. In that case, the IsTruncated response element returns true, and
 28713  	// Marker contains a value to include in the subsequent call that tells the
 28714  	// service where to continue from.
 28715  	MaxItems *int64 `min:"1" type:"integer"`
 28716  
 28717  	// The path prefix for filtering the results. For example, the prefix /application_abc/component_xyz/
 28718  	// gets all instance profiles whose path starts with /application_abc/component_xyz/.
 28719  	//
 28720  	// This parameter is optional. If it is not included, it defaults to a slash
 28721  	// (/), listing all instance profiles. This parameter allows (through its regex
 28722  	// pattern (http://wikipedia.org/wiki/regex)) a string of characters consisting
 28723  	// of either a forward slash (/) by itself or a string that must begin and end
 28724  	// with forward slashes. In addition, it can contain any ASCII character from
 28725  	// the ! (\u0021) through the DEL character (\u007F), including most punctuation
 28726  	// characters, digits, and upper and lowercased letters.
 28727  	PathPrefix *string `min:"1" type:"string"`
 28728  }
 28729  
 28730  // String returns the string representation.
 28731  //
 28732  // API parameter values that are decorated as "sensitive" in the API will not
 28733  // be included in the string output. The member name will be present, but the
 28734  // value will be replaced with "sensitive".
 28735  func (s ListInstanceProfilesInput) String() string {
 28736  	return awsutil.Prettify(s)
 28737  }
 28738  
 28739  // GoString returns the string representation.
 28740  //
 28741  // API parameter values that are decorated as "sensitive" in the API will not
 28742  // be included in the string output. The member name will be present, but the
 28743  // value will be replaced with "sensitive".
 28744  func (s ListInstanceProfilesInput) GoString() string {
 28745  	return s.String()
 28746  }
 28747  
 28748  // Validate inspects the fields of the type to determine if they are valid.
 28749  func (s *ListInstanceProfilesInput) Validate() error {
 28750  	invalidParams := request.ErrInvalidParams{Context: "ListInstanceProfilesInput"}
 28751  	if s.Marker != nil && len(*s.Marker) < 1 {
 28752  		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
 28753  	}
 28754  	if s.MaxItems != nil && *s.MaxItems < 1 {
 28755  		invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1))
 28756  	}
 28757  	if s.PathPrefix != nil && len(*s.PathPrefix) < 1 {
 28758  		invalidParams.Add(request.NewErrParamMinLen("PathPrefix", 1))
 28759  	}
 28760  
 28761  	if invalidParams.Len() > 0 {
 28762  		return invalidParams
 28763  	}
 28764  	return nil
 28765  }
 28766  
 28767  // SetMarker sets the Marker field's value.
 28768  func (s *ListInstanceProfilesInput) SetMarker(v string) *ListInstanceProfilesInput {
 28769  	s.Marker = &v
 28770  	return s
 28771  }
 28772  
 28773  // SetMaxItems sets the MaxItems field's value.
 28774  func (s *ListInstanceProfilesInput) SetMaxItems(v int64) *ListInstanceProfilesInput {
 28775  	s.MaxItems = &v
 28776  	return s
 28777  }
 28778  
 28779  // SetPathPrefix sets the PathPrefix field's value.
 28780  func (s *ListInstanceProfilesInput) SetPathPrefix(v string) *ListInstanceProfilesInput {
 28781  	s.PathPrefix = &v
 28782  	return s
 28783  }
 28784  
 28785  // Contains the response to a successful ListInstanceProfiles request.
 28786  type ListInstanceProfilesOutput struct {
 28787  	_ struct{} `type:"structure"`
 28788  
 28789  	// A list of instance profiles.
 28790  	//
 28791  	// InstanceProfiles is a required field
 28792  	InstanceProfiles []*InstanceProfile `type:"list" required:"true"`
 28793  
 28794  	// A flag that indicates whether there are more items to return. If your results
 28795  	// were truncated, you can make a subsequent pagination request using the Marker
 28796  	// request parameter to retrieve more items. Note that IAM might return fewer
 28797  	// than the MaxItems number of results even when there are more results available.
 28798  	// We recommend that you check IsTruncated after every call to ensure that you
 28799  	// receive all your results.
 28800  	IsTruncated *bool `type:"boolean"`
 28801  
 28802  	// When IsTruncated is true, this element is present and contains the value
 28803  	// to use for the Marker parameter in a subsequent pagination request.
 28804  	Marker *string `type:"string"`
 28805  }
 28806  
 28807  // String returns the string representation.
 28808  //
 28809  // API parameter values that are decorated as "sensitive" in the API will not
 28810  // be included in the string output. The member name will be present, but the
 28811  // value will be replaced with "sensitive".
 28812  func (s ListInstanceProfilesOutput) String() string {
 28813  	return awsutil.Prettify(s)
 28814  }
 28815  
 28816  // GoString returns the string representation.
 28817  //
 28818  // API parameter values that are decorated as "sensitive" in the API will not
 28819  // be included in the string output. The member name will be present, but the
 28820  // value will be replaced with "sensitive".
 28821  func (s ListInstanceProfilesOutput) GoString() string {
 28822  	return s.String()
 28823  }
 28824  
 28825  // SetInstanceProfiles sets the InstanceProfiles field's value.
 28826  func (s *ListInstanceProfilesOutput) SetInstanceProfiles(v []*InstanceProfile) *ListInstanceProfilesOutput {
 28827  	s.InstanceProfiles = v
 28828  	return s
 28829  }
 28830  
 28831  // SetIsTruncated sets the IsTruncated field's value.
 28832  func (s *ListInstanceProfilesOutput) SetIsTruncated(v bool) *ListInstanceProfilesOutput {
 28833  	s.IsTruncated = &v
 28834  	return s
 28835  }
 28836  
 28837  // SetMarker sets the Marker field's value.
 28838  func (s *ListInstanceProfilesOutput) SetMarker(v string) *ListInstanceProfilesOutput {
 28839  	s.Marker = &v
 28840  	return s
 28841  }
 28842  
 28843  type ListMFADeviceTagsInput struct {
 28844  	_ struct{} `type:"structure"`
 28845  
 28846  	// Use this parameter only when paginating results and only after you receive
 28847  	// a response indicating that the results are truncated. Set it to the value
 28848  	// of the Marker element in the response that you received to indicate where
 28849  	// the next call should start.
 28850  	Marker *string `min:"1" type:"string"`
 28851  
 28852  	// Use this only when paginating results to indicate the maximum number of items
 28853  	// you want in the response. If additional items exist beyond the maximum you
 28854  	// specify, the IsTruncated response element is true.
 28855  	//
 28856  	// If you do not include this parameter, the number of items defaults to 100.
 28857  	// Note that IAM might return fewer results, even when there are more results
 28858  	// available. In that case, the IsTruncated response element returns true, and
 28859  	// Marker contains a value to include in the subsequent call that tells the
 28860  	// service where to continue from.
 28861  	MaxItems *int64 `min:"1" type:"integer"`
 28862  
 28863  	// The unique identifier for the IAM virtual MFA device whose tags you want
 28864  	// to see. For virtual MFA devices, the serial number is the same as the ARN.
 28865  	//
 28866  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 28867  	// a string of characters consisting of upper and lowercase alphanumeric characters
 28868  	// with no spaces. You can also include any of the following characters: _+=,.@-
 28869  	//
 28870  	// SerialNumber is a required field
 28871  	SerialNumber *string `min:"9" type:"string" required:"true"`
 28872  }
 28873  
 28874  // String returns the string representation.
 28875  //
 28876  // API parameter values that are decorated as "sensitive" in the API will not
 28877  // be included in the string output. The member name will be present, but the
 28878  // value will be replaced with "sensitive".
 28879  func (s ListMFADeviceTagsInput) String() string {
 28880  	return awsutil.Prettify(s)
 28881  }
 28882  
 28883  // GoString returns the string representation.
 28884  //
 28885  // API parameter values that are decorated as "sensitive" in the API will not
 28886  // be included in the string output. The member name will be present, but the
 28887  // value will be replaced with "sensitive".
 28888  func (s ListMFADeviceTagsInput) GoString() string {
 28889  	return s.String()
 28890  }
 28891  
 28892  // Validate inspects the fields of the type to determine if they are valid.
 28893  func (s *ListMFADeviceTagsInput) Validate() error {
 28894  	invalidParams := request.ErrInvalidParams{Context: "ListMFADeviceTagsInput"}
 28895  	if s.Marker != nil && len(*s.Marker) < 1 {
 28896  		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
 28897  	}
 28898  	if s.MaxItems != nil && *s.MaxItems < 1 {
 28899  		invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1))
 28900  	}
 28901  	if s.SerialNumber == nil {
 28902  		invalidParams.Add(request.NewErrParamRequired("SerialNumber"))
 28903  	}
 28904  	if s.SerialNumber != nil && len(*s.SerialNumber) < 9 {
 28905  		invalidParams.Add(request.NewErrParamMinLen("SerialNumber", 9))
 28906  	}
 28907  
 28908  	if invalidParams.Len() > 0 {
 28909  		return invalidParams
 28910  	}
 28911  	return nil
 28912  }
 28913  
 28914  // SetMarker sets the Marker field's value.
 28915  func (s *ListMFADeviceTagsInput) SetMarker(v string) *ListMFADeviceTagsInput {
 28916  	s.Marker = &v
 28917  	return s
 28918  }
 28919  
 28920  // SetMaxItems sets the MaxItems field's value.
 28921  func (s *ListMFADeviceTagsInput) SetMaxItems(v int64) *ListMFADeviceTagsInput {
 28922  	s.MaxItems = &v
 28923  	return s
 28924  }
 28925  
 28926  // SetSerialNumber sets the SerialNumber field's value.
 28927  func (s *ListMFADeviceTagsInput) SetSerialNumber(v string) *ListMFADeviceTagsInput {
 28928  	s.SerialNumber = &v
 28929  	return s
 28930  }
 28931  
 28932  type ListMFADeviceTagsOutput struct {
 28933  	_ struct{} `type:"structure"`
 28934  
 28935  	// A flag that indicates whether there are more items to return. If your results
 28936  	// were truncated, you can make a subsequent pagination request using the Marker
 28937  	// request parameter to retrieve more items. Note that IAM might return fewer
 28938  	// than the MaxItems number of results even when there are more results available.
 28939  	// We recommend that you check IsTruncated after every call to ensure that you
 28940  	// receive all your results.
 28941  	IsTruncated *bool `type:"boolean"`
 28942  
 28943  	// When IsTruncated is true, this element is present and contains the value
 28944  	// to use for the Marker parameter in a subsequent pagination request.
 28945  	Marker *string `type:"string"`
 28946  
 28947  	// The list of tags that are currently attached to the virtual MFA device. Each
 28948  	// tag consists of a key name and an associated value. If no tags are attached
 28949  	// to the specified resource, the response contains an empty list.
 28950  	//
 28951  	// Tags is a required field
 28952  	Tags []*Tag `type:"list" required:"true"`
 28953  }
 28954  
 28955  // String returns the string representation.
 28956  //
 28957  // API parameter values that are decorated as "sensitive" in the API will not
 28958  // be included in the string output. The member name will be present, but the
 28959  // value will be replaced with "sensitive".
 28960  func (s ListMFADeviceTagsOutput) String() string {
 28961  	return awsutil.Prettify(s)
 28962  }
 28963  
 28964  // GoString returns the string representation.
 28965  //
 28966  // API parameter values that are decorated as "sensitive" in the API will not
 28967  // be included in the string output. The member name will be present, but the
 28968  // value will be replaced with "sensitive".
 28969  func (s ListMFADeviceTagsOutput) GoString() string {
 28970  	return s.String()
 28971  }
 28972  
 28973  // SetIsTruncated sets the IsTruncated field's value.
 28974  func (s *ListMFADeviceTagsOutput) SetIsTruncated(v bool) *ListMFADeviceTagsOutput {
 28975  	s.IsTruncated = &v
 28976  	return s
 28977  }
 28978  
 28979  // SetMarker sets the Marker field's value.
 28980  func (s *ListMFADeviceTagsOutput) SetMarker(v string) *ListMFADeviceTagsOutput {
 28981  	s.Marker = &v
 28982  	return s
 28983  }
 28984  
 28985  // SetTags sets the Tags field's value.
 28986  func (s *ListMFADeviceTagsOutput) SetTags(v []*Tag) *ListMFADeviceTagsOutput {
 28987  	s.Tags = v
 28988  	return s
 28989  }
 28990  
 28991  type ListMFADevicesInput struct {
 28992  	_ struct{} `type:"structure"`
 28993  
 28994  	// Use this parameter only when paginating results and only after you receive
 28995  	// a response indicating that the results are truncated. Set it to the value
 28996  	// of the Marker element in the response that you received to indicate where
 28997  	// the next call should start.
 28998  	Marker *string `min:"1" type:"string"`
 28999  
 29000  	// Use this only when paginating results to indicate the maximum number of items
 29001  	// you want in the response. If additional items exist beyond the maximum you
 29002  	// specify, the IsTruncated response element is true.
 29003  	//
 29004  	// If you do not include this parameter, the number of items defaults to 100.
 29005  	// Note that IAM might return fewer results, even when there are more results
 29006  	// available. In that case, the IsTruncated response element returns true, and
 29007  	// Marker contains a value to include in the subsequent call that tells the
 29008  	// service where to continue from.
 29009  	MaxItems *int64 `min:"1" type:"integer"`
 29010  
 29011  	// The name of the user whose MFA devices you want to list.
 29012  	//
 29013  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 29014  	// a string of characters consisting of upper and lowercase alphanumeric characters
 29015  	// with no spaces. You can also include any of the following characters: _+=,.@-
 29016  	UserName *string `min:"1" type:"string"`
 29017  }
 29018  
 29019  // String returns the string representation.
 29020  //
 29021  // API parameter values that are decorated as "sensitive" in the API will not
 29022  // be included in the string output. The member name will be present, but the
 29023  // value will be replaced with "sensitive".
 29024  func (s ListMFADevicesInput) String() string {
 29025  	return awsutil.Prettify(s)
 29026  }
 29027  
 29028  // GoString returns the string representation.
 29029  //
 29030  // API parameter values that are decorated as "sensitive" in the API will not
 29031  // be included in the string output. The member name will be present, but the
 29032  // value will be replaced with "sensitive".
 29033  func (s ListMFADevicesInput) GoString() string {
 29034  	return s.String()
 29035  }
 29036  
 29037  // Validate inspects the fields of the type to determine if they are valid.
 29038  func (s *ListMFADevicesInput) Validate() error {
 29039  	invalidParams := request.ErrInvalidParams{Context: "ListMFADevicesInput"}
 29040  	if s.Marker != nil && len(*s.Marker) < 1 {
 29041  		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
 29042  	}
 29043  	if s.MaxItems != nil && *s.MaxItems < 1 {
 29044  		invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1))
 29045  	}
 29046  	if s.UserName != nil && len(*s.UserName) < 1 {
 29047  		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
 29048  	}
 29049  
 29050  	if invalidParams.Len() > 0 {
 29051  		return invalidParams
 29052  	}
 29053  	return nil
 29054  }
 29055  
 29056  // SetMarker sets the Marker field's value.
 29057  func (s *ListMFADevicesInput) SetMarker(v string) *ListMFADevicesInput {
 29058  	s.Marker = &v
 29059  	return s
 29060  }
 29061  
 29062  // SetMaxItems sets the MaxItems field's value.
 29063  func (s *ListMFADevicesInput) SetMaxItems(v int64) *ListMFADevicesInput {
 29064  	s.MaxItems = &v
 29065  	return s
 29066  }
 29067  
 29068  // SetUserName sets the UserName field's value.
 29069  func (s *ListMFADevicesInput) SetUserName(v string) *ListMFADevicesInput {
 29070  	s.UserName = &v
 29071  	return s
 29072  }
 29073  
 29074  // Contains the response to a successful ListMFADevices request.
 29075  type ListMFADevicesOutput struct {
 29076  	_ struct{} `type:"structure"`
 29077  
 29078  	// A flag that indicates whether there are more items to return. If your results
 29079  	// were truncated, you can make a subsequent pagination request using the Marker
 29080  	// request parameter to retrieve more items. Note that IAM might return fewer
 29081  	// than the MaxItems number of results even when there are more results available.
 29082  	// We recommend that you check IsTruncated after every call to ensure that you
 29083  	// receive all your results.
 29084  	IsTruncated *bool `type:"boolean"`
 29085  
 29086  	// A list of MFA devices.
 29087  	//
 29088  	// MFADevices is a required field
 29089  	MFADevices []*MFADevice `type:"list" required:"true"`
 29090  
 29091  	// When IsTruncated is true, this element is present and contains the value
 29092  	// to use for the Marker parameter in a subsequent pagination request.
 29093  	Marker *string `type:"string"`
 29094  }
 29095  
 29096  // String returns the string representation.
 29097  //
 29098  // API parameter values that are decorated as "sensitive" in the API will not
 29099  // be included in the string output. The member name will be present, but the
 29100  // value will be replaced with "sensitive".
 29101  func (s ListMFADevicesOutput) String() string {
 29102  	return awsutil.Prettify(s)
 29103  }
 29104  
 29105  // GoString returns the string representation.
 29106  //
 29107  // API parameter values that are decorated as "sensitive" in the API will not
 29108  // be included in the string output. The member name will be present, but the
 29109  // value will be replaced with "sensitive".
 29110  func (s ListMFADevicesOutput) GoString() string {
 29111  	return s.String()
 29112  }
 29113  
 29114  // SetIsTruncated sets the IsTruncated field's value.
 29115  func (s *ListMFADevicesOutput) SetIsTruncated(v bool) *ListMFADevicesOutput {
 29116  	s.IsTruncated = &v
 29117  	return s
 29118  }
 29119  
 29120  // SetMFADevices sets the MFADevices field's value.
 29121  func (s *ListMFADevicesOutput) SetMFADevices(v []*MFADevice) *ListMFADevicesOutput {
 29122  	s.MFADevices = v
 29123  	return s
 29124  }
 29125  
 29126  // SetMarker sets the Marker field's value.
 29127  func (s *ListMFADevicesOutput) SetMarker(v string) *ListMFADevicesOutput {
 29128  	s.Marker = &v
 29129  	return s
 29130  }
 29131  
 29132  type ListOpenIDConnectProviderTagsInput struct {
 29133  	_ struct{} `type:"structure"`
 29134  
 29135  	// Use this parameter only when paginating results and only after you receive
 29136  	// a response indicating that the results are truncated. Set it to the value
 29137  	// of the Marker element in the response that you received to indicate where
 29138  	// the next call should start.
 29139  	Marker *string `min:"1" type:"string"`
 29140  
 29141  	// Use this only when paginating results to indicate the maximum number of items
 29142  	// you want in the response. If additional items exist beyond the maximum you
 29143  	// specify, the IsTruncated response element is true.
 29144  	//
 29145  	// If you do not include this parameter, the number of items defaults to 100.
 29146  	// Note that IAM might return fewer results, even when there are more results
 29147  	// available. In that case, the IsTruncated response element returns true, and
 29148  	// Marker contains a value to include in the subsequent call that tells the
 29149  	// service where to continue from.
 29150  	MaxItems *int64 `min:"1" type:"integer"`
 29151  
 29152  	// The ARN of the OpenID Connect (OIDC) identity provider whose tags you want
 29153  	// to see.
 29154  	//
 29155  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 29156  	// a string of characters consisting of upper and lowercase alphanumeric characters
 29157  	// with no spaces. You can also include any of the following characters: _+=,.@-
 29158  	//
 29159  	// OpenIDConnectProviderArn is a required field
 29160  	OpenIDConnectProviderArn *string `min:"20" type:"string" required:"true"`
 29161  }
 29162  
 29163  // String returns the string representation.
 29164  //
 29165  // API parameter values that are decorated as "sensitive" in the API will not
 29166  // be included in the string output. The member name will be present, but the
 29167  // value will be replaced with "sensitive".
 29168  func (s ListOpenIDConnectProviderTagsInput) String() string {
 29169  	return awsutil.Prettify(s)
 29170  }
 29171  
 29172  // GoString returns the string representation.
 29173  //
 29174  // API parameter values that are decorated as "sensitive" in the API will not
 29175  // be included in the string output. The member name will be present, but the
 29176  // value will be replaced with "sensitive".
 29177  func (s ListOpenIDConnectProviderTagsInput) GoString() string {
 29178  	return s.String()
 29179  }
 29180  
 29181  // Validate inspects the fields of the type to determine if they are valid.
 29182  func (s *ListOpenIDConnectProviderTagsInput) Validate() error {
 29183  	invalidParams := request.ErrInvalidParams{Context: "ListOpenIDConnectProviderTagsInput"}
 29184  	if s.Marker != nil && len(*s.Marker) < 1 {
 29185  		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
 29186  	}
 29187  	if s.MaxItems != nil && *s.MaxItems < 1 {
 29188  		invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1))
 29189  	}
 29190  	if s.OpenIDConnectProviderArn == nil {
 29191  		invalidParams.Add(request.NewErrParamRequired("OpenIDConnectProviderArn"))
 29192  	}
 29193  	if s.OpenIDConnectProviderArn != nil && len(*s.OpenIDConnectProviderArn) < 20 {
 29194  		invalidParams.Add(request.NewErrParamMinLen("OpenIDConnectProviderArn", 20))
 29195  	}
 29196  
 29197  	if invalidParams.Len() > 0 {
 29198  		return invalidParams
 29199  	}
 29200  	return nil
 29201  }
 29202  
 29203  // SetMarker sets the Marker field's value.
 29204  func (s *ListOpenIDConnectProviderTagsInput) SetMarker(v string) *ListOpenIDConnectProviderTagsInput {
 29205  	s.Marker = &v
 29206  	return s
 29207  }
 29208  
 29209  // SetMaxItems sets the MaxItems field's value.
 29210  func (s *ListOpenIDConnectProviderTagsInput) SetMaxItems(v int64) *ListOpenIDConnectProviderTagsInput {
 29211  	s.MaxItems = &v
 29212  	return s
 29213  }
 29214  
 29215  // SetOpenIDConnectProviderArn sets the OpenIDConnectProviderArn field's value.
 29216  func (s *ListOpenIDConnectProviderTagsInput) SetOpenIDConnectProviderArn(v string) *ListOpenIDConnectProviderTagsInput {
 29217  	s.OpenIDConnectProviderArn = &v
 29218  	return s
 29219  }
 29220  
 29221  type ListOpenIDConnectProviderTagsOutput struct {
 29222  	_ struct{} `type:"structure"`
 29223  
 29224  	// A flag that indicates whether there are more items to return. If your results
 29225  	// were truncated, you can make a subsequent pagination request using the Marker
 29226  	// request parameter to retrieve more items. Note that IAM might return fewer
 29227  	// than the MaxItems number of results even when there are more results available.
 29228  	// We recommend that you check IsTruncated after every call to ensure that you
 29229  	// receive all your results.
 29230  	IsTruncated *bool `type:"boolean"`
 29231  
 29232  	// When IsTruncated is true, this element is present and contains the value
 29233  	// to use for the Marker parameter in a subsequent pagination request.
 29234  	Marker *string `type:"string"`
 29235  
 29236  	// The list of tags that are currently attached to the OpenID Connect (OIDC)
 29237  	// identity provider. Each tag consists of a key name and an associated value.
 29238  	// If no tags are attached to the specified resource, the response contains
 29239  	// an empty list.
 29240  	//
 29241  	// Tags is a required field
 29242  	Tags []*Tag `type:"list" required:"true"`
 29243  }
 29244  
 29245  // String returns the string representation.
 29246  //
 29247  // API parameter values that are decorated as "sensitive" in the API will not
 29248  // be included in the string output. The member name will be present, but the
 29249  // value will be replaced with "sensitive".
 29250  func (s ListOpenIDConnectProviderTagsOutput) String() string {
 29251  	return awsutil.Prettify(s)
 29252  }
 29253  
 29254  // GoString returns the string representation.
 29255  //
 29256  // API parameter values that are decorated as "sensitive" in the API will not
 29257  // be included in the string output. The member name will be present, but the
 29258  // value will be replaced with "sensitive".
 29259  func (s ListOpenIDConnectProviderTagsOutput) GoString() string {
 29260  	return s.String()
 29261  }
 29262  
 29263  // SetIsTruncated sets the IsTruncated field's value.
 29264  func (s *ListOpenIDConnectProviderTagsOutput) SetIsTruncated(v bool) *ListOpenIDConnectProviderTagsOutput {
 29265  	s.IsTruncated = &v
 29266  	return s
 29267  }
 29268  
 29269  // SetMarker sets the Marker field's value.
 29270  func (s *ListOpenIDConnectProviderTagsOutput) SetMarker(v string) *ListOpenIDConnectProviderTagsOutput {
 29271  	s.Marker = &v
 29272  	return s
 29273  }
 29274  
 29275  // SetTags sets the Tags field's value.
 29276  func (s *ListOpenIDConnectProviderTagsOutput) SetTags(v []*Tag) *ListOpenIDConnectProviderTagsOutput {
 29277  	s.Tags = v
 29278  	return s
 29279  }
 29280  
 29281  type ListOpenIDConnectProvidersInput struct {
 29282  	_ struct{} `type:"structure"`
 29283  }
 29284  
 29285  // String returns the string representation.
 29286  //
 29287  // API parameter values that are decorated as "sensitive" in the API will not
 29288  // be included in the string output. The member name will be present, but the
 29289  // value will be replaced with "sensitive".
 29290  func (s ListOpenIDConnectProvidersInput) String() string {
 29291  	return awsutil.Prettify(s)
 29292  }
 29293  
 29294  // GoString returns the string representation.
 29295  //
 29296  // API parameter values that are decorated as "sensitive" in the API will not
 29297  // be included in the string output. The member name will be present, but the
 29298  // value will be replaced with "sensitive".
 29299  func (s ListOpenIDConnectProvidersInput) GoString() string {
 29300  	return s.String()
 29301  }
 29302  
 29303  // Contains the response to a successful ListOpenIDConnectProviders request.
 29304  type ListOpenIDConnectProvidersOutput struct {
 29305  	_ struct{} `type:"structure"`
 29306  
 29307  	// The list of IAM OIDC provider resource objects defined in the Amazon Web
 29308  	// Services account.
 29309  	OpenIDConnectProviderList []*OpenIDConnectProviderListEntry `type:"list"`
 29310  }
 29311  
 29312  // String returns the string representation.
 29313  //
 29314  // API parameter values that are decorated as "sensitive" in the API will not
 29315  // be included in the string output. The member name will be present, but the
 29316  // value will be replaced with "sensitive".
 29317  func (s ListOpenIDConnectProvidersOutput) String() string {
 29318  	return awsutil.Prettify(s)
 29319  }
 29320  
 29321  // GoString returns the string representation.
 29322  //
 29323  // API parameter values that are decorated as "sensitive" in the API will not
 29324  // be included in the string output. The member name will be present, but the
 29325  // value will be replaced with "sensitive".
 29326  func (s ListOpenIDConnectProvidersOutput) GoString() string {
 29327  	return s.String()
 29328  }
 29329  
 29330  // SetOpenIDConnectProviderList sets the OpenIDConnectProviderList field's value.
 29331  func (s *ListOpenIDConnectProvidersOutput) SetOpenIDConnectProviderList(v []*OpenIDConnectProviderListEntry) *ListOpenIDConnectProvidersOutput {
 29332  	s.OpenIDConnectProviderList = v
 29333  	return s
 29334  }
 29335  
 29336  // Contains details about the permissions policies that are attached to the
 29337  // specified identity (user, group, or role).
 29338  //
 29339  // This data type is used as a response element in the ListPoliciesGrantingServiceAccess
 29340  // operation.
 29341  type ListPoliciesGrantingServiceAccessEntry struct {
 29342  	_ struct{} `type:"structure"`
 29343  
 29344  	// The PoliciesGrantingServiceAccess object that contains details about the
 29345  	// policy.
 29346  	Policies []*PolicyGrantingServiceAccess `type:"list"`
 29347  
 29348  	// The namespace of the service that was accessed.
 29349  	//
 29350  	// To learn the service namespace of a service, see Actions, resources, and
 29351  	// condition keys for Amazon Web Services services (https://docs.aws.amazon.com/service-authorization/latest/reference/reference_policies_actions-resources-contextkeys.html)
 29352  	// in the Service Authorization Reference. Choose the name of the service to
 29353  	// view details for that service. In the first paragraph, find the service prefix.
 29354  	// For example, (service prefix: a4b). For more information about service namespaces,
 29355  	// see Amazon Web Services service namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html#genref-aws-service-namespaces)
 29356  	// in the Amazon Web Services General Reference.
 29357  	ServiceNamespace *string `min:"1" type:"string"`
 29358  }
 29359  
 29360  // String returns the string representation.
 29361  //
 29362  // API parameter values that are decorated as "sensitive" in the API will not
 29363  // be included in the string output. The member name will be present, but the
 29364  // value will be replaced with "sensitive".
 29365  func (s ListPoliciesGrantingServiceAccessEntry) String() string {
 29366  	return awsutil.Prettify(s)
 29367  }
 29368  
 29369  // GoString returns the string representation.
 29370  //
 29371  // API parameter values that are decorated as "sensitive" in the API will not
 29372  // be included in the string output. The member name will be present, but the
 29373  // value will be replaced with "sensitive".
 29374  func (s ListPoliciesGrantingServiceAccessEntry) GoString() string {
 29375  	return s.String()
 29376  }
 29377  
 29378  // SetPolicies sets the Policies field's value.
 29379  func (s *ListPoliciesGrantingServiceAccessEntry) SetPolicies(v []*PolicyGrantingServiceAccess) *ListPoliciesGrantingServiceAccessEntry {
 29380  	s.Policies = v
 29381  	return s
 29382  }
 29383  
 29384  // SetServiceNamespace sets the ServiceNamespace field's value.
 29385  func (s *ListPoliciesGrantingServiceAccessEntry) SetServiceNamespace(v string) *ListPoliciesGrantingServiceAccessEntry {
 29386  	s.ServiceNamespace = &v
 29387  	return s
 29388  }
 29389  
 29390  type ListPoliciesGrantingServiceAccessInput struct {
 29391  	_ struct{} `type:"structure"`
 29392  
 29393  	// The ARN of the IAM identity (user, group, or role) whose policies you want
 29394  	// to list.
 29395  	//
 29396  	// Arn is a required field
 29397  	Arn *string `min:"20" type:"string" required:"true"`
 29398  
 29399  	// Use this parameter only when paginating results and only after you receive
 29400  	// a response indicating that the results are truncated. Set it to the value
 29401  	// of the Marker element in the response that you received to indicate where
 29402  	// the next call should start.
 29403  	Marker *string `min:"1" type:"string"`
 29404  
 29405  	// The service namespace for the Amazon Web Services services whose policies
 29406  	// you want to list.
 29407  	//
 29408  	// To learn the service namespace for a service, see Actions, resources, and
 29409  	// condition keys for Amazon Web Services services (https://docs.aws.amazon.com/service-authorization/latest/reference/reference_policies_actions-resources-contextkeys.html)
 29410  	// in the IAM User Guide. Choose the name of the service to view details for
 29411  	// that service. In the first paragraph, find the service prefix. For example,
 29412  	// (service prefix: a4b). For more information about service namespaces, see
 29413  	// Amazon Web Services service namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html#genref-aws-service-namespaces)
 29414  	// in the Amazon Web Services General Reference.
 29415  	//
 29416  	// ServiceNamespaces is a required field
 29417  	ServiceNamespaces []*string `min:"1" type:"list" required:"true"`
 29418  }
 29419  
 29420  // String returns the string representation.
 29421  //
 29422  // API parameter values that are decorated as "sensitive" in the API will not
 29423  // be included in the string output. The member name will be present, but the
 29424  // value will be replaced with "sensitive".
 29425  func (s ListPoliciesGrantingServiceAccessInput) String() string {
 29426  	return awsutil.Prettify(s)
 29427  }
 29428  
 29429  // GoString returns the string representation.
 29430  //
 29431  // API parameter values that are decorated as "sensitive" in the API will not
 29432  // be included in the string output. The member name will be present, but the
 29433  // value will be replaced with "sensitive".
 29434  func (s ListPoliciesGrantingServiceAccessInput) GoString() string {
 29435  	return s.String()
 29436  }
 29437  
 29438  // Validate inspects the fields of the type to determine if they are valid.
 29439  func (s *ListPoliciesGrantingServiceAccessInput) Validate() error {
 29440  	invalidParams := request.ErrInvalidParams{Context: "ListPoliciesGrantingServiceAccessInput"}
 29441  	if s.Arn == nil {
 29442  		invalidParams.Add(request.NewErrParamRequired("Arn"))
 29443  	}
 29444  	if s.Arn != nil && len(*s.Arn) < 20 {
 29445  		invalidParams.Add(request.NewErrParamMinLen("Arn", 20))
 29446  	}
 29447  	if s.Marker != nil && len(*s.Marker) < 1 {
 29448  		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
 29449  	}
 29450  	if s.ServiceNamespaces == nil {
 29451  		invalidParams.Add(request.NewErrParamRequired("ServiceNamespaces"))
 29452  	}
 29453  	if s.ServiceNamespaces != nil && len(s.ServiceNamespaces) < 1 {
 29454  		invalidParams.Add(request.NewErrParamMinLen("ServiceNamespaces", 1))
 29455  	}
 29456  
 29457  	if invalidParams.Len() > 0 {
 29458  		return invalidParams
 29459  	}
 29460  	return nil
 29461  }
 29462  
 29463  // SetArn sets the Arn field's value.
 29464  func (s *ListPoliciesGrantingServiceAccessInput) SetArn(v string) *ListPoliciesGrantingServiceAccessInput {
 29465  	s.Arn = &v
 29466  	return s
 29467  }
 29468  
 29469  // SetMarker sets the Marker field's value.
 29470  func (s *ListPoliciesGrantingServiceAccessInput) SetMarker(v string) *ListPoliciesGrantingServiceAccessInput {
 29471  	s.Marker = &v
 29472  	return s
 29473  }
 29474  
 29475  // SetServiceNamespaces sets the ServiceNamespaces field's value.
 29476  func (s *ListPoliciesGrantingServiceAccessInput) SetServiceNamespaces(v []*string) *ListPoliciesGrantingServiceAccessInput {
 29477  	s.ServiceNamespaces = v
 29478  	return s
 29479  }
 29480  
 29481  type ListPoliciesGrantingServiceAccessOutput struct {
 29482  	_ struct{} `type:"structure"`
 29483  
 29484  	// A flag that indicates whether there are more items to return. If your results
 29485  	// were truncated, you can make a subsequent pagination request using the Marker
 29486  	// request parameter to retrieve more items. We recommend that you check IsTruncated
 29487  	// after every call to ensure that you receive all your results.
 29488  	IsTruncated *bool `type:"boolean"`
 29489  
 29490  	// When IsTruncated is true, this element is present and contains the value
 29491  	// to use for the Marker parameter in a subsequent pagination request.
 29492  	Marker *string `type:"string"`
 29493  
 29494  	// A ListPoliciesGrantingServiceAccess object that contains details about the
 29495  	// permissions policies attached to the specified identity (user, group, or
 29496  	// role).
 29497  	//
 29498  	// PoliciesGrantingServiceAccess is a required field
 29499  	PoliciesGrantingServiceAccess []*ListPoliciesGrantingServiceAccessEntry `type:"list" required:"true"`
 29500  }
 29501  
 29502  // String returns the string representation.
 29503  //
 29504  // API parameter values that are decorated as "sensitive" in the API will not
 29505  // be included in the string output. The member name will be present, but the
 29506  // value will be replaced with "sensitive".
 29507  func (s ListPoliciesGrantingServiceAccessOutput) String() string {
 29508  	return awsutil.Prettify(s)
 29509  }
 29510  
 29511  // GoString returns the string representation.
 29512  //
 29513  // API parameter values that are decorated as "sensitive" in the API will not
 29514  // be included in the string output. The member name will be present, but the
 29515  // value will be replaced with "sensitive".
 29516  func (s ListPoliciesGrantingServiceAccessOutput) GoString() string {
 29517  	return s.String()
 29518  }
 29519  
 29520  // SetIsTruncated sets the IsTruncated field's value.
 29521  func (s *ListPoliciesGrantingServiceAccessOutput) SetIsTruncated(v bool) *ListPoliciesGrantingServiceAccessOutput {
 29522  	s.IsTruncated = &v
 29523  	return s
 29524  }
 29525  
 29526  // SetMarker sets the Marker field's value.
 29527  func (s *ListPoliciesGrantingServiceAccessOutput) SetMarker(v string) *ListPoliciesGrantingServiceAccessOutput {
 29528  	s.Marker = &v
 29529  	return s
 29530  }
 29531  
 29532  // SetPoliciesGrantingServiceAccess sets the PoliciesGrantingServiceAccess field's value.
 29533  func (s *ListPoliciesGrantingServiceAccessOutput) SetPoliciesGrantingServiceAccess(v []*ListPoliciesGrantingServiceAccessEntry) *ListPoliciesGrantingServiceAccessOutput {
 29534  	s.PoliciesGrantingServiceAccess = v
 29535  	return s
 29536  }
 29537  
 29538  type ListPoliciesInput struct {
 29539  	_ struct{} `type:"structure"`
 29540  
 29541  	// Use this parameter only when paginating results and only after you receive
 29542  	// a response indicating that the results are truncated. Set it to the value
 29543  	// of the Marker element in the response that you received to indicate where
 29544  	// the next call should start.
 29545  	Marker *string `min:"1" type:"string"`
 29546  
 29547  	// Use this only when paginating results to indicate the maximum number of items
 29548  	// you want in the response. If additional items exist beyond the maximum you
 29549  	// specify, the IsTruncated response element is true.
 29550  	//
 29551  	// If you do not include this parameter, the number of items defaults to 100.
 29552  	// Note that IAM might return fewer results, even when there are more results
 29553  	// available. In that case, the IsTruncated response element returns true, and
 29554  	// Marker contains a value to include in the subsequent call that tells the
 29555  	// service where to continue from.
 29556  	MaxItems *int64 `min:"1" type:"integer"`
 29557  
 29558  	// A flag to filter the results to only the attached policies.
 29559  	//
 29560  	// When OnlyAttached is true, the returned list contains only the policies that
 29561  	// are attached to an IAM user, group, or role. When OnlyAttached is false,
 29562  	// or when the parameter is not included, all policies are returned.
 29563  	OnlyAttached *bool `type:"boolean"`
 29564  
 29565  	// The path prefix for filtering the results. This parameter is optional. If
 29566  	// it is not included, it defaults to a slash (/), listing all policies. This
 29567  	// parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 29568  	// a string of characters consisting of either a forward slash (/) by itself
 29569  	// or a string that must begin and end with forward slashes. In addition, it
 29570  	// can contain any ASCII character from the ! (\u0021) through the DEL character
 29571  	// (\u007F), including most punctuation characters, digits, and upper and lowercased
 29572  	// letters.
 29573  	PathPrefix *string `min:"1" type:"string"`
 29574  
 29575  	// The policy usage method to use for filtering the results.
 29576  	//
 29577  	// To list only permissions policies, set PolicyUsageFilter to PermissionsPolicy.
 29578  	// To list only the policies used to set permissions boundaries, set the value
 29579  	// to PermissionsBoundary.
 29580  	//
 29581  	// This parameter is optional. If it is not included, all policies are returned.
 29582  	PolicyUsageFilter *string `type:"string" enum:"PolicyUsageType"`
 29583  
 29584  	// The scope to use for filtering the results.
 29585  	//
 29586  	// To list only Amazon Web Services managed policies, set Scope to AWS. To list
 29587  	// only the customer managed policies in your Amazon Web Services account, set
 29588  	// Scope to Local.
 29589  	//
 29590  	// This parameter is optional. If it is not included, or if it is set to All,
 29591  	// all policies are returned.
 29592  	Scope *string `type:"string" enum:"PolicyScopeType"`
 29593  }
 29594  
 29595  // String returns the string representation.
 29596  //
 29597  // API parameter values that are decorated as "sensitive" in the API will not
 29598  // be included in the string output. The member name will be present, but the
 29599  // value will be replaced with "sensitive".
 29600  func (s ListPoliciesInput) String() string {
 29601  	return awsutil.Prettify(s)
 29602  }
 29603  
 29604  // GoString returns the string representation.
 29605  //
 29606  // API parameter values that are decorated as "sensitive" in the API will not
 29607  // be included in the string output. The member name will be present, but the
 29608  // value will be replaced with "sensitive".
 29609  func (s ListPoliciesInput) GoString() string {
 29610  	return s.String()
 29611  }
 29612  
 29613  // Validate inspects the fields of the type to determine if they are valid.
 29614  func (s *ListPoliciesInput) Validate() error {
 29615  	invalidParams := request.ErrInvalidParams{Context: "ListPoliciesInput"}
 29616  	if s.Marker != nil && len(*s.Marker) < 1 {
 29617  		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
 29618  	}
 29619  	if s.MaxItems != nil && *s.MaxItems < 1 {
 29620  		invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1))
 29621  	}
 29622  	if s.PathPrefix != nil && len(*s.PathPrefix) < 1 {
 29623  		invalidParams.Add(request.NewErrParamMinLen("PathPrefix", 1))
 29624  	}
 29625  
 29626  	if invalidParams.Len() > 0 {
 29627  		return invalidParams
 29628  	}
 29629  	return nil
 29630  }
 29631  
 29632  // SetMarker sets the Marker field's value.
 29633  func (s *ListPoliciesInput) SetMarker(v string) *ListPoliciesInput {
 29634  	s.Marker = &v
 29635  	return s
 29636  }
 29637  
 29638  // SetMaxItems sets the MaxItems field's value.
 29639  func (s *ListPoliciesInput) SetMaxItems(v int64) *ListPoliciesInput {
 29640  	s.MaxItems = &v
 29641  	return s
 29642  }
 29643  
 29644  // SetOnlyAttached sets the OnlyAttached field's value.
 29645  func (s *ListPoliciesInput) SetOnlyAttached(v bool) *ListPoliciesInput {
 29646  	s.OnlyAttached = &v
 29647  	return s
 29648  }
 29649  
 29650  // SetPathPrefix sets the PathPrefix field's value.
 29651  func (s *ListPoliciesInput) SetPathPrefix(v string) *ListPoliciesInput {
 29652  	s.PathPrefix = &v
 29653  	return s
 29654  }
 29655  
 29656  // SetPolicyUsageFilter sets the PolicyUsageFilter field's value.
 29657  func (s *ListPoliciesInput) SetPolicyUsageFilter(v string) *ListPoliciesInput {
 29658  	s.PolicyUsageFilter = &v
 29659  	return s
 29660  }
 29661  
 29662  // SetScope sets the Scope field's value.
 29663  func (s *ListPoliciesInput) SetScope(v string) *ListPoliciesInput {
 29664  	s.Scope = &v
 29665  	return s
 29666  }
 29667  
 29668  // Contains the response to a successful ListPolicies request.
 29669  type ListPoliciesOutput struct {
 29670  	_ struct{} `type:"structure"`
 29671  
 29672  	// A flag that indicates whether there are more items to return. If your results
 29673  	// were truncated, you can make a subsequent pagination request using the Marker
 29674  	// request parameter to retrieve more items. Note that IAM might return fewer
 29675  	// than the MaxItems number of results even when there are more results available.
 29676  	// We recommend that you check IsTruncated after every call to ensure that you
 29677  	// receive all your results.
 29678  	IsTruncated *bool `type:"boolean"`
 29679  
 29680  	// When IsTruncated is true, this element is present and contains the value
 29681  	// to use for the Marker parameter in a subsequent pagination request.
 29682  	Marker *string `type:"string"`
 29683  
 29684  	// A list of policies.
 29685  	Policies []*Policy `type:"list"`
 29686  }
 29687  
 29688  // String returns the string representation.
 29689  //
 29690  // API parameter values that are decorated as "sensitive" in the API will not
 29691  // be included in the string output. The member name will be present, but the
 29692  // value will be replaced with "sensitive".
 29693  func (s ListPoliciesOutput) String() string {
 29694  	return awsutil.Prettify(s)
 29695  }
 29696  
 29697  // GoString returns the string representation.
 29698  //
 29699  // API parameter values that are decorated as "sensitive" in the API will not
 29700  // be included in the string output. The member name will be present, but the
 29701  // value will be replaced with "sensitive".
 29702  func (s ListPoliciesOutput) GoString() string {
 29703  	return s.String()
 29704  }
 29705  
 29706  // SetIsTruncated sets the IsTruncated field's value.
 29707  func (s *ListPoliciesOutput) SetIsTruncated(v bool) *ListPoliciesOutput {
 29708  	s.IsTruncated = &v
 29709  	return s
 29710  }
 29711  
 29712  // SetMarker sets the Marker field's value.
 29713  func (s *ListPoliciesOutput) SetMarker(v string) *ListPoliciesOutput {
 29714  	s.Marker = &v
 29715  	return s
 29716  }
 29717  
 29718  // SetPolicies sets the Policies field's value.
 29719  func (s *ListPoliciesOutput) SetPolicies(v []*Policy) *ListPoliciesOutput {
 29720  	s.Policies = v
 29721  	return s
 29722  }
 29723  
 29724  type ListPolicyTagsInput struct {
 29725  	_ struct{} `type:"structure"`
 29726  
 29727  	// Use this parameter only when paginating results and only after you receive
 29728  	// a response indicating that the results are truncated. Set it to the value
 29729  	// of the Marker element in the response that you received to indicate where
 29730  	// the next call should start.
 29731  	Marker *string `min:"1" type:"string"`
 29732  
 29733  	// Use this only when paginating results to indicate the maximum number of items
 29734  	// you want in the response. If additional items exist beyond the maximum you
 29735  	// specify, the IsTruncated response element is true.
 29736  	//
 29737  	// If you do not include this parameter, the number of items defaults to 100.
 29738  	// Note that IAM might return fewer results, even when there are more results
 29739  	// available. In that case, the IsTruncated response element returns true, and
 29740  	// Marker contains a value to include in the subsequent call that tells the
 29741  	// service where to continue from.
 29742  	MaxItems *int64 `min:"1" type:"integer"`
 29743  
 29744  	// The ARN of the IAM customer managed policy whose tags you want to see.
 29745  	//
 29746  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 29747  	// a string of characters consisting of upper and lowercase alphanumeric characters
 29748  	// with no spaces. You can also include any of the following characters: _+=,.@-
 29749  	//
 29750  	// PolicyArn is a required field
 29751  	PolicyArn *string `min:"20" type:"string" required:"true"`
 29752  }
 29753  
 29754  // String returns the string representation.
 29755  //
 29756  // API parameter values that are decorated as "sensitive" in the API will not
 29757  // be included in the string output. The member name will be present, but the
 29758  // value will be replaced with "sensitive".
 29759  func (s ListPolicyTagsInput) String() string {
 29760  	return awsutil.Prettify(s)
 29761  }
 29762  
 29763  // GoString returns the string representation.
 29764  //
 29765  // API parameter values that are decorated as "sensitive" in the API will not
 29766  // be included in the string output. The member name will be present, but the
 29767  // value will be replaced with "sensitive".
 29768  func (s ListPolicyTagsInput) GoString() string {
 29769  	return s.String()
 29770  }
 29771  
 29772  // Validate inspects the fields of the type to determine if they are valid.
 29773  func (s *ListPolicyTagsInput) Validate() error {
 29774  	invalidParams := request.ErrInvalidParams{Context: "ListPolicyTagsInput"}
 29775  	if s.Marker != nil && len(*s.Marker) < 1 {
 29776  		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
 29777  	}
 29778  	if s.MaxItems != nil && *s.MaxItems < 1 {
 29779  		invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1))
 29780  	}
 29781  	if s.PolicyArn == nil {
 29782  		invalidParams.Add(request.NewErrParamRequired("PolicyArn"))
 29783  	}
 29784  	if s.PolicyArn != nil && len(*s.PolicyArn) < 20 {
 29785  		invalidParams.Add(request.NewErrParamMinLen("PolicyArn", 20))
 29786  	}
 29787  
 29788  	if invalidParams.Len() > 0 {
 29789  		return invalidParams
 29790  	}
 29791  	return nil
 29792  }
 29793  
 29794  // SetMarker sets the Marker field's value.
 29795  func (s *ListPolicyTagsInput) SetMarker(v string) *ListPolicyTagsInput {
 29796  	s.Marker = &v
 29797  	return s
 29798  }
 29799  
 29800  // SetMaxItems sets the MaxItems field's value.
 29801  func (s *ListPolicyTagsInput) SetMaxItems(v int64) *ListPolicyTagsInput {
 29802  	s.MaxItems = &v
 29803  	return s
 29804  }
 29805  
 29806  // SetPolicyArn sets the PolicyArn field's value.
 29807  func (s *ListPolicyTagsInput) SetPolicyArn(v string) *ListPolicyTagsInput {
 29808  	s.PolicyArn = &v
 29809  	return s
 29810  }
 29811  
 29812  type ListPolicyTagsOutput struct {
 29813  	_ struct{} `type:"structure"`
 29814  
 29815  	// A flag that indicates whether there are more items to return. If your results
 29816  	// were truncated, you can make a subsequent pagination request using the Marker
 29817  	// request parameter to retrieve more items. Note that IAM might return fewer
 29818  	// than the MaxItems number of results even when there are more results available.
 29819  	// We recommend that you check IsTruncated after every call to ensure that you
 29820  	// receive all your results.
 29821  	IsTruncated *bool `type:"boolean"`
 29822  
 29823  	// When IsTruncated is true, this element is present and contains the value
 29824  	// to use for the Marker parameter in a subsequent pagination request.
 29825  	Marker *string `type:"string"`
 29826  
 29827  	// The list of tags that are currently attached to the IAM customer managed
 29828  	// policy. Each tag consists of a key name and an associated value. If no tags
 29829  	// are attached to the specified resource, the response contains an empty list.
 29830  	//
 29831  	// Tags is a required field
 29832  	Tags []*Tag `type:"list" required:"true"`
 29833  }
 29834  
 29835  // String returns the string representation.
 29836  //
 29837  // API parameter values that are decorated as "sensitive" in the API will not
 29838  // be included in the string output. The member name will be present, but the
 29839  // value will be replaced with "sensitive".
 29840  func (s ListPolicyTagsOutput) String() string {
 29841  	return awsutil.Prettify(s)
 29842  }
 29843  
 29844  // GoString returns the string representation.
 29845  //
 29846  // API parameter values that are decorated as "sensitive" in the API will not
 29847  // be included in the string output. The member name will be present, but the
 29848  // value will be replaced with "sensitive".
 29849  func (s ListPolicyTagsOutput) GoString() string {
 29850  	return s.String()
 29851  }
 29852  
 29853  // SetIsTruncated sets the IsTruncated field's value.
 29854  func (s *ListPolicyTagsOutput) SetIsTruncated(v bool) *ListPolicyTagsOutput {
 29855  	s.IsTruncated = &v
 29856  	return s
 29857  }
 29858  
 29859  // SetMarker sets the Marker field's value.
 29860  func (s *ListPolicyTagsOutput) SetMarker(v string) *ListPolicyTagsOutput {
 29861  	s.Marker = &v
 29862  	return s
 29863  }
 29864  
 29865  // SetTags sets the Tags field's value.
 29866  func (s *ListPolicyTagsOutput) SetTags(v []*Tag) *ListPolicyTagsOutput {
 29867  	s.Tags = v
 29868  	return s
 29869  }
 29870  
 29871  type ListPolicyVersionsInput struct {
 29872  	_ struct{} `type:"structure"`
 29873  
 29874  	// Use this parameter only when paginating results and only after you receive
 29875  	// a response indicating that the results are truncated. Set it to the value
 29876  	// of the Marker element in the response that you received to indicate where
 29877  	// the next call should start.
 29878  	Marker *string `min:"1" type:"string"`
 29879  
 29880  	// Use this only when paginating results to indicate the maximum number of items
 29881  	// you want in the response. If additional items exist beyond the maximum you
 29882  	// specify, the IsTruncated response element is true.
 29883  	//
 29884  	// If you do not include this parameter, the number of items defaults to 100.
 29885  	// Note that IAM might return fewer results, even when there are more results
 29886  	// available. In that case, the IsTruncated response element returns true, and
 29887  	// Marker contains a value to include in the subsequent call that tells the
 29888  	// service where to continue from.
 29889  	MaxItems *int64 `min:"1" type:"integer"`
 29890  
 29891  	// The Amazon Resource Name (ARN) of the IAM policy for which you want the versions.
 29892  	//
 29893  	// For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
 29894  	// in the Amazon Web Services General Reference.
 29895  	//
 29896  	// PolicyArn is a required field
 29897  	PolicyArn *string `min:"20" type:"string" required:"true"`
 29898  }
 29899  
 29900  // String returns the string representation.
 29901  //
 29902  // API parameter values that are decorated as "sensitive" in the API will not
 29903  // be included in the string output. The member name will be present, but the
 29904  // value will be replaced with "sensitive".
 29905  func (s ListPolicyVersionsInput) String() string {
 29906  	return awsutil.Prettify(s)
 29907  }
 29908  
 29909  // GoString returns the string representation.
 29910  //
 29911  // API parameter values that are decorated as "sensitive" in the API will not
 29912  // be included in the string output. The member name will be present, but the
 29913  // value will be replaced with "sensitive".
 29914  func (s ListPolicyVersionsInput) GoString() string {
 29915  	return s.String()
 29916  }
 29917  
 29918  // Validate inspects the fields of the type to determine if they are valid.
 29919  func (s *ListPolicyVersionsInput) Validate() error {
 29920  	invalidParams := request.ErrInvalidParams{Context: "ListPolicyVersionsInput"}
 29921  	if s.Marker != nil && len(*s.Marker) < 1 {
 29922  		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
 29923  	}
 29924  	if s.MaxItems != nil && *s.MaxItems < 1 {
 29925  		invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1))
 29926  	}
 29927  	if s.PolicyArn == nil {
 29928  		invalidParams.Add(request.NewErrParamRequired("PolicyArn"))
 29929  	}
 29930  	if s.PolicyArn != nil && len(*s.PolicyArn) < 20 {
 29931  		invalidParams.Add(request.NewErrParamMinLen("PolicyArn", 20))
 29932  	}
 29933  
 29934  	if invalidParams.Len() > 0 {
 29935  		return invalidParams
 29936  	}
 29937  	return nil
 29938  }
 29939  
 29940  // SetMarker sets the Marker field's value.
 29941  func (s *ListPolicyVersionsInput) SetMarker(v string) *ListPolicyVersionsInput {
 29942  	s.Marker = &v
 29943  	return s
 29944  }
 29945  
 29946  // SetMaxItems sets the MaxItems field's value.
 29947  func (s *ListPolicyVersionsInput) SetMaxItems(v int64) *ListPolicyVersionsInput {
 29948  	s.MaxItems = &v
 29949  	return s
 29950  }
 29951  
 29952  // SetPolicyArn sets the PolicyArn field's value.
 29953  func (s *ListPolicyVersionsInput) SetPolicyArn(v string) *ListPolicyVersionsInput {
 29954  	s.PolicyArn = &v
 29955  	return s
 29956  }
 29957  
 29958  // Contains the response to a successful ListPolicyVersions request.
 29959  type ListPolicyVersionsOutput struct {
 29960  	_ struct{} `type:"structure"`
 29961  
 29962  	// A flag that indicates whether there are more items to return. If your results
 29963  	// were truncated, you can make a subsequent pagination request using the Marker
 29964  	// request parameter to retrieve more items. Note that IAM might return fewer
 29965  	// than the MaxItems number of results even when there are more results available.
 29966  	// We recommend that you check IsTruncated after every call to ensure that you
 29967  	// receive all your results.
 29968  	IsTruncated *bool `type:"boolean"`
 29969  
 29970  	// When IsTruncated is true, this element is present and contains the value
 29971  	// to use for the Marker parameter in a subsequent pagination request.
 29972  	Marker *string `type:"string"`
 29973  
 29974  	// A list of policy versions.
 29975  	//
 29976  	// For more information about managed policy versions, see Versioning for managed
 29977  	// policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-versions.html)
 29978  	// in the IAM User Guide.
 29979  	Versions []*PolicyVersion `type:"list"`
 29980  }
 29981  
 29982  // String returns the string representation.
 29983  //
 29984  // API parameter values that are decorated as "sensitive" in the API will not
 29985  // be included in the string output. The member name will be present, but the
 29986  // value will be replaced with "sensitive".
 29987  func (s ListPolicyVersionsOutput) String() string {
 29988  	return awsutil.Prettify(s)
 29989  }
 29990  
 29991  // GoString returns the string representation.
 29992  //
 29993  // API parameter values that are decorated as "sensitive" in the API will not
 29994  // be included in the string output. The member name will be present, but the
 29995  // value will be replaced with "sensitive".
 29996  func (s ListPolicyVersionsOutput) GoString() string {
 29997  	return s.String()
 29998  }
 29999  
 30000  // SetIsTruncated sets the IsTruncated field's value.
 30001  func (s *ListPolicyVersionsOutput) SetIsTruncated(v bool) *ListPolicyVersionsOutput {
 30002  	s.IsTruncated = &v
 30003  	return s
 30004  }
 30005  
 30006  // SetMarker sets the Marker field's value.
 30007  func (s *ListPolicyVersionsOutput) SetMarker(v string) *ListPolicyVersionsOutput {
 30008  	s.Marker = &v
 30009  	return s
 30010  }
 30011  
 30012  // SetVersions sets the Versions field's value.
 30013  func (s *ListPolicyVersionsOutput) SetVersions(v []*PolicyVersion) *ListPolicyVersionsOutput {
 30014  	s.Versions = v
 30015  	return s
 30016  }
 30017  
 30018  type ListRolePoliciesInput struct {
 30019  	_ struct{} `type:"structure"`
 30020  
 30021  	// Use this parameter only when paginating results and only after you receive
 30022  	// a response indicating that the results are truncated. Set it to the value
 30023  	// of the Marker element in the response that you received to indicate where
 30024  	// the next call should start.
 30025  	Marker *string `min:"1" type:"string"`
 30026  
 30027  	// Use this only when paginating results to indicate the maximum number of items
 30028  	// you want in the response. If additional items exist beyond the maximum you
 30029  	// specify, the IsTruncated response element is true.
 30030  	//
 30031  	// If you do not include this parameter, the number of items defaults to 100.
 30032  	// Note that IAM might return fewer results, even when there are more results
 30033  	// available. In that case, the IsTruncated response element returns true, and
 30034  	// Marker contains a value to include in the subsequent call that tells the
 30035  	// service where to continue from.
 30036  	MaxItems *int64 `min:"1" type:"integer"`
 30037  
 30038  	// The name of the role to list policies for.
 30039  	//
 30040  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 30041  	// a string of characters consisting of upper and lowercase alphanumeric characters
 30042  	// with no spaces. You can also include any of the following characters: _+=,.@-
 30043  	//
 30044  	// RoleName is a required field
 30045  	RoleName *string `min:"1" type:"string" required:"true"`
 30046  }
 30047  
 30048  // String returns the string representation.
 30049  //
 30050  // API parameter values that are decorated as "sensitive" in the API will not
 30051  // be included in the string output. The member name will be present, but the
 30052  // value will be replaced with "sensitive".
 30053  func (s ListRolePoliciesInput) String() string {
 30054  	return awsutil.Prettify(s)
 30055  }
 30056  
 30057  // GoString returns the string representation.
 30058  //
 30059  // API parameter values that are decorated as "sensitive" in the API will not
 30060  // be included in the string output. The member name will be present, but the
 30061  // value will be replaced with "sensitive".
 30062  func (s ListRolePoliciesInput) GoString() string {
 30063  	return s.String()
 30064  }
 30065  
 30066  // Validate inspects the fields of the type to determine if they are valid.
 30067  func (s *ListRolePoliciesInput) Validate() error {
 30068  	invalidParams := request.ErrInvalidParams{Context: "ListRolePoliciesInput"}
 30069  	if s.Marker != nil && len(*s.Marker) < 1 {
 30070  		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
 30071  	}
 30072  	if s.MaxItems != nil && *s.MaxItems < 1 {
 30073  		invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1))
 30074  	}
 30075  	if s.RoleName == nil {
 30076  		invalidParams.Add(request.NewErrParamRequired("RoleName"))
 30077  	}
 30078  	if s.RoleName != nil && len(*s.RoleName) < 1 {
 30079  		invalidParams.Add(request.NewErrParamMinLen("RoleName", 1))
 30080  	}
 30081  
 30082  	if invalidParams.Len() > 0 {
 30083  		return invalidParams
 30084  	}
 30085  	return nil
 30086  }
 30087  
 30088  // SetMarker sets the Marker field's value.
 30089  func (s *ListRolePoliciesInput) SetMarker(v string) *ListRolePoliciesInput {
 30090  	s.Marker = &v
 30091  	return s
 30092  }
 30093  
 30094  // SetMaxItems sets the MaxItems field's value.
 30095  func (s *ListRolePoliciesInput) SetMaxItems(v int64) *ListRolePoliciesInput {
 30096  	s.MaxItems = &v
 30097  	return s
 30098  }
 30099  
 30100  // SetRoleName sets the RoleName field's value.
 30101  func (s *ListRolePoliciesInput) SetRoleName(v string) *ListRolePoliciesInput {
 30102  	s.RoleName = &v
 30103  	return s
 30104  }
 30105  
 30106  // Contains the response to a successful ListRolePolicies request.
 30107  type ListRolePoliciesOutput struct {
 30108  	_ struct{} `type:"structure"`
 30109  
 30110  	// A flag that indicates whether there are more items to return. If your results
 30111  	// were truncated, you can make a subsequent pagination request using the Marker
 30112  	// request parameter to retrieve more items. Note that IAM might return fewer
 30113  	// than the MaxItems number of results even when there are more results available.
 30114  	// We recommend that you check IsTruncated after every call to ensure that you
 30115  	// receive all your results.
 30116  	IsTruncated *bool `type:"boolean"`
 30117  
 30118  	// When IsTruncated is true, this element is present and contains the value
 30119  	// to use for the Marker parameter in a subsequent pagination request.
 30120  	Marker *string `type:"string"`
 30121  
 30122  	// A list of policy names.
 30123  	//
 30124  	// PolicyNames is a required field
 30125  	PolicyNames []*string `type:"list" required:"true"`
 30126  }
 30127  
 30128  // String returns the string representation.
 30129  //
 30130  // API parameter values that are decorated as "sensitive" in the API will not
 30131  // be included in the string output. The member name will be present, but the
 30132  // value will be replaced with "sensitive".
 30133  func (s ListRolePoliciesOutput) String() string {
 30134  	return awsutil.Prettify(s)
 30135  }
 30136  
 30137  // GoString returns the string representation.
 30138  //
 30139  // API parameter values that are decorated as "sensitive" in the API will not
 30140  // be included in the string output. The member name will be present, but the
 30141  // value will be replaced with "sensitive".
 30142  func (s ListRolePoliciesOutput) GoString() string {
 30143  	return s.String()
 30144  }
 30145  
 30146  // SetIsTruncated sets the IsTruncated field's value.
 30147  func (s *ListRolePoliciesOutput) SetIsTruncated(v bool) *ListRolePoliciesOutput {
 30148  	s.IsTruncated = &v
 30149  	return s
 30150  }
 30151  
 30152  // SetMarker sets the Marker field's value.
 30153  func (s *ListRolePoliciesOutput) SetMarker(v string) *ListRolePoliciesOutput {
 30154  	s.Marker = &v
 30155  	return s
 30156  }
 30157  
 30158  // SetPolicyNames sets the PolicyNames field's value.
 30159  func (s *ListRolePoliciesOutput) SetPolicyNames(v []*string) *ListRolePoliciesOutput {
 30160  	s.PolicyNames = v
 30161  	return s
 30162  }
 30163  
 30164  type ListRoleTagsInput struct {
 30165  	_ struct{} `type:"structure"`
 30166  
 30167  	// Use this parameter only when paginating results and only after you receive
 30168  	// a response indicating that the results are truncated. Set it to the value
 30169  	// of the Marker element in the response that you received to indicate where
 30170  	// the next call should start.
 30171  	Marker *string `min:"1" type:"string"`
 30172  
 30173  	// Use this only when paginating results to indicate the maximum number of items
 30174  	// you want in the response. If additional items exist beyond the maximum you
 30175  	// specify, the IsTruncated response element is true.
 30176  	//
 30177  	// If you do not include this parameter, the number of items defaults to 100.
 30178  	// Note that IAM might return fewer results, even when there are more results
 30179  	// available. In that case, the IsTruncated response element returns true, and
 30180  	// Marker contains a value to include in the subsequent call that tells the
 30181  	// service where to continue from.
 30182  	MaxItems *int64 `min:"1" type:"integer"`
 30183  
 30184  	// The name of the IAM role for which you want to see the list of tags.
 30185  	//
 30186  	// This parameter accepts (through its regex pattern (http://wikipedia.org/wiki/regex))
 30187  	// a string of characters that consist of upper and lowercase alphanumeric characters
 30188  	// with no spaces. You can also include any of the following characters: _+=,.@-
 30189  	//
 30190  	// RoleName is a required field
 30191  	RoleName *string `min:"1" type:"string" required:"true"`
 30192  }
 30193  
 30194  // String returns the string representation.
 30195  //
 30196  // API parameter values that are decorated as "sensitive" in the API will not
 30197  // be included in the string output. The member name will be present, but the
 30198  // value will be replaced with "sensitive".
 30199  func (s ListRoleTagsInput) String() string {
 30200  	return awsutil.Prettify(s)
 30201  }
 30202  
 30203  // GoString returns the string representation.
 30204  //
 30205  // API parameter values that are decorated as "sensitive" in the API will not
 30206  // be included in the string output. The member name will be present, but the
 30207  // value will be replaced with "sensitive".
 30208  func (s ListRoleTagsInput) GoString() string {
 30209  	return s.String()
 30210  }
 30211  
 30212  // Validate inspects the fields of the type to determine if they are valid.
 30213  func (s *ListRoleTagsInput) Validate() error {
 30214  	invalidParams := request.ErrInvalidParams{Context: "ListRoleTagsInput"}
 30215  	if s.Marker != nil && len(*s.Marker) < 1 {
 30216  		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
 30217  	}
 30218  	if s.MaxItems != nil && *s.MaxItems < 1 {
 30219  		invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1))
 30220  	}
 30221  	if s.RoleName == nil {
 30222  		invalidParams.Add(request.NewErrParamRequired("RoleName"))
 30223  	}
 30224  	if s.RoleName != nil && len(*s.RoleName) < 1 {
 30225  		invalidParams.Add(request.NewErrParamMinLen("RoleName", 1))
 30226  	}
 30227  
 30228  	if invalidParams.Len() > 0 {
 30229  		return invalidParams
 30230  	}
 30231  	return nil
 30232  }
 30233  
 30234  // SetMarker sets the Marker field's value.
 30235  func (s *ListRoleTagsInput) SetMarker(v string) *ListRoleTagsInput {
 30236  	s.Marker = &v
 30237  	return s
 30238  }
 30239  
 30240  // SetMaxItems sets the MaxItems field's value.
 30241  func (s *ListRoleTagsInput) SetMaxItems(v int64) *ListRoleTagsInput {
 30242  	s.MaxItems = &v
 30243  	return s
 30244  }
 30245  
 30246  // SetRoleName sets the RoleName field's value.
 30247  func (s *ListRoleTagsInput) SetRoleName(v string) *ListRoleTagsInput {
 30248  	s.RoleName = &v
 30249  	return s
 30250  }
 30251  
 30252  type ListRoleTagsOutput struct {
 30253  	_ struct{} `type:"structure"`
 30254  
 30255  	// A flag that indicates whether there are more items to return. If your results
 30256  	// were truncated, you can make a subsequent pagination request using the Marker
 30257  	// request parameter to retrieve more items. Note that IAM might return fewer
 30258  	// than the MaxItems number of results even when there are more results available.
 30259  	// We recommend that you check IsTruncated after every call to ensure that you
 30260  	// receive all your results.
 30261  	IsTruncated *bool `type:"boolean"`
 30262  
 30263  	// When IsTruncated is true, this element is present and contains the value
 30264  	// to use for the Marker parameter in a subsequent pagination request.
 30265  	Marker *string `type:"string"`
 30266  
 30267  	// The list of tags that are currently attached to the role. Each tag consists
 30268  	// of a key name and an associated value. If no tags are attached to the specified
 30269  	// resource, the response contains an empty list.
 30270  	//
 30271  	// Tags is a required field
 30272  	Tags []*Tag `type:"list" required:"true"`
 30273  }
 30274  
 30275  // String returns the string representation.
 30276  //
 30277  // API parameter values that are decorated as "sensitive" in the API will not
 30278  // be included in the string output. The member name will be present, but the
 30279  // value will be replaced with "sensitive".
 30280  func (s ListRoleTagsOutput) String() string {
 30281  	return awsutil.Prettify(s)
 30282  }
 30283  
 30284  // GoString returns the string representation.
 30285  //
 30286  // API parameter values that are decorated as "sensitive" in the API will not
 30287  // be included in the string output. The member name will be present, but the
 30288  // value will be replaced with "sensitive".
 30289  func (s ListRoleTagsOutput) GoString() string {
 30290  	return s.String()
 30291  }
 30292  
 30293  // SetIsTruncated sets the IsTruncated field's value.
 30294  func (s *ListRoleTagsOutput) SetIsTruncated(v bool) *ListRoleTagsOutput {
 30295  	s.IsTruncated = &v
 30296  	return s
 30297  }
 30298  
 30299  // SetMarker sets the Marker field's value.
 30300  func (s *ListRoleTagsOutput) SetMarker(v string) *ListRoleTagsOutput {
 30301  	s.Marker = &v
 30302  	return s
 30303  }
 30304  
 30305  // SetTags sets the Tags field's value.
 30306  func (s *ListRoleTagsOutput) SetTags(v []*Tag) *ListRoleTagsOutput {
 30307  	s.Tags = v
 30308  	return s
 30309  }
 30310  
 30311  type ListRolesInput struct {
 30312  	_ struct{} `type:"structure"`
 30313  
 30314  	// Use this parameter only when paginating results and only after you receive
 30315  	// a response indicating that the results are truncated. Set it to the value
 30316  	// of the Marker element in the response that you received to indicate where
 30317  	// the next call should start.
 30318  	Marker *string `min:"1" type:"string"`
 30319  
 30320  	// Use this only when paginating results to indicate the maximum number of items
 30321  	// you want in the response. If additional items exist beyond the maximum you
 30322  	// specify, the IsTruncated response element is true.
 30323  	//
 30324  	// If you do not include this parameter, the number of items defaults to 100.
 30325  	// Note that IAM might return fewer results, even when there are more results
 30326  	// available. In that case, the IsTruncated response element returns true, and
 30327  	// Marker contains a value to include in the subsequent call that tells the
 30328  	// service where to continue from.
 30329  	MaxItems *int64 `min:"1" type:"integer"`
 30330  
 30331  	// The path prefix for filtering the results. For example, the prefix /application_abc/component_xyz/
 30332  	// gets all roles whose path starts with /application_abc/component_xyz/.
 30333  	//
 30334  	// This parameter is optional. If it is not included, it defaults to a slash
 30335  	// (/), listing all roles. This parameter allows (through its regex pattern
 30336  	// (http://wikipedia.org/wiki/regex)) a string of characters consisting of either
 30337  	// a forward slash (/) by itself or a string that must begin and end with forward
 30338  	// slashes. In addition, it can contain any ASCII character from the ! (\u0021)
 30339  	// through the DEL character (\u007F), including most punctuation characters,
 30340  	// digits, and upper and lowercased letters.
 30341  	PathPrefix *string `min:"1" type:"string"`
 30342  }
 30343  
 30344  // String returns the string representation.
 30345  //
 30346  // API parameter values that are decorated as "sensitive" in the API will not
 30347  // be included in the string output. The member name will be present, but the
 30348  // value will be replaced with "sensitive".
 30349  func (s ListRolesInput) String() string {
 30350  	return awsutil.Prettify(s)
 30351  }
 30352  
 30353  // GoString returns the string representation.
 30354  //
 30355  // API parameter values that are decorated as "sensitive" in the API will not
 30356  // be included in the string output. The member name will be present, but the
 30357  // value will be replaced with "sensitive".
 30358  func (s ListRolesInput) GoString() string {
 30359  	return s.String()
 30360  }
 30361  
 30362  // Validate inspects the fields of the type to determine if they are valid.
 30363  func (s *ListRolesInput) Validate() error {
 30364  	invalidParams := request.ErrInvalidParams{Context: "ListRolesInput"}
 30365  	if s.Marker != nil && len(*s.Marker) < 1 {
 30366  		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
 30367  	}
 30368  	if s.MaxItems != nil && *s.MaxItems < 1 {
 30369  		invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1))
 30370  	}
 30371  	if s.PathPrefix != nil && len(*s.PathPrefix) < 1 {
 30372  		invalidParams.Add(request.NewErrParamMinLen("PathPrefix", 1))
 30373  	}
 30374  
 30375  	if invalidParams.Len() > 0 {
 30376  		return invalidParams
 30377  	}
 30378  	return nil
 30379  }
 30380  
 30381  // SetMarker sets the Marker field's value.
 30382  func (s *ListRolesInput) SetMarker(v string) *ListRolesInput {
 30383  	s.Marker = &v
 30384  	return s
 30385  }
 30386  
 30387  // SetMaxItems sets the MaxItems field's value.
 30388  func (s *ListRolesInput) SetMaxItems(v int64) *ListRolesInput {
 30389  	s.MaxItems = &v
 30390  	return s
 30391  }
 30392  
 30393  // SetPathPrefix sets the PathPrefix field's value.
 30394  func (s *ListRolesInput) SetPathPrefix(v string) *ListRolesInput {
 30395  	s.PathPrefix = &v
 30396  	return s
 30397  }
 30398  
 30399  // Contains the response to a successful ListRoles request.
 30400  type ListRolesOutput struct {
 30401  	_ struct{} `type:"structure"`
 30402  
 30403  	// A flag that indicates whether there are more items to return. If your results
 30404  	// were truncated, you can make a subsequent pagination request using the Marker
 30405  	// request parameter to retrieve more items. Note that IAM might return fewer
 30406  	// than the MaxItems number of results even when there are more results available.
 30407  	// We recommend that you check IsTruncated after every call to ensure that you
 30408  	// receive all your results.
 30409  	IsTruncated *bool `type:"boolean"`
 30410  
 30411  	// When IsTruncated is true, this element is present and contains the value
 30412  	// to use for the Marker parameter in a subsequent pagination request.
 30413  	Marker *string `type:"string"`
 30414  
 30415  	// A list of roles.
 30416  	//
 30417  	// Roles is a required field
 30418  	Roles []*Role `type:"list" required:"true"`
 30419  }
 30420  
 30421  // String returns the string representation.
 30422  //
 30423  // API parameter values that are decorated as "sensitive" in the API will not
 30424  // be included in the string output. The member name will be present, but the
 30425  // value will be replaced with "sensitive".
 30426  func (s ListRolesOutput) String() string {
 30427  	return awsutil.Prettify(s)
 30428  }
 30429  
 30430  // GoString returns the string representation.
 30431  //
 30432  // API parameter values that are decorated as "sensitive" in the API will not
 30433  // be included in the string output. The member name will be present, but the
 30434  // value will be replaced with "sensitive".
 30435  func (s ListRolesOutput) GoString() string {
 30436  	return s.String()
 30437  }
 30438  
 30439  // SetIsTruncated sets the IsTruncated field's value.
 30440  func (s *ListRolesOutput) SetIsTruncated(v bool) *ListRolesOutput {
 30441  	s.IsTruncated = &v
 30442  	return s
 30443  }
 30444  
 30445  // SetMarker sets the Marker field's value.
 30446  func (s *ListRolesOutput) SetMarker(v string) *ListRolesOutput {
 30447  	s.Marker = &v
 30448  	return s
 30449  }
 30450  
 30451  // SetRoles sets the Roles field's value.
 30452  func (s *ListRolesOutput) SetRoles(v []*Role) *ListRolesOutput {
 30453  	s.Roles = v
 30454  	return s
 30455  }
 30456  
 30457  type ListSAMLProviderTagsInput struct {
 30458  	_ struct{} `type:"structure"`
 30459  
 30460  	// Use this parameter only when paginating results and only after you receive
 30461  	// a response indicating that the results are truncated. Set it to the value
 30462  	// of the Marker element in the response that you received to indicate where
 30463  	// the next call should start.
 30464  	Marker *string `min:"1" type:"string"`
 30465  
 30466  	// Use this only when paginating results to indicate the maximum number of items
 30467  	// you want in the response. If additional items exist beyond the maximum you
 30468  	// specify, the IsTruncated response element is true.
 30469  	//
 30470  	// If you do not include this parameter, the number of items defaults to 100.
 30471  	// Note that IAM might return fewer results, even when there are more results
 30472  	// available. In that case, the IsTruncated response element returns true, and
 30473  	// Marker contains a value to include in the subsequent call that tells the
 30474  	// service where to continue from.
 30475  	MaxItems *int64 `min:"1" type:"integer"`
 30476  
 30477  	// The ARN of the Security Assertion Markup Language (SAML) identity provider
 30478  	// whose tags you want to see.
 30479  	//
 30480  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 30481  	// a string of characters consisting of upper and lowercase alphanumeric characters
 30482  	// with no spaces. You can also include any of the following characters: _+=,.@-
 30483  	//
 30484  	// SAMLProviderArn is a required field
 30485  	SAMLProviderArn *string `min:"20" type:"string" required:"true"`
 30486  }
 30487  
 30488  // String returns the string representation.
 30489  //
 30490  // API parameter values that are decorated as "sensitive" in the API will not
 30491  // be included in the string output. The member name will be present, but the
 30492  // value will be replaced with "sensitive".
 30493  func (s ListSAMLProviderTagsInput) String() string {
 30494  	return awsutil.Prettify(s)
 30495  }
 30496  
 30497  // GoString returns the string representation.
 30498  //
 30499  // API parameter values that are decorated as "sensitive" in the API will not
 30500  // be included in the string output. The member name will be present, but the
 30501  // value will be replaced with "sensitive".
 30502  func (s ListSAMLProviderTagsInput) GoString() string {
 30503  	return s.String()
 30504  }
 30505  
 30506  // Validate inspects the fields of the type to determine if they are valid.
 30507  func (s *ListSAMLProviderTagsInput) Validate() error {
 30508  	invalidParams := request.ErrInvalidParams{Context: "ListSAMLProviderTagsInput"}
 30509  	if s.Marker != nil && len(*s.Marker) < 1 {
 30510  		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
 30511  	}
 30512  	if s.MaxItems != nil && *s.MaxItems < 1 {
 30513  		invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1))
 30514  	}
 30515  	if s.SAMLProviderArn == nil {
 30516  		invalidParams.Add(request.NewErrParamRequired("SAMLProviderArn"))
 30517  	}
 30518  	if s.SAMLProviderArn != nil && len(*s.SAMLProviderArn) < 20 {
 30519  		invalidParams.Add(request.NewErrParamMinLen("SAMLProviderArn", 20))
 30520  	}
 30521  
 30522  	if invalidParams.Len() > 0 {
 30523  		return invalidParams
 30524  	}
 30525  	return nil
 30526  }
 30527  
 30528  // SetMarker sets the Marker field's value.
 30529  func (s *ListSAMLProviderTagsInput) SetMarker(v string) *ListSAMLProviderTagsInput {
 30530  	s.Marker = &v
 30531  	return s
 30532  }
 30533  
 30534  // SetMaxItems sets the MaxItems field's value.
 30535  func (s *ListSAMLProviderTagsInput) SetMaxItems(v int64) *ListSAMLProviderTagsInput {
 30536  	s.MaxItems = &v
 30537  	return s
 30538  }
 30539  
 30540  // SetSAMLProviderArn sets the SAMLProviderArn field's value.
 30541  func (s *ListSAMLProviderTagsInput) SetSAMLProviderArn(v string) *ListSAMLProviderTagsInput {
 30542  	s.SAMLProviderArn = &v
 30543  	return s
 30544  }
 30545  
 30546  type ListSAMLProviderTagsOutput struct {
 30547  	_ struct{} `type:"structure"`
 30548  
 30549  	// A flag that indicates whether there are more items to return. If your results
 30550  	// were truncated, you can make a subsequent pagination request using the Marker
 30551  	// request parameter to retrieve more items. Note that IAM might return fewer
 30552  	// than the MaxItems number of results even when there are more results available.
 30553  	// We recommend that you check IsTruncated after every call to ensure that you
 30554  	// receive all your results.
 30555  	IsTruncated *bool `type:"boolean"`
 30556  
 30557  	// When IsTruncated is true, this element is present and contains the value
 30558  	// to use for the Marker parameter in a subsequent pagination request.
 30559  	Marker *string `type:"string"`
 30560  
 30561  	// The list of tags that are currently attached to the Security Assertion Markup
 30562  	// Language (SAML) identity provider. Each tag consists of a key name and an
 30563  	// associated value. If no tags are attached to the specified resource, the
 30564  	// response contains an empty list.
 30565  	//
 30566  	// Tags is a required field
 30567  	Tags []*Tag `type:"list" required:"true"`
 30568  }
 30569  
 30570  // String returns the string representation.
 30571  //
 30572  // API parameter values that are decorated as "sensitive" in the API will not
 30573  // be included in the string output. The member name will be present, but the
 30574  // value will be replaced with "sensitive".
 30575  func (s ListSAMLProviderTagsOutput) String() string {
 30576  	return awsutil.Prettify(s)
 30577  }
 30578  
 30579  // GoString returns the string representation.
 30580  //
 30581  // API parameter values that are decorated as "sensitive" in the API will not
 30582  // be included in the string output. The member name will be present, but the
 30583  // value will be replaced with "sensitive".
 30584  func (s ListSAMLProviderTagsOutput) GoString() string {
 30585  	return s.String()
 30586  }
 30587  
 30588  // SetIsTruncated sets the IsTruncated field's value.
 30589  func (s *ListSAMLProviderTagsOutput) SetIsTruncated(v bool) *ListSAMLProviderTagsOutput {
 30590  	s.IsTruncated = &v
 30591  	return s
 30592  }
 30593  
 30594  // SetMarker sets the Marker field's value.
 30595  func (s *ListSAMLProviderTagsOutput) SetMarker(v string) *ListSAMLProviderTagsOutput {
 30596  	s.Marker = &v
 30597  	return s
 30598  }
 30599  
 30600  // SetTags sets the Tags field's value.
 30601  func (s *ListSAMLProviderTagsOutput) SetTags(v []*Tag) *ListSAMLProviderTagsOutput {
 30602  	s.Tags = v
 30603  	return s
 30604  }
 30605  
 30606  type ListSAMLProvidersInput struct {
 30607  	_ struct{} `type:"structure"`
 30608  }
 30609  
 30610  // String returns the string representation.
 30611  //
 30612  // API parameter values that are decorated as "sensitive" in the API will not
 30613  // be included in the string output. The member name will be present, but the
 30614  // value will be replaced with "sensitive".
 30615  func (s ListSAMLProvidersInput) String() string {
 30616  	return awsutil.Prettify(s)
 30617  }
 30618  
 30619  // GoString returns the string representation.
 30620  //
 30621  // API parameter values that are decorated as "sensitive" in the API will not
 30622  // be included in the string output. The member name will be present, but the
 30623  // value will be replaced with "sensitive".
 30624  func (s ListSAMLProvidersInput) GoString() string {
 30625  	return s.String()
 30626  }
 30627  
 30628  // Contains the response to a successful ListSAMLProviders request.
 30629  type ListSAMLProvidersOutput struct {
 30630  	_ struct{} `type:"structure"`
 30631  
 30632  	// The list of SAML provider resource objects defined in IAM for this Amazon
 30633  	// Web Services account.
 30634  	SAMLProviderList []*SAMLProviderListEntry `type:"list"`
 30635  }
 30636  
 30637  // String returns the string representation.
 30638  //
 30639  // API parameter values that are decorated as "sensitive" in the API will not
 30640  // be included in the string output. The member name will be present, but the
 30641  // value will be replaced with "sensitive".
 30642  func (s ListSAMLProvidersOutput) String() string {
 30643  	return awsutil.Prettify(s)
 30644  }
 30645  
 30646  // GoString returns the string representation.
 30647  //
 30648  // API parameter values that are decorated as "sensitive" in the API will not
 30649  // be included in the string output. The member name will be present, but the
 30650  // value will be replaced with "sensitive".
 30651  func (s ListSAMLProvidersOutput) GoString() string {
 30652  	return s.String()
 30653  }
 30654  
 30655  // SetSAMLProviderList sets the SAMLProviderList field's value.
 30656  func (s *ListSAMLProvidersOutput) SetSAMLProviderList(v []*SAMLProviderListEntry) *ListSAMLProvidersOutput {
 30657  	s.SAMLProviderList = v
 30658  	return s
 30659  }
 30660  
 30661  type ListSSHPublicKeysInput struct {
 30662  	_ struct{} `type:"structure"`
 30663  
 30664  	// Use this parameter only when paginating results and only after you receive
 30665  	// a response indicating that the results are truncated. Set it to the value
 30666  	// of the Marker element in the response that you received to indicate where
 30667  	// the next call should start.
 30668  	Marker *string `min:"1" type:"string"`
 30669  
 30670  	// Use this only when paginating results to indicate the maximum number of items
 30671  	// you want in the response. If additional items exist beyond the maximum you
 30672  	// specify, the IsTruncated response element is true.
 30673  	//
 30674  	// If you do not include this parameter, the number of items defaults to 100.
 30675  	// Note that IAM might return fewer results, even when there are more results
 30676  	// available. In that case, the IsTruncated response element returns true, and
 30677  	// Marker contains a value to include in the subsequent call that tells the
 30678  	// service where to continue from.
 30679  	MaxItems *int64 `min:"1" type:"integer"`
 30680  
 30681  	// The name of the IAM user to list SSH public keys for. If none is specified,
 30682  	// the UserName field is determined implicitly based on the Amazon Web Services
 30683  	// access key used to sign the request.
 30684  	//
 30685  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 30686  	// a string of characters consisting of upper and lowercase alphanumeric characters
 30687  	// with no spaces. You can also include any of the following characters: _+=,.@-
 30688  	UserName *string `min:"1" type:"string"`
 30689  }
 30690  
 30691  // String returns the string representation.
 30692  //
 30693  // API parameter values that are decorated as "sensitive" in the API will not
 30694  // be included in the string output. The member name will be present, but the
 30695  // value will be replaced with "sensitive".
 30696  func (s ListSSHPublicKeysInput) String() string {
 30697  	return awsutil.Prettify(s)
 30698  }
 30699  
 30700  // GoString returns the string representation.
 30701  //
 30702  // API parameter values that are decorated as "sensitive" in the API will not
 30703  // be included in the string output. The member name will be present, but the
 30704  // value will be replaced with "sensitive".
 30705  func (s ListSSHPublicKeysInput) GoString() string {
 30706  	return s.String()
 30707  }
 30708  
 30709  // Validate inspects the fields of the type to determine if they are valid.
 30710  func (s *ListSSHPublicKeysInput) Validate() error {
 30711  	invalidParams := request.ErrInvalidParams{Context: "ListSSHPublicKeysInput"}
 30712  	if s.Marker != nil && len(*s.Marker) < 1 {
 30713  		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
 30714  	}
 30715  	if s.MaxItems != nil && *s.MaxItems < 1 {
 30716  		invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1))
 30717  	}
 30718  	if s.UserName != nil && len(*s.UserName) < 1 {
 30719  		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
 30720  	}
 30721  
 30722  	if invalidParams.Len() > 0 {
 30723  		return invalidParams
 30724  	}
 30725  	return nil
 30726  }
 30727  
 30728  // SetMarker sets the Marker field's value.
 30729  func (s *ListSSHPublicKeysInput) SetMarker(v string) *ListSSHPublicKeysInput {
 30730  	s.Marker = &v
 30731  	return s
 30732  }
 30733  
 30734  // SetMaxItems sets the MaxItems field's value.
 30735  func (s *ListSSHPublicKeysInput) SetMaxItems(v int64) *ListSSHPublicKeysInput {
 30736  	s.MaxItems = &v
 30737  	return s
 30738  }
 30739  
 30740  // SetUserName sets the UserName field's value.
 30741  func (s *ListSSHPublicKeysInput) SetUserName(v string) *ListSSHPublicKeysInput {
 30742  	s.UserName = &v
 30743  	return s
 30744  }
 30745  
 30746  // Contains the response to a successful ListSSHPublicKeys request.
 30747  type ListSSHPublicKeysOutput struct {
 30748  	_ struct{} `type:"structure"`
 30749  
 30750  	// A flag that indicates whether there are more items to return. If your results
 30751  	// were truncated, you can make a subsequent pagination request using the Marker
 30752  	// request parameter to retrieve more items. Note that IAM might return fewer
 30753  	// than the MaxItems number of results even when there are more results available.
 30754  	// We recommend that you check IsTruncated after every call to ensure that you
 30755  	// receive all your results.
 30756  	IsTruncated *bool `type:"boolean"`
 30757  
 30758  	// When IsTruncated is true, this element is present and contains the value
 30759  	// to use for the Marker parameter in a subsequent pagination request.
 30760  	Marker *string `type:"string"`
 30761  
 30762  	// A list of the SSH public keys assigned to IAM user.
 30763  	SSHPublicKeys []*SSHPublicKeyMetadata `type:"list"`
 30764  }
 30765  
 30766  // String returns the string representation.
 30767  //
 30768  // API parameter values that are decorated as "sensitive" in the API will not
 30769  // be included in the string output. The member name will be present, but the
 30770  // value will be replaced with "sensitive".
 30771  func (s ListSSHPublicKeysOutput) String() string {
 30772  	return awsutil.Prettify(s)
 30773  }
 30774  
 30775  // GoString returns the string representation.
 30776  //
 30777  // API parameter values that are decorated as "sensitive" in the API will not
 30778  // be included in the string output. The member name will be present, but the
 30779  // value will be replaced with "sensitive".
 30780  func (s ListSSHPublicKeysOutput) GoString() string {
 30781  	return s.String()
 30782  }
 30783  
 30784  // SetIsTruncated sets the IsTruncated field's value.
 30785  func (s *ListSSHPublicKeysOutput) SetIsTruncated(v bool) *ListSSHPublicKeysOutput {
 30786  	s.IsTruncated = &v
 30787  	return s
 30788  }
 30789  
 30790  // SetMarker sets the Marker field's value.
 30791  func (s *ListSSHPublicKeysOutput) SetMarker(v string) *ListSSHPublicKeysOutput {
 30792  	s.Marker = &v
 30793  	return s
 30794  }
 30795  
 30796  // SetSSHPublicKeys sets the SSHPublicKeys field's value.
 30797  func (s *ListSSHPublicKeysOutput) SetSSHPublicKeys(v []*SSHPublicKeyMetadata) *ListSSHPublicKeysOutput {
 30798  	s.SSHPublicKeys = v
 30799  	return s
 30800  }
 30801  
 30802  type ListServerCertificateTagsInput struct {
 30803  	_ struct{} `type:"structure"`
 30804  
 30805  	// Use this parameter only when paginating results and only after you receive
 30806  	// a response indicating that the results are truncated. Set it to the value
 30807  	// of the Marker element in the response that you received to indicate where
 30808  	// the next call should start.
 30809  	Marker *string `min:"1" type:"string"`
 30810  
 30811  	// Use this only when paginating results to indicate the maximum number of items
 30812  	// you want in the response. If additional items exist beyond the maximum you
 30813  	// specify, the IsTruncated response element is true.
 30814  	//
 30815  	// If you do not include this parameter, the number of items defaults to 100.
 30816  	// Note that IAM might return fewer results, even when there are more results
 30817  	// available. In that case, the IsTruncated response element returns true, and
 30818  	// Marker contains a value to include in the subsequent call that tells the
 30819  	// service where to continue from.
 30820  	MaxItems *int64 `min:"1" type:"integer"`
 30821  
 30822  	// The name of the IAM server certificate whose tags you want to see.
 30823  	//
 30824  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 30825  	// a string of characters consisting of upper and lowercase alphanumeric characters
 30826  	// with no spaces. You can also include any of the following characters: _+=,.@-
 30827  	//
 30828  	// ServerCertificateName is a required field
 30829  	ServerCertificateName *string `min:"1" type:"string" required:"true"`
 30830  }
 30831  
 30832  // String returns the string representation.
 30833  //
 30834  // API parameter values that are decorated as "sensitive" in the API will not
 30835  // be included in the string output. The member name will be present, but the
 30836  // value will be replaced with "sensitive".
 30837  func (s ListServerCertificateTagsInput) String() string {
 30838  	return awsutil.Prettify(s)
 30839  }
 30840  
 30841  // GoString returns the string representation.
 30842  //
 30843  // API parameter values that are decorated as "sensitive" in the API will not
 30844  // be included in the string output. The member name will be present, but the
 30845  // value will be replaced with "sensitive".
 30846  func (s ListServerCertificateTagsInput) GoString() string {
 30847  	return s.String()
 30848  }
 30849  
 30850  // Validate inspects the fields of the type to determine if they are valid.
 30851  func (s *ListServerCertificateTagsInput) Validate() error {
 30852  	invalidParams := request.ErrInvalidParams{Context: "ListServerCertificateTagsInput"}
 30853  	if s.Marker != nil && len(*s.Marker) < 1 {
 30854  		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
 30855  	}
 30856  	if s.MaxItems != nil && *s.MaxItems < 1 {
 30857  		invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1))
 30858  	}
 30859  	if s.ServerCertificateName == nil {
 30860  		invalidParams.Add(request.NewErrParamRequired("ServerCertificateName"))
 30861  	}
 30862  	if s.ServerCertificateName != nil && len(*s.ServerCertificateName) < 1 {
 30863  		invalidParams.Add(request.NewErrParamMinLen("ServerCertificateName", 1))
 30864  	}
 30865  
 30866  	if invalidParams.Len() > 0 {
 30867  		return invalidParams
 30868  	}
 30869  	return nil
 30870  }
 30871  
 30872  // SetMarker sets the Marker field's value.
 30873  func (s *ListServerCertificateTagsInput) SetMarker(v string) *ListServerCertificateTagsInput {
 30874  	s.Marker = &v
 30875  	return s
 30876  }
 30877  
 30878  // SetMaxItems sets the MaxItems field's value.
 30879  func (s *ListServerCertificateTagsInput) SetMaxItems(v int64) *ListServerCertificateTagsInput {
 30880  	s.MaxItems = &v
 30881  	return s
 30882  }
 30883  
 30884  // SetServerCertificateName sets the ServerCertificateName field's value.
 30885  func (s *ListServerCertificateTagsInput) SetServerCertificateName(v string) *ListServerCertificateTagsInput {
 30886  	s.ServerCertificateName = &v
 30887  	return s
 30888  }
 30889  
 30890  type ListServerCertificateTagsOutput struct {
 30891  	_ struct{} `type:"structure"`
 30892  
 30893  	// A flag that indicates whether there are more items to return. If your results
 30894  	// were truncated, you can make a subsequent pagination request using the Marker
 30895  	// request parameter to retrieve more items. Note that IAM might return fewer
 30896  	// than the MaxItems number of results even when there are more results available.
 30897  	// We recommend that you check IsTruncated after every call to ensure that you
 30898  	// receive all your results.
 30899  	IsTruncated *bool `type:"boolean"`
 30900  
 30901  	// When IsTruncated is true, this element is present and contains the value
 30902  	// to use for the Marker parameter in a subsequent pagination request.
 30903  	Marker *string `type:"string"`
 30904  
 30905  	// The list of tags that are currently attached to the IAM server certificate.
 30906  	// Each tag consists of a key name and an associated value. If no tags are attached
 30907  	// to the specified resource, the response contains an empty list.
 30908  	//
 30909  	// Tags is a required field
 30910  	Tags []*Tag `type:"list" required:"true"`
 30911  }
 30912  
 30913  // String returns the string representation.
 30914  //
 30915  // API parameter values that are decorated as "sensitive" in the API will not
 30916  // be included in the string output. The member name will be present, but the
 30917  // value will be replaced with "sensitive".
 30918  func (s ListServerCertificateTagsOutput) String() string {
 30919  	return awsutil.Prettify(s)
 30920  }
 30921  
 30922  // GoString returns the string representation.
 30923  //
 30924  // API parameter values that are decorated as "sensitive" in the API will not
 30925  // be included in the string output. The member name will be present, but the
 30926  // value will be replaced with "sensitive".
 30927  func (s ListServerCertificateTagsOutput) GoString() string {
 30928  	return s.String()
 30929  }
 30930  
 30931  // SetIsTruncated sets the IsTruncated field's value.
 30932  func (s *ListServerCertificateTagsOutput) SetIsTruncated(v bool) *ListServerCertificateTagsOutput {
 30933  	s.IsTruncated = &v
 30934  	return s
 30935  }
 30936  
 30937  // SetMarker sets the Marker field's value.
 30938  func (s *ListServerCertificateTagsOutput) SetMarker(v string) *ListServerCertificateTagsOutput {
 30939  	s.Marker = &v
 30940  	return s
 30941  }
 30942  
 30943  // SetTags sets the Tags field's value.
 30944  func (s *ListServerCertificateTagsOutput) SetTags(v []*Tag) *ListServerCertificateTagsOutput {
 30945  	s.Tags = v
 30946  	return s
 30947  }
 30948  
 30949  type ListServerCertificatesInput struct {
 30950  	_ struct{} `type:"structure"`
 30951  
 30952  	// Use this parameter only when paginating results and only after you receive
 30953  	// a response indicating that the results are truncated. Set it to the value
 30954  	// of the Marker element in the response that you received to indicate where
 30955  	// the next call should start.
 30956  	Marker *string `min:"1" type:"string"`
 30957  
 30958  	// Use this only when paginating results to indicate the maximum number of items
 30959  	// you want in the response. If additional items exist beyond the maximum you
 30960  	// specify, the IsTruncated response element is true.
 30961  	//
 30962  	// If you do not include this parameter, the number of items defaults to 100.
 30963  	// Note that IAM might return fewer results, even when there are more results
 30964  	// available. In that case, the IsTruncated response element returns true, and
 30965  	// Marker contains a value to include in the subsequent call that tells the
 30966  	// service where to continue from.
 30967  	MaxItems *int64 `min:"1" type:"integer"`
 30968  
 30969  	// The path prefix for filtering the results. For example: /company/servercerts
 30970  	// would get all server certificates for which the path starts with /company/servercerts.
 30971  	//
 30972  	// This parameter is optional. If it is not included, it defaults to a slash
 30973  	// (/), listing all server certificates. This parameter allows (through its
 30974  	// regex pattern (http://wikipedia.org/wiki/regex)) a string of characters consisting
 30975  	// of either a forward slash (/) by itself or a string that must begin and end
 30976  	// with forward slashes. In addition, it can contain any ASCII character from
 30977  	// the ! (\u0021) through the DEL character (\u007F), including most punctuation
 30978  	// characters, digits, and upper and lowercased letters.
 30979  	PathPrefix *string `min:"1" type:"string"`
 30980  }
 30981  
 30982  // String returns the string representation.
 30983  //
 30984  // API parameter values that are decorated as "sensitive" in the API will not
 30985  // be included in the string output. The member name will be present, but the
 30986  // value will be replaced with "sensitive".
 30987  func (s ListServerCertificatesInput) String() string {
 30988  	return awsutil.Prettify(s)
 30989  }
 30990  
 30991  // GoString returns the string representation.
 30992  //
 30993  // API parameter values that are decorated as "sensitive" in the API will not
 30994  // be included in the string output. The member name will be present, but the
 30995  // value will be replaced with "sensitive".
 30996  func (s ListServerCertificatesInput) GoString() string {
 30997  	return s.String()
 30998  }
 30999  
 31000  // Validate inspects the fields of the type to determine if they are valid.
 31001  func (s *ListServerCertificatesInput) Validate() error {
 31002  	invalidParams := request.ErrInvalidParams{Context: "ListServerCertificatesInput"}
 31003  	if s.Marker != nil && len(*s.Marker) < 1 {
 31004  		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
 31005  	}
 31006  	if s.MaxItems != nil && *s.MaxItems < 1 {
 31007  		invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1))
 31008  	}
 31009  	if s.PathPrefix != nil && len(*s.PathPrefix) < 1 {
 31010  		invalidParams.Add(request.NewErrParamMinLen("PathPrefix", 1))
 31011  	}
 31012  
 31013  	if invalidParams.Len() > 0 {
 31014  		return invalidParams
 31015  	}
 31016  	return nil
 31017  }
 31018  
 31019  // SetMarker sets the Marker field's value.
 31020  func (s *ListServerCertificatesInput) SetMarker(v string) *ListServerCertificatesInput {
 31021  	s.Marker = &v
 31022  	return s
 31023  }
 31024  
 31025  // SetMaxItems sets the MaxItems field's value.
 31026  func (s *ListServerCertificatesInput) SetMaxItems(v int64) *ListServerCertificatesInput {
 31027  	s.MaxItems = &v
 31028  	return s
 31029  }
 31030  
 31031  // SetPathPrefix sets the PathPrefix field's value.
 31032  func (s *ListServerCertificatesInput) SetPathPrefix(v string) *ListServerCertificatesInput {
 31033  	s.PathPrefix = &v
 31034  	return s
 31035  }
 31036  
 31037  // Contains the response to a successful ListServerCertificates request.
 31038  type ListServerCertificatesOutput struct {
 31039  	_ struct{} `type:"structure"`
 31040  
 31041  	// A flag that indicates whether there are more items to return. If your results
 31042  	// were truncated, you can make a subsequent pagination request using the Marker
 31043  	// request parameter to retrieve more items. Note that IAM might return fewer
 31044  	// than the MaxItems number of results even when there are more results available.
 31045  	// We recommend that you check IsTruncated after every call to ensure that you
 31046  	// receive all your results.
 31047  	IsTruncated *bool `type:"boolean"`
 31048  
 31049  	// When IsTruncated is true, this element is present and contains the value
 31050  	// to use for the Marker parameter in a subsequent pagination request.
 31051  	Marker *string `type:"string"`
 31052  
 31053  	// A list of server certificates.
 31054  	//
 31055  	// ServerCertificateMetadataList is a required field
 31056  	ServerCertificateMetadataList []*ServerCertificateMetadata `type:"list" required:"true"`
 31057  }
 31058  
 31059  // String returns the string representation.
 31060  //
 31061  // API parameter values that are decorated as "sensitive" in the API will not
 31062  // be included in the string output. The member name will be present, but the
 31063  // value will be replaced with "sensitive".
 31064  func (s ListServerCertificatesOutput) String() string {
 31065  	return awsutil.Prettify(s)
 31066  }
 31067  
 31068  // GoString returns the string representation.
 31069  //
 31070  // API parameter values that are decorated as "sensitive" in the API will not
 31071  // be included in the string output. The member name will be present, but the
 31072  // value will be replaced with "sensitive".
 31073  func (s ListServerCertificatesOutput) GoString() string {
 31074  	return s.String()
 31075  }
 31076  
 31077  // SetIsTruncated sets the IsTruncated field's value.
 31078  func (s *ListServerCertificatesOutput) SetIsTruncated(v bool) *ListServerCertificatesOutput {
 31079  	s.IsTruncated = &v
 31080  	return s
 31081  }
 31082  
 31083  // SetMarker sets the Marker field's value.
 31084  func (s *ListServerCertificatesOutput) SetMarker(v string) *ListServerCertificatesOutput {
 31085  	s.Marker = &v
 31086  	return s
 31087  }
 31088  
 31089  // SetServerCertificateMetadataList sets the ServerCertificateMetadataList field's value.
 31090  func (s *ListServerCertificatesOutput) SetServerCertificateMetadataList(v []*ServerCertificateMetadata) *ListServerCertificatesOutput {
 31091  	s.ServerCertificateMetadataList = v
 31092  	return s
 31093  }
 31094  
 31095  type ListServiceSpecificCredentialsInput struct {
 31096  	_ struct{} `type:"structure"`
 31097  
 31098  	// Filters the returned results to only those for the specified Amazon Web Services
 31099  	// service. If not specified, then Amazon Web Services returns service-specific
 31100  	// credentials for all services.
 31101  	ServiceName *string `type:"string"`
 31102  
 31103  	// The name of the user whose service-specific credentials you want information
 31104  	// about. If this value is not specified, then the operation assumes the user
 31105  	// whose credentials are used to call the operation.
 31106  	//
 31107  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 31108  	// a string of characters consisting of upper and lowercase alphanumeric characters
 31109  	// with no spaces. You can also include any of the following characters: _+=,.@-
 31110  	UserName *string `min:"1" type:"string"`
 31111  }
 31112  
 31113  // String returns the string representation.
 31114  //
 31115  // API parameter values that are decorated as "sensitive" in the API will not
 31116  // be included in the string output. The member name will be present, but the
 31117  // value will be replaced with "sensitive".
 31118  func (s ListServiceSpecificCredentialsInput) String() string {
 31119  	return awsutil.Prettify(s)
 31120  }
 31121  
 31122  // GoString returns the string representation.
 31123  //
 31124  // API parameter values that are decorated as "sensitive" in the API will not
 31125  // be included in the string output. The member name will be present, but the
 31126  // value will be replaced with "sensitive".
 31127  func (s ListServiceSpecificCredentialsInput) GoString() string {
 31128  	return s.String()
 31129  }
 31130  
 31131  // Validate inspects the fields of the type to determine if they are valid.
 31132  func (s *ListServiceSpecificCredentialsInput) Validate() error {
 31133  	invalidParams := request.ErrInvalidParams{Context: "ListServiceSpecificCredentialsInput"}
 31134  	if s.UserName != nil && len(*s.UserName) < 1 {
 31135  		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
 31136  	}
 31137  
 31138  	if invalidParams.Len() > 0 {
 31139  		return invalidParams
 31140  	}
 31141  	return nil
 31142  }
 31143  
 31144  // SetServiceName sets the ServiceName field's value.
 31145  func (s *ListServiceSpecificCredentialsInput) SetServiceName(v string) *ListServiceSpecificCredentialsInput {
 31146  	s.ServiceName = &v
 31147  	return s
 31148  }
 31149  
 31150  // SetUserName sets the UserName field's value.
 31151  func (s *ListServiceSpecificCredentialsInput) SetUserName(v string) *ListServiceSpecificCredentialsInput {
 31152  	s.UserName = &v
 31153  	return s
 31154  }
 31155  
 31156  type ListServiceSpecificCredentialsOutput struct {
 31157  	_ struct{} `type:"structure"`
 31158  
 31159  	// A list of structures that each contain details about a service-specific credential.
 31160  	ServiceSpecificCredentials []*ServiceSpecificCredentialMetadata `type:"list"`
 31161  }
 31162  
 31163  // String returns the string representation.
 31164  //
 31165  // API parameter values that are decorated as "sensitive" in the API will not
 31166  // be included in the string output. The member name will be present, but the
 31167  // value will be replaced with "sensitive".
 31168  func (s ListServiceSpecificCredentialsOutput) String() string {
 31169  	return awsutil.Prettify(s)
 31170  }
 31171  
 31172  // GoString returns the string representation.
 31173  //
 31174  // API parameter values that are decorated as "sensitive" in the API will not
 31175  // be included in the string output. The member name will be present, but the
 31176  // value will be replaced with "sensitive".
 31177  func (s ListServiceSpecificCredentialsOutput) GoString() string {
 31178  	return s.String()
 31179  }
 31180  
 31181  // SetServiceSpecificCredentials sets the ServiceSpecificCredentials field's value.
 31182  func (s *ListServiceSpecificCredentialsOutput) SetServiceSpecificCredentials(v []*ServiceSpecificCredentialMetadata) *ListServiceSpecificCredentialsOutput {
 31183  	s.ServiceSpecificCredentials = v
 31184  	return s
 31185  }
 31186  
 31187  type ListSigningCertificatesInput struct {
 31188  	_ struct{} `type:"structure"`
 31189  
 31190  	// Use this parameter only when paginating results and only after you receive
 31191  	// a response indicating that the results are truncated. Set it to the value
 31192  	// of the Marker element in the response that you received to indicate where
 31193  	// the next call should start.
 31194  	Marker *string `min:"1" type:"string"`
 31195  
 31196  	// Use this only when paginating results to indicate the maximum number of items
 31197  	// you want in the response. If additional items exist beyond the maximum you
 31198  	// specify, the IsTruncated response element is true.
 31199  	//
 31200  	// If you do not include this parameter, the number of items defaults to 100.
 31201  	// Note that IAM might return fewer results, even when there are more results
 31202  	// available. In that case, the IsTruncated response element returns true, and
 31203  	// Marker contains a value to include in the subsequent call that tells the
 31204  	// service where to continue from.
 31205  	MaxItems *int64 `min:"1" type:"integer"`
 31206  
 31207  	// The name of the IAM user whose signing certificates you want to examine.
 31208  	//
 31209  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 31210  	// a string of characters consisting of upper and lowercase alphanumeric characters
 31211  	// with no spaces. You can also include any of the following characters: _+=,.@-
 31212  	UserName *string `min:"1" type:"string"`
 31213  }
 31214  
 31215  // String returns the string representation.
 31216  //
 31217  // API parameter values that are decorated as "sensitive" in the API will not
 31218  // be included in the string output. The member name will be present, but the
 31219  // value will be replaced with "sensitive".
 31220  func (s ListSigningCertificatesInput) String() string {
 31221  	return awsutil.Prettify(s)
 31222  }
 31223  
 31224  // GoString returns the string representation.
 31225  //
 31226  // API parameter values that are decorated as "sensitive" in the API will not
 31227  // be included in the string output. The member name will be present, but the
 31228  // value will be replaced with "sensitive".
 31229  func (s ListSigningCertificatesInput) GoString() string {
 31230  	return s.String()
 31231  }
 31232  
 31233  // Validate inspects the fields of the type to determine if they are valid.
 31234  func (s *ListSigningCertificatesInput) Validate() error {
 31235  	invalidParams := request.ErrInvalidParams{Context: "ListSigningCertificatesInput"}
 31236  	if s.Marker != nil && len(*s.Marker) < 1 {
 31237  		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
 31238  	}
 31239  	if s.MaxItems != nil && *s.MaxItems < 1 {
 31240  		invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1))
 31241  	}
 31242  	if s.UserName != nil && len(*s.UserName) < 1 {
 31243  		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
 31244  	}
 31245  
 31246  	if invalidParams.Len() > 0 {
 31247  		return invalidParams
 31248  	}
 31249  	return nil
 31250  }
 31251  
 31252  // SetMarker sets the Marker field's value.
 31253  func (s *ListSigningCertificatesInput) SetMarker(v string) *ListSigningCertificatesInput {
 31254  	s.Marker = &v
 31255  	return s
 31256  }
 31257  
 31258  // SetMaxItems sets the MaxItems field's value.
 31259  func (s *ListSigningCertificatesInput) SetMaxItems(v int64) *ListSigningCertificatesInput {
 31260  	s.MaxItems = &v
 31261  	return s
 31262  }
 31263  
 31264  // SetUserName sets the UserName field's value.
 31265  func (s *ListSigningCertificatesInput) SetUserName(v string) *ListSigningCertificatesInput {
 31266  	s.UserName = &v
 31267  	return s
 31268  }
 31269  
 31270  // Contains the response to a successful ListSigningCertificates request.
 31271  type ListSigningCertificatesOutput struct {
 31272  	_ struct{} `type:"structure"`
 31273  
 31274  	// A list of the user's signing certificate information.
 31275  	//
 31276  	// Certificates is a required field
 31277  	Certificates []*SigningCertificate `type:"list" required:"true"`
 31278  
 31279  	// A flag that indicates whether there are more items to return. If your results
 31280  	// were truncated, you can make a subsequent pagination request using the Marker
 31281  	// request parameter to retrieve more items. Note that IAM might return fewer
 31282  	// than the MaxItems number of results even when there are more results available.
 31283  	// We recommend that you check IsTruncated after every call to ensure that you
 31284  	// receive all your results.
 31285  	IsTruncated *bool `type:"boolean"`
 31286  
 31287  	// When IsTruncated is true, this element is present and contains the value
 31288  	// to use for the Marker parameter in a subsequent pagination request.
 31289  	Marker *string `type:"string"`
 31290  }
 31291  
 31292  // String returns the string representation.
 31293  //
 31294  // API parameter values that are decorated as "sensitive" in the API will not
 31295  // be included in the string output. The member name will be present, but the
 31296  // value will be replaced with "sensitive".
 31297  func (s ListSigningCertificatesOutput) String() string {
 31298  	return awsutil.Prettify(s)
 31299  }
 31300  
 31301  // GoString returns the string representation.
 31302  //
 31303  // API parameter values that are decorated as "sensitive" in the API will not
 31304  // be included in the string output. The member name will be present, but the
 31305  // value will be replaced with "sensitive".
 31306  func (s ListSigningCertificatesOutput) GoString() string {
 31307  	return s.String()
 31308  }
 31309  
 31310  // SetCertificates sets the Certificates field's value.
 31311  func (s *ListSigningCertificatesOutput) SetCertificates(v []*SigningCertificate) *ListSigningCertificatesOutput {
 31312  	s.Certificates = v
 31313  	return s
 31314  }
 31315  
 31316  // SetIsTruncated sets the IsTruncated field's value.
 31317  func (s *ListSigningCertificatesOutput) SetIsTruncated(v bool) *ListSigningCertificatesOutput {
 31318  	s.IsTruncated = &v
 31319  	return s
 31320  }
 31321  
 31322  // SetMarker sets the Marker field's value.
 31323  func (s *ListSigningCertificatesOutput) SetMarker(v string) *ListSigningCertificatesOutput {
 31324  	s.Marker = &v
 31325  	return s
 31326  }
 31327  
 31328  type ListUserPoliciesInput struct {
 31329  	_ struct{} `type:"structure"`
 31330  
 31331  	// Use this parameter only when paginating results and only after you receive
 31332  	// a response indicating that the results are truncated. Set it to the value
 31333  	// of the Marker element in the response that you received to indicate where
 31334  	// the next call should start.
 31335  	Marker *string `min:"1" type:"string"`
 31336  
 31337  	// Use this only when paginating results to indicate the maximum number of items
 31338  	// you want in the response. If additional items exist beyond the maximum you
 31339  	// specify, the IsTruncated response element is true.
 31340  	//
 31341  	// If you do not include this parameter, the number of items defaults to 100.
 31342  	// Note that IAM might return fewer results, even when there are more results
 31343  	// available. In that case, the IsTruncated response element returns true, and
 31344  	// Marker contains a value to include in the subsequent call that tells the
 31345  	// service where to continue from.
 31346  	MaxItems *int64 `min:"1" type:"integer"`
 31347  
 31348  	// The name of the user to list policies for.
 31349  	//
 31350  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 31351  	// a string of characters consisting of upper and lowercase alphanumeric characters
 31352  	// with no spaces. You can also include any of the following characters: _+=,.@-
 31353  	//
 31354  	// UserName is a required field
 31355  	UserName *string `min:"1" type:"string" required:"true"`
 31356  }
 31357  
 31358  // String returns the string representation.
 31359  //
 31360  // API parameter values that are decorated as "sensitive" in the API will not
 31361  // be included in the string output. The member name will be present, but the
 31362  // value will be replaced with "sensitive".
 31363  func (s ListUserPoliciesInput) String() string {
 31364  	return awsutil.Prettify(s)
 31365  }
 31366  
 31367  // GoString returns the string representation.
 31368  //
 31369  // API parameter values that are decorated as "sensitive" in the API will not
 31370  // be included in the string output. The member name will be present, but the
 31371  // value will be replaced with "sensitive".
 31372  func (s ListUserPoliciesInput) GoString() string {
 31373  	return s.String()
 31374  }
 31375  
 31376  // Validate inspects the fields of the type to determine if they are valid.
 31377  func (s *ListUserPoliciesInput) Validate() error {
 31378  	invalidParams := request.ErrInvalidParams{Context: "ListUserPoliciesInput"}
 31379  	if s.Marker != nil && len(*s.Marker) < 1 {
 31380  		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
 31381  	}
 31382  	if s.MaxItems != nil && *s.MaxItems < 1 {
 31383  		invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1))
 31384  	}
 31385  	if s.UserName == nil {
 31386  		invalidParams.Add(request.NewErrParamRequired("UserName"))
 31387  	}
 31388  	if s.UserName != nil && len(*s.UserName) < 1 {
 31389  		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
 31390  	}
 31391  
 31392  	if invalidParams.Len() > 0 {
 31393  		return invalidParams
 31394  	}
 31395  	return nil
 31396  }
 31397  
 31398  // SetMarker sets the Marker field's value.
 31399  func (s *ListUserPoliciesInput) SetMarker(v string) *ListUserPoliciesInput {
 31400  	s.Marker = &v
 31401  	return s
 31402  }
 31403  
 31404  // SetMaxItems sets the MaxItems field's value.
 31405  func (s *ListUserPoliciesInput) SetMaxItems(v int64) *ListUserPoliciesInput {
 31406  	s.MaxItems = &v
 31407  	return s
 31408  }
 31409  
 31410  // SetUserName sets the UserName field's value.
 31411  func (s *ListUserPoliciesInput) SetUserName(v string) *ListUserPoliciesInput {
 31412  	s.UserName = &v
 31413  	return s
 31414  }
 31415  
 31416  // Contains the response to a successful ListUserPolicies request.
 31417  type ListUserPoliciesOutput struct {
 31418  	_ struct{} `type:"structure"`
 31419  
 31420  	// A flag that indicates whether there are more items to return. If your results
 31421  	// were truncated, you can make a subsequent pagination request using the Marker
 31422  	// request parameter to retrieve more items. Note that IAM might return fewer
 31423  	// than the MaxItems number of results even when there are more results available.
 31424  	// We recommend that you check IsTruncated after every call to ensure that you
 31425  	// receive all your results.
 31426  	IsTruncated *bool `type:"boolean"`
 31427  
 31428  	// When IsTruncated is true, this element is present and contains the value
 31429  	// to use for the Marker parameter in a subsequent pagination request.
 31430  	Marker *string `type:"string"`
 31431  
 31432  	// A list of policy names.
 31433  	//
 31434  	// PolicyNames is a required field
 31435  	PolicyNames []*string `type:"list" required:"true"`
 31436  }
 31437  
 31438  // String returns the string representation.
 31439  //
 31440  // API parameter values that are decorated as "sensitive" in the API will not
 31441  // be included in the string output. The member name will be present, but the
 31442  // value will be replaced with "sensitive".
 31443  func (s ListUserPoliciesOutput) String() string {
 31444  	return awsutil.Prettify(s)
 31445  }
 31446  
 31447  // GoString returns the string representation.
 31448  //
 31449  // API parameter values that are decorated as "sensitive" in the API will not
 31450  // be included in the string output. The member name will be present, but the
 31451  // value will be replaced with "sensitive".
 31452  func (s ListUserPoliciesOutput) GoString() string {
 31453  	return s.String()
 31454  }
 31455  
 31456  // SetIsTruncated sets the IsTruncated field's value.
 31457  func (s *ListUserPoliciesOutput) SetIsTruncated(v bool) *ListUserPoliciesOutput {
 31458  	s.IsTruncated = &v
 31459  	return s
 31460  }
 31461  
 31462  // SetMarker sets the Marker field's value.
 31463  func (s *ListUserPoliciesOutput) SetMarker(v string) *ListUserPoliciesOutput {
 31464  	s.Marker = &v
 31465  	return s
 31466  }
 31467  
 31468  // SetPolicyNames sets the PolicyNames field's value.
 31469  func (s *ListUserPoliciesOutput) SetPolicyNames(v []*string) *ListUserPoliciesOutput {
 31470  	s.PolicyNames = v
 31471  	return s
 31472  }
 31473  
 31474  type ListUserTagsInput struct {
 31475  	_ struct{} `type:"structure"`
 31476  
 31477  	// Use this parameter only when paginating results and only after you receive
 31478  	// a response indicating that the results are truncated. Set it to the value
 31479  	// of the Marker element in the response that you received to indicate where
 31480  	// the next call should start.
 31481  	Marker *string `min:"1" type:"string"`
 31482  
 31483  	// Use this only when paginating results to indicate the maximum number of items
 31484  	// you want in the response. If additional items exist beyond the maximum you
 31485  	// specify, the IsTruncated response element is true.
 31486  	//
 31487  	// If you do not include this parameter, the number of items defaults to 100.
 31488  	// Note that IAM might return fewer results, even when there are more results
 31489  	// available. In that case, the IsTruncated response element returns true, and
 31490  	// Marker contains a value to include in the subsequent call that tells the
 31491  	// service where to continue from.
 31492  	MaxItems *int64 `min:"1" type:"integer"`
 31493  
 31494  	// The name of the IAM user whose tags you want to see.
 31495  	//
 31496  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 31497  	// a string of characters consisting of upper and lowercase alphanumeric characters
 31498  	// with no spaces. You can also include any of the following characters: _+=,.@-
 31499  	//
 31500  	// UserName is a required field
 31501  	UserName *string `min:"1" type:"string" required:"true"`
 31502  }
 31503  
 31504  // String returns the string representation.
 31505  //
 31506  // API parameter values that are decorated as "sensitive" in the API will not
 31507  // be included in the string output. The member name will be present, but the
 31508  // value will be replaced with "sensitive".
 31509  func (s ListUserTagsInput) String() string {
 31510  	return awsutil.Prettify(s)
 31511  }
 31512  
 31513  // GoString returns the string representation.
 31514  //
 31515  // API parameter values that are decorated as "sensitive" in the API will not
 31516  // be included in the string output. The member name will be present, but the
 31517  // value will be replaced with "sensitive".
 31518  func (s ListUserTagsInput) GoString() string {
 31519  	return s.String()
 31520  }
 31521  
 31522  // Validate inspects the fields of the type to determine if they are valid.
 31523  func (s *ListUserTagsInput) Validate() error {
 31524  	invalidParams := request.ErrInvalidParams{Context: "ListUserTagsInput"}
 31525  	if s.Marker != nil && len(*s.Marker) < 1 {
 31526  		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
 31527  	}
 31528  	if s.MaxItems != nil && *s.MaxItems < 1 {
 31529  		invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1))
 31530  	}
 31531  	if s.UserName == nil {
 31532  		invalidParams.Add(request.NewErrParamRequired("UserName"))
 31533  	}
 31534  	if s.UserName != nil && len(*s.UserName) < 1 {
 31535  		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
 31536  	}
 31537  
 31538  	if invalidParams.Len() > 0 {
 31539  		return invalidParams
 31540  	}
 31541  	return nil
 31542  }
 31543  
 31544  // SetMarker sets the Marker field's value.
 31545  func (s *ListUserTagsInput) SetMarker(v string) *ListUserTagsInput {
 31546  	s.Marker = &v
 31547  	return s
 31548  }
 31549  
 31550  // SetMaxItems sets the MaxItems field's value.
 31551  func (s *ListUserTagsInput) SetMaxItems(v int64) *ListUserTagsInput {
 31552  	s.MaxItems = &v
 31553  	return s
 31554  }
 31555  
 31556  // SetUserName sets the UserName field's value.
 31557  func (s *ListUserTagsInput) SetUserName(v string) *ListUserTagsInput {
 31558  	s.UserName = &v
 31559  	return s
 31560  }
 31561  
 31562  type ListUserTagsOutput struct {
 31563  	_ struct{} `type:"structure"`
 31564  
 31565  	// A flag that indicates whether there are more items to return. If your results
 31566  	// were truncated, you can make a subsequent pagination request using the Marker
 31567  	// request parameter to retrieve more items. Note that IAM might return fewer
 31568  	// than the MaxItems number of results even when there are more results available.
 31569  	// We recommend that you check IsTruncated after every call to ensure that you
 31570  	// receive all your results.
 31571  	IsTruncated *bool `type:"boolean"`
 31572  
 31573  	// When IsTruncated is true, this element is present and contains the value
 31574  	// to use for the Marker parameter in a subsequent pagination request.
 31575  	Marker *string `type:"string"`
 31576  
 31577  	// The list of tags that are currently attached to the user. Each tag consists
 31578  	// of a key name and an associated value. If no tags are attached to the specified
 31579  	// resource, the response contains an empty list.
 31580  	//
 31581  	// Tags is a required field
 31582  	Tags []*Tag `type:"list" required:"true"`
 31583  }
 31584  
 31585  // String returns the string representation.
 31586  //
 31587  // API parameter values that are decorated as "sensitive" in the API will not
 31588  // be included in the string output. The member name will be present, but the
 31589  // value will be replaced with "sensitive".
 31590  func (s ListUserTagsOutput) String() string {
 31591  	return awsutil.Prettify(s)
 31592  }
 31593  
 31594  // GoString returns the string representation.
 31595  //
 31596  // API parameter values that are decorated as "sensitive" in the API will not
 31597  // be included in the string output. The member name will be present, but the
 31598  // value will be replaced with "sensitive".
 31599  func (s ListUserTagsOutput) GoString() string {
 31600  	return s.String()
 31601  }
 31602  
 31603  // SetIsTruncated sets the IsTruncated field's value.
 31604  func (s *ListUserTagsOutput) SetIsTruncated(v bool) *ListUserTagsOutput {
 31605  	s.IsTruncated = &v
 31606  	return s
 31607  }
 31608  
 31609  // SetMarker sets the Marker field's value.
 31610  func (s *ListUserTagsOutput) SetMarker(v string) *ListUserTagsOutput {
 31611  	s.Marker = &v
 31612  	return s
 31613  }
 31614  
 31615  // SetTags sets the Tags field's value.
 31616  func (s *ListUserTagsOutput) SetTags(v []*Tag) *ListUserTagsOutput {
 31617  	s.Tags = v
 31618  	return s
 31619  }
 31620  
 31621  type ListUsersInput struct {
 31622  	_ struct{} `type:"structure"`
 31623  
 31624  	// Use this parameter only when paginating results and only after you receive
 31625  	// a response indicating that the results are truncated. Set it to the value
 31626  	// of the Marker element in the response that you received to indicate where
 31627  	// the next call should start.
 31628  	Marker *string `min:"1" type:"string"`
 31629  
 31630  	// Use this only when paginating results to indicate the maximum number of items
 31631  	// you want in the response. If additional items exist beyond the maximum you
 31632  	// specify, the IsTruncated response element is true.
 31633  	//
 31634  	// If you do not include this parameter, the number of items defaults to 100.
 31635  	// Note that IAM might return fewer results, even when there are more results
 31636  	// available. In that case, the IsTruncated response element returns true, and
 31637  	// Marker contains a value to include in the subsequent call that tells the
 31638  	// service where to continue from.
 31639  	MaxItems *int64 `min:"1" type:"integer"`
 31640  
 31641  	// The path prefix for filtering the results. For example: /division_abc/subdivision_xyz/,
 31642  	// which would get all user names whose path starts with /division_abc/subdivision_xyz/.
 31643  	//
 31644  	// This parameter is optional. If it is not included, it defaults to a slash
 31645  	// (/), listing all user names. This parameter allows (through its regex pattern
 31646  	// (http://wikipedia.org/wiki/regex)) a string of characters consisting of either
 31647  	// a forward slash (/) by itself or a string that must begin and end with forward
 31648  	// slashes. In addition, it can contain any ASCII character from the ! (\u0021)
 31649  	// through the DEL character (\u007F), including most punctuation characters,
 31650  	// digits, and upper and lowercased letters.
 31651  	PathPrefix *string `min:"1" type:"string"`
 31652  }
 31653  
 31654  // String returns the string representation.
 31655  //
 31656  // API parameter values that are decorated as "sensitive" in the API will not
 31657  // be included in the string output. The member name will be present, but the
 31658  // value will be replaced with "sensitive".
 31659  func (s ListUsersInput) String() string {
 31660  	return awsutil.Prettify(s)
 31661  }
 31662  
 31663  // GoString returns the string representation.
 31664  //
 31665  // API parameter values that are decorated as "sensitive" in the API will not
 31666  // be included in the string output. The member name will be present, but the
 31667  // value will be replaced with "sensitive".
 31668  func (s ListUsersInput) GoString() string {
 31669  	return s.String()
 31670  }
 31671  
 31672  // Validate inspects the fields of the type to determine if they are valid.
 31673  func (s *ListUsersInput) Validate() error {
 31674  	invalidParams := request.ErrInvalidParams{Context: "ListUsersInput"}
 31675  	if s.Marker != nil && len(*s.Marker) < 1 {
 31676  		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
 31677  	}
 31678  	if s.MaxItems != nil && *s.MaxItems < 1 {
 31679  		invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1))
 31680  	}
 31681  	if s.PathPrefix != nil && len(*s.PathPrefix) < 1 {
 31682  		invalidParams.Add(request.NewErrParamMinLen("PathPrefix", 1))
 31683  	}
 31684  
 31685  	if invalidParams.Len() > 0 {
 31686  		return invalidParams
 31687  	}
 31688  	return nil
 31689  }
 31690  
 31691  // SetMarker sets the Marker field's value.
 31692  func (s *ListUsersInput) SetMarker(v string) *ListUsersInput {
 31693  	s.Marker = &v
 31694  	return s
 31695  }
 31696  
 31697  // SetMaxItems sets the MaxItems field's value.
 31698  func (s *ListUsersInput) SetMaxItems(v int64) *ListUsersInput {
 31699  	s.MaxItems = &v
 31700  	return s
 31701  }
 31702  
 31703  // SetPathPrefix sets the PathPrefix field's value.
 31704  func (s *ListUsersInput) SetPathPrefix(v string) *ListUsersInput {
 31705  	s.PathPrefix = &v
 31706  	return s
 31707  }
 31708  
 31709  // Contains the response to a successful ListUsers request.
 31710  type ListUsersOutput struct {
 31711  	_ struct{} `type:"structure"`
 31712  
 31713  	// A flag that indicates whether there are more items to return. If your results
 31714  	// were truncated, you can make a subsequent pagination request using the Marker
 31715  	// request parameter to retrieve more items. Note that IAM might return fewer
 31716  	// than the MaxItems number of results even when there are more results available.
 31717  	// We recommend that you check IsTruncated after every call to ensure that you
 31718  	// receive all your results.
 31719  	IsTruncated *bool `type:"boolean"`
 31720  
 31721  	// When IsTruncated is true, this element is present and contains the value
 31722  	// to use for the Marker parameter in a subsequent pagination request.
 31723  	Marker *string `type:"string"`
 31724  
 31725  	// A list of users.
 31726  	//
 31727  	// Users is a required field
 31728  	Users []*User `type:"list" required:"true"`
 31729  }
 31730  
 31731  // String returns the string representation.
 31732  //
 31733  // API parameter values that are decorated as "sensitive" in the API will not
 31734  // be included in the string output. The member name will be present, but the
 31735  // value will be replaced with "sensitive".
 31736  func (s ListUsersOutput) String() string {
 31737  	return awsutil.Prettify(s)
 31738  }
 31739  
 31740  // GoString returns the string representation.
 31741  //
 31742  // API parameter values that are decorated as "sensitive" in the API will not
 31743  // be included in the string output. The member name will be present, but the
 31744  // value will be replaced with "sensitive".
 31745  func (s ListUsersOutput) GoString() string {
 31746  	return s.String()
 31747  }
 31748  
 31749  // SetIsTruncated sets the IsTruncated field's value.
 31750  func (s *ListUsersOutput) SetIsTruncated(v bool) *ListUsersOutput {
 31751  	s.IsTruncated = &v
 31752  	return s
 31753  }
 31754  
 31755  // SetMarker sets the Marker field's value.
 31756  func (s *ListUsersOutput) SetMarker(v string) *ListUsersOutput {
 31757  	s.Marker = &v
 31758  	return s
 31759  }
 31760  
 31761  // SetUsers sets the Users field's value.
 31762  func (s *ListUsersOutput) SetUsers(v []*User) *ListUsersOutput {
 31763  	s.Users = v
 31764  	return s
 31765  }
 31766  
 31767  type ListVirtualMFADevicesInput struct {
 31768  	_ struct{} `type:"structure"`
 31769  
 31770  	// The status (Unassigned or Assigned) of the devices to list. If you do not
 31771  	// specify an AssignmentStatus, the operation defaults to Any, which lists both
 31772  	// assigned and unassigned virtual MFA devices.,
 31773  	AssignmentStatus *string `type:"string" enum:"AssignmentStatusType"`
 31774  
 31775  	// Use this parameter only when paginating results and only after you receive
 31776  	// a response indicating that the results are truncated. Set it to the value
 31777  	// of the Marker element in the response that you received to indicate where
 31778  	// the next call should start.
 31779  	Marker *string `min:"1" type:"string"`
 31780  
 31781  	// Use this only when paginating results to indicate the maximum number of items
 31782  	// you want in the response. If additional items exist beyond the maximum you
 31783  	// specify, the IsTruncated response element is true.
 31784  	//
 31785  	// If you do not include this parameter, the number of items defaults to 100.
 31786  	// Note that IAM might return fewer results, even when there are more results
 31787  	// available. In that case, the IsTruncated response element returns true, and
 31788  	// Marker contains a value to include in the subsequent call that tells the
 31789  	// service where to continue from.
 31790  	MaxItems *int64 `min:"1" type:"integer"`
 31791  }
 31792  
 31793  // String returns the string representation.
 31794  //
 31795  // API parameter values that are decorated as "sensitive" in the API will not
 31796  // be included in the string output. The member name will be present, but the
 31797  // value will be replaced with "sensitive".
 31798  func (s ListVirtualMFADevicesInput) String() string {
 31799  	return awsutil.Prettify(s)
 31800  }
 31801  
 31802  // GoString returns the string representation.
 31803  //
 31804  // API parameter values that are decorated as "sensitive" in the API will not
 31805  // be included in the string output. The member name will be present, but the
 31806  // value will be replaced with "sensitive".
 31807  func (s ListVirtualMFADevicesInput) GoString() string {
 31808  	return s.String()
 31809  }
 31810  
 31811  // Validate inspects the fields of the type to determine if they are valid.
 31812  func (s *ListVirtualMFADevicesInput) Validate() error {
 31813  	invalidParams := request.ErrInvalidParams{Context: "ListVirtualMFADevicesInput"}
 31814  	if s.Marker != nil && len(*s.Marker) < 1 {
 31815  		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
 31816  	}
 31817  	if s.MaxItems != nil && *s.MaxItems < 1 {
 31818  		invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1))
 31819  	}
 31820  
 31821  	if invalidParams.Len() > 0 {
 31822  		return invalidParams
 31823  	}
 31824  	return nil
 31825  }
 31826  
 31827  // SetAssignmentStatus sets the AssignmentStatus field's value.
 31828  func (s *ListVirtualMFADevicesInput) SetAssignmentStatus(v string) *ListVirtualMFADevicesInput {
 31829  	s.AssignmentStatus = &v
 31830  	return s
 31831  }
 31832  
 31833  // SetMarker sets the Marker field's value.
 31834  func (s *ListVirtualMFADevicesInput) SetMarker(v string) *ListVirtualMFADevicesInput {
 31835  	s.Marker = &v
 31836  	return s
 31837  }
 31838  
 31839  // SetMaxItems sets the MaxItems field's value.
 31840  func (s *ListVirtualMFADevicesInput) SetMaxItems(v int64) *ListVirtualMFADevicesInput {
 31841  	s.MaxItems = &v
 31842  	return s
 31843  }
 31844  
 31845  // Contains the response to a successful ListVirtualMFADevices request.
 31846  type ListVirtualMFADevicesOutput struct {
 31847  	_ struct{} `type:"structure"`
 31848  
 31849  	// A flag that indicates whether there are more items to return. If your results
 31850  	// were truncated, you can make a subsequent pagination request using the Marker
 31851  	// request parameter to retrieve more items. Note that IAM might return fewer
 31852  	// than the MaxItems number of results even when there are more results available.
 31853  	// We recommend that you check IsTruncated after every call to ensure that you
 31854  	// receive all your results.
 31855  	IsTruncated *bool `type:"boolean"`
 31856  
 31857  	// When IsTruncated is true, this element is present and contains the value
 31858  	// to use for the Marker parameter in a subsequent pagination request.
 31859  	Marker *string `type:"string"`
 31860  
 31861  	// The list of virtual MFA devices in the current account that match the AssignmentStatus
 31862  	// value that was passed in the request.
 31863  	//
 31864  	// VirtualMFADevices is a required field
 31865  	VirtualMFADevices []*VirtualMFADevice `type:"list" required:"true"`
 31866  }
 31867  
 31868  // String returns the string representation.
 31869  //
 31870  // API parameter values that are decorated as "sensitive" in the API will not
 31871  // be included in the string output. The member name will be present, but the
 31872  // value will be replaced with "sensitive".
 31873  func (s ListVirtualMFADevicesOutput) String() string {
 31874  	return awsutil.Prettify(s)
 31875  }
 31876  
 31877  // GoString returns the string representation.
 31878  //
 31879  // API parameter values that are decorated as "sensitive" in the API will not
 31880  // be included in the string output. The member name will be present, but the
 31881  // value will be replaced with "sensitive".
 31882  func (s ListVirtualMFADevicesOutput) GoString() string {
 31883  	return s.String()
 31884  }
 31885  
 31886  // SetIsTruncated sets the IsTruncated field's value.
 31887  func (s *ListVirtualMFADevicesOutput) SetIsTruncated(v bool) *ListVirtualMFADevicesOutput {
 31888  	s.IsTruncated = &v
 31889  	return s
 31890  }
 31891  
 31892  // SetMarker sets the Marker field's value.
 31893  func (s *ListVirtualMFADevicesOutput) SetMarker(v string) *ListVirtualMFADevicesOutput {
 31894  	s.Marker = &v
 31895  	return s
 31896  }
 31897  
 31898  // SetVirtualMFADevices sets the VirtualMFADevices field's value.
 31899  func (s *ListVirtualMFADevicesOutput) SetVirtualMFADevices(v []*VirtualMFADevice) *ListVirtualMFADevicesOutput {
 31900  	s.VirtualMFADevices = v
 31901  	return s
 31902  }
 31903  
 31904  // Contains the user name and password create date for a user.
 31905  //
 31906  // This data type is used as a response element in the CreateLoginProfile and
 31907  // GetLoginProfile operations.
 31908  type LoginProfile struct {
 31909  	_ struct{} `type:"structure"`
 31910  
 31911  	// The date when the password for the user was created.
 31912  	//
 31913  	// CreateDate is a required field
 31914  	CreateDate *time.Time `type:"timestamp" required:"true"`
 31915  
 31916  	// Specifies whether the user is required to set a new password on next sign-in.
 31917  	PasswordResetRequired *bool `type:"boolean"`
 31918  
 31919  	// The name of the user, which can be used for signing in to the Amazon Web
 31920  	// Services Management Console.
 31921  	//
 31922  	// UserName is a required field
 31923  	UserName *string `min:"1" type:"string" required:"true"`
 31924  }
 31925  
 31926  // String returns the string representation.
 31927  //
 31928  // API parameter values that are decorated as "sensitive" in the API will not
 31929  // be included in the string output. The member name will be present, but the
 31930  // value will be replaced with "sensitive".
 31931  func (s LoginProfile) String() string {
 31932  	return awsutil.Prettify(s)
 31933  }
 31934  
 31935  // GoString returns the string representation.
 31936  //
 31937  // API parameter values that are decorated as "sensitive" in the API will not
 31938  // be included in the string output. The member name will be present, but the
 31939  // value will be replaced with "sensitive".
 31940  func (s LoginProfile) GoString() string {
 31941  	return s.String()
 31942  }
 31943  
 31944  // SetCreateDate sets the CreateDate field's value.
 31945  func (s *LoginProfile) SetCreateDate(v time.Time) *LoginProfile {
 31946  	s.CreateDate = &v
 31947  	return s
 31948  }
 31949  
 31950  // SetPasswordResetRequired sets the PasswordResetRequired field's value.
 31951  func (s *LoginProfile) SetPasswordResetRequired(v bool) *LoginProfile {
 31952  	s.PasswordResetRequired = &v
 31953  	return s
 31954  }
 31955  
 31956  // SetUserName sets the UserName field's value.
 31957  func (s *LoginProfile) SetUserName(v string) *LoginProfile {
 31958  	s.UserName = &v
 31959  	return s
 31960  }
 31961  
 31962  // Contains information about an MFA device.
 31963  //
 31964  // This data type is used as a response element in the ListMFADevices operation.
 31965  type MFADevice struct {
 31966  	_ struct{} `type:"structure"`
 31967  
 31968  	// The date when the MFA device was enabled for the user.
 31969  	//
 31970  	// EnableDate is a required field
 31971  	EnableDate *time.Time `type:"timestamp" required:"true"`
 31972  
 31973  	// The serial number that uniquely identifies the MFA device. For virtual MFA
 31974  	// devices, the serial number is the device ARN.
 31975  	//
 31976  	// SerialNumber is a required field
 31977  	SerialNumber *string `min:"9" type:"string" required:"true"`
 31978  
 31979  	// The user with whom the MFA device is associated.
 31980  	//
 31981  	// UserName is a required field
 31982  	UserName *string `min:"1" type:"string" required:"true"`
 31983  }
 31984  
 31985  // String returns the string representation.
 31986  //
 31987  // API parameter values that are decorated as "sensitive" in the API will not
 31988  // be included in the string output. The member name will be present, but the
 31989  // value will be replaced with "sensitive".
 31990  func (s MFADevice) String() string {
 31991  	return awsutil.Prettify(s)
 31992  }
 31993  
 31994  // GoString returns the string representation.
 31995  //
 31996  // API parameter values that are decorated as "sensitive" in the API will not
 31997  // be included in the string output. The member name will be present, but the
 31998  // value will be replaced with "sensitive".
 31999  func (s MFADevice) GoString() string {
 32000  	return s.String()
 32001  }
 32002  
 32003  // SetEnableDate sets the EnableDate field's value.
 32004  func (s *MFADevice) SetEnableDate(v time.Time) *MFADevice {
 32005  	s.EnableDate = &v
 32006  	return s
 32007  }
 32008  
 32009  // SetSerialNumber sets the SerialNumber field's value.
 32010  func (s *MFADevice) SetSerialNumber(v string) *MFADevice {
 32011  	s.SerialNumber = &v
 32012  	return s
 32013  }
 32014  
 32015  // SetUserName sets the UserName field's value.
 32016  func (s *MFADevice) SetUserName(v string) *MFADevice {
 32017  	s.UserName = &v
 32018  	return s
 32019  }
 32020  
 32021  // Contains information about a managed policy, including the policy's ARN,
 32022  // versions, and the number of principal entities (users, groups, and roles)
 32023  // that the policy is attached to.
 32024  //
 32025  // This data type is used as a response element in the GetAccountAuthorizationDetails
 32026  // operation.
 32027  //
 32028  // For more information about managed policies, see Managed policies and inline
 32029  // policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
 32030  // in the IAM User Guide.
 32031  type ManagedPolicyDetail struct {
 32032  	_ struct{} `type:"structure"`
 32033  
 32034  	// The Amazon Resource Name (ARN). ARNs are unique identifiers for Amazon Web
 32035  	// Services resources.
 32036  	//
 32037  	// For more information about ARNs, go to Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
 32038  	// in the Amazon Web Services General Reference.
 32039  	Arn *string `min:"20" type:"string"`
 32040  
 32041  	// The number of principal entities (users, groups, and roles) that the policy
 32042  	// is attached to.
 32043  	AttachmentCount *int64 `type:"integer"`
 32044  
 32045  	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
 32046  	// when the policy was created.
 32047  	CreateDate *time.Time `type:"timestamp"`
 32048  
 32049  	// The identifier for the version of the policy that is set as the default (operative)
 32050  	// version.
 32051  	//
 32052  	// For more information about policy versions, see Versioning for managed policies
 32053  	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-versions.html)
 32054  	// in the IAM User Guide.
 32055  	DefaultVersionId *string `type:"string"`
 32056  
 32057  	// A friendly description of the policy.
 32058  	Description *string `type:"string"`
 32059  
 32060  	// Specifies whether the policy can be attached to an IAM user, group, or role.
 32061  	IsAttachable *bool `type:"boolean"`
 32062  
 32063  	// The path to the policy.
 32064  	//
 32065  	// For more information about paths, see IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
 32066  	// in the IAM User Guide.
 32067  	Path *string `min:"1" type:"string"`
 32068  
 32069  	// The number of entities (users and roles) for which the policy is used as
 32070  	// the permissions boundary.
 32071  	//
 32072  	// For more information about permissions boundaries, see Permissions boundaries
 32073  	// for IAM identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html)
 32074  	// in the IAM User Guide.
 32075  	PermissionsBoundaryUsageCount *int64 `type:"integer"`
 32076  
 32077  	// The stable and unique string identifying the policy.
 32078  	//
 32079  	// For more information about IDs, see IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
 32080  	// in the IAM User Guide.
 32081  	PolicyId *string `min:"16" type:"string"`
 32082  
 32083  	// The friendly name (not ARN) identifying the policy.
 32084  	PolicyName *string `min:"1" type:"string"`
 32085  
 32086  	// A list containing information about the versions of the policy.
 32087  	PolicyVersionList []*PolicyVersion `type:"list"`
 32088  
 32089  	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
 32090  	// when the policy was last updated.
 32091  	//
 32092  	// When a policy has only one version, this field contains the date and time
 32093  	// when the policy was created. When a policy has more than one version, this
 32094  	// field contains the date and time when the most recent policy version was
 32095  	// created.
 32096  	UpdateDate *time.Time `type:"timestamp"`
 32097  }
 32098  
 32099  // String returns the string representation.
 32100  //
 32101  // API parameter values that are decorated as "sensitive" in the API will not
 32102  // be included in the string output. The member name will be present, but the
 32103  // value will be replaced with "sensitive".
 32104  func (s ManagedPolicyDetail) String() string {
 32105  	return awsutil.Prettify(s)
 32106  }
 32107  
 32108  // GoString returns the string representation.
 32109  //
 32110  // API parameter values that are decorated as "sensitive" in the API will not
 32111  // be included in the string output. The member name will be present, but the
 32112  // value will be replaced with "sensitive".
 32113  func (s ManagedPolicyDetail) GoString() string {
 32114  	return s.String()
 32115  }
 32116  
 32117  // SetArn sets the Arn field's value.
 32118  func (s *ManagedPolicyDetail) SetArn(v string) *ManagedPolicyDetail {
 32119  	s.Arn = &v
 32120  	return s
 32121  }
 32122  
 32123  // SetAttachmentCount sets the AttachmentCount field's value.
 32124  func (s *ManagedPolicyDetail) SetAttachmentCount(v int64) *ManagedPolicyDetail {
 32125  	s.AttachmentCount = &v
 32126  	return s
 32127  }
 32128  
 32129  // SetCreateDate sets the CreateDate field's value.
 32130  func (s *ManagedPolicyDetail) SetCreateDate(v time.Time) *ManagedPolicyDetail {
 32131  	s.CreateDate = &v
 32132  	return s
 32133  }
 32134  
 32135  // SetDefaultVersionId sets the DefaultVersionId field's value.
 32136  func (s *ManagedPolicyDetail) SetDefaultVersionId(v string) *ManagedPolicyDetail {
 32137  	s.DefaultVersionId = &v
 32138  	return s
 32139  }
 32140  
 32141  // SetDescription sets the Description field's value.
 32142  func (s *ManagedPolicyDetail) SetDescription(v string) *ManagedPolicyDetail {
 32143  	s.Description = &v
 32144  	return s
 32145  }
 32146  
 32147  // SetIsAttachable sets the IsAttachable field's value.
 32148  func (s *ManagedPolicyDetail) SetIsAttachable(v bool) *ManagedPolicyDetail {
 32149  	s.IsAttachable = &v
 32150  	return s
 32151  }
 32152  
 32153  // SetPath sets the Path field's value.
 32154  func (s *ManagedPolicyDetail) SetPath(v string) *ManagedPolicyDetail {
 32155  	s.Path = &v
 32156  	return s
 32157  }
 32158  
 32159  // SetPermissionsBoundaryUsageCount sets the PermissionsBoundaryUsageCount field's value.
 32160  func (s *ManagedPolicyDetail) SetPermissionsBoundaryUsageCount(v int64) *ManagedPolicyDetail {
 32161  	s.PermissionsBoundaryUsageCount = &v
 32162  	return s
 32163  }
 32164  
 32165  // SetPolicyId sets the PolicyId field's value.
 32166  func (s *ManagedPolicyDetail) SetPolicyId(v string) *ManagedPolicyDetail {
 32167  	s.PolicyId = &v
 32168  	return s
 32169  }
 32170  
 32171  // SetPolicyName sets the PolicyName field's value.
 32172  func (s *ManagedPolicyDetail) SetPolicyName(v string) *ManagedPolicyDetail {
 32173  	s.PolicyName = &v
 32174  	return s
 32175  }
 32176  
 32177  // SetPolicyVersionList sets the PolicyVersionList field's value.
 32178  func (s *ManagedPolicyDetail) SetPolicyVersionList(v []*PolicyVersion) *ManagedPolicyDetail {
 32179  	s.PolicyVersionList = v
 32180  	return s
 32181  }
 32182  
 32183  // SetUpdateDate sets the UpdateDate field's value.
 32184  func (s *ManagedPolicyDetail) SetUpdateDate(v time.Time) *ManagedPolicyDetail {
 32185  	s.UpdateDate = &v
 32186  	return s
 32187  }
 32188  
 32189  // Contains the Amazon Resource Name (ARN) for an IAM OpenID Connect provider.
 32190  type OpenIDConnectProviderListEntry struct {
 32191  	_ struct{} `type:"structure"`
 32192  
 32193  	// The Amazon Resource Name (ARN). ARNs are unique identifiers for Amazon Web
 32194  	// Services resources.
 32195  	//
 32196  	// For more information about ARNs, go to Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
 32197  	// in the Amazon Web Services General Reference.
 32198  	Arn *string `min:"20" type:"string"`
 32199  }
 32200  
 32201  // String returns the string representation.
 32202  //
 32203  // API parameter values that are decorated as "sensitive" in the API will not
 32204  // be included in the string output. The member name will be present, but the
 32205  // value will be replaced with "sensitive".
 32206  func (s OpenIDConnectProviderListEntry) String() string {
 32207  	return awsutil.Prettify(s)
 32208  }
 32209  
 32210  // GoString returns the string representation.
 32211  //
 32212  // API parameter values that are decorated as "sensitive" in the API will not
 32213  // be included in the string output. The member name will be present, but the
 32214  // value will be replaced with "sensitive".
 32215  func (s OpenIDConnectProviderListEntry) GoString() string {
 32216  	return s.String()
 32217  }
 32218  
 32219  // SetArn sets the Arn field's value.
 32220  func (s *OpenIDConnectProviderListEntry) SetArn(v string) *OpenIDConnectProviderListEntry {
 32221  	s.Arn = &v
 32222  	return s
 32223  }
 32224  
 32225  // Contains information about the effect that Organizations has on a policy
 32226  // simulation.
 32227  type OrganizationsDecisionDetail struct {
 32228  	_ struct{} `type:"structure"`
 32229  
 32230  	// Specifies whether the simulated operation is allowed by the Organizations
 32231  	// service control policies that impact the simulated user's account.
 32232  	AllowedByOrganizations *bool `type:"boolean"`
 32233  }
 32234  
 32235  // String returns the string representation.
 32236  //
 32237  // API parameter values that are decorated as "sensitive" in the API will not
 32238  // be included in the string output. The member name will be present, but the
 32239  // value will be replaced with "sensitive".
 32240  func (s OrganizationsDecisionDetail) String() string {
 32241  	return awsutil.Prettify(s)
 32242  }
 32243  
 32244  // GoString returns the string representation.
 32245  //
 32246  // API parameter values that are decorated as "sensitive" in the API will not
 32247  // be included in the string output. The member name will be present, but the
 32248  // value will be replaced with "sensitive".
 32249  func (s OrganizationsDecisionDetail) GoString() string {
 32250  	return s.String()
 32251  }
 32252  
 32253  // SetAllowedByOrganizations sets the AllowedByOrganizations field's value.
 32254  func (s *OrganizationsDecisionDetail) SetAllowedByOrganizations(v bool) *OrganizationsDecisionDetail {
 32255  	s.AllowedByOrganizations = &v
 32256  	return s
 32257  }
 32258  
 32259  // Contains information about the account password policy.
 32260  //
 32261  // This data type is used as a response element in the GetAccountPasswordPolicy
 32262  // operation.
 32263  type PasswordPolicy struct {
 32264  	_ struct{} `type:"structure"`
 32265  
 32266  	// Specifies whether IAM users are allowed to change their own password.
 32267  	AllowUsersToChangePassword *bool `type:"boolean"`
 32268  
 32269  	// Indicates whether passwords in the account expire. Returns true if MaxPasswordAge
 32270  	// contains a value greater than 0. Returns false if MaxPasswordAge is 0 or
 32271  	// not present.
 32272  	ExpirePasswords *bool `type:"boolean"`
 32273  
 32274  	// Specifies whether IAM users are prevented from setting a new password after
 32275  	// their password has expired.
 32276  	HardExpiry *bool `type:"boolean"`
 32277  
 32278  	// The number of days that an IAM user password is valid.
 32279  	MaxPasswordAge *int64 `min:"1" type:"integer"`
 32280  
 32281  	// Minimum length to require for IAM user passwords.
 32282  	MinimumPasswordLength *int64 `min:"6" type:"integer"`
 32283  
 32284  	// Specifies the number of previous passwords that IAM users are prevented from
 32285  	// reusing.
 32286  	PasswordReusePrevention *int64 `min:"1" type:"integer"`
 32287  
 32288  	// Specifies whether IAM user passwords must contain at least one lowercase
 32289  	// character (a to z).
 32290  	RequireLowercaseCharacters *bool `type:"boolean"`
 32291  
 32292  	// Specifies whether IAM user passwords must contain at least one numeric character
 32293  	// (0 to 9).
 32294  	RequireNumbers *bool `type:"boolean"`
 32295  
 32296  	// Specifies whether IAM user passwords must contain at least one of the following
 32297  	// symbols:
 32298  	//
 32299  	// ! @ # $ % ^ & * ( ) _ + - = [ ] { } | '
 32300  	RequireSymbols *bool `type:"boolean"`
 32301  
 32302  	// Specifies whether IAM user passwords must contain at least one uppercase
 32303  	// character (A to Z).
 32304  	RequireUppercaseCharacters *bool `type:"boolean"`
 32305  }
 32306  
 32307  // String returns the string representation.
 32308  //
 32309  // API parameter values that are decorated as "sensitive" in the API will not
 32310  // be included in the string output. The member name will be present, but the
 32311  // value will be replaced with "sensitive".
 32312  func (s PasswordPolicy) String() string {
 32313  	return awsutil.Prettify(s)
 32314  }
 32315  
 32316  // GoString returns the string representation.
 32317  //
 32318  // API parameter values that are decorated as "sensitive" in the API will not
 32319  // be included in the string output. The member name will be present, but the
 32320  // value will be replaced with "sensitive".
 32321  func (s PasswordPolicy) GoString() string {
 32322  	return s.String()
 32323  }
 32324  
 32325  // SetAllowUsersToChangePassword sets the AllowUsersToChangePassword field's value.
 32326  func (s *PasswordPolicy) SetAllowUsersToChangePassword(v bool) *PasswordPolicy {
 32327  	s.AllowUsersToChangePassword = &v
 32328  	return s
 32329  }
 32330  
 32331  // SetExpirePasswords sets the ExpirePasswords field's value.
 32332  func (s *PasswordPolicy) SetExpirePasswords(v bool) *PasswordPolicy {
 32333  	s.ExpirePasswords = &v
 32334  	return s
 32335  }
 32336  
 32337  // SetHardExpiry sets the HardExpiry field's value.
 32338  func (s *PasswordPolicy) SetHardExpiry(v bool) *PasswordPolicy {
 32339  	s.HardExpiry = &v
 32340  	return s
 32341  }
 32342  
 32343  // SetMaxPasswordAge sets the MaxPasswordAge field's value.
 32344  func (s *PasswordPolicy) SetMaxPasswordAge(v int64) *PasswordPolicy {
 32345  	s.MaxPasswordAge = &v
 32346  	return s
 32347  }
 32348  
 32349  // SetMinimumPasswordLength sets the MinimumPasswordLength field's value.
 32350  func (s *PasswordPolicy) SetMinimumPasswordLength(v int64) *PasswordPolicy {
 32351  	s.MinimumPasswordLength = &v
 32352  	return s
 32353  }
 32354  
 32355  // SetPasswordReusePrevention sets the PasswordReusePrevention field's value.
 32356  func (s *PasswordPolicy) SetPasswordReusePrevention(v int64) *PasswordPolicy {
 32357  	s.PasswordReusePrevention = &v
 32358  	return s
 32359  }
 32360  
 32361  // SetRequireLowercaseCharacters sets the RequireLowercaseCharacters field's value.
 32362  func (s *PasswordPolicy) SetRequireLowercaseCharacters(v bool) *PasswordPolicy {
 32363  	s.RequireLowercaseCharacters = &v
 32364  	return s
 32365  }
 32366  
 32367  // SetRequireNumbers sets the RequireNumbers field's value.
 32368  func (s *PasswordPolicy) SetRequireNumbers(v bool) *PasswordPolicy {
 32369  	s.RequireNumbers = &v
 32370  	return s
 32371  }
 32372  
 32373  // SetRequireSymbols sets the RequireSymbols field's value.
 32374  func (s *PasswordPolicy) SetRequireSymbols(v bool) *PasswordPolicy {
 32375  	s.RequireSymbols = &v
 32376  	return s
 32377  }
 32378  
 32379  // SetRequireUppercaseCharacters sets the RequireUppercaseCharacters field's value.
 32380  func (s *PasswordPolicy) SetRequireUppercaseCharacters(v bool) *PasswordPolicy {
 32381  	s.RequireUppercaseCharacters = &v
 32382  	return s
 32383  }
 32384  
 32385  // Contains information about the effect that a permissions boundary has on
 32386  // a policy simulation when the boundary is applied to an IAM entity.
 32387  type PermissionsBoundaryDecisionDetail struct {
 32388  	_ struct{} `type:"structure"`
 32389  
 32390  	// Specifies whether an action is allowed by a permissions boundary that is
 32391  	// applied to an IAM entity (user or role). A value of true means that the permissions
 32392  	// boundary does not deny the action. This means that the policy includes an
 32393  	// Allow statement that matches the request. In this case, if an identity-based
 32394  	// policy also allows the action, the request is allowed. A value of false means
 32395  	// that either the requested action is not allowed (implicitly denied) or that
 32396  	// the action is explicitly denied by the permissions boundary. In both of these
 32397  	// cases, the action is not allowed, regardless of the identity-based policy.
 32398  	AllowedByPermissionsBoundary *bool `type:"boolean"`
 32399  }
 32400  
 32401  // String returns the string representation.
 32402  //
 32403  // API parameter values that are decorated as "sensitive" in the API will not
 32404  // be included in the string output. The member name will be present, but the
 32405  // value will be replaced with "sensitive".
 32406  func (s PermissionsBoundaryDecisionDetail) String() string {
 32407  	return awsutil.Prettify(s)
 32408  }
 32409  
 32410  // GoString returns the string representation.
 32411  //
 32412  // API parameter values that are decorated as "sensitive" in the API will not
 32413  // be included in the string output. The member name will be present, but the
 32414  // value will be replaced with "sensitive".
 32415  func (s PermissionsBoundaryDecisionDetail) GoString() string {
 32416  	return s.String()
 32417  }
 32418  
 32419  // SetAllowedByPermissionsBoundary sets the AllowedByPermissionsBoundary field's value.
 32420  func (s *PermissionsBoundaryDecisionDetail) SetAllowedByPermissionsBoundary(v bool) *PermissionsBoundaryDecisionDetail {
 32421  	s.AllowedByPermissionsBoundary = &v
 32422  	return s
 32423  }
 32424  
 32425  // Contains information about a managed policy.
 32426  //
 32427  // This data type is used as a response element in the CreatePolicy, GetPolicy,
 32428  // and ListPolicies operations.
 32429  //
 32430  // For more information about managed policies, refer to Managed policies and
 32431  // inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
 32432  // in the IAM User Guide.
 32433  type Policy struct {
 32434  	_ struct{} `type:"structure"`
 32435  
 32436  	// The Amazon Resource Name (ARN). ARNs are unique identifiers for Amazon Web
 32437  	// Services resources.
 32438  	//
 32439  	// For more information about ARNs, go to Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
 32440  	// in the Amazon Web Services General Reference.
 32441  	Arn *string `min:"20" type:"string"`
 32442  
 32443  	// The number of entities (users, groups, and roles) that the policy is attached
 32444  	// to.
 32445  	AttachmentCount *int64 `type:"integer"`
 32446  
 32447  	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
 32448  	// when the policy was created.
 32449  	CreateDate *time.Time `type:"timestamp"`
 32450  
 32451  	// The identifier for the version of the policy that is set as the default version.
 32452  	DefaultVersionId *string `type:"string"`
 32453  
 32454  	// A friendly description of the policy.
 32455  	//
 32456  	// This element is included in the response to the GetPolicy operation. It is
 32457  	// not included in the response to the ListPolicies operation.
 32458  	Description *string `type:"string"`
 32459  
 32460  	// Specifies whether the policy can be attached to an IAM user, group, or role.
 32461  	IsAttachable *bool `type:"boolean"`
 32462  
 32463  	// The path to the policy.
 32464  	//
 32465  	// For more information about paths, see IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
 32466  	// in the IAM User Guide.
 32467  	Path *string `min:"1" type:"string"`
 32468  
 32469  	// The number of entities (users and roles) for which the policy is used to
 32470  	// set the permissions boundary.
 32471  	//
 32472  	// For more information about permissions boundaries, see Permissions boundaries
 32473  	// for IAM identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html)
 32474  	// in the IAM User Guide.
 32475  	PermissionsBoundaryUsageCount *int64 `type:"integer"`
 32476  
 32477  	// The stable and unique string identifying the policy.
 32478  	//
 32479  	// For more information about IDs, see IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
 32480  	// in the IAM User Guide.
 32481  	PolicyId *string `min:"16" type:"string"`
 32482  
 32483  	// The friendly name (not ARN) identifying the policy.
 32484  	PolicyName *string `min:"1" type:"string"`
 32485  
 32486  	// A list of tags that are attached to the instance profile. For more information
 32487  	// about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
 32488  	// in the IAM User Guide.
 32489  	Tags []*Tag `type:"list"`
 32490  
 32491  	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
 32492  	// when the policy was last updated.
 32493  	//
 32494  	// When a policy has only one version, this field contains the date and time
 32495  	// when the policy was created. When a policy has more than one version, this
 32496  	// field contains the date and time when the most recent policy version was
 32497  	// created.
 32498  	UpdateDate *time.Time `type:"timestamp"`
 32499  }
 32500  
 32501  // String returns the string representation.
 32502  //
 32503  // API parameter values that are decorated as "sensitive" in the API will not
 32504  // be included in the string output. The member name will be present, but the
 32505  // value will be replaced with "sensitive".
 32506  func (s Policy) String() string {
 32507  	return awsutil.Prettify(s)
 32508  }
 32509  
 32510  // GoString returns the string representation.
 32511  //
 32512  // API parameter values that are decorated as "sensitive" in the API will not
 32513  // be included in the string output. The member name will be present, but the
 32514  // value will be replaced with "sensitive".
 32515  func (s Policy) GoString() string {
 32516  	return s.String()
 32517  }
 32518  
 32519  // SetArn sets the Arn field's value.
 32520  func (s *Policy) SetArn(v string) *Policy {
 32521  	s.Arn = &v
 32522  	return s
 32523  }
 32524  
 32525  // SetAttachmentCount sets the AttachmentCount field's value.
 32526  func (s *Policy) SetAttachmentCount(v int64) *Policy {
 32527  	s.AttachmentCount = &v
 32528  	return s
 32529  }
 32530  
 32531  // SetCreateDate sets the CreateDate field's value.
 32532  func (s *Policy) SetCreateDate(v time.Time) *Policy {
 32533  	s.CreateDate = &v
 32534  	return s
 32535  }
 32536  
 32537  // SetDefaultVersionId sets the DefaultVersionId field's value.
 32538  func (s *Policy) SetDefaultVersionId(v string) *Policy {
 32539  	s.DefaultVersionId = &v
 32540  	return s
 32541  }
 32542  
 32543  // SetDescription sets the Description field's value.
 32544  func (s *Policy) SetDescription(v string) *Policy {
 32545  	s.Description = &v
 32546  	return s
 32547  }
 32548  
 32549  // SetIsAttachable sets the IsAttachable field's value.
 32550  func (s *Policy) SetIsAttachable(v bool) *Policy {
 32551  	s.IsAttachable = &v
 32552  	return s
 32553  }
 32554  
 32555  // SetPath sets the Path field's value.
 32556  func (s *Policy) SetPath(v string) *Policy {
 32557  	s.Path = &v
 32558  	return s
 32559  }
 32560  
 32561  // SetPermissionsBoundaryUsageCount sets the PermissionsBoundaryUsageCount field's value.
 32562  func (s *Policy) SetPermissionsBoundaryUsageCount(v int64) *Policy {
 32563  	s.PermissionsBoundaryUsageCount = &v
 32564  	return s
 32565  }
 32566  
 32567  // SetPolicyId sets the PolicyId field's value.
 32568  func (s *Policy) SetPolicyId(v string) *Policy {
 32569  	s.PolicyId = &v
 32570  	return s
 32571  }
 32572  
 32573  // SetPolicyName sets the PolicyName field's value.
 32574  func (s *Policy) SetPolicyName(v string) *Policy {
 32575  	s.PolicyName = &v
 32576  	return s
 32577  }
 32578  
 32579  // SetTags sets the Tags field's value.
 32580  func (s *Policy) SetTags(v []*Tag) *Policy {
 32581  	s.Tags = v
 32582  	return s
 32583  }
 32584  
 32585  // SetUpdateDate sets the UpdateDate field's value.
 32586  func (s *Policy) SetUpdateDate(v time.Time) *Policy {
 32587  	s.UpdateDate = &v
 32588  	return s
 32589  }
 32590  
 32591  // Contains information about an IAM policy, including the policy document.
 32592  //
 32593  // This data type is used as a response element in the GetAccountAuthorizationDetails
 32594  // operation.
 32595  type PolicyDetail struct {
 32596  	_ struct{} `type:"structure"`
 32597  
 32598  	// The policy document.
 32599  	PolicyDocument *string `min:"1" type:"string"`
 32600  
 32601  	// The name of the policy.
 32602  	PolicyName *string `min:"1" type:"string"`
 32603  }
 32604  
 32605  // String returns the string representation.
 32606  //
 32607  // API parameter values that are decorated as "sensitive" in the API will not
 32608  // be included in the string output. The member name will be present, but the
 32609  // value will be replaced with "sensitive".
 32610  func (s PolicyDetail) String() string {
 32611  	return awsutil.Prettify(s)
 32612  }
 32613  
 32614  // GoString returns the string representation.
 32615  //
 32616  // API parameter values that are decorated as "sensitive" in the API will not
 32617  // be included in the string output. The member name will be present, but the
 32618  // value will be replaced with "sensitive".
 32619  func (s PolicyDetail) GoString() string {
 32620  	return s.String()
 32621  }
 32622  
 32623  // SetPolicyDocument sets the PolicyDocument field's value.
 32624  func (s *PolicyDetail) SetPolicyDocument(v string) *PolicyDetail {
 32625  	s.PolicyDocument = &v
 32626  	return s
 32627  }
 32628  
 32629  // SetPolicyName sets the PolicyName field's value.
 32630  func (s *PolicyDetail) SetPolicyName(v string) *PolicyDetail {
 32631  	s.PolicyName = &v
 32632  	return s
 32633  }
 32634  
 32635  // Contains details about the permissions policies that are attached to the
 32636  // specified identity (user, group, or role).
 32637  //
 32638  // This data type is an element of the ListPoliciesGrantingServiceAccessEntry
 32639  // object.
 32640  type PolicyGrantingServiceAccess struct {
 32641  	_ struct{} `type:"structure"`
 32642  
 32643  	// The name of the entity (user or role) to which the inline policy is attached.
 32644  	//
 32645  	// This field is null for managed policies. For more information about these
 32646  	// policy types, see Managed policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_managed-vs-inline.html)
 32647  	// in the IAM User Guide.
 32648  	EntityName *string `min:"1" type:"string"`
 32649  
 32650  	// The type of entity (user or role) that used the policy to access the service
 32651  	// to which the inline policy is attached.
 32652  	//
 32653  	// This field is null for managed policies. For more information about these
 32654  	// policy types, see Managed policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_managed-vs-inline.html)
 32655  	// in the IAM User Guide.
 32656  	EntityType *string `type:"string" enum:"PolicyOwnerEntityType"`
 32657  
 32658  	// The Amazon Resource Name (ARN). ARNs are unique identifiers for Amazon Web
 32659  	// Services resources.
 32660  	//
 32661  	// For more information about ARNs, go to Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
 32662  	// in the Amazon Web Services General Reference.
 32663  	PolicyArn *string `min:"20" type:"string"`
 32664  
 32665  	// The policy name.
 32666  	//
 32667  	// PolicyName is a required field
 32668  	PolicyName *string `min:"1" type:"string" required:"true"`
 32669  
 32670  	// The policy type. For more information about these policy types, see Managed
 32671  	// policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_managed-vs-inline.html)
 32672  	// in the IAM User Guide.
 32673  	//
 32674  	// PolicyType is a required field
 32675  	PolicyType *string `type:"string" required:"true" enum:"PolicyType"`
 32676  }
 32677  
 32678  // String returns the string representation.
 32679  //
 32680  // API parameter values that are decorated as "sensitive" in the API will not
 32681  // be included in the string output. The member name will be present, but the
 32682  // value will be replaced with "sensitive".
 32683  func (s PolicyGrantingServiceAccess) String() string {
 32684  	return awsutil.Prettify(s)
 32685  }
 32686  
 32687  // GoString returns the string representation.
 32688  //
 32689  // API parameter values that are decorated as "sensitive" in the API will not
 32690  // be included in the string output. The member name will be present, but the
 32691  // value will be replaced with "sensitive".
 32692  func (s PolicyGrantingServiceAccess) GoString() string {
 32693  	return s.String()
 32694  }
 32695  
 32696  // SetEntityName sets the EntityName field's value.
 32697  func (s *PolicyGrantingServiceAccess) SetEntityName(v string) *PolicyGrantingServiceAccess {
 32698  	s.EntityName = &v
 32699  	return s
 32700  }
 32701  
 32702  // SetEntityType sets the EntityType field's value.
 32703  func (s *PolicyGrantingServiceAccess) SetEntityType(v string) *PolicyGrantingServiceAccess {
 32704  	s.EntityType = &v
 32705  	return s
 32706  }
 32707  
 32708  // SetPolicyArn sets the PolicyArn field's value.
 32709  func (s *PolicyGrantingServiceAccess) SetPolicyArn(v string) *PolicyGrantingServiceAccess {
 32710  	s.PolicyArn = &v
 32711  	return s
 32712  }
 32713  
 32714  // SetPolicyName sets the PolicyName field's value.
 32715  func (s *PolicyGrantingServiceAccess) SetPolicyName(v string) *PolicyGrantingServiceAccess {
 32716  	s.PolicyName = &v
 32717  	return s
 32718  }
 32719  
 32720  // SetPolicyType sets the PolicyType field's value.
 32721  func (s *PolicyGrantingServiceAccess) SetPolicyType(v string) *PolicyGrantingServiceAccess {
 32722  	s.PolicyType = &v
 32723  	return s
 32724  }
 32725  
 32726  // Contains information about a group that a managed policy is attached to.
 32727  //
 32728  // This data type is used as a response element in the ListEntitiesForPolicy
 32729  // operation.
 32730  //
 32731  // For more information about managed policies, refer to Managed policies and
 32732  // inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
 32733  // in the IAM User Guide.
 32734  type PolicyGroup struct {
 32735  	_ struct{} `type:"structure"`
 32736  
 32737  	// The stable and unique string identifying the group. For more information
 32738  	// about IDs, see IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html)
 32739  	// in the IAM User Guide.
 32740  	GroupId *string `min:"16" type:"string"`
 32741  
 32742  	// The name (friendly name, not ARN) identifying the group.
 32743  	GroupName *string `min:"1" type:"string"`
 32744  }
 32745  
 32746  // String returns the string representation.
 32747  //
 32748  // API parameter values that are decorated as "sensitive" in the API will not
 32749  // be included in the string output. The member name will be present, but the
 32750  // value will be replaced with "sensitive".
 32751  func (s PolicyGroup) String() string {
 32752  	return awsutil.Prettify(s)
 32753  }
 32754  
 32755  // GoString returns the string representation.
 32756  //
 32757  // API parameter values that are decorated as "sensitive" in the API will not
 32758  // be included in the string output. The member name will be present, but the
 32759  // value will be replaced with "sensitive".
 32760  func (s PolicyGroup) GoString() string {
 32761  	return s.String()
 32762  }
 32763  
 32764  // SetGroupId sets the GroupId field's value.
 32765  func (s *PolicyGroup) SetGroupId(v string) *PolicyGroup {
 32766  	s.GroupId = &v
 32767  	return s
 32768  }
 32769  
 32770  // SetGroupName sets the GroupName field's value.
 32771  func (s *PolicyGroup) SetGroupName(v string) *PolicyGroup {
 32772  	s.GroupName = &v
 32773  	return s
 32774  }
 32775  
 32776  // Contains information about a role that a managed policy is attached to.
 32777  //
 32778  // This data type is used as a response element in the ListEntitiesForPolicy
 32779  // operation.
 32780  //
 32781  // For more information about managed policies, refer to Managed policies and
 32782  // inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
 32783  // in the IAM User Guide.
 32784  type PolicyRole struct {
 32785  	_ struct{} `type:"structure"`
 32786  
 32787  	// The stable and unique string identifying the role. For more information about
 32788  	// IDs, see IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html)
 32789  	// in the IAM User Guide.
 32790  	RoleId *string `min:"16" type:"string"`
 32791  
 32792  	// The name (friendly name, not ARN) identifying the role.
 32793  	RoleName *string `min:"1" type:"string"`
 32794  }
 32795  
 32796  // String returns the string representation.
 32797  //
 32798  // API parameter values that are decorated as "sensitive" in the API will not
 32799  // be included in the string output. The member name will be present, but the
 32800  // value will be replaced with "sensitive".
 32801  func (s PolicyRole) String() string {
 32802  	return awsutil.Prettify(s)
 32803  }
 32804  
 32805  // GoString returns the string representation.
 32806  //
 32807  // API parameter values that are decorated as "sensitive" in the API will not
 32808  // be included in the string output. The member name will be present, but the
 32809  // value will be replaced with "sensitive".
 32810  func (s PolicyRole) GoString() string {
 32811  	return s.String()
 32812  }
 32813  
 32814  // SetRoleId sets the RoleId field's value.
 32815  func (s *PolicyRole) SetRoleId(v string) *PolicyRole {
 32816  	s.RoleId = &v
 32817  	return s
 32818  }
 32819  
 32820  // SetRoleName sets the RoleName field's value.
 32821  func (s *PolicyRole) SetRoleName(v string) *PolicyRole {
 32822  	s.RoleName = &v
 32823  	return s
 32824  }
 32825  
 32826  // Contains information about a user that a managed policy is attached to.
 32827  //
 32828  // This data type is used as a response element in the ListEntitiesForPolicy
 32829  // operation.
 32830  //
 32831  // For more information about managed policies, refer to Managed policies and
 32832  // inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
 32833  // in the IAM User Guide.
 32834  type PolicyUser struct {
 32835  	_ struct{} `type:"structure"`
 32836  
 32837  	// The stable and unique string identifying the user. For more information about
 32838  	// IDs, see IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html)
 32839  	// in the IAM User Guide.
 32840  	UserId *string `min:"16" type:"string"`
 32841  
 32842  	// The name (friendly name, not ARN) identifying the user.
 32843  	UserName *string `min:"1" type:"string"`
 32844  }
 32845  
 32846  // String returns the string representation.
 32847  //
 32848  // API parameter values that are decorated as "sensitive" in the API will not
 32849  // be included in the string output. The member name will be present, but the
 32850  // value will be replaced with "sensitive".
 32851  func (s PolicyUser) String() string {
 32852  	return awsutil.Prettify(s)
 32853  }
 32854  
 32855  // GoString returns the string representation.
 32856  //
 32857  // API parameter values that are decorated as "sensitive" in the API will not
 32858  // be included in the string output. The member name will be present, but the
 32859  // value will be replaced with "sensitive".
 32860  func (s PolicyUser) GoString() string {
 32861  	return s.String()
 32862  }
 32863  
 32864  // SetUserId sets the UserId field's value.
 32865  func (s *PolicyUser) SetUserId(v string) *PolicyUser {
 32866  	s.UserId = &v
 32867  	return s
 32868  }
 32869  
 32870  // SetUserName sets the UserName field's value.
 32871  func (s *PolicyUser) SetUserName(v string) *PolicyUser {
 32872  	s.UserName = &v
 32873  	return s
 32874  }
 32875  
 32876  // Contains information about a version of a managed policy.
 32877  //
 32878  // This data type is used as a response element in the CreatePolicyVersion,
 32879  // GetPolicyVersion, ListPolicyVersions, and GetAccountAuthorizationDetails
 32880  // operations.
 32881  //
 32882  // For more information about managed policies, refer to Managed policies and
 32883  // inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html)
 32884  // in the IAM User Guide.
 32885  type PolicyVersion struct {
 32886  	_ struct{} `type:"structure"`
 32887  
 32888  	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
 32889  	// when the policy version was created.
 32890  	CreateDate *time.Time `type:"timestamp"`
 32891  
 32892  	// The policy document.
 32893  	//
 32894  	// The policy document is returned in the response to the GetPolicyVersion and
 32895  	// GetAccountAuthorizationDetails operations. It is not returned in the response
 32896  	// to the CreatePolicyVersion or ListPolicyVersions operations.
 32897  	//
 32898  	// The policy document returned in this structure is URL-encoded compliant with
 32899  	// RFC 3986 (https://tools.ietf.org/html/rfc3986). You can use a URL decoding
 32900  	// method to convert the policy back to plain JSON text. For example, if you
 32901  	// use Java, you can use the decode method of the java.net.URLDecoder utility
 32902  	// class in the Java SDK. Other languages and SDKs provide similar functionality.
 32903  	Document *string `min:"1" type:"string"`
 32904  
 32905  	// Specifies whether the policy version is set as the policy's default version.
 32906  	IsDefaultVersion *bool `type:"boolean"`
 32907  
 32908  	// The identifier for the policy version.
 32909  	//
 32910  	// Policy version identifiers always begin with v (always lowercase). When a
 32911  	// policy is created, the first policy version is v1.
 32912  	VersionId *string `type:"string"`
 32913  }
 32914  
 32915  // String returns the string representation.
 32916  //
 32917  // API parameter values that are decorated as "sensitive" in the API will not
 32918  // be included in the string output. The member name will be present, but the
 32919  // value will be replaced with "sensitive".
 32920  func (s PolicyVersion) String() string {
 32921  	return awsutil.Prettify(s)
 32922  }
 32923  
 32924  // GoString returns the string representation.
 32925  //
 32926  // API parameter values that are decorated as "sensitive" in the API will not
 32927  // be included in the string output. The member name will be present, but the
 32928  // value will be replaced with "sensitive".
 32929  func (s PolicyVersion) GoString() string {
 32930  	return s.String()
 32931  }
 32932  
 32933  // SetCreateDate sets the CreateDate field's value.
 32934  func (s *PolicyVersion) SetCreateDate(v time.Time) *PolicyVersion {
 32935  	s.CreateDate = &v
 32936  	return s
 32937  }
 32938  
 32939  // SetDocument sets the Document field's value.
 32940  func (s *PolicyVersion) SetDocument(v string) *PolicyVersion {
 32941  	s.Document = &v
 32942  	return s
 32943  }
 32944  
 32945  // SetIsDefaultVersion sets the IsDefaultVersion field's value.
 32946  func (s *PolicyVersion) SetIsDefaultVersion(v bool) *PolicyVersion {
 32947  	s.IsDefaultVersion = &v
 32948  	return s
 32949  }
 32950  
 32951  // SetVersionId sets the VersionId field's value.
 32952  func (s *PolicyVersion) SetVersionId(v string) *PolicyVersion {
 32953  	s.VersionId = &v
 32954  	return s
 32955  }
 32956  
 32957  // Contains the row and column of a location of a Statement element in a policy
 32958  // document.
 32959  //
 32960  // This data type is used as a member of the Statement type.
 32961  type Position struct {
 32962  	_ struct{} `type:"structure"`
 32963  
 32964  	// The column in the line containing the specified position in the document.
 32965  	Column *int64 `type:"integer"`
 32966  
 32967  	// The line containing the specified position in the document.
 32968  	Line *int64 `type:"integer"`
 32969  }
 32970  
 32971  // String returns the string representation.
 32972  //
 32973  // API parameter values that are decorated as "sensitive" in the API will not
 32974  // be included in the string output. The member name will be present, but the
 32975  // value will be replaced with "sensitive".
 32976  func (s Position) String() string {
 32977  	return awsutil.Prettify(s)
 32978  }
 32979  
 32980  // GoString returns the string representation.
 32981  //
 32982  // API parameter values that are decorated as "sensitive" in the API will not
 32983  // be included in the string output. The member name will be present, but the
 32984  // value will be replaced with "sensitive".
 32985  func (s Position) GoString() string {
 32986  	return s.String()
 32987  }
 32988  
 32989  // SetColumn sets the Column field's value.
 32990  func (s *Position) SetColumn(v int64) *Position {
 32991  	s.Column = &v
 32992  	return s
 32993  }
 32994  
 32995  // SetLine sets the Line field's value.
 32996  func (s *Position) SetLine(v int64) *Position {
 32997  	s.Line = &v
 32998  	return s
 32999  }
 33000  
 33001  type PutGroupPolicyInput struct {
 33002  	_ struct{} `type:"structure"`
 33003  
 33004  	// The name of the group to associate the policy with.
 33005  	//
 33006  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 33007  	// a string of characters consisting of upper and lowercase alphanumeric characters
 33008  	// with no spaces. You can also include any of the following characters: _+=,.@-.
 33009  	//
 33010  	// GroupName is a required field
 33011  	GroupName *string `min:"1" type:"string" required:"true"`
 33012  
 33013  	// The policy document.
 33014  	//
 33015  	// You must provide policies in JSON format in IAM. However, for CloudFormation
 33016  	// templates formatted in YAML, you can provide the policy in JSON or YAML format.
 33017  	// CloudFormation always converts a YAML policy to JSON format before submitting
 33018  	// it to = IAM.
 33019  	//
 33020  	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
 33021  	// parameter is a string of characters consisting of the following:
 33022  	//
 33023  	//    * Any printable ASCII character ranging from the space character (\u0020)
 33024  	//    through the end of the ASCII character range
 33025  	//
 33026  	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
 33027  	//    set (through \u00FF)
 33028  	//
 33029  	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
 33030  	//    return (\u000D)
 33031  	//
 33032  	// PolicyDocument is a required field
 33033  	PolicyDocument *string `min:"1" type:"string" required:"true"`
 33034  
 33035  	// The name of the policy document.
 33036  	//
 33037  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 33038  	// a string of characters consisting of upper and lowercase alphanumeric characters
 33039  	// with no spaces. You can also include any of the following characters: _+=,.@-
 33040  	//
 33041  	// PolicyName is a required field
 33042  	PolicyName *string `min:"1" type:"string" required:"true"`
 33043  }
 33044  
 33045  // String returns the string representation.
 33046  //
 33047  // API parameter values that are decorated as "sensitive" in the API will not
 33048  // be included in the string output. The member name will be present, but the
 33049  // value will be replaced with "sensitive".
 33050  func (s PutGroupPolicyInput) String() string {
 33051  	return awsutil.Prettify(s)
 33052  }
 33053  
 33054  // GoString returns the string representation.
 33055  //
 33056  // API parameter values that are decorated as "sensitive" in the API will not
 33057  // be included in the string output. The member name will be present, but the
 33058  // value will be replaced with "sensitive".
 33059  func (s PutGroupPolicyInput) GoString() string {
 33060  	return s.String()
 33061  }
 33062  
 33063  // Validate inspects the fields of the type to determine if they are valid.
 33064  func (s *PutGroupPolicyInput) Validate() error {
 33065  	invalidParams := request.ErrInvalidParams{Context: "PutGroupPolicyInput"}
 33066  	if s.GroupName == nil {
 33067  		invalidParams.Add(request.NewErrParamRequired("GroupName"))
 33068  	}
 33069  	if s.GroupName != nil && len(*s.GroupName) < 1 {
 33070  		invalidParams.Add(request.NewErrParamMinLen("GroupName", 1))
 33071  	}
 33072  	if s.PolicyDocument == nil {
 33073  		invalidParams.Add(request.NewErrParamRequired("PolicyDocument"))
 33074  	}
 33075  	if s.PolicyDocument != nil && len(*s.PolicyDocument) < 1 {
 33076  		invalidParams.Add(request.NewErrParamMinLen("PolicyDocument", 1))
 33077  	}
 33078  	if s.PolicyName == nil {
 33079  		invalidParams.Add(request.NewErrParamRequired("PolicyName"))
 33080  	}
 33081  	if s.PolicyName != nil && len(*s.PolicyName) < 1 {
 33082  		invalidParams.Add(request.NewErrParamMinLen("PolicyName", 1))
 33083  	}
 33084  
 33085  	if invalidParams.Len() > 0 {
 33086  		return invalidParams
 33087  	}
 33088  	return nil
 33089  }
 33090  
 33091  // SetGroupName sets the GroupName field's value.
 33092  func (s *PutGroupPolicyInput) SetGroupName(v string) *PutGroupPolicyInput {
 33093  	s.GroupName = &v
 33094  	return s
 33095  }
 33096  
 33097  // SetPolicyDocument sets the PolicyDocument field's value.
 33098  func (s *PutGroupPolicyInput) SetPolicyDocument(v string) *PutGroupPolicyInput {
 33099  	s.PolicyDocument = &v
 33100  	return s
 33101  }
 33102  
 33103  // SetPolicyName sets the PolicyName field's value.
 33104  func (s *PutGroupPolicyInput) SetPolicyName(v string) *PutGroupPolicyInput {
 33105  	s.PolicyName = &v
 33106  	return s
 33107  }
 33108  
 33109  type PutGroupPolicyOutput struct {
 33110  	_ struct{} `type:"structure"`
 33111  }
 33112  
 33113  // String returns the string representation.
 33114  //
 33115  // API parameter values that are decorated as "sensitive" in the API will not
 33116  // be included in the string output. The member name will be present, but the
 33117  // value will be replaced with "sensitive".
 33118  func (s PutGroupPolicyOutput) String() string {
 33119  	return awsutil.Prettify(s)
 33120  }
 33121  
 33122  // GoString returns the string representation.
 33123  //
 33124  // API parameter values that are decorated as "sensitive" in the API will not
 33125  // be included in the string output. The member name will be present, but the
 33126  // value will be replaced with "sensitive".
 33127  func (s PutGroupPolicyOutput) GoString() string {
 33128  	return s.String()
 33129  }
 33130  
 33131  type PutRolePermissionsBoundaryInput struct {
 33132  	_ struct{} `type:"structure"`
 33133  
 33134  	// The ARN of the policy that is used to set the permissions boundary for the
 33135  	// role.
 33136  	//
 33137  	// PermissionsBoundary is a required field
 33138  	PermissionsBoundary *string `min:"20" type:"string" required:"true"`
 33139  
 33140  	// The name (friendly name, not ARN) of the IAM role for which you want to set
 33141  	// the permissions boundary.
 33142  	//
 33143  	// RoleName is a required field
 33144  	RoleName *string `min:"1" type:"string" required:"true"`
 33145  }
 33146  
 33147  // String returns the string representation.
 33148  //
 33149  // API parameter values that are decorated as "sensitive" in the API will not
 33150  // be included in the string output. The member name will be present, but the
 33151  // value will be replaced with "sensitive".
 33152  func (s PutRolePermissionsBoundaryInput) String() string {
 33153  	return awsutil.Prettify(s)
 33154  }
 33155  
 33156  // GoString returns the string representation.
 33157  //
 33158  // API parameter values that are decorated as "sensitive" in the API will not
 33159  // be included in the string output. The member name will be present, but the
 33160  // value will be replaced with "sensitive".
 33161  func (s PutRolePermissionsBoundaryInput) GoString() string {
 33162  	return s.String()
 33163  }
 33164  
 33165  // Validate inspects the fields of the type to determine if they are valid.
 33166  func (s *PutRolePermissionsBoundaryInput) Validate() error {
 33167  	invalidParams := request.ErrInvalidParams{Context: "PutRolePermissionsBoundaryInput"}
 33168  	if s.PermissionsBoundary == nil {
 33169  		invalidParams.Add(request.NewErrParamRequired("PermissionsBoundary"))
 33170  	}
 33171  	if s.PermissionsBoundary != nil && len(*s.PermissionsBoundary) < 20 {
 33172  		invalidParams.Add(request.NewErrParamMinLen("PermissionsBoundary", 20))
 33173  	}
 33174  	if s.RoleName == nil {
 33175  		invalidParams.Add(request.NewErrParamRequired("RoleName"))
 33176  	}
 33177  	if s.RoleName != nil && len(*s.RoleName) < 1 {
 33178  		invalidParams.Add(request.NewErrParamMinLen("RoleName", 1))
 33179  	}
 33180  
 33181  	if invalidParams.Len() > 0 {
 33182  		return invalidParams
 33183  	}
 33184  	return nil
 33185  }
 33186  
 33187  // SetPermissionsBoundary sets the PermissionsBoundary field's value.
 33188  func (s *PutRolePermissionsBoundaryInput) SetPermissionsBoundary(v string) *PutRolePermissionsBoundaryInput {
 33189  	s.PermissionsBoundary = &v
 33190  	return s
 33191  }
 33192  
 33193  // SetRoleName sets the RoleName field's value.
 33194  func (s *PutRolePermissionsBoundaryInput) SetRoleName(v string) *PutRolePermissionsBoundaryInput {
 33195  	s.RoleName = &v
 33196  	return s
 33197  }
 33198  
 33199  type PutRolePermissionsBoundaryOutput struct {
 33200  	_ struct{} `type:"structure"`
 33201  }
 33202  
 33203  // String returns the string representation.
 33204  //
 33205  // API parameter values that are decorated as "sensitive" in the API will not
 33206  // be included in the string output. The member name will be present, but the
 33207  // value will be replaced with "sensitive".
 33208  func (s PutRolePermissionsBoundaryOutput) String() string {
 33209  	return awsutil.Prettify(s)
 33210  }
 33211  
 33212  // GoString returns the string representation.
 33213  //
 33214  // API parameter values that are decorated as "sensitive" in the API will not
 33215  // be included in the string output. The member name will be present, but the
 33216  // value will be replaced with "sensitive".
 33217  func (s PutRolePermissionsBoundaryOutput) GoString() string {
 33218  	return s.String()
 33219  }
 33220  
 33221  type PutRolePolicyInput struct {
 33222  	_ struct{} `type:"structure"`
 33223  
 33224  	// The policy document.
 33225  	//
 33226  	// You must provide policies in JSON format in IAM. However, for CloudFormation
 33227  	// templates formatted in YAML, you can provide the policy in JSON or YAML format.
 33228  	// CloudFormation always converts a YAML policy to JSON format before submitting
 33229  	// it to IAM.
 33230  	//
 33231  	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
 33232  	// parameter is a string of characters consisting of the following:
 33233  	//
 33234  	//    * Any printable ASCII character ranging from the space character (\u0020)
 33235  	//    through the end of the ASCII character range
 33236  	//
 33237  	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
 33238  	//    set (through \u00FF)
 33239  	//
 33240  	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
 33241  	//    return (\u000D)
 33242  	//
 33243  	// PolicyDocument is a required field
 33244  	PolicyDocument *string `min:"1" type:"string" required:"true"`
 33245  
 33246  	// The name of the policy document.
 33247  	//
 33248  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 33249  	// a string of characters consisting of upper and lowercase alphanumeric characters
 33250  	// with no spaces. You can also include any of the following characters: _+=,.@-
 33251  	//
 33252  	// PolicyName is a required field
 33253  	PolicyName *string `min:"1" type:"string" required:"true"`
 33254  
 33255  	// The name of the role to associate the policy with.
 33256  	//
 33257  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 33258  	// a string of characters consisting of upper and lowercase alphanumeric characters
 33259  	// with no spaces. You can also include any of the following characters: _+=,.@-
 33260  	//
 33261  	// RoleName is a required field
 33262  	RoleName *string `min:"1" type:"string" required:"true"`
 33263  }
 33264  
 33265  // String returns the string representation.
 33266  //
 33267  // API parameter values that are decorated as "sensitive" in the API will not
 33268  // be included in the string output. The member name will be present, but the
 33269  // value will be replaced with "sensitive".
 33270  func (s PutRolePolicyInput) String() string {
 33271  	return awsutil.Prettify(s)
 33272  }
 33273  
 33274  // GoString returns the string representation.
 33275  //
 33276  // API parameter values that are decorated as "sensitive" in the API will not
 33277  // be included in the string output. The member name will be present, but the
 33278  // value will be replaced with "sensitive".
 33279  func (s PutRolePolicyInput) GoString() string {
 33280  	return s.String()
 33281  }
 33282  
 33283  // Validate inspects the fields of the type to determine if they are valid.
 33284  func (s *PutRolePolicyInput) Validate() error {
 33285  	invalidParams := request.ErrInvalidParams{Context: "PutRolePolicyInput"}
 33286  	if s.PolicyDocument == nil {
 33287  		invalidParams.Add(request.NewErrParamRequired("PolicyDocument"))
 33288  	}
 33289  	if s.PolicyDocument != nil && len(*s.PolicyDocument) < 1 {
 33290  		invalidParams.Add(request.NewErrParamMinLen("PolicyDocument", 1))
 33291  	}
 33292  	if s.PolicyName == nil {
 33293  		invalidParams.Add(request.NewErrParamRequired("PolicyName"))
 33294  	}
 33295  	if s.PolicyName != nil && len(*s.PolicyName) < 1 {
 33296  		invalidParams.Add(request.NewErrParamMinLen("PolicyName", 1))
 33297  	}
 33298  	if s.RoleName == nil {
 33299  		invalidParams.Add(request.NewErrParamRequired("RoleName"))
 33300  	}
 33301  	if s.RoleName != nil && len(*s.RoleName) < 1 {
 33302  		invalidParams.Add(request.NewErrParamMinLen("RoleName", 1))
 33303  	}
 33304  
 33305  	if invalidParams.Len() > 0 {
 33306  		return invalidParams
 33307  	}
 33308  	return nil
 33309  }
 33310  
 33311  // SetPolicyDocument sets the PolicyDocument field's value.
 33312  func (s *PutRolePolicyInput) SetPolicyDocument(v string) *PutRolePolicyInput {
 33313  	s.PolicyDocument = &v
 33314  	return s
 33315  }
 33316  
 33317  // SetPolicyName sets the PolicyName field's value.
 33318  func (s *PutRolePolicyInput) SetPolicyName(v string) *PutRolePolicyInput {
 33319  	s.PolicyName = &v
 33320  	return s
 33321  }
 33322  
 33323  // SetRoleName sets the RoleName field's value.
 33324  func (s *PutRolePolicyInput) SetRoleName(v string) *PutRolePolicyInput {
 33325  	s.RoleName = &v
 33326  	return s
 33327  }
 33328  
 33329  type PutRolePolicyOutput struct {
 33330  	_ struct{} `type:"structure"`
 33331  }
 33332  
 33333  // String returns the string representation.
 33334  //
 33335  // API parameter values that are decorated as "sensitive" in the API will not
 33336  // be included in the string output. The member name will be present, but the
 33337  // value will be replaced with "sensitive".
 33338  func (s PutRolePolicyOutput) String() string {
 33339  	return awsutil.Prettify(s)
 33340  }
 33341  
 33342  // GoString returns the string representation.
 33343  //
 33344  // API parameter values that are decorated as "sensitive" in the API will not
 33345  // be included in the string output. The member name will be present, but the
 33346  // value will be replaced with "sensitive".
 33347  func (s PutRolePolicyOutput) GoString() string {
 33348  	return s.String()
 33349  }
 33350  
 33351  type PutUserPermissionsBoundaryInput struct {
 33352  	_ struct{} `type:"structure"`
 33353  
 33354  	// The ARN of the policy that is used to set the permissions boundary for the
 33355  	// user.
 33356  	//
 33357  	// PermissionsBoundary is a required field
 33358  	PermissionsBoundary *string `min:"20" type:"string" required:"true"`
 33359  
 33360  	// The name (friendly name, not ARN) of the IAM user for which you want to set
 33361  	// the permissions boundary.
 33362  	//
 33363  	// UserName is a required field
 33364  	UserName *string `min:"1" type:"string" required:"true"`
 33365  }
 33366  
 33367  // String returns the string representation.
 33368  //
 33369  // API parameter values that are decorated as "sensitive" in the API will not
 33370  // be included in the string output. The member name will be present, but the
 33371  // value will be replaced with "sensitive".
 33372  func (s PutUserPermissionsBoundaryInput) String() string {
 33373  	return awsutil.Prettify(s)
 33374  }
 33375  
 33376  // GoString returns the string representation.
 33377  //
 33378  // API parameter values that are decorated as "sensitive" in the API will not
 33379  // be included in the string output. The member name will be present, but the
 33380  // value will be replaced with "sensitive".
 33381  func (s PutUserPermissionsBoundaryInput) GoString() string {
 33382  	return s.String()
 33383  }
 33384  
 33385  // Validate inspects the fields of the type to determine if they are valid.
 33386  func (s *PutUserPermissionsBoundaryInput) Validate() error {
 33387  	invalidParams := request.ErrInvalidParams{Context: "PutUserPermissionsBoundaryInput"}
 33388  	if s.PermissionsBoundary == nil {
 33389  		invalidParams.Add(request.NewErrParamRequired("PermissionsBoundary"))
 33390  	}
 33391  	if s.PermissionsBoundary != nil && len(*s.PermissionsBoundary) < 20 {
 33392  		invalidParams.Add(request.NewErrParamMinLen("PermissionsBoundary", 20))
 33393  	}
 33394  	if s.UserName == nil {
 33395  		invalidParams.Add(request.NewErrParamRequired("UserName"))
 33396  	}
 33397  	if s.UserName != nil && len(*s.UserName) < 1 {
 33398  		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
 33399  	}
 33400  
 33401  	if invalidParams.Len() > 0 {
 33402  		return invalidParams
 33403  	}
 33404  	return nil
 33405  }
 33406  
 33407  // SetPermissionsBoundary sets the PermissionsBoundary field's value.
 33408  func (s *PutUserPermissionsBoundaryInput) SetPermissionsBoundary(v string) *PutUserPermissionsBoundaryInput {
 33409  	s.PermissionsBoundary = &v
 33410  	return s
 33411  }
 33412  
 33413  // SetUserName sets the UserName field's value.
 33414  func (s *PutUserPermissionsBoundaryInput) SetUserName(v string) *PutUserPermissionsBoundaryInput {
 33415  	s.UserName = &v
 33416  	return s
 33417  }
 33418  
 33419  type PutUserPermissionsBoundaryOutput struct {
 33420  	_ struct{} `type:"structure"`
 33421  }
 33422  
 33423  // String returns the string representation.
 33424  //
 33425  // API parameter values that are decorated as "sensitive" in the API will not
 33426  // be included in the string output. The member name will be present, but the
 33427  // value will be replaced with "sensitive".
 33428  func (s PutUserPermissionsBoundaryOutput) String() string {
 33429  	return awsutil.Prettify(s)
 33430  }
 33431  
 33432  // GoString returns the string representation.
 33433  //
 33434  // API parameter values that are decorated as "sensitive" in the API will not
 33435  // be included in the string output. The member name will be present, but the
 33436  // value will be replaced with "sensitive".
 33437  func (s PutUserPermissionsBoundaryOutput) GoString() string {
 33438  	return s.String()
 33439  }
 33440  
 33441  type PutUserPolicyInput struct {
 33442  	_ struct{} `type:"structure"`
 33443  
 33444  	// The policy document.
 33445  	//
 33446  	// You must provide policies in JSON format in IAM. However, for CloudFormation
 33447  	// templates formatted in YAML, you can provide the policy in JSON or YAML format.
 33448  	// CloudFormation always converts a YAML policy to JSON format before submitting
 33449  	// it to IAM.
 33450  	//
 33451  	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
 33452  	// parameter is a string of characters consisting of the following:
 33453  	//
 33454  	//    * Any printable ASCII character ranging from the space character (\u0020)
 33455  	//    through the end of the ASCII character range
 33456  	//
 33457  	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
 33458  	//    set (through \u00FF)
 33459  	//
 33460  	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
 33461  	//    return (\u000D)
 33462  	//
 33463  	// PolicyDocument is a required field
 33464  	PolicyDocument *string `min:"1" type:"string" required:"true"`
 33465  
 33466  	// The name of the policy document.
 33467  	//
 33468  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 33469  	// a string of characters consisting of upper and lowercase alphanumeric characters
 33470  	// with no spaces. You can also include any of the following characters: _+=,.@-
 33471  	//
 33472  	// PolicyName is a required field
 33473  	PolicyName *string `min:"1" type:"string" required:"true"`
 33474  
 33475  	// The name of the user to associate the policy with.
 33476  	//
 33477  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 33478  	// a string of characters consisting of upper and lowercase alphanumeric characters
 33479  	// with no spaces. You can also include any of the following characters: _+=,.@-
 33480  	//
 33481  	// UserName is a required field
 33482  	UserName *string `min:"1" type:"string" required:"true"`
 33483  }
 33484  
 33485  // String returns the string representation.
 33486  //
 33487  // API parameter values that are decorated as "sensitive" in the API will not
 33488  // be included in the string output. The member name will be present, but the
 33489  // value will be replaced with "sensitive".
 33490  func (s PutUserPolicyInput) String() string {
 33491  	return awsutil.Prettify(s)
 33492  }
 33493  
 33494  // GoString returns the string representation.
 33495  //
 33496  // API parameter values that are decorated as "sensitive" in the API will not
 33497  // be included in the string output. The member name will be present, but the
 33498  // value will be replaced with "sensitive".
 33499  func (s PutUserPolicyInput) GoString() string {
 33500  	return s.String()
 33501  }
 33502  
 33503  // Validate inspects the fields of the type to determine if they are valid.
 33504  func (s *PutUserPolicyInput) Validate() error {
 33505  	invalidParams := request.ErrInvalidParams{Context: "PutUserPolicyInput"}
 33506  	if s.PolicyDocument == nil {
 33507  		invalidParams.Add(request.NewErrParamRequired("PolicyDocument"))
 33508  	}
 33509  	if s.PolicyDocument != nil && len(*s.PolicyDocument) < 1 {
 33510  		invalidParams.Add(request.NewErrParamMinLen("PolicyDocument", 1))
 33511  	}
 33512  	if s.PolicyName == nil {
 33513  		invalidParams.Add(request.NewErrParamRequired("PolicyName"))
 33514  	}
 33515  	if s.PolicyName != nil && len(*s.PolicyName) < 1 {
 33516  		invalidParams.Add(request.NewErrParamMinLen("PolicyName", 1))
 33517  	}
 33518  	if s.UserName == nil {
 33519  		invalidParams.Add(request.NewErrParamRequired("UserName"))
 33520  	}
 33521  	if s.UserName != nil && len(*s.UserName) < 1 {
 33522  		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
 33523  	}
 33524  
 33525  	if invalidParams.Len() > 0 {
 33526  		return invalidParams
 33527  	}
 33528  	return nil
 33529  }
 33530  
 33531  // SetPolicyDocument sets the PolicyDocument field's value.
 33532  func (s *PutUserPolicyInput) SetPolicyDocument(v string) *PutUserPolicyInput {
 33533  	s.PolicyDocument = &v
 33534  	return s
 33535  }
 33536  
 33537  // SetPolicyName sets the PolicyName field's value.
 33538  func (s *PutUserPolicyInput) SetPolicyName(v string) *PutUserPolicyInput {
 33539  	s.PolicyName = &v
 33540  	return s
 33541  }
 33542  
 33543  // SetUserName sets the UserName field's value.
 33544  func (s *PutUserPolicyInput) SetUserName(v string) *PutUserPolicyInput {
 33545  	s.UserName = &v
 33546  	return s
 33547  }
 33548  
 33549  type PutUserPolicyOutput struct {
 33550  	_ struct{} `type:"structure"`
 33551  }
 33552  
 33553  // String returns the string representation.
 33554  //
 33555  // API parameter values that are decorated as "sensitive" in the API will not
 33556  // be included in the string output. The member name will be present, but the
 33557  // value will be replaced with "sensitive".
 33558  func (s PutUserPolicyOutput) String() string {
 33559  	return awsutil.Prettify(s)
 33560  }
 33561  
 33562  // GoString returns the string representation.
 33563  //
 33564  // API parameter values that are decorated as "sensitive" in the API will not
 33565  // be included in the string output. The member name will be present, but the
 33566  // value will be replaced with "sensitive".
 33567  func (s PutUserPolicyOutput) GoString() string {
 33568  	return s.String()
 33569  }
 33570  
 33571  type RemoveClientIDFromOpenIDConnectProviderInput struct {
 33572  	_ struct{} `type:"structure"`
 33573  
 33574  	// The client ID (also known as audience) to remove from the IAM OIDC provider
 33575  	// resource. For more information about client IDs, see CreateOpenIDConnectProvider.
 33576  	//
 33577  	// ClientID is a required field
 33578  	ClientID *string `min:"1" type:"string" required:"true"`
 33579  
 33580  	// The Amazon Resource Name (ARN) of the IAM OIDC provider resource to remove
 33581  	// the client ID from. You can get a list of OIDC provider ARNs by using the
 33582  	// ListOpenIDConnectProviders operation.
 33583  	//
 33584  	// For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
 33585  	// in the Amazon Web Services General Reference.
 33586  	//
 33587  	// OpenIDConnectProviderArn is a required field
 33588  	OpenIDConnectProviderArn *string `min:"20" type:"string" required:"true"`
 33589  }
 33590  
 33591  // String returns the string representation.
 33592  //
 33593  // API parameter values that are decorated as "sensitive" in the API will not
 33594  // be included in the string output. The member name will be present, but the
 33595  // value will be replaced with "sensitive".
 33596  func (s RemoveClientIDFromOpenIDConnectProviderInput) String() string {
 33597  	return awsutil.Prettify(s)
 33598  }
 33599  
 33600  // GoString returns the string representation.
 33601  //
 33602  // API parameter values that are decorated as "sensitive" in the API will not
 33603  // be included in the string output. The member name will be present, but the
 33604  // value will be replaced with "sensitive".
 33605  func (s RemoveClientIDFromOpenIDConnectProviderInput) GoString() string {
 33606  	return s.String()
 33607  }
 33608  
 33609  // Validate inspects the fields of the type to determine if they are valid.
 33610  func (s *RemoveClientIDFromOpenIDConnectProviderInput) Validate() error {
 33611  	invalidParams := request.ErrInvalidParams{Context: "RemoveClientIDFromOpenIDConnectProviderInput"}
 33612  	if s.ClientID == nil {
 33613  		invalidParams.Add(request.NewErrParamRequired("ClientID"))
 33614  	}
 33615  	if s.ClientID != nil && len(*s.ClientID) < 1 {
 33616  		invalidParams.Add(request.NewErrParamMinLen("ClientID", 1))
 33617  	}
 33618  	if s.OpenIDConnectProviderArn == nil {
 33619  		invalidParams.Add(request.NewErrParamRequired("OpenIDConnectProviderArn"))
 33620  	}
 33621  	if s.OpenIDConnectProviderArn != nil && len(*s.OpenIDConnectProviderArn) < 20 {
 33622  		invalidParams.Add(request.NewErrParamMinLen("OpenIDConnectProviderArn", 20))
 33623  	}
 33624  
 33625  	if invalidParams.Len() > 0 {
 33626  		return invalidParams
 33627  	}
 33628  	return nil
 33629  }
 33630  
 33631  // SetClientID sets the ClientID field's value.
 33632  func (s *RemoveClientIDFromOpenIDConnectProviderInput) SetClientID(v string) *RemoveClientIDFromOpenIDConnectProviderInput {
 33633  	s.ClientID = &v
 33634  	return s
 33635  }
 33636  
 33637  // SetOpenIDConnectProviderArn sets the OpenIDConnectProviderArn field's value.
 33638  func (s *RemoveClientIDFromOpenIDConnectProviderInput) SetOpenIDConnectProviderArn(v string) *RemoveClientIDFromOpenIDConnectProviderInput {
 33639  	s.OpenIDConnectProviderArn = &v
 33640  	return s
 33641  }
 33642  
 33643  type RemoveClientIDFromOpenIDConnectProviderOutput struct {
 33644  	_ struct{} `type:"structure"`
 33645  }
 33646  
 33647  // String returns the string representation.
 33648  //
 33649  // API parameter values that are decorated as "sensitive" in the API will not
 33650  // be included in the string output. The member name will be present, but the
 33651  // value will be replaced with "sensitive".
 33652  func (s RemoveClientIDFromOpenIDConnectProviderOutput) String() string {
 33653  	return awsutil.Prettify(s)
 33654  }
 33655  
 33656  // GoString returns the string representation.
 33657  //
 33658  // API parameter values that are decorated as "sensitive" in the API will not
 33659  // be included in the string output. The member name will be present, but the
 33660  // value will be replaced with "sensitive".
 33661  func (s RemoveClientIDFromOpenIDConnectProviderOutput) GoString() string {
 33662  	return s.String()
 33663  }
 33664  
 33665  type RemoveRoleFromInstanceProfileInput struct {
 33666  	_ struct{} `type:"structure"`
 33667  
 33668  	// The name of the instance profile to update.
 33669  	//
 33670  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 33671  	// a string of characters consisting of upper and lowercase alphanumeric characters
 33672  	// with no spaces. You can also include any of the following characters: _+=,.@-
 33673  	//
 33674  	// InstanceProfileName is a required field
 33675  	InstanceProfileName *string `min:"1" type:"string" required:"true"`
 33676  
 33677  	// The name of the role to remove.
 33678  	//
 33679  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 33680  	// a string of characters consisting of upper and lowercase alphanumeric characters
 33681  	// with no spaces. You can also include any of the following characters: _+=,.@-
 33682  	//
 33683  	// RoleName is a required field
 33684  	RoleName *string `min:"1" type:"string" required:"true"`
 33685  }
 33686  
 33687  // String returns the string representation.
 33688  //
 33689  // API parameter values that are decorated as "sensitive" in the API will not
 33690  // be included in the string output. The member name will be present, but the
 33691  // value will be replaced with "sensitive".
 33692  func (s RemoveRoleFromInstanceProfileInput) String() string {
 33693  	return awsutil.Prettify(s)
 33694  }
 33695  
 33696  // GoString returns the string representation.
 33697  //
 33698  // API parameter values that are decorated as "sensitive" in the API will not
 33699  // be included in the string output. The member name will be present, but the
 33700  // value will be replaced with "sensitive".
 33701  func (s RemoveRoleFromInstanceProfileInput) GoString() string {
 33702  	return s.String()
 33703  }
 33704  
 33705  // Validate inspects the fields of the type to determine if they are valid.
 33706  func (s *RemoveRoleFromInstanceProfileInput) Validate() error {
 33707  	invalidParams := request.ErrInvalidParams{Context: "RemoveRoleFromInstanceProfileInput"}
 33708  	if s.InstanceProfileName == nil {
 33709  		invalidParams.Add(request.NewErrParamRequired("InstanceProfileName"))
 33710  	}
 33711  	if s.InstanceProfileName != nil && len(*s.InstanceProfileName) < 1 {
 33712  		invalidParams.Add(request.NewErrParamMinLen("InstanceProfileName", 1))
 33713  	}
 33714  	if s.RoleName == nil {
 33715  		invalidParams.Add(request.NewErrParamRequired("RoleName"))
 33716  	}
 33717  	if s.RoleName != nil && len(*s.RoleName) < 1 {
 33718  		invalidParams.Add(request.NewErrParamMinLen("RoleName", 1))
 33719  	}
 33720  
 33721  	if invalidParams.Len() > 0 {
 33722  		return invalidParams
 33723  	}
 33724  	return nil
 33725  }
 33726  
 33727  // SetInstanceProfileName sets the InstanceProfileName field's value.
 33728  func (s *RemoveRoleFromInstanceProfileInput) SetInstanceProfileName(v string) *RemoveRoleFromInstanceProfileInput {
 33729  	s.InstanceProfileName = &v
 33730  	return s
 33731  }
 33732  
 33733  // SetRoleName sets the RoleName field's value.
 33734  func (s *RemoveRoleFromInstanceProfileInput) SetRoleName(v string) *RemoveRoleFromInstanceProfileInput {
 33735  	s.RoleName = &v
 33736  	return s
 33737  }
 33738  
 33739  type RemoveRoleFromInstanceProfileOutput struct {
 33740  	_ struct{} `type:"structure"`
 33741  }
 33742  
 33743  // String returns the string representation.
 33744  //
 33745  // API parameter values that are decorated as "sensitive" in the API will not
 33746  // be included in the string output. The member name will be present, but the
 33747  // value will be replaced with "sensitive".
 33748  func (s RemoveRoleFromInstanceProfileOutput) String() string {
 33749  	return awsutil.Prettify(s)
 33750  }
 33751  
 33752  // GoString returns the string representation.
 33753  //
 33754  // API parameter values that are decorated as "sensitive" in the API will not
 33755  // be included in the string output. The member name will be present, but the
 33756  // value will be replaced with "sensitive".
 33757  func (s RemoveRoleFromInstanceProfileOutput) GoString() string {
 33758  	return s.String()
 33759  }
 33760  
 33761  type RemoveUserFromGroupInput struct {
 33762  	_ struct{} `type:"structure"`
 33763  
 33764  	// The name of the group to update.
 33765  	//
 33766  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 33767  	// a string of characters consisting of upper and lowercase alphanumeric characters
 33768  	// with no spaces. You can also include any of the following characters: _+=,.@-
 33769  	//
 33770  	// GroupName is a required field
 33771  	GroupName *string `min:"1" type:"string" required:"true"`
 33772  
 33773  	// The name of the user to remove.
 33774  	//
 33775  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 33776  	// a string of characters consisting of upper and lowercase alphanumeric characters
 33777  	// with no spaces. You can also include any of the following characters: _+=,.@-
 33778  	//
 33779  	// UserName is a required field
 33780  	UserName *string `min:"1" type:"string" required:"true"`
 33781  }
 33782  
 33783  // String returns the string representation.
 33784  //
 33785  // API parameter values that are decorated as "sensitive" in the API will not
 33786  // be included in the string output. The member name will be present, but the
 33787  // value will be replaced with "sensitive".
 33788  func (s RemoveUserFromGroupInput) String() string {
 33789  	return awsutil.Prettify(s)
 33790  }
 33791  
 33792  // GoString returns the string representation.
 33793  //
 33794  // API parameter values that are decorated as "sensitive" in the API will not
 33795  // be included in the string output. The member name will be present, but the
 33796  // value will be replaced with "sensitive".
 33797  func (s RemoveUserFromGroupInput) GoString() string {
 33798  	return s.String()
 33799  }
 33800  
 33801  // Validate inspects the fields of the type to determine if they are valid.
 33802  func (s *RemoveUserFromGroupInput) Validate() error {
 33803  	invalidParams := request.ErrInvalidParams{Context: "RemoveUserFromGroupInput"}
 33804  	if s.GroupName == nil {
 33805  		invalidParams.Add(request.NewErrParamRequired("GroupName"))
 33806  	}
 33807  	if s.GroupName != nil && len(*s.GroupName) < 1 {
 33808  		invalidParams.Add(request.NewErrParamMinLen("GroupName", 1))
 33809  	}
 33810  	if s.UserName == nil {
 33811  		invalidParams.Add(request.NewErrParamRequired("UserName"))
 33812  	}
 33813  	if s.UserName != nil && len(*s.UserName) < 1 {
 33814  		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
 33815  	}
 33816  
 33817  	if invalidParams.Len() > 0 {
 33818  		return invalidParams
 33819  	}
 33820  	return nil
 33821  }
 33822  
 33823  // SetGroupName sets the GroupName field's value.
 33824  func (s *RemoveUserFromGroupInput) SetGroupName(v string) *RemoveUserFromGroupInput {
 33825  	s.GroupName = &v
 33826  	return s
 33827  }
 33828  
 33829  // SetUserName sets the UserName field's value.
 33830  func (s *RemoveUserFromGroupInput) SetUserName(v string) *RemoveUserFromGroupInput {
 33831  	s.UserName = &v
 33832  	return s
 33833  }
 33834  
 33835  type RemoveUserFromGroupOutput struct {
 33836  	_ struct{} `type:"structure"`
 33837  }
 33838  
 33839  // String returns the string representation.
 33840  //
 33841  // API parameter values that are decorated as "sensitive" in the API will not
 33842  // be included in the string output. The member name will be present, but the
 33843  // value will be replaced with "sensitive".
 33844  func (s RemoveUserFromGroupOutput) String() string {
 33845  	return awsutil.Prettify(s)
 33846  }
 33847  
 33848  // GoString returns the string representation.
 33849  //
 33850  // API parameter values that are decorated as "sensitive" in the API will not
 33851  // be included in the string output. The member name will be present, but the
 33852  // value will be replaced with "sensitive".
 33853  func (s RemoveUserFromGroupOutput) GoString() string {
 33854  	return s.String()
 33855  }
 33856  
 33857  type ResetServiceSpecificCredentialInput struct {
 33858  	_ struct{} `type:"structure"`
 33859  
 33860  	// The unique identifier of the service-specific credential.
 33861  	//
 33862  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 33863  	// a string of characters that can consist of any upper or lowercased letter
 33864  	// or digit.
 33865  	//
 33866  	// ServiceSpecificCredentialId is a required field
 33867  	ServiceSpecificCredentialId *string `min:"20" type:"string" required:"true"`
 33868  
 33869  	// The name of the IAM user associated with the service-specific credential.
 33870  	// If this value is not specified, then the operation assumes the user whose
 33871  	// credentials are used to call the operation.
 33872  	//
 33873  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 33874  	// a string of characters consisting of upper and lowercase alphanumeric characters
 33875  	// with no spaces. You can also include any of the following characters: _+=,.@-
 33876  	UserName *string `min:"1" type:"string"`
 33877  }
 33878  
 33879  // String returns the string representation.
 33880  //
 33881  // API parameter values that are decorated as "sensitive" in the API will not
 33882  // be included in the string output. The member name will be present, but the
 33883  // value will be replaced with "sensitive".
 33884  func (s ResetServiceSpecificCredentialInput) String() string {
 33885  	return awsutil.Prettify(s)
 33886  }
 33887  
 33888  // GoString returns the string representation.
 33889  //
 33890  // API parameter values that are decorated as "sensitive" in the API will not
 33891  // be included in the string output. The member name will be present, but the
 33892  // value will be replaced with "sensitive".
 33893  func (s ResetServiceSpecificCredentialInput) GoString() string {
 33894  	return s.String()
 33895  }
 33896  
 33897  // Validate inspects the fields of the type to determine if they are valid.
 33898  func (s *ResetServiceSpecificCredentialInput) Validate() error {
 33899  	invalidParams := request.ErrInvalidParams{Context: "ResetServiceSpecificCredentialInput"}
 33900  	if s.ServiceSpecificCredentialId == nil {
 33901  		invalidParams.Add(request.NewErrParamRequired("ServiceSpecificCredentialId"))
 33902  	}
 33903  	if s.ServiceSpecificCredentialId != nil && len(*s.ServiceSpecificCredentialId) < 20 {
 33904  		invalidParams.Add(request.NewErrParamMinLen("ServiceSpecificCredentialId", 20))
 33905  	}
 33906  	if s.UserName != nil && len(*s.UserName) < 1 {
 33907  		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
 33908  	}
 33909  
 33910  	if invalidParams.Len() > 0 {
 33911  		return invalidParams
 33912  	}
 33913  	return nil
 33914  }
 33915  
 33916  // SetServiceSpecificCredentialId sets the ServiceSpecificCredentialId field's value.
 33917  func (s *ResetServiceSpecificCredentialInput) SetServiceSpecificCredentialId(v string) *ResetServiceSpecificCredentialInput {
 33918  	s.ServiceSpecificCredentialId = &v
 33919  	return s
 33920  }
 33921  
 33922  // SetUserName sets the UserName field's value.
 33923  func (s *ResetServiceSpecificCredentialInput) SetUserName(v string) *ResetServiceSpecificCredentialInput {
 33924  	s.UserName = &v
 33925  	return s
 33926  }
 33927  
 33928  type ResetServiceSpecificCredentialOutput struct {
 33929  	_ struct{} `type:"structure"`
 33930  
 33931  	// A structure with details about the updated service-specific credential, including
 33932  	// the new password.
 33933  	//
 33934  	// This is the only time that you can access the password. You cannot recover
 33935  	// the password later, but you can reset it again.
 33936  	ServiceSpecificCredential *ServiceSpecificCredential `type:"structure"`
 33937  }
 33938  
 33939  // String returns the string representation.
 33940  //
 33941  // API parameter values that are decorated as "sensitive" in the API will not
 33942  // be included in the string output. The member name will be present, but the
 33943  // value will be replaced with "sensitive".
 33944  func (s ResetServiceSpecificCredentialOutput) String() string {
 33945  	return awsutil.Prettify(s)
 33946  }
 33947  
 33948  // GoString returns the string representation.
 33949  //
 33950  // API parameter values that are decorated as "sensitive" in the API will not
 33951  // be included in the string output. The member name will be present, but the
 33952  // value will be replaced with "sensitive".
 33953  func (s ResetServiceSpecificCredentialOutput) GoString() string {
 33954  	return s.String()
 33955  }
 33956  
 33957  // SetServiceSpecificCredential sets the ServiceSpecificCredential field's value.
 33958  func (s *ResetServiceSpecificCredentialOutput) SetServiceSpecificCredential(v *ServiceSpecificCredential) *ResetServiceSpecificCredentialOutput {
 33959  	s.ServiceSpecificCredential = v
 33960  	return s
 33961  }
 33962  
 33963  // Contains the result of the simulation of a single API operation call on a
 33964  // single resource.
 33965  //
 33966  // This data type is used by a member of the EvaluationResult data type.
 33967  type ResourceSpecificResult struct {
 33968  	_ struct{} `type:"structure"`
 33969  
 33970  	// Additional details about the results of the evaluation decision on a single
 33971  	// resource. This parameter is returned only for cross-account simulations.
 33972  	// This parameter explains how each policy type contributes to the resource-specific
 33973  	// evaluation decision.
 33974  	EvalDecisionDetails map[string]*string `type:"map"`
 33975  
 33976  	// The result of the simulation of the simulated API operation on the resource
 33977  	// specified in EvalResourceName.
 33978  	//
 33979  	// EvalResourceDecision is a required field
 33980  	EvalResourceDecision *string `type:"string" required:"true" enum:"PolicyEvaluationDecisionType"`
 33981  
 33982  	// The name of the simulated resource, in Amazon Resource Name (ARN) format.
 33983  	//
 33984  	// EvalResourceName is a required field
 33985  	EvalResourceName *string `min:"1" type:"string" required:"true"`
 33986  
 33987  	// A list of the statements in the input policies that determine the result
 33988  	// for this part of the simulation. Remember that even if multiple statements
 33989  	// allow the operation on the resource, if any statement denies that operation,
 33990  	// then the explicit deny overrides any allow. In addition, the deny statement
 33991  	// is the only entry included in the result.
 33992  	MatchedStatements []*Statement `type:"list"`
 33993  
 33994  	// A list of context keys that are required by the included input policies but
 33995  	// that were not provided by one of the input parameters. This list is used
 33996  	// when a list of ARNs is included in the ResourceArns parameter instead of
 33997  	// "*". If you do not specify individual resources, by setting ResourceArns
 33998  	// to "*" or by not including the ResourceArns parameter, then any missing context
 33999  	// values are instead included under the EvaluationResults section. To discover
 34000  	// the context keys used by a set of policies, you can call GetContextKeysForCustomPolicy
 34001  	// or GetContextKeysForPrincipalPolicy.
 34002  	MissingContextValues []*string `type:"list"`
 34003  
 34004  	// Contains information about the effect that a permissions boundary has on
 34005  	// a policy simulation when that boundary is applied to an IAM entity.
 34006  	PermissionsBoundaryDecisionDetail *PermissionsBoundaryDecisionDetail `type:"structure"`
 34007  }
 34008  
 34009  // String returns the string representation.
 34010  //
 34011  // API parameter values that are decorated as "sensitive" in the API will not
 34012  // be included in the string output. The member name will be present, but the
 34013  // value will be replaced with "sensitive".
 34014  func (s ResourceSpecificResult) String() string {
 34015  	return awsutil.Prettify(s)
 34016  }
 34017  
 34018  // GoString returns the string representation.
 34019  //
 34020  // API parameter values that are decorated as "sensitive" in the API will not
 34021  // be included in the string output. The member name will be present, but the
 34022  // value will be replaced with "sensitive".
 34023  func (s ResourceSpecificResult) GoString() string {
 34024  	return s.String()
 34025  }
 34026  
 34027  // SetEvalDecisionDetails sets the EvalDecisionDetails field's value.
 34028  func (s *ResourceSpecificResult) SetEvalDecisionDetails(v map[string]*string) *ResourceSpecificResult {
 34029  	s.EvalDecisionDetails = v
 34030  	return s
 34031  }
 34032  
 34033  // SetEvalResourceDecision sets the EvalResourceDecision field's value.
 34034  func (s *ResourceSpecificResult) SetEvalResourceDecision(v string) *ResourceSpecificResult {
 34035  	s.EvalResourceDecision = &v
 34036  	return s
 34037  }
 34038  
 34039  // SetEvalResourceName sets the EvalResourceName field's value.
 34040  func (s *ResourceSpecificResult) SetEvalResourceName(v string) *ResourceSpecificResult {
 34041  	s.EvalResourceName = &v
 34042  	return s
 34043  }
 34044  
 34045  // SetMatchedStatements sets the MatchedStatements field's value.
 34046  func (s *ResourceSpecificResult) SetMatchedStatements(v []*Statement) *ResourceSpecificResult {
 34047  	s.MatchedStatements = v
 34048  	return s
 34049  }
 34050  
 34051  // SetMissingContextValues sets the MissingContextValues field's value.
 34052  func (s *ResourceSpecificResult) SetMissingContextValues(v []*string) *ResourceSpecificResult {
 34053  	s.MissingContextValues = v
 34054  	return s
 34055  }
 34056  
 34057  // SetPermissionsBoundaryDecisionDetail sets the PermissionsBoundaryDecisionDetail field's value.
 34058  func (s *ResourceSpecificResult) SetPermissionsBoundaryDecisionDetail(v *PermissionsBoundaryDecisionDetail) *ResourceSpecificResult {
 34059  	s.PermissionsBoundaryDecisionDetail = v
 34060  	return s
 34061  }
 34062  
 34063  type ResyncMFADeviceInput struct {
 34064  	_ struct{} `type:"structure"`
 34065  
 34066  	// An authentication code emitted by the device.
 34067  	//
 34068  	// The format for this parameter is a sequence of six digits.
 34069  	//
 34070  	// AuthenticationCode1 is a required field
 34071  	AuthenticationCode1 *string `min:"6" type:"string" required:"true"`
 34072  
 34073  	// A subsequent authentication code emitted by the device.
 34074  	//
 34075  	// The format for this parameter is a sequence of six digits.
 34076  	//
 34077  	// AuthenticationCode2 is a required field
 34078  	AuthenticationCode2 *string `min:"6" type:"string" required:"true"`
 34079  
 34080  	// Serial number that uniquely identifies the MFA device.
 34081  	//
 34082  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 34083  	// a string of characters consisting of upper and lowercase alphanumeric characters
 34084  	// with no spaces. You can also include any of the following characters: _+=,.@-
 34085  	//
 34086  	// SerialNumber is a required field
 34087  	SerialNumber *string `min:"9" type:"string" required:"true"`
 34088  
 34089  	// The name of the user whose MFA device you want to resynchronize.
 34090  	//
 34091  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 34092  	// a string of characters consisting of upper and lowercase alphanumeric characters
 34093  	// with no spaces. You can also include any of the following characters: _+=,.@-
 34094  	//
 34095  	// UserName is a required field
 34096  	UserName *string `min:"1" type:"string" required:"true"`
 34097  }
 34098  
 34099  // String returns the string representation.
 34100  //
 34101  // API parameter values that are decorated as "sensitive" in the API will not
 34102  // be included in the string output. The member name will be present, but the
 34103  // value will be replaced with "sensitive".
 34104  func (s ResyncMFADeviceInput) String() string {
 34105  	return awsutil.Prettify(s)
 34106  }
 34107  
 34108  // GoString returns the string representation.
 34109  //
 34110  // API parameter values that are decorated as "sensitive" in the API will not
 34111  // be included in the string output. The member name will be present, but the
 34112  // value will be replaced with "sensitive".
 34113  func (s ResyncMFADeviceInput) GoString() string {
 34114  	return s.String()
 34115  }
 34116  
 34117  // Validate inspects the fields of the type to determine if they are valid.
 34118  func (s *ResyncMFADeviceInput) Validate() error {
 34119  	invalidParams := request.ErrInvalidParams{Context: "ResyncMFADeviceInput"}
 34120  	if s.AuthenticationCode1 == nil {
 34121  		invalidParams.Add(request.NewErrParamRequired("AuthenticationCode1"))
 34122  	}
 34123  	if s.AuthenticationCode1 != nil && len(*s.AuthenticationCode1) < 6 {
 34124  		invalidParams.Add(request.NewErrParamMinLen("AuthenticationCode1", 6))
 34125  	}
 34126  	if s.AuthenticationCode2 == nil {
 34127  		invalidParams.Add(request.NewErrParamRequired("AuthenticationCode2"))
 34128  	}
 34129  	if s.AuthenticationCode2 != nil && len(*s.AuthenticationCode2) < 6 {
 34130  		invalidParams.Add(request.NewErrParamMinLen("AuthenticationCode2", 6))
 34131  	}
 34132  	if s.SerialNumber == nil {
 34133  		invalidParams.Add(request.NewErrParamRequired("SerialNumber"))
 34134  	}
 34135  	if s.SerialNumber != nil && len(*s.SerialNumber) < 9 {
 34136  		invalidParams.Add(request.NewErrParamMinLen("SerialNumber", 9))
 34137  	}
 34138  	if s.UserName == nil {
 34139  		invalidParams.Add(request.NewErrParamRequired("UserName"))
 34140  	}
 34141  	if s.UserName != nil && len(*s.UserName) < 1 {
 34142  		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
 34143  	}
 34144  
 34145  	if invalidParams.Len() > 0 {
 34146  		return invalidParams
 34147  	}
 34148  	return nil
 34149  }
 34150  
 34151  // SetAuthenticationCode1 sets the AuthenticationCode1 field's value.
 34152  func (s *ResyncMFADeviceInput) SetAuthenticationCode1(v string) *ResyncMFADeviceInput {
 34153  	s.AuthenticationCode1 = &v
 34154  	return s
 34155  }
 34156  
 34157  // SetAuthenticationCode2 sets the AuthenticationCode2 field's value.
 34158  func (s *ResyncMFADeviceInput) SetAuthenticationCode2(v string) *ResyncMFADeviceInput {
 34159  	s.AuthenticationCode2 = &v
 34160  	return s
 34161  }
 34162  
 34163  // SetSerialNumber sets the SerialNumber field's value.
 34164  func (s *ResyncMFADeviceInput) SetSerialNumber(v string) *ResyncMFADeviceInput {
 34165  	s.SerialNumber = &v
 34166  	return s
 34167  }
 34168  
 34169  // SetUserName sets the UserName field's value.
 34170  func (s *ResyncMFADeviceInput) SetUserName(v string) *ResyncMFADeviceInput {
 34171  	s.UserName = &v
 34172  	return s
 34173  }
 34174  
 34175  type ResyncMFADeviceOutput struct {
 34176  	_ struct{} `type:"structure"`
 34177  }
 34178  
 34179  // String returns the string representation.
 34180  //
 34181  // API parameter values that are decorated as "sensitive" in the API will not
 34182  // be included in the string output. The member name will be present, but the
 34183  // value will be replaced with "sensitive".
 34184  func (s ResyncMFADeviceOutput) String() string {
 34185  	return awsutil.Prettify(s)
 34186  }
 34187  
 34188  // GoString returns the string representation.
 34189  //
 34190  // API parameter values that are decorated as "sensitive" in the API will not
 34191  // be included in the string output. The member name will be present, but the
 34192  // value will be replaced with "sensitive".
 34193  func (s ResyncMFADeviceOutput) GoString() string {
 34194  	return s.String()
 34195  }
 34196  
 34197  // Contains information about an IAM role. This structure is returned as a response
 34198  // element in several API operations that interact with roles.
 34199  type Role struct {
 34200  	_ struct{} `type:"structure"`
 34201  
 34202  	// The Amazon Resource Name (ARN) specifying the role. For more information
 34203  	// about ARNs and how to use them in policies, see IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
 34204  	// in the IAM User Guide guide.
 34205  	//
 34206  	// Arn is a required field
 34207  	Arn *string `min:"20" type:"string" required:"true"`
 34208  
 34209  	// The policy that grants an entity permission to assume the role.
 34210  	AssumeRolePolicyDocument *string `min:"1" type:"string"`
 34211  
 34212  	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
 34213  	// when the role was created.
 34214  	//
 34215  	// CreateDate is a required field
 34216  	CreateDate *time.Time `type:"timestamp" required:"true"`
 34217  
 34218  	// A description of the role that you provide.
 34219  	Description *string `type:"string"`
 34220  
 34221  	// The maximum session duration (in seconds) for the specified role. Anyone
 34222  	// who uses the CLI, or API to assume the role can specify the duration using
 34223  	// the optional DurationSeconds API parameter or duration-seconds CLI parameter.
 34224  	MaxSessionDuration *int64 `min:"3600" type:"integer"`
 34225  
 34226  	// The path to the role. For more information about paths, see IAM identifiers
 34227  	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
 34228  	// in the IAM User Guide.
 34229  	//
 34230  	// Path is a required field
 34231  	Path *string `min:"1" type:"string" required:"true"`
 34232  
 34233  	// The ARN of the policy used to set the permissions boundary for the role.
 34234  	//
 34235  	// For more information about permissions boundaries, see Permissions boundaries
 34236  	// for IAM identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html)
 34237  	// in the IAM User Guide.
 34238  	PermissionsBoundary *AttachedPermissionsBoundary `type:"structure"`
 34239  
 34240  	// The stable and unique string identifying the role. For more information about
 34241  	// IDs, see IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
 34242  	// in the IAM User Guide.
 34243  	//
 34244  	// RoleId is a required field
 34245  	RoleId *string `min:"16" type:"string" required:"true"`
 34246  
 34247  	// Contains information about the last time that an IAM role was used. This
 34248  	// includes the date and time and the Region in which the role was last used.
 34249  	// Activity is only reported for the trailing 400 days. This period can be shorter
 34250  	// if your Region began supporting these features within the last year. The
 34251  	// role might have been used more than 400 days ago. For more information, see
 34252  	// Regions where data is tracked (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#access-advisor_tracking-period)
 34253  	// in the IAM User Guide.
 34254  	RoleLastUsed *RoleLastUsed `type:"structure"`
 34255  
 34256  	// The friendly name that identifies the role.
 34257  	//
 34258  	// RoleName is a required field
 34259  	RoleName *string `min:"1" type:"string" required:"true"`
 34260  
 34261  	// A list of tags that are attached to the role. For more information about
 34262  	// tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
 34263  	// in the IAM User Guide.
 34264  	Tags []*Tag `type:"list"`
 34265  }
 34266  
 34267  // String returns the string representation.
 34268  //
 34269  // API parameter values that are decorated as "sensitive" in the API will not
 34270  // be included in the string output. The member name will be present, but the
 34271  // value will be replaced with "sensitive".
 34272  func (s Role) String() string {
 34273  	return awsutil.Prettify(s)
 34274  }
 34275  
 34276  // GoString returns the string representation.
 34277  //
 34278  // API parameter values that are decorated as "sensitive" in the API will not
 34279  // be included in the string output. The member name will be present, but the
 34280  // value will be replaced with "sensitive".
 34281  func (s Role) GoString() string {
 34282  	return s.String()
 34283  }
 34284  
 34285  // SetArn sets the Arn field's value.
 34286  func (s *Role) SetArn(v string) *Role {
 34287  	s.Arn = &v
 34288  	return s
 34289  }
 34290  
 34291  // SetAssumeRolePolicyDocument sets the AssumeRolePolicyDocument field's value.
 34292  func (s *Role) SetAssumeRolePolicyDocument(v string) *Role {
 34293  	s.AssumeRolePolicyDocument = &v
 34294  	return s
 34295  }
 34296  
 34297  // SetCreateDate sets the CreateDate field's value.
 34298  func (s *Role) SetCreateDate(v time.Time) *Role {
 34299  	s.CreateDate = &v
 34300  	return s
 34301  }
 34302  
 34303  // SetDescription sets the Description field's value.
 34304  func (s *Role) SetDescription(v string) *Role {
 34305  	s.Description = &v
 34306  	return s
 34307  }
 34308  
 34309  // SetMaxSessionDuration sets the MaxSessionDuration field's value.
 34310  func (s *Role) SetMaxSessionDuration(v int64) *Role {
 34311  	s.MaxSessionDuration = &v
 34312  	return s
 34313  }
 34314  
 34315  // SetPath sets the Path field's value.
 34316  func (s *Role) SetPath(v string) *Role {
 34317  	s.Path = &v
 34318  	return s
 34319  }
 34320  
 34321  // SetPermissionsBoundary sets the PermissionsBoundary field's value.
 34322  func (s *Role) SetPermissionsBoundary(v *AttachedPermissionsBoundary) *Role {
 34323  	s.PermissionsBoundary = v
 34324  	return s
 34325  }
 34326  
 34327  // SetRoleId sets the RoleId field's value.
 34328  func (s *Role) SetRoleId(v string) *Role {
 34329  	s.RoleId = &v
 34330  	return s
 34331  }
 34332  
 34333  // SetRoleLastUsed sets the RoleLastUsed field's value.
 34334  func (s *Role) SetRoleLastUsed(v *RoleLastUsed) *Role {
 34335  	s.RoleLastUsed = v
 34336  	return s
 34337  }
 34338  
 34339  // SetRoleName sets the RoleName field's value.
 34340  func (s *Role) SetRoleName(v string) *Role {
 34341  	s.RoleName = &v
 34342  	return s
 34343  }
 34344  
 34345  // SetTags sets the Tags field's value.
 34346  func (s *Role) SetTags(v []*Tag) *Role {
 34347  	s.Tags = v
 34348  	return s
 34349  }
 34350  
 34351  // Contains information about an IAM role, including all of the role's policies.
 34352  //
 34353  // This data type is used as a response element in the GetAccountAuthorizationDetails
 34354  // operation.
 34355  type RoleDetail struct {
 34356  	_ struct{} `type:"structure"`
 34357  
 34358  	// The Amazon Resource Name (ARN). ARNs are unique identifiers for Amazon Web
 34359  	// Services resources.
 34360  	//
 34361  	// For more information about ARNs, go to Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
 34362  	// in the Amazon Web Services General Reference.
 34363  	Arn *string `min:"20" type:"string"`
 34364  
 34365  	// The trust policy that grants permission to assume the role.
 34366  	AssumeRolePolicyDocument *string `min:"1" type:"string"`
 34367  
 34368  	// A list of managed policies attached to the role. These policies are the role's
 34369  	// access (permissions) policies.
 34370  	AttachedManagedPolicies []*AttachedPolicy `type:"list"`
 34371  
 34372  	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
 34373  	// when the role was created.
 34374  	CreateDate *time.Time `type:"timestamp"`
 34375  
 34376  	// A list of instance profiles that contain this role.
 34377  	InstanceProfileList []*InstanceProfile `type:"list"`
 34378  
 34379  	// The path to the role. For more information about paths, see IAM identifiers
 34380  	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
 34381  	// in the IAM User Guide.
 34382  	Path *string `min:"1" type:"string"`
 34383  
 34384  	// The ARN of the policy used to set the permissions boundary for the role.
 34385  	//
 34386  	// For more information about permissions boundaries, see Permissions boundaries
 34387  	// for IAM identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html)
 34388  	// in the IAM User Guide.
 34389  	PermissionsBoundary *AttachedPermissionsBoundary `type:"structure"`
 34390  
 34391  	// The stable and unique string identifying the role. For more information about
 34392  	// IDs, see IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
 34393  	// in the IAM User Guide.
 34394  	RoleId *string `min:"16" type:"string"`
 34395  
 34396  	// Contains information about the last time that an IAM role was used. This
 34397  	// includes the date and time and the Region in which the role was last used.
 34398  	// Activity is only reported for the trailing 400 days. This period can be shorter
 34399  	// if your Region began supporting these features within the last year. The
 34400  	// role might have been used more than 400 days ago. For more information, see
 34401  	// Regions where data is tracked (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#access-advisor_tracking-period)
 34402  	// in the IAM User Guide.
 34403  	RoleLastUsed *RoleLastUsed `type:"structure"`
 34404  
 34405  	// The friendly name that identifies the role.
 34406  	RoleName *string `min:"1" type:"string"`
 34407  
 34408  	// A list of inline policies embedded in the role. These policies are the role's
 34409  	// access (permissions) policies.
 34410  	RolePolicyList []*PolicyDetail `type:"list"`
 34411  
 34412  	// A list of tags that are attached to the role. For more information about
 34413  	// tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
 34414  	// in the IAM User Guide.
 34415  	Tags []*Tag `type:"list"`
 34416  }
 34417  
 34418  // String returns the string representation.
 34419  //
 34420  // API parameter values that are decorated as "sensitive" in the API will not
 34421  // be included in the string output. The member name will be present, but the
 34422  // value will be replaced with "sensitive".
 34423  func (s RoleDetail) String() string {
 34424  	return awsutil.Prettify(s)
 34425  }
 34426  
 34427  // GoString returns the string representation.
 34428  //
 34429  // API parameter values that are decorated as "sensitive" in the API will not
 34430  // be included in the string output. The member name will be present, but the
 34431  // value will be replaced with "sensitive".
 34432  func (s RoleDetail) GoString() string {
 34433  	return s.String()
 34434  }
 34435  
 34436  // SetArn sets the Arn field's value.
 34437  func (s *RoleDetail) SetArn(v string) *RoleDetail {
 34438  	s.Arn = &v
 34439  	return s
 34440  }
 34441  
 34442  // SetAssumeRolePolicyDocument sets the AssumeRolePolicyDocument field's value.
 34443  func (s *RoleDetail) SetAssumeRolePolicyDocument(v string) *RoleDetail {
 34444  	s.AssumeRolePolicyDocument = &v
 34445  	return s
 34446  }
 34447  
 34448  // SetAttachedManagedPolicies sets the AttachedManagedPolicies field's value.
 34449  func (s *RoleDetail) SetAttachedManagedPolicies(v []*AttachedPolicy) *RoleDetail {
 34450  	s.AttachedManagedPolicies = v
 34451  	return s
 34452  }
 34453  
 34454  // SetCreateDate sets the CreateDate field's value.
 34455  func (s *RoleDetail) SetCreateDate(v time.Time) *RoleDetail {
 34456  	s.CreateDate = &v
 34457  	return s
 34458  }
 34459  
 34460  // SetInstanceProfileList sets the InstanceProfileList field's value.
 34461  func (s *RoleDetail) SetInstanceProfileList(v []*InstanceProfile) *RoleDetail {
 34462  	s.InstanceProfileList = v
 34463  	return s
 34464  }
 34465  
 34466  // SetPath sets the Path field's value.
 34467  func (s *RoleDetail) SetPath(v string) *RoleDetail {
 34468  	s.Path = &v
 34469  	return s
 34470  }
 34471  
 34472  // SetPermissionsBoundary sets the PermissionsBoundary field's value.
 34473  func (s *RoleDetail) SetPermissionsBoundary(v *AttachedPermissionsBoundary) *RoleDetail {
 34474  	s.PermissionsBoundary = v
 34475  	return s
 34476  }
 34477  
 34478  // SetRoleId sets the RoleId field's value.
 34479  func (s *RoleDetail) SetRoleId(v string) *RoleDetail {
 34480  	s.RoleId = &v
 34481  	return s
 34482  }
 34483  
 34484  // SetRoleLastUsed sets the RoleLastUsed field's value.
 34485  func (s *RoleDetail) SetRoleLastUsed(v *RoleLastUsed) *RoleDetail {
 34486  	s.RoleLastUsed = v
 34487  	return s
 34488  }
 34489  
 34490  // SetRoleName sets the RoleName field's value.
 34491  func (s *RoleDetail) SetRoleName(v string) *RoleDetail {
 34492  	s.RoleName = &v
 34493  	return s
 34494  }
 34495  
 34496  // SetRolePolicyList sets the RolePolicyList field's value.
 34497  func (s *RoleDetail) SetRolePolicyList(v []*PolicyDetail) *RoleDetail {
 34498  	s.RolePolicyList = v
 34499  	return s
 34500  }
 34501  
 34502  // SetTags sets the Tags field's value.
 34503  func (s *RoleDetail) SetTags(v []*Tag) *RoleDetail {
 34504  	s.Tags = v
 34505  	return s
 34506  }
 34507  
 34508  // Contains information about the last time that an IAM role was used. This
 34509  // includes the date and time and the Region in which the role was last used.
 34510  // Activity is only reported for the trailing 400 days. This period can be shorter
 34511  // if your Region began supporting these features within the last year. The
 34512  // role might have been used more than 400 days ago. For more information, see
 34513  // Regions where data is tracked (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#access-advisor_tracking-period)
 34514  // in the IAM User Guide.
 34515  //
 34516  // This data type is returned as a response element in the GetRole and GetAccountAuthorizationDetails
 34517  // operations.
 34518  type RoleLastUsed struct {
 34519  	_ struct{} `type:"structure"`
 34520  
 34521  	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601)
 34522  	// that the role was last used.
 34523  	//
 34524  	// This field is null if the role has not been used within the IAM tracking
 34525  	// period. For more information about the tracking period, see Regions where
 34526  	// data is tracked (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#access-advisor_tracking-period)
 34527  	// in the IAM User Guide.
 34528  	LastUsedDate *time.Time `type:"timestamp"`
 34529  
 34530  	// The name of the Amazon Web Services Region in which the role was last used.
 34531  	Region *string `type:"string"`
 34532  }
 34533  
 34534  // String returns the string representation.
 34535  //
 34536  // API parameter values that are decorated as "sensitive" in the API will not
 34537  // be included in the string output. The member name will be present, but the
 34538  // value will be replaced with "sensitive".
 34539  func (s RoleLastUsed) String() string {
 34540  	return awsutil.Prettify(s)
 34541  }
 34542  
 34543  // GoString returns the string representation.
 34544  //
 34545  // API parameter values that are decorated as "sensitive" in the API will not
 34546  // be included in the string output. The member name will be present, but the
 34547  // value will be replaced with "sensitive".
 34548  func (s RoleLastUsed) GoString() string {
 34549  	return s.String()
 34550  }
 34551  
 34552  // SetLastUsedDate sets the LastUsedDate field's value.
 34553  func (s *RoleLastUsed) SetLastUsedDate(v time.Time) *RoleLastUsed {
 34554  	s.LastUsedDate = &v
 34555  	return s
 34556  }
 34557  
 34558  // SetRegion sets the Region field's value.
 34559  func (s *RoleLastUsed) SetRegion(v string) *RoleLastUsed {
 34560  	s.Region = &v
 34561  	return s
 34562  }
 34563  
 34564  // An object that contains details about how a service-linked role is used,
 34565  // if that information is returned by the service.
 34566  //
 34567  // This data type is used as a response element in the GetServiceLinkedRoleDeletionStatus
 34568  // operation.
 34569  type RoleUsageType struct {
 34570  	_ struct{} `type:"structure"`
 34571  
 34572  	// The name of the Region where the service-linked role is being used.
 34573  	Region *string `min:"1" type:"string"`
 34574  
 34575  	// The name of the resource that is using the service-linked role.
 34576  	Resources []*string `type:"list"`
 34577  }
 34578  
 34579  // String returns the string representation.
 34580  //
 34581  // API parameter values that are decorated as "sensitive" in the API will not
 34582  // be included in the string output. The member name will be present, but the
 34583  // value will be replaced with "sensitive".
 34584  func (s RoleUsageType) String() string {
 34585  	return awsutil.Prettify(s)
 34586  }
 34587  
 34588  // GoString returns the string representation.
 34589  //
 34590  // API parameter values that are decorated as "sensitive" in the API will not
 34591  // be included in the string output. The member name will be present, but the
 34592  // value will be replaced with "sensitive".
 34593  func (s RoleUsageType) GoString() string {
 34594  	return s.String()
 34595  }
 34596  
 34597  // SetRegion sets the Region field's value.
 34598  func (s *RoleUsageType) SetRegion(v string) *RoleUsageType {
 34599  	s.Region = &v
 34600  	return s
 34601  }
 34602  
 34603  // SetResources sets the Resources field's value.
 34604  func (s *RoleUsageType) SetResources(v []*string) *RoleUsageType {
 34605  	s.Resources = v
 34606  	return s
 34607  }
 34608  
 34609  // Contains the list of SAML providers for this account.
 34610  type SAMLProviderListEntry struct {
 34611  	_ struct{} `type:"structure"`
 34612  
 34613  	// The Amazon Resource Name (ARN) of the SAML provider.
 34614  	Arn *string `min:"20" type:"string"`
 34615  
 34616  	// The date and time when the SAML provider was created.
 34617  	CreateDate *time.Time `type:"timestamp"`
 34618  
 34619  	// The expiration date and time for the SAML provider.
 34620  	ValidUntil *time.Time `type:"timestamp"`
 34621  }
 34622  
 34623  // String returns the string representation.
 34624  //
 34625  // API parameter values that are decorated as "sensitive" in the API will not
 34626  // be included in the string output. The member name will be present, but the
 34627  // value will be replaced with "sensitive".
 34628  func (s SAMLProviderListEntry) String() string {
 34629  	return awsutil.Prettify(s)
 34630  }
 34631  
 34632  // GoString returns the string representation.
 34633  //
 34634  // API parameter values that are decorated as "sensitive" in the API will not
 34635  // be included in the string output. The member name will be present, but the
 34636  // value will be replaced with "sensitive".
 34637  func (s SAMLProviderListEntry) GoString() string {
 34638  	return s.String()
 34639  }
 34640  
 34641  // SetArn sets the Arn field's value.
 34642  func (s *SAMLProviderListEntry) SetArn(v string) *SAMLProviderListEntry {
 34643  	s.Arn = &v
 34644  	return s
 34645  }
 34646  
 34647  // SetCreateDate sets the CreateDate field's value.
 34648  func (s *SAMLProviderListEntry) SetCreateDate(v time.Time) *SAMLProviderListEntry {
 34649  	s.CreateDate = &v
 34650  	return s
 34651  }
 34652  
 34653  // SetValidUntil sets the ValidUntil field's value.
 34654  func (s *SAMLProviderListEntry) SetValidUntil(v time.Time) *SAMLProviderListEntry {
 34655  	s.ValidUntil = &v
 34656  	return s
 34657  }
 34658  
 34659  // Contains information about an SSH public key.
 34660  //
 34661  // This data type is used as a response element in the GetSSHPublicKey and UploadSSHPublicKey
 34662  // operations.
 34663  type SSHPublicKey struct {
 34664  	_ struct{} `type:"structure"`
 34665  
 34666  	// The MD5 message digest of the SSH public key.
 34667  	//
 34668  	// Fingerprint is a required field
 34669  	Fingerprint *string `min:"48" type:"string" required:"true"`
 34670  
 34671  	// The SSH public key.
 34672  	//
 34673  	// SSHPublicKeyBody is a required field
 34674  	SSHPublicKeyBody *string `min:"1" type:"string" required:"true"`
 34675  
 34676  	// The unique identifier for the SSH public key.
 34677  	//
 34678  	// SSHPublicKeyId is a required field
 34679  	SSHPublicKeyId *string `min:"20" type:"string" required:"true"`
 34680  
 34681  	// The status of the SSH public key. Active means that the key can be used for
 34682  	// authentication with an CodeCommit repository. Inactive means that the key
 34683  	// cannot be used.
 34684  	//
 34685  	// Status is a required field
 34686  	Status *string `type:"string" required:"true" enum:"StatusType"`
 34687  
 34688  	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
 34689  	// when the SSH public key was uploaded.
 34690  	UploadDate *time.Time `type:"timestamp"`
 34691  
 34692  	// The name of the IAM user associated with the SSH public key.
 34693  	//
 34694  	// UserName is a required field
 34695  	UserName *string `min:"1" type:"string" required:"true"`
 34696  }
 34697  
 34698  // String returns the string representation.
 34699  //
 34700  // API parameter values that are decorated as "sensitive" in the API will not
 34701  // be included in the string output. The member name will be present, but the
 34702  // value will be replaced with "sensitive".
 34703  func (s SSHPublicKey) String() string {
 34704  	return awsutil.Prettify(s)
 34705  }
 34706  
 34707  // GoString returns the string representation.
 34708  //
 34709  // API parameter values that are decorated as "sensitive" in the API will not
 34710  // be included in the string output. The member name will be present, but the
 34711  // value will be replaced with "sensitive".
 34712  func (s SSHPublicKey) GoString() string {
 34713  	return s.String()
 34714  }
 34715  
 34716  // SetFingerprint sets the Fingerprint field's value.
 34717  func (s *SSHPublicKey) SetFingerprint(v string) *SSHPublicKey {
 34718  	s.Fingerprint = &v
 34719  	return s
 34720  }
 34721  
 34722  // SetSSHPublicKeyBody sets the SSHPublicKeyBody field's value.
 34723  func (s *SSHPublicKey) SetSSHPublicKeyBody(v string) *SSHPublicKey {
 34724  	s.SSHPublicKeyBody = &v
 34725  	return s
 34726  }
 34727  
 34728  // SetSSHPublicKeyId sets the SSHPublicKeyId field's value.
 34729  func (s *SSHPublicKey) SetSSHPublicKeyId(v string) *SSHPublicKey {
 34730  	s.SSHPublicKeyId = &v
 34731  	return s
 34732  }
 34733  
 34734  // SetStatus sets the Status field's value.
 34735  func (s *SSHPublicKey) SetStatus(v string) *SSHPublicKey {
 34736  	s.Status = &v
 34737  	return s
 34738  }
 34739  
 34740  // SetUploadDate sets the UploadDate field's value.
 34741  func (s *SSHPublicKey) SetUploadDate(v time.Time) *SSHPublicKey {
 34742  	s.UploadDate = &v
 34743  	return s
 34744  }
 34745  
 34746  // SetUserName sets the UserName field's value.
 34747  func (s *SSHPublicKey) SetUserName(v string) *SSHPublicKey {
 34748  	s.UserName = &v
 34749  	return s
 34750  }
 34751  
 34752  // Contains information about an SSH public key, without the key's body or fingerprint.
 34753  //
 34754  // This data type is used as a response element in the ListSSHPublicKeys operation.
 34755  type SSHPublicKeyMetadata struct {
 34756  	_ struct{} `type:"structure"`
 34757  
 34758  	// The unique identifier for the SSH public key.
 34759  	//
 34760  	// SSHPublicKeyId is a required field
 34761  	SSHPublicKeyId *string `min:"20" type:"string" required:"true"`
 34762  
 34763  	// The status of the SSH public key. Active means that the key can be used for
 34764  	// authentication with an CodeCommit repository. Inactive means that the key
 34765  	// cannot be used.
 34766  	//
 34767  	// Status is a required field
 34768  	Status *string `type:"string" required:"true" enum:"StatusType"`
 34769  
 34770  	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
 34771  	// when the SSH public key was uploaded.
 34772  	//
 34773  	// UploadDate is a required field
 34774  	UploadDate *time.Time `type:"timestamp" required:"true"`
 34775  
 34776  	// The name of the IAM user associated with the SSH public key.
 34777  	//
 34778  	// UserName is a required field
 34779  	UserName *string `min:"1" type:"string" required:"true"`
 34780  }
 34781  
 34782  // String returns the string representation.
 34783  //
 34784  // API parameter values that are decorated as "sensitive" in the API will not
 34785  // be included in the string output. The member name will be present, but the
 34786  // value will be replaced with "sensitive".
 34787  func (s SSHPublicKeyMetadata) String() string {
 34788  	return awsutil.Prettify(s)
 34789  }
 34790  
 34791  // GoString returns the string representation.
 34792  //
 34793  // API parameter values that are decorated as "sensitive" in the API will not
 34794  // be included in the string output. The member name will be present, but the
 34795  // value will be replaced with "sensitive".
 34796  func (s SSHPublicKeyMetadata) GoString() string {
 34797  	return s.String()
 34798  }
 34799  
 34800  // SetSSHPublicKeyId sets the SSHPublicKeyId field's value.
 34801  func (s *SSHPublicKeyMetadata) SetSSHPublicKeyId(v string) *SSHPublicKeyMetadata {
 34802  	s.SSHPublicKeyId = &v
 34803  	return s
 34804  }
 34805  
 34806  // SetStatus sets the Status field's value.
 34807  func (s *SSHPublicKeyMetadata) SetStatus(v string) *SSHPublicKeyMetadata {
 34808  	s.Status = &v
 34809  	return s
 34810  }
 34811  
 34812  // SetUploadDate sets the UploadDate field's value.
 34813  func (s *SSHPublicKeyMetadata) SetUploadDate(v time.Time) *SSHPublicKeyMetadata {
 34814  	s.UploadDate = &v
 34815  	return s
 34816  }
 34817  
 34818  // SetUserName sets the UserName field's value.
 34819  func (s *SSHPublicKeyMetadata) SetUserName(v string) *SSHPublicKeyMetadata {
 34820  	s.UserName = &v
 34821  	return s
 34822  }
 34823  
 34824  // Contains information about a server certificate.
 34825  //
 34826  // This data type is used as a response element in the GetServerCertificate
 34827  // operation.
 34828  type ServerCertificate struct {
 34829  	_ struct{} `type:"structure"`
 34830  
 34831  	// The contents of the public key certificate.
 34832  	//
 34833  	// CertificateBody is a required field
 34834  	CertificateBody *string `min:"1" type:"string" required:"true"`
 34835  
 34836  	// The contents of the public key certificate chain.
 34837  	CertificateChain *string `min:"1" type:"string"`
 34838  
 34839  	// The meta information of the server certificate, such as its name, path, ID,
 34840  	// and ARN.
 34841  	//
 34842  	// ServerCertificateMetadata is a required field
 34843  	ServerCertificateMetadata *ServerCertificateMetadata `type:"structure" required:"true"`
 34844  
 34845  	// A list of tags that are attached to the server certificate. For more information
 34846  	// about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
 34847  	// in the IAM User Guide.
 34848  	Tags []*Tag `type:"list"`
 34849  }
 34850  
 34851  // String returns the string representation.
 34852  //
 34853  // API parameter values that are decorated as "sensitive" in the API will not
 34854  // be included in the string output. The member name will be present, but the
 34855  // value will be replaced with "sensitive".
 34856  func (s ServerCertificate) String() string {
 34857  	return awsutil.Prettify(s)
 34858  }
 34859  
 34860  // GoString returns the string representation.
 34861  //
 34862  // API parameter values that are decorated as "sensitive" in the API will not
 34863  // be included in the string output. The member name will be present, but the
 34864  // value will be replaced with "sensitive".
 34865  func (s ServerCertificate) GoString() string {
 34866  	return s.String()
 34867  }
 34868  
 34869  // SetCertificateBody sets the CertificateBody field's value.
 34870  func (s *ServerCertificate) SetCertificateBody(v string) *ServerCertificate {
 34871  	s.CertificateBody = &v
 34872  	return s
 34873  }
 34874  
 34875  // SetCertificateChain sets the CertificateChain field's value.
 34876  func (s *ServerCertificate) SetCertificateChain(v string) *ServerCertificate {
 34877  	s.CertificateChain = &v
 34878  	return s
 34879  }
 34880  
 34881  // SetServerCertificateMetadata sets the ServerCertificateMetadata field's value.
 34882  func (s *ServerCertificate) SetServerCertificateMetadata(v *ServerCertificateMetadata) *ServerCertificate {
 34883  	s.ServerCertificateMetadata = v
 34884  	return s
 34885  }
 34886  
 34887  // SetTags sets the Tags field's value.
 34888  func (s *ServerCertificate) SetTags(v []*Tag) *ServerCertificate {
 34889  	s.Tags = v
 34890  	return s
 34891  }
 34892  
 34893  // Contains information about a server certificate without its certificate body,
 34894  // certificate chain, and private key.
 34895  //
 34896  // This data type is used as a response element in the UploadServerCertificate
 34897  // and ListServerCertificates operations.
 34898  type ServerCertificateMetadata struct {
 34899  	_ struct{} `type:"structure"`
 34900  
 34901  	// The Amazon Resource Name (ARN) specifying the server certificate. For more
 34902  	// information about ARNs and how to use them in policies, see IAM identifiers
 34903  	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
 34904  	// in the IAM User Guide.
 34905  	//
 34906  	// Arn is a required field
 34907  	Arn *string `min:"20" type:"string" required:"true"`
 34908  
 34909  	// The date on which the certificate is set to expire.
 34910  	Expiration *time.Time `type:"timestamp"`
 34911  
 34912  	// The path to the server certificate. For more information about paths, see
 34913  	// IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
 34914  	// in the IAM User Guide.
 34915  	//
 34916  	// Path is a required field
 34917  	Path *string `min:"1" type:"string" required:"true"`
 34918  
 34919  	// The stable and unique string identifying the server certificate. For more
 34920  	// information about IDs, see IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
 34921  	// in the IAM User Guide.
 34922  	//
 34923  	// ServerCertificateId is a required field
 34924  	ServerCertificateId *string `min:"16" type:"string" required:"true"`
 34925  
 34926  	// The name that identifies the server certificate.
 34927  	//
 34928  	// ServerCertificateName is a required field
 34929  	ServerCertificateName *string `min:"1" type:"string" required:"true"`
 34930  
 34931  	// The date when the server certificate was uploaded.
 34932  	UploadDate *time.Time `type:"timestamp"`
 34933  }
 34934  
 34935  // String returns the string representation.
 34936  //
 34937  // API parameter values that are decorated as "sensitive" in the API will not
 34938  // be included in the string output. The member name will be present, but the
 34939  // value will be replaced with "sensitive".
 34940  func (s ServerCertificateMetadata) String() string {
 34941  	return awsutil.Prettify(s)
 34942  }
 34943  
 34944  // GoString returns the string representation.
 34945  //
 34946  // API parameter values that are decorated as "sensitive" in the API will not
 34947  // be included in the string output. The member name will be present, but the
 34948  // value will be replaced with "sensitive".
 34949  func (s ServerCertificateMetadata) GoString() string {
 34950  	return s.String()
 34951  }
 34952  
 34953  // SetArn sets the Arn field's value.
 34954  func (s *ServerCertificateMetadata) SetArn(v string) *ServerCertificateMetadata {
 34955  	s.Arn = &v
 34956  	return s
 34957  }
 34958  
 34959  // SetExpiration sets the Expiration field's value.
 34960  func (s *ServerCertificateMetadata) SetExpiration(v time.Time) *ServerCertificateMetadata {
 34961  	s.Expiration = &v
 34962  	return s
 34963  }
 34964  
 34965  // SetPath sets the Path field's value.
 34966  func (s *ServerCertificateMetadata) SetPath(v string) *ServerCertificateMetadata {
 34967  	s.Path = &v
 34968  	return s
 34969  }
 34970  
 34971  // SetServerCertificateId sets the ServerCertificateId field's value.
 34972  func (s *ServerCertificateMetadata) SetServerCertificateId(v string) *ServerCertificateMetadata {
 34973  	s.ServerCertificateId = &v
 34974  	return s
 34975  }
 34976  
 34977  // SetServerCertificateName sets the ServerCertificateName field's value.
 34978  func (s *ServerCertificateMetadata) SetServerCertificateName(v string) *ServerCertificateMetadata {
 34979  	s.ServerCertificateName = &v
 34980  	return s
 34981  }
 34982  
 34983  // SetUploadDate sets the UploadDate field's value.
 34984  func (s *ServerCertificateMetadata) SetUploadDate(v time.Time) *ServerCertificateMetadata {
 34985  	s.UploadDate = &v
 34986  	return s
 34987  }
 34988  
 34989  // Contains details about the most recent attempt to access the service.
 34990  //
 34991  // This data type is used as a response element in the GetServiceLastAccessedDetails
 34992  // operation.
 34993  type ServiceLastAccessed struct {
 34994  	_ struct{} `type:"structure"`
 34995  
 34996  	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
 34997  	// when an authenticated entity most recently attempted to access the service.
 34998  	// Amazon Web Services does not report unauthenticated requests.
 34999  	//
 35000  	// This field is null if no IAM entities attempted to access the service within
 35001  	// the reporting period (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#service-last-accessed-reporting-period).
 35002  	LastAuthenticated *time.Time `type:"timestamp"`
 35003  
 35004  	// The ARN of the authenticated entity (user or role) that last attempted to
 35005  	// access the service. Amazon Web Services does not report unauthenticated requests.
 35006  	//
 35007  	// This field is null if no IAM entities attempted to access the service within
 35008  	// the reporting period (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#service-last-accessed-reporting-period).
 35009  	LastAuthenticatedEntity *string `min:"20" type:"string"`
 35010  
 35011  	// The Region from which the authenticated entity (user or role) last attempted
 35012  	// to access the service. Amazon Web Services does not report unauthenticated
 35013  	// requests.
 35014  	//
 35015  	// This field is null if no IAM entities attempted to access the service within
 35016  	// the reporting period (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#service-last-accessed-reporting-period).
 35017  	LastAuthenticatedRegion *string `type:"string"`
 35018  
 35019  	// The name of the service in which access was attempted.
 35020  	//
 35021  	// ServiceName is a required field
 35022  	ServiceName *string `type:"string" required:"true"`
 35023  
 35024  	// The namespace of the service in which access was attempted.
 35025  	//
 35026  	// To learn the service namespace of a service, see Actions, resources, and
 35027  	// condition keys for Amazon Web Services services (https://docs.aws.amazon.com/service-authorization/latest/reference/reference_policies_actions-resources-contextkeys.html)
 35028  	// in the Service Authorization Reference. Choose the name of the service to
 35029  	// view details for that service. In the first paragraph, find the service prefix.
 35030  	// For example, (service prefix: a4b). For more information about service namespaces,
 35031  	// see Amazon Web Services Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html#genref-aws-service-namespaces)
 35032  	// in the Amazon Web Services General Reference.
 35033  	//
 35034  	// ServiceNamespace is a required field
 35035  	ServiceNamespace *string `min:"1" type:"string" required:"true"`
 35036  
 35037  	// The total number of authenticated principals (root user, IAM users, or IAM
 35038  	// roles) that have attempted to access the service.
 35039  	//
 35040  	// This field is null if no principals attempted to access the service within
 35041  	// the reporting period (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#service-last-accessed-reporting-period).
 35042  	TotalAuthenticatedEntities *int64 `type:"integer"`
 35043  
 35044  	// An object that contains details about the most recent attempt to access a
 35045  	// tracked action within the service.
 35046  	//
 35047  	// This field is null if there no tracked actions or if the principal did not
 35048  	// use the tracked actions within the reporting period (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#service-last-accessed-reporting-period).
 35049  	// This field is also null if the report was generated at the service level
 35050  	// and not the action level. For more information, see the Granularity field
 35051  	// in GenerateServiceLastAccessedDetails.
 35052  	TrackedActionsLastAccessed []*TrackedActionLastAccessed `type:"list"`
 35053  }
 35054  
 35055  // String returns the string representation.
 35056  //
 35057  // API parameter values that are decorated as "sensitive" in the API will not
 35058  // be included in the string output. The member name will be present, but the
 35059  // value will be replaced with "sensitive".
 35060  func (s ServiceLastAccessed) String() string {
 35061  	return awsutil.Prettify(s)
 35062  }
 35063  
 35064  // GoString returns the string representation.
 35065  //
 35066  // API parameter values that are decorated as "sensitive" in the API will not
 35067  // be included in the string output. The member name will be present, but the
 35068  // value will be replaced with "sensitive".
 35069  func (s ServiceLastAccessed) GoString() string {
 35070  	return s.String()
 35071  }
 35072  
 35073  // SetLastAuthenticated sets the LastAuthenticated field's value.
 35074  func (s *ServiceLastAccessed) SetLastAuthenticated(v time.Time) *ServiceLastAccessed {
 35075  	s.LastAuthenticated = &v
 35076  	return s
 35077  }
 35078  
 35079  // SetLastAuthenticatedEntity sets the LastAuthenticatedEntity field's value.
 35080  func (s *ServiceLastAccessed) SetLastAuthenticatedEntity(v string) *ServiceLastAccessed {
 35081  	s.LastAuthenticatedEntity = &v
 35082  	return s
 35083  }
 35084  
 35085  // SetLastAuthenticatedRegion sets the LastAuthenticatedRegion field's value.
 35086  func (s *ServiceLastAccessed) SetLastAuthenticatedRegion(v string) *ServiceLastAccessed {
 35087  	s.LastAuthenticatedRegion = &v
 35088  	return s
 35089  }
 35090  
 35091  // SetServiceName sets the ServiceName field's value.
 35092  func (s *ServiceLastAccessed) SetServiceName(v string) *ServiceLastAccessed {
 35093  	s.ServiceName = &v
 35094  	return s
 35095  }
 35096  
 35097  // SetServiceNamespace sets the ServiceNamespace field's value.
 35098  func (s *ServiceLastAccessed) SetServiceNamespace(v string) *ServiceLastAccessed {
 35099  	s.ServiceNamespace = &v
 35100  	return s
 35101  }
 35102  
 35103  // SetTotalAuthenticatedEntities sets the TotalAuthenticatedEntities field's value.
 35104  func (s *ServiceLastAccessed) SetTotalAuthenticatedEntities(v int64) *ServiceLastAccessed {
 35105  	s.TotalAuthenticatedEntities = &v
 35106  	return s
 35107  }
 35108  
 35109  // SetTrackedActionsLastAccessed sets the TrackedActionsLastAccessed field's value.
 35110  func (s *ServiceLastAccessed) SetTrackedActionsLastAccessed(v []*TrackedActionLastAccessed) *ServiceLastAccessed {
 35111  	s.TrackedActionsLastAccessed = v
 35112  	return s
 35113  }
 35114  
 35115  // Contains the details of a service-specific credential.
 35116  type ServiceSpecificCredential struct {
 35117  	_ struct{} `type:"structure"`
 35118  
 35119  	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
 35120  	// when the service-specific credential were created.
 35121  	//
 35122  	// CreateDate is a required field
 35123  	CreateDate *time.Time `type:"timestamp" required:"true"`
 35124  
 35125  	// The name of the service associated with the service-specific credential.
 35126  	//
 35127  	// ServiceName is a required field
 35128  	ServiceName *string `type:"string" required:"true"`
 35129  
 35130  	// The generated password for the service-specific credential.
 35131  	//
 35132  	// ServicePassword is a sensitive parameter and its value will be
 35133  	// replaced with "sensitive" in string returned by ServiceSpecificCredential's
 35134  	// String and GoString methods.
 35135  	//
 35136  	// ServicePassword is a required field
 35137  	ServicePassword *string `type:"string" required:"true" sensitive:"true"`
 35138  
 35139  	// The unique identifier for the service-specific credential.
 35140  	//
 35141  	// ServiceSpecificCredentialId is a required field
 35142  	ServiceSpecificCredentialId *string `min:"20" type:"string" required:"true"`
 35143  
 35144  	// The generated user name for the service-specific credential. This value is
 35145  	// generated by combining the IAM user's name combined with the ID number of
 35146  	// the Amazon Web Services account, as in jane-at-123456789012, for example.
 35147  	// This value cannot be configured by the user.
 35148  	//
 35149  	// ServiceUserName is a required field
 35150  	ServiceUserName *string `min:"17" type:"string" required:"true"`
 35151  
 35152  	// The status of the service-specific credential. Active means that the key
 35153  	// is valid for API calls, while Inactive means it is not.
 35154  	//
 35155  	// Status is a required field
 35156  	Status *string `type:"string" required:"true" enum:"StatusType"`
 35157  
 35158  	// The name of the IAM user associated with the service-specific credential.
 35159  	//
 35160  	// UserName is a required field
 35161  	UserName *string `min:"1" type:"string" required:"true"`
 35162  }
 35163  
 35164  // String returns the string representation.
 35165  //
 35166  // API parameter values that are decorated as "sensitive" in the API will not
 35167  // be included in the string output. The member name will be present, but the
 35168  // value will be replaced with "sensitive".
 35169  func (s ServiceSpecificCredential) String() string {
 35170  	return awsutil.Prettify(s)
 35171  }
 35172  
 35173  // GoString returns the string representation.
 35174  //
 35175  // API parameter values that are decorated as "sensitive" in the API will not
 35176  // be included in the string output. The member name will be present, but the
 35177  // value will be replaced with "sensitive".
 35178  func (s ServiceSpecificCredential) GoString() string {
 35179  	return s.String()
 35180  }
 35181  
 35182  // SetCreateDate sets the CreateDate field's value.
 35183  func (s *ServiceSpecificCredential) SetCreateDate(v time.Time) *ServiceSpecificCredential {
 35184  	s.CreateDate = &v
 35185  	return s
 35186  }
 35187  
 35188  // SetServiceName sets the ServiceName field's value.
 35189  func (s *ServiceSpecificCredential) SetServiceName(v string) *ServiceSpecificCredential {
 35190  	s.ServiceName = &v
 35191  	return s
 35192  }
 35193  
 35194  // SetServicePassword sets the ServicePassword field's value.
 35195  func (s *ServiceSpecificCredential) SetServicePassword(v string) *ServiceSpecificCredential {
 35196  	s.ServicePassword = &v
 35197  	return s
 35198  }
 35199  
 35200  // SetServiceSpecificCredentialId sets the ServiceSpecificCredentialId field's value.
 35201  func (s *ServiceSpecificCredential) SetServiceSpecificCredentialId(v string) *ServiceSpecificCredential {
 35202  	s.ServiceSpecificCredentialId = &v
 35203  	return s
 35204  }
 35205  
 35206  // SetServiceUserName sets the ServiceUserName field's value.
 35207  func (s *ServiceSpecificCredential) SetServiceUserName(v string) *ServiceSpecificCredential {
 35208  	s.ServiceUserName = &v
 35209  	return s
 35210  }
 35211  
 35212  // SetStatus sets the Status field's value.
 35213  func (s *ServiceSpecificCredential) SetStatus(v string) *ServiceSpecificCredential {
 35214  	s.Status = &v
 35215  	return s
 35216  }
 35217  
 35218  // SetUserName sets the UserName field's value.
 35219  func (s *ServiceSpecificCredential) SetUserName(v string) *ServiceSpecificCredential {
 35220  	s.UserName = &v
 35221  	return s
 35222  }
 35223  
 35224  // Contains additional details about a service-specific credential.
 35225  type ServiceSpecificCredentialMetadata struct {
 35226  	_ struct{} `type:"structure"`
 35227  
 35228  	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
 35229  	// when the service-specific credential were created.
 35230  	//
 35231  	// CreateDate is a required field
 35232  	CreateDate *time.Time `type:"timestamp" required:"true"`
 35233  
 35234  	// The name of the service associated with the service-specific credential.
 35235  	//
 35236  	// ServiceName is a required field
 35237  	ServiceName *string `type:"string" required:"true"`
 35238  
 35239  	// The unique identifier for the service-specific credential.
 35240  	//
 35241  	// ServiceSpecificCredentialId is a required field
 35242  	ServiceSpecificCredentialId *string `min:"20" type:"string" required:"true"`
 35243  
 35244  	// The generated user name for the service-specific credential.
 35245  	//
 35246  	// ServiceUserName is a required field
 35247  	ServiceUserName *string `min:"17" type:"string" required:"true"`
 35248  
 35249  	// The status of the service-specific credential. Active means that the key
 35250  	// is valid for API calls, while Inactive means it is not.
 35251  	//
 35252  	// Status is a required field
 35253  	Status *string `type:"string" required:"true" enum:"StatusType"`
 35254  
 35255  	// The name of the IAM user associated with the service-specific credential.
 35256  	//
 35257  	// UserName is a required field
 35258  	UserName *string `min:"1" type:"string" required:"true"`
 35259  }
 35260  
 35261  // String returns the string representation.
 35262  //
 35263  // API parameter values that are decorated as "sensitive" in the API will not
 35264  // be included in the string output. The member name will be present, but the
 35265  // value will be replaced with "sensitive".
 35266  func (s ServiceSpecificCredentialMetadata) String() string {
 35267  	return awsutil.Prettify(s)
 35268  }
 35269  
 35270  // GoString returns the string representation.
 35271  //
 35272  // API parameter values that are decorated as "sensitive" in the API will not
 35273  // be included in the string output. The member name will be present, but the
 35274  // value will be replaced with "sensitive".
 35275  func (s ServiceSpecificCredentialMetadata) GoString() string {
 35276  	return s.String()
 35277  }
 35278  
 35279  // SetCreateDate sets the CreateDate field's value.
 35280  func (s *ServiceSpecificCredentialMetadata) SetCreateDate(v time.Time) *ServiceSpecificCredentialMetadata {
 35281  	s.CreateDate = &v
 35282  	return s
 35283  }
 35284  
 35285  // SetServiceName sets the ServiceName field's value.
 35286  func (s *ServiceSpecificCredentialMetadata) SetServiceName(v string) *ServiceSpecificCredentialMetadata {
 35287  	s.ServiceName = &v
 35288  	return s
 35289  }
 35290  
 35291  // SetServiceSpecificCredentialId sets the ServiceSpecificCredentialId field's value.
 35292  func (s *ServiceSpecificCredentialMetadata) SetServiceSpecificCredentialId(v string) *ServiceSpecificCredentialMetadata {
 35293  	s.ServiceSpecificCredentialId = &v
 35294  	return s
 35295  }
 35296  
 35297  // SetServiceUserName sets the ServiceUserName field's value.
 35298  func (s *ServiceSpecificCredentialMetadata) SetServiceUserName(v string) *ServiceSpecificCredentialMetadata {
 35299  	s.ServiceUserName = &v
 35300  	return s
 35301  }
 35302  
 35303  // SetStatus sets the Status field's value.
 35304  func (s *ServiceSpecificCredentialMetadata) SetStatus(v string) *ServiceSpecificCredentialMetadata {
 35305  	s.Status = &v
 35306  	return s
 35307  }
 35308  
 35309  // SetUserName sets the UserName field's value.
 35310  func (s *ServiceSpecificCredentialMetadata) SetUserName(v string) *ServiceSpecificCredentialMetadata {
 35311  	s.UserName = &v
 35312  	return s
 35313  }
 35314  
 35315  type SetDefaultPolicyVersionInput struct {
 35316  	_ struct{} `type:"structure"`
 35317  
 35318  	// The Amazon Resource Name (ARN) of the IAM policy whose default version you
 35319  	// want to set.
 35320  	//
 35321  	// For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
 35322  	// in the Amazon Web Services General Reference.
 35323  	//
 35324  	// PolicyArn is a required field
 35325  	PolicyArn *string `min:"20" type:"string" required:"true"`
 35326  
 35327  	// The version of the policy to set as the default (operative) version.
 35328  	//
 35329  	// For more information about managed policy versions, see Versioning for managed
 35330  	// policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-versions.html)
 35331  	// in the IAM User Guide.
 35332  	//
 35333  	// VersionId is a required field
 35334  	VersionId *string `type:"string" required:"true"`
 35335  }
 35336  
 35337  // String returns the string representation.
 35338  //
 35339  // API parameter values that are decorated as "sensitive" in the API will not
 35340  // be included in the string output. The member name will be present, but the
 35341  // value will be replaced with "sensitive".
 35342  func (s SetDefaultPolicyVersionInput) String() string {
 35343  	return awsutil.Prettify(s)
 35344  }
 35345  
 35346  // GoString returns the string representation.
 35347  //
 35348  // API parameter values that are decorated as "sensitive" in the API will not
 35349  // be included in the string output. The member name will be present, but the
 35350  // value will be replaced with "sensitive".
 35351  func (s SetDefaultPolicyVersionInput) GoString() string {
 35352  	return s.String()
 35353  }
 35354  
 35355  // Validate inspects the fields of the type to determine if they are valid.
 35356  func (s *SetDefaultPolicyVersionInput) Validate() error {
 35357  	invalidParams := request.ErrInvalidParams{Context: "SetDefaultPolicyVersionInput"}
 35358  	if s.PolicyArn == nil {
 35359  		invalidParams.Add(request.NewErrParamRequired("PolicyArn"))
 35360  	}
 35361  	if s.PolicyArn != nil && len(*s.PolicyArn) < 20 {
 35362  		invalidParams.Add(request.NewErrParamMinLen("PolicyArn", 20))
 35363  	}
 35364  	if s.VersionId == nil {
 35365  		invalidParams.Add(request.NewErrParamRequired("VersionId"))
 35366  	}
 35367  
 35368  	if invalidParams.Len() > 0 {
 35369  		return invalidParams
 35370  	}
 35371  	return nil
 35372  }
 35373  
 35374  // SetPolicyArn sets the PolicyArn field's value.
 35375  func (s *SetDefaultPolicyVersionInput) SetPolicyArn(v string) *SetDefaultPolicyVersionInput {
 35376  	s.PolicyArn = &v
 35377  	return s
 35378  }
 35379  
 35380  // SetVersionId sets the VersionId field's value.
 35381  func (s *SetDefaultPolicyVersionInput) SetVersionId(v string) *SetDefaultPolicyVersionInput {
 35382  	s.VersionId = &v
 35383  	return s
 35384  }
 35385  
 35386  type SetDefaultPolicyVersionOutput struct {
 35387  	_ struct{} `type:"structure"`
 35388  }
 35389  
 35390  // String returns the string representation.
 35391  //
 35392  // API parameter values that are decorated as "sensitive" in the API will not
 35393  // be included in the string output. The member name will be present, but the
 35394  // value will be replaced with "sensitive".
 35395  func (s SetDefaultPolicyVersionOutput) String() string {
 35396  	return awsutil.Prettify(s)
 35397  }
 35398  
 35399  // GoString returns the string representation.
 35400  //
 35401  // API parameter values that are decorated as "sensitive" in the API will not
 35402  // be included in the string output. The member name will be present, but the
 35403  // value will be replaced with "sensitive".
 35404  func (s SetDefaultPolicyVersionOutput) GoString() string {
 35405  	return s.String()
 35406  }
 35407  
 35408  type SetSecurityTokenServicePreferencesInput struct {
 35409  	_ struct{} `type:"structure"`
 35410  
 35411  	// The version of the global endpoint token. Version 1 tokens are valid only
 35412  	// in Amazon Web Services Regions that are available by default. These tokens
 35413  	// do not work in manually enabled Regions, such as Asia Pacific (Hong Kong).
 35414  	// Version 2 tokens are valid in all Regions. However, version 2 tokens are
 35415  	// longer and might affect systems where you temporarily store tokens.
 35416  	//
 35417  	// For information, see Activating and deactivating STS in an Amazon Web Services
 35418  	// Region (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html)
 35419  	// in the IAM User Guide.
 35420  	//
 35421  	// GlobalEndpointTokenVersion is a required field
 35422  	GlobalEndpointTokenVersion *string `type:"string" required:"true" enum:"GlobalEndpointTokenVersion"`
 35423  }
 35424  
 35425  // String returns the string representation.
 35426  //
 35427  // API parameter values that are decorated as "sensitive" in the API will not
 35428  // be included in the string output. The member name will be present, but the
 35429  // value will be replaced with "sensitive".
 35430  func (s SetSecurityTokenServicePreferencesInput) String() string {
 35431  	return awsutil.Prettify(s)
 35432  }
 35433  
 35434  // GoString returns the string representation.
 35435  //
 35436  // API parameter values that are decorated as "sensitive" in the API will not
 35437  // be included in the string output. The member name will be present, but the
 35438  // value will be replaced with "sensitive".
 35439  func (s SetSecurityTokenServicePreferencesInput) GoString() string {
 35440  	return s.String()
 35441  }
 35442  
 35443  // Validate inspects the fields of the type to determine if they are valid.
 35444  func (s *SetSecurityTokenServicePreferencesInput) Validate() error {
 35445  	invalidParams := request.ErrInvalidParams{Context: "SetSecurityTokenServicePreferencesInput"}
 35446  	if s.GlobalEndpointTokenVersion == nil {
 35447  		invalidParams.Add(request.NewErrParamRequired("GlobalEndpointTokenVersion"))
 35448  	}
 35449  
 35450  	if invalidParams.Len() > 0 {
 35451  		return invalidParams
 35452  	}
 35453  	return nil
 35454  }
 35455  
 35456  // SetGlobalEndpointTokenVersion sets the GlobalEndpointTokenVersion field's value.
 35457  func (s *SetSecurityTokenServicePreferencesInput) SetGlobalEndpointTokenVersion(v string) *SetSecurityTokenServicePreferencesInput {
 35458  	s.GlobalEndpointTokenVersion = &v
 35459  	return s
 35460  }
 35461  
 35462  type SetSecurityTokenServicePreferencesOutput struct {
 35463  	_ struct{} `type:"structure"`
 35464  }
 35465  
 35466  // String returns the string representation.
 35467  //
 35468  // API parameter values that are decorated as "sensitive" in the API will not
 35469  // be included in the string output. The member name will be present, but the
 35470  // value will be replaced with "sensitive".
 35471  func (s SetSecurityTokenServicePreferencesOutput) String() string {
 35472  	return awsutil.Prettify(s)
 35473  }
 35474  
 35475  // GoString returns the string representation.
 35476  //
 35477  // API parameter values that are decorated as "sensitive" in the API will not
 35478  // be included in the string output. The member name will be present, but the
 35479  // value will be replaced with "sensitive".
 35480  func (s SetSecurityTokenServicePreferencesOutput) GoString() string {
 35481  	return s.String()
 35482  }
 35483  
 35484  // Contains information about an X.509 signing certificate.
 35485  //
 35486  // This data type is used as a response element in the UploadSigningCertificate
 35487  // and ListSigningCertificates operations.
 35488  type SigningCertificate struct {
 35489  	_ struct{} `type:"structure"`
 35490  
 35491  	// The contents of the signing certificate.
 35492  	//
 35493  	// CertificateBody is a required field
 35494  	CertificateBody *string `min:"1" type:"string" required:"true"`
 35495  
 35496  	// The ID for the signing certificate.
 35497  	//
 35498  	// CertificateId is a required field
 35499  	CertificateId *string `min:"24" type:"string" required:"true"`
 35500  
 35501  	// The status of the signing certificate. Active means that the key is valid
 35502  	// for API calls, while Inactive means it is not.
 35503  	//
 35504  	// Status is a required field
 35505  	Status *string `type:"string" required:"true" enum:"StatusType"`
 35506  
 35507  	// The date when the signing certificate was uploaded.
 35508  	UploadDate *time.Time `type:"timestamp"`
 35509  
 35510  	// The name of the user the signing certificate is associated with.
 35511  	//
 35512  	// UserName is a required field
 35513  	UserName *string `min:"1" type:"string" required:"true"`
 35514  }
 35515  
 35516  // String returns the string representation.
 35517  //
 35518  // API parameter values that are decorated as "sensitive" in the API will not
 35519  // be included in the string output. The member name will be present, but the
 35520  // value will be replaced with "sensitive".
 35521  func (s SigningCertificate) String() string {
 35522  	return awsutil.Prettify(s)
 35523  }
 35524  
 35525  // GoString returns the string representation.
 35526  //
 35527  // API parameter values that are decorated as "sensitive" in the API will not
 35528  // be included in the string output. The member name will be present, but the
 35529  // value will be replaced with "sensitive".
 35530  func (s SigningCertificate) GoString() string {
 35531  	return s.String()
 35532  }
 35533  
 35534  // SetCertificateBody sets the CertificateBody field's value.
 35535  func (s *SigningCertificate) SetCertificateBody(v string) *SigningCertificate {
 35536  	s.CertificateBody = &v
 35537  	return s
 35538  }
 35539  
 35540  // SetCertificateId sets the CertificateId field's value.
 35541  func (s *SigningCertificate) SetCertificateId(v string) *SigningCertificate {
 35542  	s.CertificateId = &v
 35543  	return s
 35544  }
 35545  
 35546  // SetStatus sets the Status field's value.
 35547  func (s *SigningCertificate) SetStatus(v string) *SigningCertificate {
 35548  	s.Status = &v
 35549  	return s
 35550  }
 35551  
 35552  // SetUploadDate sets the UploadDate field's value.
 35553  func (s *SigningCertificate) SetUploadDate(v time.Time) *SigningCertificate {
 35554  	s.UploadDate = &v
 35555  	return s
 35556  }
 35557  
 35558  // SetUserName sets the UserName field's value.
 35559  func (s *SigningCertificate) SetUserName(v string) *SigningCertificate {
 35560  	s.UserName = &v
 35561  	return s
 35562  }
 35563  
 35564  type SimulateCustomPolicyInput struct {
 35565  	_ struct{} `type:"structure"`
 35566  
 35567  	// A list of names of API operations to evaluate in the simulation. Each operation
 35568  	// is evaluated against each resource. Each operation must include the service
 35569  	// identifier, such as iam:CreateUser. This operation does not support using
 35570  	// wildcards (*) in an action name.
 35571  	//
 35572  	// ActionNames is a required field
 35573  	ActionNames []*string `type:"list" required:"true"`
 35574  
 35575  	// The ARN of the IAM user that you want to use as the simulated caller of the
 35576  	// API operations. CallerArn is required if you include a ResourcePolicy so
 35577  	// that the policy's Principal element has a value to use in evaluating the
 35578  	// policy.
 35579  	//
 35580  	// You can specify only the ARN of an IAM user. You cannot specify the ARN of
 35581  	// an assumed role, federated user, or a service principal.
 35582  	CallerArn *string `min:"1" type:"string"`
 35583  
 35584  	// A list of context keys and corresponding values for the simulation to use.
 35585  	// Whenever a context key is evaluated in one of the simulated IAM permissions
 35586  	// policies, the corresponding value is supplied.
 35587  	ContextEntries []*ContextEntry `type:"list"`
 35588  
 35589  	// Use this parameter only when paginating results and only after you receive
 35590  	// a response indicating that the results are truncated. Set it to the value
 35591  	// of the Marker element in the response that you received to indicate where
 35592  	// the next call should start.
 35593  	Marker *string `min:"1" type:"string"`
 35594  
 35595  	// Use this only when paginating results to indicate the maximum number of items
 35596  	// you want in the response. If additional items exist beyond the maximum you
 35597  	// specify, the IsTruncated response element is true.
 35598  	//
 35599  	// If you do not include this parameter, the number of items defaults to 100.
 35600  	// Note that IAM might return fewer results, even when there are more results
 35601  	// available. In that case, the IsTruncated response element returns true, and
 35602  	// Marker contains a value to include in the subsequent call that tells the
 35603  	// service where to continue from.
 35604  	MaxItems *int64 `min:"1" type:"integer"`
 35605  
 35606  	// The IAM permissions boundary policy to simulate. The permissions boundary
 35607  	// sets the maximum permissions that an IAM entity can have. You can input only
 35608  	// one permissions boundary when you pass a policy to this operation. For more
 35609  	// information about permissions boundaries, see Permissions boundaries for
 35610  	// IAM entities (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html)
 35611  	// in the IAM User Guide. The policy input is specified as a string that contains
 35612  	// the complete, valid JSON text of a permissions boundary policy.
 35613  	//
 35614  	// The maximum length of the policy document that you can pass in this operation,
 35615  	// including whitespace, is listed below. To view the maximum character counts
 35616  	// of a managed policy with no whitespaces, see IAM and STS character quotas
 35617  	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html#reference_iam-quotas-entity-length).
 35618  	//
 35619  	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
 35620  	// parameter is a string of characters consisting of the following:
 35621  	//
 35622  	//    * Any printable ASCII character ranging from the space character (\u0020)
 35623  	//    through the end of the ASCII character range
 35624  	//
 35625  	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
 35626  	//    set (through \u00FF)
 35627  	//
 35628  	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
 35629  	//    return (\u000D)
 35630  	PermissionsBoundaryPolicyInputList []*string `type:"list"`
 35631  
 35632  	// A list of policy documents to include in the simulation. Each document is
 35633  	// specified as a string containing the complete, valid JSON text of an IAM
 35634  	// policy. Do not include any resource-based policies in this parameter. Any
 35635  	// resource-based policy must be submitted with the ResourcePolicy parameter.
 35636  	// The policies cannot be "scope-down" policies, such as you could include in
 35637  	// a call to GetFederationToken (https://docs.aws.amazon.com/IAM/latest/APIReference/API_GetFederationToken.html)
 35638  	// or one of the AssumeRole (https://docs.aws.amazon.com/IAM/latest/APIReference/API_AssumeRole.html)
 35639  	// API operations. In other words, do not use policies designed to restrict
 35640  	// what a user can do while using the temporary credentials.
 35641  	//
 35642  	// The maximum length of the policy document that you can pass in this operation,
 35643  	// including whitespace, is listed below. To view the maximum character counts
 35644  	// of a managed policy with no whitespaces, see IAM and STS character quotas
 35645  	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html#reference_iam-quotas-entity-length).
 35646  	//
 35647  	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
 35648  	// parameter is a string of characters consisting of the following:
 35649  	//
 35650  	//    * Any printable ASCII character ranging from the space character (\u0020)
 35651  	//    through the end of the ASCII character range
 35652  	//
 35653  	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
 35654  	//    set (through \u00FF)
 35655  	//
 35656  	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
 35657  	//    return (\u000D)
 35658  	//
 35659  	// PolicyInputList is a required field
 35660  	PolicyInputList []*string `type:"list" required:"true"`
 35661  
 35662  	// A list of ARNs of Amazon Web Services resources to include in the simulation.
 35663  	// If this parameter is not provided, then the value defaults to * (all resources).
 35664  	// Each API in the ActionNames parameter is evaluated for each resource in this
 35665  	// list. The simulation determines the access result (allowed or denied) of
 35666  	// each combination and reports it in the response. You can simulate resources
 35667  	// that don't exist in your account.
 35668  	//
 35669  	// The simulation does not automatically retrieve policies for the specified
 35670  	// resources. If you want to include a resource policy in the simulation, then
 35671  	// you must include the policy as a string in the ResourcePolicy parameter.
 35672  	//
 35673  	// If you include a ResourcePolicy, then it must be applicable to all of the
 35674  	// resources included in the simulation or you receive an invalid input error.
 35675  	//
 35676  	// For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
 35677  	// in the Amazon Web Services General Reference.
 35678  	ResourceArns []*string `type:"list"`
 35679  
 35680  	// Specifies the type of simulation to run. Different API operations that support
 35681  	// resource-based policies require different combinations of resources. By specifying
 35682  	// the type of simulation to run, you enable the policy simulator to enforce
 35683  	// the presence of the required resources to ensure reliable simulation results.
 35684  	// If your simulation does not match one of the following scenarios, then you
 35685  	// can omit this parameter. The following list shows each of the supported scenario
 35686  	// values and the resources that you must define to run the simulation.
 35687  	//
 35688  	// Each of the EC2 scenarios requires that you specify instance, image, and
 35689  	// security-group resources. If your scenario includes an EBS volume, then you
 35690  	// must specify that volume as a resource. If the EC2 scenario includes VPC,
 35691  	// then you must supply the network-interface resource. If it includes an IP
 35692  	// subnet, then you must specify the subnet resource. For more information on
 35693  	// the EC2 scenario options, see Supported platforms (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-supported-platforms.html)
 35694  	// in the Amazon EC2 User Guide.
 35695  	//
 35696  	//    * EC2-Classic-InstanceStore instance, image, security-group
 35697  	//
 35698  	//    * EC2-Classic-EBS instance, image, security-group, volume
 35699  	//
 35700  	//    * EC2-VPC-InstanceStore instance, image, security-group, network-interface
 35701  	//
 35702  	//    * EC2-VPC-InstanceStore-Subnet instance, image, security-group, network-interface,
 35703  	//    subnet
 35704  	//
 35705  	//    * EC2-VPC-EBS instance, image, security-group, network-interface, volume
 35706  	//
 35707  	//    * EC2-VPC-EBS-Subnet instance, image, security-group, network-interface,
 35708  	//    subnet, volume
 35709  	ResourceHandlingOption *string `min:"1" type:"string"`
 35710  
 35711  	// An ARN representing the Amazon Web Services account ID that specifies the
 35712  	// owner of any simulated resource that does not identify its owner in the resource
 35713  	// ARN. Examples of resource ARNs include an S3 bucket or object. If ResourceOwner
 35714  	// is specified, it is also used as the account owner of any ResourcePolicy
 35715  	// included in the simulation. If the ResourceOwner parameter is not specified,
 35716  	// then the owner of the resources and the resource policy defaults to the account
 35717  	// of the identity provided in CallerArn. This parameter is required only if
 35718  	// you specify a resource-based policy and account that owns the resource is
 35719  	// different from the account that owns the simulated calling user CallerArn.
 35720  	//
 35721  	// The ARN for an account uses the following syntax: arn:aws:iam::AWS-account-ID:root.
 35722  	// For example, to represent the account with the 112233445566 ID, use the following
 35723  	// ARN: arn:aws:iam::112233445566-ID:root.
 35724  	ResourceOwner *string `min:"1" type:"string"`
 35725  
 35726  	// A resource-based policy to include in the simulation provided as a string.
 35727  	// Each resource in the simulation is treated as if it had this policy attached.
 35728  	// You can include only one resource-based policy in a simulation.
 35729  	//
 35730  	// The maximum length of the policy document that you can pass in this operation,
 35731  	// including whitespace, is listed below. To view the maximum character counts
 35732  	// of a managed policy with no whitespaces, see IAM and STS character quotas
 35733  	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html#reference_iam-quotas-entity-length).
 35734  	//
 35735  	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
 35736  	// parameter is a string of characters consisting of the following:
 35737  	//
 35738  	//    * Any printable ASCII character ranging from the space character (\u0020)
 35739  	//    through the end of the ASCII character range
 35740  	//
 35741  	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
 35742  	//    set (through \u00FF)
 35743  	//
 35744  	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
 35745  	//    return (\u000D)
 35746  	ResourcePolicy *string `min:"1" type:"string"`
 35747  }
 35748  
 35749  // String returns the string representation.
 35750  //
 35751  // API parameter values that are decorated as "sensitive" in the API will not
 35752  // be included in the string output. The member name will be present, but the
 35753  // value will be replaced with "sensitive".
 35754  func (s SimulateCustomPolicyInput) String() string {
 35755  	return awsutil.Prettify(s)
 35756  }
 35757  
 35758  // GoString returns the string representation.
 35759  //
 35760  // API parameter values that are decorated as "sensitive" in the API will not
 35761  // be included in the string output. The member name will be present, but the
 35762  // value will be replaced with "sensitive".
 35763  func (s SimulateCustomPolicyInput) GoString() string {
 35764  	return s.String()
 35765  }
 35766  
 35767  // Validate inspects the fields of the type to determine if they are valid.
 35768  func (s *SimulateCustomPolicyInput) Validate() error {
 35769  	invalidParams := request.ErrInvalidParams{Context: "SimulateCustomPolicyInput"}
 35770  	if s.ActionNames == nil {
 35771  		invalidParams.Add(request.NewErrParamRequired("ActionNames"))
 35772  	}
 35773  	if s.CallerArn != nil && len(*s.CallerArn) < 1 {
 35774  		invalidParams.Add(request.NewErrParamMinLen("CallerArn", 1))
 35775  	}
 35776  	if s.Marker != nil && len(*s.Marker) < 1 {
 35777  		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
 35778  	}
 35779  	if s.MaxItems != nil && *s.MaxItems < 1 {
 35780  		invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1))
 35781  	}
 35782  	if s.PolicyInputList == nil {
 35783  		invalidParams.Add(request.NewErrParamRequired("PolicyInputList"))
 35784  	}
 35785  	if s.ResourceHandlingOption != nil && len(*s.ResourceHandlingOption) < 1 {
 35786  		invalidParams.Add(request.NewErrParamMinLen("ResourceHandlingOption", 1))
 35787  	}
 35788  	if s.ResourceOwner != nil && len(*s.ResourceOwner) < 1 {
 35789  		invalidParams.Add(request.NewErrParamMinLen("ResourceOwner", 1))
 35790  	}
 35791  	if s.ResourcePolicy != nil && len(*s.ResourcePolicy) < 1 {
 35792  		invalidParams.Add(request.NewErrParamMinLen("ResourcePolicy", 1))
 35793  	}
 35794  	if s.ContextEntries != nil {
 35795  		for i, v := range s.ContextEntries {
 35796  			if v == nil {
 35797  				continue
 35798  			}
 35799  			if err := v.Validate(); err != nil {
 35800  				invalidParams.AddNested(fmt.Sprintf("%s[%v]", "ContextEntries", i), err.(request.ErrInvalidParams))
 35801  			}
 35802  		}
 35803  	}
 35804  
 35805  	if invalidParams.Len() > 0 {
 35806  		return invalidParams
 35807  	}
 35808  	return nil
 35809  }
 35810  
 35811  // SetActionNames sets the ActionNames field's value.
 35812  func (s *SimulateCustomPolicyInput) SetActionNames(v []*string) *SimulateCustomPolicyInput {
 35813  	s.ActionNames = v
 35814  	return s
 35815  }
 35816  
 35817  // SetCallerArn sets the CallerArn field's value.
 35818  func (s *SimulateCustomPolicyInput) SetCallerArn(v string) *SimulateCustomPolicyInput {
 35819  	s.CallerArn = &v
 35820  	return s
 35821  }
 35822  
 35823  // SetContextEntries sets the ContextEntries field's value.
 35824  func (s *SimulateCustomPolicyInput) SetContextEntries(v []*ContextEntry) *SimulateCustomPolicyInput {
 35825  	s.ContextEntries = v
 35826  	return s
 35827  }
 35828  
 35829  // SetMarker sets the Marker field's value.
 35830  func (s *SimulateCustomPolicyInput) SetMarker(v string) *SimulateCustomPolicyInput {
 35831  	s.Marker = &v
 35832  	return s
 35833  }
 35834  
 35835  // SetMaxItems sets the MaxItems field's value.
 35836  func (s *SimulateCustomPolicyInput) SetMaxItems(v int64) *SimulateCustomPolicyInput {
 35837  	s.MaxItems = &v
 35838  	return s
 35839  }
 35840  
 35841  // SetPermissionsBoundaryPolicyInputList sets the PermissionsBoundaryPolicyInputList field's value.
 35842  func (s *SimulateCustomPolicyInput) SetPermissionsBoundaryPolicyInputList(v []*string) *SimulateCustomPolicyInput {
 35843  	s.PermissionsBoundaryPolicyInputList = v
 35844  	return s
 35845  }
 35846  
 35847  // SetPolicyInputList sets the PolicyInputList field's value.
 35848  func (s *SimulateCustomPolicyInput) SetPolicyInputList(v []*string) *SimulateCustomPolicyInput {
 35849  	s.PolicyInputList = v
 35850  	return s
 35851  }
 35852  
 35853  // SetResourceArns sets the ResourceArns field's value.
 35854  func (s *SimulateCustomPolicyInput) SetResourceArns(v []*string) *SimulateCustomPolicyInput {
 35855  	s.ResourceArns = v
 35856  	return s
 35857  }
 35858  
 35859  // SetResourceHandlingOption sets the ResourceHandlingOption field's value.
 35860  func (s *SimulateCustomPolicyInput) SetResourceHandlingOption(v string) *SimulateCustomPolicyInput {
 35861  	s.ResourceHandlingOption = &v
 35862  	return s
 35863  }
 35864  
 35865  // SetResourceOwner sets the ResourceOwner field's value.
 35866  func (s *SimulateCustomPolicyInput) SetResourceOwner(v string) *SimulateCustomPolicyInput {
 35867  	s.ResourceOwner = &v
 35868  	return s
 35869  }
 35870  
 35871  // SetResourcePolicy sets the ResourcePolicy field's value.
 35872  func (s *SimulateCustomPolicyInput) SetResourcePolicy(v string) *SimulateCustomPolicyInput {
 35873  	s.ResourcePolicy = &v
 35874  	return s
 35875  }
 35876  
 35877  // Contains the response to a successful SimulatePrincipalPolicy or SimulateCustomPolicy
 35878  // request.
 35879  type SimulatePolicyResponse struct {
 35880  	_ struct{} `type:"structure"`
 35881  
 35882  	// The results of the simulation.
 35883  	EvaluationResults []*EvaluationResult `type:"list"`
 35884  
 35885  	// A flag that indicates whether there are more items to return. If your results
 35886  	// were truncated, you can make a subsequent pagination request using the Marker
 35887  	// request parameter to retrieve more items. Note that IAM might return fewer
 35888  	// than the MaxItems number of results even when there are more results available.
 35889  	// We recommend that you check IsTruncated after every call to ensure that you
 35890  	// receive all your results.
 35891  	IsTruncated *bool `type:"boolean"`
 35892  
 35893  	// When IsTruncated is true, this element is present and contains the value
 35894  	// to use for the Marker parameter in a subsequent pagination request.
 35895  	Marker *string `type:"string"`
 35896  }
 35897  
 35898  // String returns the string representation.
 35899  //
 35900  // API parameter values that are decorated as "sensitive" in the API will not
 35901  // be included in the string output. The member name will be present, but the
 35902  // value will be replaced with "sensitive".
 35903  func (s SimulatePolicyResponse) String() string {
 35904  	return awsutil.Prettify(s)
 35905  }
 35906  
 35907  // GoString returns the string representation.
 35908  //
 35909  // API parameter values that are decorated as "sensitive" in the API will not
 35910  // be included in the string output. The member name will be present, but the
 35911  // value will be replaced with "sensitive".
 35912  func (s SimulatePolicyResponse) GoString() string {
 35913  	return s.String()
 35914  }
 35915  
 35916  // SetEvaluationResults sets the EvaluationResults field's value.
 35917  func (s *SimulatePolicyResponse) SetEvaluationResults(v []*EvaluationResult) *SimulatePolicyResponse {
 35918  	s.EvaluationResults = v
 35919  	return s
 35920  }
 35921  
 35922  // SetIsTruncated sets the IsTruncated field's value.
 35923  func (s *SimulatePolicyResponse) SetIsTruncated(v bool) *SimulatePolicyResponse {
 35924  	s.IsTruncated = &v
 35925  	return s
 35926  }
 35927  
 35928  // SetMarker sets the Marker field's value.
 35929  func (s *SimulatePolicyResponse) SetMarker(v string) *SimulatePolicyResponse {
 35930  	s.Marker = &v
 35931  	return s
 35932  }
 35933  
 35934  type SimulatePrincipalPolicyInput struct {
 35935  	_ struct{} `type:"structure"`
 35936  
 35937  	// A list of names of API operations to evaluate in the simulation. Each operation
 35938  	// is evaluated for each resource. Each operation must include the service identifier,
 35939  	// such as iam:CreateUser.
 35940  	//
 35941  	// ActionNames is a required field
 35942  	ActionNames []*string `type:"list" required:"true"`
 35943  
 35944  	// The ARN of the IAM user that you want to specify as the simulated caller
 35945  	// of the API operations. If you do not specify a CallerArn, it defaults to
 35946  	// the ARN of the user that you specify in PolicySourceArn, if you specified
 35947  	// a user. If you include both a PolicySourceArn (for example, arn:aws:iam::123456789012:user/David)
 35948  	// and a CallerArn (for example, arn:aws:iam::123456789012:user/Bob), the result
 35949  	// is that you simulate calling the API operations as Bob, as if Bob had David's
 35950  	// policies.
 35951  	//
 35952  	// You can specify only the ARN of an IAM user. You cannot specify the ARN of
 35953  	// an assumed role, federated user, or a service principal.
 35954  	//
 35955  	// CallerArn is required if you include a ResourcePolicy and the PolicySourceArn
 35956  	// is not the ARN for an IAM user. This is required so that the resource-based
 35957  	// policy's Principal element has a value to use in evaluating the policy.
 35958  	//
 35959  	// For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
 35960  	// in the Amazon Web Services General Reference.
 35961  	CallerArn *string `min:"1" type:"string"`
 35962  
 35963  	// A list of context keys and corresponding values for the simulation to use.
 35964  	// Whenever a context key is evaluated in one of the simulated IAM permissions
 35965  	// policies, the corresponding value is supplied.
 35966  	ContextEntries []*ContextEntry `type:"list"`
 35967  
 35968  	// Use this parameter only when paginating results and only after you receive
 35969  	// a response indicating that the results are truncated. Set it to the value
 35970  	// of the Marker element in the response that you received to indicate where
 35971  	// the next call should start.
 35972  	Marker *string `min:"1" type:"string"`
 35973  
 35974  	// Use this only when paginating results to indicate the maximum number of items
 35975  	// you want in the response. If additional items exist beyond the maximum you
 35976  	// specify, the IsTruncated response element is true.
 35977  	//
 35978  	// If you do not include this parameter, the number of items defaults to 100.
 35979  	// Note that IAM might return fewer results, even when there are more results
 35980  	// available. In that case, the IsTruncated response element returns true, and
 35981  	// Marker contains a value to include in the subsequent call that tells the
 35982  	// service where to continue from.
 35983  	MaxItems *int64 `min:"1" type:"integer"`
 35984  
 35985  	// The IAM permissions boundary policy to simulate. The permissions boundary
 35986  	// sets the maximum permissions that the entity can have. You can input only
 35987  	// one permissions boundary when you pass a policy to this operation. An IAM
 35988  	// entity can only have one permissions boundary in effect at a time. For example,
 35989  	// if a permissions boundary is attached to an entity and you pass in a different
 35990  	// permissions boundary policy using this parameter, then the new permissions
 35991  	// boundary policy is used for the simulation. For more information about permissions
 35992  	// boundaries, see Permissions boundaries for IAM entities (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html)
 35993  	// in the IAM User Guide. The policy input is specified as a string containing
 35994  	// the complete, valid JSON text of a permissions boundary policy.
 35995  	//
 35996  	// The maximum length of the policy document that you can pass in this operation,
 35997  	// including whitespace, is listed below. To view the maximum character counts
 35998  	// of a managed policy with no whitespaces, see IAM and STS character quotas
 35999  	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html#reference_iam-quotas-entity-length).
 36000  	//
 36001  	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
 36002  	// parameter is a string of characters consisting of the following:
 36003  	//
 36004  	//    * Any printable ASCII character ranging from the space character (\u0020)
 36005  	//    through the end of the ASCII character range
 36006  	//
 36007  	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
 36008  	//    set (through \u00FF)
 36009  	//
 36010  	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
 36011  	//    return (\u000D)
 36012  	PermissionsBoundaryPolicyInputList []*string `type:"list"`
 36013  
 36014  	// An optional list of additional policy documents to include in the simulation.
 36015  	// Each document is specified as a string containing the complete, valid JSON
 36016  	// text of an IAM policy.
 36017  	//
 36018  	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
 36019  	// parameter is a string of characters consisting of the following:
 36020  	//
 36021  	//    * Any printable ASCII character ranging from the space character (\u0020)
 36022  	//    through the end of the ASCII character range
 36023  	//
 36024  	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
 36025  	//    set (through \u00FF)
 36026  	//
 36027  	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
 36028  	//    return (\u000D)
 36029  	PolicyInputList []*string `type:"list"`
 36030  
 36031  	// The Amazon Resource Name (ARN) of a user, group, or role whose policies you
 36032  	// want to include in the simulation. If you specify a user, group, or role,
 36033  	// the simulation includes all policies that are associated with that entity.
 36034  	// If you specify a user, the simulation also includes all policies that are
 36035  	// attached to any groups the user belongs to.
 36036  	//
 36037  	// The maximum length of the policy document that you can pass in this operation,
 36038  	// including whitespace, is listed below. To view the maximum character counts
 36039  	// of a managed policy with no whitespaces, see IAM and STS character quotas
 36040  	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html#reference_iam-quotas-entity-length).
 36041  	//
 36042  	// For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
 36043  	// in the Amazon Web Services General Reference.
 36044  	//
 36045  	// PolicySourceArn is a required field
 36046  	PolicySourceArn *string `min:"20" type:"string" required:"true"`
 36047  
 36048  	// A list of ARNs of Amazon Web Services resources to include in the simulation.
 36049  	// If this parameter is not provided, then the value defaults to * (all resources).
 36050  	// Each API in the ActionNames parameter is evaluated for each resource in this
 36051  	// list. The simulation determines the access result (allowed or denied) of
 36052  	// each combination and reports it in the response. You can simulate resources
 36053  	// that don't exist in your account.
 36054  	//
 36055  	// The simulation does not automatically retrieve policies for the specified
 36056  	// resources. If you want to include a resource policy in the simulation, then
 36057  	// you must include the policy as a string in the ResourcePolicy parameter.
 36058  	//
 36059  	// For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
 36060  	// in the Amazon Web Services General Reference.
 36061  	ResourceArns []*string `type:"list"`
 36062  
 36063  	// Specifies the type of simulation to run. Different API operations that support
 36064  	// resource-based policies require different combinations of resources. By specifying
 36065  	// the type of simulation to run, you enable the policy simulator to enforce
 36066  	// the presence of the required resources to ensure reliable simulation results.
 36067  	// If your simulation does not match one of the following scenarios, then you
 36068  	// can omit this parameter. The following list shows each of the supported scenario
 36069  	// values and the resources that you must define to run the simulation.
 36070  	//
 36071  	// Each of the EC2 scenarios requires that you specify instance, image, and
 36072  	// security group resources. If your scenario includes an EBS volume, then you
 36073  	// must specify that volume as a resource. If the EC2 scenario includes VPC,
 36074  	// then you must supply the network interface resource. If it includes an IP
 36075  	// subnet, then you must specify the subnet resource. For more information on
 36076  	// the EC2 scenario options, see Supported platforms (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-supported-platforms.html)
 36077  	// in the Amazon EC2 User Guide.
 36078  	//
 36079  	//    * EC2-Classic-InstanceStore instance, image, security group
 36080  	//
 36081  	//    * EC2-Classic-EBS instance, image, security group, volume
 36082  	//
 36083  	//    * EC2-VPC-InstanceStore instance, image, security group, network interface
 36084  	//
 36085  	//    * EC2-VPC-InstanceStore-Subnet instance, image, security group, network
 36086  	//    interface, subnet
 36087  	//
 36088  	//    * EC2-VPC-EBS instance, image, security group, network interface, volume
 36089  	//
 36090  	//    * EC2-VPC-EBS-Subnet instance, image, security group, network interface,
 36091  	//    subnet, volume
 36092  	ResourceHandlingOption *string `min:"1" type:"string"`
 36093  
 36094  	// An Amazon Web Services account ID that specifies the owner of any simulated
 36095  	// resource that does not identify its owner in the resource ARN. Examples of
 36096  	// resource ARNs include an S3 bucket or object. If ResourceOwner is specified,
 36097  	// it is also used as the account owner of any ResourcePolicy included in the
 36098  	// simulation. If the ResourceOwner parameter is not specified, then the owner
 36099  	// of the resources and the resource policy defaults to the account of the identity
 36100  	// provided in CallerArn. This parameter is required only if you specify a resource-based
 36101  	// policy and account that owns the resource is different from the account that
 36102  	// owns the simulated calling user CallerArn.
 36103  	ResourceOwner *string `min:"1" type:"string"`
 36104  
 36105  	// A resource-based policy to include in the simulation provided as a string.
 36106  	// Each resource in the simulation is treated as if it had this policy attached.
 36107  	// You can include only one resource-based policy in a simulation.
 36108  	//
 36109  	// The maximum length of the policy document that you can pass in this operation,
 36110  	// including whitespace, is listed below. To view the maximum character counts
 36111  	// of a managed policy with no whitespaces, see IAM and STS character quotas
 36112  	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html#reference_iam-quotas-entity-length).
 36113  	//
 36114  	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
 36115  	// parameter is a string of characters consisting of the following:
 36116  	//
 36117  	//    * Any printable ASCII character ranging from the space character (\u0020)
 36118  	//    through the end of the ASCII character range
 36119  	//
 36120  	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
 36121  	//    set (through \u00FF)
 36122  	//
 36123  	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
 36124  	//    return (\u000D)
 36125  	ResourcePolicy *string `min:"1" type:"string"`
 36126  }
 36127  
 36128  // String returns the string representation.
 36129  //
 36130  // API parameter values that are decorated as "sensitive" in the API will not
 36131  // be included in the string output. The member name will be present, but the
 36132  // value will be replaced with "sensitive".
 36133  func (s SimulatePrincipalPolicyInput) String() string {
 36134  	return awsutil.Prettify(s)
 36135  }
 36136  
 36137  // GoString returns the string representation.
 36138  //
 36139  // API parameter values that are decorated as "sensitive" in the API will not
 36140  // be included in the string output. The member name will be present, but the
 36141  // value will be replaced with "sensitive".
 36142  func (s SimulatePrincipalPolicyInput) GoString() string {
 36143  	return s.String()
 36144  }
 36145  
 36146  // Validate inspects the fields of the type to determine if they are valid.
 36147  func (s *SimulatePrincipalPolicyInput) Validate() error {
 36148  	invalidParams := request.ErrInvalidParams{Context: "SimulatePrincipalPolicyInput"}
 36149  	if s.ActionNames == nil {
 36150  		invalidParams.Add(request.NewErrParamRequired("ActionNames"))
 36151  	}
 36152  	if s.CallerArn != nil && len(*s.CallerArn) < 1 {
 36153  		invalidParams.Add(request.NewErrParamMinLen("CallerArn", 1))
 36154  	}
 36155  	if s.Marker != nil && len(*s.Marker) < 1 {
 36156  		invalidParams.Add(request.NewErrParamMinLen("Marker", 1))
 36157  	}
 36158  	if s.MaxItems != nil && *s.MaxItems < 1 {
 36159  		invalidParams.Add(request.NewErrParamMinValue("MaxItems", 1))
 36160  	}
 36161  	if s.PolicySourceArn == nil {
 36162  		invalidParams.Add(request.NewErrParamRequired("PolicySourceArn"))
 36163  	}
 36164  	if s.PolicySourceArn != nil && len(*s.PolicySourceArn) < 20 {
 36165  		invalidParams.Add(request.NewErrParamMinLen("PolicySourceArn", 20))
 36166  	}
 36167  	if s.ResourceHandlingOption != nil && len(*s.ResourceHandlingOption) < 1 {
 36168  		invalidParams.Add(request.NewErrParamMinLen("ResourceHandlingOption", 1))
 36169  	}
 36170  	if s.ResourceOwner != nil && len(*s.ResourceOwner) < 1 {
 36171  		invalidParams.Add(request.NewErrParamMinLen("ResourceOwner", 1))
 36172  	}
 36173  	if s.ResourcePolicy != nil && len(*s.ResourcePolicy) < 1 {
 36174  		invalidParams.Add(request.NewErrParamMinLen("ResourcePolicy", 1))
 36175  	}
 36176  	if s.ContextEntries != nil {
 36177  		for i, v := range s.ContextEntries {
 36178  			if v == nil {
 36179  				continue
 36180  			}
 36181  			if err := v.Validate(); err != nil {
 36182  				invalidParams.AddNested(fmt.Sprintf("%s[%v]", "ContextEntries", i), err.(request.ErrInvalidParams))
 36183  			}
 36184  		}
 36185  	}
 36186  
 36187  	if invalidParams.Len() > 0 {
 36188  		return invalidParams
 36189  	}
 36190  	return nil
 36191  }
 36192  
 36193  // SetActionNames sets the ActionNames field's value.
 36194  func (s *SimulatePrincipalPolicyInput) SetActionNames(v []*string) *SimulatePrincipalPolicyInput {
 36195  	s.ActionNames = v
 36196  	return s
 36197  }
 36198  
 36199  // SetCallerArn sets the CallerArn field's value.
 36200  func (s *SimulatePrincipalPolicyInput) SetCallerArn(v string) *SimulatePrincipalPolicyInput {
 36201  	s.CallerArn = &v
 36202  	return s
 36203  }
 36204  
 36205  // SetContextEntries sets the ContextEntries field's value.
 36206  func (s *SimulatePrincipalPolicyInput) SetContextEntries(v []*ContextEntry) *SimulatePrincipalPolicyInput {
 36207  	s.ContextEntries = v
 36208  	return s
 36209  }
 36210  
 36211  // SetMarker sets the Marker field's value.
 36212  func (s *SimulatePrincipalPolicyInput) SetMarker(v string) *SimulatePrincipalPolicyInput {
 36213  	s.Marker = &v
 36214  	return s
 36215  }
 36216  
 36217  // SetMaxItems sets the MaxItems field's value.
 36218  func (s *SimulatePrincipalPolicyInput) SetMaxItems(v int64) *SimulatePrincipalPolicyInput {
 36219  	s.MaxItems = &v
 36220  	return s
 36221  }
 36222  
 36223  // SetPermissionsBoundaryPolicyInputList sets the PermissionsBoundaryPolicyInputList field's value.
 36224  func (s *SimulatePrincipalPolicyInput) SetPermissionsBoundaryPolicyInputList(v []*string) *SimulatePrincipalPolicyInput {
 36225  	s.PermissionsBoundaryPolicyInputList = v
 36226  	return s
 36227  }
 36228  
 36229  // SetPolicyInputList sets the PolicyInputList field's value.
 36230  func (s *SimulatePrincipalPolicyInput) SetPolicyInputList(v []*string) *SimulatePrincipalPolicyInput {
 36231  	s.PolicyInputList = v
 36232  	return s
 36233  }
 36234  
 36235  // SetPolicySourceArn sets the PolicySourceArn field's value.
 36236  func (s *SimulatePrincipalPolicyInput) SetPolicySourceArn(v string) *SimulatePrincipalPolicyInput {
 36237  	s.PolicySourceArn = &v
 36238  	return s
 36239  }
 36240  
 36241  // SetResourceArns sets the ResourceArns field's value.
 36242  func (s *SimulatePrincipalPolicyInput) SetResourceArns(v []*string) *SimulatePrincipalPolicyInput {
 36243  	s.ResourceArns = v
 36244  	return s
 36245  }
 36246  
 36247  // SetResourceHandlingOption sets the ResourceHandlingOption field's value.
 36248  func (s *SimulatePrincipalPolicyInput) SetResourceHandlingOption(v string) *SimulatePrincipalPolicyInput {
 36249  	s.ResourceHandlingOption = &v
 36250  	return s
 36251  }
 36252  
 36253  // SetResourceOwner sets the ResourceOwner field's value.
 36254  func (s *SimulatePrincipalPolicyInput) SetResourceOwner(v string) *SimulatePrincipalPolicyInput {
 36255  	s.ResourceOwner = &v
 36256  	return s
 36257  }
 36258  
 36259  // SetResourcePolicy sets the ResourcePolicy field's value.
 36260  func (s *SimulatePrincipalPolicyInput) SetResourcePolicy(v string) *SimulatePrincipalPolicyInput {
 36261  	s.ResourcePolicy = &v
 36262  	return s
 36263  }
 36264  
 36265  // Contains a reference to a Statement element in a policy document that determines
 36266  // the result of the simulation.
 36267  //
 36268  // This data type is used by the MatchedStatements member of the EvaluationResult
 36269  // type.
 36270  type Statement struct {
 36271  	_ struct{} `type:"structure"`
 36272  
 36273  	// The row and column of the end of a Statement in an IAM policy.
 36274  	EndPosition *Position `type:"structure"`
 36275  
 36276  	// The identifier of the policy that was provided as an input.
 36277  	SourcePolicyId *string `type:"string"`
 36278  
 36279  	// The type of the policy.
 36280  	SourcePolicyType *string `type:"string" enum:"PolicySourceType"`
 36281  
 36282  	// The row and column of the beginning of the Statement in an IAM policy.
 36283  	StartPosition *Position `type:"structure"`
 36284  }
 36285  
 36286  // String returns the string representation.
 36287  //
 36288  // API parameter values that are decorated as "sensitive" in the API will not
 36289  // be included in the string output. The member name will be present, but the
 36290  // value will be replaced with "sensitive".
 36291  func (s Statement) String() string {
 36292  	return awsutil.Prettify(s)
 36293  }
 36294  
 36295  // GoString returns the string representation.
 36296  //
 36297  // API parameter values that are decorated as "sensitive" in the API will not
 36298  // be included in the string output. The member name will be present, but the
 36299  // value will be replaced with "sensitive".
 36300  func (s Statement) GoString() string {
 36301  	return s.String()
 36302  }
 36303  
 36304  // SetEndPosition sets the EndPosition field's value.
 36305  func (s *Statement) SetEndPosition(v *Position) *Statement {
 36306  	s.EndPosition = v
 36307  	return s
 36308  }
 36309  
 36310  // SetSourcePolicyId sets the SourcePolicyId field's value.
 36311  func (s *Statement) SetSourcePolicyId(v string) *Statement {
 36312  	s.SourcePolicyId = &v
 36313  	return s
 36314  }
 36315  
 36316  // SetSourcePolicyType sets the SourcePolicyType field's value.
 36317  func (s *Statement) SetSourcePolicyType(v string) *Statement {
 36318  	s.SourcePolicyType = &v
 36319  	return s
 36320  }
 36321  
 36322  // SetStartPosition sets the StartPosition field's value.
 36323  func (s *Statement) SetStartPosition(v *Position) *Statement {
 36324  	s.StartPosition = v
 36325  	return s
 36326  }
 36327  
 36328  // A structure that represents user-provided metadata that can be associated
 36329  // with an IAM resource. For more information about tagging, see Tagging IAM
 36330  // resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
 36331  // in the IAM User Guide.
 36332  type Tag struct {
 36333  	_ struct{} `type:"structure"`
 36334  
 36335  	// The key name that can be used to look up or retrieve the associated value.
 36336  	// For example, Department or Cost Center are common choices.
 36337  	//
 36338  	// Key is a required field
 36339  	Key *string `min:"1" type:"string" required:"true"`
 36340  
 36341  	// The value associated with this tag. For example, tags with a key name of
 36342  	// Department could have values such as Human Resources, Accounting, and Support.
 36343  	// Tags with a key name of Cost Center might have values that consist of the
 36344  	// number associated with the different cost centers in your company. Typically,
 36345  	// many resources have tags with the same key name but with different values.
 36346  	//
 36347  	// Amazon Web Services always interprets the tag Value as a single string. If
 36348  	// you need to store an array, you can store comma-separated values in the string.
 36349  	// However, you must interpret the value in your code.
 36350  	//
 36351  	// Value is a required field
 36352  	Value *string `type:"string" required:"true"`
 36353  }
 36354  
 36355  // String returns the string representation.
 36356  //
 36357  // API parameter values that are decorated as "sensitive" in the API will not
 36358  // be included in the string output. The member name will be present, but the
 36359  // value will be replaced with "sensitive".
 36360  func (s Tag) String() string {
 36361  	return awsutil.Prettify(s)
 36362  }
 36363  
 36364  // GoString returns the string representation.
 36365  //
 36366  // API parameter values that are decorated as "sensitive" in the API will not
 36367  // be included in the string output. The member name will be present, but the
 36368  // value will be replaced with "sensitive".
 36369  func (s Tag) GoString() string {
 36370  	return s.String()
 36371  }
 36372  
 36373  // Validate inspects the fields of the type to determine if they are valid.
 36374  func (s *Tag) Validate() error {
 36375  	invalidParams := request.ErrInvalidParams{Context: "Tag"}
 36376  	if s.Key == nil {
 36377  		invalidParams.Add(request.NewErrParamRequired("Key"))
 36378  	}
 36379  	if s.Key != nil && len(*s.Key) < 1 {
 36380  		invalidParams.Add(request.NewErrParamMinLen("Key", 1))
 36381  	}
 36382  	if s.Value == nil {
 36383  		invalidParams.Add(request.NewErrParamRequired("Value"))
 36384  	}
 36385  
 36386  	if invalidParams.Len() > 0 {
 36387  		return invalidParams
 36388  	}
 36389  	return nil
 36390  }
 36391  
 36392  // SetKey sets the Key field's value.
 36393  func (s *Tag) SetKey(v string) *Tag {
 36394  	s.Key = &v
 36395  	return s
 36396  }
 36397  
 36398  // SetValue sets the Value field's value.
 36399  func (s *Tag) SetValue(v string) *Tag {
 36400  	s.Value = &v
 36401  	return s
 36402  }
 36403  
 36404  type TagInstanceProfileInput struct {
 36405  	_ struct{} `type:"structure"`
 36406  
 36407  	// The name of the IAM instance profile to which you want to add tags.
 36408  	//
 36409  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 36410  	// a string of characters consisting of upper and lowercase alphanumeric characters
 36411  	// with no spaces. You can also include any of the following characters: _+=,.@-
 36412  	//
 36413  	// InstanceProfileName is a required field
 36414  	InstanceProfileName *string `min:"1" type:"string" required:"true"`
 36415  
 36416  	// The list of tags that you want to attach to the IAM instance profile. Each
 36417  	// tag consists of a key name and an associated value.
 36418  	//
 36419  	// Tags is a required field
 36420  	Tags []*Tag `type:"list" required:"true"`
 36421  }
 36422  
 36423  // String returns the string representation.
 36424  //
 36425  // API parameter values that are decorated as "sensitive" in the API will not
 36426  // be included in the string output. The member name will be present, but the
 36427  // value will be replaced with "sensitive".
 36428  func (s TagInstanceProfileInput) String() string {
 36429  	return awsutil.Prettify(s)
 36430  }
 36431  
 36432  // GoString returns the string representation.
 36433  //
 36434  // API parameter values that are decorated as "sensitive" in the API will not
 36435  // be included in the string output. The member name will be present, but the
 36436  // value will be replaced with "sensitive".
 36437  func (s TagInstanceProfileInput) GoString() string {
 36438  	return s.String()
 36439  }
 36440  
 36441  // Validate inspects the fields of the type to determine if they are valid.
 36442  func (s *TagInstanceProfileInput) Validate() error {
 36443  	invalidParams := request.ErrInvalidParams{Context: "TagInstanceProfileInput"}
 36444  	if s.InstanceProfileName == nil {
 36445  		invalidParams.Add(request.NewErrParamRequired("InstanceProfileName"))
 36446  	}
 36447  	if s.InstanceProfileName != nil && len(*s.InstanceProfileName) < 1 {
 36448  		invalidParams.Add(request.NewErrParamMinLen("InstanceProfileName", 1))
 36449  	}
 36450  	if s.Tags == nil {
 36451  		invalidParams.Add(request.NewErrParamRequired("Tags"))
 36452  	}
 36453  	if s.Tags != nil {
 36454  		for i, v := range s.Tags {
 36455  			if v == nil {
 36456  				continue
 36457  			}
 36458  			if err := v.Validate(); err != nil {
 36459  				invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Tags", i), err.(request.ErrInvalidParams))
 36460  			}
 36461  		}
 36462  	}
 36463  
 36464  	if invalidParams.Len() > 0 {
 36465  		return invalidParams
 36466  	}
 36467  	return nil
 36468  }
 36469  
 36470  // SetInstanceProfileName sets the InstanceProfileName field's value.
 36471  func (s *TagInstanceProfileInput) SetInstanceProfileName(v string) *TagInstanceProfileInput {
 36472  	s.InstanceProfileName = &v
 36473  	return s
 36474  }
 36475  
 36476  // SetTags sets the Tags field's value.
 36477  func (s *TagInstanceProfileInput) SetTags(v []*Tag) *TagInstanceProfileInput {
 36478  	s.Tags = v
 36479  	return s
 36480  }
 36481  
 36482  type TagInstanceProfileOutput struct {
 36483  	_ struct{} `type:"structure"`
 36484  }
 36485  
 36486  // String returns the string representation.
 36487  //
 36488  // API parameter values that are decorated as "sensitive" in the API will not
 36489  // be included in the string output. The member name will be present, but the
 36490  // value will be replaced with "sensitive".
 36491  func (s TagInstanceProfileOutput) String() string {
 36492  	return awsutil.Prettify(s)
 36493  }
 36494  
 36495  // GoString returns the string representation.
 36496  //
 36497  // API parameter values that are decorated as "sensitive" in the API will not
 36498  // be included in the string output. The member name will be present, but the
 36499  // value will be replaced with "sensitive".
 36500  func (s TagInstanceProfileOutput) GoString() string {
 36501  	return s.String()
 36502  }
 36503  
 36504  type TagMFADeviceInput struct {
 36505  	_ struct{} `type:"structure"`
 36506  
 36507  	// The unique identifier for the IAM virtual MFA device to which you want to
 36508  	// add tags. For virtual MFA devices, the serial number is the same as the ARN.
 36509  	//
 36510  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 36511  	// a string of characters consisting of upper and lowercase alphanumeric characters
 36512  	// with no spaces. You can also include any of the following characters: _+=,.@-
 36513  	//
 36514  	// SerialNumber is a required field
 36515  	SerialNumber *string `min:"9" type:"string" required:"true"`
 36516  
 36517  	// The list of tags that you want to attach to the IAM virtual MFA device. Each
 36518  	// tag consists of a key name and an associated value.
 36519  	//
 36520  	// Tags is a required field
 36521  	Tags []*Tag `type:"list" required:"true"`
 36522  }
 36523  
 36524  // String returns the string representation.
 36525  //
 36526  // API parameter values that are decorated as "sensitive" in the API will not
 36527  // be included in the string output. The member name will be present, but the
 36528  // value will be replaced with "sensitive".
 36529  func (s TagMFADeviceInput) String() string {
 36530  	return awsutil.Prettify(s)
 36531  }
 36532  
 36533  // GoString returns the string representation.
 36534  //
 36535  // API parameter values that are decorated as "sensitive" in the API will not
 36536  // be included in the string output. The member name will be present, but the
 36537  // value will be replaced with "sensitive".
 36538  func (s TagMFADeviceInput) GoString() string {
 36539  	return s.String()
 36540  }
 36541  
 36542  // Validate inspects the fields of the type to determine if they are valid.
 36543  func (s *TagMFADeviceInput) Validate() error {
 36544  	invalidParams := request.ErrInvalidParams{Context: "TagMFADeviceInput"}
 36545  	if s.SerialNumber == nil {
 36546  		invalidParams.Add(request.NewErrParamRequired("SerialNumber"))
 36547  	}
 36548  	if s.SerialNumber != nil && len(*s.SerialNumber) < 9 {
 36549  		invalidParams.Add(request.NewErrParamMinLen("SerialNumber", 9))
 36550  	}
 36551  	if s.Tags == nil {
 36552  		invalidParams.Add(request.NewErrParamRequired("Tags"))
 36553  	}
 36554  	if s.Tags != nil {
 36555  		for i, v := range s.Tags {
 36556  			if v == nil {
 36557  				continue
 36558  			}
 36559  			if err := v.Validate(); err != nil {
 36560  				invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Tags", i), err.(request.ErrInvalidParams))
 36561  			}
 36562  		}
 36563  	}
 36564  
 36565  	if invalidParams.Len() > 0 {
 36566  		return invalidParams
 36567  	}
 36568  	return nil
 36569  }
 36570  
 36571  // SetSerialNumber sets the SerialNumber field's value.
 36572  func (s *TagMFADeviceInput) SetSerialNumber(v string) *TagMFADeviceInput {
 36573  	s.SerialNumber = &v
 36574  	return s
 36575  }
 36576  
 36577  // SetTags sets the Tags field's value.
 36578  func (s *TagMFADeviceInput) SetTags(v []*Tag) *TagMFADeviceInput {
 36579  	s.Tags = v
 36580  	return s
 36581  }
 36582  
 36583  type TagMFADeviceOutput struct {
 36584  	_ struct{} `type:"structure"`
 36585  }
 36586  
 36587  // String returns the string representation.
 36588  //
 36589  // API parameter values that are decorated as "sensitive" in the API will not
 36590  // be included in the string output. The member name will be present, but the
 36591  // value will be replaced with "sensitive".
 36592  func (s TagMFADeviceOutput) String() string {
 36593  	return awsutil.Prettify(s)
 36594  }
 36595  
 36596  // GoString returns the string representation.
 36597  //
 36598  // API parameter values that are decorated as "sensitive" in the API will not
 36599  // be included in the string output. The member name will be present, but the
 36600  // value will be replaced with "sensitive".
 36601  func (s TagMFADeviceOutput) GoString() string {
 36602  	return s.String()
 36603  }
 36604  
 36605  type TagOpenIDConnectProviderInput struct {
 36606  	_ struct{} `type:"structure"`
 36607  
 36608  	// The ARN of the OIDC identity provider in IAM to which you want to add tags.
 36609  	//
 36610  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 36611  	// a string of characters consisting of upper and lowercase alphanumeric characters
 36612  	// with no spaces. You can also include any of the following characters: _+=,.@-
 36613  	//
 36614  	// OpenIDConnectProviderArn is a required field
 36615  	OpenIDConnectProviderArn *string `min:"20" type:"string" required:"true"`
 36616  
 36617  	// The list of tags that you want to attach to the OIDC identity provider in
 36618  	// IAM. Each tag consists of a key name and an associated value.
 36619  	//
 36620  	// Tags is a required field
 36621  	Tags []*Tag `type:"list" required:"true"`
 36622  }
 36623  
 36624  // String returns the string representation.
 36625  //
 36626  // API parameter values that are decorated as "sensitive" in the API will not
 36627  // be included in the string output. The member name will be present, but the
 36628  // value will be replaced with "sensitive".
 36629  func (s TagOpenIDConnectProviderInput) String() string {
 36630  	return awsutil.Prettify(s)
 36631  }
 36632  
 36633  // GoString returns the string representation.
 36634  //
 36635  // API parameter values that are decorated as "sensitive" in the API will not
 36636  // be included in the string output. The member name will be present, but the
 36637  // value will be replaced with "sensitive".
 36638  func (s TagOpenIDConnectProviderInput) GoString() string {
 36639  	return s.String()
 36640  }
 36641  
 36642  // Validate inspects the fields of the type to determine if they are valid.
 36643  func (s *TagOpenIDConnectProviderInput) Validate() error {
 36644  	invalidParams := request.ErrInvalidParams{Context: "TagOpenIDConnectProviderInput"}
 36645  	if s.OpenIDConnectProviderArn == nil {
 36646  		invalidParams.Add(request.NewErrParamRequired("OpenIDConnectProviderArn"))
 36647  	}
 36648  	if s.OpenIDConnectProviderArn != nil && len(*s.OpenIDConnectProviderArn) < 20 {
 36649  		invalidParams.Add(request.NewErrParamMinLen("OpenIDConnectProviderArn", 20))
 36650  	}
 36651  	if s.Tags == nil {
 36652  		invalidParams.Add(request.NewErrParamRequired("Tags"))
 36653  	}
 36654  	if s.Tags != nil {
 36655  		for i, v := range s.Tags {
 36656  			if v == nil {
 36657  				continue
 36658  			}
 36659  			if err := v.Validate(); err != nil {
 36660  				invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Tags", i), err.(request.ErrInvalidParams))
 36661  			}
 36662  		}
 36663  	}
 36664  
 36665  	if invalidParams.Len() > 0 {
 36666  		return invalidParams
 36667  	}
 36668  	return nil
 36669  }
 36670  
 36671  // SetOpenIDConnectProviderArn sets the OpenIDConnectProviderArn field's value.
 36672  func (s *TagOpenIDConnectProviderInput) SetOpenIDConnectProviderArn(v string) *TagOpenIDConnectProviderInput {
 36673  	s.OpenIDConnectProviderArn = &v
 36674  	return s
 36675  }
 36676  
 36677  // SetTags sets the Tags field's value.
 36678  func (s *TagOpenIDConnectProviderInput) SetTags(v []*Tag) *TagOpenIDConnectProviderInput {
 36679  	s.Tags = v
 36680  	return s
 36681  }
 36682  
 36683  type TagOpenIDConnectProviderOutput struct {
 36684  	_ struct{} `type:"structure"`
 36685  }
 36686  
 36687  // String returns the string representation.
 36688  //
 36689  // API parameter values that are decorated as "sensitive" in the API will not
 36690  // be included in the string output. The member name will be present, but the
 36691  // value will be replaced with "sensitive".
 36692  func (s TagOpenIDConnectProviderOutput) String() string {
 36693  	return awsutil.Prettify(s)
 36694  }
 36695  
 36696  // GoString returns the string representation.
 36697  //
 36698  // API parameter values that are decorated as "sensitive" in the API will not
 36699  // be included in the string output. The member name will be present, but the
 36700  // value will be replaced with "sensitive".
 36701  func (s TagOpenIDConnectProviderOutput) GoString() string {
 36702  	return s.String()
 36703  }
 36704  
 36705  type TagPolicyInput struct {
 36706  	_ struct{} `type:"structure"`
 36707  
 36708  	// The ARN of the IAM customer managed policy to which you want to add tags.
 36709  	//
 36710  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 36711  	// a string of characters consisting of upper and lowercase alphanumeric characters
 36712  	// with no spaces. You can also include any of the following characters: _+=,.@-
 36713  	//
 36714  	// PolicyArn is a required field
 36715  	PolicyArn *string `min:"20" type:"string" required:"true"`
 36716  
 36717  	// The list of tags that you want to attach to the IAM customer managed policy.
 36718  	// Each tag consists of a key name and an associated value.
 36719  	//
 36720  	// Tags is a required field
 36721  	Tags []*Tag `type:"list" required:"true"`
 36722  }
 36723  
 36724  // String returns the string representation.
 36725  //
 36726  // API parameter values that are decorated as "sensitive" in the API will not
 36727  // be included in the string output. The member name will be present, but the
 36728  // value will be replaced with "sensitive".
 36729  func (s TagPolicyInput) String() string {
 36730  	return awsutil.Prettify(s)
 36731  }
 36732  
 36733  // GoString returns the string representation.
 36734  //
 36735  // API parameter values that are decorated as "sensitive" in the API will not
 36736  // be included in the string output. The member name will be present, but the
 36737  // value will be replaced with "sensitive".
 36738  func (s TagPolicyInput) GoString() string {
 36739  	return s.String()
 36740  }
 36741  
 36742  // Validate inspects the fields of the type to determine if they are valid.
 36743  func (s *TagPolicyInput) Validate() error {
 36744  	invalidParams := request.ErrInvalidParams{Context: "TagPolicyInput"}
 36745  	if s.PolicyArn == nil {
 36746  		invalidParams.Add(request.NewErrParamRequired("PolicyArn"))
 36747  	}
 36748  	if s.PolicyArn != nil && len(*s.PolicyArn) < 20 {
 36749  		invalidParams.Add(request.NewErrParamMinLen("PolicyArn", 20))
 36750  	}
 36751  	if s.Tags == nil {
 36752  		invalidParams.Add(request.NewErrParamRequired("Tags"))
 36753  	}
 36754  	if s.Tags != nil {
 36755  		for i, v := range s.Tags {
 36756  			if v == nil {
 36757  				continue
 36758  			}
 36759  			if err := v.Validate(); err != nil {
 36760  				invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Tags", i), err.(request.ErrInvalidParams))
 36761  			}
 36762  		}
 36763  	}
 36764  
 36765  	if invalidParams.Len() > 0 {
 36766  		return invalidParams
 36767  	}
 36768  	return nil
 36769  }
 36770  
 36771  // SetPolicyArn sets the PolicyArn field's value.
 36772  func (s *TagPolicyInput) SetPolicyArn(v string) *TagPolicyInput {
 36773  	s.PolicyArn = &v
 36774  	return s
 36775  }
 36776  
 36777  // SetTags sets the Tags field's value.
 36778  func (s *TagPolicyInput) SetTags(v []*Tag) *TagPolicyInput {
 36779  	s.Tags = v
 36780  	return s
 36781  }
 36782  
 36783  type TagPolicyOutput struct {
 36784  	_ struct{} `type:"structure"`
 36785  }
 36786  
 36787  // String returns the string representation.
 36788  //
 36789  // API parameter values that are decorated as "sensitive" in the API will not
 36790  // be included in the string output. The member name will be present, but the
 36791  // value will be replaced with "sensitive".
 36792  func (s TagPolicyOutput) String() string {
 36793  	return awsutil.Prettify(s)
 36794  }
 36795  
 36796  // GoString returns the string representation.
 36797  //
 36798  // API parameter values that are decorated as "sensitive" in the API will not
 36799  // be included in the string output. The member name will be present, but the
 36800  // value will be replaced with "sensitive".
 36801  func (s TagPolicyOutput) GoString() string {
 36802  	return s.String()
 36803  }
 36804  
 36805  type TagRoleInput struct {
 36806  	_ struct{} `type:"structure"`
 36807  
 36808  	// The name of the IAM role to which you want to add tags.
 36809  	//
 36810  	// This parameter accepts (through its regex pattern (http://wikipedia.org/wiki/regex))
 36811  	// a string of characters that consist of upper and lowercase alphanumeric characters
 36812  	// with no spaces. You can also include any of the following characters: _+=,.@-
 36813  	//
 36814  	// RoleName is a required field
 36815  	RoleName *string `min:"1" type:"string" required:"true"`
 36816  
 36817  	// The list of tags that you want to attach to the IAM role. Each tag consists
 36818  	// of a key name and an associated value.
 36819  	//
 36820  	// Tags is a required field
 36821  	Tags []*Tag `type:"list" required:"true"`
 36822  }
 36823  
 36824  // String returns the string representation.
 36825  //
 36826  // API parameter values that are decorated as "sensitive" in the API will not
 36827  // be included in the string output. The member name will be present, but the
 36828  // value will be replaced with "sensitive".
 36829  func (s TagRoleInput) String() string {
 36830  	return awsutil.Prettify(s)
 36831  }
 36832  
 36833  // GoString returns the string representation.
 36834  //
 36835  // API parameter values that are decorated as "sensitive" in the API will not
 36836  // be included in the string output. The member name will be present, but the
 36837  // value will be replaced with "sensitive".
 36838  func (s TagRoleInput) GoString() string {
 36839  	return s.String()
 36840  }
 36841  
 36842  // Validate inspects the fields of the type to determine if they are valid.
 36843  func (s *TagRoleInput) Validate() error {
 36844  	invalidParams := request.ErrInvalidParams{Context: "TagRoleInput"}
 36845  	if s.RoleName == nil {
 36846  		invalidParams.Add(request.NewErrParamRequired("RoleName"))
 36847  	}
 36848  	if s.RoleName != nil && len(*s.RoleName) < 1 {
 36849  		invalidParams.Add(request.NewErrParamMinLen("RoleName", 1))
 36850  	}
 36851  	if s.Tags == nil {
 36852  		invalidParams.Add(request.NewErrParamRequired("Tags"))
 36853  	}
 36854  	if s.Tags != nil {
 36855  		for i, v := range s.Tags {
 36856  			if v == nil {
 36857  				continue
 36858  			}
 36859  			if err := v.Validate(); err != nil {
 36860  				invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Tags", i), err.(request.ErrInvalidParams))
 36861  			}
 36862  		}
 36863  	}
 36864  
 36865  	if invalidParams.Len() > 0 {
 36866  		return invalidParams
 36867  	}
 36868  	return nil
 36869  }
 36870  
 36871  // SetRoleName sets the RoleName field's value.
 36872  func (s *TagRoleInput) SetRoleName(v string) *TagRoleInput {
 36873  	s.RoleName = &v
 36874  	return s
 36875  }
 36876  
 36877  // SetTags sets the Tags field's value.
 36878  func (s *TagRoleInput) SetTags(v []*Tag) *TagRoleInput {
 36879  	s.Tags = v
 36880  	return s
 36881  }
 36882  
 36883  type TagRoleOutput struct {
 36884  	_ struct{} `type:"structure"`
 36885  }
 36886  
 36887  // String returns the string representation.
 36888  //
 36889  // API parameter values that are decorated as "sensitive" in the API will not
 36890  // be included in the string output. The member name will be present, but the
 36891  // value will be replaced with "sensitive".
 36892  func (s TagRoleOutput) String() string {
 36893  	return awsutil.Prettify(s)
 36894  }
 36895  
 36896  // GoString returns the string representation.
 36897  //
 36898  // API parameter values that are decorated as "sensitive" in the API will not
 36899  // be included in the string output. The member name will be present, but the
 36900  // value will be replaced with "sensitive".
 36901  func (s TagRoleOutput) GoString() string {
 36902  	return s.String()
 36903  }
 36904  
 36905  type TagSAMLProviderInput struct {
 36906  	_ struct{} `type:"structure"`
 36907  
 36908  	// The ARN of the SAML identity provider in IAM to which you want to add tags.
 36909  	//
 36910  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 36911  	// a string of characters consisting of upper and lowercase alphanumeric characters
 36912  	// with no spaces. You can also include any of the following characters: _+=,.@-
 36913  	//
 36914  	// SAMLProviderArn is a required field
 36915  	SAMLProviderArn *string `min:"20" type:"string" required:"true"`
 36916  
 36917  	// The list of tags that you want to attach to the SAML identity provider in
 36918  	// IAM. Each tag consists of a key name and an associated value.
 36919  	//
 36920  	// Tags is a required field
 36921  	Tags []*Tag `type:"list" required:"true"`
 36922  }
 36923  
 36924  // String returns the string representation.
 36925  //
 36926  // API parameter values that are decorated as "sensitive" in the API will not
 36927  // be included in the string output. The member name will be present, but the
 36928  // value will be replaced with "sensitive".
 36929  func (s TagSAMLProviderInput) String() string {
 36930  	return awsutil.Prettify(s)
 36931  }
 36932  
 36933  // GoString returns the string representation.
 36934  //
 36935  // API parameter values that are decorated as "sensitive" in the API will not
 36936  // be included in the string output. The member name will be present, but the
 36937  // value will be replaced with "sensitive".
 36938  func (s TagSAMLProviderInput) GoString() string {
 36939  	return s.String()
 36940  }
 36941  
 36942  // Validate inspects the fields of the type to determine if they are valid.
 36943  func (s *TagSAMLProviderInput) Validate() error {
 36944  	invalidParams := request.ErrInvalidParams{Context: "TagSAMLProviderInput"}
 36945  	if s.SAMLProviderArn == nil {
 36946  		invalidParams.Add(request.NewErrParamRequired("SAMLProviderArn"))
 36947  	}
 36948  	if s.SAMLProviderArn != nil && len(*s.SAMLProviderArn) < 20 {
 36949  		invalidParams.Add(request.NewErrParamMinLen("SAMLProviderArn", 20))
 36950  	}
 36951  	if s.Tags == nil {
 36952  		invalidParams.Add(request.NewErrParamRequired("Tags"))
 36953  	}
 36954  	if s.Tags != nil {
 36955  		for i, v := range s.Tags {
 36956  			if v == nil {
 36957  				continue
 36958  			}
 36959  			if err := v.Validate(); err != nil {
 36960  				invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Tags", i), err.(request.ErrInvalidParams))
 36961  			}
 36962  		}
 36963  	}
 36964  
 36965  	if invalidParams.Len() > 0 {
 36966  		return invalidParams
 36967  	}
 36968  	return nil
 36969  }
 36970  
 36971  // SetSAMLProviderArn sets the SAMLProviderArn field's value.
 36972  func (s *TagSAMLProviderInput) SetSAMLProviderArn(v string) *TagSAMLProviderInput {
 36973  	s.SAMLProviderArn = &v
 36974  	return s
 36975  }
 36976  
 36977  // SetTags sets the Tags field's value.
 36978  func (s *TagSAMLProviderInput) SetTags(v []*Tag) *TagSAMLProviderInput {
 36979  	s.Tags = v
 36980  	return s
 36981  }
 36982  
 36983  type TagSAMLProviderOutput struct {
 36984  	_ struct{} `type:"structure"`
 36985  }
 36986  
 36987  // String returns the string representation.
 36988  //
 36989  // API parameter values that are decorated as "sensitive" in the API will not
 36990  // be included in the string output. The member name will be present, but the
 36991  // value will be replaced with "sensitive".
 36992  func (s TagSAMLProviderOutput) String() string {
 36993  	return awsutil.Prettify(s)
 36994  }
 36995  
 36996  // GoString returns the string representation.
 36997  //
 36998  // API parameter values that are decorated as "sensitive" in the API will not
 36999  // be included in the string output. The member name will be present, but the
 37000  // value will be replaced with "sensitive".
 37001  func (s TagSAMLProviderOutput) GoString() string {
 37002  	return s.String()
 37003  }
 37004  
 37005  type TagServerCertificateInput struct {
 37006  	_ struct{} `type:"structure"`
 37007  
 37008  	// The name of the IAM server certificate to which you want to add tags.
 37009  	//
 37010  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 37011  	// a string of characters consisting of upper and lowercase alphanumeric characters
 37012  	// with no spaces. You can also include any of the following characters: _+=,.@-
 37013  	//
 37014  	// ServerCertificateName is a required field
 37015  	ServerCertificateName *string `min:"1" type:"string" required:"true"`
 37016  
 37017  	// The list of tags that you want to attach to the IAM server certificate. Each
 37018  	// tag consists of a key name and an associated value.
 37019  	//
 37020  	// Tags is a required field
 37021  	Tags []*Tag `type:"list" required:"true"`
 37022  }
 37023  
 37024  // String returns the string representation.
 37025  //
 37026  // API parameter values that are decorated as "sensitive" in the API will not
 37027  // be included in the string output. The member name will be present, but the
 37028  // value will be replaced with "sensitive".
 37029  func (s TagServerCertificateInput) String() string {
 37030  	return awsutil.Prettify(s)
 37031  }
 37032  
 37033  // GoString returns the string representation.
 37034  //
 37035  // API parameter values that are decorated as "sensitive" in the API will not
 37036  // be included in the string output. The member name will be present, but the
 37037  // value will be replaced with "sensitive".
 37038  func (s TagServerCertificateInput) GoString() string {
 37039  	return s.String()
 37040  }
 37041  
 37042  // Validate inspects the fields of the type to determine if they are valid.
 37043  func (s *TagServerCertificateInput) Validate() error {
 37044  	invalidParams := request.ErrInvalidParams{Context: "TagServerCertificateInput"}
 37045  	if s.ServerCertificateName == nil {
 37046  		invalidParams.Add(request.NewErrParamRequired("ServerCertificateName"))
 37047  	}
 37048  	if s.ServerCertificateName != nil && len(*s.ServerCertificateName) < 1 {
 37049  		invalidParams.Add(request.NewErrParamMinLen("ServerCertificateName", 1))
 37050  	}
 37051  	if s.Tags == nil {
 37052  		invalidParams.Add(request.NewErrParamRequired("Tags"))
 37053  	}
 37054  	if s.Tags != nil {
 37055  		for i, v := range s.Tags {
 37056  			if v == nil {
 37057  				continue
 37058  			}
 37059  			if err := v.Validate(); err != nil {
 37060  				invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Tags", i), err.(request.ErrInvalidParams))
 37061  			}
 37062  		}
 37063  	}
 37064  
 37065  	if invalidParams.Len() > 0 {
 37066  		return invalidParams
 37067  	}
 37068  	return nil
 37069  }
 37070  
 37071  // SetServerCertificateName sets the ServerCertificateName field's value.
 37072  func (s *TagServerCertificateInput) SetServerCertificateName(v string) *TagServerCertificateInput {
 37073  	s.ServerCertificateName = &v
 37074  	return s
 37075  }
 37076  
 37077  // SetTags sets the Tags field's value.
 37078  func (s *TagServerCertificateInput) SetTags(v []*Tag) *TagServerCertificateInput {
 37079  	s.Tags = v
 37080  	return s
 37081  }
 37082  
 37083  type TagServerCertificateOutput struct {
 37084  	_ struct{} `type:"structure"`
 37085  }
 37086  
 37087  // String returns the string representation.
 37088  //
 37089  // API parameter values that are decorated as "sensitive" in the API will not
 37090  // be included in the string output. The member name will be present, but the
 37091  // value will be replaced with "sensitive".
 37092  func (s TagServerCertificateOutput) String() string {
 37093  	return awsutil.Prettify(s)
 37094  }
 37095  
 37096  // GoString returns the string representation.
 37097  //
 37098  // API parameter values that are decorated as "sensitive" in the API will not
 37099  // be included in the string output. The member name will be present, but the
 37100  // value will be replaced with "sensitive".
 37101  func (s TagServerCertificateOutput) GoString() string {
 37102  	return s.String()
 37103  }
 37104  
 37105  type TagUserInput struct {
 37106  	_ struct{} `type:"structure"`
 37107  
 37108  	// The list of tags that you want to attach to the IAM user. Each tag consists
 37109  	// of a key name and an associated value.
 37110  	//
 37111  	// Tags is a required field
 37112  	Tags []*Tag `type:"list" required:"true"`
 37113  
 37114  	// The name of the IAM user to which you want to add tags.
 37115  	//
 37116  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 37117  	// a string of characters consisting of upper and lowercase alphanumeric characters
 37118  	// with no spaces. You can also include any of the following characters: _+=,.@-
 37119  	//
 37120  	// UserName is a required field
 37121  	UserName *string `min:"1" type:"string" required:"true"`
 37122  }
 37123  
 37124  // String returns the string representation.
 37125  //
 37126  // API parameter values that are decorated as "sensitive" in the API will not
 37127  // be included in the string output. The member name will be present, but the
 37128  // value will be replaced with "sensitive".
 37129  func (s TagUserInput) String() string {
 37130  	return awsutil.Prettify(s)
 37131  }
 37132  
 37133  // GoString returns the string representation.
 37134  //
 37135  // API parameter values that are decorated as "sensitive" in the API will not
 37136  // be included in the string output. The member name will be present, but the
 37137  // value will be replaced with "sensitive".
 37138  func (s TagUserInput) GoString() string {
 37139  	return s.String()
 37140  }
 37141  
 37142  // Validate inspects the fields of the type to determine if they are valid.
 37143  func (s *TagUserInput) Validate() error {
 37144  	invalidParams := request.ErrInvalidParams{Context: "TagUserInput"}
 37145  	if s.Tags == nil {
 37146  		invalidParams.Add(request.NewErrParamRequired("Tags"))
 37147  	}
 37148  	if s.UserName == nil {
 37149  		invalidParams.Add(request.NewErrParamRequired("UserName"))
 37150  	}
 37151  	if s.UserName != nil && len(*s.UserName) < 1 {
 37152  		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
 37153  	}
 37154  	if s.Tags != nil {
 37155  		for i, v := range s.Tags {
 37156  			if v == nil {
 37157  				continue
 37158  			}
 37159  			if err := v.Validate(); err != nil {
 37160  				invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Tags", i), err.(request.ErrInvalidParams))
 37161  			}
 37162  		}
 37163  	}
 37164  
 37165  	if invalidParams.Len() > 0 {
 37166  		return invalidParams
 37167  	}
 37168  	return nil
 37169  }
 37170  
 37171  // SetTags sets the Tags field's value.
 37172  func (s *TagUserInput) SetTags(v []*Tag) *TagUserInput {
 37173  	s.Tags = v
 37174  	return s
 37175  }
 37176  
 37177  // SetUserName sets the UserName field's value.
 37178  func (s *TagUserInput) SetUserName(v string) *TagUserInput {
 37179  	s.UserName = &v
 37180  	return s
 37181  }
 37182  
 37183  type TagUserOutput struct {
 37184  	_ struct{} `type:"structure"`
 37185  }
 37186  
 37187  // String returns the string representation.
 37188  //
 37189  // API parameter values that are decorated as "sensitive" in the API will not
 37190  // be included in the string output. The member name will be present, but the
 37191  // value will be replaced with "sensitive".
 37192  func (s TagUserOutput) String() string {
 37193  	return awsutil.Prettify(s)
 37194  }
 37195  
 37196  // GoString returns the string representation.
 37197  //
 37198  // API parameter values that are decorated as "sensitive" in the API will not
 37199  // be included in the string output. The member name will be present, but the
 37200  // value will be replaced with "sensitive".
 37201  func (s TagUserOutput) GoString() string {
 37202  	return s.String()
 37203  }
 37204  
 37205  // Contains details about the most recent attempt to access an action within
 37206  // the service.
 37207  //
 37208  // This data type is used as a response element in the GetServiceLastAccessedDetails
 37209  // operation.
 37210  type TrackedActionLastAccessed struct {
 37211  	_ struct{} `type:"structure"`
 37212  
 37213  	// The name of the tracked action to which access was attempted. Tracked actions
 37214  	// are actions that report activity to IAM.
 37215  	ActionName *string `type:"string"`
 37216  
 37217  	// The Amazon Resource Name (ARN). ARNs are unique identifiers for Amazon Web
 37218  	// Services resources.
 37219  	//
 37220  	// For more information about ARNs, go to Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
 37221  	// in the Amazon Web Services General Reference.
 37222  	LastAccessedEntity *string `min:"20" type:"string"`
 37223  
 37224  	// The Region from which the authenticated entity (user or role) last attempted
 37225  	// to access the tracked action. Amazon Web Services does not report unauthenticated
 37226  	// requests.
 37227  	//
 37228  	// This field is null if no IAM entities attempted to access the service within
 37229  	// the reporting period (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#service-last-accessed-reporting-period).
 37230  	LastAccessedRegion *string `type:"string"`
 37231  
 37232  	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
 37233  	// when an authenticated entity most recently attempted to access the tracked
 37234  	// service. Amazon Web Services does not report unauthenticated requests.
 37235  	//
 37236  	// This field is null if no IAM entities attempted to access the service within
 37237  	// the reporting period (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#service-last-accessed-reporting-period).
 37238  	LastAccessedTime *time.Time `type:"timestamp"`
 37239  }
 37240  
 37241  // String returns the string representation.
 37242  //
 37243  // API parameter values that are decorated as "sensitive" in the API will not
 37244  // be included in the string output. The member name will be present, but the
 37245  // value will be replaced with "sensitive".
 37246  func (s TrackedActionLastAccessed) String() string {
 37247  	return awsutil.Prettify(s)
 37248  }
 37249  
 37250  // GoString returns the string representation.
 37251  //
 37252  // API parameter values that are decorated as "sensitive" in the API will not
 37253  // be included in the string output. The member name will be present, but the
 37254  // value will be replaced with "sensitive".
 37255  func (s TrackedActionLastAccessed) GoString() string {
 37256  	return s.String()
 37257  }
 37258  
 37259  // SetActionName sets the ActionName field's value.
 37260  func (s *TrackedActionLastAccessed) SetActionName(v string) *TrackedActionLastAccessed {
 37261  	s.ActionName = &v
 37262  	return s
 37263  }
 37264  
 37265  // SetLastAccessedEntity sets the LastAccessedEntity field's value.
 37266  func (s *TrackedActionLastAccessed) SetLastAccessedEntity(v string) *TrackedActionLastAccessed {
 37267  	s.LastAccessedEntity = &v
 37268  	return s
 37269  }
 37270  
 37271  // SetLastAccessedRegion sets the LastAccessedRegion field's value.
 37272  func (s *TrackedActionLastAccessed) SetLastAccessedRegion(v string) *TrackedActionLastAccessed {
 37273  	s.LastAccessedRegion = &v
 37274  	return s
 37275  }
 37276  
 37277  // SetLastAccessedTime sets the LastAccessedTime field's value.
 37278  func (s *TrackedActionLastAccessed) SetLastAccessedTime(v time.Time) *TrackedActionLastAccessed {
 37279  	s.LastAccessedTime = &v
 37280  	return s
 37281  }
 37282  
 37283  type UntagInstanceProfileInput struct {
 37284  	_ struct{} `type:"structure"`
 37285  
 37286  	// The name of the IAM instance profile from which you want to remove tags.
 37287  	//
 37288  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 37289  	// a string of characters consisting of upper and lowercase alphanumeric characters
 37290  	// with no spaces. You can also include any of the following characters: _+=,.@-
 37291  	//
 37292  	// InstanceProfileName is a required field
 37293  	InstanceProfileName *string `min:"1" type:"string" required:"true"`
 37294  
 37295  	// A list of key names as a simple array of strings. The tags with matching
 37296  	// keys are removed from the specified instance profile.
 37297  	//
 37298  	// TagKeys is a required field
 37299  	TagKeys []*string `type:"list" required:"true"`
 37300  }
 37301  
 37302  // String returns the string representation.
 37303  //
 37304  // API parameter values that are decorated as "sensitive" in the API will not
 37305  // be included in the string output. The member name will be present, but the
 37306  // value will be replaced with "sensitive".
 37307  func (s UntagInstanceProfileInput) String() string {
 37308  	return awsutil.Prettify(s)
 37309  }
 37310  
 37311  // GoString returns the string representation.
 37312  //
 37313  // API parameter values that are decorated as "sensitive" in the API will not
 37314  // be included in the string output. The member name will be present, but the
 37315  // value will be replaced with "sensitive".
 37316  func (s UntagInstanceProfileInput) GoString() string {
 37317  	return s.String()
 37318  }
 37319  
 37320  // Validate inspects the fields of the type to determine if they are valid.
 37321  func (s *UntagInstanceProfileInput) Validate() error {
 37322  	invalidParams := request.ErrInvalidParams{Context: "UntagInstanceProfileInput"}
 37323  	if s.InstanceProfileName == nil {
 37324  		invalidParams.Add(request.NewErrParamRequired("InstanceProfileName"))
 37325  	}
 37326  	if s.InstanceProfileName != nil && len(*s.InstanceProfileName) < 1 {
 37327  		invalidParams.Add(request.NewErrParamMinLen("InstanceProfileName", 1))
 37328  	}
 37329  	if s.TagKeys == nil {
 37330  		invalidParams.Add(request.NewErrParamRequired("TagKeys"))
 37331  	}
 37332  
 37333  	if invalidParams.Len() > 0 {
 37334  		return invalidParams
 37335  	}
 37336  	return nil
 37337  }
 37338  
 37339  // SetInstanceProfileName sets the InstanceProfileName field's value.
 37340  func (s *UntagInstanceProfileInput) SetInstanceProfileName(v string) *UntagInstanceProfileInput {
 37341  	s.InstanceProfileName = &v
 37342  	return s
 37343  }
 37344  
 37345  // SetTagKeys sets the TagKeys field's value.
 37346  func (s *UntagInstanceProfileInput) SetTagKeys(v []*string) *UntagInstanceProfileInput {
 37347  	s.TagKeys = v
 37348  	return s
 37349  }
 37350  
 37351  type UntagInstanceProfileOutput struct {
 37352  	_ struct{} `type:"structure"`
 37353  }
 37354  
 37355  // String returns the string representation.
 37356  //
 37357  // API parameter values that are decorated as "sensitive" in the API will not
 37358  // be included in the string output. The member name will be present, but the
 37359  // value will be replaced with "sensitive".
 37360  func (s UntagInstanceProfileOutput) String() string {
 37361  	return awsutil.Prettify(s)
 37362  }
 37363  
 37364  // GoString returns the string representation.
 37365  //
 37366  // API parameter values that are decorated as "sensitive" in the API will not
 37367  // be included in the string output. The member name will be present, but the
 37368  // value will be replaced with "sensitive".
 37369  func (s UntagInstanceProfileOutput) GoString() string {
 37370  	return s.String()
 37371  }
 37372  
 37373  type UntagMFADeviceInput struct {
 37374  	_ struct{} `type:"structure"`
 37375  
 37376  	// The unique identifier for the IAM virtual MFA device from which you want
 37377  	// to remove tags. For virtual MFA devices, the serial number is the same as
 37378  	// the ARN.
 37379  	//
 37380  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 37381  	// a string of characters consisting of upper and lowercase alphanumeric characters
 37382  	// with no spaces. You can also include any of the following characters: _+=,.@-
 37383  	//
 37384  	// SerialNumber is a required field
 37385  	SerialNumber *string `min:"9" type:"string" required:"true"`
 37386  
 37387  	// A list of key names as a simple array of strings. The tags with matching
 37388  	// keys are removed from the specified instance profile.
 37389  	//
 37390  	// TagKeys is a required field
 37391  	TagKeys []*string `type:"list" required:"true"`
 37392  }
 37393  
 37394  // String returns the string representation.
 37395  //
 37396  // API parameter values that are decorated as "sensitive" in the API will not
 37397  // be included in the string output. The member name will be present, but the
 37398  // value will be replaced with "sensitive".
 37399  func (s UntagMFADeviceInput) String() string {
 37400  	return awsutil.Prettify(s)
 37401  }
 37402  
 37403  // GoString returns the string representation.
 37404  //
 37405  // API parameter values that are decorated as "sensitive" in the API will not
 37406  // be included in the string output. The member name will be present, but the
 37407  // value will be replaced with "sensitive".
 37408  func (s UntagMFADeviceInput) GoString() string {
 37409  	return s.String()
 37410  }
 37411  
 37412  // Validate inspects the fields of the type to determine if they are valid.
 37413  func (s *UntagMFADeviceInput) Validate() error {
 37414  	invalidParams := request.ErrInvalidParams{Context: "UntagMFADeviceInput"}
 37415  	if s.SerialNumber == nil {
 37416  		invalidParams.Add(request.NewErrParamRequired("SerialNumber"))
 37417  	}
 37418  	if s.SerialNumber != nil && len(*s.SerialNumber) < 9 {
 37419  		invalidParams.Add(request.NewErrParamMinLen("SerialNumber", 9))
 37420  	}
 37421  	if s.TagKeys == nil {
 37422  		invalidParams.Add(request.NewErrParamRequired("TagKeys"))
 37423  	}
 37424  
 37425  	if invalidParams.Len() > 0 {
 37426  		return invalidParams
 37427  	}
 37428  	return nil
 37429  }
 37430  
 37431  // SetSerialNumber sets the SerialNumber field's value.
 37432  func (s *UntagMFADeviceInput) SetSerialNumber(v string) *UntagMFADeviceInput {
 37433  	s.SerialNumber = &v
 37434  	return s
 37435  }
 37436  
 37437  // SetTagKeys sets the TagKeys field's value.
 37438  func (s *UntagMFADeviceInput) SetTagKeys(v []*string) *UntagMFADeviceInput {
 37439  	s.TagKeys = v
 37440  	return s
 37441  }
 37442  
 37443  type UntagMFADeviceOutput struct {
 37444  	_ struct{} `type:"structure"`
 37445  }
 37446  
 37447  // String returns the string representation.
 37448  //
 37449  // API parameter values that are decorated as "sensitive" in the API will not
 37450  // be included in the string output. The member name will be present, but the
 37451  // value will be replaced with "sensitive".
 37452  func (s UntagMFADeviceOutput) String() string {
 37453  	return awsutil.Prettify(s)
 37454  }
 37455  
 37456  // GoString returns the string representation.
 37457  //
 37458  // API parameter values that are decorated as "sensitive" in the API will not
 37459  // be included in the string output. The member name will be present, but the
 37460  // value will be replaced with "sensitive".
 37461  func (s UntagMFADeviceOutput) GoString() string {
 37462  	return s.String()
 37463  }
 37464  
 37465  type UntagOpenIDConnectProviderInput struct {
 37466  	_ struct{} `type:"structure"`
 37467  
 37468  	// The ARN of the OIDC provider in IAM from which you want to remove tags.
 37469  	//
 37470  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 37471  	// a string of characters consisting of upper and lowercase alphanumeric characters
 37472  	// with no spaces. You can also include any of the following characters: _+=,.@-
 37473  	//
 37474  	// OpenIDConnectProviderArn is a required field
 37475  	OpenIDConnectProviderArn *string `min:"20" type:"string" required:"true"`
 37476  
 37477  	// A list of key names as a simple array of strings. The tags with matching
 37478  	// keys are removed from the specified OIDC provider.
 37479  	//
 37480  	// TagKeys is a required field
 37481  	TagKeys []*string `type:"list" required:"true"`
 37482  }
 37483  
 37484  // String returns the string representation.
 37485  //
 37486  // API parameter values that are decorated as "sensitive" in the API will not
 37487  // be included in the string output. The member name will be present, but the
 37488  // value will be replaced with "sensitive".
 37489  func (s UntagOpenIDConnectProviderInput) String() string {
 37490  	return awsutil.Prettify(s)
 37491  }
 37492  
 37493  // GoString returns the string representation.
 37494  //
 37495  // API parameter values that are decorated as "sensitive" in the API will not
 37496  // be included in the string output. The member name will be present, but the
 37497  // value will be replaced with "sensitive".
 37498  func (s UntagOpenIDConnectProviderInput) GoString() string {
 37499  	return s.String()
 37500  }
 37501  
 37502  // Validate inspects the fields of the type to determine if they are valid.
 37503  func (s *UntagOpenIDConnectProviderInput) Validate() error {
 37504  	invalidParams := request.ErrInvalidParams{Context: "UntagOpenIDConnectProviderInput"}
 37505  	if s.OpenIDConnectProviderArn == nil {
 37506  		invalidParams.Add(request.NewErrParamRequired("OpenIDConnectProviderArn"))
 37507  	}
 37508  	if s.OpenIDConnectProviderArn != nil && len(*s.OpenIDConnectProviderArn) < 20 {
 37509  		invalidParams.Add(request.NewErrParamMinLen("OpenIDConnectProviderArn", 20))
 37510  	}
 37511  	if s.TagKeys == nil {
 37512  		invalidParams.Add(request.NewErrParamRequired("TagKeys"))
 37513  	}
 37514  
 37515  	if invalidParams.Len() > 0 {
 37516  		return invalidParams
 37517  	}
 37518  	return nil
 37519  }
 37520  
 37521  // SetOpenIDConnectProviderArn sets the OpenIDConnectProviderArn field's value.
 37522  func (s *UntagOpenIDConnectProviderInput) SetOpenIDConnectProviderArn(v string) *UntagOpenIDConnectProviderInput {
 37523  	s.OpenIDConnectProviderArn = &v
 37524  	return s
 37525  }
 37526  
 37527  // SetTagKeys sets the TagKeys field's value.
 37528  func (s *UntagOpenIDConnectProviderInput) SetTagKeys(v []*string) *UntagOpenIDConnectProviderInput {
 37529  	s.TagKeys = v
 37530  	return s
 37531  }
 37532  
 37533  type UntagOpenIDConnectProviderOutput struct {
 37534  	_ struct{} `type:"structure"`
 37535  }
 37536  
 37537  // String returns the string representation.
 37538  //
 37539  // API parameter values that are decorated as "sensitive" in the API will not
 37540  // be included in the string output. The member name will be present, but the
 37541  // value will be replaced with "sensitive".
 37542  func (s UntagOpenIDConnectProviderOutput) String() string {
 37543  	return awsutil.Prettify(s)
 37544  }
 37545  
 37546  // GoString returns the string representation.
 37547  //
 37548  // API parameter values that are decorated as "sensitive" in the API will not
 37549  // be included in the string output. The member name will be present, but the
 37550  // value will be replaced with "sensitive".
 37551  func (s UntagOpenIDConnectProviderOutput) GoString() string {
 37552  	return s.String()
 37553  }
 37554  
 37555  type UntagPolicyInput struct {
 37556  	_ struct{} `type:"structure"`
 37557  
 37558  	// The ARN of the IAM customer managed policy from which you want to remove
 37559  	// tags.
 37560  	//
 37561  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 37562  	// a string of characters consisting of upper and lowercase alphanumeric characters
 37563  	// with no spaces. You can also include any of the following characters: _+=,.@-
 37564  	//
 37565  	// PolicyArn is a required field
 37566  	PolicyArn *string `min:"20" type:"string" required:"true"`
 37567  
 37568  	// A list of key names as a simple array of strings. The tags with matching
 37569  	// keys are removed from the specified policy.
 37570  	//
 37571  	// TagKeys is a required field
 37572  	TagKeys []*string `type:"list" required:"true"`
 37573  }
 37574  
 37575  // String returns the string representation.
 37576  //
 37577  // API parameter values that are decorated as "sensitive" in the API will not
 37578  // be included in the string output. The member name will be present, but the
 37579  // value will be replaced with "sensitive".
 37580  func (s UntagPolicyInput) String() string {
 37581  	return awsutil.Prettify(s)
 37582  }
 37583  
 37584  // GoString returns the string representation.
 37585  //
 37586  // API parameter values that are decorated as "sensitive" in the API will not
 37587  // be included in the string output. The member name will be present, but the
 37588  // value will be replaced with "sensitive".
 37589  func (s UntagPolicyInput) GoString() string {
 37590  	return s.String()
 37591  }
 37592  
 37593  // Validate inspects the fields of the type to determine if they are valid.
 37594  func (s *UntagPolicyInput) Validate() error {
 37595  	invalidParams := request.ErrInvalidParams{Context: "UntagPolicyInput"}
 37596  	if s.PolicyArn == nil {
 37597  		invalidParams.Add(request.NewErrParamRequired("PolicyArn"))
 37598  	}
 37599  	if s.PolicyArn != nil && len(*s.PolicyArn) < 20 {
 37600  		invalidParams.Add(request.NewErrParamMinLen("PolicyArn", 20))
 37601  	}
 37602  	if s.TagKeys == nil {
 37603  		invalidParams.Add(request.NewErrParamRequired("TagKeys"))
 37604  	}
 37605  
 37606  	if invalidParams.Len() > 0 {
 37607  		return invalidParams
 37608  	}
 37609  	return nil
 37610  }
 37611  
 37612  // SetPolicyArn sets the PolicyArn field's value.
 37613  func (s *UntagPolicyInput) SetPolicyArn(v string) *UntagPolicyInput {
 37614  	s.PolicyArn = &v
 37615  	return s
 37616  }
 37617  
 37618  // SetTagKeys sets the TagKeys field's value.
 37619  func (s *UntagPolicyInput) SetTagKeys(v []*string) *UntagPolicyInput {
 37620  	s.TagKeys = v
 37621  	return s
 37622  }
 37623  
 37624  type UntagPolicyOutput struct {
 37625  	_ struct{} `type:"structure"`
 37626  }
 37627  
 37628  // String returns the string representation.
 37629  //
 37630  // API parameter values that are decorated as "sensitive" in the API will not
 37631  // be included in the string output. The member name will be present, but the
 37632  // value will be replaced with "sensitive".
 37633  func (s UntagPolicyOutput) String() string {
 37634  	return awsutil.Prettify(s)
 37635  }
 37636  
 37637  // GoString returns the string representation.
 37638  //
 37639  // API parameter values that are decorated as "sensitive" in the API will not
 37640  // be included in the string output. The member name will be present, but the
 37641  // value will be replaced with "sensitive".
 37642  func (s UntagPolicyOutput) GoString() string {
 37643  	return s.String()
 37644  }
 37645  
 37646  type UntagRoleInput struct {
 37647  	_ struct{} `type:"structure"`
 37648  
 37649  	// The name of the IAM role from which you want to remove tags.
 37650  	//
 37651  	// This parameter accepts (through its regex pattern (http://wikipedia.org/wiki/regex))
 37652  	// a string of characters that consist of upper and lowercase alphanumeric characters
 37653  	// with no spaces. You can also include any of the following characters: _+=,.@-
 37654  	//
 37655  	// RoleName is a required field
 37656  	RoleName *string `min:"1" type:"string" required:"true"`
 37657  
 37658  	// A list of key names as a simple array of strings. The tags with matching
 37659  	// keys are removed from the specified role.
 37660  	//
 37661  	// TagKeys is a required field
 37662  	TagKeys []*string `type:"list" required:"true"`
 37663  }
 37664  
 37665  // String returns the string representation.
 37666  //
 37667  // API parameter values that are decorated as "sensitive" in the API will not
 37668  // be included in the string output. The member name will be present, but the
 37669  // value will be replaced with "sensitive".
 37670  func (s UntagRoleInput) String() string {
 37671  	return awsutil.Prettify(s)
 37672  }
 37673  
 37674  // GoString returns the string representation.
 37675  //
 37676  // API parameter values that are decorated as "sensitive" in the API will not
 37677  // be included in the string output. The member name will be present, but the
 37678  // value will be replaced with "sensitive".
 37679  func (s UntagRoleInput) GoString() string {
 37680  	return s.String()
 37681  }
 37682  
 37683  // Validate inspects the fields of the type to determine if they are valid.
 37684  func (s *UntagRoleInput) Validate() error {
 37685  	invalidParams := request.ErrInvalidParams{Context: "UntagRoleInput"}
 37686  	if s.RoleName == nil {
 37687  		invalidParams.Add(request.NewErrParamRequired("RoleName"))
 37688  	}
 37689  	if s.RoleName != nil && len(*s.RoleName) < 1 {
 37690  		invalidParams.Add(request.NewErrParamMinLen("RoleName", 1))
 37691  	}
 37692  	if s.TagKeys == nil {
 37693  		invalidParams.Add(request.NewErrParamRequired("TagKeys"))
 37694  	}
 37695  
 37696  	if invalidParams.Len() > 0 {
 37697  		return invalidParams
 37698  	}
 37699  	return nil
 37700  }
 37701  
 37702  // SetRoleName sets the RoleName field's value.
 37703  func (s *UntagRoleInput) SetRoleName(v string) *UntagRoleInput {
 37704  	s.RoleName = &v
 37705  	return s
 37706  }
 37707  
 37708  // SetTagKeys sets the TagKeys field's value.
 37709  func (s *UntagRoleInput) SetTagKeys(v []*string) *UntagRoleInput {
 37710  	s.TagKeys = v
 37711  	return s
 37712  }
 37713  
 37714  type UntagRoleOutput struct {
 37715  	_ struct{} `type:"structure"`
 37716  }
 37717  
 37718  // String returns the string representation.
 37719  //
 37720  // API parameter values that are decorated as "sensitive" in the API will not
 37721  // be included in the string output. The member name will be present, but the
 37722  // value will be replaced with "sensitive".
 37723  func (s UntagRoleOutput) String() string {
 37724  	return awsutil.Prettify(s)
 37725  }
 37726  
 37727  // GoString returns the string representation.
 37728  //
 37729  // API parameter values that are decorated as "sensitive" in the API will not
 37730  // be included in the string output. The member name will be present, but the
 37731  // value will be replaced with "sensitive".
 37732  func (s UntagRoleOutput) GoString() string {
 37733  	return s.String()
 37734  }
 37735  
 37736  type UntagSAMLProviderInput struct {
 37737  	_ struct{} `type:"structure"`
 37738  
 37739  	// The ARN of the SAML identity provider in IAM from which you want to remove
 37740  	// tags.
 37741  	//
 37742  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 37743  	// a string of characters consisting of upper and lowercase alphanumeric characters
 37744  	// with no spaces. You can also include any of the following characters: _+=,.@-
 37745  	//
 37746  	// SAMLProviderArn is a required field
 37747  	SAMLProviderArn *string `min:"20" type:"string" required:"true"`
 37748  
 37749  	// A list of key names as a simple array of strings. The tags with matching
 37750  	// keys are removed from the specified SAML identity provider.
 37751  	//
 37752  	// TagKeys is a required field
 37753  	TagKeys []*string `type:"list" required:"true"`
 37754  }
 37755  
 37756  // String returns the string representation.
 37757  //
 37758  // API parameter values that are decorated as "sensitive" in the API will not
 37759  // be included in the string output. The member name will be present, but the
 37760  // value will be replaced with "sensitive".
 37761  func (s UntagSAMLProviderInput) String() string {
 37762  	return awsutil.Prettify(s)
 37763  }
 37764  
 37765  // GoString returns the string representation.
 37766  //
 37767  // API parameter values that are decorated as "sensitive" in the API will not
 37768  // be included in the string output. The member name will be present, but the
 37769  // value will be replaced with "sensitive".
 37770  func (s UntagSAMLProviderInput) GoString() string {
 37771  	return s.String()
 37772  }
 37773  
 37774  // Validate inspects the fields of the type to determine if they are valid.
 37775  func (s *UntagSAMLProviderInput) Validate() error {
 37776  	invalidParams := request.ErrInvalidParams{Context: "UntagSAMLProviderInput"}
 37777  	if s.SAMLProviderArn == nil {
 37778  		invalidParams.Add(request.NewErrParamRequired("SAMLProviderArn"))
 37779  	}
 37780  	if s.SAMLProviderArn != nil && len(*s.SAMLProviderArn) < 20 {
 37781  		invalidParams.Add(request.NewErrParamMinLen("SAMLProviderArn", 20))
 37782  	}
 37783  	if s.TagKeys == nil {
 37784  		invalidParams.Add(request.NewErrParamRequired("TagKeys"))
 37785  	}
 37786  
 37787  	if invalidParams.Len() > 0 {
 37788  		return invalidParams
 37789  	}
 37790  	return nil
 37791  }
 37792  
 37793  // SetSAMLProviderArn sets the SAMLProviderArn field's value.
 37794  func (s *UntagSAMLProviderInput) SetSAMLProviderArn(v string) *UntagSAMLProviderInput {
 37795  	s.SAMLProviderArn = &v
 37796  	return s
 37797  }
 37798  
 37799  // SetTagKeys sets the TagKeys field's value.
 37800  func (s *UntagSAMLProviderInput) SetTagKeys(v []*string) *UntagSAMLProviderInput {
 37801  	s.TagKeys = v
 37802  	return s
 37803  }
 37804  
 37805  type UntagSAMLProviderOutput struct {
 37806  	_ struct{} `type:"structure"`
 37807  }
 37808  
 37809  // String returns the string representation.
 37810  //
 37811  // API parameter values that are decorated as "sensitive" in the API will not
 37812  // be included in the string output. The member name will be present, but the
 37813  // value will be replaced with "sensitive".
 37814  func (s UntagSAMLProviderOutput) String() string {
 37815  	return awsutil.Prettify(s)
 37816  }
 37817  
 37818  // GoString returns the string representation.
 37819  //
 37820  // API parameter values that are decorated as "sensitive" in the API will not
 37821  // be included in the string output. The member name will be present, but the
 37822  // value will be replaced with "sensitive".
 37823  func (s UntagSAMLProviderOutput) GoString() string {
 37824  	return s.String()
 37825  }
 37826  
 37827  type UntagServerCertificateInput struct {
 37828  	_ struct{} `type:"structure"`
 37829  
 37830  	// The name of the IAM server certificate from which you want to remove tags.
 37831  	//
 37832  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 37833  	// a string of characters consisting of upper and lowercase alphanumeric characters
 37834  	// with no spaces. You can also include any of the following characters: _+=,.@-
 37835  	//
 37836  	// ServerCertificateName is a required field
 37837  	ServerCertificateName *string `min:"1" type:"string" required:"true"`
 37838  
 37839  	// A list of key names as a simple array of strings. The tags with matching
 37840  	// keys are removed from the specified IAM server certificate.
 37841  	//
 37842  	// TagKeys is a required field
 37843  	TagKeys []*string `type:"list" required:"true"`
 37844  }
 37845  
 37846  // String returns the string representation.
 37847  //
 37848  // API parameter values that are decorated as "sensitive" in the API will not
 37849  // be included in the string output. The member name will be present, but the
 37850  // value will be replaced with "sensitive".
 37851  func (s UntagServerCertificateInput) String() string {
 37852  	return awsutil.Prettify(s)
 37853  }
 37854  
 37855  // GoString returns the string representation.
 37856  //
 37857  // API parameter values that are decorated as "sensitive" in the API will not
 37858  // be included in the string output. The member name will be present, but the
 37859  // value will be replaced with "sensitive".
 37860  func (s UntagServerCertificateInput) GoString() string {
 37861  	return s.String()
 37862  }
 37863  
 37864  // Validate inspects the fields of the type to determine if they are valid.
 37865  func (s *UntagServerCertificateInput) Validate() error {
 37866  	invalidParams := request.ErrInvalidParams{Context: "UntagServerCertificateInput"}
 37867  	if s.ServerCertificateName == nil {
 37868  		invalidParams.Add(request.NewErrParamRequired("ServerCertificateName"))
 37869  	}
 37870  	if s.ServerCertificateName != nil && len(*s.ServerCertificateName) < 1 {
 37871  		invalidParams.Add(request.NewErrParamMinLen("ServerCertificateName", 1))
 37872  	}
 37873  	if s.TagKeys == nil {
 37874  		invalidParams.Add(request.NewErrParamRequired("TagKeys"))
 37875  	}
 37876  
 37877  	if invalidParams.Len() > 0 {
 37878  		return invalidParams
 37879  	}
 37880  	return nil
 37881  }
 37882  
 37883  // SetServerCertificateName sets the ServerCertificateName field's value.
 37884  func (s *UntagServerCertificateInput) SetServerCertificateName(v string) *UntagServerCertificateInput {
 37885  	s.ServerCertificateName = &v
 37886  	return s
 37887  }
 37888  
 37889  // SetTagKeys sets the TagKeys field's value.
 37890  func (s *UntagServerCertificateInput) SetTagKeys(v []*string) *UntagServerCertificateInput {
 37891  	s.TagKeys = v
 37892  	return s
 37893  }
 37894  
 37895  type UntagServerCertificateOutput struct {
 37896  	_ struct{} `type:"structure"`
 37897  }
 37898  
 37899  // String returns the string representation.
 37900  //
 37901  // API parameter values that are decorated as "sensitive" in the API will not
 37902  // be included in the string output. The member name will be present, but the
 37903  // value will be replaced with "sensitive".
 37904  func (s UntagServerCertificateOutput) String() string {
 37905  	return awsutil.Prettify(s)
 37906  }
 37907  
 37908  // GoString returns the string representation.
 37909  //
 37910  // API parameter values that are decorated as "sensitive" in the API will not
 37911  // be included in the string output. The member name will be present, but the
 37912  // value will be replaced with "sensitive".
 37913  func (s UntagServerCertificateOutput) GoString() string {
 37914  	return s.String()
 37915  }
 37916  
 37917  type UntagUserInput struct {
 37918  	_ struct{} `type:"structure"`
 37919  
 37920  	// A list of key names as a simple array of strings. The tags with matching
 37921  	// keys are removed from the specified user.
 37922  	//
 37923  	// TagKeys is a required field
 37924  	TagKeys []*string `type:"list" required:"true"`
 37925  
 37926  	// The name of the IAM user from which you want to remove tags.
 37927  	//
 37928  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 37929  	// a string of characters consisting of upper and lowercase alphanumeric characters
 37930  	// with no spaces. You can also include any of the following characters: _+=,.@-
 37931  	//
 37932  	// UserName is a required field
 37933  	UserName *string `min:"1" type:"string" required:"true"`
 37934  }
 37935  
 37936  // String returns the string representation.
 37937  //
 37938  // API parameter values that are decorated as "sensitive" in the API will not
 37939  // be included in the string output. The member name will be present, but the
 37940  // value will be replaced with "sensitive".
 37941  func (s UntagUserInput) String() string {
 37942  	return awsutil.Prettify(s)
 37943  }
 37944  
 37945  // GoString returns the string representation.
 37946  //
 37947  // API parameter values that are decorated as "sensitive" in the API will not
 37948  // be included in the string output. The member name will be present, but the
 37949  // value will be replaced with "sensitive".
 37950  func (s UntagUserInput) GoString() string {
 37951  	return s.String()
 37952  }
 37953  
 37954  // Validate inspects the fields of the type to determine if they are valid.
 37955  func (s *UntagUserInput) Validate() error {
 37956  	invalidParams := request.ErrInvalidParams{Context: "UntagUserInput"}
 37957  	if s.TagKeys == nil {
 37958  		invalidParams.Add(request.NewErrParamRequired("TagKeys"))
 37959  	}
 37960  	if s.UserName == nil {
 37961  		invalidParams.Add(request.NewErrParamRequired("UserName"))
 37962  	}
 37963  	if s.UserName != nil && len(*s.UserName) < 1 {
 37964  		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
 37965  	}
 37966  
 37967  	if invalidParams.Len() > 0 {
 37968  		return invalidParams
 37969  	}
 37970  	return nil
 37971  }
 37972  
 37973  // SetTagKeys sets the TagKeys field's value.
 37974  func (s *UntagUserInput) SetTagKeys(v []*string) *UntagUserInput {
 37975  	s.TagKeys = v
 37976  	return s
 37977  }
 37978  
 37979  // SetUserName sets the UserName field's value.
 37980  func (s *UntagUserInput) SetUserName(v string) *UntagUserInput {
 37981  	s.UserName = &v
 37982  	return s
 37983  }
 37984  
 37985  type UntagUserOutput struct {
 37986  	_ struct{} `type:"structure"`
 37987  }
 37988  
 37989  // String returns the string representation.
 37990  //
 37991  // API parameter values that are decorated as "sensitive" in the API will not
 37992  // be included in the string output. The member name will be present, but the
 37993  // value will be replaced with "sensitive".
 37994  func (s UntagUserOutput) String() string {
 37995  	return awsutil.Prettify(s)
 37996  }
 37997  
 37998  // GoString returns the string representation.
 37999  //
 38000  // API parameter values that are decorated as "sensitive" in the API will not
 38001  // be included in the string output. The member name will be present, but the
 38002  // value will be replaced with "sensitive".
 38003  func (s UntagUserOutput) GoString() string {
 38004  	return s.String()
 38005  }
 38006  
 38007  type UpdateAccessKeyInput struct {
 38008  	_ struct{} `type:"structure"`
 38009  
 38010  	// The access key ID of the secret access key you want to update.
 38011  	//
 38012  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 38013  	// a string of characters that can consist of any upper or lowercased letter
 38014  	// or digit.
 38015  	//
 38016  	// AccessKeyId is a required field
 38017  	AccessKeyId *string `min:"16" type:"string" required:"true"`
 38018  
 38019  	// The status you want to assign to the secret access key. Active means that
 38020  	// the key can be used for programmatic calls to Amazon Web Services, while
 38021  	// Inactive means that the key cannot be used.
 38022  	//
 38023  	// Status is a required field
 38024  	Status *string `type:"string" required:"true" enum:"StatusType"`
 38025  
 38026  	// The name of the user whose key you want to update.
 38027  	//
 38028  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 38029  	// a string of characters consisting of upper and lowercase alphanumeric characters
 38030  	// with no spaces. You can also include any of the following characters: _+=,.@-
 38031  	UserName *string `min:"1" type:"string"`
 38032  }
 38033  
 38034  // String returns the string representation.
 38035  //
 38036  // API parameter values that are decorated as "sensitive" in the API will not
 38037  // be included in the string output. The member name will be present, but the
 38038  // value will be replaced with "sensitive".
 38039  func (s UpdateAccessKeyInput) String() string {
 38040  	return awsutil.Prettify(s)
 38041  }
 38042  
 38043  // GoString returns the string representation.
 38044  //
 38045  // API parameter values that are decorated as "sensitive" in the API will not
 38046  // be included in the string output. The member name will be present, but the
 38047  // value will be replaced with "sensitive".
 38048  func (s UpdateAccessKeyInput) GoString() string {
 38049  	return s.String()
 38050  }
 38051  
 38052  // Validate inspects the fields of the type to determine if they are valid.
 38053  func (s *UpdateAccessKeyInput) Validate() error {
 38054  	invalidParams := request.ErrInvalidParams{Context: "UpdateAccessKeyInput"}
 38055  	if s.AccessKeyId == nil {
 38056  		invalidParams.Add(request.NewErrParamRequired("AccessKeyId"))
 38057  	}
 38058  	if s.AccessKeyId != nil && len(*s.AccessKeyId) < 16 {
 38059  		invalidParams.Add(request.NewErrParamMinLen("AccessKeyId", 16))
 38060  	}
 38061  	if s.Status == nil {
 38062  		invalidParams.Add(request.NewErrParamRequired("Status"))
 38063  	}
 38064  	if s.UserName != nil && len(*s.UserName) < 1 {
 38065  		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
 38066  	}
 38067  
 38068  	if invalidParams.Len() > 0 {
 38069  		return invalidParams
 38070  	}
 38071  	return nil
 38072  }
 38073  
 38074  // SetAccessKeyId sets the AccessKeyId field's value.
 38075  func (s *UpdateAccessKeyInput) SetAccessKeyId(v string) *UpdateAccessKeyInput {
 38076  	s.AccessKeyId = &v
 38077  	return s
 38078  }
 38079  
 38080  // SetStatus sets the Status field's value.
 38081  func (s *UpdateAccessKeyInput) SetStatus(v string) *UpdateAccessKeyInput {
 38082  	s.Status = &v
 38083  	return s
 38084  }
 38085  
 38086  // SetUserName sets the UserName field's value.
 38087  func (s *UpdateAccessKeyInput) SetUserName(v string) *UpdateAccessKeyInput {
 38088  	s.UserName = &v
 38089  	return s
 38090  }
 38091  
 38092  type UpdateAccessKeyOutput struct {
 38093  	_ struct{} `type:"structure"`
 38094  }
 38095  
 38096  // String returns the string representation.
 38097  //
 38098  // API parameter values that are decorated as "sensitive" in the API will not
 38099  // be included in the string output. The member name will be present, but the
 38100  // value will be replaced with "sensitive".
 38101  func (s UpdateAccessKeyOutput) String() string {
 38102  	return awsutil.Prettify(s)
 38103  }
 38104  
 38105  // GoString returns the string representation.
 38106  //
 38107  // API parameter values that are decorated as "sensitive" in the API will not
 38108  // be included in the string output. The member name will be present, but the
 38109  // value will be replaced with "sensitive".
 38110  func (s UpdateAccessKeyOutput) GoString() string {
 38111  	return s.String()
 38112  }
 38113  
 38114  type UpdateAccountPasswordPolicyInput struct {
 38115  	_ struct{} `type:"structure"`
 38116  
 38117  	// Allows all IAM users in your account to use the Amazon Web Services Management
 38118  	// Console to change their own passwords. For more information, see Letting
 38119  	// IAM users change their own passwords (https://docs.aws.amazon.com/IAM/latest/UserGuide/HowToPwdIAMUser.html)
 38120  	// in the IAM User Guide.
 38121  	//
 38122  	// If you do not specify a value for this parameter, then the operation uses
 38123  	// the default value of false. The result is that IAM users in the account do
 38124  	// not automatically have permissions to change their own password.
 38125  	AllowUsersToChangePassword *bool `type:"boolean"`
 38126  
 38127  	// Prevents IAM users from setting a new password after their password has expired.
 38128  	// The IAM user cannot be accessed until an administrator resets the password.
 38129  	//
 38130  	// If you do not specify a value for this parameter, then the operation uses
 38131  	// the default value of false. The result is that IAM users can change their
 38132  	// passwords after they expire and continue to sign in as the user.
 38133  	HardExpiry *bool `type:"boolean"`
 38134  
 38135  	// The number of days that an IAM user password is valid.
 38136  	//
 38137  	// If you do not specify a value for this parameter, then the operation uses
 38138  	// the default value of 0. The result is that IAM user passwords never expire.
 38139  	MaxPasswordAge *int64 `min:"1" type:"integer"`
 38140  
 38141  	// The minimum number of characters allowed in an IAM user password.
 38142  	//
 38143  	// If you do not specify a value for this parameter, then the operation uses
 38144  	// the default value of 6.
 38145  	MinimumPasswordLength *int64 `min:"6" type:"integer"`
 38146  
 38147  	// Specifies the number of previous passwords that IAM users are prevented from
 38148  	// reusing.
 38149  	//
 38150  	// If you do not specify a value for this parameter, then the operation uses
 38151  	// the default value of 0. The result is that IAM users are not prevented from
 38152  	// reusing previous passwords.
 38153  	PasswordReusePrevention *int64 `min:"1" type:"integer"`
 38154  
 38155  	// Specifies whether IAM user passwords must contain at least one lowercase
 38156  	// character from the ISO basic Latin alphabet (a to z).
 38157  	//
 38158  	// If you do not specify a value for this parameter, then the operation uses
 38159  	// the default value of false. The result is that passwords do not require at
 38160  	// least one lowercase character.
 38161  	RequireLowercaseCharacters *bool `type:"boolean"`
 38162  
 38163  	// Specifies whether IAM user passwords must contain at least one numeric character
 38164  	// (0 to 9).
 38165  	//
 38166  	// If you do not specify a value for this parameter, then the operation uses
 38167  	// the default value of false. The result is that passwords do not require at
 38168  	// least one numeric character.
 38169  	RequireNumbers *bool `type:"boolean"`
 38170  
 38171  	// Specifies whether IAM user passwords must contain at least one of the following
 38172  	// non-alphanumeric characters:
 38173  	//
 38174  	// ! @ # $ % ^ & * ( ) _ + - = [ ] { } | '
 38175  	//
 38176  	// If you do not specify a value for this parameter, then the operation uses
 38177  	// the default value of false. The result is that passwords do not require at
 38178  	// least one symbol character.
 38179  	RequireSymbols *bool `type:"boolean"`
 38180  
 38181  	// Specifies whether IAM user passwords must contain at least one uppercase
 38182  	// character from the ISO basic Latin alphabet (A to Z).
 38183  	//
 38184  	// If you do not specify a value for this parameter, then the operation uses
 38185  	// the default value of false. The result is that passwords do not require at
 38186  	// least one uppercase character.
 38187  	RequireUppercaseCharacters *bool `type:"boolean"`
 38188  }
 38189  
 38190  // String returns the string representation.
 38191  //
 38192  // API parameter values that are decorated as "sensitive" in the API will not
 38193  // be included in the string output. The member name will be present, but the
 38194  // value will be replaced with "sensitive".
 38195  func (s UpdateAccountPasswordPolicyInput) String() string {
 38196  	return awsutil.Prettify(s)
 38197  }
 38198  
 38199  // GoString returns the string representation.
 38200  //
 38201  // API parameter values that are decorated as "sensitive" in the API will not
 38202  // be included in the string output. The member name will be present, but the
 38203  // value will be replaced with "sensitive".
 38204  func (s UpdateAccountPasswordPolicyInput) GoString() string {
 38205  	return s.String()
 38206  }
 38207  
 38208  // Validate inspects the fields of the type to determine if they are valid.
 38209  func (s *UpdateAccountPasswordPolicyInput) Validate() error {
 38210  	invalidParams := request.ErrInvalidParams{Context: "UpdateAccountPasswordPolicyInput"}
 38211  	if s.MaxPasswordAge != nil && *s.MaxPasswordAge < 1 {
 38212  		invalidParams.Add(request.NewErrParamMinValue("MaxPasswordAge", 1))
 38213  	}
 38214  	if s.MinimumPasswordLength != nil && *s.MinimumPasswordLength < 6 {
 38215  		invalidParams.Add(request.NewErrParamMinValue("MinimumPasswordLength", 6))
 38216  	}
 38217  	if s.PasswordReusePrevention != nil && *s.PasswordReusePrevention < 1 {
 38218  		invalidParams.Add(request.NewErrParamMinValue("PasswordReusePrevention", 1))
 38219  	}
 38220  
 38221  	if invalidParams.Len() > 0 {
 38222  		return invalidParams
 38223  	}
 38224  	return nil
 38225  }
 38226  
 38227  // SetAllowUsersToChangePassword sets the AllowUsersToChangePassword field's value.
 38228  func (s *UpdateAccountPasswordPolicyInput) SetAllowUsersToChangePassword(v bool) *UpdateAccountPasswordPolicyInput {
 38229  	s.AllowUsersToChangePassword = &v
 38230  	return s
 38231  }
 38232  
 38233  // SetHardExpiry sets the HardExpiry field's value.
 38234  func (s *UpdateAccountPasswordPolicyInput) SetHardExpiry(v bool) *UpdateAccountPasswordPolicyInput {
 38235  	s.HardExpiry = &v
 38236  	return s
 38237  }
 38238  
 38239  // SetMaxPasswordAge sets the MaxPasswordAge field's value.
 38240  func (s *UpdateAccountPasswordPolicyInput) SetMaxPasswordAge(v int64) *UpdateAccountPasswordPolicyInput {
 38241  	s.MaxPasswordAge = &v
 38242  	return s
 38243  }
 38244  
 38245  // SetMinimumPasswordLength sets the MinimumPasswordLength field's value.
 38246  func (s *UpdateAccountPasswordPolicyInput) SetMinimumPasswordLength(v int64) *UpdateAccountPasswordPolicyInput {
 38247  	s.MinimumPasswordLength = &v
 38248  	return s
 38249  }
 38250  
 38251  // SetPasswordReusePrevention sets the PasswordReusePrevention field's value.
 38252  func (s *UpdateAccountPasswordPolicyInput) SetPasswordReusePrevention(v int64) *UpdateAccountPasswordPolicyInput {
 38253  	s.PasswordReusePrevention = &v
 38254  	return s
 38255  }
 38256  
 38257  // SetRequireLowercaseCharacters sets the RequireLowercaseCharacters field's value.
 38258  func (s *UpdateAccountPasswordPolicyInput) SetRequireLowercaseCharacters(v bool) *UpdateAccountPasswordPolicyInput {
 38259  	s.RequireLowercaseCharacters = &v
 38260  	return s
 38261  }
 38262  
 38263  // SetRequireNumbers sets the RequireNumbers field's value.
 38264  func (s *UpdateAccountPasswordPolicyInput) SetRequireNumbers(v bool) *UpdateAccountPasswordPolicyInput {
 38265  	s.RequireNumbers = &v
 38266  	return s
 38267  }
 38268  
 38269  // SetRequireSymbols sets the RequireSymbols field's value.
 38270  func (s *UpdateAccountPasswordPolicyInput) SetRequireSymbols(v bool) *UpdateAccountPasswordPolicyInput {
 38271  	s.RequireSymbols = &v
 38272  	return s
 38273  }
 38274  
 38275  // SetRequireUppercaseCharacters sets the RequireUppercaseCharacters field's value.
 38276  func (s *UpdateAccountPasswordPolicyInput) SetRequireUppercaseCharacters(v bool) *UpdateAccountPasswordPolicyInput {
 38277  	s.RequireUppercaseCharacters = &v
 38278  	return s
 38279  }
 38280  
 38281  type UpdateAccountPasswordPolicyOutput struct {
 38282  	_ struct{} `type:"structure"`
 38283  }
 38284  
 38285  // String returns the string representation.
 38286  //
 38287  // API parameter values that are decorated as "sensitive" in the API will not
 38288  // be included in the string output. The member name will be present, but the
 38289  // value will be replaced with "sensitive".
 38290  func (s UpdateAccountPasswordPolicyOutput) String() string {
 38291  	return awsutil.Prettify(s)
 38292  }
 38293  
 38294  // GoString returns the string representation.
 38295  //
 38296  // API parameter values that are decorated as "sensitive" in the API will not
 38297  // be included in the string output. The member name will be present, but the
 38298  // value will be replaced with "sensitive".
 38299  func (s UpdateAccountPasswordPolicyOutput) GoString() string {
 38300  	return s.String()
 38301  }
 38302  
 38303  type UpdateAssumeRolePolicyInput struct {
 38304  	_ struct{} `type:"structure"`
 38305  
 38306  	// The policy that grants an entity permission to assume the role.
 38307  	//
 38308  	// You must provide policies in JSON format in IAM. However, for CloudFormation
 38309  	// templates formatted in YAML, you can provide the policy in JSON or YAML format.
 38310  	// CloudFormation always converts a YAML policy to JSON format before submitting
 38311  	// it to IAM.
 38312  	//
 38313  	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
 38314  	// parameter is a string of characters consisting of the following:
 38315  	//
 38316  	//    * Any printable ASCII character ranging from the space character (\u0020)
 38317  	//    through the end of the ASCII character range
 38318  	//
 38319  	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
 38320  	//    set (through \u00FF)
 38321  	//
 38322  	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
 38323  	//    return (\u000D)
 38324  	//
 38325  	// PolicyDocument is a required field
 38326  	PolicyDocument *string `min:"1" type:"string" required:"true"`
 38327  
 38328  	// The name of the role to update with the new policy.
 38329  	//
 38330  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 38331  	// a string of characters consisting of upper and lowercase alphanumeric characters
 38332  	// with no spaces. You can also include any of the following characters: _+=,.@-
 38333  	//
 38334  	// RoleName is a required field
 38335  	RoleName *string `min:"1" type:"string" required:"true"`
 38336  }
 38337  
 38338  // String returns the string representation.
 38339  //
 38340  // API parameter values that are decorated as "sensitive" in the API will not
 38341  // be included in the string output. The member name will be present, but the
 38342  // value will be replaced with "sensitive".
 38343  func (s UpdateAssumeRolePolicyInput) String() string {
 38344  	return awsutil.Prettify(s)
 38345  }
 38346  
 38347  // GoString returns the string representation.
 38348  //
 38349  // API parameter values that are decorated as "sensitive" in the API will not
 38350  // be included in the string output. The member name will be present, but the
 38351  // value will be replaced with "sensitive".
 38352  func (s UpdateAssumeRolePolicyInput) GoString() string {
 38353  	return s.String()
 38354  }
 38355  
 38356  // Validate inspects the fields of the type to determine if they are valid.
 38357  func (s *UpdateAssumeRolePolicyInput) Validate() error {
 38358  	invalidParams := request.ErrInvalidParams{Context: "UpdateAssumeRolePolicyInput"}
 38359  	if s.PolicyDocument == nil {
 38360  		invalidParams.Add(request.NewErrParamRequired("PolicyDocument"))
 38361  	}
 38362  	if s.PolicyDocument != nil && len(*s.PolicyDocument) < 1 {
 38363  		invalidParams.Add(request.NewErrParamMinLen("PolicyDocument", 1))
 38364  	}
 38365  	if s.RoleName == nil {
 38366  		invalidParams.Add(request.NewErrParamRequired("RoleName"))
 38367  	}
 38368  	if s.RoleName != nil && len(*s.RoleName) < 1 {
 38369  		invalidParams.Add(request.NewErrParamMinLen("RoleName", 1))
 38370  	}
 38371  
 38372  	if invalidParams.Len() > 0 {
 38373  		return invalidParams
 38374  	}
 38375  	return nil
 38376  }
 38377  
 38378  // SetPolicyDocument sets the PolicyDocument field's value.
 38379  func (s *UpdateAssumeRolePolicyInput) SetPolicyDocument(v string) *UpdateAssumeRolePolicyInput {
 38380  	s.PolicyDocument = &v
 38381  	return s
 38382  }
 38383  
 38384  // SetRoleName sets the RoleName field's value.
 38385  func (s *UpdateAssumeRolePolicyInput) SetRoleName(v string) *UpdateAssumeRolePolicyInput {
 38386  	s.RoleName = &v
 38387  	return s
 38388  }
 38389  
 38390  type UpdateAssumeRolePolicyOutput struct {
 38391  	_ struct{} `type:"structure"`
 38392  }
 38393  
 38394  // String returns the string representation.
 38395  //
 38396  // API parameter values that are decorated as "sensitive" in the API will not
 38397  // be included in the string output. The member name will be present, but the
 38398  // value will be replaced with "sensitive".
 38399  func (s UpdateAssumeRolePolicyOutput) String() string {
 38400  	return awsutil.Prettify(s)
 38401  }
 38402  
 38403  // GoString returns the string representation.
 38404  //
 38405  // API parameter values that are decorated as "sensitive" in the API will not
 38406  // be included in the string output. The member name will be present, but the
 38407  // value will be replaced with "sensitive".
 38408  func (s UpdateAssumeRolePolicyOutput) GoString() string {
 38409  	return s.String()
 38410  }
 38411  
 38412  type UpdateGroupInput struct {
 38413  	_ struct{} `type:"structure"`
 38414  
 38415  	// Name of the IAM group to update. If you're changing the name of the group,
 38416  	// this is the original name.
 38417  	//
 38418  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 38419  	// a string of characters consisting of upper and lowercase alphanumeric characters
 38420  	// with no spaces. You can also include any of the following characters: _+=,.@-
 38421  	//
 38422  	// GroupName is a required field
 38423  	GroupName *string `min:"1" type:"string" required:"true"`
 38424  
 38425  	// New name for the IAM group. Only include this if changing the group's name.
 38426  	//
 38427  	// IAM user, group, role, and policy names must be unique within the account.
 38428  	// Names are not distinguished by case. For example, you cannot create resources
 38429  	// named both "MyResource" and "myresource".
 38430  	NewGroupName *string `min:"1" type:"string"`
 38431  
 38432  	// New path for the IAM group. Only include this if changing the group's path.
 38433  	//
 38434  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 38435  	// a string of characters consisting of either a forward slash (/) by itself
 38436  	// or a string that must begin and end with forward slashes. In addition, it
 38437  	// can contain any ASCII character from the ! (\u0021) through the DEL character
 38438  	// (\u007F), including most punctuation characters, digits, and upper and lowercased
 38439  	// letters.
 38440  	NewPath *string `min:"1" type:"string"`
 38441  }
 38442  
 38443  // String returns the string representation.
 38444  //
 38445  // API parameter values that are decorated as "sensitive" in the API will not
 38446  // be included in the string output. The member name will be present, but the
 38447  // value will be replaced with "sensitive".
 38448  func (s UpdateGroupInput) String() string {
 38449  	return awsutil.Prettify(s)
 38450  }
 38451  
 38452  // GoString returns the string representation.
 38453  //
 38454  // API parameter values that are decorated as "sensitive" in the API will not
 38455  // be included in the string output. The member name will be present, but the
 38456  // value will be replaced with "sensitive".
 38457  func (s UpdateGroupInput) GoString() string {
 38458  	return s.String()
 38459  }
 38460  
 38461  // Validate inspects the fields of the type to determine if they are valid.
 38462  func (s *UpdateGroupInput) Validate() error {
 38463  	invalidParams := request.ErrInvalidParams{Context: "UpdateGroupInput"}
 38464  	if s.GroupName == nil {
 38465  		invalidParams.Add(request.NewErrParamRequired("GroupName"))
 38466  	}
 38467  	if s.GroupName != nil && len(*s.GroupName) < 1 {
 38468  		invalidParams.Add(request.NewErrParamMinLen("GroupName", 1))
 38469  	}
 38470  	if s.NewGroupName != nil && len(*s.NewGroupName) < 1 {
 38471  		invalidParams.Add(request.NewErrParamMinLen("NewGroupName", 1))
 38472  	}
 38473  	if s.NewPath != nil && len(*s.NewPath) < 1 {
 38474  		invalidParams.Add(request.NewErrParamMinLen("NewPath", 1))
 38475  	}
 38476  
 38477  	if invalidParams.Len() > 0 {
 38478  		return invalidParams
 38479  	}
 38480  	return nil
 38481  }
 38482  
 38483  // SetGroupName sets the GroupName field's value.
 38484  func (s *UpdateGroupInput) SetGroupName(v string) *UpdateGroupInput {
 38485  	s.GroupName = &v
 38486  	return s
 38487  }
 38488  
 38489  // SetNewGroupName sets the NewGroupName field's value.
 38490  func (s *UpdateGroupInput) SetNewGroupName(v string) *UpdateGroupInput {
 38491  	s.NewGroupName = &v
 38492  	return s
 38493  }
 38494  
 38495  // SetNewPath sets the NewPath field's value.
 38496  func (s *UpdateGroupInput) SetNewPath(v string) *UpdateGroupInput {
 38497  	s.NewPath = &v
 38498  	return s
 38499  }
 38500  
 38501  type UpdateGroupOutput struct {
 38502  	_ struct{} `type:"structure"`
 38503  }
 38504  
 38505  // String returns the string representation.
 38506  //
 38507  // API parameter values that are decorated as "sensitive" in the API will not
 38508  // be included in the string output. The member name will be present, but the
 38509  // value will be replaced with "sensitive".
 38510  func (s UpdateGroupOutput) String() string {
 38511  	return awsutil.Prettify(s)
 38512  }
 38513  
 38514  // GoString returns the string representation.
 38515  //
 38516  // API parameter values that are decorated as "sensitive" in the API will not
 38517  // be included in the string output. The member name will be present, but the
 38518  // value will be replaced with "sensitive".
 38519  func (s UpdateGroupOutput) GoString() string {
 38520  	return s.String()
 38521  }
 38522  
 38523  type UpdateLoginProfileInput struct {
 38524  	_ struct{} `type:"structure"`
 38525  
 38526  	// The new password for the specified IAM user.
 38527  	//
 38528  	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
 38529  	// parameter is a string of characters consisting of the following:
 38530  	//
 38531  	//    * Any printable ASCII character ranging from the space character (\u0020)
 38532  	//    through the end of the ASCII character range
 38533  	//
 38534  	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
 38535  	//    set (through \u00FF)
 38536  	//
 38537  	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
 38538  	//    return (\u000D)
 38539  	//
 38540  	// However, the format can be further restricted by the account administrator
 38541  	// by setting a password policy on the Amazon Web Services account. For more
 38542  	// information, see UpdateAccountPasswordPolicy.
 38543  	//
 38544  	// Password is a sensitive parameter and its value will be
 38545  	// replaced with "sensitive" in string returned by UpdateLoginProfileInput's
 38546  	// String and GoString methods.
 38547  	Password *string `min:"1" type:"string" sensitive:"true"`
 38548  
 38549  	// Allows this new password to be used only once by requiring the specified
 38550  	// IAM user to set a new password on next sign-in.
 38551  	PasswordResetRequired *bool `type:"boolean"`
 38552  
 38553  	// The name of the user whose password you want to update.
 38554  	//
 38555  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 38556  	// a string of characters consisting of upper and lowercase alphanumeric characters
 38557  	// with no spaces. You can also include any of the following characters: _+=,.@-
 38558  	//
 38559  	// UserName is a required field
 38560  	UserName *string `min:"1" type:"string" required:"true"`
 38561  }
 38562  
 38563  // String returns the string representation.
 38564  //
 38565  // API parameter values that are decorated as "sensitive" in the API will not
 38566  // be included in the string output. The member name will be present, but the
 38567  // value will be replaced with "sensitive".
 38568  func (s UpdateLoginProfileInput) String() string {
 38569  	return awsutil.Prettify(s)
 38570  }
 38571  
 38572  // GoString returns the string representation.
 38573  //
 38574  // API parameter values that are decorated as "sensitive" in the API will not
 38575  // be included in the string output. The member name will be present, but the
 38576  // value will be replaced with "sensitive".
 38577  func (s UpdateLoginProfileInput) GoString() string {
 38578  	return s.String()
 38579  }
 38580  
 38581  // Validate inspects the fields of the type to determine if they are valid.
 38582  func (s *UpdateLoginProfileInput) Validate() error {
 38583  	invalidParams := request.ErrInvalidParams{Context: "UpdateLoginProfileInput"}
 38584  	if s.Password != nil && len(*s.Password) < 1 {
 38585  		invalidParams.Add(request.NewErrParamMinLen("Password", 1))
 38586  	}
 38587  	if s.UserName == nil {
 38588  		invalidParams.Add(request.NewErrParamRequired("UserName"))
 38589  	}
 38590  	if s.UserName != nil && len(*s.UserName) < 1 {
 38591  		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
 38592  	}
 38593  
 38594  	if invalidParams.Len() > 0 {
 38595  		return invalidParams
 38596  	}
 38597  	return nil
 38598  }
 38599  
 38600  // SetPassword sets the Password field's value.
 38601  func (s *UpdateLoginProfileInput) SetPassword(v string) *UpdateLoginProfileInput {
 38602  	s.Password = &v
 38603  	return s
 38604  }
 38605  
 38606  // SetPasswordResetRequired sets the PasswordResetRequired field's value.
 38607  func (s *UpdateLoginProfileInput) SetPasswordResetRequired(v bool) *UpdateLoginProfileInput {
 38608  	s.PasswordResetRequired = &v
 38609  	return s
 38610  }
 38611  
 38612  // SetUserName sets the UserName field's value.
 38613  func (s *UpdateLoginProfileInput) SetUserName(v string) *UpdateLoginProfileInput {
 38614  	s.UserName = &v
 38615  	return s
 38616  }
 38617  
 38618  type UpdateLoginProfileOutput struct {
 38619  	_ struct{} `type:"structure"`
 38620  }
 38621  
 38622  // String returns the string representation.
 38623  //
 38624  // API parameter values that are decorated as "sensitive" in the API will not
 38625  // be included in the string output. The member name will be present, but the
 38626  // value will be replaced with "sensitive".
 38627  func (s UpdateLoginProfileOutput) String() string {
 38628  	return awsutil.Prettify(s)
 38629  }
 38630  
 38631  // GoString returns the string representation.
 38632  //
 38633  // API parameter values that are decorated as "sensitive" in the API will not
 38634  // be included in the string output. The member name will be present, but the
 38635  // value will be replaced with "sensitive".
 38636  func (s UpdateLoginProfileOutput) GoString() string {
 38637  	return s.String()
 38638  }
 38639  
 38640  type UpdateOpenIDConnectProviderThumbprintInput struct {
 38641  	_ struct{} `type:"structure"`
 38642  
 38643  	// The Amazon Resource Name (ARN) of the IAM OIDC provider resource object for
 38644  	// which you want to update the thumbprint. You can get a list of OIDC provider
 38645  	// ARNs by using the ListOpenIDConnectProviders operation.
 38646  	//
 38647  	// For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
 38648  	// in the Amazon Web Services General Reference.
 38649  	//
 38650  	// OpenIDConnectProviderArn is a required field
 38651  	OpenIDConnectProviderArn *string `min:"20" type:"string" required:"true"`
 38652  
 38653  	// A list of certificate thumbprints that are associated with the specified
 38654  	// IAM OpenID Connect provider. For more information, see CreateOpenIDConnectProvider.
 38655  	//
 38656  	// ThumbprintList is a required field
 38657  	ThumbprintList []*string `type:"list" required:"true"`
 38658  }
 38659  
 38660  // String returns the string representation.
 38661  //
 38662  // API parameter values that are decorated as "sensitive" in the API will not
 38663  // be included in the string output. The member name will be present, but the
 38664  // value will be replaced with "sensitive".
 38665  func (s UpdateOpenIDConnectProviderThumbprintInput) String() string {
 38666  	return awsutil.Prettify(s)
 38667  }
 38668  
 38669  // GoString returns the string representation.
 38670  //
 38671  // API parameter values that are decorated as "sensitive" in the API will not
 38672  // be included in the string output. The member name will be present, but the
 38673  // value will be replaced with "sensitive".
 38674  func (s UpdateOpenIDConnectProviderThumbprintInput) GoString() string {
 38675  	return s.String()
 38676  }
 38677  
 38678  // Validate inspects the fields of the type to determine if they are valid.
 38679  func (s *UpdateOpenIDConnectProviderThumbprintInput) Validate() error {
 38680  	invalidParams := request.ErrInvalidParams{Context: "UpdateOpenIDConnectProviderThumbprintInput"}
 38681  	if s.OpenIDConnectProviderArn == nil {
 38682  		invalidParams.Add(request.NewErrParamRequired("OpenIDConnectProviderArn"))
 38683  	}
 38684  	if s.OpenIDConnectProviderArn != nil && len(*s.OpenIDConnectProviderArn) < 20 {
 38685  		invalidParams.Add(request.NewErrParamMinLen("OpenIDConnectProviderArn", 20))
 38686  	}
 38687  	if s.ThumbprintList == nil {
 38688  		invalidParams.Add(request.NewErrParamRequired("ThumbprintList"))
 38689  	}
 38690  
 38691  	if invalidParams.Len() > 0 {
 38692  		return invalidParams
 38693  	}
 38694  	return nil
 38695  }
 38696  
 38697  // SetOpenIDConnectProviderArn sets the OpenIDConnectProviderArn field's value.
 38698  func (s *UpdateOpenIDConnectProviderThumbprintInput) SetOpenIDConnectProviderArn(v string) *UpdateOpenIDConnectProviderThumbprintInput {
 38699  	s.OpenIDConnectProviderArn = &v
 38700  	return s
 38701  }
 38702  
 38703  // SetThumbprintList sets the ThumbprintList field's value.
 38704  func (s *UpdateOpenIDConnectProviderThumbprintInput) SetThumbprintList(v []*string) *UpdateOpenIDConnectProviderThumbprintInput {
 38705  	s.ThumbprintList = v
 38706  	return s
 38707  }
 38708  
 38709  type UpdateOpenIDConnectProviderThumbprintOutput struct {
 38710  	_ struct{} `type:"structure"`
 38711  }
 38712  
 38713  // String returns the string representation.
 38714  //
 38715  // API parameter values that are decorated as "sensitive" in the API will not
 38716  // be included in the string output. The member name will be present, but the
 38717  // value will be replaced with "sensitive".
 38718  func (s UpdateOpenIDConnectProviderThumbprintOutput) String() string {
 38719  	return awsutil.Prettify(s)
 38720  }
 38721  
 38722  // GoString returns the string representation.
 38723  //
 38724  // API parameter values that are decorated as "sensitive" in the API will not
 38725  // be included in the string output. The member name will be present, but the
 38726  // value will be replaced with "sensitive".
 38727  func (s UpdateOpenIDConnectProviderThumbprintOutput) GoString() string {
 38728  	return s.String()
 38729  }
 38730  
 38731  type UpdateRoleDescriptionInput struct {
 38732  	_ struct{} `type:"structure"`
 38733  
 38734  	// The new description that you want to apply to the specified role.
 38735  	//
 38736  	// Description is a required field
 38737  	Description *string `type:"string" required:"true"`
 38738  
 38739  	// The name of the role that you want to modify.
 38740  	//
 38741  	// RoleName is a required field
 38742  	RoleName *string `min:"1" type:"string" required:"true"`
 38743  }
 38744  
 38745  // String returns the string representation.
 38746  //
 38747  // API parameter values that are decorated as "sensitive" in the API will not
 38748  // be included in the string output. The member name will be present, but the
 38749  // value will be replaced with "sensitive".
 38750  func (s UpdateRoleDescriptionInput) String() string {
 38751  	return awsutil.Prettify(s)
 38752  }
 38753  
 38754  // GoString returns the string representation.
 38755  //
 38756  // API parameter values that are decorated as "sensitive" in the API will not
 38757  // be included in the string output. The member name will be present, but the
 38758  // value will be replaced with "sensitive".
 38759  func (s UpdateRoleDescriptionInput) GoString() string {
 38760  	return s.String()
 38761  }
 38762  
 38763  // Validate inspects the fields of the type to determine if they are valid.
 38764  func (s *UpdateRoleDescriptionInput) Validate() error {
 38765  	invalidParams := request.ErrInvalidParams{Context: "UpdateRoleDescriptionInput"}
 38766  	if s.Description == nil {
 38767  		invalidParams.Add(request.NewErrParamRequired("Description"))
 38768  	}
 38769  	if s.RoleName == nil {
 38770  		invalidParams.Add(request.NewErrParamRequired("RoleName"))
 38771  	}
 38772  	if s.RoleName != nil && len(*s.RoleName) < 1 {
 38773  		invalidParams.Add(request.NewErrParamMinLen("RoleName", 1))
 38774  	}
 38775  
 38776  	if invalidParams.Len() > 0 {
 38777  		return invalidParams
 38778  	}
 38779  	return nil
 38780  }
 38781  
 38782  // SetDescription sets the Description field's value.
 38783  func (s *UpdateRoleDescriptionInput) SetDescription(v string) *UpdateRoleDescriptionInput {
 38784  	s.Description = &v
 38785  	return s
 38786  }
 38787  
 38788  // SetRoleName sets the RoleName field's value.
 38789  func (s *UpdateRoleDescriptionInput) SetRoleName(v string) *UpdateRoleDescriptionInput {
 38790  	s.RoleName = &v
 38791  	return s
 38792  }
 38793  
 38794  type UpdateRoleDescriptionOutput struct {
 38795  	_ struct{} `type:"structure"`
 38796  
 38797  	// A structure that contains details about the modified role.
 38798  	Role *Role `type:"structure"`
 38799  }
 38800  
 38801  // String returns the string representation.
 38802  //
 38803  // API parameter values that are decorated as "sensitive" in the API will not
 38804  // be included in the string output. The member name will be present, but the
 38805  // value will be replaced with "sensitive".
 38806  func (s UpdateRoleDescriptionOutput) String() string {
 38807  	return awsutil.Prettify(s)
 38808  }
 38809  
 38810  // GoString returns the string representation.
 38811  //
 38812  // API parameter values that are decorated as "sensitive" in the API will not
 38813  // be included in the string output. The member name will be present, but the
 38814  // value will be replaced with "sensitive".
 38815  func (s UpdateRoleDescriptionOutput) GoString() string {
 38816  	return s.String()
 38817  }
 38818  
 38819  // SetRole sets the Role field's value.
 38820  func (s *UpdateRoleDescriptionOutput) SetRole(v *Role) *UpdateRoleDescriptionOutput {
 38821  	s.Role = v
 38822  	return s
 38823  }
 38824  
 38825  type UpdateRoleInput struct {
 38826  	_ struct{} `type:"structure"`
 38827  
 38828  	// The new description that you want to apply to the specified role.
 38829  	Description *string `type:"string"`
 38830  
 38831  	// The maximum session duration (in seconds) that you want to set for the specified
 38832  	// role. If you do not specify a value for this setting, the default maximum
 38833  	// of one hour is applied. This setting can have a value from 1 hour to 12 hours.
 38834  	//
 38835  	// Anyone who assumes the role from the CLI or API can use the DurationSeconds
 38836  	// API parameter or the duration-seconds CLI parameter to request a longer session.
 38837  	// The MaxSessionDuration setting determines the maximum duration that can be
 38838  	// requested using the DurationSeconds parameter. If users don't specify a value
 38839  	// for the DurationSeconds parameter, their security credentials are valid for
 38840  	// one hour by default. This applies when you use the AssumeRole* API operations
 38841  	// or the assume-role* CLI operations but does not apply when you use those
 38842  	// operations to create a console URL. For more information, see Using IAM roles
 38843  	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use.html) in the
 38844  	// IAM User Guide.
 38845  	MaxSessionDuration *int64 `min:"3600" type:"integer"`
 38846  
 38847  	// The name of the role that you want to modify.
 38848  	//
 38849  	// RoleName is a required field
 38850  	RoleName *string `min:"1" type:"string" required:"true"`
 38851  }
 38852  
 38853  // String returns the string representation.
 38854  //
 38855  // API parameter values that are decorated as "sensitive" in the API will not
 38856  // be included in the string output. The member name will be present, but the
 38857  // value will be replaced with "sensitive".
 38858  func (s UpdateRoleInput) String() string {
 38859  	return awsutil.Prettify(s)
 38860  }
 38861  
 38862  // GoString returns the string representation.
 38863  //
 38864  // API parameter values that are decorated as "sensitive" in the API will not
 38865  // be included in the string output. The member name will be present, but the
 38866  // value will be replaced with "sensitive".
 38867  func (s UpdateRoleInput) GoString() string {
 38868  	return s.String()
 38869  }
 38870  
 38871  // Validate inspects the fields of the type to determine if they are valid.
 38872  func (s *UpdateRoleInput) Validate() error {
 38873  	invalidParams := request.ErrInvalidParams{Context: "UpdateRoleInput"}
 38874  	if s.MaxSessionDuration != nil && *s.MaxSessionDuration < 3600 {
 38875  		invalidParams.Add(request.NewErrParamMinValue("MaxSessionDuration", 3600))
 38876  	}
 38877  	if s.RoleName == nil {
 38878  		invalidParams.Add(request.NewErrParamRequired("RoleName"))
 38879  	}
 38880  	if s.RoleName != nil && len(*s.RoleName) < 1 {
 38881  		invalidParams.Add(request.NewErrParamMinLen("RoleName", 1))
 38882  	}
 38883  
 38884  	if invalidParams.Len() > 0 {
 38885  		return invalidParams
 38886  	}
 38887  	return nil
 38888  }
 38889  
 38890  // SetDescription sets the Description field's value.
 38891  func (s *UpdateRoleInput) SetDescription(v string) *UpdateRoleInput {
 38892  	s.Description = &v
 38893  	return s
 38894  }
 38895  
 38896  // SetMaxSessionDuration sets the MaxSessionDuration field's value.
 38897  func (s *UpdateRoleInput) SetMaxSessionDuration(v int64) *UpdateRoleInput {
 38898  	s.MaxSessionDuration = &v
 38899  	return s
 38900  }
 38901  
 38902  // SetRoleName sets the RoleName field's value.
 38903  func (s *UpdateRoleInput) SetRoleName(v string) *UpdateRoleInput {
 38904  	s.RoleName = &v
 38905  	return s
 38906  }
 38907  
 38908  type UpdateRoleOutput struct {
 38909  	_ struct{} `type:"structure"`
 38910  }
 38911  
 38912  // String returns the string representation.
 38913  //
 38914  // API parameter values that are decorated as "sensitive" in the API will not
 38915  // be included in the string output. The member name will be present, but the
 38916  // value will be replaced with "sensitive".
 38917  func (s UpdateRoleOutput) String() string {
 38918  	return awsutil.Prettify(s)
 38919  }
 38920  
 38921  // GoString returns the string representation.
 38922  //
 38923  // API parameter values that are decorated as "sensitive" in the API will not
 38924  // be included in the string output. The member name will be present, but the
 38925  // value will be replaced with "sensitive".
 38926  func (s UpdateRoleOutput) GoString() string {
 38927  	return s.String()
 38928  }
 38929  
 38930  type UpdateSAMLProviderInput struct {
 38931  	_ struct{} `type:"structure"`
 38932  
 38933  	// An XML document generated by an identity provider (IdP) that supports SAML
 38934  	// 2.0. The document includes the issuer's name, expiration information, and
 38935  	// keys that can be used to validate the SAML authentication response (assertions)
 38936  	// that are received from the IdP. You must generate the metadata document using
 38937  	// the identity management software that is used as your organization's IdP.
 38938  	//
 38939  	// SAMLMetadataDocument is a required field
 38940  	SAMLMetadataDocument *string `min:"1000" type:"string" required:"true"`
 38941  
 38942  	// The Amazon Resource Name (ARN) of the SAML provider to update.
 38943  	//
 38944  	// For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
 38945  	// in the Amazon Web Services General Reference.
 38946  	//
 38947  	// SAMLProviderArn is a required field
 38948  	SAMLProviderArn *string `min:"20" type:"string" required:"true"`
 38949  }
 38950  
 38951  // String returns the string representation.
 38952  //
 38953  // API parameter values that are decorated as "sensitive" in the API will not
 38954  // be included in the string output. The member name will be present, but the
 38955  // value will be replaced with "sensitive".
 38956  func (s UpdateSAMLProviderInput) String() string {
 38957  	return awsutil.Prettify(s)
 38958  }
 38959  
 38960  // GoString returns the string representation.
 38961  //
 38962  // API parameter values that are decorated as "sensitive" in the API will not
 38963  // be included in the string output. The member name will be present, but the
 38964  // value will be replaced with "sensitive".
 38965  func (s UpdateSAMLProviderInput) GoString() string {
 38966  	return s.String()
 38967  }
 38968  
 38969  // Validate inspects the fields of the type to determine if they are valid.
 38970  func (s *UpdateSAMLProviderInput) Validate() error {
 38971  	invalidParams := request.ErrInvalidParams{Context: "UpdateSAMLProviderInput"}
 38972  	if s.SAMLMetadataDocument == nil {
 38973  		invalidParams.Add(request.NewErrParamRequired("SAMLMetadataDocument"))
 38974  	}
 38975  	if s.SAMLMetadataDocument != nil && len(*s.SAMLMetadataDocument) < 1000 {
 38976  		invalidParams.Add(request.NewErrParamMinLen("SAMLMetadataDocument", 1000))
 38977  	}
 38978  	if s.SAMLProviderArn == nil {
 38979  		invalidParams.Add(request.NewErrParamRequired("SAMLProviderArn"))
 38980  	}
 38981  	if s.SAMLProviderArn != nil && len(*s.SAMLProviderArn) < 20 {
 38982  		invalidParams.Add(request.NewErrParamMinLen("SAMLProviderArn", 20))
 38983  	}
 38984  
 38985  	if invalidParams.Len() > 0 {
 38986  		return invalidParams
 38987  	}
 38988  	return nil
 38989  }
 38990  
 38991  // SetSAMLMetadataDocument sets the SAMLMetadataDocument field's value.
 38992  func (s *UpdateSAMLProviderInput) SetSAMLMetadataDocument(v string) *UpdateSAMLProviderInput {
 38993  	s.SAMLMetadataDocument = &v
 38994  	return s
 38995  }
 38996  
 38997  // SetSAMLProviderArn sets the SAMLProviderArn field's value.
 38998  func (s *UpdateSAMLProviderInput) SetSAMLProviderArn(v string) *UpdateSAMLProviderInput {
 38999  	s.SAMLProviderArn = &v
 39000  	return s
 39001  }
 39002  
 39003  // Contains the response to a successful UpdateSAMLProvider request.
 39004  type UpdateSAMLProviderOutput struct {
 39005  	_ struct{} `type:"structure"`
 39006  
 39007  	// The Amazon Resource Name (ARN) of the SAML provider that was updated.
 39008  	SAMLProviderArn *string `min:"20" type:"string"`
 39009  }
 39010  
 39011  // String returns the string representation.
 39012  //
 39013  // API parameter values that are decorated as "sensitive" in the API will not
 39014  // be included in the string output. The member name will be present, but the
 39015  // value will be replaced with "sensitive".
 39016  func (s UpdateSAMLProviderOutput) String() string {
 39017  	return awsutil.Prettify(s)
 39018  }
 39019  
 39020  // GoString returns the string representation.
 39021  //
 39022  // API parameter values that are decorated as "sensitive" in the API will not
 39023  // be included in the string output. The member name will be present, but the
 39024  // value will be replaced with "sensitive".
 39025  func (s UpdateSAMLProviderOutput) GoString() string {
 39026  	return s.String()
 39027  }
 39028  
 39029  // SetSAMLProviderArn sets the SAMLProviderArn field's value.
 39030  func (s *UpdateSAMLProviderOutput) SetSAMLProviderArn(v string) *UpdateSAMLProviderOutput {
 39031  	s.SAMLProviderArn = &v
 39032  	return s
 39033  }
 39034  
 39035  type UpdateSSHPublicKeyInput struct {
 39036  	_ struct{} `type:"structure"`
 39037  
 39038  	// The unique identifier for the SSH public key.
 39039  	//
 39040  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 39041  	// a string of characters that can consist of any upper or lowercased letter
 39042  	// or digit.
 39043  	//
 39044  	// SSHPublicKeyId is a required field
 39045  	SSHPublicKeyId *string `min:"20" type:"string" required:"true"`
 39046  
 39047  	// The status to assign to the SSH public key. Active means that the key can
 39048  	// be used for authentication with an CodeCommit repository. Inactive means
 39049  	// that the key cannot be used.
 39050  	//
 39051  	// Status is a required field
 39052  	Status *string `type:"string" required:"true" enum:"StatusType"`
 39053  
 39054  	// The name of the IAM user associated with the SSH public key.
 39055  	//
 39056  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 39057  	// a string of characters consisting of upper and lowercase alphanumeric characters
 39058  	// with no spaces. You can also include any of the following characters: _+=,.@-
 39059  	//
 39060  	// UserName is a required field
 39061  	UserName *string `min:"1" type:"string" required:"true"`
 39062  }
 39063  
 39064  // String returns the string representation.
 39065  //
 39066  // API parameter values that are decorated as "sensitive" in the API will not
 39067  // be included in the string output. The member name will be present, but the
 39068  // value will be replaced with "sensitive".
 39069  func (s UpdateSSHPublicKeyInput) String() string {
 39070  	return awsutil.Prettify(s)
 39071  }
 39072  
 39073  // GoString returns the string representation.
 39074  //
 39075  // API parameter values that are decorated as "sensitive" in the API will not
 39076  // be included in the string output. The member name will be present, but the
 39077  // value will be replaced with "sensitive".
 39078  func (s UpdateSSHPublicKeyInput) GoString() string {
 39079  	return s.String()
 39080  }
 39081  
 39082  // Validate inspects the fields of the type to determine if they are valid.
 39083  func (s *UpdateSSHPublicKeyInput) Validate() error {
 39084  	invalidParams := request.ErrInvalidParams{Context: "UpdateSSHPublicKeyInput"}
 39085  	if s.SSHPublicKeyId == nil {
 39086  		invalidParams.Add(request.NewErrParamRequired("SSHPublicKeyId"))
 39087  	}
 39088  	if s.SSHPublicKeyId != nil && len(*s.SSHPublicKeyId) < 20 {
 39089  		invalidParams.Add(request.NewErrParamMinLen("SSHPublicKeyId", 20))
 39090  	}
 39091  	if s.Status == nil {
 39092  		invalidParams.Add(request.NewErrParamRequired("Status"))
 39093  	}
 39094  	if s.UserName == nil {
 39095  		invalidParams.Add(request.NewErrParamRequired("UserName"))
 39096  	}
 39097  	if s.UserName != nil && len(*s.UserName) < 1 {
 39098  		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
 39099  	}
 39100  
 39101  	if invalidParams.Len() > 0 {
 39102  		return invalidParams
 39103  	}
 39104  	return nil
 39105  }
 39106  
 39107  // SetSSHPublicKeyId sets the SSHPublicKeyId field's value.
 39108  func (s *UpdateSSHPublicKeyInput) SetSSHPublicKeyId(v string) *UpdateSSHPublicKeyInput {
 39109  	s.SSHPublicKeyId = &v
 39110  	return s
 39111  }
 39112  
 39113  // SetStatus sets the Status field's value.
 39114  func (s *UpdateSSHPublicKeyInput) SetStatus(v string) *UpdateSSHPublicKeyInput {
 39115  	s.Status = &v
 39116  	return s
 39117  }
 39118  
 39119  // SetUserName sets the UserName field's value.
 39120  func (s *UpdateSSHPublicKeyInput) SetUserName(v string) *UpdateSSHPublicKeyInput {
 39121  	s.UserName = &v
 39122  	return s
 39123  }
 39124  
 39125  type UpdateSSHPublicKeyOutput struct {
 39126  	_ struct{} `type:"structure"`
 39127  }
 39128  
 39129  // String returns the string representation.
 39130  //
 39131  // API parameter values that are decorated as "sensitive" in the API will not
 39132  // be included in the string output. The member name will be present, but the
 39133  // value will be replaced with "sensitive".
 39134  func (s UpdateSSHPublicKeyOutput) String() string {
 39135  	return awsutil.Prettify(s)
 39136  }
 39137  
 39138  // GoString returns the string representation.
 39139  //
 39140  // API parameter values that are decorated as "sensitive" in the API will not
 39141  // be included in the string output. The member name will be present, but the
 39142  // value will be replaced with "sensitive".
 39143  func (s UpdateSSHPublicKeyOutput) GoString() string {
 39144  	return s.String()
 39145  }
 39146  
 39147  type UpdateServerCertificateInput struct {
 39148  	_ struct{} `type:"structure"`
 39149  
 39150  	// The new path for the server certificate. Include this only if you are updating
 39151  	// the server certificate's path.
 39152  	//
 39153  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 39154  	// a string of characters consisting of either a forward slash (/) by itself
 39155  	// or a string that must begin and end with forward slashes. In addition, it
 39156  	// can contain any ASCII character from the ! (\u0021) through the DEL character
 39157  	// (\u007F), including most punctuation characters, digits, and upper and lowercased
 39158  	// letters.
 39159  	NewPath *string `min:"1" type:"string"`
 39160  
 39161  	// The new name for the server certificate. Include this only if you are updating
 39162  	// the server certificate's name. The name of the certificate cannot contain
 39163  	// any spaces.
 39164  	//
 39165  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 39166  	// a string of characters consisting of upper and lowercase alphanumeric characters
 39167  	// with no spaces. You can also include any of the following characters: _+=,.@-
 39168  	NewServerCertificateName *string `min:"1" type:"string"`
 39169  
 39170  	// The name of the server certificate that you want to update.
 39171  	//
 39172  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 39173  	// a string of characters consisting of upper and lowercase alphanumeric characters
 39174  	// with no spaces. You can also include any of the following characters: _+=,.@-
 39175  	//
 39176  	// ServerCertificateName is a required field
 39177  	ServerCertificateName *string `min:"1" type:"string" required:"true"`
 39178  }
 39179  
 39180  // String returns the string representation.
 39181  //
 39182  // API parameter values that are decorated as "sensitive" in the API will not
 39183  // be included in the string output. The member name will be present, but the
 39184  // value will be replaced with "sensitive".
 39185  func (s UpdateServerCertificateInput) String() string {
 39186  	return awsutil.Prettify(s)
 39187  }
 39188  
 39189  // GoString returns the string representation.
 39190  //
 39191  // API parameter values that are decorated as "sensitive" in the API will not
 39192  // be included in the string output. The member name will be present, but the
 39193  // value will be replaced with "sensitive".
 39194  func (s UpdateServerCertificateInput) GoString() string {
 39195  	return s.String()
 39196  }
 39197  
 39198  // Validate inspects the fields of the type to determine if they are valid.
 39199  func (s *UpdateServerCertificateInput) Validate() error {
 39200  	invalidParams := request.ErrInvalidParams{Context: "UpdateServerCertificateInput"}
 39201  	if s.NewPath != nil && len(*s.NewPath) < 1 {
 39202  		invalidParams.Add(request.NewErrParamMinLen("NewPath", 1))
 39203  	}
 39204  	if s.NewServerCertificateName != nil && len(*s.NewServerCertificateName) < 1 {
 39205  		invalidParams.Add(request.NewErrParamMinLen("NewServerCertificateName", 1))
 39206  	}
 39207  	if s.ServerCertificateName == nil {
 39208  		invalidParams.Add(request.NewErrParamRequired("ServerCertificateName"))
 39209  	}
 39210  	if s.ServerCertificateName != nil && len(*s.ServerCertificateName) < 1 {
 39211  		invalidParams.Add(request.NewErrParamMinLen("ServerCertificateName", 1))
 39212  	}
 39213  
 39214  	if invalidParams.Len() > 0 {
 39215  		return invalidParams
 39216  	}
 39217  	return nil
 39218  }
 39219  
 39220  // SetNewPath sets the NewPath field's value.
 39221  func (s *UpdateServerCertificateInput) SetNewPath(v string) *UpdateServerCertificateInput {
 39222  	s.NewPath = &v
 39223  	return s
 39224  }
 39225  
 39226  // SetNewServerCertificateName sets the NewServerCertificateName field's value.
 39227  func (s *UpdateServerCertificateInput) SetNewServerCertificateName(v string) *UpdateServerCertificateInput {
 39228  	s.NewServerCertificateName = &v
 39229  	return s
 39230  }
 39231  
 39232  // SetServerCertificateName sets the ServerCertificateName field's value.
 39233  func (s *UpdateServerCertificateInput) SetServerCertificateName(v string) *UpdateServerCertificateInput {
 39234  	s.ServerCertificateName = &v
 39235  	return s
 39236  }
 39237  
 39238  type UpdateServerCertificateOutput struct {
 39239  	_ struct{} `type:"structure"`
 39240  }
 39241  
 39242  // String returns the string representation.
 39243  //
 39244  // API parameter values that are decorated as "sensitive" in the API will not
 39245  // be included in the string output. The member name will be present, but the
 39246  // value will be replaced with "sensitive".
 39247  func (s UpdateServerCertificateOutput) String() string {
 39248  	return awsutil.Prettify(s)
 39249  }
 39250  
 39251  // GoString returns the string representation.
 39252  //
 39253  // API parameter values that are decorated as "sensitive" in the API will not
 39254  // be included in the string output. The member name will be present, but the
 39255  // value will be replaced with "sensitive".
 39256  func (s UpdateServerCertificateOutput) GoString() string {
 39257  	return s.String()
 39258  }
 39259  
 39260  type UpdateServiceSpecificCredentialInput struct {
 39261  	_ struct{} `type:"structure"`
 39262  
 39263  	// The unique identifier of the service-specific credential.
 39264  	//
 39265  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 39266  	// a string of characters that can consist of any upper or lowercased letter
 39267  	// or digit.
 39268  	//
 39269  	// ServiceSpecificCredentialId is a required field
 39270  	ServiceSpecificCredentialId *string `min:"20" type:"string" required:"true"`
 39271  
 39272  	// The status to be assigned to the service-specific credential.
 39273  	//
 39274  	// Status is a required field
 39275  	Status *string `type:"string" required:"true" enum:"StatusType"`
 39276  
 39277  	// The name of the IAM user associated with the service-specific credential.
 39278  	// If you do not specify this value, then the operation assumes the user whose
 39279  	// credentials are used to call the operation.
 39280  	//
 39281  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 39282  	// a string of characters consisting of upper and lowercase alphanumeric characters
 39283  	// with no spaces. You can also include any of the following characters: _+=,.@-
 39284  	UserName *string `min:"1" type:"string"`
 39285  }
 39286  
 39287  // String returns the string representation.
 39288  //
 39289  // API parameter values that are decorated as "sensitive" in the API will not
 39290  // be included in the string output. The member name will be present, but the
 39291  // value will be replaced with "sensitive".
 39292  func (s UpdateServiceSpecificCredentialInput) String() string {
 39293  	return awsutil.Prettify(s)
 39294  }
 39295  
 39296  // GoString returns the string representation.
 39297  //
 39298  // API parameter values that are decorated as "sensitive" in the API will not
 39299  // be included in the string output. The member name will be present, but the
 39300  // value will be replaced with "sensitive".
 39301  func (s UpdateServiceSpecificCredentialInput) GoString() string {
 39302  	return s.String()
 39303  }
 39304  
 39305  // Validate inspects the fields of the type to determine if they are valid.
 39306  func (s *UpdateServiceSpecificCredentialInput) Validate() error {
 39307  	invalidParams := request.ErrInvalidParams{Context: "UpdateServiceSpecificCredentialInput"}
 39308  	if s.ServiceSpecificCredentialId == nil {
 39309  		invalidParams.Add(request.NewErrParamRequired("ServiceSpecificCredentialId"))
 39310  	}
 39311  	if s.ServiceSpecificCredentialId != nil && len(*s.ServiceSpecificCredentialId) < 20 {
 39312  		invalidParams.Add(request.NewErrParamMinLen("ServiceSpecificCredentialId", 20))
 39313  	}
 39314  	if s.Status == nil {
 39315  		invalidParams.Add(request.NewErrParamRequired("Status"))
 39316  	}
 39317  	if s.UserName != nil && len(*s.UserName) < 1 {
 39318  		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
 39319  	}
 39320  
 39321  	if invalidParams.Len() > 0 {
 39322  		return invalidParams
 39323  	}
 39324  	return nil
 39325  }
 39326  
 39327  // SetServiceSpecificCredentialId sets the ServiceSpecificCredentialId field's value.
 39328  func (s *UpdateServiceSpecificCredentialInput) SetServiceSpecificCredentialId(v string) *UpdateServiceSpecificCredentialInput {
 39329  	s.ServiceSpecificCredentialId = &v
 39330  	return s
 39331  }
 39332  
 39333  // SetStatus sets the Status field's value.
 39334  func (s *UpdateServiceSpecificCredentialInput) SetStatus(v string) *UpdateServiceSpecificCredentialInput {
 39335  	s.Status = &v
 39336  	return s
 39337  }
 39338  
 39339  // SetUserName sets the UserName field's value.
 39340  func (s *UpdateServiceSpecificCredentialInput) SetUserName(v string) *UpdateServiceSpecificCredentialInput {
 39341  	s.UserName = &v
 39342  	return s
 39343  }
 39344  
 39345  type UpdateServiceSpecificCredentialOutput struct {
 39346  	_ struct{} `type:"structure"`
 39347  }
 39348  
 39349  // String returns the string representation.
 39350  //
 39351  // API parameter values that are decorated as "sensitive" in the API will not
 39352  // be included in the string output. The member name will be present, but the
 39353  // value will be replaced with "sensitive".
 39354  func (s UpdateServiceSpecificCredentialOutput) String() string {
 39355  	return awsutil.Prettify(s)
 39356  }
 39357  
 39358  // GoString returns the string representation.
 39359  //
 39360  // API parameter values that are decorated as "sensitive" in the API will not
 39361  // be included in the string output. The member name will be present, but the
 39362  // value will be replaced with "sensitive".
 39363  func (s UpdateServiceSpecificCredentialOutput) GoString() string {
 39364  	return s.String()
 39365  }
 39366  
 39367  type UpdateSigningCertificateInput struct {
 39368  	_ struct{} `type:"structure"`
 39369  
 39370  	// The ID of the signing certificate you want to update.
 39371  	//
 39372  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 39373  	// a string of characters that can consist of any upper or lowercased letter
 39374  	// or digit.
 39375  	//
 39376  	// CertificateId is a required field
 39377  	CertificateId *string `min:"24" type:"string" required:"true"`
 39378  
 39379  	// The status you want to assign to the certificate. Active means that the certificate
 39380  	// can be used for programmatic calls to Amazon Web Services Inactive means
 39381  	// that the certificate cannot be used.
 39382  	//
 39383  	// Status is a required field
 39384  	Status *string `type:"string" required:"true" enum:"StatusType"`
 39385  
 39386  	// The name of the IAM user the signing certificate belongs to.
 39387  	//
 39388  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 39389  	// a string of characters consisting of upper and lowercase alphanumeric characters
 39390  	// with no spaces. You can also include any of the following characters: _+=,.@-
 39391  	UserName *string `min:"1" type:"string"`
 39392  }
 39393  
 39394  // String returns the string representation.
 39395  //
 39396  // API parameter values that are decorated as "sensitive" in the API will not
 39397  // be included in the string output. The member name will be present, but the
 39398  // value will be replaced with "sensitive".
 39399  func (s UpdateSigningCertificateInput) String() string {
 39400  	return awsutil.Prettify(s)
 39401  }
 39402  
 39403  // GoString returns the string representation.
 39404  //
 39405  // API parameter values that are decorated as "sensitive" in the API will not
 39406  // be included in the string output. The member name will be present, but the
 39407  // value will be replaced with "sensitive".
 39408  func (s UpdateSigningCertificateInput) GoString() string {
 39409  	return s.String()
 39410  }
 39411  
 39412  // Validate inspects the fields of the type to determine if they are valid.
 39413  func (s *UpdateSigningCertificateInput) Validate() error {
 39414  	invalidParams := request.ErrInvalidParams{Context: "UpdateSigningCertificateInput"}
 39415  	if s.CertificateId == nil {
 39416  		invalidParams.Add(request.NewErrParamRequired("CertificateId"))
 39417  	}
 39418  	if s.CertificateId != nil && len(*s.CertificateId) < 24 {
 39419  		invalidParams.Add(request.NewErrParamMinLen("CertificateId", 24))
 39420  	}
 39421  	if s.Status == nil {
 39422  		invalidParams.Add(request.NewErrParamRequired("Status"))
 39423  	}
 39424  	if s.UserName != nil && len(*s.UserName) < 1 {
 39425  		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
 39426  	}
 39427  
 39428  	if invalidParams.Len() > 0 {
 39429  		return invalidParams
 39430  	}
 39431  	return nil
 39432  }
 39433  
 39434  // SetCertificateId sets the CertificateId field's value.
 39435  func (s *UpdateSigningCertificateInput) SetCertificateId(v string) *UpdateSigningCertificateInput {
 39436  	s.CertificateId = &v
 39437  	return s
 39438  }
 39439  
 39440  // SetStatus sets the Status field's value.
 39441  func (s *UpdateSigningCertificateInput) SetStatus(v string) *UpdateSigningCertificateInput {
 39442  	s.Status = &v
 39443  	return s
 39444  }
 39445  
 39446  // SetUserName sets the UserName field's value.
 39447  func (s *UpdateSigningCertificateInput) SetUserName(v string) *UpdateSigningCertificateInput {
 39448  	s.UserName = &v
 39449  	return s
 39450  }
 39451  
 39452  type UpdateSigningCertificateOutput struct {
 39453  	_ struct{} `type:"structure"`
 39454  }
 39455  
 39456  // String returns the string representation.
 39457  //
 39458  // API parameter values that are decorated as "sensitive" in the API will not
 39459  // be included in the string output. The member name will be present, but the
 39460  // value will be replaced with "sensitive".
 39461  func (s UpdateSigningCertificateOutput) String() string {
 39462  	return awsutil.Prettify(s)
 39463  }
 39464  
 39465  // GoString returns the string representation.
 39466  //
 39467  // API parameter values that are decorated as "sensitive" in the API will not
 39468  // be included in the string output. The member name will be present, but the
 39469  // value will be replaced with "sensitive".
 39470  func (s UpdateSigningCertificateOutput) GoString() string {
 39471  	return s.String()
 39472  }
 39473  
 39474  type UpdateUserInput struct {
 39475  	_ struct{} `type:"structure"`
 39476  
 39477  	// New path for the IAM user. Include this parameter only if you're changing
 39478  	// the user's path.
 39479  	//
 39480  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 39481  	// a string of characters consisting of either a forward slash (/) by itself
 39482  	// or a string that must begin and end with forward slashes. In addition, it
 39483  	// can contain any ASCII character from the ! (\u0021) through the DEL character
 39484  	// (\u007F), including most punctuation characters, digits, and upper and lowercased
 39485  	// letters.
 39486  	NewPath *string `min:"1" type:"string"`
 39487  
 39488  	// New name for the user. Include this parameter only if you're changing the
 39489  	// user's name.
 39490  	//
 39491  	// IAM user, group, role, and policy names must be unique within the account.
 39492  	// Names are not distinguished by case. For example, you cannot create resources
 39493  	// named both "MyResource" and "myresource".
 39494  	NewUserName *string `min:"1" type:"string"`
 39495  
 39496  	// Name of the user to update. If you're changing the name of the user, this
 39497  	// is the original user name.
 39498  	//
 39499  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 39500  	// a string of characters consisting of upper and lowercase alphanumeric characters
 39501  	// with no spaces. You can also include any of the following characters: _+=,.@-
 39502  	//
 39503  	// UserName is a required field
 39504  	UserName *string `min:"1" type:"string" required:"true"`
 39505  }
 39506  
 39507  // String returns the string representation.
 39508  //
 39509  // API parameter values that are decorated as "sensitive" in the API will not
 39510  // be included in the string output. The member name will be present, but the
 39511  // value will be replaced with "sensitive".
 39512  func (s UpdateUserInput) String() string {
 39513  	return awsutil.Prettify(s)
 39514  }
 39515  
 39516  // GoString returns the string representation.
 39517  //
 39518  // API parameter values that are decorated as "sensitive" in the API will not
 39519  // be included in the string output. The member name will be present, but the
 39520  // value will be replaced with "sensitive".
 39521  func (s UpdateUserInput) GoString() string {
 39522  	return s.String()
 39523  }
 39524  
 39525  // Validate inspects the fields of the type to determine if they are valid.
 39526  func (s *UpdateUserInput) Validate() error {
 39527  	invalidParams := request.ErrInvalidParams{Context: "UpdateUserInput"}
 39528  	if s.NewPath != nil && len(*s.NewPath) < 1 {
 39529  		invalidParams.Add(request.NewErrParamMinLen("NewPath", 1))
 39530  	}
 39531  	if s.NewUserName != nil && len(*s.NewUserName) < 1 {
 39532  		invalidParams.Add(request.NewErrParamMinLen("NewUserName", 1))
 39533  	}
 39534  	if s.UserName == nil {
 39535  		invalidParams.Add(request.NewErrParamRequired("UserName"))
 39536  	}
 39537  	if s.UserName != nil && len(*s.UserName) < 1 {
 39538  		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
 39539  	}
 39540  
 39541  	if invalidParams.Len() > 0 {
 39542  		return invalidParams
 39543  	}
 39544  	return nil
 39545  }
 39546  
 39547  // SetNewPath sets the NewPath field's value.
 39548  func (s *UpdateUserInput) SetNewPath(v string) *UpdateUserInput {
 39549  	s.NewPath = &v
 39550  	return s
 39551  }
 39552  
 39553  // SetNewUserName sets the NewUserName field's value.
 39554  func (s *UpdateUserInput) SetNewUserName(v string) *UpdateUserInput {
 39555  	s.NewUserName = &v
 39556  	return s
 39557  }
 39558  
 39559  // SetUserName sets the UserName field's value.
 39560  func (s *UpdateUserInput) SetUserName(v string) *UpdateUserInput {
 39561  	s.UserName = &v
 39562  	return s
 39563  }
 39564  
 39565  type UpdateUserOutput struct {
 39566  	_ struct{} `type:"structure"`
 39567  }
 39568  
 39569  // String returns the string representation.
 39570  //
 39571  // API parameter values that are decorated as "sensitive" in the API will not
 39572  // be included in the string output. The member name will be present, but the
 39573  // value will be replaced with "sensitive".
 39574  func (s UpdateUserOutput) String() string {
 39575  	return awsutil.Prettify(s)
 39576  }
 39577  
 39578  // GoString returns the string representation.
 39579  //
 39580  // API parameter values that are decorated as "sensitive" in the API will not
 39581  // be included in the string output. The member name will be present, but the
 39582  // value will be replaced with "sensitive".
 39583  func (s UpdateUserOutput) GoString() string {
 39584  	return s.String()
 39585  }
 39586  
 39587  type UploadSSHPublicKeyInput struct {
 39588  	_ struct{} `type:"structure"`
 39589  
 39590  	// The SSH public key. The public key must be encoded in ssh-rsa format or PEM
 39591  	// format. The minimum bit-length of the public key is 2048 bits. For example,
 39592  	// you can generate a 2048-bit key, and the resulting PEM file is 1679 bytes
 39593  	// long.
 39594  	//
 39595  	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
 39596  	// parameter is a string of characters consisting of the following:
 39597  	//
 39598  	//    * Any printable ASCII character ranging from the space character (\u0020)
 39599  	//    through the end of the ASCII character range
 39600  	//
 39601  	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
 39602  	//    set (through \u00FF)
 39603  	//
 39604  	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
 39605  	//    return (\u000D)
 39606  	//
 39607  	// SSHPublicKeyBody is a required field
 39608  	SSHPublicKeyBody *string `min:"1" type:"string" required:"true"`
 39609  
 39610  	// The name of the IAM user to associate the SSH public key with.
 39611  	//
 39612  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 39613  	// a string of characters consisting of upper and lowercase alphanumeric characters
 39614  	// with no spaces. You can also include any of the following characters: _+=,.@-
 39615  	//
 39616  	// UserName is a required field
 39617  	UserName *string `min:"1" type:"string" required:"true"`
 39618  }
 39619  
 39620  // String returns the string representation.
 39621  //
 39622  // API parameter values that are decorated as "sensitive" in the API will not
 39623  // be included in the string output. The member name will be present, but the
 39624  // value will be replaced with "sensitive".
 39625  func (s UploadSSHPublicKeyInput) String() string {
 39626  	return awsutil.Prettify(s)
 39627  }
 39628  
 39629  // GoString returns the string representation.
 39630  //
 39631  // API parameter values that are decorated as "sensitive" in the API will not
 39632  // be included in the string output. The member name will be present, but the
 39633  // value will be replaced with "sensitive".
 39634  func (s UploadSSHPublicKeyInput) GoString() string {
 39635  	return s.String()
 39636  }
 39637  
 39638  // Validate inspects the fields of the type to determine if they are valid.
 39639  func (s *UploadSSHPublicKeyInput) Validate() error {
 39640  	invalidParams := request.ErrInvalidParams{Context: "UploadSSHPublicKeyInput"}
 39641  	if s.SSHPublicKeyBody == nil {
 39642  		invalidParams.Add(request.NewErrParamRequired("SSHPublicKeyBody"))
 39643  	}
 39644  	if s.SSHPublicKeyBody != nil && len(*s.SSHPublicKeyBody) < 1 {
 39645  		invalidParams.Add(request.NewErrParamMinLen("SSHPublicKeyBody", 1))
 39646  	}
 39647  	if s.UserName == nil {
 39648  		invalidParams.Add(request.NewErrParamRequired("UserName"))
 39649  	}
 39650  	if s.UserName != nil && len(*s.UserName) < 1 {
 39651  		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
 39652  	}
 39653  
 39654  	if invalidParams.Len() > 0 {
 39655  		return invalidParams
 39656  	}
 39657  	return nil
 39658  }
 39659  
 39660  // SetSSHPublicKeyBody sets the SSHPublicKeyBody field's value.
 39661  func (s *UploadSSHPublicKeyInput) SetSSHPublicKeyBody(v string) *UploadSSHPublicKeyInput {
 39662  	s.SSHPublicKeyBody = &v
 39663  	return s
 39664  }
 39665  
 39666  // SetUserName sets the UserName field's value.
 39667  func (s *UploadSSHPublicKeyInput) SetUserName(v string) *UploadSSHPublicKeyInput {
 39668  	s.UserName = &v
 39669  	return s
 39670  }
 39671  
 39672  // Contains the response to a successful UploadSSHPublicKey request.
 39673  type UploadSSHPublicKeyOutput struct {
 39674  	_ struct{} `type:"structure"`
 39675  
 39676  	// Contains information about the SSH public key.
 39677  	SSHPublicKey *SSHPublicKey `type:"structure"`
 39678  }
 39679  
 39680  // String returns the string representation.
 39681  //
 39682  // API parameter values that are decorated as "sensitive" in the API will not
 39683  // be included in the string output. The member name will be present, but the
 39684  // value will be replaced with "sensitive".
 39685  func (s UploadSSHPublicKeyOutput) String() string {
 39686  	return awsutil.Prettify(s)
 39687  }
 39688  
 39689  // GoString returns the string representation.
 39690  //
 39691  // API parameter values that are decorated as "sensitive" in the API will not
 39692  // be included in the string output. The member name will be present, but the
 39693  // value will be replaced with "sensitive".
 39694  func (s UploadSSHPublicKeyOutput) GoString() string {
 39695  	return s.String()
 39696  }
 39697  
 39698  // SetSSHPublicKey sets the SSHPublicKey field's value.
 39699  func (s *UploadSSHPublicKeyOutput) SetSSHPublicKey(v *SSHPublicKey) *UploadSSHPublicKeyOutput {
 39700  	s.SSHPublicKey = v
 39701  	return s
 39702  }
 39703  
 39704  type UploadServerCertificateInput struct {
 39705  	_ struct{} `type:"structure"`
 39706  
 39707  	// The contents of the public key certificate in PEM-encoded format.
 39708  	//
 39709  	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
 39710  	// parameter is a string of characters consisting of the following:
 39711  	//
 39712  	//    * Any printable ASCII character ranging from the space character (\u0020)
 39713  	//    through the end of the ASCII character range
 39714  	//
 39715  	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
 39716  	//    set (through \u00FF)
 39717  	//
 39718  	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
 39719  	//    return (\u000D)
 39720  	//
 39721  	// CertificateBody is a required field
 39722  	CertificateBody *string `min:"1" type:"string" required:"true"`
 39723  
 39724  	// The contents of the certificate chain. This is typically a concatenation
 39725  	// of the PEM-encoded public key certificates of the chain.
 39726  	//
 39727  	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
 39728  	// parameter is a string of characters consisting of the following:
 39729  	//
 39730  	//    * Any printable ASCII character ranging from the space character (\u0020)
 39731  	//    through the end of the ASCII character range
 39732  	//
 39733  	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
 39734  	//    set (through \u00FF)
 39735  	//
 39736  	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
 39737  	//    return (\u000D)
 39738  	CertificateChain *string `min:"1" type:"string"`
 39739  
 39740  	// The path for the server certificate. For more information about paths, see
 39741  	// IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
 39742  	// in the IAM User Guide.
 39743  	//
 39744  	// This parameter is optional. If it is not included, it defaults to a slash
 39745  	// (/). This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 39746  	// a string of characters consisting of either a forward slash (/) by itself
 39747  	// or a string that must begin and end with forward slashes. In addition, it
 39748  	// can contain any ASCII character from the ! (\u0021) through the DEL character
 39749  	// (\u007F), including most punctuation characters, digits, and upper and lowercased
 39750  	// letters.
 39751  	//
 39752  	// If you are uploading a server certificate specifically for use with Amazon
 39753  	// CloudFront distributions, you must specify a path using the path parameter.
 39754  	// The path must begin with /cloudfront and must include a trailing slash (for
 39755  	// example, /cloudfront/test/).
 39756  	Path *string `min:"1" type:"string"`
 39757  
 39758  	// The contents of the private key in PEM-encoded format.
 39759  	//
 39760  	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
 39761  	// parameter is a string of characters consisting of the following:
 39762  	//
 39763  	//    * Any printable ASCII character ranging from the space character (\u0020)
 39764  	//    through the end of the ASCII character range
 39765  	//
 39766  	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
 39767  	//    set (through \u00FF)
 39768  	//
 39769  	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
 39770  	//    return (\u000D)
 39771  	//
 39772  	// PrivateKey is a sensitive parameter and its value will be
 39773  	// replaced with "sensitive" in string returned by UploadServerCertificateInput's
 39774  	// String and GoString methods.
 39775  	//
 39776  	// PrivateKey is a required field
 39777  	PrivateKey *string `min:"1" type:"string" required:"true" sensitive:"true"`
 39778  
 39779  	// The name for the server certificate. Do not include the path in this value.
 39780  	// The name of the certificate cannot contain any spaces.
 39781  	//
 39782  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 39783  	// a string of characters consisting of upper and lowercase alphanumeric characters
 39784  	// with no spaces. You can also include any of the following characters: _+=,.@-
 39785  	//
 39786  	// ServerCertificateName is a required field
 39787  	ServerCertificateName *string `min:"1" type:"string" required:"true"`
 39788  
 39789  	// A list of tags that you want to attach to the new IAM server certificate
 39790  	// resource. Each tag consists of a key name and an associated value. For more
 39791  	// information about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
 39792  	// in the IAM User Guide.
 39793  	//
 39794  	// If any one of the tags is invalid or if you exceed the allowed maximum number
 39795  	// of tags, then the entire request fails and the resource is not created.
 39796  	Tags []*Tag `type:"list"`
 39797  }
 39798  
 39799  // String returns the string representation.
 39800  //
 39801  // API parameter values that are decorated as "sensitive" in the API will not
 39802  // be included in the string output. The member name will be present, but the
 39803  // value will be replaced with "sensitive".
 39804  func (s UploadServerCertificateInput) String() string {
 39805  	return awsutil.Prettify(s)
 39806  }
 39807  
 39808  // GoString returns the string representation.
 39809  //
 39810  // API parameter values that are decorated as "sensitive" in the API will not
 39811  // be included in the string output. The member name will be present, but the
 39812  // value will be replaced with "sensitive".
 39813  func (s UploadServerCertificateInput) GoString() string {
 39814  	return s.String()
 39815  }
 39816  
 39817  // Validate inspects the fields of the type to determine if they are valid.
 39818  func (s *UploadServerCertificateInput) Validate() error {
 39819  	invalidParams := request.ErrInvalidParams{Context: "UploadServerCertificateInput"}
 39820  	if s.CertificateBody == nil {
 39821  		invalidParams.Add(request.NewErrParamRequired("CertificateBody"))
 39822  	}
 39823  	if s.CertificateBody != nil && len(*s.CertificateBody) < 1 {
 39824  		invalidParams.Add(request.NewErrParamMinLen("CertificateBody", 1))
 39825  	}
 39826  	if s.CertificateChain != nil && len(*s.CertificateChain) < 1 {
 39827  		invalidParams.Add(request.NewErrParamMinLen("CertificateChain", 1))
 39828  	}
 39829  	if s.Path != nil && len(*s.Path) < 1 {
 39830  		invalidParams.Add(request.NewErrParamMinLen("Path", 1))
 39831  	}
 39832  	if s.PrivateKey == nil {
 39833  		invalidParams.Add(request.NewErrParamRequired("PrivateKey"))
 39834  	}
 39835  	if s.PrivateKey != nil && len(*s.PrivateKey) < 1 {
 39836  		invalidParams.Add(request.NewErrParamMinLen("PrivateKey", 1))
 39837  	}
 39838  	if s.ServerCertificateName == nil {
 39839  		invalidParams.Add(request.NewErrParamRequired("ServerCertificateName"))
 39840  	}
 39841  	if s.ServerCertificateName != nil && len(*s.ServerCertificateName) < 1 {
 39842  		invalidParams.Add(request.NewErrParamMinLen("ServerCertificateName", 1))
 39843  	}
 39844  	if s.Tags != nil {
 39845  		for i, v := range s.Tags {
 39846  			if v == nil {
 39847  				continue
 39848  			}
 39849  			if err := v.Validate(); err != nil {
 39850  				invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Tags", i), err.(request.ErrInvalidParams))
 39851  			}
 39852  		}
 39853  	}
 39854  
 39855  	if invalidParams.Len() > 0 {
 39856  		return invalidParams
 39857  	}
 39858  	return nil
 39859  }
 39860  
 39861  // SetCertificateBody sets the CertificateBody field's value.
 39862  func (s *UploadServerCertificateInput) SetCertificateBody(v string) *UploadServerCertificateInput {
 39863  	s.CertificateBody = &v
 39864  	return s
 39865  }
 39866  
 39867  // SetCertificateChain sets the CertificateChain field's value.
 39868  func (s *UploadServerCertificateInput) SetCertificateChain(v string) *UploadServerCertificateInput {
 39869  	s.CertificateChain = &v
 39870  	return s
 39871  }
 39872  
 39873  // SetPath sets the Path field's value.
 39874  func (s *UploadServerCertificateInput) SetPath(v string) *UploadServerCertificateInput {
 39875  	s.Path = &v
 39876  	return s
 39877  }
 39878  
 39879  // SetPrivateKey sets the PrivateKey field's value.
 39880  func (s *UploadServerCertificateInput) SetPrivateKey(v string) *UploadServerCertificateInput {
 39881  	s.PrivateKey = &v
 39882  	return s
 39883  }
 39884  
 39885  // SetServerCertificateName sets the ServerCertificateName field's value.
 39886  func (s *UploadServerCertificateInput) SetServerCertificateName(v string) *UploadServerCertificateInput {
 39887  	s.ServerCertificateName = &v
 39888  	return s
 39889  }
 39890  
 39891  // SetTags sets the Tags field's value.
 39892  func (s *UploadServerCertificateInput) SetTags(v []*Tag) *UploadServerCertificateInput {
 39893  	s.Tags = v
 39894  	return s
 39895  }
 39896  
 39897  // Contains the response to a successful UploadServerCertificate request.
 39898  type UploadServerCertificateOutput struct {
 39899  	_ struct{} `type:"structure"`
 39900  
 39901  	// The meta information of the uploaded server certificate without its certificate
 39902  	// body, certificate chain, and private key.
 39903  	ServerCertificateMetadata *ServerCertificateMetadata `type:"structure"`
 39904  
 39905  	// A list of tags that are attached to the new IAM server certificate. The returned
 39906  	// list of tags is sorted by tag key. For more information about tagging, see
 39907  	// Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
 39908  	// in the IAM User Guide.
 39909  	Tags []*Tag `type:"list"`
 39910  }
 39911  
 39912  // String returns the string representation.
 39913  //
 39914  // API parameter values that are decorated as "sensitive" in the API will not
 39915  // be included in the string output. The member name will be present, but the
 39916  // value will be replaced with "sensitive".
 39917  func (s UploadServerCertificateOutput) String() string {
 39918  	return awsutil.Prettify(s)
 39919  }
 39920  
 39921  // GoString returns the string representation.
 39922  //
 39923  // API parameter values that are decorated as "sensitive" in the API will not
 39924  // be included in the string output. The member name will be present, but the
 39925  // value will be replaced with "sensitive".
 39926  func (s UploadServerCertificateOutput) GoString() string {
 39927  	return s.String()
 39928  }
 39929  
 39930  // SetServerCertificateMetadata sets the ServerCertificateMetadata field's value.
 39931  func (s *UploadServerCertificateOutput) SetServerCertificateMetadata(v *ServerCertificateMetadata) *UploadServerCertificateOutput {
 39932  	s.ServerCertificateMetadata = v
 39933  	return s
 39934  }
 39935  
 39936  // SetTags sets the Tags field's value.
 39937  func (s *UploadServerCertificateOutput) SetTags(v []*Tag) *UploadServerCertificateOutput {
 39938  	s.Tags = v
 39939  	return s
 39940  }
 39941  
 39942  type UploadSigningCertificateInput struct {
 39943  	_ struct{} `type:"structure"`
 39944  
 39945  	// The contents of the signing certificate.
 39946  	//
 39947  	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
 39948  	// parameter is a string of characters consisting of the following:
 39949  	//
 39950  	//    * Any printable ASCII character ranging from the space character (\u0020)
 39951  	//    through the end of the ASCII character range
 39952  	//
 39953  	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
 39954  	//    set (through \u00FF)
 39955  	//
 39956  	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
 39957  	//    return (\u000D)
 39958  	//
 39959  	// CertificateBody is a required field
 39960  	CertificateBody *string `min:"1" type:"string" required:"true"`
 39961  
 39962  	// The name of the user the signing certificate is for.
 39963  	//
 39964  	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
 39965  	// a string of characters consisting of upper and lowercase alphanumeric characters
 39966  	// with no spaces. You can also include any of the following characters: _+=,.@-
 39967  	UserName *string `min:"1" type:"string"`
 39968  }
 39969  
 39970  // String returns the string representation.
 39971  //
 39972  // API parameter values that are decorated as "sensitive" in the API will not
 39973  // be included in the string output. The member name will be present, but the
 39974  // value will be replaced with "sensitive".
 39975  func (s UploadSigningCertificateInput) String() string {
 39976  	return awsutil.Prettify(s)
 39977  }
 39978  
 39979  // GoString returns the string representation.
 39980  //
 39981  // API parameter values that are decorated as "sensitive" in the API will not
 39982  // be included in the string output. The member name will be present, but the
 39983  // value will be replaced with "sensitive".
 39984  func (s UploadSigningCertificateInput) GoString() string {
 39985  	return s.String()
 39986  }
 39987  
 39988  // Validate inspects the fields of the type to determine if they are valid.
 39989  func (s *UploadSigningCertificateInput) Validate() error {
 39990  	invalidParams := request.ErrInvalidParams{Context: "UploadSigningCertificateInput"}
 39991  	if s.CertificateBody == nil {
 39992  		invalidParams.Add(request.NewErrParamRequired("CertificateBody"))
 39993  	}
 39994  	if s.CertificateBody != nil && len(*s.CertificateBody) < 1 {
 39995  		invalidParams.Add(request.NewErrParamMinLen("CertificateBody", 1))
 39996  	}
 39997  	if s.UserName != nil && len(*s.UserName) < 1 {
 39998  		invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
 39999  	}
 40000  
 40001  	if invalidParams.Len() > 0 {
 40002  		return invalidParams
 40003  	}
 40004  	return nil
 40005  }
 40006  
 40007  // SetCertificateBody sets the CertificateBody field's value.
 40008  func (s *UploadSigningCertificateInput) SetCertificateBody(v string) *UploadSigningCertificateInput {
 40009  	s.CertificateBody = &v
 40010  	return s
 40011  }
 40012  
 40013  // SetUserName sets the UserName field's value.
 40014  func (s *UploadSigningCertificateInput) SetUserName(v string) *UploadSigningCertificateInput {
 40015  	s.UserName = &v
 40016  	return s
 40017  }
 40018  
 40019  // Contains the response to a successful UploadSigningCertificate request.
 40020  type UploadSigningCertificateOutput struct {
 40021  	_ struct{} `type:"structure"`
 40022  
 40023  	// Information about the certificate.
 40024  	//
 40025  	// Certificate is a required field
 40026  	Certificate *SigningCertificate `type:"structure" required:"true"`
 40027  }
 40028  
 40029  // String returns the string representation.
 40030  //
 40031  // API parameter values that are decorated as "sensitive" in the API will not
 40032  // be included in the string output. The member name will be present, but the
 40033  // value will be replaced with "sensitive".
 40034  func (s UploadSigningCertificateOutput) String() string {
 40035  	return awsutil.Prettify(s)
 40036  }
 40037  
 40038  // GoString returns the string representation.
 40039  //
 40040  // API parameter values that are decorated as "sensitive" in the API will not
 40041  // be included in the string output. The member name will be present, but the
 40042  // value will be replaced with "sensitive".
 40043  func (s UploadSigningCertificateOutput) GoString() string {
 40044  	return s.String()
 40045  }
 40046  
 40047  // SetCertificate sets the Certificate field's value.
 40048  func (s *UploadSigningCertificateOutput) SetCertificate(v *SigningCertificate) *UploadSigningCertificateOutput {
 40049  	s.Certificate = v
 40050  	return s
 40051  }
 40052  
 40053  // Contains information about an IAM user entity.
 40054  //
 40055  // This data type is used as a response element in the following operations:
 40056  //
 40057  //    * CreateUser
 40058  //
 40059  //    * GetUser
 40060  //
 40061  //    * ListUsers
 40062  type User struct {
 40063  	_ struct{} `type:"structure"`
 40064  
 40065  	// The Amazon Resource Name (ARN) that identifies the user. For more information
 40066  	// about ARNs and how to use ARNs in policies, see IAM Identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
 40067  	// in the IAM User Guide.
 40068  	//
 40069  	// Arn is a required field
 40070  	Arn *string `min:"20" type:"string" required:"true"`
 40071  
 40072  	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
 40073  	// when the user was created.
 40074  	//
 40075  	// CreateDate is a required field
 40076  	CreateDate *time.Time `type:"timestamp" required:"true"`
 40077  
 40078  	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
 40079  	// when the user's password was last used to sign in to an Amazon Web Services
 40080  	// website. For a list of Amazon Web Services websites that capture a user's
 40081  	// last sign-in time, see the Credential reports (https://docs.aws.amazon.com/IAM/latest/UserGuide/credential-reports.html)
 40082  	// topic in the IAM User Guide. If a password is used more than once in a five-minute
 40083  	// span, only the first use is returned in this field. If the field is null
 40084  	// (no value), then it indicates that they never signed in with a password.
 40085  	// This can be because:
 40086  	//
 40087  	//    * The user never had a password.
 40088  	//
 40089  	//    * A password exists but has not been used since IAM started tracking this
 40090  	//    information on October 20, 2014.
 40091  	//
 40092  	// A null value does not mean that the user never had a password. Also, if the
 40093  	// user does not currently have a password but had one in the past, then this
 40094  	// field contains the date and time the most recent password was used.
 40095  	//
 40096  	// This value is returned only in the GetUser and ListUsers operations.
 40097  	PasswordLastUsed *time.Time `type:"timestamp"`
 40098  
 40099  	// The path to the user. For more information about paths, see IAM identifiers
 40100  	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
 40101  	// in the IAM User Guide.
 40102  	//
 40103  	// The ARN of the policy used to set the permissions boundary for the user.
 40104  	//
 40105  	// Path is a required field
 40106  	Path *string `min:"1" type:"string" required:"true"`
 40107  
 40108  	// For more information about permissions boundaries, see Permissions boundaries
 40109  	// for IAM identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html)
 40110  	// in the IAM User Guide.
 40111  	PermissionsBoundary *AttachedPermissionsBoundary `type:"structure"`
 40112  
 40113  	// A list of tags that are associated with the user. For more information about
 40114  	// tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
 40115  	// in the IAM User Guide.
 40116  	Tags []*Tag `type:"list"`
 40117  
 40118  	// The stable and unique string identifying the user. For more information about
 40119  	// IDs, see IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
 40120  	// in the IAM User Guide.
 40121  	//
 40122  	// UserId is a required field
 40123  	UserId *string `min:"16" type:"string" required:"true"`
 40124  
 40125  	// The friendly name identifying the user.
 40126  	//
 40127  	// UserName is a required field
 40128  	UserName *string `min:"1" type:"string" required:"true"`
 40129  }
 40130  
 40131  // String returns the string representation.
 40132  //
 40133  // API parameter values that are decorated as "sensitive" in the API will not
 40134  // be included in the string output. The member name will be present, but the
 40135  // value will be replaced with "sensitive".
 40136  func (s User) String() string {
 40137  	return awsutil.Prettify(s)
 40138  }
 40139  
 40140  // GoString returns the string representation.
 40141  //
 40142  // API parameter values that are decorated as "sensitive" in the API will not
 40143  // be included in the string output. The member name will be present, but the
 40144  // value will be replaced with "sensitive".
 40145  func (s User) GoString() string {
 40146  	return s.String()
 40147  }
 40148  
 40149  // SetArn sets the Arn field's value.
 40150  func (s *User) SetArn(v string) *User {
 40151  	s.Arn = &v
 40152  	return s
 40153  }
 40154  
 40155  // SetCreateDate sets the CreateDate field's value.
 40156  func (s *User) SetCreateDate(v time.Time) *User {
 40157  	s.CreateDate = &v
 40158  	return s
 40159  }
 40160  
 40161  // SetPasswordLastUsed sets the PasswordLastUsed field's value.
 40162  func (s *User) SetPasswordLastUsed(v time.Time) *User {
 40163  	s.PasswordLastUsed = &v
 40164  	return s
 40165  }
 40166  
 40167  // SetPath sets the Path field's value.
 40168  func (s *User) SetPath(v string) *User {
 40169  	s.Path = &v
 40170  	return s
 40171  }
 40172  
 40173  // SetPermissionsBoundary sets the PermissionsBoundary field's value.
 40174  func (s *User) SetPermissionsBoundary(v *AttachedPermissionsBoundary) *User {
 40175  	s.PermissionsBoundary = v
 40176  	return s
 40177  }
 40178  
 40179  // SetTags sets the Tags field's value.
 40180  func (s *User) SetTags(v []*Tag) *User {
 40181  	s.Tags = v
 40182  	return s
 40183  }
 40184  
 40185  // SetUserId sets the UserId field's value.
 40186  func (s *User) SetUserId(v string) *User {
 40187  	s.UserId = &v
 40188  	return s
 40189  }
 40190  
 40191  // SetUserName sets the UserName field's value.
 40192  func (s *User) SetUserName(v string) *User {
 40193  	s.UserName = &v
 40194  	return s
 40195  }
 40196  
 40197  // Contains information about an IAM user, including all the user's policies
 40198  // and all the IAM groups the user is in.
 40199  //
 40200  // This data type is used as a response element in the GetAccountAuthorizationDetails
 40201  // operation.
 40202  type UserDetail struct {
 40203  	_ struct{} `type:"structure"`
 40204  
 40205  	// The Amazon Resource Name (ARN). ARNs are unique identifiers for Amazon Web
 40206  	// Services resources.
 40207  	//
 40208  	// For more information about ARNs, go to Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
 40209  	// in the Amazon Web Services General Reference.
 40210  	Arn *string `min:"20" type:"string"`
 40211  
 40212  	// A list of the managed policies attached to the user.
 40213  	AttachedManagedPolicies []*AttachedPolicy `type:"list"`
 40214  
 40215  	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
 40216  	// when the user was created.
 40217  	CreateDate *time.Time `type:"timestamp"`
 40218  
 40219  	// A list of IAM groups that the user is in.
 40220  	GroupList []*string `type:"list"`
 40221  
 40222  	// The path to the user. For more information about paths, see IAM identifiers
 40223  	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
 40224  	// in the IAM User Guide.
 40225  	Path *string `min:"1" type:"string"`
 40226  
 40227  	// The ARN of the policy used to set the permissions boundary for the user.
 40228  	//
 40229  	// For more information about permissions boundaries, see Permissions boundaries
 40230  	// for IAM identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html)
 40231  	// in the IAM User Guide.
 40232  	PermissionsBoundary *AttachedPermissionsBoundary `type:"structure"`
 40233  
 40234  	// A list of tags that are associated with the user. For more information about
 40235  	// tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
 40236  	// in the IAM User Guide.
 40237  	Tags []*Tag `type:"list"`
 40238  
 40239  	// The stable and unique string identifying the user. For more information about
 40240  	// IDs, see IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
 40241  	// in the IAM User Guide.
 40242  	UserId *string `min:"16" type:"string"`
 40243  
 40244  	// The friendly name identifying the user.
 40245  	UserName *string `min:"1" type:"string"`
 40246  
 40247  	// A list of the inline policies embedded in the user.
 40248  	UserPolicyList []*PolicyDetail `type:"list"`
 40249  }
 40250  
 40251  // String returns the string representation.
 40252  //
 40253  // API parameter values that are decorated as "sensitive" in the API will not
 40254  // be included in the string output. The member name will be present, but the
 40255  // value will be replaced with "sensitive".
 40256  func (s UserDetail) String() string {
 40257  	return awsutil.Prettify(s)
 40258  }
 40259  
 40260  // GoString returns the string representation.
 40261  //
 40262  // API parameter values that are decorated as "sensitive" in the API will not
 40263  // be included in the string output. The member name will be present, but the
 40264  // value will be replaced with "sensitive".
 40265  func (s UserDetail) GoString() string {
 40266  	return s.String()
 40267  }
 40268  
 40269  // SetArn sets the Arn field's value.
 40270  func (s *UserDetail) SetArn(v string) *UserDetail {
 40271  	s.Arn = &v
 40272  	return s
 40273  }
 40274  
 40275  // SetAttachedManagedPolicies sets the AttachedManagedPolicies field's value.
 40276  func (s *UserDetail) SetAttachedManagedPolicies(v []*AttachedPolicy) *UserDetail {
 40277  	s.AttachedManagedPolicies = v
 40278  	return s
 40279  }
 40280  
 40281  // SetCreateDate sets the CreateDate field's value.
 40282  func (s *UserDetail) SetCreateDate(v time.Time) *UserDetail {
 40283  	s.CreateDate = &v
 40284  	return s
 40285  }
 40286  
 40287  // SetGroupList sets the GroupList field's value.
 40288  func (s *UserDetail) SetGroupList(v []*string) *UserDetail {
 40289  	s.GroupList = v
 40290  	return s
 40291  }
 40292  
 40293  // SetPath sets the Path field's value.
 40294  func (s *UserDetail) SetPath(v string) *UserDetail {
 40295  	s.Path = &v
 40296  	return s
 40297  }
 40298  
 40299  // SetPermissionsBoundary sets the PermissionsBoundary field's value.
 40300  func (s *UserDetail) SetPermissionsBoundary(v *AttachedPermissionsBoundary) *UserDetail {
 40301  	s.PermissionsBoundary = v
 40302  	return s
 40303  }
 40304  
 40305  // SetTags sets the Tags field's value.
 40306  func (s *UserDetail) SetTags(v []*Tag) *UserDetail {
 40307  	s.Tags = v
 40308  	return s
 40309  }
 40310  
 40311  // SetUserId sets the UserId field's value.
 40312  func (s *UserDetail) SetUserId(v string) *UserDetail {
 40313  	s.UserId = &v
 40314  	return s
 40315  }
 40316  
 40317  // SetUserName sets the UserName field's value.
 40318  func (s *UserDetail) SetUserName(v string) *UserDetail {
 40319  	s.UserName = &v
 40320  	return s
 40321  }
 40322  
 40323  // SetUserPolicyList sets the UserPolicyList field's value.
 40324  func (s *UserDetail) SetUserPolicyList(v []*PolicyDetail) *UserDetail {
 40325  	s.UserPolicyList = v
 40326  	return s
 40327  }
 40328  
 40329  // Contains information about a virtual MFA device.
 40330  type VirtualMFADevice struct {
 40331  	_ struct{} `type:"structure"`
 40332  
 40333  	// The base32 seed defined as specified in RFC3548 (https://tools.ietf.org/html/rfc3548.txt).
 40334  	// The Base32StringSeed is base64-encoded.
 40335  	//
 40336  	// Base32StringSeed is a sensitive parameter and its value will be
 40337  	// replaced with "sensitive" in string returned by VirtualMFADevice's
 40338  	// String and GoString methods.
 40339  	//
 40340  	// Base32StringSeed is automatically base64 encoded/decoded by the SDK.
 40341  	Base32StringSeed []byte `type:"blob" sensitive:"true"`
 40342  
 40343  	// The date and time on which the virtual MFA device was enabled.
 40344  	EnableDate *time.Time `type:"timestamp"`
 40345  
 40346  	// A QR code PNG image that encodes otpauth://totp/$virtualMFADeviceName@$AccountName?secret=$Base32String
 40347  	// where $virtualMFADeviceName is one of the create call arguments. AccountName
 40348  	// is the user name if set (otherwise, the account ID otherwise), and Base32String
 40349  	// is the seed in base32 format. The Base32String value is base64-encoded.
 40350  	//
 40351  	// QRCodePNG is a sensitive parameter and its value will be
 40352  	// replaced with "sensitive" in string returned by VirtualMFADevice's
 40353  	// String and GoString methods.
 40354  	//
 40355  	// QRCodePNG is automatically base64 encoded/decoded by the SDK.
 40356  	QRCodePNG []byte `type:"blob" sensitive:"true"`
 40357  
 40358  	// The serial number associated with VirtualMFADevice.
 40359  	//
 40360  	// SerialNumber is a required field
 40361  	SerialNumber *string `min:"9" type:"string" required:"true"`
 40362  
 40363  	// A list of tags that are attached to the virtual MFA device. For more information
 40364  	// about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
 40365  	// in the IAM User Guide.
 40366  	Tags []*Tag `type:"list"`
 40367  
 40368  	// The IAM user associated with this virtual MFA device.
 40369  	User *User `type:"structure"`
 40370  }
 40371  
 40372  // String returns the string representation.
 40373  //
 40374  // API parameter values that are decorated as "sensitive" in the API will not
 40375  // be included in the string output. The member name will be present, but the
 40376  // value will be replaced with "sensitive".
 40377  func (s VirtualMFADevice) String() string {
 40378  	return awsutil.Prettify(s)
 40379  }
 40380  
 40381  // GoString returns the string representation.
 40382  //
 40383  // API parameter values that are decorated as "sensitive" in the API will not
 40384  // be included in the string output. The member name will be present, but the
 40385  // value will be replaced with "sensitive".
 40386  func (s VirtualMFADevice) GoString() string {
 40387  	return s.String()
 40388  }
 40389  
 40390  // SetBase32StringSeed sets the Base32StringSeed field's value.
 40391  func (s *VirtualMFADevice) SetBase32StringSeed(v []byte) *VirtualMFADevice {
 40392  	s.Base32StringSeed = v
 40393  	return s
 40394  }
 40395  
 40396  // SetEnableDate sets the EnableDate field's value.
 40397  func (s *VirtualMFADevice) SetEnableDate(v time.Time) *VirtualMFADevice {
 40398  	s.EnableDate = &v
 40399  	return s
 40400  }
 40401  
 40402  // SetQRCodePNG sets the QRCodePNG field's value.
 40403  func (s *VirtualMFADevice) SetQRCodePNG(v []byte) *VirtualMFADevice {
 40404  	s.QRCodePNG = v
 40405  	return s
 40406  }
 40407  
 40408  // SetSerialNumber sets the SerialNumber field's value.
 40409  func (s *VirtualMFADevice) SetSerialNumber(v string) *VirtualMFADevice {
 40410  	s.SerialNumber = &v
 40411  	return s
 40412  }
 40413  
 40414  // SetTags sets the Tags field's value.
 40415  func (s *VirtualMFADevice) SetTags(v []*Tag) *VirtualMFADevice {
 40416  	s.Tags = v
 40417  	return s
 40418  }
 40419  
 40420  // SetUser sets the User field's value.
 40421  func (s *VirtualMFADevice) SetUser(v *User) *VirtualMFADevice {
 40422  	s.User = v
 40423  	return s
 40424  }
 40425  
 40426  const (
 40427  	// AccessAdvisorUsageGranularityTypeServiceLevel is a AccessAdvisorUsageGranularityType enum value
 40428  	AccessAdvisorUsageGranularityTypeServiceLevel = "SERVICE_LEVEL"
 40429  
 40430  	// AccessAdvisorUsageGranularityTypeActionLevel is a AccessAdvisorUsageGranularityType enum value
 40431  	AccessAdvisorUsageGranularityTypeActionLevel = "ACTION_LEVEL"
 40432  )
 40433  
 40434  // AccessAdvisorUsageGranularityType_Values returns all elements of the AccessAdvisorUsageGranularityType enum
 40435  func AccessAdvisorUsageGranularityType_Values() []string {
 40436  	return []string{
 40437  		AccessAdvisorUsageGranularityTypeServiceLevel,
 40438  		AccessAdvisorUsageGranularityTypeActionLevel,
 40439  	}
 40440  }
 40441  
 40442  const (
 40443  	// AssignmentStatusTypeAssigned is a AssignmentStatusType enum value
 40444  	AssignmentStatusTypeAssigned = "Assigned"
 40445  
 40446  	// AssignmentStatusTypeUnassigned is a AssignmentStatusType enum value
 40447  	AssignmentStatusTypeUnassigned = "Unassigned"
 40448  
 40449  	// AssignmentStatusTypeAny is a AssignmentStatusType enum value
 40450  	AssignmentStatusTypeAny = "Any"
 40451  )
 40452  
 40453  // AssignmentStatusType_Values returns all elements of the AssignmentStatusType enum
 40454  func AssignmentStatusType_Values() []string {
 40455  	return []string{
 40456  		AssignmentStatusTypeAssigned,
 40457  		AssignmentStatusTypeUnassigned,
 40458  		AssignmentStatusTypeAny,
 40459  	}
 40460  }
 40461  
 40462  const (
 40463  	// ContextKeyTypeEnumString is a ContextKeyTypeEnum enum value
 40464  	ContextKeyTypeEnumString = "string"
 40465  
 40466  	// ContextKeyTypeEnumStringList is a ContextKeyTypeEnum enum value
 40467  	ContextKeyTypeEnumStringList = "stringList"
 40468  
 40469  	// ContextKeyTypeEnumNumeric is a ContextKeyTypeEnum enum value
 40470  	ContextKeyTypeEnumNumeric = "numeric"
 40471  
 40472  	// ContextKeyTypeEnumNumericList is a ContextKeyTypeEnum enum value
 40473  	ContextKeyTypeEnumNumericList = "numericList"
 40474  
 40475  	// ContextKeyTypeEnumBoolean is a ContextKeyTypeEnum enum value
 40476  	ContextKeyTypeEnumBoolean = "boolean"
 40477  
 40478  	// ContextKeyTypeEnumBooleanList is a ContextKeyTypeEnum enum value
 40479  	ContextKeyTypeEnumBooleanList = "booleanList"
 40480  
 40481  	// ContextKeyTypeEnumIp is a ContextKeyTypeEnum enum value
 40482  	ContextKeyTypeEnumIp = "ip"
 40483  
 40484  	// ContextKeyTypeEnumIpList is a ContextKeyTypeEnum enum value
 40485  	ContextKeyTypeEnumIpList = "ipList"
 40486  
 40487  	// ContextKeyTypeEnumBinary is a ContextKeyTypeEnum enum value
 40488  	ContextKeyTypeEnumBinary = "binary"
 40489  
 40490  	// ContextKeyTypeEnumBinaryList is a ContextKeyTypeEnum enum value
 40491  	ContextKeyTypeEnumBinaryList = "binaryList"
 40492  
 40493  	// ContextKeyTypeEnumDate is a ContextKeyTypeEnum enum value
 40494  	ContextKeyTypeEnumDate = "date"
 40495  
 40496  	// ContextKeyTypeEnumDateList is a ContextKeyTypeEnum enum value
 40497  	ContextKeyTypeEnumDateList = "dateList"
 40498  )
 40499  
 40500  // ContextKeyTypeEnum_Values returns all elements of the ContextKeyTypeEnum enum
 40501  func ContextKeyTypeEnum_Values() []string {
 40502  	return []string{
 40503  		ContextKeyTypeEnumString,
 40504  		ContextKeyTypeEnumStringList,
 40505  		ContextKeyTypeEnumNumeric,
 40506  		ContextKeyTypeEnumNumericList,
 40507  		ContextKeyTypeEnumBoolean,
 40508  		ContextKeyTypeEnumBooleanList,
 40509  		ContextKeyTypeEnumIp,
 40510  		ContextKeyTypeEnumIpList,
 40511  		ContextKeyTypeEnumBinary,
 40512  		ContextKeyTypeEnumBinaryList,
 40513  		ContextKeyTypeEnumDate,
 40514  		ContextKeyTypeEnumDateList,
 40515  	}
 40516  }
 40517  
 40518  const (
 40519  	// DeletionTaskStatusTypeSucceeded is a DeletionTaskStatusType enum value
 40520  	DeletionTaskStatusTypeSucceeded = "SUCCEEDED"
 40521  
 40522  	// DeletionTaskStatusTypeInProgress is a DeletionTaskStatusType enum value
 40523  	DeletionTaskStatusTypeInProgress = "IN_PROGRESS"
 40524  
 40525  	// DeletionTaskStatusTypeFailed is a DeletionTaskStatusType enum value
 40526  	DeletionTaskStatusTypeFailed = "FAILED"
 40527  
 40528  	// DeletionTaskStatusTypeNotStarted is a DeletionTaskStatusType enum value
 40529  	DeletionTaskStatusTypeNotStarted = "NOT_STARTED"
 40530  )
 40531  
 40532  // DeletionTaskStatusType_Values returns all elements of the DeletionTaskStatusType enum
 40533  func DeletionTaskStatusType_Values() []string {
 40534  	return []string{
 40535  		DeletionTaskStatusTypeSucceeded,
 40536  		DeletionTaskStatusTypeInProgress,
 40537  		DeletionTaskStatusTypeFailed,
 40538  		DeletionTaskStatusTypeNotStarted,
 40539  	}
 40540  }
 40541  
 40542  const (
 40543  	// EncodingTypeSsh is a EncodingType enum value
 40544  	EncodingTypeSsh = "SSH"
 40545  
 40546  	// EncodingTypePem is a EncodingType enum value
 40547  	EncodingTypePem = "PEM"
 40548  )
 40549  
 40550  // EncodingType_Values returns all elements of the EncodingType enum
 40551  func EncodingType_Values() []string {
 40552  	return []string{
 40553  		EncodingTypeSsh,
 40554  		EncodingTypePem,
 40555  	}
 40556  }
 40557  
 40558  const (
 40559  	// EntityTypeUser is a EntityType enum value
 40560  	EntityTypeUser = "User"
 40561  
 40562  	// EntityTypeRole is a EntityType enum value
 40563  	EntityTypeRole = "Role"
 40564  
 40565  	// EntityTypeGroup is a EntityType enum value
 40566  	EntityTypeGroup = "Group"
 40567  
 40568  	// EntityTypeLocalManagedPolicy is a EntityType enum value
 40569  	EntityTypeLocalManagedPolicy = "LocalManagedPolicy"
 40570  
 40571  	// EntityTypeAwsmanagedPolicy is a EntityType enum value
 40572  	EntityTypeAwsmanagedPolicy = "AWSManagedPolicy"
 40573  )
 40574  
 40575  // EntityType_Values returns all elements of the EntityType enum
 40576  func EntityType_Values() []string {
 40577  	return []string{
 40578  		EntityTypeUser,
 40579  		EntityTypeRole,
 40580  		EntityTypeGroup,
 40581  		EntityTypeLocalManagedPolicy,
 40582  		EntityTypeAwsmanagedPolicy,
 40583  	}
 40584  }
 40585  
 40586  const (
 40587  	// GlobalEndpointTokenVersionV1token is a GlobalEndpointTokenVersion enum value
 40588  	GlobalEndpointTokenVersionV1token = "v1Token"
 40589  
 40590  	// GlobalEndpointTokenVersionV2token is a GlobalEndpointTokenVersion enum value
 40591  	GlobalEndpointTokenVersionV2token = "v2Token"
 40592  )
 40593  
 40594  // GlobalEndpointTokenVersion_Values returns all elements of the GlobalEndpointTokenVersion enum
 40595  func GlobalEndpointTokenVersion_Values() []string {
 40596  	return []string{
 40597  		GlobalEndpointTokenVersionV1token,
 40598  		GlobalEndpointTokenVersionV2token,
 40599  	}
 40600  }
 40601  
 40602  const (
 40603  	// JobStatusTypeInProgress is a JobStatusType enum value
 40604  	JobStatusTypeInProgress = "IN_PROGRESS"
 40605  
 40606  	// JobStatusTypeCompleted is a JobStatusType enum value
 40607  	JobStatusTypeCompleted = "COMPLETED"
 40608  
 40609  	// JobStatusTypeFailed is a JobStatusType enum value
 40610  	JobStatusTypeFailed = "FAILED"
 40611  )
 40612  
 40613  // JobStatusType_Values returns all elements of the JobStatusType enum
 40614  func JobStatusType_Values() []string {
 40615  	return []string{
 40616  		JobStatusTypeInProgress,
 40617  		JobStatusTypeCompleted,
 40618  		JobStatusTypeFailed,
 40619  	}
 40620  }
 40621  
 40622  const (
 40623  	// PermissionsBoundaryAttachmentTypePermissionsBoundaryPolicy is a PermissionsBoundaryAttachmentType enum value
 40624  	PermissionsBoundaryAttachmentTypePermissionsBoundaryPolicy = "PermissionsBoundaryPolicy"
 40625  )
 40626  
 40627  // PermissionsBoundaryAttachmentType_Values returns all elements of the PermissionsBoundaryAttachmentType enum
 40628  func PermissionsBoundaryAttachmentType_Values() []string {
 40629  	return []string{
 40630  		PermissionsBoundaryAttachmentTypePermissionsBoundaryPolicy,
 40631  	}
 40632  }
 40633  
 40634  const (
 40635  	// PolicyEvaluationDecisionTypeAllowed is a PolicyEvaluationDecisionType enum value
 40636  	PolicyEvaluationDecisionTypeAllowed = "allowed"
 40637  
 40638  	// PolicyEvaluationDecisionTypeExplicitDeny is a PolicyEvaluationDecisionType enum value
 40639  	PolicyEvaluationDecisionTypeExplicitDeny = "explicitDeny"
 40640  
 40641  	// PolicyEvaluationDecisionTypeImplicitDeny is a PolicyEvaluationDecisionType enum value
 40642  	PolicyEvaluationDecisionTypeImplicitDeny = "implicitDeny"
 40643  )
 40644  
 40645  // PolicyEvaluationDecisionType_Values returns all elements of the PolicyEvaluationDecisionType enum
 40646  func PolicyEvaluationDecisionType_Values() []string {
 40647  	return []string{
 40648  		PolicyEvaluationDecisionTypeAllowed,
 40649  		PolicyEvaluationDecisionTypeExplicitDeny,
 40650  		PolicyEvaluationDecisionTypeImplicitDeny,
 40651  	}
 40652  }
 40653  
 40654  const (
 40655  	// PolicyOwnerEntityTypeUser is a PolicyOwnerEntityType enum value
 40656  	PolicyOwnerEntityTypeUser = "USER"
 40657  
 40658  	// PolicyOwnerEntityTypeRole is a PolicyOwnerEntityType enum value
 40659  	PolicyOwnerEntityTypeRole = "ROLE"
 40660  
 40661  	// PolicyOwnerEntityTypeGroup is a PolicyOwnerEntityType enum value
 40662  	PolicyOwnerEntityTypeGroup = "GROUP"
 40663  )
 40664  
 40665  // PolicyOwnerEntityType_Values returns all elements of the PolicyOwnerEntityType enum
 40666  func PolicyOwnerEntityType_Values() []string {
 40667  	return []string{
 40668  		PolicyOwnerEntityTypeUser,
 40669  		PolicyOwnerEntityTypeRole,
 40670  		PolicyOwnerEntityTypeGroup,
 40671  	}
 40672  }
 40673  
 40674  const (
 40675  	// PolicyScopeTypeAll is a PolicyScopeType enum value
 40676  	PolicyScopeTypeAll = "All"
 40677  
 40678  	// PolicyScopeTypeAws is a PolicyScopeType enum value
 40679  	PolicyScopeTypeAws = "AWS"
 40680  
 40681  	// PolicyScopeTypeLocal is a PolicyScopeType enum value
 40682  	PolicyScopeTypeLocal = "Local"
 40683  )
 40684  
 40685  // PolicyScopeType_Values returns all elements of the PolicyScopeType enum
 40686  func PolicyScopeType_Values() []string {
 40687  	return []string{
 40688  		PolicyScopeTypeAll,
 40689  		PolicyScopeTypeAws,
 40690  		PolicyScopeTypeLocal,
 40691  	}
 40692  }
 40693  
 40694  const (
 40695  	// PolicySourceTypeUser is a PolicySourceType enum value
 40696  	PolicySourceTypeUser = "user"
 40697  
 40698  	// PolicySourceTypeGroup is a PolicySourceType enum value
 40699  	PolicySourceTypeGroup = "group"
 40700  
 40701  	// PolicySourceTypeRole is a PolicySourceType enum value
 40702  	PolicySourceTypeRole = "role"
 40703  
 40704  	// PolicySourceTypeAwsManaged is a PolicySourceType enum value
 40705  	PolicySourceTypeAwsManaged = "aws-managed"
 40706  
 40707  	// PolicySourceTypeUserManaged is a PolicySourceType enum value
 40708  	PolicySourceTypeUserManaged = "user-managed"
 40709  
 40710  	// PolicySourceTypeResource is a PolicySourceType enum value
 40711  	PolicySourceTypeResource = "resource"
 40712  
 40713  	// PolicySourceTypeNone is a PolicySourceType enum value
 40714  	PolicySourceTypeNone = "none"
 40715  )
 40716  
 40717  // PolicySourceType_Values returns all elements of the PolicySourceType enum
 40718  func PolicySourceType_Values() []string {
 40719  	return []string{
 40720  		PolicySourceTypeUser,
 40721  		PolicySourceTypeGroup,
 40722  		PolicySourceTypeRole,
 40723  		PolicySourceTypeAwsManaged,
 40724  		PolicySourceTypeUserManaged,
 40725  		PolicySourceTypeResource,
 40726  		PolicySourceTypeNone,
 40727  	}
 40728  }
 40729  
 40730  const (
 40731  	// PolicyTypeInline is a PolicyType enum value
 40732  	PolicyTypeInline = "INLINE"
 40733  
 40734  	// PolicyTypeManaged is a PolicyType enum value
 40735  	PolicyTypeManaged = "MANAGED"
 40736  )
 40737  
 40738  // PolicyType_Values returns all elements of the PolicyType enum
 40739  func PolicyType_Values() []string {
 40740  	return []string{
 40741  		PolicyTypeInline,
 40742  		PolicyTypeManaged,
 40743  	}
 40744  }
 40745  
 40746  // The policy usage type that indicates whether the policy is used as a permissions
 40747  // policy or as the permissions boundary for an entity.
 40748  //
 40749  // For more information about permissions boundaries, see Permissions boundaries
 40750  // for IAM identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html)
 40751  // in the IAM User Guide.
 40752  const (
 40753  	// PolicyUsageTypePermissionsPolicy is a PolicyUsageType enum value
 40754  	PolicyUsageTypePermissionsPolicy = "PermissionsPolicy"
 40755  
 40756  	// PolicyUsageTypePermissionsBoundary is a PolicyUsageType enum value
 40757  	PolicyUsageTypePermissionsBoundary = "PermissionsBoundary"
 40758  )
 40759  
 40760  // PolicyUsageType_Values returns all elements of the PolicyUsageType enum
 40761  func PolicyUsageType_Values() []string {
 40762  	return []string{
 40763  		PolicyUsageTypePermissionsPolicy,
 40764  		PolicyUsageTypePermissionsBoundary,
 40765  	}
 40766  }
 40767  
 40768  const (
 40769  	// ReportFormatTypeTextCsv is a ReportFormatType enum value
 40770  	ReportFormatTypeTextCsv = "text/csv"
 40771  )
 40772  
 40773  // ReportFormatType_Values returns all elements of the ReportFormatType enum
 40774  func ReportFormatType_Values() []string {
 40775  	return []string{
 40776  		ReportFormatTypeTextCsv,
 40777  	}
 40778  }
 40779  
 40780  const (
 40781  	// ReportStateTypeStarted is a ReportStateType enum value
 40782  	ReportStateTypeStarted = "STARTED"
 40783  
 40784  	// ReportStateTypeInprogress is a ReportStateType enum value
 40785  	ReportStateTypeInprogress = "INPROGRESS"
 40786  
 40787  	// ReportStateTypeComplete is a ReportStateType enum value
 40788  	ReportStateTypeComplete = "COMPLETE"
 40789  )
 40790  
 40791  // ReportStateType_Values returns all elements of the ReportStateType enum
 40792  func ReportStateType_Values() []string {
 40793  	return []string{
 40794  		ReportStateTypeStarted,
 40795  		ReportStateTypeInprogress,
 40796  		ReportStateTypeComplete,
 40797  	}
 40798  }
 40799  
 40800  const (
 40801  	// SortKeyTypeServiceNamespaceAscending is a SortKeyType enum value
 40802  	SortKeyTypeServiceNamespaceAscending = "SERVICE_NAMESPACE_ASCENDING"
 40803  
 40804  	// SortKeyTypeServiceNamespaceDescending is a SortKeyType enum value
 40805  	SortKeyTypeServiceNamespaceDescending = "SERVICE_NAMESPACE_DESCENDING"
 40806  
 40807  	// SortKeyTypeLastAuthenticatedTimeAscending is a SortKeyType enum value
 40808  	SortKeyTypeLastAuthenticatedTimeAscending = "LAST_AUTHENTICATED_TIME_ASCENDING"
 40809  
 40810  	// SortKeyTypeLastAuthenticatedTimeDescending is a SortKeyType enum value
 40811  	SortKeyTypeLastAuthenticatedTimeDescending = "LAST_AUTHENTICATED_TIME_DESCENDING"
 40812  )
 40813  
 40814  // SortKeyType_Values returns all elements of the SortKeyType enum
 40815  func SortKeyType_Values() []string {
 40816  	return []string{
 40817  		SortKeyTypeServiceNamespaceAscending,
 40818  		SortKeyTypeServiceNamespaceDescending,
 40819  		SortKeyTypeLastAuthenticatedTimeAscending,
 40820  		SortKeyTypeLastAuthenticatedTimeDescending,
 40821  	}
 40822  }
 40823  
 40824  const (
 40825  	// StatusTypeActive is a StatusType enum value
 40826  	StatusTypeActive = "Active"
 40827  
 40828  	// StatusTypeInactive is a StatusType enum value
 40829  	StatusTypeInactive = "Inactive"
 40830  )
 40831  
 40832  // StatusType_Values returns all elements of the StatusType enum
 40833  func StatusType_Values() []string {
 40834  	return []string{
 40835  		StatusTypeActive,
 40836  		StatusTypeInactive,
 40837  	}
 40838  }
 40839  
 40840  const (
 40841  	// SummaryKeyTypeUsers is a SummaryKeyType enum value
 40842  	SummaryKeyTypeUsers = "Users"
 40843  
 40844  	// SummaryKeyTypeUsersQuota is a SummaryKeyType enum value
 40845  	SummaryKeyTypeUsersQuota = "UsersQuota"
 40846  
 40847  	// SummaryKeyTypeGroups is a SummaryKeyType enum value
 40848  	SummaryKeyTypeGroups = "Groups"
 40849  
 40850  	// SummaryKeyTypeGroupsQuota is a SummaryKeyType enum value
 40851  	SummaryKeyTypeGroupsQuota = "GroupsQuota"
 40852  
 40853  	// SummaryKeyTypeServerCertificates is a SummaryKeyType enum value
 40854  	SummaryKeyTypeServerCertificates = "ServerCertificates"
 40855  
 40856  	// SummaryKeyTypeServerCertificatesQuota is a SummaryKeyType enum value
 40857  	SummaryKeyTypeServerCertificatesQuota = "ServerCertificatesQuota"
 40858  
 40859  	// SummaryKeyTypeUserPolicySizeQuota is a SummaryKeyType enum value
 40860  	SummaryKeyTypeUserPolicySizeQuota = "UserPolicySizeQuota"
 40861  
 40862  	// SummaryKeyTypeGroupPolicySizeQuota is a SummaryKeyType enum value
 40863  	SummaryKeyTypeGroupPolicySizeQuota = "GroupPolicySizeQuota"
 40864  
 40865  	// SummaryKeyTypeGroupsPerUserQuota is a SummaryKeyType enum value
 40866  	SummaryKeyTypeGroupsPerUserQuota = "GroupsPerUserQuota"
 40867  
 40868  	// SummaryKeyTypeSigningCertificatesPerUserQuota is a SummaryKeyType enum value
 40869  	SummaryKeyTypeSigningCertificatesPerUserQuota = "SigningCertificatesPerUserQuota"
 40870  
 40871  	// SummaryKeyTypeAccessKeysPerUserQuota is a SummaryKeyType enum value
 40872  	SummaryKeyTypeAccessKeysPerUserQuota = "AccessKeysPerUserQuota"
 40873  
 40874  	// SummaryKeyTypeMfadevices is a SummaryKeyType enum value
 40875  	SummaryKeyTypeMfadevices = "MFADevices"
 40876  
 40877  	// SummaryKeyTypeMfadevicesInUse is a SummaryKeyType enum value
 40878  	SummaryKeyTypeMfadevicesInUse = "MFADevicesInUse"
 40879  
 40880  	// SummaryKeyTypeAccountMfaenabled is a SummaryKeyType enum value
 40881  	SummaryKeyTypeAccountMfaenabled = "AccountMFAEnabled"
 40882  
 40883  	// SummaryKeyTypeAccountAccessKeysPresent is a SummaryKeyType enum value
 40884  	SummaryKeyTypeAccountAccessKeysPresent = "AccountAccessKeysPresent"
 40885  
 40886  	// SummaryKeyTypeAccountSigningCertificatesPresent is a SummaryKeyType enum value
 40887  	SummaryKeyTypeAccountSigningCertificatesPresent = "AccountSigningCertificatesPresent"
 40888  
 40889  	// SummaryKeyTypeAttachedPoliciesPerGroupQuota is a SummaryKeyType enum value
 40890  	SummaryKeyTypeAttachedPoliciesPerGroupQuota = "AttachedPoliciesPerGroupQuota"
 40891  
 40892  	// SummaryKeyTypeAttachedPoliciesPerRoleQuota is a SummaryKeyType enum value
 40893  	SummaryKeyTypeAttachedPoliciesPerRoleQuota = "AttachedPoliciesPerRoleQuota"
 40894  
 40895  	// SummaryKeyTypeAttachedPoliciesPerUserQuota is a SummaryKeyType enum value
 40896  	SummaryKeyTypeAttachedPoliciesPerUserQuota = "AttachedPoliciesPerUserQuota"
 40897  
 40898  	// SummaryKeyTypePolicies is a SummaryKeyType enum value
 40899  	SummaryKeyTypePolicies = "Policies"
 40900  
 40901  	// SummaryKeyTypePoliciesQuota is a SummaryKeyType enum value
 40902  	SummaryKeyTypePoliciesQuota = "PoliciesQuota"
 40903  
 40904  	// SummaryKeyTypePolicySizeQuota is a SummaryKeyType enum value
 40905  	SummaryKeyTypePolicySizeQuota = "PolicySizeQuota"
 40906  
 40907  	// SummaryKeyTypePolicyVersionsInUse is a SummaryKeyType enum value
 40908  	SummaryKeyTypePolicyVersionsInUse = "PolicyVersionsInUse"
 40909  
 40910  	// SummaryKeyTypePolicyVersionsInUseQuota is a SummaryKeyType enum value
 40911  	SummaryKeyTypePolicyVersionsInUseQuota = "PolicyVersionsInUseQuota"
 40912  
 40913  	// SummaryKeyTypeVersionsPerPolicyQuota is a SummaryKeyType enum value
 40914  	SummaryKeyTypeVersionsPerPolicyQuota = "VersionsPerPolicyQuota"
 40915  
 40916  	// SummaryKeyTypeGlobalEndpointTokenVersion is a SummaryKeyType enum value
 40917  	SummaryKeyTypeGlobalEndpointTokenVersion = "GlobalEndpointTokenVersion"
 40918  )
 40919  
 40920  // SummaryKeyType_Values returns all elements of the SummaryKeyType enum
 40921  func SummaryKeyType_Values() []string {
 40922  	return []string{
 40923  		SummaryKeyTypeUsers,
 40924  		SummaryKeyTypeUsersQuota,
 40925  		SummaryKeyTypeGroups,
 40926  		SummaryKeyTypeGroupsQuota,
 40927  		SummaryKeyTypeServerCertificates,
 40928  		SummaryKeyTypeServerCertificatesQuota,
 40929  		SummaryKeyTypeUserPolicySizeQuota,
 40930  		SummaryKeyTypeGroupPolicySizeQuota,
 40931  		SummaryKeyTypeGroupsPerUserQuota,
 40932  		SummaryKeyTypeSigningCertificatesPerUserQuota,
 40933  		SummaryKeyTypeAccessKeysPerUserQuota,
 40934  		SummaryKeyTypeMfadevices,
 40935  		SummaryKeyTypeMfadevicesInUse,
 40936  		SummaryKeyTypeAccountMfaenabled,
 40937  		SummaryKeyTypeAccountAccessKeysPresent,
 40938  		SummaryKeyTypeAccountSigningCertificatesPresent,
 40939  		SummaryKeyTypeAttachedPoliciesPerGroupQuota,
 40940  		SummaryKeyTypeAttachedPoliciesPerRoleQuota,
 40941  		SummaryKeyTypeAttachedPoliciesPerUserQuota,
 40942  		SummaryKeyTypePolicies,
 40943  		SummaryKeyTypePoliciesQuota,
 40944  		SummaryKeyTypePolicySizeQuota,
 40945  		SummaryKeyTypePolicyVersionsInUse,
 40946  		SummaryKeyTypePolicyVersionsInUseQuota,
 40947  		SummaryKeyTypeVersionsPerPolicyQuota,
 40948  		SummaryKeyTypeGlobalEndpointTokenVersion,
 40949  	}
 40950  }