404 Not Found

info server
Uname: Linux in-mum-web1557.main-hosting.eu 5.14.0-611.42.1.el9_7.x86_64 #1 SMP PREEMPT_DYNAMIC Tue Mar 24 05:30:20 EDT 2026 x86_64
Software: LiteSpeed
PHP version: 8.2.30 [ PHP INFO ] PHP os: Linux
Server Ip: 91.108.106.76
Your Ip: 216.73.216.168
User: u848900432 (848900432) | Group: o51372345 (1051372345)
Safe Mode: OFF
Disable Function:
NONE
upload mass deface mass delete console
name : api.go
// Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT.

package accessanalyzer

import (
	"fmt"
	"time"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awsutil"
	"github.com/aws/aws-sdk-go/aws/request"
	"github.com/aws/aws-sdk-go/private/protocol"
	"github.com/aws/aws-sdk-go/private/protocol/restjson"
)

const opApplyArchiveRule = "ApplyArchiveRule"

// ApplyArchiveRuleRequest generates a "aws/request.Request" representing the
// client's request for the ApplyArchiveRule operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See ApplyArchiveRule for more information on using the ApplyArchiveRule
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the ApplyArchiveRuleRequest method.
//	req, resp := client.ApplyArchiveRuleRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/ApplyArchiveRule
func (c *AccessAnalyzer) ApplyArchiveRuleRequest(input *ApplyArchiveRuleInput) (req *request.Request, output *ApplyArchiveRuleOutput) {
	op := &request.Operation{
		Name:       opApplyArchiveRule,
		HTTPMethod: "PUT",
		HTTPPath:   "/archive-rule",
	}

	if input == nil {
		input = &ApplyArchiveRuleInput{}
	}

	output = &ApplyArchiveRuleOutput{}
	req = c.newRequest(op, input, output)
	req.Handlers.Unmarshal.Swap(restjson.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
	return
}

// ApplyArchiveRule API operation for Access Analyzer.
//
// Retroactively applies the archive rule to existing findings that meet the
// archive rule criteria.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Access Analyzer's
// API operation ApplyArchiveRule for usage and error information.
//
// Returned Error Types:
//
//   - ResourceNotFoundException
//     The specified resource could not be found.
//
//   - ValidationException
//     Validation exception error.
//
//   - InternalServerException
//     Internal server error.
//
//   - ThrottlingException
//     Throttling limit exceeded error.
//
//   - AccessDeniedException
//     You do not have sufficient access to perform this action.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/ApplyArchiveRule
func (c *AccessAnalyzer) ApplyArchiveRule(input *ApplyArchiveRuleInput) (*ApplyArchiveRuleOutput, error) {
	req, out := c.ApplyArchiveRuleRequest(input)
	return out, req.Send()
}

// ApplyArchiveRuleWithContext is the same as ApplyArchiveRule with the addition of
// the ability to pass a context and additional request options.
//
// See ApplyArchiveRule for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *AccessAnalyzer) ApplyArchiveRuleWithContext(ctx aws.Context, input *ApplyArchiveRuleInput, opts ...request.Option) (*ApplyArchiveRuleOutput, error) {
	req, out := c.ApplyArchiveRuleRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opCancelPolicyGeneration = "CancelPolicyGeneration"

// CancelPolicyGenerationRequest generates a "aws/request.Request" representing the
// client's request for the CancelPolicyGeneration operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See CancelPolicyGeneration for more information on using the CancelPolicyGeneration
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the CancelPolicyGenerationRequest method.
//	req, resp := client.CancelPolicyGenerationRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/CancelPolicyGeneration
func (c *AccessAnalyzer) CancelPolicyGenerationRequest(input *CancelPolicyGenerationInput) (req *request.Request, output *CancelPolicyGenerationOutput) {
	op := &request.Operation{
		Name:       opCancelPolicyGeneration,
		HTTPMethod: "PUT",
		HTTPPath:   "/policy/generation/{jobId}",
	}

	if input == nil {
		input = &CancelPolicyGenerationInput{}
	}

	output = &CancelPolicyGenerationOutput{}
	req = c.newRequest(op, input, output)
	req.Handlers.Unmarshal.Swap(restjson.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
	return
}

// CancelPolicyGeneration API operation for Access Analyzer.
//
// Cancels the requested policy generation.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Access Analyzer's
// API operation CancelPolicyGeneration for usage and error information.
//
// Returned Error Types:
//
//   - ValidationException
//     Validation exception error.
//
//   - InternalServerException
//     Internal server error.
//
//   - ThrottlingException
//     Throttling limit exceeded error.
//
//   - AccessDeniedException
//     You do not have sufficient access to perform this action.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/CancelPolicyGeneration
func (c *AccessAnalyzer) CancelPolicyGeneration(input *CancelPolicyGenerationInput) (*CancelPolicyGenerationOutput, error) {
	req, out := c.CancelPolicyGenerationRequest(input)
	return out, req.Send()
}

// CancelPolicyGenerationWithContext is the same as CancelPolicyGeneration with the addition of
// the ability to pass a context and additional request options.
//
// See CancelPolicyGeneration for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *AccessAnalyzer) CancelPolicyGenerationWithContext(ctx aws.Context, input *CancelPolicyGenerationInput, opts ...request.Option) (*CancelPolicyGenerationOutput, error) {
	req, out := c.CancelPolicyGenerationRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opCheckAccessNotGranted = "CheckAccessNotGranted"

// CheckAccessNotGrantedRequest generates a "aws/request.Request" representing the
// client's request for the CheckAccessNotGranted operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See CheckAccessNotGranted for more information on using the CheckAccessNotGranted
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the CheckAccessNotGrantedRequest method.
//	req, resp := client.CheckAccessNotGrantedRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/CheckAccessNotGranted
func (c *AccessAnalyzer) CheckAccessNotGrantedRequest(input *CheckAccessNotGrantedInput) (req *request.Request, output *CheckAccessNotGrantedOutput) {
	op := &request.Operation{
		Name:       opCheckAccessNotGranted,
		HTTPMethod: "POST",
		HTTPPath:   "/policy/check-access-not-granted",
	}

	if input == nil {
		input = &CheckAccessNotGrantedInput{}
	}

	output = &CheckAccessNotGrantedOutput{}
	req = c.newRequest(op, input, output)
	return
}

// CheckAccessNotGranted API operation for Access Analyzer.
//
// Checks whether the specified access isn't allowed by a policy.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Access Analyzer's
// API operation CheckAccessNotGranted for usage and error information.
//
// Returned Error Types:
//
//   - ValidationException
//     Validation exception error.
//
//   - InternalServerException
//     Internal server error.
//
//   - InvalidParameterException
//     The specified parameter is invalid.
//
//   - UnprocessableEntityException
//     The specified entity could not be processed.
//
//   - ThrottlingException
//     Throttling limit exceeded error.
//
//   - AccessDeniedException
//     You do not have sufficient access to perform this action.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/CheckAccessNotGranted
func (c *AccessAnalyzer) CheckAccessNotGranted(input *CheckAccessNotGrantedInput) (*CheckAccessNotGrantedOutput, error) {
	req, out := c.CheckAccessNotGrantedRequest(input)
	return out, req.Send()
}

// CheckAccessNotGrantedWithContext is the same as CheckAccessNotGranted with the addition of
// the ability to pass a context and additional request options.
//
// See CheckAccessNotGranted for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *AccessAnalyzer) CheckAccessNotGrantedWithContext(ctx aws.Context, input *CheckAccessNotGrantedInput, opts ...request.Option) (*CheckAccessNotGrantedOutput, error) {
	req, out := c.CheckAccessNotGrantedRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opCheckNoNewAccess = "CheckNoNewAccess"

// CheckNoNewAccessRequest generates a "aws/request.Request" representing the
// client's request for the CheckNoNewAccess operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See CheckNoNewAccess for more information on using the CheckNoNewAccess
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the CheckNoNewAccessRequest method.
//	req, resp := client.CheckNoNewAccessRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/CheckNoNewAccess
func (c *AccessAnalyzer) CheckNoNewAccessRequest(input *CheckNoNewAccessInput) (req *request.Request, output *CheckNoNewAccessOutput) {
	op := &request.Operation{
		Name:       opCheckNoNewAccess,
		HTTPMethod: "POST",
		HTTPPath:   "/policy/check-no-new-access",
	}

	if input == nil {
		input = &CheckNoNewAccessInput{}
	}

	output = &CheckNoNewAccessOutput{}
	req = c.newRequest(op, input, output)
	return
}

// CheckNoNewAccess API operation for Access Analyzer.
//
// Checks whether new access is allowed for an updated policy when compared
// to the existing policy.
//
// You can find examples for reference policies and learn how to set up and
// run a custom policy check for new access in the IAM Access Analyzer custom
// policy checks samples (https://github.com/aws-samples/iam-access-analyzer-custom-policy-check-samples)
// repository on GitHub. The reference policies in this repository are meant
// to be passed to the existingPolicyDocument request parameter.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Access Analyzer's
// API operation CheckNoNewAccess for usage and error information.
//
// Returned Error Types:
//
//   - ValidationException
//     Validation exception error.
//
//   - InternalServerException
//     Internal server error.
//
//   - InvalidParameterException
//     The specified parameter is invalid.
//
//   - UnprocessableEntityException
//     The specified entity could not be processed.
//
//   - ThrottlingException
//     Throttling limit exceeded error.
//
//   - AccessDeniedException
//     You do not have sufficient access to perform this action.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/CheckNoNewAccess
func (c *AccessAnalyzer) CheckNoNewAccess(input *CheckNoNewAccessInput) (*CheckNoNewAccessOutput, error) {
	req, out := c.CheckNoNewAccessRequest(input)
	return out, req.Send()
}

// CheckNoNewAccessWithContext is the same as CheckNoNewAccess with the addition of
// the ability to pass a context and additional request options.
//
// See CheckNoNewAccess for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *AccessAnalyzer) CheckNoNewAccessWithContext(ctx aws.Context, input *CheckNoNewAccessInput, opts ...request.Option) (*CheckNoNewAccessOutput, error) {
	req, out := c.CheckNoNewAccessRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opCreateAccessPreview = "CreateAccessPreview"

// CreateAccessPreviewRequest generates a "aws/request.Request" representing the
// client's request for the CreateAccessPreview operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See CreateAccessPreview for more information on using the CreateAccessPreview
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the CreateAccessPreviewRequest method.
//	req, resp := client.CreateAccessPreviewRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/CreateAccessPreview
func (c *AccessAnalyzer) CreateAccessPreviewRequest(input *CreateAccessPreviewInput) (req *request.Request, output *CreateAccessPreviewOutput) {
	op := &request.Operation{
		Name:       opCreateAccessPreview,
		HTTPMethod: "PUT",
		HTTPPath:   "/access-preview",
	}

	if input == nil {
		input = &CreateAccessPreviewInput{}
	}

	output = &CreateAccessPreviewOutput{}
	req = c.newRequest(op, input, output)
	return
}

// CreateAccessPreview API operation for Access Analyzer.
//
// Creates an access preview that allows you to preview IAM Access Analyzer
// findings for your resource before deploying resource permissions.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Access Analyzer's
// API operation CreateAccessPreview for usage and error information.
//
// Returned Error Types:
//
//   - ResourceNotFoundException
//     The specified resource could not be found.
//
//   - ConflictException
//     A conflict exception error.
//
//   - ValidationException
//     Validation exception error.
//
//   - InternalServerException
//     Internal server error.
//
//   - ServiceQuotaExceededException
//     Service quote met error.
//
//   - ThrottlingException
//     Throttling limit exceeded error.
//
//   - AccessDeniedException
//     You do not have sufficient access to perform this action.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/CreateAccessPreview
func (c *AccessAnalyzer) CreateAccessPreview(input *CreateAccessPreviewInput) (*CreateAccessPreviewOutput, error) {
	req, out := c.CreateAccessPreviewRequest(input)
	return out, req.Send()
}

// CreateAccessPreviewWithContext is the same as CreateAccessPreview with the addition of
// the ability to pass a context and additional request options.
//
// See CreateAccessPreview for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *AccessAnalyzer) CreateAccessPreviewWithContext(ctx aws.Context, input *CreateAccessPreviewInput, opts ...request.Option) (*CreateAccessPreviewOutput, error) {
	req, out := c.CreateAccessPreviewRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opCreateAnalyzer = "CreateAnalyzer"

// CreateAnalyzerRequest generates a "aws/request.Request" representing the
// client's request for the CreateAnalyzer operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See CreateAnalyzer for more information on using the CreateAnalyzer
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the CreateAnalyzerRequest method.
//	req, resp := client.CreateAnalyzerRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/CreateAnalyzer
func (c *AccessAnalyzer) CreateAnalyzerRequest(input *CreateAnalyzerInput) (req *request.Request, output *CreateAnalyzerOutput) {
	op := &request.Operation{
		Name:       opCreateAnalyzer,
		HTTPMethod: "PUT",
		HTTPPath:   "/analyzer",
	}

	if input == nil {
		input = &CreateAnalyzerInput{}
	}

	output = &CreateAnalyzerOutput{}
	req = c.newRequest(op, input, output)
	return
}

// CreateAnalyzer API operation for Access Analyzer.
//
// Creates an analyzer for your account.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Access Analyzer's
// API operation CreateAnalyzer for usage and error information.
//
// Returned Error Types:
//
//   - ConflictException
//     A conflict exception error.
//
//   - ValidationException
//     Validation exception error.
//
//   - InternalServerException
//     Internal server error.
//
//   - ServiceQuotaExceededException
//     Service quote met error.
//
//   - ThrottlingException
//     Throttling limit exceeded error.
//
//   - AccessDeniedException
//     You do not have sufficient access to perform this action.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/CreateAnalyzer
func (c *AccessAnalyzer) CreateAnalyzer(input *CreateAnalyzerInput) (*CreateAnalyzerOutput, error) {
	req, out := c.CreateAnalyzerRequest(input)
	return out, req.Send()
}

// CreateAnalyzerWithContext is the same as CreateAnalyzer with the addition of
// the ability to pass a context and additional request options.
//
// See CreateAnalyzer for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *AccessAnalyzer) CreateAnalyzerWithContext(ctx aws.Context, input *CreateAnalyzerInput, opts ...request.Option) (*CreateAnalyzerOutput, error) {
	req, out := c.CreateAnalyzerRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opCreateArchiveRule = "CreateArchiveRule"

// CreateArchiveRuleRequest generates a "aws/request.Request" representing the
// client's request for the CreateArchiveRule operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See CreateArchiveRule for more information on using the CreateArchiveRule
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the CreateArchiveRuleRequest method.
//	req, resp := client.CreateArchiveRuleRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/CreateArchiveRule
func (c *AccessAnalyzer) CreateArchiveRuleRequest(input *CreateArchiveRuleInput) (req *request.Request, output *CreateArchiveRuleOutput) {
	op := &request.Operation{
		Name:       opCreateArchiveRule,
		HTTPMethod: "PUT",
		HTTPPath:   "/analyzer/{analyzerName}/archive-rule",
	}

	if input == nil {
		input = &CreateArchiveRuleInput{}
	}

	output = &CreateArchiveRuleOutput{}
	req = c.newRequest(op, input, output)
	req.Handlers.Unmarshal.Swap(restjson.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
	return
}

// CreateArchiveRule API operation for Access Analyzer.
//
// Creates an archive rule for the specified analyzer. Archive rules automatically
// archive new findings that meet the criteria you define when you create the
// rule.
//
// To learn about filter keys that you can use to create an archive rule, see
// IAM Access Analyzer filter keys (https://docs.aws.amazon.com/IAM/latest/UserGuide/access-analyzer-reference-filter-keys.html)
// in the IAM User Guide.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Access Analyzer's
// API operation CreateArchiveRule for usage and error information.
//
// Returned Error Types:
//
//   - ResourceNotFoundException
//     The specified resource could not be found.
//
//   - ConflictException
//     A conflict exception error.
//
//   - ValidationException
//     Validation exception error.
//
//   - InternalServerException
//     Internal server error.
//
//   - ServiceQuotaExceededException
//     Service quote met error.
//
//   - ThrottlingException
//     Throttling limit exceeded error.
//
//   - AccessDeniedException
//     You do not have sufficient access to perform this action.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/CreateArchiveRule
func (c *AccessAnalyzer) CreateArchiveRule(input *CreateArchiveRuleInput) (*CreateArchiveRuleOutput, error) {
	req, out := c.CreateArchiveRuleRequest(input)
	return out, req.Send()
}

// CreateArchiveRuleWithContext is the same as CreateArchiveRule with the addition of
// the ability to pass a context and additional request options.
//
// See CreateArchiveRule for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *AccessAnalyzer) CreateArchiveRuleWithContext(ctx aws.Context, input *CreateArchiveRuleInput, opts ...request.Option) (*CreateArchiveRuleOutput, error) {
	req, out := c.CreateArchiveRuleRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opDeleteAnalyzer = "DeleteAnalyzer"

// DeleteAnalyzerRequest generates a "aws/request.Request" representing the
// client's request for the DeleteAnalyzer operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See DeleteAnalyzer for more information on using the DeleteAnalyzer
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the DeleteAnalyzerRequest method.
//	req, resp := client.DeleteAnalyzerRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/DeleteAnalyzer
func (c *AccessAnalyzer) DeleteAnalyzerRequest(input *DeleteAnalyzerInput) (req *request.Request, output *DeleteAnalyzerOutput) {
	op := &request.Operation{
		Name:       opDeleteAnalyzer,
		HTTPMethod: "DELETE",
		HTTPPath:   "/analyzer/{analyzerName}",
	}

	if input == nil {
		input = &DeleteAnalyzerInput{}
	}

	output = &DeleteAnalyzerOutput{}
	req = c.newRequest(op, input, output)
	req.Handlers.Unmarshal.Swap(restjson.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
	return
}

// DeleteAnalyzer API operation for Access Analyzer.
//
// Deletes the specified analyzer. When you delete an analyzer, IAM Access Analyzer
// is disabled for the account or organization in the current or specific Region.
// All findings that were generated by the analyzer are deleted. You cannot
// undo this action.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Access Analyzer's
// API operation DeleteAnalyzer for usage and error information.
//
// Returned Error Types:
//
//   - ResourceNotFoundException
//     The specified resource could not be found.
//
//   - ValidationException
//     Validation exception error.
//
//   - InternalServerException
//     Internal server error.
//
//   - ThrottlingException
//     Throttling limit exceeded error.
//
//   - AccessDeniedException
//     You do not have sufficient access to perform this action.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/DeleteAnalyzer
func (c *AccessAnalyzer) DeleteAnalyzer(input *DeleteAnalyzerInput) (*DeleteAnalyzerOutput, error) {
	req, out := c.DeleteAnalyzerRequest(input)
	return out, req.Send()
}

// DeleteAnalyzerWithContext is the same as DeleteAnalyzer with the addition of
// the ability to pass a context and additional request options.
//
// See DeleteAnalyzer for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *AccessAnalyzer) DeleteAnalyzerWithContext(ctx aws.Context, input *DeleteAnalyzerInput, opts ...request.Option) (*DeleteAnalyzerOutput, error) {
	req, out := c.DeleteAnalyzerRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opDeleteArchiveRule = "DeleteArchiveRule"

// DeleteArchiveRuleRequest generates a "aws/request.Request" representing the
// client's request for the DeleteArchiveRule operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See DeleteArchiveRule for more information on using the DeleteArchiveRule
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the DeleteArchiveRuleRequest method.
//	req, resp := client.DeleteArchiveRuleRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/DeleteArchiveRule
func (c *AccessAnalyzer) DeleteArchiveRuleRequest(input *DeleteArchiveRuleInput) (req *request.Request, output *DeleteArchiveRuleOutput) {
	op := &request.Operation{
		Name:       opDeleteArchiveRule,
		HTTPMethod: "DELETE",
		HTTPPath:   "/analyzer/{analyzerName}/archive-rule/{ruleName}",
	}

	if input == nil {
		input = &DeleteArchiveRuleInput{}
	}

	output = &DeleteArchiveRuleOutput{}
	req = c.newRequest(op, input, output)
	req.Handlers.Unmarshal.Swap(restjson.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
	return
}

// DeleteArchiveRule API operation for Access Analyzer.
//
// Deletes the specified archive rule.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Access Analyzer's
// API operation DeleteArchiveRule for usage and error information.
//
// Returned Error Types:
//
//   - ResourceNotFoundException
//     The specified resource could not be found.
//
//   - ValidationException
//     Validation exception error.
//
//   - InternalServerException
//     Internal server error.
//
//   - ThrottlingException
//     Throttling limit exceeded error.
//
//   - AccessDeniedException
//     You do not have sufficient access to perform this action.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/DeleteArchiveRule
func (c *AccessAnalyzer) DeleteArchiveRule(input *DeleteArchiveRuleInput) (*DeleteArchiveRuleOutput, error) {
	req, out := c.DeleteArchiveRuleRequest(input)
	return out, req.Send()
}

// DeleteArchiveRuleWithContext is the same as DeleteArchiveRule with the addition of
// the ability to pass a context and additional request options.
//
// See DeleteArchiveRule for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *AccessAnalyzer) DeleteArchiveRuleWithContext(ctx aws.Context, input *DeleteArchiveRuleInput, opts ...request.Option) (*DeleteArchiveRuleOutput, error) {
	req, out := c.DeleteArchiveRuleRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opGetAccessPreview = "GetAccessPreview"

// GetAccessPreviewRequest generates a "aws/request.Request" representing the
// client's request for the GetAccessPreview operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See GetAccessPreview for more information on using the GetAccessPreview
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the GetAccessPreviewRequest method.
//	req, resp := client.GetAccessPreviewRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/GetAccessPreview
func (c *AccessAnalyzer) GetAccessPreviewRequest(input *GetAccessPreviewInput) (req *request.Request, output *GetAccessPreviewOutput) {
	op := &request.Operation{
		Name:       opGetAccessPreview,
		HTTPMethod: "GET",
		HTTPPath:   "/access-preview/{accessPreviewId}",
	}

	if input == nil {
		input = &GetAccessPreviewInput{}
	}

	output = &GetAccessPreviewOutput{}
	req = c.newRequest(op, input, output)
	return
}

// GetAccessPreview API operation for Access Analyzer.
//
// Retrieves information about an access preview for the specified analyzer.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Access Analyzer's
// API operation GetAccessPreview for usage and error information.
//
// Returned Error Types:
//
//   - ResourceNotFoundException
//     The specified resource could not be found.
//
//   - ValidationException
//     Validation exception error.
//
//   - InternalServerException
//     Internal server error.
//
//   - ThrottlingException
//     Throttling limit exceeded error.
//
//   - AccessDeniedException
//     You do not have sufficient access to perform this action.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/GetAccessPreview
func (c *AccessAnalyzer) GetAccessPreview(input *GetAccessPreviewInput) (*GetAccessPreviewOutput, error) {
	req, out := c.GetAccessPreviewRequest(input)
	return out, req.Send()
}

// GetAccessPreviewWithContext is the same as GetAccessPreview with the addition of
// the ability to pass a context and additional request options.
//
// See GetAccessPreview for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *AccessAnalyzer) GetAccessPreviewWithContext(ctx aws.Context, input *GetAccessPreviewInput, opts ...request.Option) (*GetAccessPreviewOutput, error) {
	req, out := c.GetAccessPreviewRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opGetAnalyzedResource = "GetAnalyzedResource"

// GetAnalyzedResourceRequest generates a "aws/request.Request" representing the
// client's request for the GetAnalyzedResource operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See GetAnalyzedResource for more information on using the GetAnalyzedResource
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the GetAnalyzedResourceRequest method.
//	req, resp := client.GetAnalyzedResourceRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/GetAnalyzedResource
func (c *AccessAnalyzer) GetAnalyzedResourceRequest(input *GetAnalyzedResourceInput) (req *request.Request, output *GetAnalyzedResourceOutput) {
	op := &request.Operation{
		Name:       opGetAnalyzedResource,
		HTTPMethod: "GET",
		HTTPPath:   "/analyzed-resource",
	}

	if input == nil {
		input = &GetAnalyzedResourceInput{}
	}

	output = &GetAnalyzedResourceOutput{}
	req = c.newRequest(op, input, output)
	return
}

// GetAnalyzedResource API operation for Access Analyzer.
//
// Retrieves information about a resource that was analyzed.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Access Analyzer's
// API operation GetAnalyzedResource for usage and error information.
//
// Returned Error Types:
//
//   - ResourceNotFoundException
//     The specified resource could not be found.
//
//   - ValidationException
//     Validation exception error.
//
//   - InternalServerException
//     Internal server error.
//
//   - ThrottlingException
//     Throttling limit exceeded error.
//
//   - AccessDeniedException
//     You do not have sufficient access to perform this action.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/GetAnalyzedResource
func (c *AccessAnalyzer) GetAnalyzedResource(input *GetAnalyzedResourceInput) (*GetAnalyzedResourceOutput, error) {
	req, out := c.GetAnalyzedResourceRequest(input)
	return out, req.Send()
}

// GetAnalyzedResourceWithContext is the same as GetAnalyzedResource with the addition of
// the ability to pass a context and additional request options.
//
// See GetAnalyzedResource for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *AccessAnalyzer) GetAnalyzedResourceWithContext(ctx aws.Context, input *GetAnalyzedResourceInput, opts ...request.Option) (*GetAnalyzedResourceOutput, error) {
	req, out := c.GetAnalyzedResourceRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opGetAnalyzer = "GetAnalyzer"

// GetAnalyzerRequest generates a "aws/request.Request" representing the
// client's request for the GetAnalyzer operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See GetAnalyzer for more information on using the GetAnalyzer
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the GetAnalyzerRequest method.
//	req, resp := client.GetAnalyzerRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/GetAnalyzer
func (c *AccessAnalyzer) GetAnalyzerRequest(input *GetAnalyzerInput) (req *request.Request, output *GetAnalyzerOutput) {
	op := &request.Operation{
		Name:       opGetAnalyzer,
		HTTPMethod: "GET",
		HTTPPath:   "/analyzer/{analyzerName}",
	}

	if input == nil {
		input = &GetAnalyzerInput{}
	}

	output = &GetAnalyzerOutput{}
	req = c.newRequest(op, input, output)
	return
}

// GetAnalyzer API operation for Access Analyzer.
//
// Retrieves information about the specified analyzer.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Access Analyzer's
// API operation GetAnalyzer for usage and error information.
//
// Returned Error Types:
//
//   - ResourceNotFoundException
//     The specified resource could not be found.
//
//   - ValidationException
//     Validation exception error.
//
//   - InternalServerException
//     Internal server error.
//
//   - ThrottlingException
//     Throttling limit exceeded error.
//
//   - AccessDeniedException
//     You do not have sufficient access to perform this action.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/GetAnalyzer
func (c *AccessAnalyzer) GetAnalyzer(input *GetAnalyzerInput) (*GetAnalyzerOutput, error) {
	req, out := c.GetAnalyzerRequest(input)
	return out, req.Send()
}

// GetAnalyzerWithContext is the same as GetAnalyzer with the addition of
// the ability to pass a context and additional request options.
//
// See GetAnalyzer for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *AccessAnalyzer) GetAnalyzerWithContext(ctx aws.Context, input *GetAnalyzerInput, opts ...request.Option) (*GetAnalyzerOutput, error) {
	req, out := c.GetAnalyzerRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opGetArchiveRule = "GetArchiveRule"

// GetArchiveRuleRequest generates a "aws/request.Request" representing the
// client's request for the GetArchiveRule operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See GetArchiveRule for more information on using the GetArchiveRule
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the GetArchiveRuleRequest method.
//	req, resp := client.GetArchiveRuleRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/GetArchiveRule
func (c *AccessAnalyzer) GetArchiveRuleRequest(input *GetArchiveRuleInput) (req *request.Request, output *GetArchiveRuleOutput) {
	op := &request.Operation{
		Name:       opGetArchiveRule,
		HTTPMethod: "GET",
		HTTPPath:   "/analyzer/{analyzerName}/archive-rule/{ruleName}",
	}

	if input == nil {
		input = &GetArchiveRuleInput{}
	}

	output = &GetArchiveRuleOutput{}
	req = c.newRequest(op, input, output)
	return
}

// GetArchiveRule API operation for Access Analyzer.
//
// Retrieves information about an archive rule.
//
// To learn about filter keys that you can use to create an archive rule, see
// IAM Access Analyzer filter keys (https://docs.aws.amazon.com/IAM/latest/UserGuide/access-analyzer-reference-filter-keys.html)
// in the IAM User Guide.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Access Analyzer's
// API operation GetArchiveRule for usage and error information.
//
// Returned Error Types:
//
//   - ResourceNotFoundException
//     The specified resource could not be found.
//
//   - ValidationException
//     Validation exception error.
//
//   - InternalServerException
//     Internal server error.
//
//   - ThrottlingException
//     Throttling limit exceeded error.
//
//   - AccessDeniedException
//     You do not have sufficient access to perform this action.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/GetArchiveRule
func (c *AccessAnalyzer) GetArchiveRule(input *GetArchiveRuleInput) (*GetArchiveRuleOutput, error) {
	req, out := c.GetArchiveRuleRequest(input)
	return out, req.Send()
}

// GetArchiveRuleWithContext is the same as GetArchiveRule with the addition of
// the ability to pass a context and additional request options.
//
// See GetArchiveRule for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *AccessAnalyzer) GetArchiveRuleWithContext(ctx aws.Context, input *GetArchiveRuleInput, opts ...request.Option) (*GetArchiveRuleOutput, error) {
	req, out := c.GetArchiveRuleRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opGetFinding = "GetFinding"

// GetFindingRequest generates a "aws/request.Request" representing the
// client's request for the GetFinding operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See GetFinding for more information on using the GetFinding
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the GetFindingRequest method.
//	req, resp := client.GetFindingRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/GetFinding
func (c *AccessAnalyzer) GetFindingRequest(input *GetFindingInput) (req *request.Request, output *GetFindingOutput) {
	op := &request.Operation{
		Name:       opGetFinding,
		HTTPMethod: "GET",
		HTTPPath:   "/finding/{id}",
	}

	if input == nil {
		input = &GetFindingInput{}
	}

	output = &GetFindingOutput{}
	req = c.newRequest(op, input, output)
	return
}

// GetFinding API operation for Access Analyzer.
//
// Retrieves information about the specified finding.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Access Analyzer's
// API operation GetFinding for usage and error information.
//
// Returned Error Types:
//
//   - ResourceNotFoundException
//     The specified resource could not be found.
//
//   - ValidationException
//     Validation exception error.
//
//   - InternalServerException
//     Internal server error.
//
//   - ThrottlingException
//     Throttling limit exceeded error.
//
//   - AccessDeniedException
//     You do not have sufficient access to perform this action.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/GetFinding
func (c *AccessAnalyzer) GetFinding(input *GetFindingInput) (*GetFindingOutput, error) {
	req, out := c.GetFindingRequest(input)
	return out, req.Send()
}

// GetFindingWithContext is the same as GetFinding with the addition of
// the ability to pass a context and additional request options.
//
// See GetFinding for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *AccessAnalyzer) GetFindingWithContext(ctx aws.Context, input *GetFindingInput, opts ...request.Option) (*GetFindingOutput, error) {
	req, out := c.GetFindingRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opGetFindingV2 = "GetFindingV2"

// GetFindingV2Request generates a "aws/request.Request" representing the
// client's request for the GetFindingV2 operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See GetFindingV2 for more information on using the GetFindingV2
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the GetFindingV2Request method.
//	req, resp := client.GetFindingV2Request(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/GetFindingV2
func (c *AccessAnalyzer) GetFindingV2Request(input *GetFindingV2Input) (req *request.Request, output *GetFindingV2Output) {
	op := &request.Operation{
		Name:       opGetFindingV2,
		HTTPMethod: "GET",
		HTTPPath:   "/findingv2/{id}",
		Paginator: &request.Paginator{
			InputTokens:     []string{"nextToken"},
			OutputTokens:    []string{"nextToken"},
			LimitToken:      "maxResults",
			TruncationToken: "",
		},
	}

	if input == nil {
		input = &GetFindingV2Input{}
	}

	output = &GetFindingV2Output{}
	req = c.newRequest(op, input, output)
	return
}

// GetFindingV2 API operation for Access Analyzer.
//
// Retrieves information about the specified finding.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Access Analyzer's
// API operation GetFindingV2 for usage and error information.
//
// Returned Error Types:
//
//   - ResourceNotFoundException
//     The specified resource could not be found.
//
//   - ValidationException
//     Validation exception error.
//
//   - InternalServerException
//     Internal server error.
//
//   - ThrottlingException
//     Throttling limit exceeded error.
//
//   - AccessDeniedException
//     You do not have sufficient access to perform this action.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/GetFindingV2
func (c *AccessAnalyzer) GetFindingV2(input *GetFindingV2Input) (*GetFindingV2Output, error) {
	req, out := c.GetFindingV2Request(input)
	return out, req.Send()
}

// GetFindingV2WithContext is the same as GetFindingV2 with the addition of
// the ability to pass a context and additional request options.
//
// See GetFindingV2 for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *AccessAnalyzer) GetFindingV2WithContext(ctx aws.Context, input *GetFindingV2Input, opts ...request.Option) (*GetFindingV2Output, error) {
	req, out := c.GetFindingV2Request(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

// GetFindingV2Pages iterates over the pages of a GetFindingV2 operation,
// calling the "fn" function with the response data for each page. To stop
// iterating, return false from the fn function.
//
// See GetFindingV2 method for more information on how to use this operation.
//
// Note: This operation can generate multiple requests to a service.
//
//	// Example iterating over at most 3 pages of a GetFindingV2 operation.
//	pageNum := 0
//	err := client.GetFindingV2Pages(params,
//	    func(page *accessanalyzer.GetFindingV2Output, lastPage bool) bool {
//	        pageNum++
//	        fmt.Println(page)
//	        return pageNum <= 3
//	    })
func (c *AccessAnalyzer) GetFindingV2Pages(input *GetFindingV2Input, fn func(*GetFindingV2Output, bool) bool) error {
	return c.GetFindingV2PagesWithContext(aws.BackgroundContext(), input, fn)
}

// GetFindingV2PagesWithContext same as GetFindingV2Pages except
// it takes a Context and allows setting request options on the pages.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *AccessAnalyzer) GetFindingV2PagesWithContext(ctx aws.Context, input *GetFindingV2Input, fn func(*GetFindingV2Output, bool) bool, opts ...request.Option) error {
	p := request.Pagination{
		NewRequest: func() (*request.Request, error) {
			var inCpy *GetFindingV2Input
			if input != nil {
				tmp := *input
				inCpy = &tmp
			}
			req, _ := c.GetFindingV2Request(inCpy)
			req.SetContext(ctx)
			req.ApplyOptions(opts...)
			return req, nil
		},
	}

	for p.Next() {
		if !fn(p.Page().(*GetFindingV2Output), !p.HasNextPage()) {
			break
		}
	}

	return p.Err()
}

const opGetGeneratedPolicy = "GetGeneratedPolicy"

// GetGeneratedPolicyRequest generates a "aws/request.Request" representing the
// client's request for the GetGeneratedPolicy operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See GetGeneratedPolicy for more information on using the GetGeneratedPolicy
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the GetGeneratedPolicyRequest method.
//	req, resp := client.GetGeneratedPolicyRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/GetGeneratedPolicy
func (c *AccessAnalyzer) GetGeneratedPolicyRequest(input *GetGeneratedPolicyInput) (req *request.Request, output *GetGeneratedPolicyOutput) {
	op := &request.Operation{
		Name:       opGetGeneratedPolicy,
		HTTPMethod: "GET",
		HTTPPath:   "/policy/generation/{jobId}",
	}

	if input == nil {
		input = &GetGeneratedPolicyInput{}
	}

	output = &GetGeneratedPolicyOutput{}
	req = c.newRequest(op, input, output)
	return
}

// GetGeneratedPolicy API operation for Access Analyzer.
//
// Retrieves the policy that was generated using StartPolicyGeneration.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Access Analyzer's
// API operation GetGeneratedPolicy for usage and error information.
//
// Returned Error Types:
//
//   - ValidationException
//     Validation exception error.
//
//   - InternalServerException
//     Internal server error.
//
//   - ThrottlingException
//     Throttling limit exceeded error.
//
//   - AccessDeniedException
//     You do not have sufficient access to perform this action.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/GetGeneratedPolicy
func (c *AccessAnalyzer) GetGeneratedPolicy(input *GetGeneratedPolicyInput) (*GetGeneratedPolicyOutput, error) {
	req, out := c.GetGeneratedPolicyRequest(input)
	return out, req.Send()
}

// GetGeneratedPolicyWithContext is the same as GetGeneratedPolicy with the addition of
// the ability to pass a context and additional request options.
//
// See GetGeneratedPolicy for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *AccessAnalyzer) GetGeneratedPolicyWithContext(ctx aws.Context, input *GetGeneratedPolicyInput, opts ...request.Option) (*GetGeneratedPolicyOutput, error) {
	req, out := c.GetGeneratedPolicyRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opListAccessPreviewFindings = "ListAccessPreviewFindings"

// ListAccessPreviewFindingsRequest generates a "aws/request.Request" representing the
// client's request for the ListAccessPreviewFindings operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See ListAccessPreviewFindings for more information on using the ListAccessPreviewFindings
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the ListAccessPreviewFindingsRequest method.
//	req, resp := client.ListAccessPreviewFindingsRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/ListAccessPreviewFindings
func (c *AccessAnalyzer) ListAccessPreviewFindingsRequest(input *ListAccessPreviewFindingsInput) (req *request.Request, output *ListAccessPreviewFindingsOutput) {
	op := &request.Operation{
		Name:       opListAccessPreviewFindings,
		HTTPMethod: "POST",
		HTTPPath:   "/access-preview/{accessPreviewId}",
		Paginator: &request.Paginator{
			InputTokens:     []string{"nextToken"},
			OutputTokens:    []string{"nextToken"},
			LimitToken:      "maxResults",
			TruncationToken: "",
		},
	}

	if input == nil {
		input = &ListAccessPreviewFindingsInput{}
	}

	output = &ListAccessPreviewFindingsOutput{}
	req = c.newRequest(op, input, output)
	return
}

// ListAccessPreviewFindings API operation for Access Analyzer.
//
// Retrieves a list of access preview findings generated by the specified access
// preview.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Access Analyzer's
// API operation ListAccessPreviewFindings for usage and error information.
//
// Returned Error Types:
//
//   - ResourceNotFoundException
//     The specified resource could not be found.
//
//   - ConflictException
//     A conflict exception error.
//
//   - ValidationException
//     Validation exception error.
//
//   - InternalServerException
//     Internal server error.
//
//   - ThrottlingException
//     Throttling limit exceeded error.
//
//   - AccessDeniedException
//     You do not have sufficient access to perform this action.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/ListAccessPreviewFindings
func (c *AccessAnalyzer) ListAccessPreviewFindings(input *ListAccessPreviewFindingsInput) (*ListAccessPreviewFindingsOutput, error) {
	req, out := c.ListAccessPreviewFindingsRequest(input)
	return out, req.Send()
}

// ListAccessPreviewFindingsWithContext is the same as ListAccessPreviewFindings with the addition of
// the ability to pass a context and additional request options.
//
// See ListAccessPreviewFindings for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *AccessAnalyzer) ListAccessPreviewFindingsWithContext(ctx aws.Context, input *ListAccessPreviewFindingsInput, opts ...request.Option) (*ListAccessPreviewFindingsOutput, error) {
	req, out := c.ListAccessPreviewFindingsRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

// ListAccessPreviewFindingsPages iterates over the pages of a ListAccessPreviewFindings operation,
// calling the "fn" function with the response data for each page. To stop
// iterating, return false from the fn function.
//
// See ListAccessPreviewFindings method for more information on how to use this operation.
//
// Note: This operation can generate multiple requests to a service.
//
//	// Example iterating over at most 3 pages of a ListAccessPreviewFindings operation.
//	pageNum := 0
//	err := client.ListAccessPreviewFindingsPages(params,
//	    func(page *accessanalyzer.ListAccessPreviewFindingsOutput, lastPage bool) bool {
//	        pageNum++
//	        fmt.Println(page)
//	        return pageNum <= 3
//	    })
func (c *AccessAnalyzer) ListAccessPreviewFindingsPages(input *ListAccessPreviewFindingsInput, fn func(*ListAccessPreviewFindingsOutput, bool) bool) error {
	return c.ListAccessPreviewFindingsPagesWithContext(aws.BackgroundContext(), input, fn)
}

// ListAccessPreviewFindingsPagesWithContext same as ListAccessPreviewFindingsPages except
// it takes a Context and allows setting request options on the pages.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *AccessAnalyzer) ListAccessPreviewFindingsPagesWithContext(ctx aws.Context, input *ListAccessPreviewFindingsInput, fn func(*ListAccessPreviewFindingsOutput, bool) bool, opts ...request.Option) error {
	p := request.Pagination{
		NewRequest: func() (*request.Request, error) {
			var inCpy *ListAccessPreviewFindingsInput
			if input != nil {
				tmp := *input
				inCpy = &tmp
			}
			req, _ := c.ListAccessPreviewFindingsRequest(inCpy)
			req.SetContext(ctx)
			req.ApplyOptions(opts...)
			return req, nil
		},
	}

	for p.Next() {
		if !fn(p.Page().(*ListAccessPreviewFindingsOutput), !p.HasNextPage()) {
			break
		}
	}

	return p.Err()
}

const opListAccessPreviews = "ListAccessPreviews"

// ListAccessPreviewsRequest generates a "aws/request.Request" representing the
// client's request for the ListAccessPreviews operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See ListAccessPreviews for more information on using the ListAccessPreviews
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the ListAccessPreviewsRequest method.
//	req, resp := client.ListAccessPreviewsRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/ListAccessPreviews
func (c *AccessAnalyzer) ListAccessPreviewsRequest(input *ListAccessPreviewsInput) (req *request.Request, output *ListAccessPreviewsOutput) {
	op := &request.Operation{
		Name:       opListAccessPreviews,
		HTTPMethod: "GET",
		HTTPPath:   "/access-preview",
		Paginator: &request.Paginator{
			InputTokens:     []string{"nextToken"},
			OutputTokens:    []string{"nextToken"},
			LimitToken:      "maxResults",
			TruncationToken: "",
		},
	}

	if input == nil {
		input = &ListAccessPreviewsInput{}
	}

	output = &ListAccessPreviewsOutput{}
	req = c.newRequest(op, input, output)
	return
}

// ListAccessPreviews API operation for Access Analyzer.
//
// Retrieves a list of access previews for the specified analyzer.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Access Analyzer's
// API operation ListAccessPreviews for usage and error information.
//
// Returned Error Types:
//
//   - ResourceNotFoundException
//     The specified resource could not be found.
//
//   - ValidationException
//     Validation exception error.
//
//   - InternalServerException
//     Internal server error.
//
//   - ThrottlingException
//     Throttling limit exceeded error.
//
//   - AccessDeniedException
//     You do not have sufficient access to perform this action.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/ListAccessPreviews
func (c *AccessAnalyzer) ListAccessPreviews(input *ListAccessPreviewsInput) (*ListAccessPreviewsOutput, error) {
	req, out := c.ListAccessPreviewsRequest(input)
	return out, req.Send()
}

// ListAccessPreviewsWithContext is the same as ListAccessPreviews with the addition of
// the ability to pass a context and additional request options.
//
// See ListAccessPreviews for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *AccessAnalyzer) ListAccessPreviewsWithContext(ctx aws.Context, input *ListAccessPreviewsInput, opts ...request.Option) (*ListAccessPreviewsOutput, error) {
	req, out := c.ListAccessPreviewsRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

// ListAccessPreviewsPages iterates over the pages of a ListAccessPreviews operation,
// calling the "fn" function with the response data for each page. To stop
// iterating, return false from the fn function.
//
// See ListAccessPreviews method for more information on how to use this operation.
//
// Note: This operation can generate multiple requests to a service.
//
//	// Example iterating over at most 3 pages of a ListAccessPreviews operation.
//	pageNum := 0
//	err := client.ListAccessPreviewsPages(params,
//	    func(page *accessanalyzer.ListAccessPreviewsOutput, lastPage bool) bool {
//	        pageNum++
//	        fmt.Println(page)
//	        return pageNum <= 3
//	    })
func (c *AccessAnalyzer) ListAccessPreviewsPages(input *ListAccessPreviewsInput, fn func(*ListAccessPreviewsOutput, bool) bool) error {
	return c.ListAccessPreviewsPagesWithContext(aws.BackgroundContext(), input, fn)
}

// ListAccessPreviewsPagesWithContext same as ListAccessPreviewsPages except
// it takes a Context and allows setting request options on the pages.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *AccessAnalyzer) ListAccessPreviewsPagesWithContext(ctx aws.Context, input *ListAccessPreviewsInput, fn func(*ListAccessPreviewsOutput, bool) bool, opts ...request.Option) error {
	p := request.Pagination{
		NewRequest: func() (*request.Request, error) {
			var inCpy *ListAccessPreviewsInput
			if input != nil {
				tmp := *input
				inCpy = &tmp
			}
			req, _ := c.ListAccessPreviewsRequest(inCpy)
			req.SetContext(ctx)
			req.ApplyOptions(opts...)
			return req, nil
		},
	}

	for p.Next() {
		if !fn(p.Page().(*ListAccessPreviewsOutput), !p.HasNextPage()) {
			break
		}
	}

	return p.Err()
}

const opListAnalyzedResources = "ListAnalyzedResources"

// ListAnalyzedResourcesRequest generates a "aws/request.Request" representing the
// client's request for the ListAnalyzedResources operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See ListAnalyzedResources for more information on using the ListAnalyzedResources
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the ListAnalyzedResourcesRequest method.
//	req, resp := client.ListAnalyzedResourcesRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/ListAnalyzedResources
func (c *AccessAnalyzer) ListAnalyzedResourcesRequest(input *ListAnalyzedResourcesInput) (req *request.Request, output *ListAnalyzedResourcesOutput) {
	op := &request.Operation{
		Name:       opListAnalyzedResources,
		HTTPMethod: "POST",
		HTTPPath:   "/analyzed-resource",
		Paginator: &request.Paginator{
			InputTokens:     []string{"nextToken"},
			OutputTokens:    []string{"nextToken"},
			LimitToken:      "maxResults",
			TruncationToken: "",
		},
	}

	if input == nil {
		input = &ListAnalyzedResourcesInput{}
	}

	output = &ListAnalyzedResourcesOutput{}
	req = c.newRequest(op, input, output)
	return
}

// ListAnalyzedResources API operation for Access Analyzer.
//
// Retrieves a list of resources of the specified type that have been analyzed
// by the specified analyzer..
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Access Analyzer's
// API operation ListAnalyzedResources for usage and error information.
//
// Returned Error Types:
//
//   - ResourceNotFoundException
//     The specified resource could not be found.
//
//   - ValidationException
//     Validation exception error.
//
//   - InternalServerException
//     Internal server error.
//
//   - ThrottlingException
//     Throttling limit exceeded error.
//
//   - AccessDeniedException
//     You do not have sufficient access to perform this action.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/ListAnalyzedResources
func (c *AccessAnalyzer) ListAnalyzedResources(input *ListAnalyzedResourcesInput) (*ListAnalyzedResourcesOutput, error) {
	req, out := c.ListAnalyzedResourcesRequest(input)
	return out, req.Send()
}

// ListAnalyzedResourcesWithContext is the same as ListAnalyzedResources with the addition of
// the ability to pass a context and additional request options.
//
// See ListAnalyzedResources for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *AccessAnalyzer) ListAnalyzedResourcesWithContext(ctx aws.Context, input *ListAnalyzedResourcesInput, opts ...request.Option) (*ListAnalyzedResourcesOutput, error) {
	req, out := c.ListAnalyzedResourcesRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

// ListAnalyzedResourcesPages iterates over the pages of a ListAnalyzedResources operation,
// calling the "fn" function with the response data for each page. To stop
// iterating, return false from the fn function.
//
// See ListAnalyzedResources method for more information on how to use this operation.
//
// Note: This operation can generate multiple requests to a service.
//
//	// Example iterating over at most 3 pages of a ListAnalyzedResources operation.
//	pageNum := 0
//	err := client.ListAnalyzedResourcesPages(params,
//	    func(page *accessanalyzer.ListAnalyzedResourcesOutput, lastPage bool) bool {
//	        pageNum++
//	        fmt.Println(page)
//	        return pageNum <= 3
//	    })
func (c *AccessAnalyzer) ListAnalyzedResourcesPages(input *ListAnalyzedResourcesInput, fn func(*ListAnalyzedResourcesOutput, bool) bool) error {
	return c.ListAnalyzedResourcesPagesWithContext(aws.BackgroundContext(), input, fn)
}

// ListAnalyzedResourcesPagesWithContext same as ListAnalyzedResourcesPages except
// it takes a Context and allows setting request options on the pages.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *AccessAnalyzer) ListAnalyzedResourcesPagesWithContext(ctx aws.Context, input *ListAnalyzedResourcesInput, fn func(*ListAnalyzedResourcesOutput, bool) bool, opts ...request.Option) error {
	p := request.Pagination{
		NewRequest: func() (*request.Request, error) {
			var inCpy *ListAnalyzedResourcesInput
			if input != nil {
				tmp := *input
				inCpy = &tmp
			}
			req, _ := c.ListAnalyzedResourcesRequest(inCpy)
			req.SetContext(ctx)
			req.ApplyOptions(opts...)
			return req, nil
		},
	}

	for p.Next() {
		if !fn(p.Page().(*ListAnalyzedResourcesOutput), !p.HasNextPage()) {
			break
		}
	}

	return p.Err()
}

const opListAnalyzers = "ListAnalyzers"

// ListAnalyzersRequest generates a "aws/request.Request" representing the
// client's request for the ListAnalyzers operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See ListAnalyzers for more information on using the ListAnalyzers
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the ListAnalyzersRequest method.
//	req, resp := client.ListAnalyzersRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/ListAnalyzers
func (c *AccessAnalyzer) ListAnalyzersRequest(input *ListAnalyzersInput) (req *request.Request, output *ListAnalyzersOutput) {
	op := &request.Operation{
		Name:       opListAnalyzers,
		HTTPMethod: "GET",
		HTTPPath:   "/analyzer",
		Paginator: &request.Paginator{
			InputTokens:     []string{"nextToken"},
			OutputTokens:    []string{"nextToken"},
			LimitToken:      "maxResults",
			TruncationToken: "",
		},
	}

	if input == nil {
		input = &ListAnalyzersInput{}
	}

	output = &ListAnalyzersOutput{}
	req = c.newRequest(op, input, output)
	return
}

// ListAnalyzers API operation for Access Analyzer.
//
// Retrieves a list of analyzers.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Access Analyzer's
// API operation ListAnalyzers for usage and error information.
//
// Returned Error Types:
//
//   - ValidationException
//     Validation exception error.
//
//   - InternalServerException
//     Internal server error.
//
//   - ThrottlingException
//     Throttling limit exceeded error.
//
//   - AccessDeniedException
//     You do not have sufficient access to perform this action.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/ListAnalyzers
func (c *AccessAnalyzer) ListAnalyzers(input *ListAnalyzersInput) (*ListAnalyzersOutput, error) {
	req, out := c.ListAnalyzersRequest(input)
	return out, req.Send()
}

// ListAnalyzersWithContext is the same as ListAnalyzers with the addition of
// the ability to pass a context and additional request options.
//
// See ListAnalyzers for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *AccessAnalyzer) ListAnalyzersWithContext(ctx aws.Context, input *ListAnalyzersInput, opts ...request.Option) (*ListAnalyzersOutput, error) {
	req, out := c.ListAnalyzersRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

// ListAnalyzersPages iterates over the pages of a ListAnalyzers operation,
// calling the "fn" function with the response data for each page. To stop
// iterating, return false from the fn function.
//
// See ListAnalyzers method for more information on how to use this operation.
//
// Note: This operation can generate multiple requests to a service.
//
//	// Example iterating over at most 3 pages of a ListAnalyzers operation.
//	pageNum := 0
//	err := client.ListAnalyzersPages(params,
//	    func(page *accessanalyzer.ListAnalyzersOutput, lastPage bool) bool {
//	        pageNum++
//	        fmt.Println(page)
//	        return pageNum <= 3
//	    })
func (c *AccessAnalyzer) ListAnalyzersPages(input *ListAnalyzersInput, fn func(*ListAnalyzersOutput, bool) bool) error {
	return c.ListAnalyzersPagesWithContext(aws.BackgroundContext(), input, fn)
}

// ListAnalyzersPagesWithContext same as ListAnalyzersPages except
// it takes a Context and allows setting request options on the pages.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *AccessAnalyzer) ListAnalyzersPagesWithContext(ctx aws.Context, input *ListAnalyzersInput, fn func(*ListAnalyzersOutput, bool) bool, opts ...request.Option) error {
	p := request.Pagination{
		NewRequest: func() (*request.Request, error) {
			var inCpy *ListAnalyzersInput
			if input != nil {
				tmp := *input
				inCpy = &tmp
			}
			req, _ := c.ListAnalyzersRequest(inCpy)
			req.SetContext(ctx)
			req.ApplyOptions(opts...)
			return req, nil
		},
	}

	for p.Next() {
		if !fn(p.Page().(*ListAnalyzersOutput), !p.HasNextPage()) {
			break
		}
	}

	return p.Err()
}

const opListArchiveRules = "ListArchiveRules"

// ListArchiveRulesRequest generates a "aws/request.Request" representing the
// client's request for the ListArchiveRules operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See ListArchiveRules for more information on using the ListArchiveRules
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the ListArchiveRulesRequest method.
//	req, resp := client.ListArchiveRulesRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/ListArchiveRules
func (c *AccessAnalyzer) ListArchiveRulesRequest(input *ListArchiveRulesInput) (req *request.Request, output *ListArchiveRulesOutput) {
	op := &request.Operation{
		Name:       opListArchiveRules,
		HTTPMethod: "GET",
		HTTPPath:   "/analyzer/{analyzerName}/archive-rule",
		Paginator: &request.Paginator{
			InputTokens:     []string{"nextToken"},
			OutputTokens:    []string{"nextToken"},
			LimitToken:      "maxResults",
			TruncationToken: "",
		},
	}

	if input == nil {
		input = &ListArchiveRulesInput{}
	}

	output = &ListArchiveRulesOutput{}
	req = c.newRequest(op, input, output)
	return
}

// ListArchiveRules API operation for Access Analyzer.
//
// Retrieves a list of archive rules created for the specified analyzer.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Access Analyzer's
// API operation ListArchiveRules for usage and error information.
//
// Returned Error Types:
//
//   - ValidationException
//     Validation exception error.
//
//   - InternalServerException
//     Internal server error.
//
//   - ThrottlingException
//     Throttling limit exceeded error.
//
//   - AccessDeniedException
//     You do not have sufficient access to perform this action.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/ListArchiveRules
func (c *AccessAnalyzer) ListArchiveRules(input *ListArchiveRulesInput) (*ListArchiveRulesOutput, error) {
	req, out := c.ListArchiveRulesRequest(input)
	return out, req.Send()
}

// ListArchiveRulesWithContext is the same as ListArchiveRules with the addition of
// the ability to pass a context and additional request options.
//
// See ListArchiveRules for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *AccessAnalyzer) ListArchiveRulesWithContext(ctx aws.Context, input *ListArchiveRulesInput, opts ...request.Option) (*ListArchiveRulesOutput, error) {
	req, out := c.ListArchiveRulesRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

// ListArchiveRulesPages iterates over the pages of a ListArchiveRules operation,
// calling the "fn" function with the response data for each page. To stop
// iterating, return false from the fn function.
//
// See ListArchiveRules method for more information on how to use this operation.
//
// Note: This operation can generate multiple requests to a service.
//
//	// Example iterating over at most 3 pages of a ListArchiveRules operation.
//	pageNum := 0
//	err := client.ListArchiveRulesPages(params,
//	    func(page *accessanalyzer.ListArchiveRulesOutput, lastPage bool) bool {
//	        pageNum++
//	        fmt.Println(page)
//	        return pageNum <= 3
//	    })
func (c *AccessAnalyzer) ListArchiveRulesPages(input *ListArchiveRulesInput, fn func(*ListArchiveRulesOutput, bool) bool) error {
	return c.ListArchiveRulesPagesWithContext(aws.BackgroundContext(), input, fn)
}

// ListArchiveRulesPagesWithContext same as ListArchiveRulesPages except
// it takes a Context and allows setting request options on the pages.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *AccessAnalyzer) ListArchiveRulesPagesWithContext(ctx aws.Context, input *ListArchiveRulesInput, fn func(*ListArchiveRulesOutput, bool) bool, opts ...request.Option) error {
	p := request.Pagination{
		NewRequest: func() (*request.Request, error) {
			var inCpy *ListArchiveRulesInput
			if input != nil {
				tmp := *input
				inCpy = &tmp
			}
			req, _ := c.ListArchiveRulesRequest(inCpy)
			req.SetContext(ctx)
			req.ApplyOptions(opts...)
			return req, nil
		},
	}

	for p.Next() {
		if !fn(p.Page().(*ListArchiveRulesOutput), !p.HasNextPage()) {
			break
		}
	}

	return p.Err()
}

const opListFindings = "ListFindings"

// ListFindingsRequest generates a "aws/request.Request" representing the
// client's request for the ListFindings operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See ListFindings for more information on using the ListFindings
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the ListFindingsRequest method.
//	req, resp := client.ListFindingsRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/ListFindings
func (c *AccessAnalyzer) ListFindingsRequest(input *ListFindingsInput) (req *request.Request, output *ListFindingsOutput) {
	op := &request.Operation{
		Name:       opListFindings,
		HTTPMethod: "POST",
		HTTPPath:   "/finding",
		Paginator: &request.Paginator{
			InputTokens:     []string{"nextToken"},
			OutputTokens:    []string{"nextToken"},
			LimitToken:      "maxResults",
			TruncationToken: "",
		},
	}

	if input == nil {
		input = &ListFindingsInput{}
	}

	output = &ListFindingsOutput{}
	req = c.newRequest(op, input, output)
	return
}

// ListFindings API operation for Access Analyzer.
//
// Retrieves a list of findings generated by the specified analyzer.
//
// To learn about filter keys that you can use to retrieve a list of findings,
// see IAM Access Analyzer filter keys (https://docs.aws.amazon.com/IAM/latest/UserGuide/access-analyzer-reference-filter-keys.html)
// in the IAM User Guide.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Access Analyzer's
// API operation ListFindings for usage and error information.
//
// Returned Error Types:
//
//   - ResourceNotFoundException
//     The specified resource could not be found.
//
//   - ValidationException
//     Validation exception error.
//
//   - InternalServerException
//     Internal server error.
//
//   - ThrottlingException
//     Throttling limit exceeded error.
//
//   - AccessDeniedException
//     You do not have sufficient access to perform this action.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/ListFindings
func (c *AccessAnalyzer) ListFindings(input *ListFindingsInput) (*ListFindingsOutput, error) {
	req, out := c.ListFindingsRequest(input)
	return out, req.Send()
}

// ListFindingsWithContext is the same as ListFindings with the addition of
// the ability to pass a context and additional request options.
//
// See ListFindings for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *AccessAnalyzer) ListFindingsWithContext(ctx aws.Context, input *ListFindingsInput, opts ...request.Option) (*ListFindingsOutput, error) {
	req, out := c.ListFindingsRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

// ListFindingsPages iterates over the pages of a ListFindings operation,
// calling the "fn" function with the response data for each page. To stop
// iterating, return false from the fn function.
//
// See ListFindings method for more information on how to use this operation.
//
// Note: This operation can generate multiple requests to a service.
//
//	// Example iterating over at most 3 pages of a ListFindings operation.
//	pageNum := 0
//	err := client.ListFindingsPages(params,
//	    func(page *accessanalyzer.ListFindingsOutput, lastPage bool) bool {
//	        pageNum++
//	        fmt.Println(page)
//	        return pageNum <= 3
//	    })
func (c *AccessAnalyzer) ListFindingsPages(input *ListFindingsInput, fn func(*ListFindingsOutput, bool) bool) error {
	return c.ListFindingsPagesWithContext(aws.BackgroundContext(), input, fn)
}

// ListFindingsPagesWithContext same as ListFindingsPages except
// it takes a Context and allows setting request options on the pages.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *AccessAnalyzer) ListFindingsPagesWithContext(ctx aws.Context, input *ListFindingsInput, fn func(*ListFindingsOutput, bool) bool, opts ...request.Option) error {
	p := request.Pagination{
		NewRequest: func() (*request.Request, error) {
			var inCpy *ListFindingsInput
			if input != nil {
				tmp := *input
				inCpy = &tmp
			}
			req, _ := c.ListFindingsRequest(inCpy)
			req.SetContext(ctx)
			req.ApplyOptions(opts...)
			return req, nil
		},
	}

	for p.Next() {
		if !fn(p.Page().(*ListFindingsOutput), !p.HasNextPage()) {
			break
		}
	}

	return p.Err()
}

const opListFindingsV2 = "ListFindingsV2"

// ListFindingsV2Request generates a "aws/request.Request" representing the
// client's request for the ListFindingsV2 operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See ListFindingsV2 for more information on using the ListFindingsV2
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the ListFindingsV2Request method.
//	req, resp := client.ListFindingsV2Request(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/ListFindingsV2
func (c *AccessAnalyzer) ListFindingsV2Request(input *ListFindingsV2Input) (req *request.Request, output *ListFindingsV2Output) {
	op := &request.Operation{
		Name:       opListFindingsV2,
		HTTPMethod: "POST",
		HTTPPath:   "/findingv2",
		Paginator: &request.Paginator{
			InputTokens:     []string{"nextToken"},
			OutputTokens:    []string{"nextToken"},
			LimitToken:      "maxResults",
			TruncationToken: "",
		},
	}

	if input == nil {
		input = &ListFindingsV2Input{}
	}

	output = &ListFindingsV2Output{}
	req = c.newRequest(op, input, output)
	return
}

// ListFindingsV2 API operation for Access Analyzer.
//
// Retrieves a list of findings generated by the specified analyzer.
//
// To learn about filter keys that you can use to retrieve a list of findings,
// see IAM Access Analyzer filter keys (https://docs.aws.amazon.com/IAM/latest/UserGuide/access-analyzer-reference-filter-keys.html)
// in the IAM User Guide.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Access Analyzer's
// API operation ListFindingsV2 for usage and error information.
//
// Returned Error Types:
//
//   - ResourceNotFoundException
//     The specified resource could not be found.
//
//   - ValidationException
//     Validation exception error.
//
//   - InternalServerException
//     Internal server error.
//
//   - ThrottlingException
//     Throttling limit exceeded error.
//
//   - AccessDeniedException
//     You do not have sufficient access to perform this action.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/ListFindingsV2
func (c *AccessAnalyzer) ListFindingsV2(input *ListFindingsV2Input) (*ListFindingsV2Output, error) {
	req, out := c.ListFindingsV2Request(input)
	return out, req.Send()
}

// ListFindingsV2WithContext is the same as ListFindingsV2 with the addition of
// the ability to pass a context and additional request options.
//
// See ListFindingsV2 for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *AccessAnalyzer) ListFindingsV2WithContext(ctx aws.Context, input *ListFindingsV2Input, opts ...request.Option) (*ListFindingsV2Output, error) {
	req, out := c.ListFindingsV2Request(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

// ListFindingsV2Pages iterates over the pages of a ListFindingsV2 operation,
// calling the "fn" function with the response data for each page. To stop
// iterating, return false from the fn function.
//
// See ListFindingsV2 method for more information on how to use this operation.
//
// Note: This operation can generate multiple requests to a service.
//
//	// Example iterating over at most 3 pages of a ListFindingsV2 operation.
//	pageNum := 0
//	err := client.ListFindingsV2Pages(params,
//	    func(page *accessanalyzer.ListFindingsV2Output, lastPage bool) bool {
//	        pageNum++
//	        fmt.Println(page)
//	        return pageNum <= 3
//	    })
func (c *AccessAnalyzer) ListFindingsV2Pages(input *ListFindingsV2Input, fn func(*ListFindingsV2Output, bool) bool) error {
	return c.ListFindingsV2PagesWithContext(aws.BackgroundContext(), input, fn)
}

// ListFindingsV2PagesWithContext same as ListFindingsV2Pages except
// it takes a Context and allows setting request options on the pages.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *AccessAnalyzer) ListFindingsV2PagesWithContext(ctx aws.Context, input *ListFindingsV2Input, fn func(*ListFindingsV2Output, bool) bool, opts ...request.Option) error {
	p := request.Pagination{
		NewRequest: func() (*request.Request, error) {
			var inCpy *ListFindingsV2Input
			if input != nil {
				tmp := *input
				inCpy = &tmp
			}
			req, _ := c.ListFindingsV2Request(inCpy)
			req.SetContext(ctx)
			req.ApplyOptions(opts...)
			return req, nil
		},
	}

	for p.Next() {
		if !fn(p.Page().(*ListFindingsV2Output), !p.HasNextPage()) {
			break
		}
	}

	return p.Err()
}

const opListPolicyGenerations = "ListPolicyGenerations"

// ListPolicyGenerationsRequest generates a "aws/request.Request" representing the
// client's request for the ListPolicyGenerations operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See ListPolicyGenerations for more information on using the ListPolicyGenerations
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the ListPolicyGenerationsRequest method.
//	req, resp := client.ListPolicyGenerationsRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/ListPolicyGenerations
func (c *AccessAnalyzer) ListPolicyGenerationsRequest(input *ListPolicyGenerationsInput) (req *request.Request, output *ListPolicyGenerationsOutput) {
	op := &request.Operation{
		Name:       opListPolicyGenerations,
		HTTPMethod: "GET",
		HTTPPath:   "/policy/generation",
		Paginator: &request.Paginator{
			InputTokens:     []string{"nextToken"},
			OutputTokens:    []string{"nextToken"},
			LimitToken:      "maxResults",
			TruncationToken: "",
		},
	}

	if input == nil {
		input = &ListPolicyGenerationsInput{}
	}

	output = &ListPolicyGenerationsOutput{}
	req = c.newRequest(op, input, output)
	return
}

// ListPolicyGenerations API operation for Access Analyzer.
//
// Lists all of the policy generations requested in the last seven days.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Access Analyzer's
// API operation ListPolicyGenerations for usage and error information.
//
// Returned Error Types:
//
//   - ValidationException
//     Validation exception error.
//
//   - InternalServerException
//     Internal server error.
//
//   - ThrottlingException
//     Throttling limit exceeded error.
//
//   - AccessDeniedException
//     You do not have sufficient access to perform this action.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/ListPolicyGenerations
func (c *AccessAnalyzer) ListPolicyGenerations(input *ListPolicyGenerationsInput) (*ListPolicyGenerationsOutput, error) {
	req, out := c.ListPolicyGenerationsRequest(input)
	return out, req.Send()
}

// ListPolicyGenerationsWithContext is the same as ListPolicyGenerations with the addition of
// the ability to pass a context and additional request options.
//
// See ListPolicyGenerations for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *AccessAnalyzer) ListPolicyGenerationsWithContext(ctx aws.Context, input *ListPolicyGenerationsInput, opts ...request.Option) (*ListPolicyGenerationsOutput, error) {
	req, out := c.ListPolicyGenerationsRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

// ListPolicyGenerationsPages iterates over the pages of a ListPolicyGenerations operation,
// calling the "fn" function with the response data for each page. To stop
// iterating, return false from the fn function.
//
// See ListPolicyGenerations method for more information on how to use this operation.
//
// Note: This operation can generate multiple requests to a service.
//
//	// Example iterating over at most 3 pages of a ListPolicyGenerations operation.
//	pageNum := 0
//	err := client.ListPolicyGenerationsPages(params,
//	    func(page *accessanalyzer.ListPolicyGenerationsOutput, lastPage bool) bool {
//	        pageNum++
//	        fmt.Println(page)
//	        return pageNum <= 3
//	    })
func (c *AccessAnalyzer) ListPolicyGenerationsPages(input *ListPolicyGenerationsInput, fn func(*ListPolicyGenerationsOutput, bool) bool) error {
	return c.ListPolicyGenerationsPagesWithContext(aws.BackgroundContext(), input, fn)
}

// ListPolicyGenerationsPagesWithContext same as ListPolicyGenerationsPages except
// it takes a Context and allows setting request options on the pages.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *AccessAnalyzer) ListPolicyGenerationsPagesWithContext(ctx aws.Context, input *ListPolicyGenerationsInput, fn func(*ListPolicyGenerationsOutput, bool) bool, opts ...request.Option) error {
	p := request.Pagination{
		NewRequest: func() (*request.Request, error) {
			var inCpy *ListPolicyGenerationsInput
			if input != nil {
				tmp := *input
				inCpy = &tmp
			}
			req, _ := c.ListPolicyGenerationsRequest(inCpy)
			req.SetContext(ctx)
			req.ApplyOptions(opts...)
			return req, nil
		},
	}

	for p.Next() {
		if !fn(p.Page().(*ListPolicyGenerationsOutput), !p.HasNextPage()) {
			break
		}
	}

	return p.Err()
}

const opListTagsForResource = "ListTagsForResource"

// ListTagsForResourceRequest generates a "aws/request.Request" representing the
// client's request for the ListTagsForResource operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See ListTagsForResource for more information on using the ListTagsForResource
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the ListTagsForResourceRequest method.
//	req, resp := client.ListTagsForResourceRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/ListTagsForResource
func (c *AccessAnalyzer) ListTagsForResourceRequest(input *ListTagsForResourceInput) (req *request.Request, output *ListTagsForResourceOutput) {
	op := &request.Operation{
		Name:       opListTagsForResource,
		HTTPMethod: "GET",
		HTTPPath:   "/tags/{resourceArn}",
	}

	if input == nil {
		input = &ListTagsForResourceInput{}
	}

	output = &ListTagsForResourceOutput{}
	req = c.newRequest(op, input, output)
	return
}

// ListTagsForResource API operation for Access Analyzer.
//
// Retrieves a list of tags applied to the specified resource.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Access Analyzer's
// API operation ListTagsForResource for usage and error information.
//
// Returned Error Types:
//
//   - ResourceNotFoundException
//     The specified resource could not be found.
//
//   - ValidationException
//     Validation exception error.
//
//   - InternalServerException
//     Internal server error.
//
//   - ThrottlingException
//     Throttling limit exceeded error.
//
//   - AccessDeniedException
//     You do not have sufficient access to perform this action.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/ListTagsForResource
func (c *AccessAnalyzer) ListTagsForResource(input *ListTagsForResourceInput) (*ListTagsForResourceOutput, error) {
	req, out := c.ListTagsForResourceRequest(input)
	return out, req.Send()
}

// ListTagsForResourceWithContext is the same as ListTagsForResource with the addition of
// the ability to pass a context and additional request options.
//
// See ListTagsForResource for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *AccessAnalyzer) ListTagsForResourceWithContext(ctx aws.Context, input *ListTagsForResourceInput, opts ...request.Option) (*ListTagsForResourceOutput, error) {
	req, out := c.ListTagsForResourceRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opStartPolicyGeneration = "StartPolicyGeneration"

// StartPolicyGenerationRequest generates a "aws/request.Request" representing the
// client's request for the StartPolicyGeneration operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See StartPolicyGeneration for more information on using the StartPolicyGeneration
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the StartPolicyGenerationRequest method.
//	req, resp := client.StartPolicyGenerationRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/StartPolicyGeneration
func (c *AccessAnalyzer) StartPolicyGenerationRequest(input *StartPolicyGenerationInput) (req *request.Request, output *StartPolicyGenerationOutput) {
	op := &request.Operation{
		Name:       opStartPolicyGeneration,
		HTTPMethod: "PUT",
		HTTPPath:   "/policy/generation",
	}

	if input == nil {
		input = &StartPolicyGenerationInput{}
	}

	output = &StartPolicyGenerationOutput{}
	req = c.newRequest(op, input, output)
	return
}

// StartPolicyGeneration API operation for Access Analyzer.
//
// Starts the policy generation request.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Access Analyzer's
// API operation StartPolicyGeneration for usage and error information.
//
// Returned Error Types:
//
//   - ConflictException
//     A conflict exception error.
//
//   - ValidationException
//     Validation exception error.
//
//   - InternalServerException
//     Internal server error.
//
//   - ServiceQuotaExceededException
//     Service quote met error.
//
//   - ThrottlingException
//     Throttling limit exceeded error.
//
//   - AccessDeniedException
//     You do not have sufficient access to perform this action.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/StartPolicyGeneration
func (c *AccessAnalyzer) StartPolicyGeneration(input *StartPolicyGenerationInput) (*StartPolicyGenerationOutput, error) {
	req, out := c.StartPolicyGenerationRequest(input)
	return out, req.Send()
}

// StartPolicyGenerationWithContext is the same as StartPolicyGeneration with the addition of
// the ability to pass a context and additional request options.
//
// See StartPolicyGeneration for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *AccessAnalyzer) StartPolicyGenerationWithContext(ctx aws.Context, input *StartPolicyGenerationInput, opts ...request.Option) (*StartPolicyGenerationOutput, error) {
	req, out := c.StartPolicyGenerationRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opStartResourceScan = "StartResourceScan"

// StartResourceScanRequest generates a "aws/request.Request" representing the
// client's request for the StartResourceScan operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See StartResourceScan for more information on using the StartResourceScan
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the StartResourceScanRequest method.
//	req, resp := client.StartResourceScanRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/StartResourceScan
func (c *AccessAnalyzer) StartResourceScanRequest(input *StartResourceScanInput) (req *request.Request, output *StartResourceScanOutput) {
	op := &request.Operation{
		Name:       opStartResourceScan,
		HTTPMethod: "POST",
		HTTPPath:   "/resource/scan",
	}

	if input == nil {
		input = &StartResourceScanInput{}
	}

	output = &StartResourceScanOutput{}
	req = c.newRequest(op, input, output)
	req.Handlers.Unmarshal.Swap(restjson.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
	return
}

// StartResourceScan API operation for Access Analyzer.
//
// Immediately starts a scan of the policies applied to the specified resource.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Access Analyzer's
// API operation StartResourceScan for usage and error information.
//
// Returned Error Types:
//
//   - ResourceNotFoundException
//     The specified resource could not be found.
//
//   - ValidationException
//     Validation exception error.
//
//   - InternalServerException
//     Internal server error.
//
//   - ThrottlingException
//     Throttling limit exceeded error.
//
//   - AccessDeniedException
//     You do not have sufficient access to perform this action.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/StartResourceScan
func (c *AccessAnalyzer) StartResourceScan(input *StartResourceScanInput) (*StartResourceScanOutput, error) {
	req, out := c.StartResourceScanRequest(input)
	return out, req.Send()
}

// StartResourceScanWithContext is the same as StartResourceScan with the addition of
// the ability to pass a context and additional request options.
//
// See StartResourceScan for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *AccessAnalyzer) StartResourceScanWithContext(ctx aws.Context, input *StartResourceScanInput, opts ...request.Option) (*StartResourceScanOutput, error) {
	req, out := c.StartResourceScanRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opTagResource = "TagResource"

// TagResourceRequest generates a "aws/request.Request" representing the
// client's request for the TagResource operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See TagResource for more information on using the TagResource
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the TagResourceRequest method.
//	req, resp := client.TagResourceRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/TagResource
func (c *AccessAnalyzer) TagResourceRequest(input *TagResourceInput) (req *request.Request, output *TagResourceOutput) {
	op := &request.Operation{
		Name:       opTagResource,
		HTTPMethod: "POST",
		HTTPPath:   "/tags/{resourceArn}",
	}

	if input == nil {
		input = &TagResourceInput{}
	}

	output = &TagResourceOutput{}
	req = c.newRequest(op, input, output)
	req.Handlers.Unmarshal.Swap(restjson.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
	return
}

// TagResource API operation for Access Analyzer.
//
// Adds a tag to the specified resource.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Access Analyzer's
// API operation TagResource for usage and error information.
//
// Returned Error Types:
//
//   - ResourceNotFoundException
//     The specified resource could not be found.
//
//   - ValidationException
//     Validation exception error.
//
//   - InternalServerException
//     Internal server error.
//
//   - ThrottlingException
//     Throttling limit exceeded error.
//
//   - AccessDeniedException
//     You do not have sufficient access to perform this action.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/TagResource
func (c *AccessAnalyzer) TagResource(input *TagResourceInput) (*TagResourceOutput, error) {
	req, out := c.TagResourceRequest(input)
	return out, req.Send()
}

// TagResourceWithContext is the same as TagResource with the addition of
// the ability to pass a context and additional request options.
//
// See TagResource for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *AccessAnalyzer) TagResourceWithContext(ctx aws.Context, input *TagResourceInput, opts ...request.Option) (*TagResourceOutput, error) {
	req, out := c.TagResourceRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opUntagResource = "UntagResource"

// UntagResourceRequest generates a "aws/request.Request" representing the
// client's request for the UntagResource operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See UntagResource for more information on using the UntagResource
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the UntagResourceRequest method.
//	req, resp := client.UntagResourceRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/UntagResource
func (c *AccessAnalyzer) UntagResourceRequest(input *UntagResourceInput) (req *request.Request, output *UntagResourceOutput) {
	op := &request.Operation{
		Name:       opUntagResource,
		HTTPMethod: "DELETE",
		HTTPPath:   "/tags/{resourceArn}",
	}

	if input == nil {
		input = &UntagResourceInput{}
	}

	output = &UntagResourceOutput{}
	req = c.newRequest(op, input, output)
	req.Handlers.Unmarshal.Swap(restjson.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
	return
}

// UntagResource API operation for Access Analyzer.
//
// Removes a tag from the specified resource.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Access Analyzer's
// API operation UntagResource for usage and error information.
//
// Returned Error Types:
//
//   - ResourceNotFoundException
//     The specified resource could not be found.
//
//   - ValidationException
//     Validation exception error.
//
//   - InternalServerException
//     Internal server error.
//
//   - ThrottlingException
//     Throttling limit exceeded error.
//
//   - AccessDeniedException
//     You do not have sufficient access to perform this action.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/UntagResource
func (c *AccessAnalyzer) UntagResource(input *UntagResourceInput) (*UntagResourceOutput, error) {
	req, out := c.UntagResourceRequest(input)
	return out, req.Send()
}

// UntagResourceWithContext is the same as UntagResource with the addition of
// the ability to pass a context and additional request options.
//
// See UntagResource for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *AccessAnalyzer) UntagResourceWithContext(ctx aws.Context, input *UntagResourceInput, opts ...request.Option) (*UntagResourceOutput, error) {
	req, out := c.UntagResourceRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opUpdateArchiveRule = "UpdateArchiveRule"

// UpdateArchiveRuleRequest generates a "aws/request.Request" representing the
// client's request for the UpdateArchiveRule operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See UpdateArchiveRule for more information on using the UpdateArchiveRule
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the UpdateArchiveRuleRequest method.
//	req, resp := client.UpdateArchiveRuleRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/UpdateArchiveRule
func (c *AccessAnalyzer) UpdateArchiveRuleRequest(input *UpdateArchiveRuleInput) (req *request.Request, output *UpdateArchiveRuleOutput) {
	op := &request.Operation{
		Name:       opUpdateArchiveRule,
		HTTPMethod: "PUT",
		HTTPPath:   "/analyzer/{analyzerName}/archive-rule/{ruleName}",
	}

	if input == nil {
		input = &UpdateArchiveRuleInput{}
	}

	output = &UpdateArchiveRuleOutput{}
	req = c.newRequest(op, input, output)
	req.Handlers.Unmarshal.Swap(restjson.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
	return
}

// UpdateArchiveRule API operation for Access Analyzer.
//
// Updates the criteria and values for the specified archive rule.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Access Analyzer's
// API operation UpdateArchiveRule for usage and error information.
//
// Returned Error Types:
//
//   - ResourceNotFoundException
//     The specified resource could not be found.
//
//   - ValidationException
//     Validation exception error.
//
//   - InternalServerException
//     Internal server error.
//
//   - ThrottlingException
//     Throttling limit exceeded error.
//
//   - AccessDeniedException
//     You do not have sufficient access to perform this action.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/UpdateArchiveRule
func (c *AccessAnalyzer) UpdateArchiveRule(input *UpdateArchiveRuleInput) (*UpdateArchiveRuleOutput, error) {
	req, out := c.UpdateArchiveRuleRequest(input)
	return out, req.Send()
}

// UpdateArchiveRuleWithContext is the same as UpdateArchiveRule with the addition of
// the ability to pass a context and additional request options.
//
// See UpdateArchiveRule for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *AccessAnalyzer) UpdateArchiveRuleWithContext(ctx aws.Context, input *UpdateArchiveRuleInput, opts ...request.Option) (*UpdateArchiveRuleOutput, error) {
	req, out := c.UpdateArchiveRuleRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opUpdateFindings = "UpdateFindings"

// UpdateFindingsRequest generates a "aws/request.Request" representing the
// client's request for the UpdateFindings operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See UpdateFindings for more information on using the UpdateFindings
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the UpdateFindingsRequest method.
//	req, resp := client.UpdateFindingsRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/UpdateFindings
func (c *AccessAnalyzer) UpdateFindingsRequest(input *UpdateFindingsInput) (req *request.Request, output *UpdateFindingsOutput) {
	op := &request.Operation{
		Name:       opUpdateFindings,
		HTTPMethod: "PUT",
		HTTPPath:   "/finding",
	}

	if input == nil {
		input = &UpdateFindingsInput{}
	}

	output = &UpdateFindingsOutput{}
	req = c.newRequest(op, input, output)
	req.Handlers.Unmarshal.Swap(restjson.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
	return
}

// UpdateFindings API operation for Access Analyzer.
//
// Updates the status for the specified findings.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Access Analyzer's
// API operation UpdateFindings for usage and error information.
//
// Returned Error Types:
//
//   - ResourceNotFoundException
//     The specified resource could not be found.
//
//   - ValidationException
//     Validation exception error.
//
//   - InternalServerException
//     Internal server error.
//
//   - ThrottlingException
//     Throttling limit exceeded error.
//
//   - AccessDeniedException
//     You do not have sufficient access to perform this action.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/UpdateFindings
func (c *AccessAnalyzer) UpdateFindings(input *UpdateFindingsInput) (*UpdateFindingsOutput, error) {
	req, out := c.UpdateFindingsRequest(input)
	return out, req.Send()
}

// UpdateFindingsWithContext is the same as UpdateFindings with the addition of
// the ability to pass a context and additional request options.
//
// See UpdateFindings for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *AccessAnalyzer) UpdateFindingsWithContext(ctx aws.Context, input *UpdateFindingsInput, opts ...request.Option) (*UpdateFindingsOutput, error) {
	req, out := c.UpdateFindingsRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opValidatePolicy = "ValidatePolicy"

// ValidatePolicyRequest generates a "aws/request.Request" representing the
// client's request for the ValidatePolicy operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See ValidatePolicy for more information on using the ValidatePolicy
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the ValidatePolicyRequest method.
//	req, resp := client.ValidatePolicyRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/ValidatePolicy
func (c *AccessAnalyzer) ValidatePolicyRequest(input *ValidatePolicyInput) (req *request.Request, output *ValidatePolicyOutput) {
	op := &request.Operation{
		Name:       opValidatePolicy,
		HTTPMethod: "POST",
		HTTPPath:   "/policy/validation",
		Paginator: &request.Paginator{
			InputTokens:     []string{"nextToken"},
			OutputTokens:    []string{"nextToken"},
			LimitToken:      "maxResults",
			TruncationToken: "",
		},
	}

	if input == nil {
		input = &ValidatePolicyInput{}
	}

	output = &ValidatePolicyOutput{}
	req = c.newRequest(op, input, output)
	return
}

// ValidatePolicy API operation for Access Analyzer.
//
// Requests the validation of a policy and returns a list of findings. The findings
// help you identify issues and provide actionable recommendations to resolve
// the issue and enable you to author functional policies that meet security
// best practices.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Access Analyzer's
// API operation ValidatePolicy for usage and error information.
//
// Returned Error Types:
//
//   - ValidationException
//     Validation exception error.
//
//   - InternalServerException
//     Internal server error.
//
//   - ThrottlingException
//     Throttling limit exceeded error.
//
//   - AccessDeniedException
//     You do not have sufficient access to perform this action.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/ValidatePolicy
func (c *AccessAnalyzer) ValidatePolicy(input *ValidatePolicyInput) (*ValidatePolicyOutput, error) {
	req, out := c.ValidatePolicyRequest(input)
	return out, req.Send()
}

// ValidatePolicyWithContext is the same as ValidatePolicy with the addition of
// the ability to pass a context and additional request options.
//
// See ValidatePolicy for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *AccessAnalyzer) ValidatePolicyWithContext(ctx aws.Context, input *ValidatePolicyInput, opts ...request.Option) (*ValidatePolicyOutput, error) {
	req, out := c.ValidatePolicyRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

// ValidatePolicyPages iterates over the pages of a ValidatePolicy operation,
// calling the "fn" function with the response data for each page. To stop
// iterating, return false from the fn function.
//
// See ValidatePolicy method for more information on how to use this operation.
//
// Note: This operation can generate multiple requests to a service.
//
//	// Example iterating over at most 3 pages of a ValidatePolicy operation.
//	pageNum := 0
//	err := client.ValidatePolicyPages(params,
//	    func(page *accessanalyzer.ValidatePolicyOutput, lastPage bool) bool {
//	        pageNum++
//	        fmt.Println(page)
//	        return pageNum <= 3
//	    })
func (c *AccessAnalyzer) ValidatePolicyPages(input *ValidatePolicyInput, fn func(*ValidatePolicyOutput, bool) bool) error {
	return c.ValidatePolicyPagesWithContext(aws.BackgroundContext(), input, fn)
}

// ValidatePolicyPagesWithContext same as ValidatePolicyPages except
// it takes a Context and allows setting request options on the pages.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *AccessAnalyzer) ValidatePolicyPagesWithContext(ctx aws.Context, input *ValidatePolicyInput, fn func(*ValidatePolicyOutput, bool) bool, opts ...request.Option) error {
	p := request.Pagination{
		NewRequest: func() (*request.Request, error) {
			var inCpy *ValidatePolicyInput
			if input != nil {
				tmp := *input
				inCpy = &tmp
			}
			req, _ := c.ValidatePolicyRequest(inCpy)
			req.SetContext(ctx)
			req.ApplyOptions(opts...)
			return req, nil
		},
	}

	for p.Next() {
		if !fn(p.Page().(*ValidatePolicyOutput), !p.HasNextPage()) {
			break
		}
	}

	return p.Err()
}

// Contains information about actions that define permissions to check against
// a policy.
type Access struct {
	_ struct{} `type:"structure"`

	// A list of actions for the access permissions.
	//
	// Actions is a required field
	Actions []*string `locationName:"actions" type:"list" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s Access) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s Access) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *Access) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "Access"}
	if s.Actions == nil {
		invalidParams.Add(request.NewErrParamRequired("Actions"))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetActions sets the Actions field's value.
func (s *Access) SetActions(v []*string) *Access {
	s.Actions = v
	return s
}

// You do not have sufficient access to perform this action.
type AccessDeniedException struct {
	_            struct{}                  `type:"structure"`
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	Message_ *string `locationName:"message" type:"string"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AccessDeniedException) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AccessDeniedException) GoString() string {
	return s.String()
}

func newErrorAccessDeniedException(v protocol.ResponseMetadata) error {
	return &AccessDeniedException{
		RespMetadata: v,
	}
}

// Code returns the exception type name.
func (s *AccessDeniedException) Code() string {
	return "AccessDeniedException"
}

// Message returns the exception's message.
func (s *AccessDeniedException) Message() string {
	if s.Message_ != nil {
		return *s.Message_
	}
	return ""
}

// OrigErr always returns nil, satisfies awserr.Error interface.
func (s *AccessDeniedException) OrigErr() error {
	return nil
}

func (s *AccessDeniedException) Error() string {
	return fmt.Sprintf("%s: %s", s.Code(), s.Message())
}

// Status code returns the HTTP status code for the request's response error.
func (s *AccessDeniedException) StatusCode() int {
	return s.RespMetadata.StatusCode
}

// RequestID returns the service's response RequestID for request.
func (s *AccessDeniedException) RequestID() string {
	return s.RespMetadata.RequestID
}

// Contains information about an access preview.
type AccessPreview struct {
	_ struct{} `type:"structure"`

	// The ARN of the analyzer used to generate the access preview.
	//
	// AnalyzerArn is a required field
	AnalyzerArn *string `locationName:"analyzerArn" type:"string" required:"true"`

	// A map of resource ARNs for the proposed resource configuration.
	//
	// Configurations is a required field
	Configurations map[string]*Configuration `locationName:"configurations" type:"map" required:"true"`

	// The time at which the access preview was created.
	//
	// CreatedAt is a required field
	CreatedAt *time.Time `locationName:"createdAt" type:"timestamp" timestampFormat:"iso8601" required:"true"`

	// The unique ID for the access preview.
	//
	// Id is a required field
	Id *string `locationName:"id" type:"string" required:"true"`

	// The status of the access preview.
	//
	//    * Creating - The access preview creation is in progress.
	//
	//    * Completed - The access preview is complete. You can preview findings
	//    for external access to the resource.
	//
	//    * Failed - The access preview creation has failed.
	//
	// Status is a required field
	Status *string `locationName:"status" type:"string" required:"true" enum:"AccessPreviewStatus"`

	// Provides more details about the current status of the access preview.
	//
	// For example, if the creation of the access preview fails, a Failed status
	// is returned. This failure can be due to an internal issue with the analysis
	// or due to an invalid resource configuration.
	StatusReason *AccessPreviewStatusReason `locationName:"statusReason" type:"structure"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AccessPreview) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AccessPreview) GoString() string {
	return s.String()
}

// SetAnalyzerArn sets the AnalyzerArn field's value.
func (s *AccessPreview) SetAnalyzerArn(v string) *AccessPreview {
	s.AnalyzerArn = &v
	return s
}

// SetConfigurations sets the Configurations field's value.
func (s *AccessPreview) SetConfigurations(v map[string]*Configuration) *AccessPreview {
	s.Configurations = v
	return s
}

// SetCreatedAt sets the CreatedAt field's value.
func (s *AccessPreview) SetCreatedAt(v time.Time) *AccessPreview {
	s.CreatedAt = &v
	return s
}

// SetId sets the Id field's value.
func (s *AccessPreview) SetId(v string) *AccessPreview {
	s.Id = &v
	return s
}

// SetStatus sets the Status field's value.
func (s *AccessPreview) SetStatus(v string) *AccessPreview {
	s.Status = &v
	return s
}

// SetStatusReason sets the StatusReason field's value.
func (s *AccessPreview) SetStatusReason(v *AccessPreviewStatusReason) *AccessPreview {
	s.StatusReason = v
	return s
}

// An access preview finding generated by the access preview.
type AccessPreviewFinding struct {
	_ struct{} `type:"structure"`

	// The action in the analyzed policy statement that an external principal has
	// permission to perform.
	Action []*string `locationName:"action" type:"list"`

	// Provides context on how the access preview finding compares to existing access
	// identified in IAM Access Analyzer.
	//
	//    * New - The finding is for newly-introduced access.
	//
	//    * Unchanged - The preview finding is an existing finding that would remain
	//    unchanged.
	//
	//    * Changed - The preview finding is an existing finding with a change in
	//    status.
	//
	// For example, a Changed finding with preview status Resolved and existing
	// status Active indicates the existing Active finding would become Resolved
	// as a result of the proposed permissions change.
	//
	// ChangeType is a required field
	ChangeType *string `locationName:"changeType" type:"string" required:"true" enum:"FindingChangeType"`

	// The condition in the analyzed policy statement that resulted in a finding.
	Condition map[string]*string `locationName:"condition" type:"map"`

	// The time at which the access preview finding was created.
	//
	// CreatedAt is a required field
	CreatedAt *time.Time `locationName:"createdAt" type:"timestamp" timestampFormat:"iso8601" required:"true"`

	// An error.
	Error *string `locationName:"error" type:"string"`

	// The existing ID of the finding in IAM Access Analyzer, provided only for
	// existing findings.
	ExistingFindingId *string `locationName:"existingFindingId" type:"string"`

	// The existing status of the finding, provided only for existing findings.
	ExistingFindingStatus *string `locationName:"existingFindingStatus" type:"string" enum:"FindingStatus"`

	// The ID of the access preview finding. This ID uniquely identifies the element
	// in the list of access preview findings and is not related to the finding
	// ID in Access Analyzer.
	//
	// Id is a required field
	Id *string `locationName:"id" type:"string" required:"true"`

	// Indicates whether the policy that generated the finding allows public access
	// to the resource.
	IsPublic *bool `locationName:"isPublic" type:"boolean"`

	// The external principal that has access to a resource within the zone of trust.
	Principal map[string]*string `locationName:"principal" type:"map"`

	// The resource that an external principal has access to. This is the resource
	// associated with the access preview.
	Resource *string `locationName:"resource" type:"string"`

	// The Amazon Web Services account ID that owns the resource. For most Amazon
	// Web Services resources, the owning account is the account in which the resource
	// was created.
	//
	// ResourceOwnerAccount is a required field
	ResourceOwnerAccount *string `locationName:"resourceOwnerAccount" type:"string" required:"true"`

	// The type of the resource that can be accessed in the finding.
	//
	// ResourceType is a required field
	ResourceType *string `locationName:"resourceType" type:"string" required:"true" enum:"ResourceType"`

	// The sources of the finding. This indicates how the access that generated
	// the finding is granted. It is populated for Amazon S3 bucket findings.
	Sources []*FindingSource `locationName:"sources" type:"list"`

	// The preview status of the finding. This is what the status of the finding
	// would be after permissions deployment. For example, a Changed finding with
	// preview status Resolved and existing status Active indicates the existing
	// Active finding would become Resolved as a result of the proposed permissions
	// change.
	//
	// Status is a required field
	Status *string `locationName:"status" type:"string" required:"true" enum:"FindingStatus"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AccessPreviewFinding) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AccessPreviewFinding) GoString() string {
	return s.String()
}

// SetAction sets the Action field's value.
func (s *AccessPreviewFinding) SetAction(v []*string) *AccessPreviewFinding {
	s.Action = v
	return s
}

// SetChangeType sets the ChangeType field's value.
func (s *AccessPreviewFinding) SetChangeType(v string) *AccessPreviewFinding {
	s.ChangeType = &v
	return s
}

// SetCondition sets the Condition field's value.
func (s *AccessPreviewFinding) SetCondition(v map[string]*string) *AccessPreviewFinding {
	s.Condition = v
	return s
}

// SetCreatedAt sets the CreatedAt field's value.
func (s *AccessPreviewFinding) SetCreatedAt(v time.Time) *AccessPreviewFinding {
	s.CreatedAt = &v
	return s
}

// SetError sets the Error field's value.
func (s *AccessPreviewFinding) SetError(v string) *AccessPreviewFinding {
	s.Error = &v
	return s
}

// SetExistingFindingId sets the ExistingFindingId field's value.
func (s *AccessPreviewFinding) SetExistingFindingId(v string) *AccessPreviewFinding {
	s.ExistingFindingId = &v
	return s
}

// SetExistingFindingStatus sets the ExistingFindingStatus field's value.
func (s *AccessPreviewFinding) SetExistingFindingStatus(v string) *AccessPreviewFinding {
	s.ExistingFindingStatus = &v
	return s
}

// SetId sets the Id field's value.
func (s *AccessPreviewFinding) SetId(v string) *AccessPreviewFinding {
	s.Id = &v
	return s
}

// SetIsPublic sets the IsPublic field's value.
func (s *AccessPreviewFinding) SetIsPublic(v bool) *AccessPreviewFinding {
	s.IsPublic = &v
	return s
}

// SetPrincipal sets the Principal field's value.
func (s *AccessPreviewFinding) SetPrincipal(v map[string]*string) *AccessPreviewFinding {
	s.Principal = v
	return s
}

// SetResource sets the Resource field's value.
func (s *AccessPreviewFinding) SetResource(v string) *AccessPreviewFinding {
	s.Resource = &v
	return s
}

// SetResourceOwnerAccount sets the ResourceOwnerAccount field's value.
func (s *AccessPreviewFinding) SetResourceOwnerAccount(v string) *AccessPreviewFinding {
	s.ResourceOwnerAccount = &v
	return s
}

// SetResourceType sets the ResourceType field's value.
func (s *AccessPreviewFinding) SetResourceType(v string) *AccessPreviewFinding {
	s.ResourceType = &v
	return s
}

// SetSources sets the Sources field's value.
func (s *AccessPreviewFinding) SetSources(v []*FindingSource) *AccessPreviewFinding {
	s.Sources = v
	return s
}

// SetStatus sets the Status field's value.
func (s *AccessPreviewFinding) SetStatus(v string) *AccessPreviewFinding {
	s.Status = &v
	return s
}

// Provides more details about the current status of the access preview. For
// example, if the creation of the access preview fails, a Failed status is
// returned. This failure can be due to an internal issue with the analysis
// or due to an invalid proposed resource configuration.
type AccessPreviewStatusReason struct {
	_ struct{} `type:"structure"`

	// The reason code for the current status of the access preview.
	//
	// Code is a required field
	Code *string `locationName:"code" type:"string" required:"true" enum:"AccessPreviewStatusReasonCode"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AccessPreviewStatusReason) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AccessPreviewStatusReason) GoString() string {
	return s.String()
}

// SetCode sets the Code field's value.
func (s *AccessPreviewStatusReason) SetCode(v string) *AccessPreviewStatusReason {
	s.Code = &v
	return s
}

// Contains a summary of information about an access preview.
type AccessPreviewSummary struct {
	_ struct{} `type:"structure"`

	// The ARN of the analyzer used to generate the access preview.
	//
	// AnalyzerArn is a required field
	AnalyzerArn *string `locationName:"analyzerArn" type:"string" required:"true"`

	// The time at which the access preview was created.
	//
	// CreatedAt is a required field
	CreatedAt *time.Time `locationName:"createdAt" type:"timestamp" timestampFormat:"iso8601" required:"true"`

	// The unique ID for the access preview.
	//
	// Id is a required field
	Id *string `locationName:"id" type:"string" required:"true"`

	// The status of the access preview.
	//
	//    * Creating - The access preview creation is in progress.
	//
	//    * Completed - The access preview is complete and previews the findings
	//    for external access to the resource.
	//
	//    * Failed - The access preview creation has failed.
	//
	// Status is a required field
	Status *string `locationName:"status" type:"string" required:"true" enum:"AccessPreviewStatus"`

	// Provides more details about the current status of the access preview. For
	// example, if the creation of the access preview fails, a Failed status is
	// returned. This failure can be due to an internal issue with the analysis
	// or due to an invalid proposed resource configuration.
	StatusReason *AccessPreviewStatusReason `locationName:"statusReason" type:"structure"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AccessPreviewSummary) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AccessPreviewSummary) GoString() string {
	return s.String()
}

// SetAnalyzerArn sets the AnalyzerArn field's value.
func (s *AccessPreviewSummary) SetAnalyzerArn(v string) *AccessPreviewSummary {
	s.AnalyzerArn = &v
	return s
}

// SetCreatedAt sets the CreatedAt field's value.
func (s *AccessPreviewSummary) SetCreatedAt(v time.Time) *AccessPreviewSummary {
	s.CreatedAt = &v
	return s
}

// SetId sets the Id field's value.
func (s *AccessPreviewSummary) SetId(v string) *AccessPreviewSummary {
	s.Id = &v
	return s
}

// SetStatus sets the Status field's value.
func (s *AccessPreviewSummary) SetStatus(v string) *AccessPreviewSummary {
	s.Status = &v
	return s
}

// SetStatusReason sets the StatusReason field's value.
func (s *AccessPreviewSummary) SetStatusReason(v *AccessPreviewStatusReason) *AccessPreviewSummary {
	s.StatusReason = v
	return s
}

// You specify each grantee as a type-value pair using one of these types. You
// can specify only one type of grantee. For more information, see PutBucketAcl
// (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketAcl.html).
type AclGrantee struct {
	_ struct{} `type:"structure"`

	// The value specified is the canonical user ID of an Amazon Web Services account.
	Id *string `locationName:"id" type:"string"`

	// Used for granting permissions to a predefined group.
	Uri *string `locationName:"uri" type:"string"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AclGrantee) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AclGrantee) GoString() string {
	return s.String()
}

// SetId sets the Id field's value.
func (s *AclGrantee) SetId(v string) *AclGrantee {
	s.Id = &v
	return s
}

// SetUri sets the Uri field's value.
func (s *AclGrantee) SetUri(v string) *AclGrantee {
	s.Uri = &v
	return s
}

// Contains details about the analyzed resource.
type AnalyzedResource struct {
	_ struct{} `type:"structure"`

	// The actions that an external principal is granted permission to use by the
	// policy that generated the finding.
	Actions []*string `locationName:"actions" type:"list"`

	// The time at which the resource was analyzed.
	//
	// AnalyzedAt is a required field
	AnalyzedAt *time.Time `locationName:"analyzedAt" type:"timestamp" timestampFormat:"iso8601" required:"true"`

	// The time at which the finding was created.
	//
	// CreatedAt is a required field
	CreatedAt *time.Time `locationName:"createdAt" type:"timestamp" timestampFormat:"iso8601" required:"true"`

	// An error message.
	Error *string `locationName:"error" type:"string"`

	// Indicates whether the policy that generated the finding grants public access
	// to the resource.
	//
	// IsPublic is a required field
	IsPublic *bool `locationName:"isPublic" type:"boolean" required:"true"`

	// The ARN of the resource that was analyzed.
	//
	// ResourceArn is a required field
	ResourceArn *string `locationName:"resourceArn" type:"string" required:"true"`

	// The Amazon Web Services account ID that owns the resource.
	//
	// ResourceOwnerAccount is a required field
	ResourceOwnerAccount *string `locationName:"resourceOwnerAccount" type:"string" required:"true"`

	// The type of the resource that was analyzed.
	//
	// ResourceType is a required field
	ResourceType *string `locationName:"resourceType" type:"string" required:"true" enum:"ResourceType"`

	// Indicates how the access that generated the finding is granted. This is populated
	// for Amazon S3 bucket findings.
	SharedVia []*string `locationName:"sharedVia" type:"list"`

	// The current status of the finding generated from the analyzed resource.
	Status *string `locationName:"status" type:"string" enum:"FindingStatus"`

	// The time at which the finding was updated.
	//
	// UpdatedAt is a required field
	UpdatedAt *time.Time `locationName:"updatedAt" type:"timestamp" timestampFormat:"iso8601" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AnalyzedResource) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AnalyzedResource) GoString() string {
	return s.String()
}

// SetActions sets the Actions field's value.
func (s *AnalyzedResource) SetActions(v []*string) *AnalyzedResource {
	s.Actions = v
	return s
}

// SetAnalyzedAt sets the AnalyzedAt field's value.
func (s *AnalyzedResource) SetAnalyzedAt(v time.Time) *AnalyzedResource {
	s.AnalyzedAt = &v
	return s
}

// SetCreatedAt sets the CreatedAt field's value.
func (s *AnalyzedResource) SetCreatedAt(v time.Time) *AnalyzedResource {
	s.CreatedAt = &v
	return s
}

// SetError sets the Error field's value.
func (s *AnalyzedResource) SetError(v string) *AnalyzedResource {
	s.Error = &v
	return s
}

// SetIsPublic sets the IsPublic field's value.
func (s *AnalyzedResource) SetIsPublic(v bool) *AnalyzedResource {
	s.IsPublic = &v
	return s
}

// SetResourceArn sets the ResourceArn field's value.
func (s *AnalyzedResource) SetResourceArn(v string) *AnalyzedResource {
	s.ResourceArn = &v
	return s
}

// SetResourceOwnerAccount sets the ResourceOwnerAccount field's value.
func (s *AnalyzedResource) SetResourceOwnerAccount(v string) *AnalyzedResource {
	s.ResourceOwnerAccount = &v
	return s
}

// SetResourceType sets the ResourceType field's value.
func (s *AnalyzedResource) SetResourceType(v string) *AnalyzedResource {
	s.ResourceType = &v
	return s
}

// SetSharedVia sets the SharedVia field's value.
func (s *AnalyzedResource) SetSharedVia(v []*string) *AnalyzedResource {
	s.SharedVia = v
	return s
}

// SetStatus sets the Status field's value.
func (s *AnalyzedResource) SetStatus(v string) *AnalyzedResource {
	s.Status = &v
	return s
}

// SetUpdatedAt sets the UpdatedAt field's value.
func (s *AnalyzedResource) SetUpdatedAt(v time.Time) *AnalyzedResource {
	s.UpdatedAt = &v
	return s
}

// Contains the ARN of the analyzed resource.
type AnalyzedResourceSummary struct {
	_ struct{} `type:"structure"`

	// The ARN of the analyzed resource.
	//
	// ResourceArn is a required field
	ResourceArn *string `locationName:"resourceArn" type:"string" required:"true"`

	// The Amazon Web Services account ID that owns the resource.
	//
	// ResourceOwnerAccount is a required field
	ResourceOwnerAccount *string `locationName:"resourceOwnerAccount" type:"string" required:"true"`

	// The type of resource that was analyzed.
	//
	// ResourceType is a required field
	ResourceType *string `locationName:"resourceType" type:"string" required:"true" enum:"ResourceType"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AnalyzedResourceSummary) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AnalyzedResourceSummary) GoString() string {
	return s.String()
}

// SetResourceArn sets the ResourceArn field's value.
func (s *AnalyzedResourceSummary) SetResourceArn(v string) *AnalyzedResourceSummary {
	s.ResourceArn = &v
	return s
}

// SetResourceOwnerAccount sets the ResourceOwnerAccount field's value.
func (s *AnalyzedResourceSummary) SetResourceOwnerAccount(v string) *AnalyzedResourceSummary {
	s.ResourceOwnerAccount = &v
	return s
}

// SetResourceType sets the ResourceType field's value.
func (s *AnalyzedResourceSummary) SetResourceType(v string) *AnalyzedResourceSummary {
	s.ResourceType = &v
	return s
}

// Contains information about the configuration of an unused access analyzer
// for an Amazon Web Services organization or account.
type AnalyzerConfiguration struct {
	_ struct{} `type:"structure"`

	// Specifies the configuration of an unused access analyzer for an Amazon Web
	// Services organization or account. External access analyzers do not support
	// any configuration.
	UnusedAccess *UnusedAccessConfiguration `locationName:"unusedAccess" type:"structure"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AnalyzerConfiguration) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AnalyzerConfiguration) GoString() string {
	return s.String()
}

// SetUnusedAccess sets the UnusedAccess field's value.
func (s *AnalyzerConfiguration) SetUnusedAccess(v *UnusedAccessConfiguration) *AnalyzerConfiguration {
	s.UnusedAccess = v
	return s
}

// Contains information about the analyzer.
type AnalyzerSummary struct {
	_ struct{} `type:"structure"`

	// The ARN of the analyzer.
	//
	// Arn is a required field
	Arn *string `locationName:"arn" type:"string" required:"true"`

	// Specifies whether the analyzer is an external access or unused access analyzer.
	Configuration *AnalyzerConfiguration `locationName:"configuration" type:"structure"`

	// A timestamp for the time at which the analyzer was created.
	//
	// CreatedAt is a required field
	CreatedAt *time.Time `locationName:"createdAt" type:"timestamp" timestampFormat:"iso8601" required:"true"`

	// The resource that was most recently analyzed by the analyzer.
	LastResourceAnalyzed *string `locationName:"lastResourceAnalyzed" type:"string"`

	// The time at which the most recently analyzed resource was analyzed.
	LastResourceAnalyzedAt *time.Time `locationName:"lastResourceAnalyzedAt" type:"timestamp" timestampFormat:"iso8601"`

	// The name of the analyzer.
	//
	// Name is a required field
	Name *string `locationName:"name" min:"1" type:"string" required:"true"`

	// The status of the analyzer. An Active analyzer successfully monitors supported
	// resources and generates new findings. The analyzer is Disabled when a user
	// action, such as removing trusted access for Identity and Access Management
	// Access Analyzer from Organizations, causes the analyzer to stop generating
	// new findings. The status is Creating when the analyzer creation is in progress
	// and Failed when the analyzer creation has failed.
	//
	// Status is a required field
	Status *string `locationName:"status" type:"string" required:"true" enum:"AnalyzerStatus"`

	// The statusReason provides more details about the current status of the analyzer.
	// For example, if the creation for the analyzer fails, a Failed status is returned.
	// For an analyzer with organization as the type, this failure can be due to
	// an issue with creating the service-linked roles required in the member accounts
	// of the Amazon Web Services organization.
	StatusReason *StatusReason `locationName:"statusReason" type:"structure"`

	// The tags added to the analyzer.
	Tags map[string]*string `locationName:"tags" type:"map"`

	// The type of analyzer, which corresponds to the zone of trust chosen for the
	// analyzer.
	//
	// Type is a required field
	Type *string `locationName:"type" type:"string" required:"true" enum:"Type"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AnalyzerSummary) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AnalyzerSummary) GoString() string {
	return s.String()
}

// SetArn sets the Arn field's value.
func (s *AnalyzerSummary) SetArn(v string) *AnalyzerSummary {
	s.Arn = &v
	return s
}

// SetConfiguration sets the Configuration field's value.
func (s *AnalyzerSummary) SetConfiguration(v *AnalyzerConfiguration) *AnalyzerSummary {
	s.Configuration = v
	return s
}

// SetCreatedAt sets the CreatedAt field's value.
func (s *AnalyzerSummary) SetCreatedAt(v time.Time) *AnalyzerSummary {
	s.CreatedAt = &v
	return s
}

// SetLastResourceAnalyzed sets the LastResourceAnalyzed field's value.
func (s *AnalyzerSummary) SetLastResourceAnalyzed(v string) *AnalyzerSummary {
	s.LastResourceAnalyzed = &v
	return s
}

// SetLastResourceAnalyzedAt sets the LastResourceAnalyzedAt field's value.
func (s *AnalyzerSummary) SetLastResourceAnalyzedAt(v time.Time) *AnalyzerSummary {
	s.LastResourceAnalyzedAt = &v
	return s
}

// SetName sets the Name field's value.
func (s *AnalyzerSummary) SetName(v string) *AnalyzerSummary {
	s.Name = &v
	return s
}

// SetStatus sets the Status field's value.
func (s *AnalyzerSummary) SetStatus(v string) *AnalyzerSummary {
	s.Status = &v
	return s
}

// SetStatusReason sets the StatusReason field's value.
func (s *AnalyzerSummary) SetStatusReason(v *StatusReason) *AnalyzerSummary {
	s.StatusReason = v
	return s
}

// SetTags sets the Tags field's value.
func (s *AnalyzerSummary) SetTags(v map[string]*string) *AnalyzerSummary {
	s.Tags = v
	return s
}

// SetType sets the Type field's value.
func (s *AnalyzerSummary) SetType(v string) *AnalyzerSummary {
	s.Type = &v
	return s
}

// Retroactively applies an archive rule.
type ApplyArchiveRuleInput struct {
	_ struct{} `type:"structure"`

	// The Amazon resource name (ARN) of the analyzer.
	//
	// AnalyzerArn is a required field
	AnalyzerArn *string `locationName:"analyzerArn" type:"string" required:"true"`

	// A client token.
	ClientToken *string `locationName:"clientToken" type:"string" idempotencyToken:"true"`

	// The name of the rule to apply.
	//
	// RuleName is a required field
	RuleName *string `locationName:"ruleName" min:"1" type:"string" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ApplyArchiveRuleInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ApplyArchiveRuleInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *ApplyArchiveRuleInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "ApplyArchiveRuleInput"}
	if s.AnalyzerArn == nil {
		invalidParams.Add(request.NewErrParamRequired("AnalyzerArn"))
	}
	if s.RuleName == nil {
		invalidParams.Add(request.NewErrParamRequired("RuleName"))
	}
	if s.RuleName != nil && len(*s.RuleName) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("RuleName", 1))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetAnalyzerArn sets the AnalyzerArn field's value.
func (s *ApplyArchiveRuleInput) SetAnalyzerArn(v string) *ApplyArchiveRuleInput {
	s.AnalyzerArn = &v
	return s
}

// SetClientToken sets the ClientToken field's value.
func (s *ApplyArchiveRuleInput) SetClientToken(v string) *ApplyArchiveRuleInput {
	s.ClientToken = &v
	return s
}

// SetRuleName sets the RuleName field's value.
func (s *ApplyArchiveRuleInput) SetRuleName(v string) *ApplyArchiveRuleInput {
	s.RuleName = &v
	return s
}

type ApplyArchiveRuleOutput struct {
	_ struct{} `type:"structure"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ApplyArchiveRuleOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ApplyArchiveRuleOutput) GoString() string {
	return s.String()
}

// Contains information about an archive rule.
type ArchiveRuleSummary struct {
	_ struct{} `type:"structure"`

	// The time at which the archive rule was created.
	//
	// CreatedAt is a required field
	CreatedAt *time.Time `locationName:"createdAt" type:"timestamp" timestampFormat:"iso8601" required:"true"`

	// A filter used to define the archive rule.
	//
	// Filter is a required field
	Filter map[string]*Criterion `locationName:"filter" type:"map" required:"true"`

	// The name of the archive rule.
	//
	// RuleName is a required field
	RuleName *string `locationName:"ruleName" min:"1" type:"string" required:"true"`

	// The time at which the archive rule was last updated.
	//
	// UpdatedAt is a required field
	UpdatedAt *time.Time `locationName:"updatedAt" type:"timestamp" timestampFormat:"iso8601" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ArchiveRuleSummary) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ArchiveRuleSummary) GoString() string {
	return s.String()
}

// SetCreatedAt sets the CreatedAt field's value.
func (s *ArchiveRuleSummary) SetCreatedAt(v time.Time) *ArchiveRuleSummary {
	s.CreatedAt = &v
	return s
}

// SetFilter sets the Filter field's value.
func (s *ArchiveRuleSummary) SetFilter(v map[string]*Criterion) *ArchiveRuleSummary {
	s.Filter = v
	return s
}

// SetRuleName sets the RuleName field's value.
func (s *ArchiveRuleSummary) SetRuleName(v string) *ArchiveRuleSummary {
	s.RuleName = &v
	return s
}

// SetUpdatedAt sets the UpdatedAt field's value.
func (s *ArchiveRuleSummary) SetUpdatedAt(v time.Time) *ArchiveRuleSummary {
	s.UpdatedAt = &v
	return s
}

type CancelPolicyGenerationInput struct {
	_ struct{} `type:"structure" nopayload:"true"`

	// The JobId that is returned by the StartPolicyGeneration operation. The JobId
	// can be used with GetGeneratedPolicy to retrieve the generated policies or
	// used with CancelPolicyGeneration to cancel the policy generation request.
	//
	// JobId is a required field
	JobId *string `location:"uri" locationName:"jobId" type:"string" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s CancelPolicyGenerationInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s CancelPolicyGenerationInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *CancelPolicyGenerationInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "CancelPolicyGenerationInput"}
	if s.JobId == nil {
		invalidParams.Add(request.NewErrParamRequired("JobId"))
	}
	if s.JobId != nil && len(*s.JobId) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("JobId", 1))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetJobId sets the JobId field's value.
func (s *CancelPolicyGenerationInput) SetJobId(v string) *CancelPolicyGenerationInput {
	s.JobId = &v
	return s
}

type CancelPolicyGenerationOutput struct {
	_ struct{} `type:"structure"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s CancelPolicyGenerationOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s CancelPolicyGenerationOutput) GoString() string {
	return s.String()
}

type CheckAccessNotGrantedInput struct {
	_ struct{} `type:"structure"`

	// An access object containing the permissions that shouldn't be granted by
	// the specified policy.
	//
	// Access is a required field
	Access []*Access `locationName:"access" type:"list" required:"true"`

	// The JSON policy document to use as the content for the policy.
	//
	// PolicyDocument is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by CheckAccessNotGrantedInput's
	// String and GoString methods.
	//
	// PolicyDocument is a required field
	PolicyDocument *string `locationName:"policyDocument" type:"string" required:"true" sensitive:"true"`

	// The type of policy. Identity policies grant permissions to IAM principals.
	// Identity policies include managed and inline policies for IAM roles, users,
	// and groups.
	//
	// Resource policies grant permissions on Amazon Web Services resources. Resource
	// policies include trust policies for IAM roles and bucket policies for Amazon
	// S3 buckets. You can provide a generic input such as identity policy or resource
	// policy or a specific input such as managed policy or Amazon S3 bucket policy.
	//
	// PolicyType is a required field
	PolicyType *string `locationName:"policyType" type:"string" required:"true" enum:"AccessCheckPolicyType"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s CheckAccessNotGrantedInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s CheckAccessNotGrantedInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *CheckAccessNotGrantedInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "CheckAccessNotGrantedInput"}
	if s.Access == nil {
		invalidParams.Add(request.NewErrParamRequired("Access"))
	}
	if s.PolicyDocument == nil {
		invalidParams.Add(request.NewErrParamRequired("PolicyDocument"))
	}
	if s.PolicyType == nil {
		invalidParams.Add(request.NewErrParamRequired("PolicyType"))
	}
	if s.Access != nil {
		for i, v := range s.Access {
			if v == nil {
				continue
			}
			if err := v.Validate(); err != nil {
				invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Access", i), err.(request.ErrInvalidParams))
			}
		}
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetAccess sets the Access field's value.
func (s *CheckAccessNotGrantedInput) SetAccess(v []*Access) *CheckAccessNotGrantedInput {
	s.Access = v
	return s
}

// SetPolicyDocument sets the PolicyDocument field's value.
func (s *CheckAccessNotGrantedInput) SetPolicyDocument(v string) *CheckAccessNotGrantedInput {
	s.PolicyDocument = &v
	return s
}

// SetPolicyType sets the PolicyType field's value.
func (s *CheckAccessNotGrantedInput) SetPolicyType(v string) *CheckAccessNotGrantedInput {
	s.PolicyType = &v
	return s
}

type CheckAccessNotGrantedOutput struct {
	_ struct{} `type:"structure"`

	// The message indicating whether the specified access is allowed.
	Message *string `locationName:"message" type:"string"`

	// A description of the reasoning of the result.
	Reasons []*ReasonSummary `locationName:"reasons" type:"list"`

	// The result of the check for whether the access is allowed. If the result
	// is PASS, the specified policy doesn't allow any of the specified permissions
	// in the access object. If the result is FAIL, the specified policy might allow
	// some or all of the permissions in the access object.
	Result *string `locationName:"result" type:"string" enum:"CheckAccessNotGrantedResult"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s CheckAccessNotGrantedOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s CheckAccessNotGrantedOutput) GoString() string {
	return s.String()
}

// SetMessage sets the Message field's value.
func (s *CheckAccessNotGrantedOutput) SetMessage(v string) *CheckAccessNotGrantedOutput {
	s.Message = &v
	return s
}

// SetReasons sets the Reasons field's value.
func (s *CheckAccessNotGrantedOutput) SetReasons(v []*ReasonSummary) *CheckAccessNotGrantedOutput {
	s.Reasons = v
	return s
}

// SetResult sets the Result field's value.
func (s *CheckAccessNotGrantedOutput) SetResult(v string) *CheckAccessNotGrantedOutput {
	s.Result = &v
	return s
}

type CheckNoNewAccessInput struct {
	_ struct{} `type:"structure"`

	// The JSON policy document to use as the content for the existing policy.
	//
	// ExistingPolicyDocument is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by CheckNoNewAccessInput's
	// String and GoString methods.
	//
	// ExistingPolicyDocument is a required field
	ExistingPolicyDocument *string `locationName:"existingPolicyDocument" type:"string" required:"true" sensitive:"true"`

	// The JSON policy document to use as the content for the updated policy.
	//
	// NewPolicyDocument is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by CheckNoNewAccessInput's
	// String and GoString methods.
	//
	// NewPolicyDocument is a required field
	NewPolicyDocument *string `locationName:"newPolicyDocument" type:"string" required:"true" sensitive:"true"`

	// The type of policy to compare. Identity policies grant permissions to IAM
	// principals. Identity policies include managed and inline policies for IAM
	// roles, users, and groups.
	//
	// Resource policies grant permissions on Amazon Web Services resources. Resource
	// policies include trust policies for IAM roles and bucket policies for Amazon
	// S3 buckets. You can provide a generic input such as identity policy or resource
	// policy or a specific input such as managed policy or Amazon S3 bucket policy.
	//
	// PolicyType is a required field
	PolicyType *string `locationName:"policyType" type:"string" required:"true" enum:"AccessCheckPolicyType"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s CheckNoNewAccessInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s CheckNoNewAccessInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *CheckNoNewAccessInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "CheckNoNewAccessInput"}
	if s.ExistingPolicyDocument == nil {
		invalidParams.Add(request.NewErrParamRequired("ExistingPolicyDocument"))
	}
	if s.NewPolicyDocument == nil {
		invalidParams.Add(request.NewErrParamRequired("NewPolicyDocument"))
	}
	if s.PolicyType == nil {
		invalidParams.Add(request.NewErrParamRequired("PolicyType"))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetExistingPolicyDocument sets the ExistingPolicyDocument field's value.
func (s *CheckNoNewAccessInput) SetExistingPolicyDocument(v string) *CheckNoNewAccessInput {
	s.ExistingPolicyDocument = &v
	return s
}

// SetNewPolicyDocument sets the NewPolicyDocument field's value.
func (s *CheckNoNewAccessInput) SetNewPolicyDocument(v string) *CheckNoNewAccessInput {
	s.NewPolicyDocument = &v
	return s
}

// SetPolicyType sets the PolicyType field's value.
func (s *CheckNoNewAccessInput) SetPolicyType(v string) *CheckNoNewAccessInput {
	s.PolicyType = &v
	return s
}

type CheckNoNewAccessOutput struct {
	_ struct{} `type:"structure"`

	// The message indicating whether the updated policy allows new access.
	Message *string `locationName:"message" type:"string"`

	// A description of the reasoning of the result.
	Reasons []*ReasonSummary `locationName:"reasons" type:"list"`

	// The result of the check for new access. If the result is PASS, no new access
	// is allowed by the updated policy. If the result is FAIL, the updated policy
	// might allow new access.
	Result *string `locationName:"result" type:"string" enum:"CheckNoNewAccessResult"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s CheckNoNewAccessOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s CheckNoNewAccessOutput) GoString() string {
	return s.String()
}

// SetMessage sets the Message field's value.
func (s *CheckNoNewAccessOutput) SetMessage(v string) *CheckNoNewAccessOutput {
	s.Message = &v
	return s
}

// SetReasons sets the Reasons field's value.
func (s *CheckNoNewAccessOutput) SetReasons(v []*ReasonSummary) *CheckNoNewAccessOutput {
	s.Reasons = v
	return s
}

// SetResult sets the Result field's value.
func (s *CheckNoNewAccessOutput) SetResult(v string) *CheckNoNewAccessOutput {
	s.Result = &v
	return s
}

// Contains information about CloudTrail access.
type CloudTrailDetails struct {
	_ struct{} `type:"structure"`

	// The ARN of the service role that IAM Access Analyzer uses to access your
	// CloudTrail trail and service last accessed information.
	//
	// AccessRole is a required field
	AccessRole *string `locationName:"accessRole" type:"string" required:"true"`

	// The end of the time range for which IAM Access Analyzer reviews your CloudTrail
	// events. Events with a timestamp after this time are not considered to generate
	// a policy. If this is not included in the request, the default value is the
	// current time.
	EndTime *time.Time `locationName:"endTime" type:"timestamp" timestampFormat:"iso8601"`

	// The start of the time range for which IAM Access Analyzer reviews your CloudTrail
	// events. Events with a timestamp before this time are not considered to generate
	// a policy.
	//
	// StartTime is a required field
	StartTime *time.Time `locationName:"startTime" type:"timestamp" timestampFormat:"iso8601" required:"true"`

	// A Trail object that contains settings for a trail.
	//
	// Trails is a required field
	Trails []*Trail `locationName:"trails" type:"list" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s CloudTrailDetails) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s CloudTrailDetails) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *CloudTrailDetails) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "CloudTrailDetails"}
	if s.AccessRole == nil {
		invalidParams.Add(request.NewErrParamRequired("AccessRole"))
	}
	if s.StartTime == nil {
		invalidParams.Add(request.NewErrParamRequired("StartTime"))
	}
	if s.Trails == nil {
		invalidParams.Add(request.NewErrParamRequired("Trails"))
	}
	if s.Trails != nil {
		for i, v := range s.Trails {
			if v == nil {
				continue
			}
			if err := v.Validate(); err != nil {
				invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Trails", i), err.(request.ErrInvalidParams))
			}
		}
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetAccessRole sets the AccessRole field's value.
func (s *CloudTrailDetails) SetAccessRole(v string) *CloudTrailDetails {
	s.AccessRole = &v
	return s
}

// SetEndTime sets the EndTime field's value.
func (s *CloudTrailDetails) SetEndTime(v time.Time) *CloudTrailDetails {
	s.EndTime = &v
	return s
}

// SetStartTime sets the StartTime field's value.
func (s *CloudTrailDetails) SetStartTime(v time.Time) *CloudTrailDetails {
	s.StartTime = &v
	return s
}

// SetTrails sets the Trails field's value.
func (s *CloudTrailDetails) SetTrails(v []*Trail) *CloudTrailDetails {
	s.Trails = v
	return s
}

// Contains information about CloudTrail access.
type CloudTrailProperties struct {
	_ struct{} `type:"structure"`

	// The end of the time range for which IAM Access Analyzer reviews your CloudTrail
	// events. Events with a timestamp after this time are not considered to generate
	// a policy. If this is not included in the request, the default value is the
	// current time.
	//
	// EndTime is a required field
	EndTime *time.Time `locationName:"endTime" type:"timestamp" timestampFormat:"iso8601" required:"true"`

	// The start of the time range for which IAM Access Analyzer reviews your CloudTrail
	// events. Events with a timestamp before this time are not considered to generate
	// a policy.
	//
	// StartTime is a required field
	StartTime *time.Time `locationName:"startTime" type:"timestamp" timestampFormat:"iso8601" required:"true"`

	// A TrailProperties object that contains settings for trail properties.
	//
	// TrailProperties is a required field
	TrailProperties []*TrailProperties `locationName:"trailProperties" type:"list" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s CloudTrailProperties) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s CloudTrailProperties) GoString() string {
	return s.String()
}

// SetEndTime sets the EndTime field's value.
func (s *CloudTrailProperties) SetEndTime(v time.Time) *CloudTrailProperties {
	s.EndTime = &v
	return s
}

// SetStartTime sets the StartTime field's value.
func (s *CloudTrailProperties) SetStartTime(v time.Time) *CloudTrailProperties {
	s.StartTime = &v
	return s
}

// SetTrailProperties sets the TrailProperties field's value.
func (s *CloudTrailProperties) SetTrailProperties(v []*TrailProperties) *CloudTrailProperties {
	s.TrailProperties = v
	return s
}

// Access control configuration structures for your resource. You specify the
// configuration as a type-value pair. You can specify only one type of access
// control configuration.
type Configuration struct {
	_ struct{} `type:"structure"`

	// The access control configuration is for an Amazon EBS volume snapshot.
	EbsSnapshot *EbsSnapshotConfiguration `locationName:"ebsSnapshot" type:"structure"`

	// The access control configuration is for an Amazon ECR repository.
	EcrRepository *EcrRepositoryConfiguration `locationName:"ecrRepository" type:"structure"`

	// The access control configuration is for an Amazon EFS file system.
	EfsFileSystem *EfsFileSystemConfiguration `locationName:"efsFileSystem" type:"structure"`

	// The access control configuration is for an IAM role.
	IamRole *IamRoleConfiguration `locationName:"iamRole" type:"structure"`

	// The access control configuration is for a KMS key.
	KmsKey *KmsKeyConfiguration `locationName:"kmsKey" type:"structure"`

	// The access control configuration is for an Amazon RDS DB cluster snapshot.
	RdsDbClusterSnapshot *RdsDbClusterSnapshotConfiguration `locationName:"rdsDbClusterSnapshot" type:"structure"`

	// The access control configuration is for an Amazon RDS DB snapshot.
	RdsDbSnapshot *RdsDbSnapshotConfiguration `locationName:"rdsDbSnapshot" type:"structure"`

	// The access control configuration is for an Amazon S3 bucket.
	S3Bucket *S3BucketConfiguration `locationName:"s3Bucket" type:"structure"`

	// The access control configuration is for an Amazon S3 directory bucket.
	S3ExpressDirectoryBucket *S3ExpressDirectoryBucketConfiguration `locationName:"s3ExpressDirectoryBucket" type:"structure"`

	// The access control configuration is for a Secrets Manager secret.
	SecretsManagerSecret *SecretsManagerSecretConfiguration `locationName:"secretsManagerSecret" type:"structure"`

	// The access control configuration is for an Amazon SNS topic
	SnsTopic *SnsTopicConfiguration `locationName:"snsTopic" type:"structure"`

	// The access control configuration is for an Amazon SQS queue.
	SqsQueue *SqsQueueConfiguration `locationName:"sqsQueue" type:"structure"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s Configuration) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s Configuration) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *Configuration) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "Configuration"}
	if s.KmsKey != nil {
		if err := s.KmsKey.Validate(); err != nil {
			invalidParams.AddNested("KmsKey", err.(request.ErrInvalidParams))
		}
	}
	if s.S3Bucket != nil {
		if err := s.S3Bucket.Validate(); err != nil {
			invalidParams.AddNested("S3Bucket", err.(request.ErrInvalidParams))
		}
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetEbsSnapshot sets the EbsSnapshot field's value.
func (s *Configuration) SetEbsSnapshot(v *EbsSnapshotConfiguration) *Configuration {
	s.EbsSnapshot = v
	return s
}

// SetEcrRepository sets the EcrRepository field's value.
func (s *Configuration) SetEcrRepository(v *EcrRepositoryConfiguration) *Configuration {
	s.EcrRepository = v
	return s
}

// SetEfsFileSystem sets the EfsFileSystem field's value.
func (s *Configuration) SetEfsFileSystem(v *EfsFileSystemConfiguration) *Configuration {
	s.EfsFileSystem = v
	return s
}

// SetIamRole sets the IamRole field's value.
func (s *Configuration) SetIamRole(v *IamRoleConfiguration) *Configuration {
	s.IamRole = v
	return s
}

// SetKmsKey sets the KmsKey field's value.
func (s *Configuration) SetKmsKey(v *KmsKeyConfiguration) *Configuration {
	s.KmsKey = v
	return s
}

// SetRdsDbClusterSnapshot sets the RdsDbClusterSnapshot field's value.
func (s *Configuration) SetRdsDbClusterSnapshot(v *RdsDbClusterSnapshotConfiguration) *Configuration {
	s.RdsDbClusterSnapshot = v
	return s
}

// SetRdsDbSnapshot sets the RdsDbSnapshot field's value.
func (s *Configuration) SetRdsDbSnapshot(v *RdsDbSnapshotConfiguration) *Configuration {
	s.RdsDbSnapshot = v
	return s
}

// SetS3Bucket sets the S3Bucket field's value.
func (s *Configuration) SetS3Bucket(v *S3BucketConfiguration) *Configuration {
	s.S3Bucket = v
	return s
}

// SetS3ExpressDirectoryBucket sets the S3ExpressDirectoryBucket field's value.
func (s *Configuration) SetS3ExpressDirectoryBucket(v *S3ExpressDirectoryBucketConfiguration) *Configuration {
	s.S3ExpressDirectoryBucket = v
	return s
}

// SetSecretsManagerSecret sets the SecretsManagerSecret field's value.
func (s *Configuration) SetSecretsManagerSecret(v *SecretsManagerSecretConfiguration) *Configuration {
	s.SecretsManagerSecret = v
	return s
}

// SetSnsTopic sets the SnsTopic field's value.
func (s *Configuration) SetSnsTopic(v *SnsTopicConfiguration) *Configuration {
	s.SnsTopic = v
	return s
}

// SetSqsQueue sets the SqsQueue field's value.
func (s *Configuration) SetSqsQueue(v *SqsQueueConfiguration) *Configuration {
	s.SqsQueue = v
	return s
}

// A conflict exception error.
type ConflictException struct {
	_            struct{}                  `type:"structure"`
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	Message_ *string `locationName:"message" type:"string"`

	// The ID of the resource.
	//
	// ResourceId is a required field
	ResourceId *string `locationName:"resourceId" type:"string" required:"true"`

	// The resource type.
	//
	// ResourceType is a required field
	ResourceType *string `locationName:"resourceType" type:"string" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ConflictException) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ConflictException) GoString() string {
	return s.String()
}

func newErrorConflictException(v protocol.ResponseMetadata) error {
	return &ConflictException{
		RespMetadata: v,
	}
}

// Code returns the exception type name.
func (s *ConflictException) Code() string {
	return "ConflictException"
}

// Message returns the exception's message.
func (s *ConflictException) Message() string {
	if s.Message_ != nil {
		return *s.Message_
	}
	return ""
}

// OrigErr always returns nil, satisfies awserr.Error interface.
func (s *ConflictException) OrigErr() error {
	return nil
}

func (s *ConflictException) Error() string {
	return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String())
}

// Status code returns the HTTP status code for the request's response error.
func (s *ConflictException) StatusCode() int {
	return s.RespMetadata.StatusCode
}

// RequestID returns the service's response RequestID for request.
func (s *ConflictException) RequestID() string {
	return s.RespMetadata.RequestID
}

type CreateAccessPreviewInput struct {
	_ struct{} `type:"structure"`

	// The ARN of the account analyzer (https://docs.aws.amazon.com/IAM/latest/UserGuide/access-analyzer-getting-started.html#permission-resources)
	// used to generate the access preview. You can only create an access preview
	// for analyzers with an Account type and Active status.
	//
	// AnalyzerArn is a required field
	AnalyzerArn *string `locationName:"analyzerArn" type:"string" required:"true"`

	// A client token.
	ClientToken *string `locationName:"clientToken" type:"string" idempotencyToken:"true"`

	// Access control configuration for your resource that is used to generate the
	// access preview. The access preview includes findings for external access
	// allowed to the resource with the proposed access control configuration. The
	// configuration must contain exactly one element.
	//
	// Configurations is a required field
	Configurations map[string]*Configuration `locationName:"configurations" type:"map" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s CreateAccessPreviewInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s CreateAccessPreviewInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *CreateAccessPreviewInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "CreateAccessPreviewInput"}
	if s.AnalyzerArn == nil {
		invalidParams.Add(request.NewErrParamRequired("AnalyzerArn"))
	}
	if s.Configurations == nil {
		invalidParams.Add(request.NewErrParamRequired("Configurations"))
	}
	if s.Configurations != nil {
		for i, v := range s.Configurations {
			if v == nil {
				continue
			}
			if err := v.Validate(); err != nil {
				invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Configurations", i), err.(request.ErrInvalidParams))
			}
		}
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetAnalyzerArn sets the AnalyzerArn field's value.
func (s *CreateAccessPreviewInput) SetAnalyzerArn(v string) *CreateAccessPreviewInput {
	s.AnalyzerArn = &v
	return s
}

// SetClientToken sets the ClientToken field's value.
func (s *CreateAccessPreviewInput) SetClientToken(v string) *CreateAccessPreviewInput {
	s.ClientToken = &v
	return s
}

// SetConfigurations sets the Configurations field's value.
func (s *CreateAccessPreviewInput) SetConfigurations(v map[string]*Configuration) *CreateAccessPreviewInput {
	s.Configurations = v
	return s
}

type CreateAccessPreviewOutput struct {
	_ struct{} `type:"structure"`

	// The unique ID for the access preview.
	//
	// Id is a required field
	Id *string `locationName:"id" type:"string" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s CreateAccessPreviewOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s CreateAccessPreviewOutput) GoString() string {
	return s.String()
}

// SetId sets the Id field's value.
func (s *CreateAccessPreviewOutput) SetId(v string) *CreateAccessPreviewOutput {
	s.Id = &v
	return s
}

// Creates an analyzer.
type CreateAnalyzerInput struct {
	_ struct{} `type:"structure"`

	// The name of the analyzer to create.
	//
	// AnalyzerName is a required field
	AnalyzerName *string `locationName:"analyzerName" min:"1" type:"string" required:"true"`

	// Specifies the archive rules to add for the analyzer. Archive rules automatically
	// archive findings that meet the criteria you define for the rule.
	ArchiveRules []*InlineArchiveRule `locationName:"archiveRules" type:"list"`

	// A client token.
	ClientToken *string `locationName:"clientToken" type:"string" idempotencyToken:"true"`

	// Specifies the configuration of the analyzer. If the analyzer is an unused
	// access analyzer, the specified scope of unused access is used for the configuration.
	// If the analyzer is an external access analyzer, this field is not used.
	Configuration *AnalyzerConfiguration `locationName:"configuration" type:"structure"`

	// An array of key-value pairs to apply to the analyzer.
	Tags map[string]*string `locationName:"tags" type:"map"`

	// The type of analyzer to create. Only ACCOUNT, ORGANIZATION, ACCOUNT_UNUSED_ACCESS,
	// and ORGANIZTAION_UNUSED_ACCESS analyzers are supported. You can create only
	// one analyzer per account per Region. You can create up to 5 analyzers per
	// organization per Region.
	//
	// Type is a required field
	Type *string `locationName:"type" type:"string" required:"true" enum:"Type"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s CreateAnalyzerInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s CreateAnalyzerInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *CreateAnalyzerInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "CreateAnalyzerInput"}
	if s.AnalyzerName == nil {
		invalidParams.Add(request.NewErrParamRequired("AnalyzerName"))
	}
	if s.AnalyzerName != nil && len(*s.AnalyzerName) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("AnalyzerName", 1))
	}
	if s.Type == nil {
		invalidParams.Add(request.NewErrParamRequired("Type"))
	}
	if s.ArchiveRules != nil {
		for i, v := range s.ArchiveRules {
			if v == nil {
				continue
			}
			if err := v.Validate(); err != nil {
				invalidParams.AddNested(fmt.Sprintf("%s[%v]", "ArchiveRules", i), err.(request.ErrInvalidParams))
			}
		}
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetAnalyzerName sets the AnalyzerName field's value.
func (s *CreateAnalyzerInput) SetAnalyzerName(v string) *CreateAnalyzerInput {
	s.AnalyzerName = &v
	return s
}

// SetArchiveRules sets the ArchiveRules field's value.
func (s *CreateAnalyzerInput) SetArchiveRules(v []*InlineArchiveRule) *CreateAnalyzerInput {
	s.ArchiveRules = v
	return s
}

// SetClientToken sets the ClientToken field's value.
func (s *CreateAnalyzerInput) SetClientToken(v string) *CreateAnalyzerInput {
	s.ClientToken = &v
	return s
}

// SetConfiguration sets the Configuration field's value.
func (s *CreateAnalyzerInput) SetConfiguration(v *AnalyzerConfiguration) *CreateAnalyzerInput {
	s.Configuration = v
	return s
}

// SetTags sets the Tags field's value.
func (s *CreateAnalyzerInput) SetTags(v map[string]*string) *CreateAnalyzerInput {
	s.Tags = v
	return s
}

// SetType sets the Type field's value.
func (s *CreateAnalyzerInput) SetType(v string) *CreateAnalyzerInput {
	s.Type = &v
	return s
}

// The response to the request to create an analyzer.
type CreateAnalyzerOutput struct {
	_ struct{} `type:"structure"`

	// The ARN of the analyzer that was created by the request.
	Arn *string `locationName:"arn" type:"string"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s CreateAnalyzerOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s CreateAnalyzerOutput) GoString() string {
	return s.String()
}

// SetArn sets the Arn field's value.
func (s *CreateAnalyzerOutput) SetArn(v string) *CreateAnalyzerOutput {
	s.Arn = &v
	return s
}

// Creates an archive rule.
type CreateArchiveRuleInput struct {
	_ struct{} `type:"structure"`

	// The name of the created analyzer.
	//
	// AnalyzerName is a required field
	AnalyzerName *string `location:"uri" locationName:"analyzerName" min:"1" type:"string" required:"true"`

	// A client token.
	ClientToken *string `locationName:"clientToken" type:"string" idempotencyToken:"true"`

	// The criteria for the rule.
	//
	// Filter is a required field
	Filter map[string]*Criterion `locationName:"filter" type:"map" required:"true"`

	// The name of the rule to create.
	//
	// RuleName is a required field
	RuleName *string `locationName:"ruleName" min:"1" type:"string" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s CreateArchiveRuleInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s CreateArchiveRuleInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *CreateArchiveRuleInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "CreateArchiveRuleInput"}
	if s.AnalyzerName == nil {
		invalidParams.Add(request.NewErrParamRequired("AnalyzerName"))
	}
	if s.AnalyzerName != nil && len(*s.AnalyzerName) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("AnalyzerName", 1))
	}
	if s.Filter == nil {
		invalidParams.Add(request.NewErrParamRequired("Filter"))
	}
	if s.RuleName == nil {
		invalidParams.Add(request.NewErrParamRequired("RuleName"))
	}
	if s.RuleName != nil && len(*s.RuleName) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("RuleName", 1))
	}
	if s.Filter != nil {
		for i, v := range s.Filter {
			if v == nil {
				continue
			}
			if err := v.Validate(); err != nil {
				invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Filter", i), err.(request.ErrInvalidParams))
			}
		}
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetAnalyzerName sets the AnalyzerName field's value.
func (s *CreateArchiveRuleInput) SetAnalyzerName(v string) *CreateArchiveRuleInput {
	s.AnalyzerName = &v
	return s
}

// SetClientToken sets the ClientToken field's value.
func (s *CreateArchiveRuleInput) SetClientToken(v string) *CreateArchiveRuleInput {
	s.ClientToken = &v
	return s
}

// SetFilter sets the Filter field's value.
func (s *CreateArchiveRuleInput) SetFilter(v map[string]*Criterion) *CreateArchiveRuleInput {
	s.Filter = v
	return s
}

// SetRuleName sets the RuleName field's value.
func (s *CreateArchiveRuleInput) SetRuleName(v string) *CreateArchiveRuleInput {
	s.RuleName = &v
	return s
}

type CreateArchiveRuleOutput struct {
	_ struct{} `type:"structure"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s CreateArchiveRuleOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s CreateArchiveRuleOutput) GoString() string {
	return s.String()
}

// The criteria to use in the filter that defines the archive rule. For more
// information on available filter keys, see IAM Access Analyzer filter keys
// (https://docs.aws.amazon.com/IAM/latest/UserGuide/access-analyzer-reference-filter-keys.html).
type Criterion struct {
	_ struct{} `type:"structure"`

	// A "contains" operator to match for the filter used to create the rule.
	Contains []*string `locationName:"contains" min:"1" type:"list"`

	// An "equals" operator to match for the filter used to create the rule.
	Eq []*string `locationName:"eq" min:"1" type:"list"`

	// An "exists" operator to match for the filter used to create the rule.
	Exists *bool `locationName:"exists" type:"boolean"`

	// A "not equals" operator to match for the filter used to create the rule.
	Neq []*string `locationName:"neq" min:"1" type:"list"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s Criterion) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s Criterion) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *Criterion) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "Criterion"}
	if s.Contains != nil && len(s.Contains) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("Contains", 1))
	}
	if s.Eq != nil && len(s.Eq) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("Eq", 1))
	}
	if s.Neq != nil && len(s.Neq) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("Neq", 1))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetContains sets the Contains field's value.
func (s *Criterion) SetContains(v []*string) *Criterion {
	s.Contains = v
	return s
}

// SetEq sets the Eq field's value.
func (s *Criterion) SetEq(v []*string) *Criterion {
	s.Eq = v
	return s
}

// SetExists sets the Exists field's value.
func (s *Criterion) SetExists(v bool) *Criterion {
	s.Exists = &v
	return s
}

// SetNeq sets the Neq field's value.
func (s *Criterion) SetNeq(v []*string) *Criterion {
	s.Neq = v
	return s
}

// Deletes an analyzer.
type DeleteAnalyzerInput struct {
	_ struct{} `type:"structure" nopayload:"true"`

	// The name of the analyzer to delete.
	//
	// AnalyzerName is a required field
	AnalyzerName *string `location:"uri" locationName:"analyzerName" min:"1" type:"string" required:"true"`

	// A client token.
	ClientToken *string `location:"querystring" locationName:"clientToken" type:"string" idempotencyToken:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s DeleteAnalyzerInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s DeleteAnalyzerInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *DeleteAnalyzerInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "DeleteAnalyzerInput"}
	if s.AnalyzerName == nil {
		invalidParams.Add(request.NewErrParamRequired("AnalyzerName"))
	}
	if s.AnalyzerName != nil && len(*s.AnalyzerName) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("AnalyzerName", 1))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetAnalyzerName sets the AnalyzerName field's value.
func (s *DeleteAnalyzerInput) SetAnalyzerName(v string) *DeleteAnalyzerInput {
	s.AnalyzerName = &v
	return s
}

// SetClientToken sets the ClientToken field's value.
func (s *DeleteAnalyzerInput) SetClientToken(v string) *DeleteAnalyzerInput {
	s.ClientToken = &v
	return s
}

type DeleteAnalyzerOutput struct {
	_ struct{} `type:"structure"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s DeleteAnalyzerOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s DeleteAnalyzerOutput) GoString() string {
	return s.String()
}

// Deletes an archive rule.
type DeleteArchiveRuleInput struct {
	_ struct{} `type:"structure" nopayload:"true"`

	// The name of the analyzer that associated with the archive rule to delete.
	//
	// AnalyzerName is a required field
	AnalyzerName *string `location:"uri" locationName:"analyzerName" min:"1" type:"string" required:"true"`

	// A client token.
	ClientToken *string `location:"querystring" locationName:"clientToken" type:"string" idempotencyToken:"true"`

	// The name of the rule to delete.
	//
	// RuleName is a required field
	RuleName *string `location:"uri" locationName:"ruleName" min:"1" type:"string" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s DeleteArchiveRuleInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s DeleteArchiveRuleInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *DeleteArchiveRuleInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "DeleteArchiveRuleInput"}
	if s.AnalyzerName == nil {
		invalidParams.Add(request.NewErrParamRequired("AnalyzerName"))
	}
	if s.AnalyzerName != nil && len(*s.AnalyzerName) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("AnalyzerName", 1))
	}
	if s.RuleName == nil {
		invalidParams.Add(request.NewErrParamRequired("RuleName"))
	}
	if s.RuleName != nil && len(*s.RuleName) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("RuleName", 1))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetAnalyzerName sets the AnalyzerName field's value.
func (s *DeleteArchiveRuleInput) SetAnalyzerName(v string) *DeleteArchiveRuleInput {
	s.AnalyzerName = &v
	return s
}

// SetClientToken sets the ClientToken field's value.
func (s *DeleteArchiveRuleInput) SetClientToken(v string) *DeleteArchiveRuleInput {
	s.ClientToken = &v
	return s
}

// SetRuleName sets the RuleName field's value.
func (s *DeleteArchiveRuleInput) SetRuleName(v string) *DeleteArchiveRuleInput {
	s.RuleName = &v
	return s
}

type DeleteArchiveRuleOutput struct {
	_ struct{} `type:"structure"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s DeleteArchiveRuleOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s DeleteArchiveRuleOutput) GoString() string {
	return s.String()
}

// The proposed access control configuration for an Amazon EBS volume snapshot.
// You can propose a configuration for a new Amazon EBS volume snapshot or an
// Amazon EBS volume snapshot that you own by specifying the user IDs, groups,
// and optional KMS encryption key. For more information, see ModifySnapshotAttribute
// (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifySnapshotAttribute.html).
type EbsSnapshotConfiguration struct {
	_ struct{} `type:"structure"`

	// The groups that have access to the Amazon EBS volume snapshot. If the value
	// all is specified, then the Amazon EBS volume snapshot is public.
	//
	//    * If the configuration is for an existing Amazon EBS volume snapshot and
	//    you do not specify the groups, then the access preview uses the existing
	//    shared groups for the snapshot.
	//
	//    * If the access preview is for a new resource and you do not specify the
	//    groups, then the access preview considers the snapshot without any groups.
	//
	//    * To propose deletion of existing shared groups, you can specify an empty
	//    list for groups.
	Groups []*string `locationName:"groups" type:"list"`

	// The KMS key identifier for an encrypted Amazon EBS volume snapshot. The KMS
	// key identifier is the key ARN, key ID, alias ARN, or alias name for the KMS
	// key.
	//
	//    * If the configuration is for an existing Amazon EBS volume snapshot and
	//    you do not specify the kmsKeyId, or you specify an empty string, then
	//    the access preview uses the existing kmsKeyId of the snapshot.
	//
	//    * If the access preview is for a new resource and you do not specify the
	//    kmsKeyId, the access preview considers the snapshot as unencrypted.
	KmsKeyId *string `locationName:"kmsKeyId" type:"string"`

	// The IDs of the Amazon Web Services accounts that have access to the Amazon
	// EBS volume snapshot.
	//
	//    * If the configuration is for an existing Amazon EBS volume snapshot and
	//    you do not specify the userIds, then the access preview uses the existing
	//    shared userIds for the snapshot.
	//
	//    * If the access preview is for a new resource and you do not specify the
	//    userIds, then the access preview considers the snapshot without any userIds.
	//
	//    * To propose deletion of existing shared accountIds, you can specify an
	//    empty list for userIds.
	UserIds []*string `locationName:"userIds" type:"list"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s EbsSnapshotConfiguration) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s EbsSnapshotConfiguration) GoString() string {
	return s.String()
}

// SetGroups sets the Groups field's value.
func (s *EbsSnapshotConfiguration) SetGroups(v []*string) *EbsSnapshotConfiguration {
	s.Groups = v
	return s
}

// SetKmsKeyId sets the KmsKeyId field's value.
func (s *EbsSnapshotConfiguration) SetKmsKeyId(v string) *EbsSnapshotConfiguration {
	s.KmsKeyId = &v
	return s
}

// SetUserIds sets the UserIds field's value.
func (s *EbsSnapshotConfiguration) SetUserIds(v []*string) *EbsSnapshotConfiguration {
	s.UserIds = v
	return s
}

// The proposed access control configuration for an Amazon ECR repository. You
// can propose a configuration for a new Amazon ECR repository or an existing
// Amazon ECR repository that you own by specifying the Amazon ECR policy. For
// more information, see Repository (https://docs.aws.amazon.com/AmazonECR/latest/APIReference/API_Repository.html).
//
//   - If the configuration is for an existing Amazon ECR repository and you
//     do not specify the Amazon ECR policy, then the access preview uses the
//     existing Amazon ECR policy for the repository.
//
//   - If the access preview is for a new resource and you do not specify the
//     policy, then the access preview assumes an Amazon ECR repository without
//     a policy.
//
//   - To propose deletion of an existing Amazon ECR repository policy, you
//     can specify an empty string for the Amazon ECR policy.
type EcrRepositoryConfiguration struct {
	_ struct{} `type:"structure"`

	// The JSON repository policy text to apply to the Amazon ECR repository. For
	// more information, see Private repository policy examples (https://docs.aws.amazon.com/AmazonECR/latest/userguide/repository-policy-examples.html)
	// in the Amazon ECR User Guide.
	RepositoryPolicy *string `locationName:"repositoryPolicy" type:"string"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s EcrRepositoryConfiguration) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s EcrRepositoryConfiguration) GoString() string {
	return s.String()
}

// SetRepositoryPolicy sets the RepositoryPolicy field's value.
func (s *EcrRepositoryConfiguration) SetRepositoryPolicy(v string) *EcrRepositoryConfiguration {
	s.RepositoryPolicy = &v
	return s
}

// The proposed access control configuration for an Amazon EFS file system.
// You can propose a configuration for a new Amazon EFS file system or an existing
// Amazon EFS file system that you own by specifying the Amazon EFS policy.
// For more information, see Using file systems in Amazon EFS (https://docs.aws.amazon.com/efs/latest/ug/using-fs.html).
//
//   - If the configuration is for an existing Amazon EFS file system and you
//     do not specify the Amazon EFS policy, then the access preview uses the
//     existing Amazon EFS policy for the file system.
//
//   - If the access preview is for a new resource and you do not specify the
//     policy, then the access preview assumes an Amazon EFS file system without
//     a policy.
//
//   - To propose deletion of an existing Amazon EFS file system policy, you
//     can specify an empty string for the Amazon EFS policy.
type EfsFileSystemConfiguration struct {
	_ struct{} `type:"structure"`

	// The JSON policy definition to apply to the Amazon EFS file system. For more
	// information on the elements that make up a file system policy, see Amazon
	// EFS Resource-based policies (https://docs.aws.amazon.com/efs/latest/ug/access-control-overview.html#access-control-manage-access-intro-resource-policies).
	FileSystemPolicy *string `locationName:"fileSystemPolicy" type:"string"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s EfsFileSystemConfiguration) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s EfsFileSystemConfiguration) GoString() string {
	return s.String()
}

// SetFileSystemPolicy sets the FileSystemPolicy field's value.
func (s *EfsFileSystemConfiguration) SetFileSystemPolicy(v string) *EfsFileSystemConfiguration {
	s.FileSystemPolicy = &v
	return s
}

// Contains information about an external access finding.
type ExternalAccessDetails struct {
	_ struct{} `type:"structure"`

	// The action in the analyzed policy statement that an external principal has
	// permission to use.
	Action []*string `locationName:"action" type:"list"`

	// The condition in the analyzed policy statement that resulted in an external
	// access finding.
	//
	// Condition is a required field
	Condition map[string]*string `locationName:"condition" type:"map" required:"true"`

	// Specifies whether the external access finding is public.
	IsPublic *bool `locationName:"isPublic" type:"boolean"`

	// The external principal that has access to a resource within the zone of trust.
	Principal map[string]*string `locationName:"principal" type:"map"`

	// The sources of the external access finding. This indicates how the access
	// that generated the finding is granted. It is populated for Amazon S3 bucket
	// findings.
	Sources []*FindingSource `locationName:"sources" type:"list"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ExternalAccessDetails) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ExternalAccessDetails) GoString() string {
	return s.String()
}

// SetAction sets the Action field's value.
func (s *ExternalAccessDetails) SetAction(v []*string) *ExternalAccessDetails {
	s.Action = v
	return s
}

// SetCondition sets the Condition field's value.
func (s *ExternalAccessDetails) SetCondition(v map[string]*string) *ExternalAccessDetails {
	s.Condition = v
	return s
}

// SetIsPublic sets the IsPublic field's value.
func (s *ExternalAccessDetails) SetIsPublic(v bool) *ExternalAccessDetails {
	s.IsPublic = &v
	return s
}

// SetPrincipal sets the Principal field's value.
func (s *ExternalAccessDetails) SetPrincipal(v map[string]*string) *ExternalAccessDetails {
	s.Principal = v
	return s
}

// SetSources sets the Sources field's value.
func (s *ExternalAccessDetails) SetSources(v []*FindingSource) *ExternalAccessDetails {
	s.Sources = v
	return s
}

// Contains information about a finding.
type Finding struct {
	_ struct{} `type:"structure"`

	// The action in the analyzed policy statement that an external principal has
	// permission to use.
	Action []*string `locationName:"action" type:"list"`

	// The time at which the resource was analyzed.
	//
	// AnalyzedAt is a required field
	AnalyzedAt *time.Time `locationName:"analyzedAt" type:"timestamp" timestampFormat:"iso8601" required:"true"`

	// The condition in the analyzed policy statement that resulted in a finding.
	//
	// Condition is a required field
	Condition map[string]*string `locationName:"condition" type:"map" required:"true"`

	// The time at which the finding was generated.
	//
	// CreatedAt is a required field
	CreatedAt *time.Time `locationName:"createdAt" type:"timestamp" timestampFormat:"iso8601" required:"true"`

	// An error.
	Error *string `locationName:"error" type:"string"`

	// The ID of the finding.
	//
	// Id is a required field
	Id *string `locationName:"id" type:"string" required:"true"`

	// Indicates whether the policy that generated the finding allows public access
	// to the resource.
	IsPublic *bool `locationName:"isPublic" type:"boolean"`

	// The external principal that has access to a resource within the zone of trust.
	Principal map[string]*string `locationName:"principal" type:"map"`

	// The resource that an external principal has access to.
	Resource *string `locationName:"resource" type:"string"`

	// The Amazon Web Services account ID that owns the resource.
	//
	// ResourceOwnerAccount is a required field
	ResourceOwnerAccount *string `locationName:"resourceOwnerAccount" type:"string" required:"true"`

	// The type of the resource identified in the finding.
	//
	// ResourceType is a required field
	ResourceType *string `locationName:"resourceType" type:"string" required:"true" enum:"ResourceType"`

	// The sources of the finding. This indicates how the access that generated
	// the finding is granted. It is populated for Amazon S3 bucket findings.
	Sources []*FindingSource `locationName:"sources" type:"list"`

	// The current status of the finding.
	//
	// Status is a required field
	Status *string `locationName:"status" type:"string" required:"true" enum:"FindingStatus"`

	// The time at which the finding was updated.
	//
	// UpdatedAt is a required field
	UpdatedAt *time.Time `locationName:"updatedAt" type:"timestamp" timestampFormat:"iso8601" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s Finding) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s Finding) GoString() string {
	return s.String()
}

// SetAction sets the Action field's value.
func (s *Finding) SetAction(v []*string) *Finding {
	s.Action = v
	return s
}

// SetAnalyzedAt sets the AnalyzedAt field's value.
func (s *Finding) SetAnalyzedAt(v time.Time) *Finding {
	s.AnalyzedAt = &v
	return s
}

// SetCondition sets the Condition field's value.
func (s *Finding) SetCondition(v map[string]*string) *Finding {
	s.Condition = v
	return s
}

// SetCreatedAt sets the CreatedAt field's value.
func (s *Finding) SetCreatedAt(v time.Time) *Finding {
	s.CreatedAt = &v
	return s
}

// SetError sets the Error field's value.
func (s *Finding) SetError(v string) *Finding {
	s.Error = &v
	return s
}

// SetId sets the Id field's value.
func (s *Finding) SetId(v string) *Finding {
	s.Id = &v
	return s
}

// SetIsPublic sets the IsPublic field's value.
func (s *Finding) SetIsPublic(v bool) *Finding {
	s.IsPublic = &v
	return s
}

// SetPrincipal sets the Principal field's value.
func (s *Finding) SetPrincipal(v map[string]*string) *Finding {
	s.Principal = v
	return s
}

// SetResource sets the Resource field's value.
func (s *Finding) SetResource(v string) *Finding {
	s.Resource = &v
	return s
}

// SetResourceOwnerAccount sets the ResourceOwnerAccount field's value.
func (s *Finding) SetResourceOwnerAccount(v string) *Finding {
	s.ResourceOwnerAccount = &v
	return s
}

// SetResourceType sets the ResourceType field's value.
func (s *Finding) SetResourceType(v string) *Finding {
	s.ResourceType = &v
	return s
}

// SetSources sets the Sources field's value.
func (s *Finding) SetSources(v []*FindingSource) *Finding {
	s.Sources = v
	return s
}

// SetStatus sets the Status field's value.
func (s *Finding) SetStatus(v string) *Finding {
	s.Status = &v
	return s
}

// SetUpdatedAt sets the UpdatedAt field's value.
func (s *Finding) SetUpdatedAt(v time.Time) *Finding {
	s.UpdatedAt = &v
	return s
}

// Contains information about an external access or unused access finding. Only
// one parameter can be used in a FindingDetails object.
type FindingDetails struct {
	_ struct{} `type:"structure"`

	// The details for an external access analyzer finding.
	ExternalAccessDetails *ExternalAccessDetails `locationName:"externalAccessDetails" type:"structure"`

	// The details for an unused access analyzer finding with an unused IAM role
	// finding type.
	UnusedIamRoleDetails *UnusedIamRoleDetails `locationName:"unusedIamRoleDetails" type:"structure"`

	// The details for an unused access analyzer finding with an unused IAM user
	// access key finding type.
	UnusedIamUserAccessKeyDetails *UnusedIamUserAccessKeyDetails `locationName:"unusedIamUserAccessKeyDetails" type:"structure"`

	// The details for an unused access analyzer finding with an unused IAM user
	// password finding type.
	UnusedIamUserPasswordDetails *UnusedIamUserPasswordDetails `locationName:"unusedIamUserPasswordDetails" type:"structure"`

	// The details for an unused access analyzer finding with an unused permission
	// finding type.
	UnusedPermissionDetails *UnusedPermissionDetails `locationName:"unusedPermissionDetails" type:"structure"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s FindingDetails) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s FindingDetails) GoString() string {
	return s.String()
}

// SetExternalAccessDetails sets the ExternalAccessDetails field's value.
func (s *FindingDetails) SetExternalAccessDetails(v *ExternalAccessDetails) *FindingDetails {
	s.ExternalAccessDetails = v
	return s
}

// SetUnusedIamRoleDetails sets the UnusedIamRoleDetails field's value.
func (s *FindingDetails) SetUnusedIamRoleDetails(v *UnusedIamRoleDetails) *FindingDetails {
	s.UnusedIamRoleDetails = v
	return s
}

// SetUnusedIamUserAccessKeyDetails sets the UnusedIamUserAccessKeyDetails field's value.
func (s *FindingDetails) SetUnusedIamUserAccessKeyDetails(v *UnusedIamUserAccessKeyDetails) *FindingDetails {
	s.UnusedIamUserAccessKeyDetails = v
	return s
}

// SetUnusedIamUserPasswordDetails sets the UnusedIamUserPasswordDetails field's value.
func (s *FindingDetails) SetUnusedIamUserPasswordDetails(v *UnusedIamUserPasswordDetails) *FindingDetails {
	s.UnusedIamUserPasswordDetails = v
	return s
}

// SetUnusedPermissionDetails sets the UnusedPermissionDetails field's value.
func (s *FindingDetails) SetUnusedPermissionDetails(v *UnusedPermissionDetails) *FindingDetails {
	s.UnusedPermissionDetails = v
	return s
}

// The source of the finding. This indicates how the access that generated the
// finding is granted. It is populated for Amazon S3 bucket findings.
type FindingSource struct {
	_ struct{} `type:"structure"`

	// Includes details about how the access that generated the finding is granted.
	// This is populated for Amazon S3 bucket findings.
	Detail *FindingSourceDetail `locationName:"detail" type:"structure"`

	// Indicates the type of access that generated the finding.
	//
	// Type is a required field
	Type *string `locationName:"type" type:"string" required:"true" enum:"FindingSourceType"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s FindingSource) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s FindingSource) GoString() string {
	return s.String()
}

// SetDetail sets the Detail field's value.
func (s *FindingSource) SetDetail(v *FindingSourceDetail) *FindingSource {
	s.Detail = v
	return s
}

// SetType sets the Type field's value.
func (s *FindingSource) SetType(v string) *FindingSource {
	s.Type = &v
	return s
}

// Includes details about how the access that generated the finding is granted.
// This is populated for Amazon S3 bucket findings.
type FindingSourceDetail struct {
	_ struct{} `type:"structure"`

	// The account of the cross-account access point that generated the finding.
	AccessPointAccount *string `locationName:"accessPointAccount" type:"string"`

	// The ARN of the access point that generated the finding. The ARN format depends
	// on whether the ARN represents an access point or a multi-region access point.
	AccessPointArn *string `locationName:"accessPointArn" type:"string"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s FindingSourceDetail) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s FindingSourceDetail) GoString() string {
	return s.String()
}

// SetAccessPointAccount sets the AccessPointAccount field's value.
func (s *FindingSourceDetail) SetAccessPointAccount(v string) *FindingSourceDetail {
	s.AccessPointAccount = &v
	return s
}

// SetAccessPointArn sets the AccessPointArn field's value.
func (s *FindingSourceDetail) SetAccessPointArn(v string) *FindingSourceDetail {
	s.AccessPointArn = &v
	return s
}

// Contains information about a finding.
type FindingSummary struct {
	_ struct{} `type:"structure"`

	// The action in the analyzed policy statement that an external principal has
	// permission to use.
	Action []*string `locationName:"action" type:"list"`

	// The time at which the resource-based policy that generated the finding was
	// analyzed.
	//
	// AnalyzedAt is a required field
	AnalyzedAt *time.Time `locationName:"analyzedAt" type:"timestamp" timestampFormat:"iso8601" required:"true"`

	// The condition in the analyzed policy statement that resulted in a finding.
	//
	// Condition is a required field
	Condition map[string]*string `locationName:"condition" type:"map" required:"true"`

	// The time at which the finding was created.
	//
	// CreatedAt is a required field
	CreatedAt *time.Time `locationName:"createdAt" type:"timestamp" timestampFormat:"iso8601" required:"true"`

	// The error that resulted in an Error finding.
	Error *string `locationName:"error" type:"string"`

	// The ID of the finding.
	//
	// Id is a required field
	Id *string `locationName:"id" type:"string" required:"true"`

	// Indicates whether the finding reports a resource that has a policy that allows
	// public access.
	IsPublic *bool `locationName:"isPublic" type:"boolean"`

	// The external principal that has access to a resource within the zone of trust.
	Principal map[string]*string `locationName:"principal" type:"map"`

	// The resource that the external principal has access to.
	Resource *string `locationName:"resource" type:"string"`

	// The Amazon Web Services account ID that owns the resource.
	//
	// ResourceOwnerAccount is a required field
	ResourceOwnerAccount *string `locationName:"resourceOwnerAccount" type:"string" required:"true"`

	// The type of the resource that the external principal has access to.
	//
	// ResourceType is a required field
	ResourceType *string `locationName:"resourceType" type:"string" required:"true" enum:"ResourceType"`

	// The sources of the finding. This indicates how the access that generated
	// the finding is granted. It is populated for Amazon S3 bucket findings.
	Sources []*FindingSource `locationName:"sources" type:"list"`

	// The status of the finding.
	//
	// Status is a required field
	Status *string `locationName:"status" type:"string" required:"true" enum:"FindingStatus"`

	// The time at which the finding was most recently updated.
	//
	// UpdatedAt is a required field
	UpdatedAt *time.Time `locationName:"updatedAt" type:"timestamp" timestampFormat:"iso8601" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s FindingSummary) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s FindingSummary) GoString() string {
	return s.String()
}

// SetAction sets the Action field's value.
func (s *FindingSummary) SetAction(v []*string) *FindingSummary {
	s.Action = v
	return s
}

// SetAnalyzedAt sets the AnalyzedAt field's value.
func (s *FindingSummary) SetAnalyzedAt(v time.Time) *FindingSummary {
	s.AnalyzedAt = &v
	return s
}

// SetCondition sets the Condition field's value.
func (s *FindingSummary) SetCondition(v map[string]*string) *FindingSummary {
	s.Condition = v
	return s
}

// SetCreatedAt sets the CreatedAt field's value.
func (s *FindingSummary) SetCreatedAt(v time.Time) *FindingSummary {
	s.CreatedAt = &v
	return s
}

// SetError sets the Error field's value.
func (s *FindingSummary) SetError(v string) *FindingSummary {
	s.Error = &v
	return s
}

// SetId sets the Id field's value.
func (s *FindingSummary) SetId(v string) *FindingSummary {
	s.Id = &v
	return s
}

// SetIsPublic sets the IsPublic field's value.
func (s *FindingSummary) SetIsPublic(v bool) *FindingSummary {
	s.IsPublic = &v
	return s
}

// SetPrincipal sets the Principal field's value.
func (s *FindingSummary) SetPrincipal(v map[string]*string) *FindingSummary {
	s.Principal = v
	return s
}

// SetResource sets the Resource field's value.
func (s *FindingSummary) SetResource(v string) *FindingSummary {
	s.Resource = &v
	return s
}

// SetResourceOwnerAccount sets the ResourceOwnerAccount field's value.
func (s *FindingSummary) SetResourceOwnerAccount(v string) *FindingSummary {
	s.ResourceOwnerAccount = &v
	return s
}

// SetResourceType sets the ResourceType field's value.
func (s *FindingSummary) SetResourceType(v string) *FindingSummary {
	s.ResourceType = &v
	return s
}

// SetSources sets the Sources field's value.
func (s *FindingSummary) SetSources(v []*FindingSource) *FindingSummary {
	s.Sources = v
	return s
}

// SetStatus sets the Status field's value.
func (s *FindingSummary) SetStatus(v string) *FindingSummary {
	s.Status = &v
	return s
}

// SetUpdatedAt sets the UpdatedAt field's value.
func (s *FindingSummary) SetUpdatedAt(v time.Time) *FindingSummary {
	s.UpdatedAt = &v
	return s
}

// Contains information about a finding.
type FindingSummaryV2 struct {
	_ struct{} `type:"structure"`

	// The time at which the resource-based policy or IAM entity that generated
	// the finding was analyzed.
	//
	// AnalyzedAt is a required field
	AnalyzedAt *time.Time `locationName:"analyzedAt" type:"timestamp" timestampFormat:"iso8601" required:"true"`

	// The time at which the finding was created.
	//
	// CreatedAt is a required field
	CreatedAt *time.Time `locationName:"createdAt" type:"timestamp" timestampFormat:"iso8601" required:"true"`

	// The error that resulted in an Error finding.
	Error *string `locationName:"error" type:"string"`

	// The type of the external access or unused access finding.
	FindingType *string `locationName:"findingType" type:"string" enum:"FindingType"`

	// The ID of the finding.
	//
	// Id is a required field
	Id *string `locationName:"id" type:"string" required:"true"`

	// The resource that the external principal has access to.
	Resource *string `locationName:"resource" type:"string"`

	// The Amazon Web Services account ID that owns the resource.
	//
	// ResourceOwnerAccount is a required field
	ResourceOwnerAccount *string `locationName:"resourceOwnerAccount" type:"string" required:"true"`

	// The type of the resource that the external principal has access to.
	//
	// ResourceType is a required field
	ResourceType *string `locationName:"resourceType" type:"string" required:"true" enum:"ResourceType"`

	// The status of the finding.
	//
	// Status is a required field
	Status *string `locationName:"status" type:"string" required:"true" enum:"FindingStatus"`

	// The time at which the finding was most recently updated.
	//
	// UpdatedAt is a required field
	UpdatedAt *time.Time `locationName:"updatedAt" type:"timestamp" timestampFormat:"iso8601" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s FindingSummaryV2) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s FindingSummaryV2) GoString() string {
	return s.String()
}

// SetAnalyzedAt sets the AnalyzedAt field's value.
func (s *FindingSummaryV2) SetAnalyzedAt(v time.Time) *FindingSummaryV2 {
	s.AnalyzedAt = &v
	return s
}

// SetCreatedAt sets the CreatedAt field's value.
func (s *FindingSummaryV2) SetCreatedAt(v time.Time) *FindingSummaryV2 {
	s.CreatedAt = &v
	return s
}

// SetError sets the Error field's value.
func (s *FindingSummaryV2) SetError(v string) *FindingSummaryV2 {
	s.Error = &v
	return s
}

// SetFindingType sets the FindingType field's value.
func (s *FindingSummaryV2) SetFindingType(v string) *FindingSummaryV2 {
	s.FindingType = &v
	return s
}

// SetId sets the Id field's value.
func (s *FindingSummaryV2) SetId(v string) *FindingSummaryV2 {
	s.Id = &v
	return s
}

// SetResource sets the Resource field's value.
func (s *FindingSummaryV2) SetResource(v string) *FindingSummaryV2 {
	s.Resource = &v
	return s
}

// SetResourceOwnerAccount sets the ResourceOwnerAccount field's value.
func (s *FindingSummaryV2) SetResourceOwnerAccount(v string) *FindingSummaryV2 {
	s.ResourceOwnerAccount = &v
	return s
}

// SetResourceType sets the ResourceType field's value.
func (s *FindingSummaryV2) SetResourceType(v string) *FindingSummaryV2 {
	s.ResourceType = &v
	return s
}

// SetStatus sets the Status field's value.
func (s *FindingSummaryV2) SetStatus(v string) *FindingSummaryV2 {
	s.Status = &v
	return s
}

// SetUpdatedAt sets the UpdatedAt field's value.
func (s *FindingSummaryV2) SetUpdatedAt(v time.Time) *FindingSummaryV2 {
	s.UpdatedAt = &v
	return s
}

// Contains the text for the generated policy.
type GeneratedPolicy struct {
	_ struct{} `type:"structure"`

	// The text to use as the content for the new policy. The policy is created
	// using the CreatePolicy (https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreatePolicy.html)
	// action.
	//
	// Policy is a required field
	Policy *string `locationName:"policy" type:"string" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GeneratedPolicy) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GeneratedPolicy) GoString() string {
	return s.String()
}

// SetPolicy sets the Policy field's value.
func (s *GeneratedPolicy) SetPolicy(v string) *GeneratedPolicy {
	s.Policy = &v
	return s
}

// Contains the generated policy details.
type GeneratedPolicyProperties struct {
	_ struct{} `type:"structure"`

	// Lists details about the Trail used to generated policy.
	CloudTrailProperties *CloudTrailProperties `locationName:"cloudTrailProperties" type:"structure"`

	// This value is set to true if the generated policy contains all possible actions
	// for a service that IAM Access Analyzer identified from the CloudTrail trail
	// that you specified, and false otherwise.
	IsComplete *bool `locationName:"isComplete" type:"boolean"`

	// The ARN of the IAM entity (user or role) for which you are generating a policy.
	//
	// PrincipalArn is a required field
	PrincipalArn *string `locationName:"principalArn" type:"string" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GeneratedPolicyProperties) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GeneratedPolicyProperties) GoString() string {
	return s.String()
}

// SetCloudTrailProperties sets the CloudTrailProperties field's value.
func (s *GeneratedPolicyProperties) SetCloudTrailProperties(v *CloudTrailProperties) *GeneratedPolicyProperties {
	s.CloudTrailProperties = v
	return s
}

// SetIsComplete sets the IsComplete field's value.
func (s *GeneratedPolicyProperties) SetIsComplete(v bool) *GeneratedPolicyProperties {
	s.IsComplete = &v
	return s
}

// SetPrincipalArn sets the PrincipalArn field's value.
func (s *GeneratedPolicyProperties) SetPrincipalArn(v string) *GeneratedPolicyProperties {
	s.PrincipalArn = &v
	return s
}

// Contains the text for the generated policy and its details.
type GeneratedPolicyResult struct {
	_ struct{} `type:"structure"`

	// The text to use as the content for the new policy. The policy is created
	// using the CreatePolicy (https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreatePolicy.html)
	// action.
	GeneratedPolicies []*GeneratedPolicy `locationName:"generatedPolicies" type:"list"`

	// A GeneratedPolicyProperties object that contains properties of the generated
	// policy.
	//
	// Properties is a required field
	Properties *GeneratedPolicyProperties `locationName:"properties" type:"structure" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GeneratedPolicyResult) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GeneratedPolicyResult) GoString() string {
	return s.String()
}

// SetGeneratedPolicies sets the GeneratedPolicies field's value.
func (s *GeneratedPolicyResult) SetGeneratedPolicies(v []*GeneratedPolicy) *GeneratedPolicyResult {
	s.GeneratedPolicies = v
	return s
}

// SetProperties sets the Properties field's value.
func (s *GeneratedPolicyResult) SetProperties(v *GeneratedPolicyProperties) *GeneratedPolicyResult {
	s.Properties = v
	return s
}

type GetAccessPreviewInput struct {
	_ struct{} `type:"structure" nopayload:"true"`

	// The unique ID for the access preview.
	//
	// AccessPreviewId is a required field
	AccessPreviewId *string `location:"uri" locationName:"accessPreviewId" type:"string" required:"true"`

	// The ARN of the analyzer (https://docs.aws.amazon.com/IAM/latest/UserGuide/access-analyzer-getting-started.html#permission-resources)
	// used to generate the access preview.
	//
	// AnalyzerArn is a required field
	AnalyzerArn *string `location:"querystring" locationName:"analyzerArn" type:"string" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GetAccessPreviewInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GetAccessPreviewInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *GetAccessPreviewInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "GetAccessPreviewInput"}
	if s.AccessPreviewId == nil {
		invalidParams.Add(request.NewErrParamRequired("AccessPreviewId"))
	}
	if s.AccessPreviewId != nil && len(*s.AccessPreviewId) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("AccessPreviewId", 1))
	}
	if s.AnalyzerArn == nil {
		invalidParams.Add(request.NewErrParamRequired("AnalyzerArn"))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetAccessPreviewId sets the AccessPreviewId field's value.
func (s *GetAccessPreviewInput) SetAccessPreviewId(v string) *GetAccessPreviewInput {
	s.AccessPreviewId = &v
	return s
}

// SetAnalyzerArn sets the AnalyzerArn field's value.
func (s *GetAccessPreviewInput) SetAnalyzerArn(v string) *GetAccessPreviewInput {
	s.AnalyzerArn = &v
	return s
}

type GetAccessPreviewOutput struct {
	_ struct{} `type:"structure"`

	// An object that contains information about the access preview.
	//
	// AccessPreview is a required field
	AccessPreview *AccessPreview `locationName:"accessPreview" type:"structure" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GetAccessPreviewOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GetAccessPreviewOutput) GoString() string {
	return s.String()
}

// SetAccessPreview sets the AccessPreview field's value.
func (s *GetAccessPreviewOutput) SetAccessPreview(v *AccessPreview) *GetAccessPreviewOutput {
	s.AccessPreview = v
	return s
}

// Retrieves an analyzed resource.
type GetAnalyzedResourceInput struct {
	_ struct{} `type:"structure" nopayload:"true"`

	// The ARN of the analyzer (https://docs.aws.amazon.com/IAM/latest/UserGuide/access-analyzer-getting-started.html#permission-resources)
	// to retrieve information from.
	//
	// AnalyzerArn is a required field
	AnalyzerArn *string `location:"querystring" locationName:"analyzerArn" type:"string" required:"true"`

	// The ARN of the resource to retrieve information about.
	//
	// ResourceArn is a required field
	ResourceArn *string `location:"querystring" locationName:"resourceArn" type:"string" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GetAnalyzedResourceInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GetAnalyzedResourceInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *GetAnalyzedResourceInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "GetAnalyzedResourceInput"}
	if s.AnalyzerArn == nil {
		invalidParams.Add(request.NewErrParamRequired("AnalyzerArn"))
	}
	if s.ResourceArn == nil {
		invalidParams.Add(request.NewErrParamRequired("ResourceArn"))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetAnalyzerArn sets the AnalyzerArn field's value.
func (s *GetAnalyzedResourceInput) SetAnalyzerArn(v string) *GetAnalyzedResourceInput {
	s.AnalyzerArn = &v
	return s
}

// SetResourceArn sets the ResourceArn field's value.
func (s *GetAnalyzedResourceInput) SetResourceArn(v string) *GetAnalyzedResourceInput {
	s.ResourceArn = &v
	return s
}

// The response to the request.
type GetAnalyzedResourceOutput struct {
	_ struct{} `type:"structure"`

	// An AnalyzedResource object that contains information that IAM Access Analyzer
	// found when it analyzed the resource.
	Resource *AnalyzedResource `locationName:"resource" type:"structure"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GetAnalyzedResourceOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GetAnalyzedResourceOutput) GoString() string {
	return s.String()
}

// SetResource sets the Resource field's value.
func (s *GetAnalyzedResourceOutput) SetResource(v *AnalyzedResource) *GetAnalyzedResourceOutput {
	s.Resource = v
	return s
}

// Retrieves an analyzer.
type GetAnalyzerInput struct {
	_ struct{} `type:"structure" nopayload:"true"`

	// The name of the analyzer retrieved.
	//
	// AnalyzerName is a required field
	AnalyzerName *string `location:"uri" locationName:"analyzerName" min:"1" type:"string" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GetAnalyzerInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GetAnalyzerInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *GetAnalyzerInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "GetAnalyzerInput"}
	if s.AnalyzerName == nil {
		invalidParams.Add(request.NewErrParamRequired("AnalyzerName"))
	}
	if s.AnalyzerName != nil && len(*s.AnalyzerName) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("AnalyzerName", 1))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetAnalyzerName sets the AnalyzerName field's value.
func (s *GetAnalyzerInput) SetAnalyzerName(v string) *GetAnalyzerInput {
	s.AnalyzerName = &v
	return s
}

// The response to the request.
type GetAnalyzerOutput struct {
	_ struct{} `type:"structure"`

	// An AnalyzerSummary object that contains information about the analyzer.
	//
	// Analyzer is a required field
	Analyzer *AnalyzerSummary `locationName:"analyzer" type:"structure" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GetAnalyzerOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GetAnalyzerOutput) GoString() string {
	return s.String()
}

// SetAnalyzer sets the Analyzer field's value.
func (s *GetAnalyzerOutput) SetAnalyzer(v *AnalyzerSummary) *GetAnalyzerOutput {
	s.Analyzer = v
	return s
}

// Retrieves an archive rule.
type GetArchiveRuleInput struct {
	_ struct{} `type:"structure" nopayload:"true"`

	// The name of the analyzer to retrieve rules from.
	//
	// AnalyzerName is a required field
	AnalyzerName *string `location:"uri" locationName:"analyzerName" min:"1" type:"string" required:"true"`

	// The name of the rule to retrieve.
	//
	// RuleName is a required field
	RuleName *string `location:"uri" locationName:"ruleName" min:"1" type:"string" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GetArchiveRuleInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GetArchiveRuleInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *GetArchiveRuleInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "GetArchiveRuleInput"}
	if s.AnalyzerName == nil {
		invalidParams.Add(request.NewErrParamRequired("AnalyzerName"))
	}
	if s.AnalyzerName != nil && len(*s.AnalyzerName) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("AnalyzerName", 1))
	}
	if s.RuleName == nil {
		invalidParams.Add(request.NewErrParamRequired("RuleName"))
	}
	if s.RuleName != nil && len(*s.RuleName) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("RuleName", 1))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetAnalyzerName sets the AnalyzerName field's value.
func (s *GetArchiveRuleInput) SetAnalyzerName(v string) *GetArchiveRuleInput {
	s.AnalyzerName = &v
	return s
}

// SetRuleName sets the RuleName field's value.
func (s *GetArchiveRuleInput) SetRuleName(v string) *GetArchiveRuleInput {
	s.RuleName = &v
	return s
}

// The response to the request.
type GetArchiveRuleOutput struct {
	_ struct{} `type:"structure"`

	// Contains information about an archive rule.
	//
	// ArchiveRule is a required field
	ArchiveRule *ArchiveRuleSummary `locationName:"archiveRule" type:"structure" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GetArchiveRuleOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GetArchiveRuleOutput) GoString() string {
	return s.String()
}

// SetArchiveRule sets the ArchiveRule field's value.
func (s *GetArchiveRuleOutput) SetArchiveRule(v *ArchiveRuleSummary) *GetArchiveRuleOutput {
	s.ArchiveRule = v
	return s
}

// Retrieves a finding.
type GetFindingInput struct {
	_ struct{} `type:"structure" nopayload:"true"`

	// The ARN of the analyzer (https://docs.aws.amazon.com/IAM/latest/UserGuide/access-analyzer-getting-started.html#permission-resources)
	// that generated the finding.
	//
	// AnalyzerArn is a required field
	AnalyzerArn *string `location:"querystring" locationName:"analyzerArn" type:"string" required:"true"`

	// The ID of the finding to retrieve.
	//
	// Id is a required field
	Id *string `location:"uri" locationName:"id" type:"string" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GetFindingInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GetFindingInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *GetFindingInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "GetFindingInput"}
	if s.AnalyzerArn == nil {
		invalidParams.Add(request.NewErrParamRequired("AnalyzerArn"))
	}
	if s.Id == nil {
		invalidParams.Add(request.NewErrParamRequired("Id"))
	}
	if s.Id != nil && len(*s.Id) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("Id", 1))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetAnalyzerArn sets the AnalyzerArn field's value.
func (s *GetFindingInput) SetAnalyzerArn(v string) *GetFindingInput {
	s.AnalyzerArn = &v
	return s
}

// SetId sets the Id field's value.
func (s *GetFindingInput) SetId(v string) *GetFindingInput {
	s.Id = &v
	return s
}

// The response to the request.
type GetFindingOutput struct {
	_ struct{} `type:"structure"`

	// A finding object that contains finding details.
	Finding *Finding `locationName:"finding" type:"structure"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GetFindingOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GetFindingOutput) GoString() string {
	return s.String()
}

// SetFinding sets the Finding field's value.
func (s *GetFindingOutput) SetFinding(v *Finding) *GetFindingOutput {
	s.Finding = v
	return s
}

type GetFindingV2Input struct {
	_ struct{} `type:"structure" nopayload:"true"`

	// The ARN of the analyzer (https://docs.aws.amazon.com/IAM/latest/UserGuide/access-analyzer-getting-started.html#permission-resources)
	// that generated the finding.
	//
	// AnalyzerArn is a required field
	AnalyzerArn *string `location:"querystring" locationName:"analyzerArn" type:"string" required:"true"`

	// The ID of the finding to retrieve.
	//
	// Id is a required field
	Id *string `location:"uri" locationName:"id" type:"string" required:"true"`

	// The maximum number of results to return in the response.
	MaxResults *int64 `location:"querystring" locationName:"maxResults" type:"integer"`

	// A token used for pagination of results returned.
	NextToken *string `location:"querystring" locationName:"nextToken" type:"string"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GetFindingV2Input) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GetFindingV2Input) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *GetFindingV2Input) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "GetFindingV2Input"}
	if s.AnalyzerArn == nil {
		invalidParams.Add(request.NewErrParamRequired("AnalyzerArn"))
	}
	if s.Id == nil {
		invalidParams.Add(request.NewErrParamRequired("Id"))
	}
	if s.Id != nil && len(*s.Id) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("Id", 1))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetAnalyzerArn sets the AnalyzerArn field's value.
func (s *GetFindingV2Input) SetAnalyzerArn(v string) *GetFindingV2Input {
	s.AnalyzerArn = &v
	return s
}

// SetId sets the Id field's value.
func (s *GetFindingV2Input) SetId(v string) *GetFindingV2Input {
	s.Id = &v
	return s
}

// SetMaxResults sets the MaxResults field's value.
func (s *GetFindingV2Input) SetMaxResults(v int64) *GetFindingV2Input {
	s.MaxResults = &v
	return s
}

// SetNextToken sets the NextToken field's value.
func (s *GetFindingV2Input) SetNextToken(v string) *GetFindingV2Input {
	s.NextToken = &v
	return s
}

type GetFindingV2Output struct {
	_ struct{} `type:"structure"`

	// The time at which the resource-based policy or IAM entity that generated
	// the finding was analyzed.
	//
	// AnalyzedAt is a required field
	AnalyzedAt *time.Time `locationName:"analyzedAt" type:"timestamp" timestampFormat:"iso8601" required:"true"`

	// The time at which the finding was created.
	//
	// CreatedAt is a required field
	CreatedAt *time.Time `locationName:"createdAt" type:"timestamp" timestampFormat:"iso8601" required:"true"`

	// An error.
	Error *string `locationName:"error" type:"string"`

	// A localized message that explains the finding and provides guidance on how
	// to address it.
	//
	// FindingDetails is a required field
	FindingDetails []*FindingDetails `locationName:"findingDetails" type:"list" required:"true"`

	// The type of the finding. For external access analyzers, the type is ExternalAccess.
	// For unused access analyzers, the type can be UnusedIAMRole, UnusedIAMUserAccessKey,
	// UnusedIAMUserPassword, or UnusedPermission.
	FindingType *string `locationName:"findingType" type:"string" enum:"FindingType"`

	// The ID of the finding to retrieve.
	//
	// Id is a required field
	Id *string `locationName:"id" type:"string" required:"true"`

	// A token used for pagination of results returned.
	NextToken *string `locationName:"nextToken" type:"string"`

	// The resource that generated the finding.
	Resource *string `locationName:"resource" type:"string"`

	// Tye Amazon Web Services account ID that owns the resource.
	//
	// ResourceOwnerAccount is a required field
	ResourceOwnerAccount *string `locationName:"resourceOwnerAccount" type:"string" required:"true"`

	// The type of the resource identified in the finding.
	//
	// ResourceType is a required field
	ResourceType *string `locationName:"resourceType" type:"string" required:"true" enum:"ResourceType"`

	// The status of the finding.
	//
	// Status is a required field
	Status *string `locationName:"status" type:"string" required:"true" enum:"FindingStatus"`

	// The time at which the finding was updated.
	//
	// UpdatedAt is a required field
	UpdatedAt *time.Time `locationName:"updatedAt" type:"timestamp" timestampFormat:"iso8601" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GetFindingV2Output) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GetFindingV2Output) GoString() string {
	return s.String()
}

// SetAnalyzedAt sets the AnalyzedAt field's value.
func (s *GetFindingV2Output) SetAnalyzedAt(v time.Time) *GetFindingV2Output {
	s.AnalyzedAt = &v
	return s
}

// SetCreatedAt sets the CreatedAt field's value.
func (s *GetFindingV2Output) SetCreatedAt(v time.Time) *GetFindingV2Output {
	s.CreatedAt = &v
	return s
}

// SetError sets the Error field's value.
func (s *GetFindingV2Output) SetError(v string) *GetFindingV2Output {
	s.Error = &v
	return s
}

// SetFindingDetails sets the FindingDetails field's value.
func (s *GetFindingV2Output) SetFindingDetails(v []*FindingDetails) *GetFindingV2Output {
	s.FindingDetails = v
	return s
}

// SetFindingType sets the FindingType field's value.
func (s *GetFindingV2Output) SetFindingType(v string) *GetFindingV2Output {
	s.FindingType = &v
	return s
}

// SetId sets the Id field's value.
func (s *GetFindingV2Output) SetId(v string) *GetFindingV2Output {
	s.Id = &v
	return s
}

// SetNextToken sets the NextToken field's value.
func (s *GetFindingV2Output) SetNextToken(v string) *GetFindingV2Output {
	s.NextToken = &v
	return s
}

// SetResource sets the Resource field's value.
func (s *GetFindingV2Output) SetResource(v string) *GetFindingV2Output {
	s.Resource = &v
	return s
}

// SetResourceOwnerAccount sets the ResourceOwnerAccount field's value.
func (s *GetFindingV2Output) SetResourceOwnerAccount(v string) *GetFindingV2Output {
	s.ResourceOwnerAccount = &v
	return s
}

// SetResourceType sets the ResourceType field's value.
func (s *GetFindingV2Output) SetResourceType(v string) *GetFindingV2Output {
	s.ResourceType = &v
	return s
}

// SetStatus sets the Status field's value.
func (s *GetFindingV2Output) SetStatus(v string) *GetFindingV2Output {
	s.Status = &v
	return s
}

// SetUpdatedAt sets the UpdatedAt field's value.
func (s *GetFindingV2Output) SetUpdatedAt(v time.Time) *GetFindingV2Output {
	s.UpdatedAt = &v
	return s
}

type GetGeneratedPolicyInput struct {
	_ struct{} `type:"structure" nopayload:"true"`

	// The level of detail that you want to generate. You can specify whether to
	// generate policies with placeholders for resource ARNs for actions that support
	// resource level granularity in policies.
	//
	// For example, in the resource section of a policy, you can receive a placeholder
	// such as "Resource":"arn:aws:s3:::${BucketName}" instead of "*".
	IncludeResourcePlaceholders *bool `location:"querystring" locationName:"includeResourcePlaceholders" type:"boolean"`

	// The level of detail that you want to generate. You can specify whether to
	// generate service-level policies.
	//
	// IAM Access Analyzer uses iam:servicelastaccessed to identify services that
	// have been used recently to create this service-level template.
	IncludeServiceLevelTemplate *bool `location:"querystring" locationName:"includeServiceLevelTemplate" type:"boolean"`

	// The JobId that is returned by the StartPolicyGeneration operation. The JobId
	// can be used with GetGeneratedPolicy to retrieve the generated policies or
	// used with CancelPolicyGeneration to cancel the policy generation request.
	//
	// JobId is a required field
	JobId *string `location:"uri" locationName:"jobId" type:"string" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GetGeneratedPolicyInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GetGeneratedPolicyInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *GetGeneratedPolicyInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "GetGeneratedPolicyInput"}
	if s.JobId == nil {
		invalidParams.Add(request.NewErrParamRequired("JobId"))
	}
	if s.JobId != nil && len(*s.JobId) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("JobId", 1))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetIncludeResourcePlaceholders sets the IncludeResourcePlaceholders field's value.
func (s *GetGeneratedPolicyInput) SetIncludeResourcePlaceholders(v bool) *GetGeneratedPolicyInput {
	s.IncludeResourcePlaceholders = &v
	return s
}

// SetIncludeServiceLevelTemplate sets the IncludeServiceLevelTemplate field's value.
func (s *GetGeneratedPolicyInput) SetIncludeServiceLevelTemplate(v bool) *GetGeneratedPolicyInput {
	s.IncludeServiceLevelTemplate = &v
	return s
}

// SetJobId sets the JobId field's value.
func (s *GetGeneratedPolicyInput) SetJobId(v string) *GetGeneratedPolicyInput {
	s.JobId = &v
	return s
}

type GetGeneratedPolicyOutput struct {
	_ struct{} `type:"structure"`

	// A GeneratedPolicyResult object that contains the generated policies and associated
	// details.
	//
	// GeneratedPolicyResult is a required field
	GeneratedPolicyResult *GeneratedPolicyResult `locationName:"generatedPolicyResult" type:"structure" required:"true"`

	// A GeneratedPolicyDetails object that contains details about the generated
	// policy.
	//
	// JobDetails is a required field
	JobDetails *JobDetails `locationName:"jobDetails" type:"structure" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GetGeneratedPolicyOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GetGeneratedPolicyOutput) GoString() string {
	return s.String()
}

// SetGeneratedPolicyResult sets the GeneratedPolicyResult field's value.
func (s *GetGeneratedPolicyOutput) SetGeneratedPolicyResult(v *GeneratedPolicyResult) *GetGeneratedPolicyOutput {
	s.GeneratedPolicyResult = v
	return s
}

// SetJobDetails sets the JobDetails field's value.
func (s *GetGeneratedPolicyOutput) SetJobDetails(v *JobDetails) *GetGeneratedPolicyOutput {
	s.JobDetails = v
	return s
}

// The proposed access control configuration for an IAM role. You can propose
// a configuration for a new IAM role or an existing IAM role that you own by
// specifying the trust policy. If the configuration is for a new IAM role,
// you must specify the trust policy. If the configuration is for an existing
// IAM role that you own and you do not propose the trust policy, the access
// preview uses the existing trust policy for the role. The proposed trust policy
// cannot be an empty string. For more information about role trust policy limits,
// see IAM and STS quotas (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html).
type IamRoleConfiguration struct {
	_ struct{} `type:"structure"`

	// The proposed trust policy for the IAM role.
	TrustPolicy *string `locationName:"trustPolicy" type:"string"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s IamRoleConfiguration) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s IamRoleConfiguration) GoString() string {
	return s.String()
}

// SetTrustPolicy sets the TrustPolicy field's value.
func (s *IamRoleConfiguration) SetTrustPolicy(v string) *IamRoleConfiguration {
	s.TrustPolicy = &v
	return s
}

// An criterion statement in an archive rule. Each archive rule may have multiple
// criteria.
type InlineArchiveRule struct {
	_ struct{} `type:"structure"`

	// The condition and values for a criterion.
	//
	// Filter is a required field
	Filter map[string]*Criterion `locationName:"filter" type:"map" required:"true"`

	// The name of the rule.
	//
	// RuleName is a required field
	RuleName *string `locationName:"ruleName" min:"1" type:"string" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s InlineArchiveRule) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s InlineArchiveRule) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *InlineArchiveRule) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "InlineArchiveRule"}
	if s.Filter == nil {
		invalidParams.Add(request.NewErrParamRequired("Filter"))
	}
	if s.RuleName == nil {
		invalidParams.Add(request.NewErrParamRequired("RuleName"))
	}
	if s.RuleName != nil && len(*s.RuleName) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("RuleName", 1))
	}
	if s.Filter != nil {
		for i, v := range s.Filter {
			if v == nil {
				continue
			}
			if err := v.Validate(); err != nil {
				invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Filter", i), err.(request.ErrInvalidParams))
			}
		}
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetFilter sets the Filter field's value.
func (s *InlineArchiveRule) SetFilter(v map[string]*Criterion) *InlineArchiveRule {
	s.Filter = v
	return s
}

// SetRuleName sets the RuleName field's value.
func (s *InlineArchiveRule) SetRuleName(v string) *InlineArchiveRule {
	s.RuleName = &v
	return s
}

// Internal server error.
type InternalServerException struct {
	_            struct{}                  `type:"structure"`
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	Message_ *string `locationName:"message" type:"string"`

	// The seconds to wait to retry.
	RetryAfterSeconds *int64 `location:"header" locationName:"Retry-After" type:"integer"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s InternalServerException) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s InternalServerException) GoString() string {
	return s.String()
}

func newErrorInternalServerException(v protocol.ResponseMetadata) error {
	return &InternalServerException{
		RespMetadata: v,
	}
}

// Code returns the exception type name.
func (s *InternalServerException) Code() string {
	return "InternalServerException"
}

// Message returns the exception's message.
func (s *InternalServerException) Message() string {
	if s.Message_ != nil {
		return *s.Message_
	}
	return ""
}

// OrigErr always returns nil, satisfies awserr.Error interface.
func (s *InternalServerException) OrigErr() error {
	return nil
}

func (s *InternalServerException) Error() string {
	return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String())
}

// Status code returns the HTTP status code for the request's response error.
func (s *InternalServerException) StatusCode() int {
	return s.RespMetadata.StatusCode
}

// RequestID returns the service's response RequestID for request.
func (s *InternalServerException) RequestID() string {
	return s.RespMetadata.RequestID
}

// This configuration sets the network origin for the Amazon S3 access point
// or multi-region access point to Internet.
type InternetConfiguration struct {
	_ struct{} `type:"structure"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s InternetConfiguration) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s InternetConfiguration) GoString() string {
	return s.String()
}

// The specified parameter is invalid.
type InvalidParameterException struct {
	_            struct{}                  `type:"structure"`
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	Message_ *string `locationName:"message" type:"string"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s InvalidParameterException) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s InvalidParameterException) GoString() string {
	return s.String()
}

func newErrorInvalidParameterException(v protocol.ResponseMetadata) error {
	return &InvalidParameterException{
		RespMetadata: v,
	}
}

// Code returns the exception type name.
func (s *InvalidParameterException) Code() string {
	return "InvalidParameterException"
}

// Message returns the exception's message.
func (s *InvalidParameterException) Message() string {
	if s.Message_ != nil {
		return *s.Message_
	}
	return ""
}

// OrigErr always returns nil, satisfies awserr.Error interface.
func (s *InvalidParameterException) OrigErr() error {
	return nil
}

func (s *InvalidParameterException) Error() string {
	return fmt.Sprintf("%s: %s", s.Code(), s.Message())
}

// Status code returns the HTTP status code for the request's response error.
func (s *InvalidParameterException) StatusCode() int {
	return s.RespMetadata.StatusCode
}

// RequestID returns the service's response RequestID for request.
func (s *InvalidParameterException) RequestID() string {
	return s.RespMetadata.RequestID
}

// Contains details about the policy generation request.
type JobDetails struct {
	_ struct{} `type:"structure"`

	// A timestamp of when the job was completed.
	CompletedOn *time.Time `locationName:"completedOn" type:"timestamp" timestampFormat:"iso8601"`

	// The job error for the policy generation request.
	JobError *JobError `locationName:"jobError" type:"structure"`

	// The JobId that is returned by the StartPolicyGeneration operation. The JobId
	// can be used with GetGeneratedPolicy to retrieve the generated policies or
	// used with CancelPolicyGeneration to cancel the policy generation request.
	//
	// JobId is a required field
	JobId *string `locationName:"jobId" type:"string" required:"true"`

	// A timestamp of when the job was started.
	//
	// StartedOn is a required field
	StartedOn *time.Time `locationName:"startedOn" type:"timestamp" timestampFormat:"iso8601" required:"true"`

	// The status of the job request.
	//
	// Status is a required field
	Status *string `locationName:"status" type:"string" required:"true" enum:"JobStatus"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s JobDetails) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s JobDetails) GoString() string {
	return s.String()
}

// SetCompletedOn sets the CompletedOn field's value.
func (s *JobDetails) SetCompletedOn(v time.Time) *JobDetails {
	s.CompletedOn = &v
	return s
}

// SetJobError sets the JobError field's value.
func (s *JobDetails) SetJobError(v *JobError) *JobDetails {
	s.JobError = v
	return s
}

// SetJobId sets the JobId field's value.
func (s *JobDetails) SetJobId(v string) *JobDetails {
	s.JobId = &v
	return s
}

// SetStartedOn sets the StartedOn field's value.
func (s *JobDetails) SetStartedOn(v time.Time) *JobDetails {
	s.StartedOn = &v
	return s
}

// SetStatus sets the Status field's value.
func (s *JobDetails) SetStatus(v string) *JobDetails {
	s.Status = &v
	return s
}

// Contains the details about the policy generation error.
type JobError struct {
	_ struct{} `type:"structure"`

	// The job error code.
	//
	// Code is a required field
	Code *string `locationName:"code" type:"string" required:"true" enum:"JobErrorCode"`

	// Specific information about the error. For example, which service quota was
	// exceeded or which resource was not found.
	//
	// Message is a required field
	Message *string `locationName:"message" type:"string" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s JobError) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s JobError) GoString() string {
	return s.String()
}

// SetCode sets the Code field's value.
func (s *JobError) SetCode(v string) *JobError {
	s.Code = &v
	return s
}

// SetMessage sets the Message field's value.
func (s *JobError) SetMessage(v string) *JobError {
	s.Message = &v
	return s
}

// A proposed grant configuration for a KMS key. For more information, see CreateGrant
// (https://docs.aws.amazon.com/kms/latest/APIReference/API_CreateGrant.html).
type KmsGrantConfiguration struct {
	_ struct{} `type:"structure"`

	// Use this structure to propose allowing cryptographic operations (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#cryptographic-operations)
	// in the grant only when the operation request includes the specified encryption
	// context (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#encrypt_context).
	Constraints *KmsGrantConstraints `locationName:"constraints" type:"structure"`

	// The principal that is given permission to perform the operations that the
	// grant permits.
	//
	// GranteePrincipal is a required field
	GranteePrincipal *string `locationName:"granteePrincipal" type:"string" required:"true"`

	// The Amazon Web Services account under which the grant was issued. The account
	// is used to propose KMS grants issued by accounts other than the owner of
	// the key.
	//
	// IssuingAccount is a required field
	IssuingAccount *string `locationName:"issuingAccount" type:"string" required:"true"`

	// A list of operations that the grant permits.
	//
	// Operations is a required field
	Operations []*string `locationName:"operations" type:"list" required:"true" enum:"KmsGrantOperation"`

	// The principal that is given permission to retire the grant by using RetireGrant
	// (https://docs.aws.amazon.com/kms/latest/APIReference/API_RetireGrant.html)
	// operation.
	RetiringPrincipal *string `locationName:"retiringPrincipal" type:"string"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s KmsGrantConfiguration) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s KmsGrantConfiguration) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *KmsGrantConfiguration) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "KmsGrantConfiguration"}
	if s.GranteePrincipal == nil {
		invalidParams.Add(request.NewErrParamRequired("GranteePrincipal"))
	}
	if s.IssuingAccount == nil {
		invalidParams.Add(request.NewErrParamRequired("IssuingAccount"))
	}
	if s.Operations == nil {
		invalidParams.Add(request.NewErrParamRequired("Operations"))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetConstraints sets the Constraints field's value.
func (s *KmsGrantConfiguration) SetConstraints(v *KmsGrantConstraints) *KmsGrantConfiguration {
	s.Constraints = v
	return s
}

// SetGranteePrincipal sets the GranteePrincipal field's value.
func (s *KmsGrantConfiguration) SetGranteePrincipal(v string) *KmsGrantConfiguration {
	s.GranteePrincipal = &v
	return s
}

// SetIssuingAccount sets the IssuingAccount field's value.
func (s *KmsGrantConfiguration) SetIssuingAccount(v string) *KmsGrantConfiguration {
	s.IssuingAccount = &v
	return s
}

// SetOperations sets the Operations field's value.
func (s *KmsGrantConfiguration) SetOperations(v []*string) *KmsGrantConfiguration {
	s.Operations = v
	return s
}

// SetRetiringPrincipal sets the RetiringPrincipal field's value.
func (s *KmsGrantConfiguration) SetRetiringPrincipal(v string) *KmsGrantConfiguration {
	s.RetiringPrincipal = &v
	return s
}

// Use this structure to propose allowing cryptographic operations (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#cryptographic-operations)
// in the grant only when the operation request includes the specified encryption
// context (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#encrypt_context).
// You can specify only one type of encryption context. An empty map is treated
// as not specified. For more information, see GrantConstraints (https://docs.aws.amazon.com/kms/latest/APIReference/API_GrantConstraints.html).
type KmsGrantConstraints struct {
	_ struct{} `type:"structure"`

	// A list of key-value pairs that must match the encryption context in the cryptographic
	// operation (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#cryptographic-operations)
	// request. The grant allows the operation only when the encryption context
	// in the request is the same as the encryption context specified in this constraint.
	EncryptionContextEquals map[string]*string `locationName:"encryptionContextEquals" type:"map"`

	// A list of key-value pairs that must be included in the encryption context
	// of the cryptographic operation (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#cryptographic-operations)
	// request. The grant allows the cryptographic operation only when the encryption
	// context in the request includes the key-value pairs specified in this constraint,
	// although it can include additional key-value pairs.
	EncryptionContextSubset map[string]*string `locationName:"encryptionContextSubset" type:"map"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s KmsGrantConstraints) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s KmsGrantConstraints) GoString() string {
	return s.String()
}

// SetEncryptionContextEquals sets the EncryptionContextEquals field's value.
func (s *KmsGrantConstraints) SetEncryptionContextEquals(v map[string]*string) *KmsGrantConstraints {
	s.EncryptionContextEquals = v
	return s
}

// SetEncryptionContextSubset sets the EncryptionContextSubset field's value.
func (s *KmsGrantConstraints) SetEncryptionContextSubset(v map[string]*string) *KmsGrantConstraints {
	s.EncryptionContextSubset = v
	return s
}

// Proposed access control configuration for a KMS key. You can propose a configuration
// for a new KMS key or an existing KMS key that you own by specifying the key
// policy and KMS grant configuration. If the configuration is for an existing
// key and you do not specify the key policy, the access preview uses the existing
// policy for the key. If the access preview is for a new resource and you do
// not specify the key policy, then the access preview uses the default key
// policy. The proposed key policy cannot be an empty string. For more information,
// see Default key policy (https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default).
// For more information about key policy limits, see Resource quotas (https://docs.aws.amazon.com/kms/latest/developerguide/resource-limits.html).
type KmsKeyConfiguration struct {
	_ struct{} `type:"structure"`

	// A list of proposed grant configurations for the KMS key. If the proposed
	// grant configuration is for an existing key, the access preview uses the proposed
	// list of grant configurations in place of the existing grants. Otherwise,
	// the access preview uses the existing grants for the key.
	Grants []*KmsGrantConfiguration `locationName:"grants" type:"list"`

	// Resource policy configuration for the KMS key. The only valid value for the
	// name of the key policy is default. For more information, see Default key
	// policy (https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default).
	KeyPolicies map[string]*string `locationName:"keyPolicies" type:"map"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s KmsKeyConfiguration) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s KmsKeyConfiguration) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *KmsKeyConfiguration) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "KmsKeyConfiguration"}
	if s.Grants != nil {
		for i, v := range s.Grants {
			if v == nil {
				continue
			}
			if err := v.Validate(); err != nil {
				invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Grants", i), err.(request.ErrInvalidParams))
			}
		}
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetGrants sets the Grants field's value.
func (s *KmsKeyConfiguration) SetGrants(v []*KmsGrantConfiguration) *KmsKeyConfiguration {
	s.Grants = v
	return s
}

// SetKeyPolicies sets the KeyPolicies field's value.
func (s *KmsKeyConfiguration) SetKeyPolicies(v map[string]*string) *KmsKeyConfiguration {
	s.KeyPolicies = v
	return s
}

type ListAccessPreviewFindingsInput struct {
	_ struct{} `type:"structure"`

	// The unique ID for the access preview.
	//
	// AccessPreviewId is a required field
	AccessPreviewId *string `location:"uri" locationName:"accessPreviewId" type:"string" required:"true"`

	// The ARN of the analyzer (https://docs.aws.amazon.com/IAM/latest/UserGuide/access-analyzer-getting-started.html#permission-resources)
	// used to generate the access.
	//
	// AnalyzerArn is a required field
	AnalyzerArn *string `locationName:"analyzerArn" type:"string" required:"true"`

	// Criteria to filter the returned findings.
	Filter map[string]*Criterion `locationName:"filter" type:"map"`

	// The maximum number of results to return in the response.
	MaxResults *int64 `locationName:"maxResults" type:"integer"`

	// A token used for pagination of results returned.
	NextToken *string `locationName:"nextToken" type:"string"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListAccessPreviewFindingsInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListAccessPreviewFindingsInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *ListAccessPreviewFindingsInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "ListAccessPreviewFindingsInput"}
	if s.AccessPreviewId == nil {
		invalidParams.Add(request.NewErrParamRequired("AccessPreviewId"))
	}
	if s.AccessPreviewId != nil && len(*s.AccessPreviewId) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("AccessPreviewId", 1))
	}
	if s.AnalyzerArn == nil {
		invalidParams.Add(request.NewErrParamRequired("AnalyzerArn"))
	}
	if s.Filter != nil {
		for i, v := range s.Filter {
			if v == nil {
				continue
			}
			if err := v.Validate(); err != nil {
				invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Filter", i), err.(request.ErrInvalidParams))
			}
		}
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetAccessPreviewId sets the AccessPreviewId field's value.
func (s *ListAccessPreviewFindingsInput) SetAccessPreviewId(v string) *ListAccessPreviewFindingsInput {
	s.AccessPreviewId = &v
	return s
}

// SetAnalyzerArn sets the AnalyzerArn field's value.
func (s *ListAccessPreviewFindingsInput) SetAnalyzerArn(v string) *ListAccessPreviewFindingsInput {
	s.AnalyzerArn = &v
	return s
}

// SetFilter sets the Filter field's value.
func (s *ListAccessPreviewFindingsInput) SetFilter(v map[string]*Criterion) *ListAccessPreviewFindingsInput {
	s.Filter = v
	return s
}

// SetMaxResults sets the MaxResults field's value.
func (s *ListAccessPreviewFindingsInput) SetMaxResults(v int64) *ListAccessPreviewFindingsInput {
	s.MaxResults = &v
	return s
}

// SetNextToken sets the NextToken field's value.
func (s *ListAccessPreviewFindingsInput) SetNextToken(v string) *ListAccessPreviewFindingsInput {
	s.NextToken = &v
	return s
}

type ListAccessPreviewFindingsOutput struct {
	_ struct{} `type:"structure"`

	// A list of access preview findings that match the specified filter criteria.
	//
	// Findings is a required field
	Findings []*AccessPreviewFinding `locationName:"findings" type:"list" required:"true"`

	// A token used for pagination of results returned.
	NextToken *string `locationName:"nextToken" type:"string"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListAccessPreviewFindingsOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListAccessPreviewFindingsOutput) GoString() string {
	return s.String()
}

// SetFindings sets the Findings field's value.
func (s *ListAccessPreviewFindingsOutput) SetFindings(v []*AccessPreviewFinding) *ListAccessPreviewFindingsOutput {
	s.Findings = v
	return s
}

// SetNextToken sets the NextToken field's value.
func (s *ListAccessPreviewFindingsOutput) SetNextToken(v string) *ListAccessPreviewFindingsOutput {
	s.NextToken = &v
	return s
}

type ListAccessPreviewsInput struct {
	_ struct{} `type:"structure" nopayload:"true"`

	// The ARN of the analyzer (https://docs.aws.amazon.com/IAM/latest/UserGuide/access-analyzer-getting-started.html#permission-resources)
	// used to generate the access preview.
	//
	// AnalyzerArn is a required field
	AnalyzerArn *string `location:"querystring" locationName:"analyzerArn" type:"string" required:"true"`

	// The maximum number of results to return in the response.
	MaxResults *int64 `location:"querystring" locationName:"maxResults" type:"integer"`

	// A token used for pagination of results returned.
	NextToken *string `location:"querystring" locationName:"nextToken" type:"string"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListAccessPreviewsInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListAccessPreviewsInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *ListAccessPreviewsInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "ListAccessPreviewsInput"}
	if s.AnalyzerArn == nil {
		invalidParams.Add(request.NewErrParamRequired("AnalyzerArn"))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetAnalyzerArn sets the AnalyzerArn field's value.
func (s *ListAccessPreviewsInput) SetAnalyzerArn(v string) *ListAccessPreviewsInput {
	s.AnalyzerArn = &v
	return s
}

// SetMaxResults sets the MaxResults field's value.
func (s *ListAccessPreviewsInput) SetMaxResults(v int64) *ListAccessPreviewsInput {
	s.MaxResults = &v
	return s
}

// SetNextToken sets the NextToken field's value.
func (s *ListAccessPreviewsInput) SetNextToken(v string) *ListAccessPreviewsInput {
	s.NextToken = &v
	return s
}

type ListAccessPreviewsOutput struct {
	_ struct{} `type:"structure"`

	// A list of access previews retrieved for the analyzer.
	//
	// AccessPreviews is a required field
	AccessPreviews []*AccessPreviewSummary `locationName:"accessPreviews" type:"list" required:"true"`

	// A token used for pagination of results returned.
	NextToken *string `locationName:"nextToken" type:"string"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListAccessPreviewsOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListAccessPreviewsOutput) GoString() string {
	return s.String()
}

// SetAccessPreviews sets the AccessPreviews field's value.
func (s *ListAccessPreviewsOutput) SetAccessPreviews(v []*AccessPreviewSummary) *ListAccessPreviewsOutput {
	s.AccessPreviews = v
	return s
}

// SetNextToken sets the NextToken field's value.
func (s *ListAccessPreviewsOutput) SetNextToken(v string) *ListAccessPreviewsOutput {
	s.NextToken = &v
	return s
}

// Retrieves a list of resources that have been analyzed.
type ListAnalyzedResourcesInput struct {
	_ struct{} `type:"structure"`

	// The ARN of the analyzer (https://docs.aws.amazon.com/IAM/latest/UserGuide/access-analyzer-getting-started.html#permission-resources)
	// to retrieve a list of analyzed resources from.
	//
	// AnalyzerArn is a required field
	AnalyzerArn *string `locationName:"analyzerArn" type:"string" required:"true"`

	// The maximum number of results to return in the response.
	MaxResults *int64 `locationName:"maxResults" type:"integer"`

	// A token used for pagination of results returned.
	NextToken *string `locationName:"nextToken" type:"string"`

	// The type of resource.
	ResourceType *string `locationName:"resourceType" type:"string" enum:"ResourceType"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListAnalyzedResourcesInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListAnalyzedResourcesInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *ListAnalyzedResourcesInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "ListAnalyzedResourcesInput"}
	if s.AnalyzerArn == nil {
		invalidParams.Add(request.NewErrParamRequired("AnalyzerArn"))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetAnalyzerArn sets the AnalyzerArn field's value.
func (s *ListAnalyzedResourcesInput) SetAnalyzerArn(v string) *ListAnalyzedResourcesInput {
	s.AnalyzerArn = &v
	return s
}

// SetMaxResults sets the MaxResults field's value.
func (s *ListAnalyzedResourcesInput) SetMaxResults(v int64) *ListAnalyzedResourcesInput {
	s.MaxResults = &v
	return s
}

// SetNextToken sets the NextToken field's value.
func (s *ListAnalyzedResourcesInput) SetNextToken(v string) *ListAnalyzedResourcesInput {
	s.NextToken = &v
	return s
}

// SetResourceType sets the ResourceType field's value.
func (s *ListAnalyzedResourcesInput) SetResourceType(v string) *ListAnalyzedResourcesInput {
	s.ResourceType = &v
	return s
}

// The response to the request.
type ListAnalyzedResourcesOutput struct {
	_ struct{} `type:"structure"`

	// A list of resources that were analyzed.
	//
	// AnalyzedResources is a required field
	AnalyzedResources []*AnalyzedResourceSummary `locationName:"analyzedResources" type:"list" required:"true"`

	// A token used for pagination of results returned.
	NextToken *string `locationName:"nextToken" type:"string"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListAnalyzedResourcesOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListAnalyzedResourcesOutput) GoString() string {
	return s.String()
}

// SetAnalyzedResources sets the AnalyzedResources field's value.
func (s *ListAnalyzedResourcesOutput) SetAnalyzedResources(v []*AnalyzedResourceSummary) *ListAnalyzedResourcesOutput {
	s.AnalyzedResources = v
	return s
}

// SetNextToken sets the NextToken field's value.
func (s *ListAnalyzedResourcesOutput) SetNextToken(v string) *ListAnalyzedResourcesOutput {
	s.NextToken = &v
	return s
}

// Retrieves a list of analyzers.
type ListAnalyzersInput struct {
	_ struct{} `type:"structure" nopayload:"true"`

	// The maximum number of results to return in the response.
	MaxResults *int64 `location:"querystring" locationName:"maxResults" type:"integer"`

	// A token used for pagination of results returned.
	NextToken *string `location:"querystring" locationName:"nextToken" type:"string"`

	// The type of analyzer.
	Type *string `location:"querystring" locationName:"type" type:"string" enum:"Type"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListAnalyzersInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListAnalyzersInput) GoString() string {
	return s.String()
}

// SetMaxResults sets the MaxResults field's value.
func (s *ListAnalyzersInput) SetMaxResults(v int64) *ListAnalyzersInput {
	s.MaxResults = &v
	return s
}

// SetNextToken sets the NextToken field's value.
func (s *ListAnalyzersInput) SetNextToken(v string) *ListAnalyzersInput {
	s.NextToken = &v
	return s
}

// SetType sets the Type field's value.
func (s *ListAnalyzersInput) SetType(v string) *ListAnalyzersInput {
	s.Type = &v
	return s
}

// The response to the request.
type ListAnalyzersOutput struct {
	_ struct{} `type:"structure"`

	// The analyzers retrieved.
	//
	// Analyzers is a required field
	Analyzers []*AnalyzerSummary `locationName:"analyzers" type:"list" required:"true"`

	// A token used for pagination of results returned.
	NextToken *string `locationName:"nextToken" type:"string"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListAnalyzersOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListAnalyzersOutput) GoString() string {
	return s.String()
}

// SetAnalyzers sets the Analyzers field's value.
func (s *ListAnalyzersOutput) SetAnalyzers(v []*AnalyzerSummary) *ListAnalyzersOutput {
	s.Analyzers = v
	return s
}

// SetNextToken sets the NextToken field's value.
func (s *ListAnalyzersOutput) SetNextToken(v string) *ListAnalyzersOutput {
	s.NextToken = &v
	return s
}

// Retrieves a list of archive rules created for the specified analyzer.
type ListArchiveRulesInput struct {
	_ struct{} `type:"structure" nopayload:"true"`

	// The name of the analyzer to retrieve rules from.
	//
	// AnalyzerName is a required field
	AnalyzerName *string `location:"uri" locationName:"analyzerName" min:"1" type:"string" required:"true"`

	// The maximum number of results to return in the request.
	MaxResults *int64 `location:"querystring" locationName:"maxResults" type:"integer"`

	// A token used for pagination of results returned.
	NextToken *string `location:"querystring" locationName:"nextToken" type:"string"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListArchiveRulesInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListArchiveRulesInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *ListArchiveRulesInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "ListArchiveRulesInput"}
	if s.AnalyzerName == nil {
		invalidParams.Add(request.NewErrParamRequired("AnalyzerName"))
	}
	if s.AnalyzerName != nil && len(*s.AnalyzerName) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("AnalyzerName", 1))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetAnalyzerName sets the AnalyzerName field's value.
func (s *ListArchiveRulesInput) SetAnalyzerName(v string) *ListArchiveRulesInput {
	s.AnalyzerName = &v
	return s
}

// SetMaxResults sets the MaxResults field's value.
func (s *ListArchiveRulesInput) SetMaxResults(v int64) *ListArchiveRulesInput {
	s.MaxResults = &v
	return s
}

// SetNextToken sets the NextToken field's value.
func (s *ListArchiveRulesInput) SetNextToken(v string) *ListArchiveRulesInput {
	s.NextToken = &v
	return s
}

// The response to the request.
type ListArchiveRulesOutput struct {
	_ struct{} `type:"structure"`

	// A list of archive rules created for the specified analyzer.
	//
	// ArchiveRules is a required field
	ArchiveRules []*ArchiveRuleSummary `locationName:"archiveRules" type:"list" required:"true"`

	// A token used for pagination of results returned.
	NextToken *string `locationName:"nextToken" type:"string"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListArchiveRulesOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListArchiveRulesOutput) GoString() string {
	return s.String()
}

// SetArchiveRules sets the ArchiveRules field's value.
func (s *ListArchiveRulesOutput) SetArchiveRules(v []*ArchiveRuleSummary) *ListArchiveRulesOutput {
	s.ArchiveRules = v
	return s
}

// SetNextToken sets the NextToken field's value.
func (s *ListArchiveRulesOutput) SetNextToken(v string) *ListArchiveRulesOutput {
	s.NextToken = &v
	return s
}

// Retrieves a list of findings generated by the specified analyzer.
type ListFindingsInput struct {
	_ struct{} `type:"structure"`

	// The ARN of the analyzer (https://docs.aws.amazon.com/IAM/latest/UserGuide/access-analyzer-getting-started.html#permission-resources)
	// to retrieve findings from.
	//
	// AnalyzerArn is a required field
	AnalyzerArn *string `locationName:"analyzerArn" type:"string" required:"true"`

	// A filter to match for the findings to return.
	Filter map[string]*Criterion `locationName:"filter" type:"map"`

	// The maximum number of results to return in the response.
	MaxResults *int64 `locationName:"maxResults" type:"integer"`

	// A token used for pagination of results returned.
	NextToken *string `locationName:"nextToken" type:"string"`

	// The sort order for the findings returned.
	Sort *SortCriteria `locationName:"sort" type:"structure"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListFindingsInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListFindingsInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *ListFindingsInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "ListFindingsInput"}
	if s.AnalyzerArn == nil {
		invalidParams.Add(request.NewErrParamRequired("AnalyzerArn"))
	}
	if s.Filter != nil {
		for i, v := range s.Filter {
			if v == nil {
				continue
			}
			if err := v.Validate(); err != nil {
				invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Filter", i), err.(request.ErrInvalidParams))
			}
		}
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetAnalyzerArn sets the AnalyzerArn field's value.
func (s *ListFindingsInput) SetAnalyzerArn(v string) *ListFindingsInput {
	s.AnalyzerArn = &v
	return s
}

// SetFilter sets the Filter field's value.
func (s *ListFindingsInput) SetFilter(v map[string]*Criterion) *ListFindingsInput {
	s.Filter = v
	return s
}

// SetMaxResults sets the MaxResults field's value.
func (s *ListFindingsInput) SetMaxResults(v int64) *ListFindingsInput {
	s.MaxResults = &v
	return s
}

// SetNextToken sets the NextToken field's value.
func (s *ListFindingsInput) SetNextToken(v string) *ListFindingsInput {
	s.NextToken = &v
	return s
}

// SetSort sets the Sort field's value.
func (s *ListFindingsInput) SetSort(v *SortCriteria) *ListFindingsInput {
	s.Sort = v
	return s
}

// The response to the request.
type ListFindingsOutput struct {
	_ struct{} `type:"structure"`

	// A list of findings retrieved from the analyzer that match the filter criteria
	// specified, if any.
	//
	// Findings is a required field
	Findings []*FindingSummary `locationName:"findings" type:"list" required:"true"`

	// A token used for pagination of results returned.
	NextToken *string `locationName:"nextToken" type:"string"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListFindingsOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListFindingsOutput) GoString() string {
	return s.String()
}

// SetFindings sets the Findings field's value.
func (s *ListFindingsOutput) SetFindings(v []*FindingSummary) *ListFindingsOutput {
	s.Findings = v
	return s
}

// SetNextToken sets the NextToken field's value.
func (s *ListFindingsOutput) SetNextToken(v string) *ListFindingsOutput {
	s.NextToken = &v
	return s
}

type ListFindingsV2Input struct {
	_ struct{} `type:"structure"`

	// The ARN of the analyzer (https://docs.aws.amazon.com/IAM/latest/UserGuide/access-analyzer-getting-started.html#permission-resources)
	// to retrieve findings from.
	//
	// AnalyzerArn is a required field
	AnalyzerArn *string `locationName:"analyzerArn" type:"string" required:"true"`

	// A filter to match for the findings to return.
	Filter map[string]*Criterion `locationName:"filter" type:"map"`

	// The maximum number of results to return in the response.
	MaxResults *int64 `locationName:"maxResults" type:"integer"`

	// A token used for pagination of results returned.
	NextToken *string `locationName:"nextToken" type:"string"`

	// The criteria used to sort.
	Sort *SortCriteria `locationName:"sort" type:"structure"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListFindingsV2Input) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListFindingsV2Input) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *ListFindingsV2Input) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "ListFindingsV2Input"}
	if s.AnalyzerArn == nil {
		invalidParams.Add(request.NewErrParamRequired("AnalyzerArn"))
	}
	if s.Filter != nil {
		for i, v := range s.Filter {
			if v == nil {
				continue
			}
			if err := v.Validate(); err != nil {
				invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Filter", i), err.(request.ErrInvalidParams))
			}
		}
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetAnalyzerArn sets the AnalyzerArn field's value.
func (s *ListFindingsV2Input) SetAnalyzerArn(v string) *ListFindingsV2Input {
	s.AnalyzerArn = &v
	return s
}

// SetFilter sets the Filter field's value.
func (s *ListFindingsV2Input) SetFilter(v map[string]*Criterion) *ListFindingsV2Input {
	s.Filter = v
	return s
}

// SetMaxResults sets the MaxResults field's value.
func (s *ListFindingsV2Input) SetMaxResults(v int64) *ListFindingsV2Input {
	s.MaxResults = &v
	return s
}

// SetNextToken sets the NextToken field's value.
func (s *ListFindingsV2Input) SetNextToken(v string) *ListFindingsV2Input {
	s.NextToken = &v
	return s
}

// SetSort sets the Sort field's value.
func (s *ListFindingsV2Input) SetSort(v *SortCriteria) *ListFindingsV2Input {
	s.Sort = v
	return s
}

type ListFindingsV2Output struct {
	_ struct{} `type:"structure"`

	// A list of findings retrieved from the analyzer that match the filter criteria
	// specified, if any.
	//
	// Findings is a required field
	Findings []*FindingSummaryV2 `locationName:"findings" type:"list" required:"true"`

	// A token used for pagination of results returned.
	NextToken *string `locationName:"nextToken" type:"string"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListFindingsV2Output) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListFindingsV2Output) GoString() string {
	return s.String()
}

// SetFindings sets the Findings field's value.
func (s *ListFindingsV2Output) SetFindings(v []*FindingSummaryV2) *ListFindingsV2Output {
	s.Findings = v
	return s
}

// SetNextToken sets the NextToken field's value.
func (s *ListFindingsV2Output) SetNextToken(v string) *ListFindingsV2Output {
	s.NextToken = &v
	return s
}

type ListPolicyGenerationsInput struct {
	_ struct{} `type:"structure" nopayload:"true"`

	// The maximum number of results to return in the response.
	MaxResults *int64 `location:"querystring" locationName:"maxResults" min:"1" type:"integer"`

	// A token used for pagination of results returned.
	NextToken *string `location:"querystring" locationName:"nextToken" type:"string"`

	// The ARN of the IAM entity (user or role) for which you are generating a policy.
	// Use this with ListGeneratedPolicies to filter the results to only include
	// results for a specific principal.
	PrincipalArn *string `location:"querystring" locationName:"principalArn" type:"string"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListPolicyGenerationsInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListPolicyGenerationsInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *ListPolicyGenerationsInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "ListPolicyGenerationsInput"}
	if s.MaxResults != nil && *s.MaxResults < 1 {
		invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetMaxResults sets the MaxResults field's value.
func (s *ListPolicyGenerationsInput) SetMaxResults(v int64) *ListPolicyGenerationsInput {
	s.MaxResults = &v
	return s
}

// SetNextToken sets the NextToken field's value.
func (s *ListPolicyGenerationsInput) SetNextToken(v string) *ListPolicyGenerationsInput {
	s.NextToken = &v
	return s
}

// SetPrincipalArn sets the PrincipalArn field's value.
func (s *ListPolicyGenerationsInput) SetPrincipalArn(v string) *ListPolicyGenerationsInput {
	s.PrincipalArn = &v
	return s
}

type ListPolicyGenerationsOutput struct {
	_ struct{} `type:"structure"`

	// A token used for pagination of results returned.
	NextToken *string `locationName:"nextToken" type:"string"`

	// A PolicyGeneration object that contains details about the generated policy.
	//
	// PolicyGenerations is a required field
	PolicyGenerations []*PolicyGeneration `locationName:"policyGenerations" type:"list" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListPolicyGenerationsOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListPolicyGenerationsOutput) GoString() string {
	return s.String()
}

// SetNextToken sets the NextToken field's value.
func (s *ListPolicyGenerationsOutput) SetNextToken(v string) *ListPolicyGenerationsOutput {
	s.NextToken = &v
	return s
}

// SetPolicyGenerations sets the PolicyGenerations field's value.
func (s *ListPolicyGenerationsOutput) SetPolicyGenerations(v []*PolicyGeneration) *ListPolicyGenerationsOutput {
	s.PolicyGenerations = v
	return s
}

// Retrieves a list of tags applied to the specified resource.
type ListTagsForResourceInput struct {
	_ struct{} `type:"structure" nopayload:"true"`

	// The ARN of the resource to retrieve tags from.
	//
	// ResourceArn is a required field
	ResourceArn *string `location:"uri" locationName:"resourceArn" type:"string" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListTagsForResourceInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListTagsForResourceInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *ListTagsForResourceInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "ListTagsForResourceInput"}
	if s.ResourceArn == nil {
		invalidParams.Add(request.NewErrParamRequired("ResourceArn"))
	}
	if s.ResourceArn != nil && len(*s.ResourceArn) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("ResourceArn", 1))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetResourceArn sets the ResourceArn field's value.
func (s *ListTagsForResourceInput) SetResourceArn(v string) *ListTagsForResourceInput {
	s.ResourceArn = &v
	return s
}

// The response to the request.
type ListTagsForResourceOutput struct {
	_ struct{} `type:"structure"`

	// The tags that are applied to the specified resource.
	Tags map[string]*string `locationName:"tags" type:"map"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListTagsForResourceOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListTagsForResourceOutput) GoString() string {
	return s.String()
}

// SetTags sets the Tags field's value.
func (s *ListTagsForResourceOutput) SetTags(v map[string]*string) *ListTagsForResourceOutput {
	s.Tags = v
	return s
}

// A location in a policy that is represented as a path through the JSON representation
// and a corresponding span.
type Location struct {
	_ struct{} `type:"structure"`

	// A path in a policy, represented as a sequence of path elements.
	//
	// Path is a required field
	Path []*PathElement `locationName:"path" type:"list" required:"true"`

	// A span in a policy.
	//
	// Span is a required field
	Span *Span `locationName:"span" type:"structure" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s Location) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s Location) GoString() string {
	return s.String()
}

// SetPath sets the Path field's value.
func (s *Location) SetPath(v []*PathElement) *Location {
	s.Path = v
	return s
}

// SetSpan sets the Span field's value.
func (s *Location) SetSpan(v *Span) *Location {
	s.Span = v
	return s
}

// The proposed InternetConfiguration or VpcConfiguration to apply to the Amazon
// S3 access point. VpcConfiguration does not apply to multi-region access points.
// You can make the access point accessible from the internet, or you can specify
// that all requests made through that access point must originate from a specific
// virtual private cloud (VPC). You can specify only one type of network configuration.
// For more information, see Creating access points (https://docs.aws.amazon.com/AmazonS3/latest/dev/creating-access-points.html).
type NetworkOriginConfiguration struct {
	_ struct{} `type:"structure"`

	// The configuration for the Amazon S3 access point or multi-region access point
	// with an Internet origin.
	InternetConfiguration *InternetConfiguration `locationName:"internetConfiguration" type:"structure"`

	// The proposed virtual private cloud (VPC) configuration for the Amazon S3
	// access point. VPC configuration does not apply to multi-region access points.
	// For more information, see VpcConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_VpcConfiguration.html).
	VpcConfiguration *VpcConfiguration `locationName:"vpcConfiguration" type:"structure"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s NetworkOriginConfiguration) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s NetworkOriginConfiguration) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *NetworkOriginConfiguration) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "NetworkOriginConfiguration"}
	if s.VpcConfiguration != nil {
		if err := s.VpcConfiguration.Validate(); err != nil {
			invalidParams.AddNested("VpcConfiguration", err.(request.ErrInvalidParams))
		}
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetInternetConfiguration sets the InternetConfiguration field's value.
func (s *NetworkOriginConfiguration) SetInternetConfiguration(v *InternetConfiguration) *NetworkOriginConfiguration {
	s.InternetConfiguration = v
	return s
}

// SetVpcConfiguration sets the VpcConfiguration field's value.
func (s *NetworkOriginConfiguration) SetVpcConfiguration(v *VpcConfiguration) *NetworkOriginConfiguration {
	s.VpcConfiguration = v
	return s
}

// A single element in a path through the JSON representation of a policy.
type PathElement struct {
	_ struct{} `type:"structure"`

	// Refers to an index in a JSON array.
	Index *int64 `locationName:"index" type:"integer"`

	// Refers to a key in a JSON object.
	Key *string `locationName:"key" type:"string"`

	// Refers to a substring of a literal string in a JSON object.
	Substring *Substring `locationName:"substring" type:"structure"`

	// Refers to the value associated with a given key in a JSON object.
	Value *string `locationName:"value" type:"string"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s PathElement) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s PathElement) GoString() string {
	return s.String()
}

// SetIndex sets the Index field's value.
func (s *PathElement) SetIndex(v int64) *PathElement {
	s.Index = &v
	return s
}

// SetKey sets the Key field's value.
func (s *PathElement) SetKey(v string) *PathElement {
	s.Key = &v
	return s
}

// SetSubstring sets the Substring field's value.
func (s *PathElement) SetSubstring(v *Substring) *PathElement {
	s.Substring = v
	return s
}

// SetValue sets the Value field's value.
func (s *PathElement) SetValue(v string) *PathElement {
	s.Value = &v
	return s
}

// Contains details about the policy generation status and properties.
type PolicyGeneration struct {
	_ struct{} `type:"structure"`

	// A timestamp of when the policy generation was completed.
	CompletedOn *time.Time `locationName:"completedOn" type:"timestamp" timestampFormat:"iso8601"`

	// The JobId that is returned by the StartPolicyGeneration operation. The JobId
	// can be used with GetGeneratedPolicy to retrieve the generated policies or
	// used with CancelPolicyGeneration to cancel the policy generation request.
	//
	// JobId is a required field
	JobId *string `locationName:"jobId" type:"string" required:"true"`

	// The ARN of the IAM entity (user or role) for which you are generating a policy.
	//
	// PrincipalArn is a required field
	PrincipalArn *string `locationName:"principalArn" type:"string" required:"true"`

	// A timestamp of when the policy generation started.
	//
	// StartedOn is a required field
	StartedOn *time.Time `locationName:"startedOn" type:"timestamp" timestampFormat:"iso8601" required:"true"`

	// The status of the policy generation request.
	//
	// Status is a required field
	Status *string `locationName:"status" type:"string" required:"true" enum:"JobStatus"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s PolicyGeneration) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s PolicyGeneration) GoString() string {
	return s.String()
}

// SetCompletedOn sets the CompletedOn field's value.
func (s *PolicyGeneration) SetCompletedOn(v time.Time) *PolicyGeneration {
	s.CompletedOn = &v
	return s
}

// SetJobId sets the JobId field's value.
func (s *PolicyGeneration) SetJobId(v string) *PolicyGeneration {
	s.JobId = &v
	return s
}

// SetPrincipalArn sets the PrincipalArn field's value.
func (s *PolicyGeneration) SetPrincipalArn(v string) *PolicyGeneration {
	s.PrincipalArn = &v
	return s
}

// SetStartedOn sets the StartedOn field's value.
func (s *PolicyGeneration) SetStartedOn(v time.Time) *PolicyGeneration {
	s.StartedOn = &v
	return s
}

// SetStatus sets the Status field's value.
func (s *PolicyGeneration) SetStatus(v string) *PolicyGeneration {
	s.Status = &v
	return s
}

// Contains the ARN details about the IAM entity for which the policy is generated.
type PolicyGenerationDetails struct {
	_ struct{} `type:"structure"`

	// The ARN of the IAM entity (user or role) for which you are generating a policy.
	//
	// PrincipalArn is a required field
	PrincipalArn *string `locationName:"principalArn" type:"string" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s PolicyGenerationDetails) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s PolicyGenerationDetails) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *PolicyGenerationDetails) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "PolicyGenerationDetails"}
	if s.PrincipalArn == nil {
		invalidParams.Add(request.NewErrParamRequired("PrincipalArn"))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetPrincipalArn sets the PrincipalArn field's value.
func (s *PolicyGenerationDetails) SetPrincipalArn(v string) *PolicyGenerationDetails {
	s.PrincipalArn = &v
	return s
}

// A position in a policy.
type Position struct {
	_ struct{} `type:"structure"`

	// The column of the position, starting from 0.
	//
	// Column is a required field
	Column *int64 `locationName:"column" type:"integer" required:"true"`

	// The line of the position, starting from 1.
	//
	// Line is a required field
	Line *int64 `locationName:"line" type:"integer" required:"true"`

	// The offset within the policy that corresponds to the position, starting from
	// 0.
	//
	// Offset is a required field
	Offset *int64 `locationName:"offset" type:"integer" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s Position) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s Position) GoString() string {
	return s.String()
}

// SetColumn sets the Column field's value.
func (s *Position) SetColumn(v int64) *Position {
	s.Column = &v
	return s
}

// SetLine sets the Line field's value.
func (s *Position) SetLine(v int64) *Position {
	s.Line = &v
	return s
}

// SetOffset sets the Offset field's value.
func (s *Position) SetOffset(v int64) *Position {
	s.Offset = &v
	return s
}

// The values for a manual Amazon RDS DB cluster snapshot attribute.
type RdsDbClusterSnapshotAttributeValue struct {
	_ struct{} `type:"structure"`

	// The Amazon Web Services account IDs that have access to the manual Amazon
	// RDS DB cluster snapshot. If the value all is specified, then the Amazon RDS
	// DB cluster snapshot is public and can be copied or restored by all Amazon
	// Web Services accounts.
	//
	//    * If the configuration is for an existing Amazon RDS DB cluster snapshot
	//    and you do not specify the accountIds in RdsDbClusterSnapshotAttributeValue,
	//    then the access preview uses the existing shared accountIds for the snapshot.
	//
	//    * If the access preview is for a new resource and you do not specify the
	//    specify the accountIds in RdsDbClusterSnapshotAttributeValue, then the
	//    access preview considers the snapshot without any attributes.
	//
	//    * To propose deletion of existing shared accountIds, you can specify an
	//    empty list for accountIds in the RdsDbClusterSnapshotAttributeValue.
	AccountIds []*string `locationName:"accountIds" type:"list"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s RdsDbClusterSnapshotAttributeValue) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s RdsDbClusterSnapshotAttributeValue) GoString() string {
	return s.String()
}

// SetAccountIds sets the AccountIds field's value.
func (s *RdsDbClusterSnapshotAttributeValue) SetAccountIds(v []*string) *RdsDbClusterSnapshotAttributeValue {
	s.AccountIds = v
	return s
}

// The proposed access control configuration for an Amazon RDS DB cluster snapshot.
// You can propose a configuration for a new Amazon RDS DB cluster snapshot
// or an Amazon RDS DB cluster snapshot that you own by specifying the RdsDbClusterSnapshotAttributeValue
// and optional KMS encryption key. For more information, see ModifyDBClusterSnapshotAttribute
// (https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_ModifyDBClusterSnapshotAttribute.html).
type RdsDbClusterSnapshotConfiguration struct {
	_ struct{} `type:"structure"`

	// The names and values of manual DB cluster snapshot attributes. Manual DB
	// cluster snapshot attributes are used to authorize other Amazon Web Services
	// accounts to restore a manual DB cluster snapshot. The only valid value for
	// AttributeName for the attribute map is restore
	Attributes map[string]*RdsDbClusterSnapshotAttributeValue `locationName:"attributes" type:"map"`

	// The KMS key identifier for an encrypted Amazon RDS DB cluster snapshot. The
	// KMS key identifier is the key ARN, key ID, alias ARN, or alias name for the
	// KMS key.
	//
	//    * If the configuration is for an existing Amazon RDS DB cluster snapshot
	//    and you do not specify the kmsKeyId, or you specify an empty string, then
	//    the access preview uses the existing kmsKeyId of the snapshot.
	//
	//    * If the access preview is for a new resource and you do not specify the
	//    specify the kmsKeyId, then the access preview considers the snapshot as
	//    unencrypted.
	KmsKeyId *string `locationName:"kmsKeyId" type:"string"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s RdsDbClusterSnapshotConfiguration) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s RdsDbClusterSnapshotConfiguration) GoString() string {
	return s.String()
}

// SetAttributes sets the Attributes field's value.
func (s *RdsDbClusterSnapshotConfiguration) SetAttributes(v map[string]*RdsDbClusterSnapshotAttributeValue) *RdsDbClusterSnapshotConfiguration {
	s.Attributes = v
	return s
}

// SetKmsKeyId sets the KmsKeyId field's value.
func (s *RdsDbClusterSnapshotConfiguration) SetKmsKeyId(v string) *RdsDbClusterSnapshotConfiguration {
	s.KmsKeyId = &v
	return s
}

// The name and values of a manual Amazon RDS DB snapshot attribute. Manual
// DB snapshot attributes are used to authorize other Amazon Web Services accounts
// to restore a manual DB snapshot.
type RdsDbSnapshotAttributeValue struct {
	_ struct{} `type:"structure"`

	// The Amazon Web Services account IDs that have access to the manual Amazon
	// RDS DB snapshot. If the value all is specified, then the Amazon RDS DB snapshot
	// is public and can be copied or restored by all Amazon Web Services accounts.
	//
	//    * If the configuration is for an existing Amazon RDS DB snapshot and you
	//    do not specify the accountIds in RdsDbSnapshotAttributeValue, then the
	//    access preview uses the existing shared accountIds for the snapshot.
	//
	//    * If the access preview is for a new resource and you do not specify the
	//    specify the accountIds in RdsDbSnapshotAttributeValue, then the access
	//    preview considers the snapshot without any attributes.
	//
	//    * To propose deletion of an existing shared accountIds, you can specify
	//    an empty list for accountIds in the RdsDbSnapshotAttributeValue.
	AccountIds []*string `locationName:"accountIds" type:"list"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s RdsDbSnapshotAttributeValue) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s RdsDbSnapshotAttributeValue) GoString() string {
	return s.String()
}

// SetAccountIds sets the AccountIds field's value.
func (s *RdsDbSnapshotAttributeValue) SetAccountIds(v []*string) *RdsDbSnapshotAttributeValue {
	s.AccountIds = v
	return s
}

// The proposed access control configuration for an Amazon RDS DB snapshot.
// You can propose a configuration for a new Amazon RDS DB snapshot or an Amazon
// RDS DB snapshot that you own by specifying the RdsDbSnapshotAttributeValue
// and optional KMS encryption key. For more information, see ModifyDBSnapshotAttribute
// (https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_ModifyDBSnapshotAttribute.html).
type RdsDbSnapshotConfiguration struct {
	_ struct{} `type:"structure"`

	// The names and values of manual DB snapshot attributes. Manual DB snapshot
	// attributes are used to authorize other Amazon Web Services accounts to restore
	// a manual DB snapshot. The only valid value for attributeName for the attribute
	// map is restore.
	Attributes map[string]*RdsDbSnapshotAttributeValue `locationName:"attributes" type:"map"`

	// The KMS key identifier for an encrypted Amazon RDS DB snapshot. The KMS key
	// identifier is the key ARN, key ID, alias ARN, or alias name for the KMS key.
	//
	//    * If the configuration is for an existing Amazon RDS DB snapshot and you
	//    do not specify the kmsKeyId, or you specify an empty string, then the
	//    access preview uses the existing kmsKeyId of the snapshot.
	//
	//    * If the access preview is for a new resource and you do not specify the
	//    specify the kmsKeyId, then the access preview considers the snapshot as
	//    unencrypted.
	KmsKeyId *string `locationName:"kmsKeyId" type:"string"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s RdsDbSnapshotConfiguration) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s RdsDbSnapshotConfiguration) GoString() string {
	return s.String()
}

// SetAttributes sets the Attributes field's value.
func (s *RdsDbSnapshotConfiguration) SetAttributes(v map[string]*RdsDbSnapshotAttributeValue) *RdsDbSnapshotConfiguration {
	s.Attributes = v
	return s
}

// SetKmsKeyId sets the KmsKeyId field's value.
func (s *RdsDbSnapshotConfiguration) SetKmsKeyId(v string) *RdsDbSnapshotConfiguration {
	s.KmsKeyId = &v
	return s
}

// Contains information about the reasoning why a check for access passed or
// failed.
type ReasonSummary struct {
	_ struct{} `type:"structure"`

	// A description of the reasoning of a result of checking for access.
	Description *string `locationName:"description" type:"string"`

	// The identifier for the reason statement.
	StatementId *string `locationName:"statementId" type:"string"`

	// The index number of the reason statement.
	StatementIndex *int64 `locationName:"statementIndex" type:"integer"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ReasonSummary) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ReasonSummary) GoString() string {
	return s.String()
}

// SetDescription sets the Description field's value.
func (s *ReasonSummary) SetDescription(v string) *ReasonSummary {
	s.Description = &v
	return s
}

// SetStatementId sets the StatementId field's value.
func (s *ReasonSummary) SetStatementId(v string) *ReasonSummary {
	s.StatementId = &v
	return s
}

// SetStatementIndex sets the StatementIndex field's value.
func (s *ReasonSummary) SetStatementIndex(v int64) *ReasonSummary {
	s.StatementIndex = &v
	return s
}

// The specified resource could not be found.
type ResourceNotFoundException struct {
	_            struct{}                  `type:"structure"`
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	Message_ *string `locationName:"message" type:"string"`

	// The ID of the resource.
	//
	// ResourceId is a required field
	ResourceId *string `locationName:"resourceId" type:"string" required:"true"`

	// The type of the resource.
	//
	// ResourceType is a required field
	ResourceType *string `locationName:"resourceType" type:"string" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ResourceNotFoundException) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ResourceNotFoundException) GoString() string {
	return s.String()
}

func newErrorResourceNotFoundException(v protocol.ResponseMetadata) error {
	return &ResourceNotFoundException{
		RespMetadata: v,
	}
}

// Code returns the exception type name.
func (s *ResourceNotFoundException) Code() string {
	return "ResourceNotFoundException"
}

// Message returns the exception's message.
func (s *ResourceNotFoundException) Message() string {
	if s.Message_ != nil {
		return *s.Message_
	}
	return ""
}

// OrigErr always returns nil, satisfies awserr.Error interface.
func (s *ResourceNotFoundException) OrigErr() error {
	return nil
}

func (s *ResourceNotFoundException) Error() string {
	return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String())
}

// Status code returns the HTTP status code for the request's response error.
func (s *ResourceNotFoundException) StatusCode() int {
	return s.RespMetadata.StatusCode
}

// RequestID returns the service's response RequestID for request.
func (s *ResourceNotFoundException) RequestID() string {
	return s.RespMetadata.RequestID
}

// The configuration for an Amazon S3 access point or multi-region access point
// for the bucket. You can propose up to 10 access points or multi-region access
// points per bucket. If the proposed Amazon S3 access point configuration is
// for an existing bucket, the access preview uses the proposed access point
// configuration in place of the existing access points. To propose an access
// point without a policy, you can provide an empty string as the access point
// policy. For more information, see Creating access points (https://docs.aws.amazon.com/AmazonS3/latest/dev/creating-access-points.html).
// For more information about access point policy limits, see Access points
// restrictions and limitations (https://docs.aws.amazon.com/AmazonS3/latest/dev/access-points-restrictions-limitations.html).
type S3AccessPointConfiguration struct {
	_ struct{} `type:"structure"`

	// The access point or multi-region access point policy.
	AccessPointPolicy *string `locationName:"accessPointPolicy" type:"string"`

	// The proposed Internet and VpcConfiguration to apply to this Amazon S3 access
	// point. VpcConfiguration does not apply to multi-region access points. If
	// the access preview is for a new resource and neither is specified, the access
	// preview uses Internet for the network origin. If the access preview is for
	// an existing resource and neither is specified, the access preview uses the
	// exiting network origin.
	NetworkOrigin *NetworkOriginConfiguration `locationName:"networkOrigin" type:"structure"`

	// The proposed S3PublicAccessBlock configuration to apply to this Amazon S3
	// access point or multi-region access point.
	PublicAccessBlock *S3PublicAccessBlockConfiguration `locationName:"publicAccessBlock" type:"structure"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s S3AccessPointConfiguration) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s S3AccessPointConfiguration) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *S3AccessPointConfiguration) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "S3AccessPointConfiguration"}
	if s.NetworkOrigin != nil {
		if err := s.NetworkOrigin.Validate(); err != nil {
			invalidParams.AddNested("NetworkOrigin", err.(request.ErrInvalidParams))
		}
	}
	if s.PublicAccessBlock != nil {
		if err := s.PublicAccessBlock.Validate(); err != nil {
			invalidParams.AddNested("PublicAccessBlock", err.(request.ErrInvalidParams))
		}
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetAccessPointPolicy sets the AccessPointPolicy field's value.
func (s *S3AccessPointConfiguration) SetAccessPointPolicy(v string) *S3AccessPointConfiguration {
	s.AccessPointPolicy = &v
	return s
}

// SetNetworkOrigin sets the NetworkOrigin field's value.
func (s *S3AccessPointConfiguration) SetNetworkOrigin(v *NetworkOriginConfiguration) *S3AccessPointConfiguration {
	s.NetworkOrigin = v
	return s
}

// SetPublicAccessBlock sets the PublicAccessBlock field's value.
func (s *S3AccessPointConfiguration) SetPublicAccessBlock(v *S3PublicAccessBlockConfiguration) *S3AccessPointConfiguration {
	s.PublicAccessBlock = v
	return s
}

// A proposed access control list grant configuration for an Amazon S3 bucket.
// For more information, see How to Specify an ACL (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#setting-acls).
type S3BucketAclGrantConfiguration struct {
	_ struct{} `type:"structure"`

	// The grantee to whom you’re assigning access rights.
	//
	// Grantee is a required field
	Grantee *AclGrantee `locationName:"grantee" type:"structure" required:"true"`

	// The permissions being granted.
	//
	// Permission is a required field
	Permission *string `locationName:"permission" type:"string" required:"true" enum:"AclPermission"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s S3BucketAclGrantConfiguration) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s S3BucketAclGrantConfiguration) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *S3BucketAclGrantConfiguration) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "S3BucketAclGrantConfiguration"}
	if s.Grantee == nil {
		invalidParams.Add(request.NewErrParamRequired("Grantee"))
	}
	if s.Permission == nil {
		invalidParams.Add(request.NewErrParamRequired("Permission"))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetGrantee sets the Grantee field's value.
func (s *S3BucketAclGrantConfiguration) SetGrantee(v *AclGrantee) *S3BucketAclGrantConfiguration {
	s.Grantee = v
	return s
}

// SetPermission sets the Permission field's value.
func (s *S3BucketAclGrantConfiguration) SetPermission(v string) *S3BucketAclGrantConfiguration {
	s.Permission = &v
	return s
}

// Proposed access control configuration for an Amazon S3 bucket. You can propose
// a configuration for a new Amazon S3 bucket or an existing Amazon S3 bucket
// that you own by specifying the Amazon S3 bucket policy, bucket ACLs, bucket
// BPA settings, Amazon S3 access points, and multi-region access points attached
// to the bucket. If the configuration is for an existing Amazon S3 bucket and
// you do not specify the Amazon S3 bucket policy, the access preview uses the
// existing policy attached to the bucket. If the access preview is for a new
// resource and you do not specify the Amazon S3 bucket policy, the access preview
// assumes a bucket without a policy. To propose deletion of an existing bucket
// policy, you can specify an empty string. For more information about bucket
// policy limits, see Bucket Policy Examples (https://docs.aws.amazon.com/AmazonS3/latest/dev/example-bucket-policies.html).
type S3BucketConfiguration struct {
	_ struct{} `type:"structure"`

	// The configuration of Amazon S3 access points or multi-region access points
	// for the bucket. You can propose up to 10 new access points per bucket.
	AccessPoints map[string]*S3AccessPointConfiguration `locationName:"accessPoints" type:"map"`

	// The proposed list of ACL grants for the Amazon S3 bucket. You can propose
	// up to 100 ACL grants per bucket. If the proposed grant configuration is for
	// an existing bucket, the access preview uses the proposed list of grant configurations
	// in place of the existing grants. Otherwise, the access preview uses the existing
	// grants for the bucket.
	BucketAclGrants []*S3BucketAclGrantConfiguration `locationName:"bucketAclGrants" type:"list"`

	// The proposed bucket policy for the Amazon S3 bucket.
	BucketPolicy *string `locationName:"bucketPolicy" type:"string"`

	// The proposed block public access configuration for the Amazon S3 bucket.
	BucketPublicAccessBlock *S3PublicAccessBlockConfiguration `locationName:"bucketPublicAccessBlock" type:"structure"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s S3BucketConfiguration) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s S3BucketConfiguration) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *S3BucketConfiguration) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "S3BucketConfiguration"}
	if s.AccessPoints != nil {
		for i, v := range s.AccessPoints {
			if v == nil {
				continue
			}
			if err := v.Validate(); err != nil {
				invalidParams.AddNested(fmt.Sprintf("%s[%v]", "AccessPoints", i), err.(request.ErrInvalidParams))
			}
		}
	}
	if s.BucketAclGrants != nil {
		for i, v := range s.BucketAclGrants {
			if v == nil {
				continue
			}
			if err := v.Validate(); err != nil {
				invalidParams.AddNested(fmt.Sprintf("%s[%v]", "BucketAclGrants", i), err.(request.ErrInvalidParams))
			}
		}
	}
	if s.BucketPublicAccessBlock != nil {
		if err := s.BucketPublicAccessBlock.Validate(); err != nil {
			invalidParams.AddNested("BucketPublicAccessBlock", err.(request.ErrInvalidParams))
		}
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetAccessPoints sets the AccessPoints field's value.
func (s *S3BucketConfiguration) SetAccessPoints(v map[string]*S3AccessPointConfiguration) *S3BucketConfiguration {
	s.AccessPoints = v
	return s
}

// SetBucketAclGrants sets the BucketAclGrants field's value.
func (s *S3BucketConfiguration) SetBucketAclGrants(v []*S3BucketAclGrantConfiguration) *S3BucketConfiguration {
	s.BucketAclGrants = v
	return s
}

// SetBucketPolicy sets the BucketPolicy field's value.
func (s *S3BucketConfiguration) SetBucketPolicy(v string) *S3BucketConfiguration {
	s.BucketPolicy = &v
	return s
}

// SetBucketPublicAccessBlock sets the BucketPublicAccessBlock field's value.
func (s *S3BucketConfiguration) SetBucketPublicAccessBlock(v *S3PublicAccessBlockConfiguration) *S3BucketConfiguration {
	s.BucketPublicAccessBlock = v
	return s
}

// Proposed access control configuration for an Amazon S3 directory bucket.
// You can propose a configuration for a new Amazon S3 directory bucket or an
// existing Amazon S3 directory bucket that you own by specifying the Amazon
// S3 bucket policy. If the configuration is for an existing Amazon S3 directory
// bucket and you do not specify the Amazon S3 bucket policy, the access preview
// uses the existing policy attached to the directory bucket. If the access
// preview is for a new resource and you do not specify the Amazon S3 bucket
// policy, the access preview assumes an directory bucket without a policy.
// To propose deletion of an existing bucket policy, you can specify an empty
// string. For more information about bucket policy limits, see Example bucket
// policies (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-security-iam-example-bucket-policies.html).
type S3ExpressDirectoryBucketConfiguration struct {
	_ struct{} `type:"structure"`

	// The proposed bucket policy for the Amazon S3 directory bucket.
	BucketPolicy *string `locationName:"bucketPolicy" type:"string"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s S3ExpressDirectoryBucketConfiguration) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s S3ExpressDirectoryBucketConfiguration) GoString() string {
	return s.String()
}

// SetBucketPolicy sets the BucketPolicy field's value.
func (s *S3ExpressDirectoryBucketConfiguration) SetBucketPolicy(v string) *S3ExpressDirectoryBucketConfiguration {
	s.BucketPolicy = &v
	return s
}

// The PublicAccessBlock configuration to apply to this Amazon S3 bucket. If
// the proposed configuration is for an existing Amazon S3 bucket and the configuration
// is not specified, the access preview uses the existing setting. If the proposed
// configuration is for a new bucket and the configuration is not specified,
// the access preview uses false. If the proposed configuration is for a new
// access point or multi-region access point and the access point BPA configuration
// is not specified, the access preview uses true. For more information, see
// PublicAccessBlockConfiguration (https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-publicaccessblockconfiguration.html).
type S3PublicAccessBlockConfiguration struct {
	_ struct{} `type:"structure"`

	// Specifies whether Amazon S3 should ignore public ACLs for this bucket and
	// objects in this bucket.
	//
	// IgnorePublicAcls is a required field
	IgnorePublicAcls *bool `locationName:"ignorePublicAcls" type:"boolean" required:"true"`

	// Specifies whether Amazon S3 should restrict public bucket policies for this
	// bucket.
	//
	// RestrictPublicBuckets is a required field
	RestrictPublicBuckets *bool `locationName:"restrictPublicBuckets" type:"boolean" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s S3PublicAccessBlockConfiguration) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s S3PublicAccessBlockConfiguration) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *S3PublicAccessBlockConfiguration) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "S3PublicAccessBlockConfiguration"}
	if s.IgnorePublicAcls == nil {
		invalidParams.Add(request.NewErrParamRequired("IgnorePublicAcls"))
	}
	if s.RestrictPublicBuckets == nil {
		invalidParams.Add(request.NewErrParamRequired("RestrictPublicBuckets"))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetIgnorePublicAcls sets the IgnorePublicAcls field's value.
func (s *S3PublicAccessBlockConfiguration) SetIgnorePublicAcls(v bool) *S3PublicAccessBlockConfiguration {
	s.IgnorePublicAcls = &v
	return s
}

// SetRestrictPublicBuckets sets the RestrictPublicBuckets field's value.
func (s *S3PublicAccessBlockConfiguration) SetRestrictPublicBuckets(v bool) *S3PublicAccessBlockConfiguration {
	s.RestrictPublicBuckets = &v
	return s
}

// The configuration for a Secrets Manager secret. For more information, see
// CreateSecret (https://docs.aws.amazon.com/secretsmanager/latest/apireference/API_CreateSecret.html).
//
// You can propose a configuration for a new secret or an existing secret that
// you own by specifying the secret policy and optional KMS encryption key.
// If the configuration is for an existing secret and you do not specify the
// secret policy, the access preview uses the existing policy for the secret.
// If the access preview is for a new resource and you do not specify the policy,
// the access preview assumes a secret without a policy. To propose deletion
// of an existing policy, you can specify an empty string. If the proposed configuration
// is for a new secret and you do not specify the KMS key ID, the access preview
// uses the Amazon Web Services managed key aws/secretsmanager. If you specify
// an empty string for the KMS key ID, the access preview uses the Amazon Web
// Services managed key of the Amazon Web Services account. For more information
// about secret policy limits, see Quotas for Secrets Manager. (https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_limits.html).
type SecretsManagerSecretConfiguration struct {
	_ struct{} `type:"structure"`

	// The proposed ARN, key ID, or alias of the KMS key.
	KmsKeyId *string `locationName:"kmsKeyId" type:"string"`

	// The proposed resource policy defining who can access or manage the secret.
	SecretPolicy *string `locationName:"secretPolicy" type:"string"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s SecretsManagerSecretConfiguration) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s SecretsManagerSecretConfiguration) GoString() string {
	return s.String()
}

// SetKmsKeyId sets the KmsKeyId field's value.
func (s *SecretsManagerSecretConfiguration) SetKmsKeyId(v string) *SecretsManagerSecretConfiguration {
	s.KmsKeyId = &v
	return s
}

// SetSecretPolicy sets the SecretPolicy field's value.
func (s *SecretsManagerSecretConfiguration) SetSecretPolicy(v string) *SecretsManagerSecretConfiguration {
	s.SecretPolicy = &v
	return s
}

// Service quote met error.
type ServiceQuotaExceededException struct {
	_            struct{}                  `type:"structure"`
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	Message_ *string `locationName:"message" type:"string"`

	// The resource ID.
	//
	// ResourceId is a required field
	ResourceId *string `locationName:"resourceId" type:"string" required:"true"`

	// The resource type.
	//
	// ResourceType is a required field
	ResourceType *string `locationName:"resourceType" type:"string" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ServiceQuotaExceededException) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ServiceQuotaExceededException) GoString() string {
	return s.String()
}

func newErrorServiceQuotaExceededException(v protocol.ResponseMetadata) error {
	return &ServiceQuotaExceededException{
		RespMetadata: v,
	}
}

// Code returns the exception type name.
func (s *ServiceQuotaExceededException) Code() string {
	return "ServiceQuotaExceededException"
}

// Message returns the exception's message.
func (s *ServiceQuotaExceededException) Message() string {
	if s.Message_ != nil {
		return *s.Message_
	}
	return ""
}

// OrigErr always returns nil, satisfies awserr.Error interface.
func (s *ServiceQuotaExceededException) OrigErr() error {
	return nil
}

func (s *ServiceQuotaExceededException) Error() string {
	return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String())
}

// Status code returns the HTTP status code for the request's response error.
func (s *ServiceQuotaExceededException) StatusCode() int {
	return s.RespMetadata.StatusCode
}

// RequestID returns the service's response RequestID for request.
func (s *ServiceQuotaExceededException) RequestID() string {
	return s.RespMetadata.RequestID
}

// The proposed access control configuration for an Amazon SNS topic. You can
// propose a configuration for a new Amazon SNS topic or an existing Amazon
// SNS topic that you own by specifying the policy. If the configuration is
// for an existing Amazon SNS topic and you do not specify the Amazon SNS policy,
// then the access preview uses the existing Amazon SNS policy for the topic.
// If the access preview is for a new resource and you do not specify the policy,
// then the access preview assumes an Amazon SNS topic without a policy. To
// propose deletion of an existing Amazon SNS topic policy, you can specify
// an empty string for the Amazon SNS policy. For more information, see Topic
// (https://docs.aws.amazon.com/sns/latest/api/API_Topic.html).
type SnsTopicConfiguration struct {
	_ struct{} `type:"structure"`

	// The JSON policy text that defines who can access an Amazon SNS topic. For
	// more information, see Example cases for Amazon SNS access control (https://docs.aws.amazon.com/sns/latest/dg/sns-access-policy-use-cases.html)
	// in the Amazon SNS Developer Guide.
	TopicPolicy *string `locationName:"topicPolicy" type:"string"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s SnsTopicConfiguration) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s SnsTopicConfiguration) GoString() string {
	return s.String()
}

// SetTopicPolicy sets the TopicPolicy field's value.
func (s *SnsTopicConfiguration) SetTopicPolicy(v string) *SnsTopicConfiguration {
	s.TopicPolicy = &v
	return s
}

// The criteria used to sort.
type SortCriteria struct {
	_ struct{} `type:"structure"`

	// The name of the attribute to sort on.
	AttributeName *string `locationName:"attributeName" type:"string"`

	// The sort order, ascending or descending.
	OrderBy *string `locationName:"orderBy" type:"string" enum:"OrderBy"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s SortCriteria) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s SortCriteria) GoString() string {
	return s.String()
}

// SetAttributeName sets the AttributeName field's value.
func (s *SortCriteria) SetAttributeName(v string) *SortCriteria {
	s.AttributeName = &v
	return s
}

// SetOrderBy sets the OrderBy field's value.
func (s *SortCriteria) SetOrderBy(v string) *SortCriteria {
	s.OrderBy = &v
	return s
}

// A span in a policy. The span consists of a start position (inclusive) and
// end position (exclusive).
type Span struct {
	_ struct{} `type:"structure"`

	// The end position of the span (exclusive).
	//
	// End is a required field
	End *Position `locationName:"end" type:"structure" required:"true"`

	// The start position of the span (inclusive).
	//
	// Start is a required field
	Start *Position `locationName:"start" type:"structure" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s Span) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s Span) GoString() string {
	return s.String()
}

// SetEnd sets the End field's value.
func (s *Span) SetEnd(v *Position) *Span {
	s.End = v
	return s
}

// SetStart sets the Start field's value.
func (s *Span) SetStart(v *Position) *Span {
	s.Start = v
	return s
}

// The proposed access control configuration for an Amazon SQS queue. You can
// propose a configuration for a new Amazon SQS queue or an existing Amazon
// SQS queue that you own by specifying the Amazon SQS policy. If the configuration
// is for an existing Amazon SQS queue and you do not specify the Amazon SQS
// policy, the access preview uses the existing Amazon SQS policy for the queue.
// If the access preview is for a new resource and you do not specify the policy,
// the access preview assumes an Amazon SQS queue without a policy. To propose
// deletion of an existing Amazon SQS queue policy, you can specify an empty
// string for the Amazon SQS policy. For more information about Amazon SQS policy
// limits, see Quotas related to policies (https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/quotas-policies.html).
type SqsQueueConfiguration struct {
	_ struct{} `type:"structure"`

	// The proposed resource policy for the Amazon SQS queue.
	QueuePolicy *string `locationName:"queuePolicy" type:"string"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s SqsQueueConfiguration) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s SqsQueueConfiguration) GoString() string {
	return s.String()
}

// SetQueuePolicy sets the QueuePolicy field's value.
func (s *SqsQueueConfiguration) SetQueuePolicy(v string) *SqsQueueConfiguration {
	s.QueuePolicy = &v
	return s
}

type StartPolicyGenerationInput struct {
	_ struct{} `type:"structure"`

	// A unique, case-sensitive identifier that you provide to ensure the idempotency
	// of the request. Idempotency ensures that an API request completes only once.
	// With an idempotent request, if the original request completes successfully,
	// the subsequent retries with the same client token return the result from
	// the original successful request and they have no additional effect.
	//
	// If you do not specify a client token, one is automatically generated by the
	// Amazon Web Services SDK.
	ClientToken *string `locationName:"clientToken" type:"string" idempotencyToken:"true"`

	// A CloudTrailDetails object that contains details about a Trail that you want
	// to analyze to generate policies.
	CloudTrailDetails *CloudTrailDetails `locationName:"cloudTrailDetails" type:"structure"`

	// Contains the ARN of the IAM entity (user or role) for which you are generating
	// a policy.
	//
	// PolicyGenerationDetails is a required field
	PolicyGenerationDetails *PolicyGenerationDetails `locationName:"policyGenerationDetails" type:"structure" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s StartPolicyGenerationInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s StartPolicyGenerationInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *StartPolicyGenerationInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "StartPolicyGenerationInput"}
	if s.PolicyGenerationDetails == nil {
		invalidParams.Add(request.NewErrParamRequired("PolicyGenerationDetails"))
	}
	if s.CloudTrailDetails != nil {
		if err := s.CloudTrailDetails.Validate(); err != nil {
			invalidParams.AddNested("CloudTrailDetails", err.(request.ErrInvalidParams))
		}
	}
	if s.PolicyGenerationDetails != nil {
		if err := s.PolicyGenerationDetails.Validate(); err != nil {
			invalidParams.AddNested("PolicyGenerationDetails", err.(request.ErrInvalidParams))
		}
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetClientToken sets the ClientToken field's value.
func (s *StartPolicyGenerationInput) SetClientToken(v string) *StartPolicyGenerationInput {
	s.ClientToken = &v
	return s
}

// SetCloudTrailDetails sets the CloudTrailDetails field's value.
func (s *StartPolicyGenerationInput) SetCloudTrailDetails(v *CloudTrailDetails) *StartPolicyGenerationInput {
	s.CloudTrailDetails = v
	return s
}

// SetPolicyGenerationDetails sets the PolicyGenerationDetails field's value.
func (s *StartPolicyGenerationInput) SetPolicyGenerationDetails(v *PolicyGenerationDetails) *StartPolicyGenerationInput {
	s.PolicyGenerationDetails = v
	return s
}

type StartPolicyGenerationOutput struct {
	_ struct{} `type:"structure"`

	// The JobId that is returned by the StartPolicyGeneration operation. The JobId
	// can be used with GetGeneratedPolicy to retrieve the generated policies or
	// used with CancelPolicyGeneration to cancel the policy generation request.
	//
	// JobId is a required field
	JobId *string `locationName:"jobId" type:"string" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s StartPolicyGenerationOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s StartPolicyGenerationOutput) GoString() string {
	return s.String()
}

// SetJobId sets the JobId field's value.
func (s *StartPolicyGenerationOutput) SetJobId(v string) *StartPolicyGenerationOutput {
	s.JobId = &v
	return s
}

// Starts a scan of the policies applied to the specified resource.
type StartResourceScanInput struct {
	_ struct{} `type:"structure"`

	// The ARN of the analyzer (https://docs.aws.amazon.com/IAM/latest/UserGuide/access-analyzer-getting-started.html#permission-resources)
	// to use to scan the policies applied to the specified resource.
	//
	// AnalyzerArn is a required field
	AnalyzerArn *string `locationName:"analyzerArn" type:"string" required:"true"`

	// The ARN of the resource to scan.
	//
	// ResourceArn is a required field
	ResourceArn *string `locationName:"resourceArn" type:"string" required:"true"`

	// The Amazon Web Services account ID that owns the resource. For most Amazon
	// Web Services resources, the owning account is the account in which the resource
	// was created.
	ResourceOwnerAccount *string `locationName:"resourceOwnerAccount" type:"string"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s StartResourceScanInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s StartResourceScanInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *StartResourceScanInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "StartResourceScanInput"}
	if s.AnalyzerArn == nil {
		invalidParams.Add(request.NewErrParamRequired("AnalyzerArn"))
	}
	if s.ResourceArn == nil {
		invalidParams.Add(request.NewErrParamRequired("ResourceArn"))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetAnalyzerArn sets the AnalyzerArn field's value.
func (s *StartResourceScanInput) SetAnalyzerArn(v string) *StartResourceScanInput {
	s.AnalyzerArn = &v
	return s
}

// SetResourceArn sets the ResourceArn field's value.
func (s *StartResourceScanInput) SetResourceArn(v string) *StartResourceScanInput {
	s.ResourceArn = &v
	return s
}

// SetResourceOwnerAccount sets the ResourceOwnerAccount field's value.
func (s *StartResourceScanInput) SetResourceOwnerAccount(v string) *StartResourceScanInput {
	s.ResourceOwnerAccount = &v
	return s
}

type StartResourceScanOutput struct {
	_ struct{} `type:"structure"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s StartResourceScanOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s StartResourceScanOutput) GoString() string {
	return s.String()
}

// Provides more details about the current status of the analyzer. For example,
// if the creation for the analyzer fails, a Failed status is returned. For
// an analyzer with organization as the type, this failure can be due to an
// issue with creating the service-linked roles required in the member accounts
// of the Amazon Web Services organization.
type StatusReason struct {
	_ struct{} `type:"structure"`

	// The reason code for the current status of the analyzer.
	//
	// Code is a required field
	Code *string `locationName:"code" type:"string" required:"true" enum:"ReasonCode"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s StatusReason) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s StatusReason) GoString() string {
	return s.String()
}

// SetCode sets the Code field's value.
func (s *StatusReason) SetCode(v string) *StatusReason {
	s.Code = &v
	return s
}

// A reference to a substring of a literal string in a JSON document.
type Substring struct {
	_ struct{} `type:"structure"`

	// The length of the substring.
	//
	// Length is a required field
	Length *int64 `locationName:"length" type:"integer" required:"true"`

	// The start index of the substring, starting from 0.
	//
	// Start is a required field
	Start *int64 `locationName:"start" type:"integer" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s Substring) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s Substring) GoString() string {
	return s.String()
}

// SetLength sets the Length field's value.
func (s *Substring) SetLength(v int64) *Substring {
	s.Length = &v
	return s
}

// SetStart sets the Start field's value.
func (s *Substring) SetStart(v int64) *Substring {
	s.Start = &v
	return s
}

// Adds a tag to the specified resource.
type TagResourceInput struct {
	_ struct{} `type:"structure"`

	// The ARN of the resource to add the tag to.
	//
	// ResourceArn is a required field
	ResourceArn *string `location:"uri" locationName:"resourceArn" type:"string" required:"true"`

	// The tags to add to the resource.
	//
	// Tags is a required field
	Tags map[string]*string `locationName:"tags" type:"map" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s TagResourceInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s TagResourceInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *TagResourceInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "TagResourceInput"}
	if s.ResourceArn == nil {
		invalidParams.Add(request.NewErrParamRequired("ResourceArn"))
	}
	if s.ResourceArn != nil && len(*s.ResourceArn) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("ResourceArn", 1))
	}
	if s.Tags == nil {
		invalidParams.Add(request.NewErrParamRequired("Tags"))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetResourceArn sets the ResourceArn field's value.
func (s *TagResourceInput) SetResourceArn(v string) *TagResourceInput {
	s.ResourceArn = &v
	return s
}

// SetTags sets the Tags field's value.
func (s *TagResourceInput) SetTags(v map[string]*string) *TagResourceInput {
	s.Tags = v
	return s
}

// The response to the request.
type TagResourceOutput struct {
	_ struct{} `type:"structure"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s TagResourceOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s TagResourceOutput) GoString() string {
	return s.String()
}

// Throttling limit exceeded error.
type ThrottlingException struct {
	_            struct{}                  `type:"structure"`
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	Message_ *string `locationName:"message" type:"string"`

	// The seconds to wait to retry.
	RetryAfterSeconds *int64 `location:"header" locationName:"Retry-After" type:"integer"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ThrottlingException) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ThrottlingException) GoString() string {
	return s.String()
}

func newErrorThrottlingException(v protocol.ResponseMetadata) error {
	return &ThrottlingException{
		RespMetadata: v,
	}
}

// Code returns the exception type name.
func (s *ThrottlingException) Code() string {
	return "ThrottlingException"
}

// Message returns the exception's message.
func (s *ThrottlingException) Message() string {
	if s.Message_ != nil {
		return *s.Message_
	}
	return ""
}

// OrigErr always returns nil, satisfies awserr.Error interface.
func (s *ThrottlingException) OrigErr() error {
	return nil
}

func (s *ThrottlingException) Error() string {
	return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String())
}

// Status code returns the HTTP status code for the request's response error.
func (s *ThrottlingException) StatusCode() int {
	return s.RespMetadata.StatusCode
}

// RequestID returns the service's response RequestID for request.
func (s *ThrottlingException) RequestID() string {
	return s.RespMetadata.RequestID
}

// Contains details about the CloudTrail trail being analyzed to generate a
// policy.
type Trail struct {
	_ struct{} `type:"structure"`

	// Possible values are true or false. If set to true, IAM Access Analyzer retrieves
	// CloudTrail data from all regions to analyze and generate a policy.
	AllRegions *bool `locationName:"allRegions" type:"boolean"`

	// Specifies the ARN of the trail. The format of a trail ARN is arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail.
	//
	// CloudTrailArn is a required field
	CloudTrailArn *string `locationName:"cloudTrailArn" type:"string" required:"true"`

	// A list of regions to get CloudTrail data from and analyze to generate a policy.
	Regions []*string `locationName:"regions" type:"list"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s Trail) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s Trail) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *Trail) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "Trail"}
	if s.CloudTrailArn == nil {
		invalidParams.Add(request.NewErrParamRequired("CloudTrailArn"))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetAllRegions sets the AllRegions field's value.
func (s *Trail) SetAllRegions(v bool) *Trail {
	s.AllRegions = &v
	return s
}

// SetCloudTrailArn sets the CloudTrailArn field's value.
func (s *Trail) SetCloudTrailArn(v string) *Trail {
	s.CloudTrailArn = &v
	return s
}

// SetRegions sets the Regions field's value.
func (s *Trail) SetRegions(v []*string) *Trail {
	s.Regions = v
	return s
}

// Contains details about the CloudTrail trail being analyzed to generate a
// policy.
type TrailProperties struct {
	_ struct{} `type:"structure"`

	// Possible values are true or false. If set to true, IAM Access Analyzer retrieves
	// CloudTrail data from all regions to analyze and generate a policy.
	AllRegions *bool `locationName:"allRegions" type:"boolean"`

	// Specifies the ARN of the trail. The format of a trail ARN is arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail.
	//
	// CloudTrailArn is a required field
	CloudTrailArn *string `locationName:"cloudTrailArn" type:"string" required:"true"`

	// A list of regions to get CloudTrail data from and analyze to generate a policy.
	Regions []*string `locationName:"regions" type:"list"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s TrailProperties) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s TrailProperties) GoString() string {
	return s.String()
}

// SetAllRegions sets the AllRegions field's value.
func (s *TrailProperties) SetAllRegions(v bool) *TrailProperties {
	s.AllRegions = &v
	return s
}

// SetCloudTrailArn sets the CloudTrailArn field's value.
func (s *TrailProperties) SetCloudTrailArn(v string) *TrailProperties {
	s.CloudTrailArn = &v
	return s
}

// SetRegions sets the Regions field's value.
func (s *TrailProperties) SetRegions(v []*string) *TrailProperties {
	s.Regions = v
	return s
}

// The specified entity could not be processed.
type UnprocessableEntityException struct {
	_            struct{}                  `type:"structure"`
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	Message_ *string `locationName:"message" type:"string"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UnprocessableEntityException) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UnprocessableEntityException) GoString() string {
	return s.String()
}

func newErrorUnprocessableEntityException(v protocol.ResponseMetadata) error {
	return &UnprocessableEntityException{
		RespMetadata: v,
	}
}

// Code returns the exception type name.
func (s *UnprocessableEntityException) Code() string {
	return "UnprocessableEntityException"
}

// Message returns the exception's message.
func (s *UnprocessableEntityException) Message() string {
	if s.Message_ != nil {
		return *s.Message_
	}
	return ""
}

// OrigErr always returns nil, satisfies awserr.Error interface.
func (s *UnprocessableEntityException) OrigErr() error {
	return nil
}

func (s *UnprocessableEntityException) Error() string {
	return fmt.Sprintf("%s: %s", s.Code(), s.Message())
}

// Status code returns the HTTP status code for the request's response error.
func (s *UnprocessableEntityException) StatusCode() int {
	return s.RespMetadata.StatusCode
}

// RequestID returns the service's response RequestID for request.
func (s *UnprocessableEntityException) RequestID() string {
	return s.RespMetadata.RequestID
}

// Removes a tag from the specified resource.
type UntagResourceInput struct {
	_ struct{} `type:"structure" nopayload:"true"`

	// The ARN of the resource to remove the tag from.
	//
	// ResourceArn is a required field
	ResourceArn *string `location:"uri" locationName:"resourceArn" type:"string" required:"true"`

	// The key for the tag to add.
	//
	// TagKeys is a required field
	TagKeys []*string `location:"querystring" locationName:"tagKeys" type:"list" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UntagResourceInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UntagResourceInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *UntagResourceInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "UntagResourceInput"}
	if s.ResourceArn == nil {
		invalidParams.Add(request.NewErrParamRequired("ResourceArn"))
	}
	if s.ResourceArn != nil && len(*s.ResourceArn) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("ResourceArn", 1))
	}
	if s.TagKeys == nil {
		invalidParams.Add(request.NewErrParamRequired("TagKeys"))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetResourceArn sets the ResourceArn field's value.
func (s *UntagResourceInput) SetResourceArn(v string) *UntagResourceInput {
	s.ResourceArn = &v
	return s
}

// SetTagKeys sets the TagKeys field's value.
func (s *UntagResourceInput) SetTagKeys(v []*string) *UntagResourceInput {
	s.TagKeys = v
	return s
}

// The response to the request.
type UntagResourceOutput struct {
	_ struct{} `type:"structure"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UntagResourceOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UntagResourceOutput) GoString() string {
	return s.String()
}

// Contains information about an unused access analyzer.
type UnusedAccessConfiguration struct {
	_ struct{} `type:"structure"`

	// The specified access age in days for which to generate findings for unused
	// access. For example, if you specify 90 days, the analyzer will generate findings
	// for IAM entities within the accounts of the selected organization for any
	// access that hasn't been used in 90 or more days since the analyzer's last
	// scan. You can choose a value between 1 and 180 days.
	UnusedAccessAge *int64 `locationName:"unusedAccessAge" type:"integer"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UnusedAccessConfiguration) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UnusedAccessConfiguration) GoString() string {
	return s.String()
}

// SetUnusedAccessAge sets the UnusedAccessAge field's value.
func (s *UnusedAccessConfiguration) SetUnusedAccessAge(v int64) *UnusedAccessConfiguration {
	s.UnusedAccessAge = &v
	return s
}

// Contains information about an unused access finding for an action. IAM Access
// Analyzer charges for unused access analysis based on the number of IAM roles
// and users analyzed per month. For more details on pricing, see IAM Access
// Analyzer pricing (https://aws.amazon.com/iam/access-analyzer/pricing).
type UnusedAction struct {
	_ struct{} `type:"structure"`

	// The action for which the unused access finding was generated.
	//
	// Action is a required field
	Action *string `locationName:"action" type:"string" required:"true"`

	// The time at which the action was last accessed.
	LastAccessed *time.Time `locationName:"lastAccessed" type:"timestamp" timestampFormat:"iso8601"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UnusedAction) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UnusedAction) GoString() string {
	return s.String()
}

// SetAction sets the Action field's value.
func (s *UnusedAction) SetAction(v string) *UnusedAction {
	s.Action = &v
	return s
}

// SetLastAccessed sets the LastAccessed field's value.
func (s *UnusedAction) SetLastAccessed(v time.Time) *UnusedAction {
	s.LastAccessed = &v
	return s
}

// Contains information about an unused access finding for an IAM role. IAM
// Access Analyzer charges for unused access analysis based on the number of
// IAM roles and users analyzed per month. For more details on pricing, see
// IAM Access Analyzer pricing (https://aws.amazon.com/iam/access-analyzer/pricing).
type UnusedIamRoleDetails struct {
	_ struct{} `type:"structure"`

	// The time at which the role was last accessed.
	LastAccessed *time.Time `locationName:"lastAccessed" type:"timestamp" timestampFormat:"iso8601"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UnusedIamRoleDetails) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UnusedIamRoleDetails) GoString() string {
	return s.String()
}

// SetLastAccessed sets the LastAccessed field's value.
func (s *UnusedIamRoleDetails) SetLastAccessed(v time.Time) *UnusedIamRoleDetails {
	s.LastAccessed = &v
	return s
}

// Contains information about an unused access finding for an IAM user access
// key. IAM Access Analyzer charges for unused access analysis based on the
// number of IAM roles and users analyzed per month. For more details on pricing,
// see IAM Access Analyzer pricing (https://aws.amazon.com/iam/access-analyzer/pricing).
type UnusedIamUserAccessKeyDetails struct {
	_ struct{} `type:"structure"`

	// The ID of the access key for which the unused access finding was generated.
	//
	// AccessKeyId is a required field
	AccessKeyId *string `locationName:"accessKeyId" type:"string" required:"true"`

	// The time at which the access key was last accessed.
	LastAccessed *time.Time `locationName:"lastAccessed" type:"timestamp" timestampFormat:"iso8601"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UnusedIamUserAccessKeyDetails) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UnusedIamUserAccessKeyDetails) GoString() string {
	return s.String()
}

// SetAccessKeyId sets the AccessKeyId field's value.
func (s *UnusedIamUserAccessKeyDetails) SetAccessKeyId(v string) *UnusedIamUserAccessKeyDetails {
	s.AccessKeyId = &v
	return s
}

// SetLastAccessed sets the LastAccessed field's value.
func (s *UnusedIamUserAccessKeyDetails) SetLastAccessed(v time.Time) *UnusedIamUserAccessKeyDetails {
	s.LastAccessed = &v
	return s
}

// Contains information about an unused access finding for an IAM user password.
// IAM Access Analyzer charges for unused access analysis based on the number
// of IAM roles and users analyzed per month. For more details on pricing, see
// IAM Access Analyzer pricing (https://aws.amazon.com/iam/access-analyzer/pricing).
type UnusedIamUserPasswordDetails struct {
	_ struct{} `type:"structure"`

	// The time at which the password was last accessed.
	LastAccessed *time.Time `locationName:"lastAccessed" type:"timestamp" timestampFormat:"iso8601"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UnusedIamUserPasswordDetails) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UnusedIamUserPasswordDetails) GoString() string {
	return s.String()
}

// SetLastAccessed sets the LastAccessed field's value.
func (s *UnusedIamUserPasswordDetails) SetLastAccessed(v time.Time) *UnusedIamUserPasswordDetails {
	s.LastAccessed = &v
	return s
}

// Contains information about an unused access finding for a permission. IAM
// Access Analyzer charges for unused access analysis based on the number of
// IAM roles and users analyzed per month. For more details on pricing, see
// IAM Access Analyzer pricing (https://aws.amazon.com/iam/access-analyzer/pricing).
type UnusedPermissionDetails struct {
	_ struct{} `type:"structure"`

	// A list of unused actions for which the unused access finding was generated.
	Actions []*UnusedAction `locationName:"actions" type:"list"`

	// The time at which the permission last accessed.
	LastAccessed *time.Time `locationName:"lastAccessed" type:"timestamp" timestampFormat:"iso8601"`

	// The namespace of the Amazon Web Services service that contains the unused
	// actions.
	//
	// ServiceNamespace is a required field
	ServiceNamespace *string `locationName:"serviceNamespace" type:"string" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UnusedPermissionDetails) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UnusedPermissionDetails) GoString() string {
	return s.String()
}

// SetActions sets the Actions field's value.
func (s *UnusedPermissionDetails) SetActions(v []*UnusedAction) *UnusedPermissionDetails {
	s.Actions = v
	return s
}

// SetLastAccessed sets the LastAccessed field's value.
func (s *UnusedPermissionDetails) SetLastAccessed(v time.Time) *UnusedPermissionDetails {
	s.LastAccessed = &v
	return s
}

// SetServiceNamespace sets the ServiceNamespace field's value.
func (s *UnusedPermissionDetails) SetServiceNamespace(v string) *UnusedPermissionDetails {
	s.ServiceNamespace = &v
	return s
}

// Updates the specified archive rule.
type UpdateArchiveRuleInput struct {
	_ struct{} `type:"structure"`

	// The name of the analyzer to update the archive rules for.
	//
	// AnalyzerName is a required field
	AnalyzerName *string `location:"uri" locationName:"analyzerName" min:"1" type:"string" required:"true"`

	// A client token.
	ClientToken *string `locationName:"clientToken" type:"string" idempotencyToken:"true"`

	// A filter to match for the rules to update. Only rules that match the filter
	// are updated.
	//
	// Filter is a required field
	Filter map[string]*Criterion `locationName:"filter" type:"map" required:"true"`

	// The name of the rule to update.
	//
	// RuleName is a required field
	RuleName *string `location:"uri" locationName:"ruleName" min:"1" type:"string" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UpdateArchiveRuleInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UpdateArchiveRuleInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *UpdateArchiveRuleInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "UpdateArchiveRuleInput"}
	if s.AnalyzerName == nil {
		invalidParams.Add(request.NewErrParamRequired("AnalyzerName"))
	}
	if s.AnalyzerName != nil && len(*s.AnalyzerName) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("AnalyzerName", 1))
	}
	if s.Filter == nil {
		invalidParams.Add(request.NewErrParamRequired("Filter"))
	}
	if s.RuleName == nil {
		invalidParams.Add(request.NewErrParamRequired("RuleName"))
	}
	if s.RuleName != nil && len(*s.RuleName) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("RuleName", 1))
	}
	if s.Filter != nil {
		for i, v := range s.Filter {
			if v == nil {
				continue
			}
			if err := v.Validate(); err != nil {
				invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Filter", i), err.(request.ErrInvalidParams))
			}
		}
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetAnalyzerName sets the AnalyzerName field's value.
func (s *UpdateArchiveRuleInput) SetAnalyzerName(v string) *UpdateArchiveRuleInput {
	s.AnalyzerName = &v
	return s
}

// SetClientToken sets the ClientToken field's value.
func (s *UpdateArchiveRuleInput) SetClientToken(v string) *UpdateArchiveRuleInput {
	s.ClientToken = &v
	return s
}

// SetFilter sets the Filter field's value.
func (s *UpdateArchiveRuleInput) SetFilter(v map[string]*Criterion) *UpdateArchiveRuleInput {
	s.Filter = v
	return s
}

// SetRuleName sets the RuleName field's value.
func (s *UpdateArchiveRuleInput) SetRuleName(v string) *UpdateArchiveRuleInput {
	s.RuleName = &v
	return s
}

type UpdateArchiveRuleOutput struct {
	_ struct{} `type:"structure"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UpdateArchiveRuleOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UpdateArchiveRuleOutput) GoString() string {
	return s.String()
}

// Updates findings with the new values provided in the request.
type UpdateFindingsInput struct {
	_ struct{} `type:"structure"`

	// The ARN of the analyzer (https://docs.aws.amazon.com/IAM/latest/UserGuide/access-analyzer-getting-started.html#permission-resources)
	// that generated the findings to update.
	//
	// AnalyzerArn is a required field
	AnalyzerArn *string `locationName:"analyzerArn" type:"string" required:"true"`

	// A client token.
	ClientToken *string `locationName:"clientToken" type:"string" idempotencyToken:"true"`

	// The IDs of the findings to update.
	Ids []*string `locationName:"ids" type:"list"`

	// The ARN of the resource identified in the finding.
	ResourceArn *string `locationName:"resourceArn" type:"string"`

	// The state represents the action to take to update the finding Status. Use
	// ARCHIVE to change an Active finding to an Archived finding. Use ACTIVE to
	// change an Archived finding to an Active finding.
	//
	// Status is a required field
	Status *string `locationName:"status" type:"string" required:"true" enum:"FindingStatusUpdate"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UpdateFindingsInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UpdateFindingsInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *UpdateFindingsInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "UpdateFindingsInput"}
	if s.AnalyzerArn == nil {
		invalidParams.Add(request.NewErrParamRequired("AnalyzerArn"))
	}
	if s.Status == nil {
		invalidParams.Add(request.NewErrParamRequired("Status"))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetAnalyzerArn sets the AnalyzerArn field's value.
func (s *UpdateFindingsInput) SetAnalyzerArn(v string) *UpdateFindingsInput {
	s.AnalyzerArn = &v
	return s
}

// SetClientToken sets the ClientToken field's value.
func (s *UpdateFindingsInput) SetClientToken(v string) *UpdateFindingsInput {
	s.ClientToken = &v
	return s
}

// SetIds sets the Ids field's value.
func (s *UpdateFindingsInput) SetIds(v []*string) *UpdateFindingsInput {
	s.Ids = v
	return s
}

// SetResourceArn sets the ResourceArn field's value.
func (s *UpdateFindingsInput) SetResourceArn(v string) *UpdateFindingsInput {
	s.ResourceArn = &v
	return s
}

// SetStatus sets the Status field's value.
func (s *UpdateFindingsInput) SetStatus(v string) *UpdateFindingsInput {
	s.Status = &v
	return s
}

type UpdateFindingsOutput struct {
	_ struct{} `type:"structure"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UpdateFindingsOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UpdateFindingsOutput) GoString() string {
	return s.String()
}

// A finding in a policy. Each finding is an actionable recommendation that
// can be used to improve the policy.
type ValidatePolicyFinding struct {
	_ struct{} `type:"structure"`

	// A localized message that explains the finding and provides guidance on how
	// to address it.
	//
	// FindingDetails is a required field
	FindingDetails *string `locationName:"findingDetails" type:"string" required:"true"`

	// The impact of the finding.
	//
	// Security warnings report when the policy allows access that we consider overly
	// permissive.
	//
	// Errors report when a part of the policy is not functional.
	//
	// Warnings report non-security issues when a policy does not conform to policy
	// writing best practices.
	//
	// Suggestions recommend stylistic improvements in the policy that do not impact
	// access.
	//
	// FindingType is a required field
	FindingType *string `locationName:"findingType" type:"string" required:"true" enum:"ValidatePolicyFindingType"`

	// The issue code provides an identifier of the issue associated with this finding.
	//
	// IssueCode is a required field
	IssueCode *string `locationName:"issueCode" type:"string" required:"true"`

	// A link to additional documentation about the type of finding.
	//
	// LearnMoreLink is a required field
	LearnMoreLink *string `locationName:"learnMoreLink" type:"string" required:"true"`

	// The list of locations in the policy document that are related to the finding.
	// The issue code provides a summary of an issue identified by the finding.
	//
	// Locations is a required field
	Locations []*Location `locationName:"locations" type:"list" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ValidatePolicyFinding) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ValidatePolicyFinding) GoString() string {
	return s.String()
}

// SetFindingDetails sets the FindingDetails field's value.
func (s *ValidatePolicyFinding) SetFindingDetails(v string) *ValidatePolicyFinding {
	s.FindingDetails = &v
	return s
}

// SetFindingType sets the FindingType field's value.
func (s *ValidatePolicyFinding) SetFindingType(v string) *ValidatePolicyFinding {
	s.FindingType = &v
	return s
}

// SetIssueCode sets the IssueCode field's value.
func (s *ValidatePolicyFinding) SetIssueCode(v string) *ValidatePolicyFinding {
	s.IssueCode = &v
	return s
}

// SetLearnMoreLink sets the LearnMoreLink field's value.
func (s *ValidatePolicyFinding) SetLearnMoreLink(v string) *ValidatePolicyFinding {
	s.LearnMoreLink = &v
	return s
}

// SetLocations sets the Locations field's value.
func (s *ValidatePolicyFinding) SetLocations(v []*Location) *ValidatePolicyFinding {
	s.Locations = v
	return s
}

type ValidatePolicyInput struct {
	_ struct{} `type:"structure"`

	// The locale to use for localizing the findings.
	Locale *string `locationName:"locale" type:"string" enum:"Locale"`

	// The maximum number of results to return in the response.
	MaxResults *int64 `location:"querystring" locationName:"maxResults" type:"integer"`

	// A token used for pagination of results returned.
	NextToken *string `location:"querystring" locationName:"nextToken" type:"string"`

	// The JSON policy document to use as the content for the policy.
	//
	// PolicyDocument is a required field
	PolicyDocument *string `locationName:"policyDocument" type:"string" required:"true"`

	// The type of policy to validate. Identity policies grant permissions to IAM
	// principals. Identity policies include managed and inline policies for IAM
	// roles, users, and groups.
	//
	// Resource policies grant permissions on Amazon Web Services resources. Resource
	// policies include trust policies for IAM roles and bucket policies for Amazon
	// S3 buckets. You can provide a generic input such as identity policy or resource
	// policy or a specific input such as managed policy or Amazon S3 bucket policy.
	//
	// Service control policies (SCPs) are a type of organization policy attached
	// to an Amazon Web Services organization, organizational unit (OU), or an account.
	//
	// PolicyType is a required field
	PolicyType *string `locationName:"policyType" type:"string" required:"true" enum:"PolicyType"`

	// The type of resource to attach to your resource policy. Specify a value for
	// the policy validation resource type only if the policy type is RESOURCE_POLICY.
	// For example, to validate a resource policy to attach to an Amazon S3 bucket,
	// you can choose AWS::S3::Bucket for the policy validation resource type.
	//
	// For resource types not supported as valid values, IAM Access Analyzer runs
	// policy checks that apply to all resource policies. For example, to validate
	// a resource policy to attach to a KMS key, do not specify a value for the
	// policy validation resource type and IAM Access Analyzer will run policy checks
	// that apply to all resource policies.
	ValidatePolicyResourceType *string `locationName:"validatePolicyResourceType" type:"string" enum:"ValidatePolicyResourceType"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ValidatePolicyInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ValidatePolicyInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *ValidatePolicyInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "ValidatePolicyInput"}
	if s.PolicyDocument == nil {
		invalidParams.Add(request.NewErrParamRequired("PolicyDocument"))
	}
	if s.PolicyType == nil {
		invalidParams.Add(request.NewErrParamRequired("PolicyType"))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetLocale sets the Locale field's value.
func (s *ValidatePolicyInput) SetLocale(v string) *ValidatePolicyInput {
	s.Locale = &v
	return s
}

// SetMaxResults sets the MaxResults field's value.
func (s *ValidatePolicyInput) SetMaxResults(v int64) *ValidatePolicyInput {
	s.MaxResults = &v
	return s
}

// SetNextToken sets the NextToken field's value.
func (s *ValidatePolicyInput) SetNextToken(v string) *ValidatePolicyInput {
	s.NextToken = &v
	return s
}

// SetPolicyDocument sets the PolicyDocument field's value.
func (s *ValidatePolicyInput) SetPolicyDocument(v string) *ValidatePolicyInput {
	s.PolicyDocument = &v
	return s
}

// SetPolicyType sets the PolicyType field's value.
func (s *ValidatePolicyInput) SetPolicyType(v string) *ValidatePolicyInput {
	s.PolicyType = &v
	return s
}

// SetValidatePolicyResourceType sets the ValidatePolicyResourceType field's value.
func (s *ValidatePolicyInput) SetValidatePolicyResourceType(v string) *ValidatePolicyInput {
	s.ValidatePolicyResourceType = &v
	return s
}

type ValidatePolicyOutput struct {
	_ struct{} `type:"structure"`

	// The list of findings in a policy returned by IAM Access Analyzer based on
	// its suite of policy checks.
	//
	// Findings is a required field
	Findings []*ValidatePolicyFinding `locationName:"findings" type:"list" required:"true"`

	// A token used for pagination of results returned.
	NextToken *string `locationName:"nextToken" type:"string"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ValidatePolicyOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ValidatePolicyOutput) GoString() string {
	return s.String()
}

// SetFindings sets the Findings field's value.
func (s *ValidatePolicyOutput) SetFindings(v []*ValidatePolicyFinding) *ValidatePolicyOutput {
	s.Findings = v
	return s
}

// SetNextToken sets the NextToken field's value.
func (s *ValidatePolicyOutput) SetNextToken(v string) *ValidatePolicyOutput {
	s.NextToken = &v
	return s
}

// Validation exception error.
type ValidationException struct {
	_            struct{}                  `type:"structure"`
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	// A list of fields that didn't validate.
	FieldList []*ValidationExceptionField `locationName:"fieldList" type:"list"`

	Message_ *string `locationName:"message" type:"string"`

	// The reason for the exception.
	//
	// Reason is a required field
	Reason *string `locationName:"reason" type:"string" required:"true" enum:"ValidationExceptionReason"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ValidationException) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ValidationException) GoString() string {
	return s.String()
}

func newErrorValidationException(v protocol.ResponseMetadata) error {
	return &ValidationException{
		RespMetadata: v,
	}
}

// Code returns the exception type name.
func (s *ValidationException) Code() string {
	return "ValidationException"
}

// Message returns the exception's message.
func (s *ValidationException) Message() string {
	if s.Message_ != nil {
		return *s.Message_
	}
	return ""
}

// OrigErr always returns nil, satisfies awserr.Error interface.
func (s *ValidationException) OrigErr() error {
	return nil
}

func (s *ValidationException) Error() string {
	return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String())
}

// Status code returns the HTTP status code for the request's response error.
func (s *ValidationException) StatusCode() int {
	return s.RespMetadata.StatusCode
}

// RequestID returns the service's response RequestID for request.
func (s *ValidationException) RequestID() string {
	return s.RespMetadata.RequestID
}

// Contains information about a validation exception.
type ValidationExceptionField struct {
	_ struct{} `type:"structure"`

	// A message about the validation exception.
	//
	// Message is a required field
	Message *string `locationName:"message" type:"string" required:"true"`

	// The name of the validation exception.
	//
	// Name is a required field
	Name *string `locationName:"name" type:"string" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ValidationExceptionField) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ValidationExceptionField) GoString() string {
	return s.String()
}

// SetMessage sets the Message field's value.
func (s *ValidationExceptionField) SetMessage(v string) *ValidationExceptionField {
	s.Message = &v
	return s
}

// SetName sets the Name field's value.
func (s *ValidationExceptionField) SetName(v string) *ValidationExceptionField {
	s.Name = &v
	return s
}

// The proposed virtual private cloud (VPC) configuration for the Amazon S3
// access point. VPC configuration does not apply to multi-region access points.
// For more information, see VpcConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_VpcConfiguration.html).
type VpcConfiguration struct {
	_ struct{} `type:"structure"`

	// If this field is specified, this access point will only allow connections
	// from the specified VPC ID.
	//
	// VpcId is a required field
	VpcId *string `locationName:"vpcId" type:"string" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s VpcConfiguration) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s VpcConfiguration) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *VpcConfiguration) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "VpcConfiguration"}
	if s.VpcId == nil {
		invalidParams.Add(request.NewErrParamRequired("VpcId"))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetVpcId sets the VpcId field's value.
func (s *VpcConfiguration) SetVpcId(v string) *VpcConfiguration {
	s.VpcId = &v
	return s
}

const (
	// AccessCheckPolicyTypeIdentityPolicy is a AccessCheckPolicyType enum value
	AccessCheckPolicyTypeIdentityPolicy = "IDENTITY_POLICY"

	// AccessCheckPolicyTypeResourcePolicy is a AccessCheckPolicyType enum value
	AccessCheckPolicyTypeResourcePolicy = "RESOURCE_POLICY"
)

// AccessCheckPolicyType_Values returns all elements of the AccessCheckPolicyType enum
func AccessCheckPolicyType_Values() []string {
	return []string{
		AccessCheckPolicyTypeIdentityPolicy,
		AccessCheckPolicyTypeResourcePolicy,
	}
}

const (
	// AccessPreviewStatusCompleted is a AccessPreviewStatus enum value
	AccessPreviewStatusCompleted = "COMPLETED"

	// AccessPreviewStatusCreating is a AccessPreviewStatus enum value
	AccessPreviewStatusCreating = "CREATING"

	// AccessPreviewStatusFailed is a AccessPreviewStatus enum value
	AccessPreviewStatusFailed = "FAILED"
)

// AccessPreviewStatus_Values returns all elements of the AccessPreviewStatus enum
func AccessPreviewStatus_Values() []string {
	return []string{
		AccessPreviewStatusCompleted,
		AccessPreviewStatusCreating,
		AccessPreviewStatusFailed,
	}
}

const (
	// AccessPreviewStatusReasonCodeInternalError is a AccessPreviewStatusReasonCode enum value
	AccessPreviewStatusReasonCodeInternalError = "INTERNAL_ERROR"

	// AccessPreviewStatusReasonCodeInvalidConfiguration is a AccessPreviewStatusReasonCode enum value
	AccessPreviewStatusReasonCodeInvalidConfiguration = "INVALID_CONFIGURATION"
)

// AccessPreviewStatusReasonCode_Values returns all elements of the AccessPreviewStatusReasonCode enum
func AccessPreviewStatusReasonCode_Values() []string {
	return []string{
		AccessPreviewStatusReasonCodeInternalError,
		AccessPreviewStatusReasonCodeInvalidConfiguration,
	}
}

const (
	// AclPermissionRead is a AclPermission enum value
	AclPermissionRead = "READ"

	// AclPermissionWrite is a AclPermission enum value
	AclPermissionWrite = "WRITE"

	// AclPermissionReadAcp is a AclPermission enum value
	AclPermissionReadAcp = "READ_ACP"

	// AclPermissionWriteAcp is a AclPermission enum value
	AclPermissionWriteAcp = "WRITE_ACP"

	// AclPermissionFullControl is a AclPermission enum value
	AclPermissionFullControl = "FULL_CONTROL"
)

// AclPermission_Values returns all elements of the AclPermission enum
func AclPermission_Values() []string {
	return []string{
		AclPermissionRead,
		AclPermissionWrite,
		AclPermissionReadAcp,
		AclPermissionWriteAcp,
		AclPermissionFullControl,
	}
}

const (
	// AnalyzerStatusActive is a AnalyzerStatus enum value
	AnalyzerStatusActive = "ACTIVE"

	// AnalyzerStatusCreating is a AnalyzerStatus enum value
	AnalyzerStatusCreating = "CREATING"

	// AnalyzerStatusDisabled is a AnalyzerStatus enum value
	AnalyzerStatusDisabled = "DISABLED"

	// AnalyzerStatusFailed is a AnalyzerStatus enum value
	AnalyzerStatusFailed = "FAILED"
)

// AnalyzerStatus_Values returns all elements of the AnalyzerStatus enum
func AnalyzerStatus_Values() []string {
	return []string{
		AnalyzerStatusActive,
		AnalyzerStatusCreating,
		AnalyzerStatusDisabled,
		AnalyzerStatusFailed,
	}
}

const (
	// CheckAccessNotGrantedResultPass is a CheckAccessNotGrantedResult enum value
	CheckAccessNotGrantedResultPass = "PASS"

	// CheckAccessNotGrantedResultFail is a CheckAccessNotGrantedResult enum value
	CheckAccessNotGrantedResultFail = "FAIL"
)

// CheckAccessNotGrantedResult_Values returns all elements of the CheckAccessNotGrantedResult enum
func CheckAccessNotGrantedResult_Values() []string {
	return []string{
		CheckAccessNotGrantedResultPass,
		CheckAccessNotGrantedResultFail,
	}
}

const (
	// CheckNoNewAccessResultPass is a CheckNoNewAccessResult enum value
	CheckNoNewAccessResultPass = "PASS"

	// CheckNoNewAccessResultFail is a CheckNoNewAccessResult enum value
	CheckNoNewAccessResultFail = "FAIL"
)

// CheckNoNewAccessResult_Values returns all elements of the CheckNoNewAccessResult enum
func CheckNoNewAccessResult_Values() []string {
	return []string{
		CheckNoNewAccessResultPass,
		CheckNoNewAccessResultFail,
	}
}

const (
	// FindingChangeTypeChanged is a FindingChangeType enum value
	FindingChangeTypeChanged = "CHANGED"

	// FindingChangeTypeNew is a FindingChangeType enum value
	FindingChangeTypeNew = "NEW"

	// FindingChangeTypeUnchanged is a FindingChangeType enum value
	FindingChangeTypeUnchanged = "UNCHANGED"
)

// FindingChangeType_Values returns all elements of the FindingChangeType enum
func FindingChangeType_Values() []string {
	return []string{
		FindingChangeTypeChanged,
		FindingChangeTypeNew,
		FindingChangeTypeUnchanged,
	}
}

const (
	// FindingSourceTypePolicy is a FindingSourceType enum value
	FindingSourceTypePolicy = "POLICY"

	// FindingSourceTypeBucketAcl is a FindingSourceType enum value
	FindingSourceTypeBucketAcl = "BUCKET_ACL"

	// FindingSourceTypeS3AccessPoint is a FindingSourceType enum value
	FindingSourceTypeS3AccessPoint = "S3_ACCESS_POINT"

	// FindingSourceTypeS3AccessPointAccount is a FindingSourceType enum value
	FindingSourceTypeS3AccessPointAccount = "S3_ACCESS_POINT_ACCOUNT"
)

// FindingSourceType_Values returns all elements of the FindingSourceType enum
func FindingSourceType_Values() []string {
	return []string{
		FindingSourceTypePolicy,
		FindingSourceTypeBucketAcl,
		FindingSourceTypeS3AccessPoint,
		FindingSourceTypeS3AccessPointAccount,
	}
}

const (
	// FindingStatusActive is a FindingStatus enum value
	FindingStatusActive = "ACTIVE"

	// FindingStatusArchived is a FindingStatus enum value
	FindingStatusArchived = "ARCHIVED"

	// FindingStatusResolved is a FindingStatus enum value
	FindingStatusResolved = "RESOLVED"
)

// FindingStatus_Values returns all elements of the FindingStatus enum
func FindingStatus_Values() []string {
	return []string{
		FindingStatusActive,
		FindingStatusArchived,
		FindingStatusResolved,
	}
}

const (
	// FindingStatusUpdateActive is a FindingStatusUpdate enum value
	FindingStatusUpdateActive = "ACTIVE"

	// FindingStatusUpdateArchived is a FindingStatusUpdate enum value
	FindingStatusUpdateArchived = "ARCHIVED"
)

// FindingStatusUpdate_Values returns all elements of the FindingStatusUpdate enum
func FindingStatusUpdate_Values() []string {
	return []string{
		FindingStatusUpdateActive,
		FindingStatusUpdateArchived,
	}
}

const (
	// FindingTypeExternalAccess is a FindingType enum value
	FindingTypeExternalAccess = "ExternalAccess"

	// FindingTypeUnusedIamrole is a FindingType enum value
	FindingTypeUnusedIamrole = "UnusedIAMRole"

	// FindingTypeUnusedIamuserAccessKey is a FindingType enum value
	FindingTypeUnusedIamuserAccessKey = "UnusedIAMUserAccessKey"

	// FindingTypeUnusedIamuserPassword is a FindingType enum value
	FindingTypeUnusedIamuserPassword = "UnusedIAMUserPassword"

	// FindingTypeUnusedPermission is a FindingType enum value
	FindingTypeUnusedPermission = "UnusedPermission"
)

// FindingType_Values returns all elements of the FindingType enum
func FindingType_Values() []string {
	return []string{
		FindingTypeExternalAccess,
		FindingTypeUnusedIamrole,
		FindingTypeUnusedIamuserAccessKey,
		FindingTypeUnusedIamuserPassword,
		FindingTypeUnusedPermission,
	}
}

const (
	// JobErrorCodeAuthorizationError is a JobErrorCode enum value
	JobErrorCodeAuthorizationError = "AUTHORIZATION_ERROR"

	// JobErrorCodeResourceNotFoundError is a JobErrorCode enum value
	JobErrorCodeResourceNotFoundError = "RESOURCE_NOT_FOUND_ERROR"

	// JobErrorCodeServiceQuotaExceededError is a JobErrorCode enum value
	JobErrorCodeServiceQuotaExceededError = "SERVICE_QUOTA_EXCEEDED_ERROR"

	// JobErrorCodeServiceError is a JobErrorCode enum value
	JobErrorCodeServiceError = "SERVICE_ERROR"
)

// JobErrorCode_Values returns all elements of the JobErrorCode enum
func JobErrorCode_Values() []string {
	return []string{
		JobErrorCodeAuthorizationError,
		JobErrorCodeResourceNotFoundError,
		JobErrorCodeServiceQuotaExceededError,
		JobErrorCodeServiceError,
	}
}

const (
	// JobStatusInProgress is a JobStatus enum value
	JobStatusInProgress = "IN_PROGRESS"

	// JobStatusSucceeded is a JobStatus enum value
	JobStatusSucceeded = "SUCCEEDED"

	// JobStatusFailed is a JobStatus enum value
	JobStatusFailed = "FAILED"

	// JobStatusCanceled is a JobStatus enum value
	JobStatusCanceled = "CANCELED"
)

// JobStatus_Values returns all elements of the JobStatus enum
func JobStatus_Values() []string {
	return []string{
		JobStatusInProgress,
		JobStatusSucceeded,
		JobStatusFailed,
		JobStatusCanceled,
	}
}

const (
	// KmsGrantOperationCreateGrant is a KmsGrantOperation enum value
	KmsGrantOperationCreateGrant = "CreateGrant"

	// KmsGrantOperationDecrypt is a KmsGrantOperation enum value
	KmsGrantOperationDecrypt = "Decrypt"

	// KmsGrantOperationDescribeKey is a KmsGrantOperation enum value
	KmsGrantOperationDescribeKey = "DescribeKey"

	// KmsGrantOperationEncrypt is a KmsGrantOperation enum value
	KmsGrantOperationEncrypt = "Encrypt"

	// KmsGrantOperationGenerateDataKey is a KmsGrantOperation enum value
	KmsGrantOperationGenerateDataKey = "GenerateDataKey"

	// KmsGrantOperationGenerateDataKeyPair is a KmsGrantOperation enum value
	KmsGrantOperationGenerateDataKeyPair = "GenerateDataKeyPair"

	// KmsGrantOperationGenerateDataKeyPairWithoutPlaintext is a KmsGrantOperation enum value
	KmsGrantOperationGenerateDataKeyPairWithoutPlaintext = "GenerateDataKeyPairWithoutPlaintext"

	// KmsGrantOperationGenerateDataKeyWithoutPlaintext is a KmsGrantOperation enum value
	KmsGrantOperationGenerateDataKeyWithoutPlaintext = "GenerateDataKeyWithoutPlaintext"

	// KmsGrantOperationGetPublicKey is a KmsGrantOperation enum value
	KmsGrantOperationGetPublicKey = "GetPublicKey"

	// KmsGrantOperationReEncryptFrom is a KmsGrantOperation enum value
	KmsGrantOperationReEncryptFrom = "ReEncryptFrom"

	// KmsGrantOperationReEncryptTo is a KmsGrantOperation enum value
	KmsGrantOperationReEncryptTo = "ReEncryptTo"

	// KmsGrantOperationRetireGrant is a KmsGrantOperation enum value
	KmsGrantOperationRetireGrant = "RetireGrant"

	// KmsGrantOperationSign is a KmsGrantOperation enum value
	KmsGrantOperationSign = "Sign"

	// KmsGrantOperationVerify is a KmsGrantOperation enum value
	KmsGrantOperationVerify = "Verify"
)

// KmsGrantOperation_Values returns all elements of the KmsGrantOperation enum
func KmsGrantOperation_Values() []string {
	return []string{
		KmsGrantOperationCreateGrant,
		KmsGrantOperationDecrypt,
		KmsGrantOperationDescribeKey,
		KmsGrantOperationEncrypt,
		KmsGrantOperationGenerateDataKey,
		KmsGrantOperationGenerateDataKeyPair,
		KmsGrantOperationGenerateDataKeyPairWithoutPlaintext,
		KmsGrantOperationGenerateDataKeyWithoutPlaintext,
		KmsGrantOperationGetPublicKey,
		KmsGrantOperationReEncryptFrom,
		KmsGrantOperationReEncryptTo,
		KmsGrantOperationRetireGrant,
		KmsGrantOperationSign,
		KmsGrantOperationVerify,
	}
}

const (
	// LocaleDe is a Locale enum value
	LocaleDe = "DE"

	// LocaleEn is a Locale enum value
	LocaleEn = "EN"

	// LocaleEs is a Locale enum value
	LocaleEs = "ES"

	// LocaleFr is a Locale enum value
	LocaleFr = "FR"

	// LocaleIt is a Locale enum value
	LocaleIt = "IT"

	// LocaleJa is a Locale enum value
	LocaleJa = "JA"

	// LocaleKo is a Locale enum value
	LocaleKo = "KO"

	// LocalePtBr is a Locale enum value
	LocalePtBr = "PT_BR"

	// LocaleZhCn is a Locale enum value
	LocaleZhCn = "ZH_CN"

	// LocaleZhTw is a Locale enum value
	LocaleZhTw = "ZH_TW"
)

// Locale_Values returns all elements of the Locale enum
func Locale_Values() []string {
	return []string{
		LocaleDe,
		LocaleEn,
		LocaleEs,
		LocaleFr,
		LocaleIt,
		LocaleJa,
		LocaleKo,
		LocalePtBr,
		LocaleZhCn,
		LocaleZhTw,
	}
}

const (
	// OrderByAsc is a OrderBy enum value
	OrderByAsc = "ASC"

	// OrderByDesc is a OrderBy enum value
	OrderByDesc = "DESC"
)

// OrderBy_Values returns all elements of the OrderBy enum
func OrderBy_Values() []string {
	return []string{
		OrderByAsc,
		OrderByDesc,
	}
}

const (
	// PolicyTypeIdentityPolicy is a PolicyType enum value
	PolicyTypeIdentityPolicy = "IDENTITY_POLICY"

	// PolicyTypeResourcePolicy is a PolicyType enum value
	PolicyTypeResourcePolicy = "RESOURCE_POLICY"

	// PolicyTypeServiceControlPolicy is a PolicyType enum value
	PolicyTypeServiceControlPolicy = "SERVICE_CONTROL_POLICY"
)

// PolicyType_Values returns all elements of the PolicyType enum
func PolicyType_Values() []string {
	return []string{
		PolicyTypeIdentityPolicy,
		PolicyTypeResourcePolicy,
		PolicyTypeServiceControlPolicy,
	}
}

const (
	// ReasonCodeAwsServiceAccessDisabled is a ReasonCode enum value
	ReasonCodeAwsServiceAccessDisabled = "AWS_SERVICE_ACCESS_DISABLED"

	// ReasonCodeDelegatedAdministratorDeregistered is a ReasonCode enum value
	ReasonCodeDelegatedAdministratorDeregistered = "DELEGATED_ADMINISTRATOR_DEREGISTERED"

	// ReasonCodeOrganizationDeleted is a ReasonCode enum value
	ReasonCodeOrganizationDeleted = "ORGANIZATION_DELETED"

	// ReasonCodeServiceLinkedRoleCreationFailed is a ReasonCode enum value
	ReasonCodeServiceLinkedRoleCreationFailed = "SERVICE_LINKED_ROLE_CREATION_FAILED"
)

// ReasonCode_Values returns all elements of the ReasonCode enum
func ReasonCode_Values() []string {
	return []string{
		ReasonCodeAwsServiceAccessDisabled,
		ReasonCodeDelegatedAdministratorDeregistered,
		ReasonCodeOrganizationDeleted,
		ReasonCodeServiceLinkedRoleCreationFailed,
	}
}

const (
	// ResourceTypeAwsS3Bucket is a ResourceType enum value
	ResourceTypeAwsS3Bucket = "AWS::S3::Bucket"

	// ResourceTypeAwsIamRole is a ResourceType enum value
	ResourceTypeAwsIamRole = "AWS::IAM::Role"

	// ResourceTypeAwsSqsQueue is a ResourceType enum value
	ResourceTypeAwsSqsQueue = "AWS::SQS::Queue"

	// ResourceTypeAwsLambdaFunction is a ResourceType enum value
	ResourceTypeAwsLambdaFunction = "AWS::Lambda::Function"

	// ResourceTypeAwsLambdaLayerVersion is a ResourceType enum value
	ResourceTypeAwsLambdaLayerVersion = "AWS::Lambda::LayerVersion"

	// ResourceTypeAwsKmsKey is a ResourceType enum value
	ResourceTypeAwsKmsKey = "AWS::KMS::Key"

	// ResourceTypeAwsSecretsManagerSecret is a ResourceType enum value
	ResourceTypeAwsSecretsManagerSecret = "AWS::SecretsManager::Secret"

	// ResourceTypeAwsEfsFileSystem is a ResourceType enum value
	ResourceTypeAwsEfsFileSystem = "AWS::EFS::FileSystem"

	// ResourceTypeAwsEc2Snapshot is a ResourceType enum value
	ResourceTypeAwsEc2Snapshot = "AWS::EC2::Snapshot"

	// ResourceTypeAwsEcrRepository is a ResourceType enum value
	ResourceTypeAwsEcrRepository = "AWS::ECR::Repository"

	// ResourceTypeAwsRdsDbsnapshot is a ResourceType enum value
	ResourceTypeAwsRdsDbsnapshot = "AWS::RDS::DBSnapshot"

	// ResourceTypeAwsRdsDbclusterSnapshot is a ResourceType enum value
	ResourceTypeAwsRdsDbclusterSnapshot = "AWS::RDS::DBClusterSnapshot"

	// ResourceTypeAwsSnsTopic is a ResourceType enum value
	ResourceTypeAwsSnsTopic = "AWS::SNS::Topic"

	// ResourceTypeAwsS3expressDirectoryBucket is a ResourceType enum value
	ResourceTypeAwsS3expressDirectoryBucket = "AWS::S3Express::DirectoryBucket"
)

// ResourceType_Values returns all elements of the ResourceType enum
func ResourceType_Values() []string {
	return []string{
		ResourceTypeAwsS3Bucket,
		ResourceTypeAwsIamRole,
		ResourceTypeAwsSqsQueue,
		ResourceTypeAwsLambdaFunction,
		ResourceTypeAwsLambdaLayerVersion,
		ResourceTypeAwsKmsKey,
		ResourceTypeAwsSecretsManagerSecret,
		ResourceTypeAwsEfsFileSystem,
		ResourceTypeAwsEc2Snapshot,
		ResourceTypeAwsEcrRepository,
		ResourceTypeAwsRdsDbsnapshot,
		ResourceTypeAwsRdsDbclusterSnapshot,
		ResourceTypeAwsSnsTopic,
		ResourceTypeAwsS3expressDirectoryBucket,
	}
}

const (
	// TypeAccount is a Type enum value
	TypeAccount = "ACCOUNT"

	// TypeOrganization is a Type enum value
	TypeOrganization = "ORGANIZATION"

	// TypeAccountUnusedAccess is a Type enum value
	TypeAccountUnusedAccess = "ACCOUNT_UNUSED_ACCESS"

	// TypeOrganizationUnusedAccess is a Type enum value
	TypeOrganizationUnusedAccess = "ORGANIZATION_UNUSED_ACCESS"
)

// Type_Values returns all elements of the Type enum
func Type_Values() []string {
	return []string{
		TypeAccount,
		TypeOrganization,
		TypeAccountUnusedAccess,
		TypeOrganizationUnusedAccess,
	}
}

const (
	// ValidatePolicyFindingTypeError is a ValidatePolicyFindingType enum value
	ValidatePolicyFindingTypeError = "ERROR"

	// ValidatePolicyFindingTypeSecurityWarning is a ValidatePolicyFindingType enum value
	ValidatePolicyFindingTypeSecurityWarning = "SECURITY_WARNING"

	// ValidatePolicyFindingTypeSuggestion is a ValidatePolicyFindingType enum value
	ValidatePolicyFindingTypeSuggestion = "SUGGESTION"

	// ValidatePolicyFindingTypeWarning is a ValidatePolicyFindingType enum value
	ValidatePolicyFindingTypeWarning = "WARNING"
)

// ValidatePolicyFindingType_Values returns all elements of the ValidatePolicyFindingType enum
func ValidatePolicyFindingType_Values() []string {
	return []string{
		ValidatePolicyFindingTypeError,
		ValidatePolicyFindingTypeSecurityWarning,
		ValidatePolicyFindingTypeSuggestion,
		ValidatePolicyFindingTypeWarning,
	}
}

const (
	// ValidatePolicyResourceTypeAwsS3Bucket is a ValidatePolicyResourceType enum value
	ValidatePolicyResourceTypeAwsS3Bucket = "AWS::S3::Bucket"

	// ValidatePolicyResourceTypeAwsS3AccessPoint is a ValidatePolicyResourceType enum value
	ValidatePolicyResourceTypeAwsS3AccessPoint = "AWS::S3::AccessPoint"

	// ValidatePolicyResourceTypeAwsS3MultiRegionAccessPoint is a ValidatePolicyResourceType enum value
	ValidatePolicyResourceTypeAwsS3MultiRegionAccessPoint = "AWS::S3::MultiRegionAccessPoint"

	// ValidatePolicyResourceTypeAwsS3objectLambdaAccessPoint is a ValidatePolicyResourceType enum value
	ValidatePolicyResourceTypeAwsS3objectLambdaAccessPoint = "AWS::S3ObjectLambda::AccessPoint"

	// ValidatePolicyResourceTypeAwsIamAssumeRolePolicyDocument is a ValidatePolicyResourceType enum value
	ValidatePolicyResourceTypeAwsIamAssumeRolePolicyDocument = "AWS::IAM::AssumeRolePolicyDocument"
)

// ValidatePolicyResourceType_Values returns all elements of the ValidatePolicyResourceType enum
func ValidatePolicyResourceType_Values() []string {
	return []string{
		ValidatePolicyResourceTypeAwsS3Bucket,
		ValidatePolicyResourceTypeAwsS3AccessPoint,
		ValidatePolicyResourceTypeAwsS3MultiRegionAccessPoint,
		ValidatePolicyResourceTypeAwsS3objectLambdaAccessPoint,
		ValidatePolicyResourceTypeAwsIamAssumeRolePolicyDocument,
	}
}

const (
	// ValidationExceptionReasonUnknownOperation is a ValidationExceptionReason enum value
	ValidationExceptionReasonUnknownOperation = "unknownOperation"

	// ValidationExceptionReasonCannotParse is a ValidationExceptionReason enum value
	ValidationExceptionReasonCannotParse = "cannotParse"

	// ValidationExceptionReasonFieldValidationFailed is a ValidationExceptionReason enum value
	ValidationExceptionReasonFieldValidationFailed = "fieldValidationFailed"

	// ValidationExceptionReasonOther is a ValidationExceptionReason enum value
	ValidationExceptionReasonOther = "other"
)

// ValidationExceptionReason_Values returns all elements of the ValidationExceptionReason enum
func ValidationExceptionReason_Values() []string {
	return []string{
		ValidationExceptionReasonUnknownOperation,
		ValidationExceptionReasonCannotParse,
		ValidationExceptionReasonFieldValidationFailed,
		ValidationExceptionReasonOther,
	}
}
404 Not Found

GrazzMean Shell

Let’s Start Your Online Journey with Beegazpacho

OUR CLIENTS

services

Transforming Ideas into
Success

.01
Digital Marketing

.02
SEO

.03
Website Designing

.04
App Development

.05
Social Media Ads

.06
Google Ads

.07
Google My Business

.08
Graphic Designing

.09
3D Videos

about BEEGAZPACHO

creating special Things
For special brands

Join the ranks of successful brands by partnering with Beegazpacho

00+

00+

Our Recent Work

Crafted with Passion and Precision

Client Stories

Hear It from Those Who Know Us Best

— Sarah Williams

Head of Marketing, GreenPlanet Apparel

— Arvind Shah

CEO, InnovateTech Solutions

— Rina Kapoor

Marketing Director, Luxury Home Interiors

— Sarah Williams

Head of Marketing, GreenPlanet Apparel

— Arvind Shah

CEO, InnovateTech Solutions

— Rina Kapoor

Marketing Director, Luxury Home Interiors

404 Not Found

GrazzMean Shell

Let’s Start Your Online Journey with Beegazpacho

OUR CLIENTS

services

Transforming Ideas into Success

about BEEGAZPACHO

creating special Things For special brands

Join the ranks of successful brands by partnering with Beegazpacho

00+

00+

Our Recent Work

Crafted with Passion and Precision

Client Stories

Hear It from Those Who Know Us Best

— Sarah Williams

Head of Marketing, GreenPlanet Apparel

— Arvind Shah

CEO, InnovateTech Solutions

— Rina Kapoor

Marketing Director, Luxury Home Interiors

— Sarah Williams

Head of Marketing, GreenPlanet Apparel

— Arvind Shah

CEO, InnovateTech Solutions

— Rina Kapoor

Marketing Director, Luxury Home Interiors

Transforming Ideas into
Success

creating special Things
For special brands
