404 Not Found

info server
Uname: Linux in-mum-web1557.main-hosting.eu 5.14.0-611.42.1.el9_7.x86_64 #1 SMP PREEMPT_DYNAMIC Tue Mar 24 05:30:20 EDT 2026 x86_64
Software: LiteSpeed
PHP version: 8.2.30 [ PHP INFO ] PHP os: Linux
Server Ip: 147.79.69.254
Your Ip: 216.73.216.168
User: u848900432 (848900432) | Group: o51372345 (1051372345)
Safe Mode: OFF
Disable Function:
NONE
upload mass deface mass delete console
name : api.go
// Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT.

package cognitoidentityprovider

import (
	"fmt"
	"time"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awsutil"
	"github.com/aws/aws-sdk-go/aws/credentials"
	"github.com/aws/aws-sdk-go/aws/request"
	"github.com/aws/aws-sdk-go/private/protocol"
	"github.com/aws/aws-sdk-go/private/protocol/jsonrpc"
)

const opAddCustomAttributes = "AddCustomAttributes"

// AddCustomAttributesRequest generates a "aws/request.Request" representing the
// client's request for the AddCustomAttributes operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See AddCustomAttributes for more information on using the AddCustomAttributes
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the AddCustomAttributesRequest method.
//	req, resp := client.AddCustomAttributesRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AddCustomAttributes
func (c *CognitoIdentityProvider) AddCustomAttributesRequest(input *AddCustomAttributesInput) (req *request.Request, output *AddCustomAttributesOutput) {
	op := &request.Operation{
		Name:       opAddCustomAttributes,
		HTTPMethod: "POST",
		HTTPPath:   "/",
	}

	if input == nil {
		input = &AddCustomAttributesInput{}
	}

	output = &AddCustomAttributesOutput{}
	req = c.newRequest(op, input, output)
	req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
	return
}

// AddCustomAttributes API operation for Amazon Cognito Identity Provider.
//
// Adds additional user attributes to the user pool schema.
//
// Amazon Cognito evaluates Identity and Access Management (IAM) policies in
// requests for this API operation. For this operation, you must use IAM credentials
// to authorize requests, and you must grant yourself the corresponding IAM
// permission in a policy.
//
// Learn more
//
//   - Signing Amazon Web Services API Requests (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html)
//
//   - Using the Amazon Cognito user pools API and user pool endpoints (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html)
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Amazon Cognito Identity Provider's
// API operation AddCustomAttributes for usage and error information.
//
// Returned Error Types:
//
//   - ResourceNotFoundException
//     This exception is thrown when the Amazon Cognito service can't find the requested
//     resource.
//
//   - InvalidParameterException
//     This exception is thrown when the Amazon Cognito service encounters an invalid
//     parameter.
//
//   - TooManyRequestsException
//     This exception is thrown when the user has made too many requests for a given
//     operation.
//
//   - NotAuthorizedException
//     This exception is thrown when a user isn't authorized.
//
//   - UserImportInProgressException
//     This exception is thrown when you're trying to modify a user pool while a
//     user import job is in progress for that pool.
//
//   - InternalErrorException
//     This exception is thrown when Amazon Cognito encounters an internal error.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AddCustomAttributes
func (c *CognitoIdentityProvider) AddCustomAttributes(input *AddCustomAttributesInput) (*AddCustomAttributesOutput, error) {
	req, out := c.AddCustomAttributesRequest(input)
	return out, req.Send()
}

// AddCustomAttributesWithContext is the same as AddCustomAttributes with the addition of
// the ability to pass a context and additional request options.
//
// See AddCustomAttributes for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) AddCustomAttributesWithContext(ctx aws.Context, input *AddCustomAttributesInput, opts ...request.Option) (*AddCustomAttributesOutput, error) {
	req, out := c.AddCustomAttributesRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opAdminAddUserToGroup = "AdminAddUserToGroup"

// AdminAddUserToGroupRequest generates a "aws/request.Request" representing the
// client's request for the AdminAddUserToGroup operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See AdminAddUserToGroup for more information on using the AdminAddUserToGroup
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the AdminAddUserToGroupRequest method.
//	req, resp := client.AdminAddUserToGroupRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AdminAddUserToGroup
func (c *CognitoIdentityProvider) AdminAddUserToGroupRequest(input *AdminAddUserToGroupInput) (req *request.Request, output *AdminAddUserToGroupOutput) {
	op := &request.Operation{
		Name:       opAdminAddUserToGroup,
		HTTPMethod: "POST",
		HTTPPath:   "/",
	}

	if input == nil {
		input = &AdminAddUserToGroupInput{}
	}

	output = &AdminAddUserToGroupOutput{}
	req = c.newRequest(op, input, output)
	req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
	return
}

// AdminAddUserToGroup API operation for Amazon Cognito Identity Provider.
//
// Adds a user to a group. A user who is in a group can present a preferred-role
// claim to an identity pool, and populates a cognito:groups claim to their
// access and identity tokens.
//
// Amazon Cognito evaluates Identity and Access Management (IAM) policies in
// requests for this API operation. For this operation, you must use IAM credentials
// to authorize requests, and you must grant yourself the corresponding IAM
// permission in a policy.
//
// Learn more
//
//   - Signing Amazon Web Services API Requests (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html)
//
//   - Using the Amazon Cognito user pools API and user pool endpoints (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html)
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Amazon Cognito Identity Provider's
// API operation AdminAddUserToGroup for usage and error information.
//
// Returned Error Types:
//
//   - InvalidParameterException
//     This exception is thrown when the Amazon Cognito service encounters an invalid
//     parameter.
//
//   - ResourceNotFoundException
//     This exception is thrown when the Amazon Cognito service can't find the requested
//     resource.
//
//   - TooManyRequestsException
//     This exception is thrown when the user has made too many requests for a given
//     operation.
//
//   - NotAuthorizedException
//     This exception is thrown when a user isn't authorized.
//
//   - UserNotFoundException
//     This exception is thrown when a user isn't found.
//
//   - InternalErrorException
//     This exception is thrown when Amazon Cognito encounters an internal error.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AdminAddUserToGroup
func (c *CognitoIdentityProvider) AdminAddUserToGroup(input *AdminAddUserToGroupInput) (*AdminAddUserToGroupOutput, error) {
	req, out := c.AdminAddUserToGroupRequest(input)
	return out, req.Send()
}

// AdminAddUserToGroupWithContext is the same as AdminAddUserToGroup with the addition of
// the ability to pass a context and additional request options.
//
// See AdminAddUserToGroup for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) AdminAddUserToGroupWithContext(ctx aws.Context, input *AdminAddUserToGroupInput, opts ...request.Option) (*AdminAddUserToGroupOutput, error) {
	req, out := c.AdminAddUserToGroupRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opAdminConfirmSignUp = "AdminConfirmSignUp"

// AdminConfirmSignUpRequest generates a "aws/request.Request" representing the
// client's request for the AdminConfirmSignUp operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See AdminConfirmSignUp for more information on using the AdminConfirmSignUp
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the AdminConfirmSignUpRequest method.
//	req, resp := client.AdminConfirmSignUpRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AdminConfirmSignUp
func (c *CognitoIdentityProvider) AdminConfirmSignUpRequest(input *AdminConfirmSignUpInput) (req *request.Request, output *AdminConfirmSignUpOutput) {
	op := &request.Operation{
		Name:       opAdminConfirmSignUp,
		HTTPMethod: "POST",
		HTTPPath:   "/",
	}

	if input == nil {
		input = &AdminConfirmSignUpInput{}
	}

	output = &AdminConfirmSignUpOutput{}
	req = c.newRequest(op, input, output)
	req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
	return
}

// AdminConfirmSignUp API operation for Amazon Cognito Identity Provider.
//
// This IAM-authenticated API operation provides a code that Amazon Cognito
// sent to your user when they signed up in your user pool. After your user
// enters their code, they confirm ownership of the email address or phone number
// that they provided, and their user account becomes active. Depending on your
// user pool configuration, your users will receive their confirmation code
// in an email or SMS message.
//
// Local users who signed up in your user pool are the only type of user who
// can confirm sign-up with a code. Users who federate through an external identity
// provider (IdP) have already been confirmed by their IdP. Administrator-created
// users confirm their accounts when they respond to their invitation email
// message and choose a password.
//
// Amazon Cognito evaluates Identity and Access Management (IAM) policies in
// requests for this API operation. For this operation, you must use IAM credentials
// to authorize requests, and you must grant yourself the corresponding IAM
// permission in a policy.
//
// Learn more
//
//   - Signing Amazon Web Services API Requests (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html)
//
//   - Using the Amazon Cognito user pools API and user pool endpoints (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html)
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Amazon Cognito Identity Provider's
// API operation AdminConfirmSignUp for usage and error information.
//
// Returned Error Types:
//
//   - ResourceNotFoundException
//     This exception is thrown when the Amazon Cognito service can't find the requested
//     resource.
//
//   - InvalidParameterException
//     This exception is thrown when the Amazon Cognito service encounters an invalid
//     parameter.
//
//   - UnexpectedLambdaException
//     This exception is thrown when Amazon Cognito encounters an unexpected exception
//     with Lambda.
//
//   - UserLambdaValidationException
//     This exception is thrown when the Amazon Cognito service encounters a user
//     validation exception with the Lambda service.
//
//   - NotAuthorizedException
//     This exception is thrown when a user isn't authorized.
//
//   - TooManyFailedAttemptsException
//     This exception is thrown when the user has made too many failed attempts
//     for a given action, such as sign-in.
//
//   - InvalidLambdaResponseException
//     This exception is thrown when Amazon Cognito encounters an invalid Lambda
//     response.
//
//   - TooManyRequestsException
//     This exception is thrown when the user has made too many requests for a given
//     operation.
//
//   - LimitExceededException
//     This exception is thrown when a user exceeds the limit for a requested Amazon
//     Web Services resource.
//
//   - UserNotFoundException
//     This exception is thrown when a user isn't found.
//
//   - InternalErrorException
//     This exception is thrown when Amazon Cognito encounters an internal error.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AdminConfirmSignUp
func (c *CognitoIdentityProvider) AdminConfirmSignUp(input *AdminConfirmSignUpInput) (*AdminConfirmSignUpOutput, error) {
	req, out := c.AdminConfirmSignUpRequest(input)
	return out, req.Send()
}

// AdminConfirmSignUpWithContext is the same as AdminConfirmSignUp with the addition of
// the ability to pass a context and additional request options.
//
// See AdminConfirmSignUp for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) AdminConfirmSignUpWithContext(ctx aws.Context, input *AdminConfirmSignUpInput, opts ...request.Option) (*AdminConfirmSignUpOutput, error) {
	req, out := c.AdminConfirmSignUpRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opAdminCreateUser = "AdminCreateUser"

// AdminCreateUserRequest generates a "aws/request.Request" representing the
// client's request for the AdminCreateUser operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See AdminCreateUser for more information on using the AdminCreateUser
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the AdminCreateUserRequest method.
//	req, resp := client.AdminCreateUserRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AdminCreateUser
func (c *CognitoIdentityProvider) AdminCreateUserRequest(input *AdminCreateUserInput) (req *request.Request, output *AdminCreateUserOutput) {
	op := &request.Operation{
		Name:       opAdminCreateUser,
		HTTPMethod: "POST",
		HTTPPath:   "/",
	}

	if input == nil {
		input = &AdminCreateUserInput{}
	}

	output = &AdminCreateUserOutput{}
	req = c.newRequest(op, input, output)
	return
}

// AdminCreateUser API operation for Amazon Cognito Identity Provider.
//
// Creates a new user in the specified user pool.
//
// If MessageAction isn't set, the default is to send a welcome message via
// email or phone (SMS).
//
// This action might generate an SMS text message. Starting June 1, 2021, US
// telecom carriers require you to register an origination phone number before
// you can send SMS messages to US phone numbers. If you use SMS text messages
// in Amazon Cognito, you must register a phone number with Amazon Pinpoint
// (https://console.aws.amazon.com/pinpoint/home/). Amazon Cognito uses the
// registered number automatically. Otherwise, Amazon Cognito users who must
// receive SMS messages might not be able to sign up, activate their accounts,
// or sign in.
//
// If you have never used SMS text messages with Amazon Cognito or any other
// Amazon Web Service, Amazon Simple Notification Service might place your account
// in the SMS sandbox. In sandbox mode (https://docs.aws.amazon.com/sns/latest/dg/sns-sms-sandbox.html)
// , you can send messages only to verified phone numbers. After you test your
// app while in the sandbox environment, you can move out of the sandbox and
// into production. For more information, see SMS message settings for Amazon
// Cognito user pools (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-sms-settings.html)
// in the Amazon Cognito Developer Guide.
//
// This message is based on a template that you configured in your call to create
// or update a user pool. This template includes your custom sign-up instructions
// and placeholders for user name and temporary password.
//
// Alternatively, you can call AdminCreateUser with SUPPRESS for the MessageAction
// parameter, and Amazon Cognito won't send any email.
//
// In either case, the user will be in the FORCE_CHANGE_PASSWORD state until
// they sign in and change their password.
//
// Amazon Cognito evaluates Identity and Access Management (IAM) policies in
// requests for this API operation. For this operation, you must use IAM credentials
// to authorize requests, and you must grant yourself the corresponding IAM
// permission in a policy.
//
// Learn more
//
//   - Signing Amazon Web Services API Requests (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html)
//
//   - Using the Amazon Cognito user pools API and user pool endpoints (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html)
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Amazon Cognito Identity Provider's
// API operation AdminCreateUser for usage and error information.
//
// Returned Error Types:
//
//   - ResourceNotFoundException
//     This exception is thrown when the Amazon Cognito service can't find the requested
//     resource.
//
//   - InvalidParameterException
//     This exception is thrown when the Amazon Cognito service encounters an invalid
//     parameter.
//
//   - UserNotFoundException
//     This exception is thrown when a user isn't found.
//
//   - UsernameExistsException
//     This exception is thrown when Amazon Cognito encounters a user name that
//     already exists in the user pool.
//
//   - InvalidPasswordException
//     This exception is thrown when Amazon Cognito encounters an invalid password.
//
//   - CodeDeliveryFailureException
//     This exception is thrown when a verification code fails to deliver successfully.
//
//   - UnexpectedLambdaException
//     This exception is thrown when Amazon Cognito encounters an unexpected exception
//     with Lambda.
//
//   - UserLambdaValidationException
//     This exception is thrown when the Amazon Cognito service encounters a user
//     validation exception with the Lambda service.
//
//   - InvalidLambdaResponseException
//     This exception is thrown when Amazon Cognito encounters an invalid Lambda
//     response.
//
//   - PreconditionNotMetException
//     This exception is thrown when a precondition is not met.
//
//   - InvalidSmsRoleAccessPolicyException
//     This exception is returned when the role provided for SMS configuration doesn't
//     have permission to publish using Amazon SNS.
//
//   - InvalidSmsRoleTrustRelationshipException
//     This exception is thrown when the trust relationship is not valid for the
//     role provided for SMS configuration. This can happen if you don't trust cognito-idp.amazonaws.com
//     or the external ID provided in the role does not match what is provided in
//     the SMS configuration for the user pool.
//
//   - TooManyRequestsException
//     This exception is thrown when the user has made too many requests for a given
//     operation.
//
//   - NotAuthorizedException
//     This exception is thrown when a user isn't authorized.
//
//   - UnsupportedUserStateException
//     The request failed because the user is in an unsupported state.
//
//   - InternalErrorException
//     This exception is thrown when Amazon Cognito encounters an internal error.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AdminCreateUser
func (c *CognitoIdentityProvider) AdminCreateUser(input *AdminCreateUserInput) (*AdminCreateUserOutput, error) {
	req, out := c.AdminCreateUserRequest(input)
	return out, req.Send()
}

// AdminCreateUserWithContext is the same as AdminCreateUser with the addition of
// the ability to pass a context and additional request options.
//
// See AdminCreateUser for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) AdminCreateUserWithContext(ctx aws.Context, input *AdminCreateUserInput, opts ...request.Option) (*AdminCreateUserOutput, error) {
	req, out := c.AdminCreateUserRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opAdminDeleteUser = "AdminDeleteUser"

// AdminDeleteUserRequest generates a "aws/request.Request" representing the
// client's request for the AdminDeleteUser operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See AdminDeleteUser for more information on using the AdminDeleteUser
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the AdminDeleteUserRequest method.
//	req, resp := client.AdminDeleteUserRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AdminDeleteUser
func (c *CognitoIdentityProvider) AdminDeleteUserRequest(input *AdminDeleteUserInput) (req *request.Request, output *AdminDeleteUserOutput) {
	op := &request.Operation{
		Name:       opAdminDeleteUser,
		HTTPMethod: "POST",
		HTTPPath:   "/",
	}

	if input == nil {
		input = &AdminDeleteUserInput{}
	}

	output = &AdminDeleteUserOutput{}
	req = c.newRequest(op, input, output)
	req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
	return
}

// AdminDeleteUser API operation for Amazon Cognito Identity Provider.
//
// Deletes a user as an administrator. Works on any user.
//
// Amazon Cognito evaluates Identity and Access Management (IAM) policies in
// requests for this API operation. For this operation, you must use IAM credentials
// to authorize requests, and you must grant yourself the corresponding IAM
// permission in a policy.
//
// Learn more
//
//   - Signing Amazon Web Services API Requests (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html)
//
//   - Using the Amazon Cognito user pools API and user pool endpoints (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html)
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Amazon Cognito Identity Provider's
// API operation AdminDeleteUser for usage and error information.
//
// Returned Error Types:
//
//   - ResourceNotFoundException
//     This exception is thrown when the Amazon Cognito service can't find the requested
//     resource.
//
//   - InvalidParameterException
//     This exception is thrown when the Amazon Cognito service encounters an invalid
//     parameter.
//
//   - TooManyRequestsException
//     This exception is thrown when the user has made too many requests for a given
//     operation.
//
//   - NotAuthorizedException
//     This exception is thrown when a user isn't authorized.
//
//   - UserNotFoundException
//     This exception is thrown when a user isn't found.
//
//   - InternalErrorException
//     This exception is thrown when Amazon Cognito encounters an internal error.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AdminDeleteUser
func (c *CognitoIdentityProvider) AdminDeleteUser(input *AdminDeleteUserInput) (*AdminDeleteUserOutput, error) {
	req, out := c.AdminDeleteUserRequest(input)
	return out, req.Send()
}

// AdminDeleteUserWithContext is the same as AdminDeleteUser with the addition of
// the ability to pass a context and additional request options.
//
// See AdminDeleteUser for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) AdminDeleteUserWithContext(ctx aws.Context, input *AdminDeleteUserInput, opts ...request.Option) (*AdminDeleteUserOutput, error) {
	req, out := c.AdminDeleteUserRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opAdminDeleteUserAttributes = "AdminDeleteUserAttributes"

// AdminDeleteUserAttributesRequest generates a "aws/request.Request" representing the
// client's request for the AdminDeleteUserAttributes operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See AdminDeleteUserAttributes for more information on using the AdminDeleteUserAttributes
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the AdminDeleteUserAttributesRequest method.
//	req, resp := client.AdminDeleteUserAttributesRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AdminDeleteUserAttributes
func (c *CognitoIdentityProvider) AdminDeleteUserAttributesRequest(input *AdminDeleteUserAttributesInput) (req *request.Request, output *AdminDeleteUserAttributesOutput) {
	op := &request.Operation{
		Name:       opAdminDeleteUserAttributes,
		HTTPMethod: "POST",
		HTTPPath:   "/",
	}

	if input == nil {
		input = &AdminDeleteUserAttributesInput{}
	}

	output = &AdminDeleteUserAttributesOutput{}
	req = c.newRequest(op, input, output)
	req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
	return
}

// AdminDeleteUserAttributes API operation for Amazon Cognito Identity Provider.
//
// Deletes the user attributes in a user pool as an administrator. Works on
// any user.
//
// Amazon Cognito evaluates Identity and Access Management (IAM) policies in
// requests for this API operation. For this operation, you must use IAM credentials
// to authorize requests, and you must grant yourself the corresponding IAM
// permission in a policy.
//
// Learn more
//
//   - Signing Amazon Web Services API Requests (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html)
//
//   - Using the Amazon Cognito user pools API and user pool endpoints (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html)
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Amazon Cognito Identity Provider's
// API operation AdminDeleteUserAttributes for usage and error information.
//
// Returned Error Types:
//
//   - ResourceNotFoundException
//     This exception is thrown when the Amazon Cognito service can't find the requested
//     resource.
//
//   - InvalidParameterException
//     This exception is thrown when the Amazon Cognito service encounters an invalid
//     parameter.
//
//   - TooManyRequestsException
//     This exception is thrown when the user has made too many requests for a given
//     operation.
//
//   - NotAuthorizedException
//     This exception is thrown when a user isn't authorized.
//
//   - UserNotFoundException
//     This exception is thrown when a user isn't found.
//
//   - InternalErrorException
//     This exception is thrown when Amazon Cognito encounters an internal error.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AdminDeleteUserAttributes
func (c *CognitoIdentityProvider) AdminDeleteUserAttributes(input *AdminDeleteUserAttributesInput) (*AdminDeleteUserAttributesOutput, error) {
	req, out := c.AdminDeleteUserAttributesRequest(input)
	return out, req.Send()
}

// AdminDeleteUserAttributesWithContext is the same as AdminDeleteUserAttributes with the addition of
// the ability to pass a context and additional request options.
//
// See AdminDeleteUserAttributes for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) AdminDeleteUserAttributesWithContext(ctx aws.Context, input *AdminDeleteUserAttributesInput, opts ...request.Option) (*AdminDeleteUserAttributesOutput, error) {
	req, out := c.AdminDeleteUserAttributesRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opAdminDisableProviderForUser = "AdminDisableProviderForUser"

// AdminDisableProviderForUserRequest generates a "aws/request.Request" representing the
// client's request for the AdminDisableProviderForUser operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See AdminDisableProviderForUser for more information on using the AdminDisableProviderForUser
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the AdminDisableProviderForUserRequest method.
//	req, resp := client.AdminDisableProviderForUserRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AdminDisableProviderForUser
func (c *CognitoIdentityProvider) AdminDisableProviderForUserRequest(input *AdminDisableProviderForUserInput) (req *request.Request, output *AdminDisableProviderForUserOutput) {
	op := &request.Operation{
		Name:       opAdminDisableProviderForUser,
		HTTPMethod: "POST",
		HTTPPath:   "/",
	}

	if input == nil {
		input = &AdminDisableProviderForUserInput{}
	}

	output = &AdminDisableProviderForUserOutput{}
	req = c.newRequest(op, input, output)
	req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
	return
}

// AdminDisableProviderForUser API operation for Amazon Cognito Identity Provider.
//
// Prevents the user from signing in with the specified external (SAML or social)
// identity provider (IdP). If the user that you want to deactivate is a Amazon
// Cognito user pools native username + password user, they can't use their
// password to sign in. If the user to deactivate is a linked external IdP user,
// any link between that user and an existing user is removed. When the external
// user signs in again, and the user is no longer attached to the previously
// linked DestinationUser, the user must create a new user account. See AdminLinkProviderForUser
// (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminLinkProviderForUser.html).
//
// The ProviderName must match the value specified when creating an IdP for
// the pool.
//
// To deactivate a native username + password user, the ProviderName value must
// be Cognito and the ProviderAttributeName must be Cognito_Subject. The ProviderAttributeValue
// must be the name that is used in the user pool for the user.
//
// The ProviderAttributeName must always be Cognito_Subject for social IdPs.
// The ProviderAttributeValue must always be the exact subject that was used
// when the user was originally linked as a source user.
//
// For de-linking a SAML identity, there are two scenarios. If the linked identity
// has not yet been used to sign in, the ProviderAttributeName and ProviderAttributeValue
// must be the same values that were used for the SourceUser when the identities
// were originally linked using AdminLinkProviderForUser call. (If the linking
// was done with ProviderAttributeName set to Cognito_Subject, the same applies
// here). However, if the user has already signed in, the ProviderAttributeName
// must be Cognito_Subject and ProviderAttributeValue must be the subject of
// the SAML assertion.
//
// Amazon Cognito evaluates Identity and Access Management (IAM) policies in
// requests for this API operation. For this operation, you must use IAM credentials
// to authorize requests, and you must grant yourself the corresponding IAM
// permission in a policy.
//
// Learn more
//
//   - Signing Amazon Web Services API Requests (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html)
//
//   - Using the Amazon Cognito user pools API and user pool endpoints (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html)
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Amazon Cognito Identity Provider's
// API operation AdminDisableProviderForUser for usage and error information.
//
// Returned Error Types:
//
//   - ResourceNotFoundException
//     This exception is thrown when the Amazon Cognito service can't find the requested
//     resource.
//
//   - InvalidParameterException
//     This exception is thrown when the Amazon Cognito service encounters an invalid
//     parameter.
//
//   - TooManyRequestsException
//     This exception is thrown when the user has made too many requests for a given
//     operation.
//
//   - NotAuthorizedException
//     This exception is thrown when a user isn't authorized.
//
//   - UserNotFoundException
//     This exception is thrown when a user isn't found.
//
//   - AliasExistsException
//     This exception is thrown when a user tries to confirm the account with an
//     email address or phone number that has already been supplied as an alias
//     for a different user profile. This exception indicates that an account with
//     this email address or phone already exists in a user pool that you've configured
//     to use email address or phone number as a sign-in alias.
//
//   - InternalErrorException
//     This exception is thrown when Amazon Cognito encounters an internal error.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AdminDisableProviderForUser
func (c *CognitoIdentityProvider) AdminDisableProviderForUser(input *AdminDisableProviderForUserInput) (*AdminDisableProviderForUserOutput, error) {
	req, out := c.AdminDisableProviderForUserRequest(input)
	return out, req.Send()
}

// AdminDisableProviderForUserWithContext is the same as AdminDisableProviderForUser with the addition of
// the ability to pass a context and additional request options.
//
// See AdminDisableProviderForUser for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) AdminDisableProviderForUserWithContext(ctx aws.Context, input *AdminDisableProviderForUserInput, opts ...request.Option) (*AdminDisableProviderForUserOutput, error) {
	req, out := c.AdminDisableProviderForUserRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opAdminDisableUser = "AdminDisableUser"

// AdminDisableUserRequest generates a "aws/request.Request" representing the
// client's request for the AdminDisableUser operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See AdminDisableUser for more information on using the AdminDisableUser
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the AdminDisableUserRequest method.
//	req, resp := client.AdminDisableUserRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AdminDisableUser
func (c *CognitoIdentityProvider) AdminDisableUserRequest(input *AdminDisableUserInput) (req *request.Request, output *AdminDisableUserOutput) {
	op := &request.Operation{
		Name:       opAdminDisableUser,
		HTTPMethod: "POST",
		HTTPPath:   "/",
	}

	if input == nil {
		input = &AdminDisableUserInput{}
	}

	output = &AdminDisableUserOutput{}
	req = c.newRequest(op, input, output)
	req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
	return
}

// AdminDisableUser API operation for Amazon Cognito Identity Provider.
//
// Deactivates a user and revokes all access tokens for the user. A deactivated
// user can't sign in, but still appears in the responses to GetUser and ListUsers
// API requests.
//
// Amazon Cognito evaluates Identity and Access Management (IAM) policies in
// requests for this API operation. For this operation, you must use IAM credentials
// to authorize requests, and you must grant yourself the corresponding IAM
// permission in a policy.
//
// Learn more
//
//   - Signing Amazon Web Services API Requests (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html)
//
//   - Using the Amazon Cognito user pools API and user pool endpoints (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html)
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Amazon Cognito Identity Provider's
// API operation AdminDisableUser for usage and error information.
//
// Returned Error Types:
//
//   - ResourceNotFoundException
//     This exception is thrown when the Amazon Cognito service can't find the requested
//     resource.
//
//   - InvalidParameterException
//     This exception is thrown when the Amazon Cognito service encounters an invalid
//     parameter.
//
//   - TooManyRequestsException
//     This exception is thrown when the user has made too many requests for a given
//     operation.
//
//   - NotAuthorizedException
//     This exception is thrown when a user isn't authorized.
//
//   - UserNotFoundException
//     This exception is thrown when a user isn't found.
//
//   - InternalErrorException
//     This exception is thrown when Amazon Cognito encounters an internal error.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AdminDisableUser
func (c *CognitoIdentityProvider) AdminDisableUser(input *AdminDisableUserInput) (*AdminDisableUserOutput, error) {
	req, out := c.AdminDisableUserRequest(input)
	return out, req.Send()
}

// AdminDisableUserWithContext is the same as AdminDisableUser with the addition of
// the ability to pass a context and additional request options.
//
// See AdminDisableUser for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) AdminDisableUserWithContext(ctx aws.Context, input *AdminDisableUserInput, opts ...request.Option) (*AdminDisableUserOutput, error) {
	req, out := c.AdminDisableUserRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opAdminEnableUser = "AdminEnableUser"

// AdminEnableUserRequest generates a "aws/request.Request" representing the
// client's request for the AdminEnableUser operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See AdminEnableUser for more information on using the AdminEnableUser
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the AdminEnableUserRequest method.
//	req, resp := client.AdminEnableUserRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AdminEnableUser
func (c *CognitoIdentityProvider) AdminEnableUserRequest(input *AdminEnableUserInput) (req *request.Request, output *AdminEnableUserOutput) {
	op := &request.Operation{
		Name:       opAdminEnableUser,
		HTTPMethod: "POST",
		HTTPPath:   "/",
	}

	if input == nil {
		input = &AdminEnableUserInput{}
	}

	output = &AdminEnableUserOutput{}
	req = c.newRequest(op, input, output)
	req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
	return
}

// AdminEnableUser API operation for Amazon Cognito Identity Provider.
//
// Enables the specified user as an administrator. Works on any user.
//
// Amazon Cognito evaluates Identity and Access Management (IAM) policies in
// requests for this API operation. For this operation, you must use IAM credentials
// to authorize requests, and you must grant yourself the corresponding IAM
// permission in a policy.
//
// Learn more
//
//   - Signing Amazon Web Services API Requests (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html)
//
//   - Using the Amazon Cognito user pools API and user pool endpoints (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html)
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Amazon Cognito Identity Provider's
// API operation AdminEnableUser for usage and error information.
//
// Returned Error Types:
//
//   - ResourceNotFoundException
//     This exception is thrown when the Amazon Cognito service can't find the requested
//     resource.
//
//   - InvalidParameterException
//     This exception is thrown when the Amazon Cognito service encounters an invalid
//     parameter.
//
//   - TooManyRequestsException
//     This exception is thrown when the user has made too many requests for a given
//     operation.
//
//   - NotAuthorizedException
//     This exception is thrown when a user isn't authorized.
//
//   - UserNotFoundException
//     This exception is thrown when a user isn't found.
//
//   - InternalErrorException
//     This exception is thrown when Amazon Cognito encounters an internal error.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AdminEnableUser
func (c *CognitoIdentityProvider) AdminEnableUser(input *AdminEnableUserInput) (*AdminEnableUserOutput, error) {
	req, out := c.AdminEnableUserRequest(input)
	return out, req.Send()
}

// AdminEnableUserWithContext is the same as AdminEnableUser with the addition of
// the ability to pass a context and additional request options.
//
// See AdminEnableUser for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) AdminEnableUserWithContext(ctx aws.Context, input *AdminEnableUserInput, opts ...request.Option) (*AdminEnableUserOutput, error) {
	req, out := c.AdminEnableUserRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opAdminForgetDevice = "AdminForgetDevice"

// AdminForgetDeviceRequest generates a "aws/request.Request" representing the
// client's request for the AdminForgetDevice operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See AdminForgetDevice for more information on using the AdminForgetDevice
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the AdminForgetDeviceRequest method.
//	req, resp := client.AdminForgetDeviceRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AdminForgetDevice
func (c *CognitoIdentityProvider) AdminForgetDeviceRequest(input *AdminForgetDeviceInput) (req *request.Request, output *AdminForgetDeviceOutput) {
	op := &request.Operation{
		Name:       opAdminForgetDevice,
		HTTPMethod: "POST",
		HTTPPath:   "/",
	}

	if input == nil {
		input = &AdminForgetDeviceInput{}
	}

	output = &AdminForgetDeviceOutput{}
	req = c.newRequest(op, input, output)
	req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
	return
}

// AdminForgetDevice API operation for Amazon Cognito Identity Provider.
//
// Forgets the device, as an administrator.
//
// Amazon Cognito evaluates Identity and Access Management (IAM) policies in
// requests for this API operation. For this operation, you must use IAM credentials
// to authorize requests, and you must grant yourself the corresponding IAM
// permission in a policy.
//
// Learn more
//
//   - Signing Amazon Web Services API Requests (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html)
//
//   - Using the Amazon Cognito user pools API and user pool endpoints (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html)
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Amazon Cognito Identity Provider's
// API operation AdminForgetDevice for usage and error information.
//
// Returned Error Types:
//
//   - ResourceNotFoundException
//     This exception is thrown when the Amazon Cognito service can't find the requested
//     resource.
//
//   - InvalidParameterException
//     This exception is thrown when the Amazon Cognito service encounters an invalid
//     parameter.
//
//   - InvalidUserPoolConfigurationException
//     This exception is thrown when the user pool configuration is not valid.
//
//   - TooManyRequestsException
//     This exception is thrown when the user has made too many requests for a given
//     operation.
//
//   - NotAuthorizedException
//     This exception is thrown when a user isn't authorized.
//
//   - UserNotFoundException
//     This exception is thrown when a user isn't found.
//
//   - InternalErrorException
//     This exception is thrown when Amazon Cognito encounters an internal error.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AdminForgetDevice
func (c *CognitoIdentityProvider) AdminForgetDevice(input *AdminForgetDeviceInput) (*AdminForgetDeviceOutput, error) {
	req, out := c.AdminForgetDeviceRequest(input)
	return out, req.Send()
}

// AdminForgetDeviceWithContext is the same as AdminForgetDevice with the addition of
// the ability to pass a context and additional request options.
//
// See AdminForgetDevice for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) AdminForgetDeviceWithContext(ctx aws.Context, input *AdminForgetDeviceInput, opts ...request.Option) (*AdminForgetDeviceOutput, error) {
	req, out := c.AdminForgetDeviceRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opAdminGetDevice = "AdminGetDevice"

// AdminGetDeviceRequest generates a "aws/request.Request" representing the
// client's request for the AdminGetDevice operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See AdminGetDevice for more information on using the AdminGetDevice
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the AdminGetDeviceRequest method.
//	req, resp := client.AdminGetDeviceRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AdminGetDevice
func (c *CognitoIdentityProvider) AdminGetDeviceRequest(input *AdminGetDeviceInput) (req *request.Request, output *AdminGetDeviceOutput) {
	op := &request.Operation{
		Name:       opAdminGetDevice,
		HTTPMethod: "POST",
		HTTPPath:   "/",
	}

	if input == nil {
		input = &AdminGetDeviceInput{}
	}

	output = &AdminGetDeviceOutput{}
	req = c.newRequest(op, input, output)
	return
}

// AdminGetDevice API operation for Amazon Cognito Identity Provider.
//
// Gets the device, as an administrator.
//
// Amazon Cognito evaluates Identity and Access Management (IAM) policies in
// requests for this API operation. For this operation, you must use IAM credentials
// to authorize requests, and you must grant yourself the corresponding IAM
// permission in a policy.
//
// Learn more
//
//   - Signing Amazon Web Services API Requests (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html)
//
//   - Using the Amazon Cognito user pools API and user pool endpoints (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html)
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Amazon Cognito Identity Provider's
// API operation AdminGetDevice for usage and error information.
//
// Returned Error Types:
//
//   - ResourceNotFoundException
//     This exception is thrown when the Amazon Cognito service can't find the requested
//     resource.
//
//   - InvalidParameterException
//     This exception is thrown when the Amazon Cognito service encounters an invalid
//     parameter.
//
//   - InvalidUserPoolConfigurationException
//     This exception is thrown when the user pool configuration is not valid.
//
//   - TooManyRequestsException
//     This exception is thrown when the user has made too many requests for a given
//     operation.
//
//   - InternalErrorException
//     This exception is thrown when Amazon Cognito encounters an internal error.
//
//   - NotAuthorizedException
//     This exception is thrown when a user isn't authorized.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AdminGetDevice
func (c *CognitoIdentityProvider) AdminGetDevice(input *AdminGetDeviceInput) (*AdminGetDeviceOutput, error) {
	req, out := c.AdminGetDeviceRequest(input)
	return out, req.Send()
}

// AdminGetDeviceWithContext is the same as AdminGetDevice with the addition of
// the ability to pass a context and additional request options.
//
// See AdminGetDevice for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) AdminGetDeviceWithContext(ctx aws.Context, input *AdminGetDeviceInput, opts ...request.Option) (*AdminGetDeviceOutput, error) {
	req, out := c.AdminGetDeviceRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opAdminGetUser = "AdminGetUser"

// AdminGetUserRequest generates a "aws/request.Request" representing the
// client's request for the AdminGetUser operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See AdminGetUser for more information on using the AdminGetUser
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the AdminGetUserRequest method.
//	req, resp := client.AdminGetUserRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AdminGetUser
func (c *CognitoIdentityProvider) AdminGetUserRequest(input *AdminGetUserInput) (req *request.Request, output *AdminGetUserOutput) {
	op := &request.Operation{
		Name:       opAdminGetUser,
		HTTPMethod: "POST",
		HTTPPath:   "/",
	}

	if input == nil {
		input = &AdminGetUserInput{}
	}

	output = &AdminGetUserOutput{}
	req = c.newRequest(op, input, output)
	return
}

// AdminGetUser API operation for Amazon Cognito Identity Provider.
//
// Gets the specified user by user name in a user pool as an administrator.
// Works on any user.
//
// Amazon Cognito evaluates Identity and Access Management (IAM) policies in
// requests for this API operation. For this operation, you must use IAM credentials
// to authorize requests, and you must grant yourself the corresponding IAM
// permission in a policy.
//
// Learn more
//
//   - Signing Amazon Web Services API Requests (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html)
//
//   - Using the Amazon Cognito user pools API and user pool endpoints (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html)
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Amazon Cognito Identity Provider's
// API operation AdminGetUser for usage and error information.
//
// Returned Error Types:
//
//   - ResourceNotFoundException
//     This exception is thrown when the Amazon Cognito service can't find the requested
//     resource.
//
//   - InvalidParameterException
//     This exception is thrown when the Amazon Cognito service encounters an invalid
//     parameter.
//
//   - TooManyRequestsException
//     This exception is thrown when the user has made too many requests for a given
//     operation.
//
//   - NotAuthorizedException
//     This exception is thrown when a user isn't authorized.
//
//   - UserNotFoundException
//     This exception is thrown when a user isn't found.
//
//   - InternalErrorException
//     This exception is thrown when Amazon Cognito encounters an internal error.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AdminGetUser
func (c *CognitoIdentityProvider) AdminGetUser(input *AdminGetUserInput) (*AdminGetUserOutput, error) {
	req, out := c.AdminGetUserRequest(input)
	return out, req.Send()
}

// AdminGetUserWithContext is the same as AdminGetUser with the addition of
// the ability to pass a context and additional request options.
//
// See AdminGetUser for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) AdminGetUserWithContext(ctx aws.Context, input *AdminGetUserInput, opts ...request.Option) (*AdminGetUserOutput, error) {
	req, out := c.AdminGetUserRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opAdminInitiateAuth = "AdminInitiateAuth"

// AdminInitiateAuthRequest generates a "aws/request.Request" representing the
// client's request for the AdminInitiateAuth operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See AdminInitiateAuth for more information on using the AdminInitiateAuth
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the AdminInitiateAuthRequest method.
//	req, resp := client.AdminInitiateAuthRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AdminInitiateAuth
func (c *CognitoIdentityProvider) AdminInitiateAuthRequest(input *AdminInitiateAuthInput) (req *request.Request, output *AdminInitiateAuthOutput) {
	op := &request.Operation{
		Name:       opAdminInitiateAuth,
		HTTPMethod: "POST",
		HTTPPath:   "/",
	}

	if input == nil {
		input = &AdminInitiateAuthInput{}
	}

	output = &AdminInitiateAuthOutput{}
	req = c.newRequest(op, input, output)
	return
}

// AdminInitiateAuth API operation for Amazon Cognito Identity Provider.
//
// Initiates the authentication flow, as an administrator.
//
// This action might generate an SMS text message. Starting June 1, 2021, US
// telecom carriers require you to register an origination phone number before
// you can send SMS messages to US phone numbers. If you use SMS text messages
// in Amazon Cognito, you must register a phone number with Amazon Pinpoint
// (https://console.aws.amazon.com/pinpoint/home/). Amazon Cognito uses the
// registered number automatically. Otherwise, Amazon Cognito users who must
// receive SMS messages might not be able to sign up, activate their accounts,
// or sign in.
//
// If you have never used SMS text messages with Amazon Cognito or any other
// Amazon Web Service, Amazon Simple Notification Service might place your account
// in the SMS sandbox. In sandbox mode (https://docs.aws.amazon.com/sns/latest/dg/sns-sms-sandbox.html)
// , you can send messages only to verified phone numbers. After you test your
// app while in the sandbox environment, you can move out of the sandbox and
// into production. For more information, see SMS message settings for Amazon
// Cognito user pools (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-sms-settings.html)
// in the Amazon Cognito Developer Guide.
//
// Amazon Cognito evaluates Identity and Access Management (IAM) policies in
// requests for this API operation. For this operation, you must use IAM credentials
// to authorize requests, and you must grant yourself the corresponding IAM
// permission in a policy.
//
// Learn more
//
//   - Signing Amazon Web Services API Requests (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html)
//
//   - Using the Amazon Cognito user pools API and user pool endpoints (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html)
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Amazon Cognito Identity Provider's
// API operation AdminInitiateAuth for usage and error information.
//
// Returned Error Types:
//
//   - ResourceNotFoundException
//     This exception is thrown when the Amazon Cognito service can't find the requested
//     resource.
//
//   - InvalidParameterException
//     This exception is thrown when the Amazon Cognito service encounters an invalid
//     parameter.
//
//   - NotAuthorizedException
//     This exception is thrown when a user isn't authorized.
//
//   - TooManyRequestsException
//     This exception is thrown when the user has made too many requests for a given
//     operation.
//
//   - InternalErrorException
//     This exception is thrown when Amazon Cognito encounters an internal error.
//
//   - UnexpectedLambdaException
//     This exception is thrown when Amazon Cognito encounters an unexpected exception
//     with Lambda.
//
//   - InvalidUserPoolConfigurationException
//     This exception is thrown when the user pool configuration is not valid.
//
//   - UserLambdaValidationException
//     This exception is thrown when the Amazon Cognito service encounters a user
//     validation exception with the Lambda service.
//
//   - InvalidLambdaResponseException
//     This exception is thrown when Amazon Cognito encounters an invalid Lambda
//     response.
//
//   - MFAMethodNotFoundException
//     This exception is thrown when Amazon Cognito can't find a multi-factor authentication
//     (MFA) method.
//
//   - InvalidSmsRoleAccessPolicyException
//     This exception is returned when the role provided for SMS configuration doesn't
//     have permission to publish using Amazon SNS.
//
//   - InvalidSmsRoleTrustRelationshipException
//     This exception is thrown when the trust relationship is not valid for the
//     role provided for SMS configuration. This can happen if you don't trust cognito-idp.amazonaws.com
//     or the external ID provided in the role does not match what is provided in
//     the SMS configuration for the user pool.
//
//   - PasswordResetRequiredException
//     This exception is thrown when a password reset is required.
//
//   - UserNotFoundException
//     This exception is thrown when a user isn't found.
//
//   - UserNotConfirmedException
//     This exception is thrown when a user isn't confirmed successfully.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AdminInitiateAuth
func (c *CognitoIdentityProvider) AdminInitiateAuth(input *AdminInitiateAuthInput) (*AdminInitiateAuthOutput, error) {
	req, out := c.AdminInitiateAuthRequest(input)
	return out, req.Send()
}

// AdminInitiateAuthWithContext is the same as AdminInitiateAuth with the addition of
// the ability to pass a context and additional request options.
//
// See AdminInitiateAuth for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) AdminInitiateAuthWithContext(ctx aws.Context, input *AdminInitiateAuthInput, opts ...request.Option) (*AdminInitiateAuthOutput, error) {
	req, out := c.AdminInitiateAuthRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opAdminLinkProviderForUser = "AdminLinkProviderForUser"

// AdminLinkProviderForUserRequest generates a "aws/request.Request" representing the
// client's request for the AdminLinkProviderForUser operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See AdminLinkProviderForUser for more information on using the AdminLinkProviderForUser
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the AdminLinkProviderForUserRequest method.
//	req, resp := client.AdminLinkProviderForUserRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AdminLinkProviderForUser
func (c *CognitoIdentityProvider) AdminLinkProviderForUserRequest(input *AdminLinkProviderForUserInput) (req *request.Request, output *AdminLinkProviderForUserOutput) {
	op := &request.Operation{
		Name:       opAdminLinkProviderForUser,
		HTTPMethod: "POST",
		HTTPPath:   "/",
	}

	if input == nil {
		input = &AdminLinkProviderForUserInput{}
	}

	output = &AdminLinkProviderForUserOutput{}
	req = c.newRequest(op, input, output)
	req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
	return
}

// AdminLinkProviderForUser API operation for Amazon Cognito Identity Provider.
//
// Links an existing user account in a user pool (DestinationUser) to an identity
// from an external IdP (SourceUser) based on a specified attribute name and
// value from the external IdP. This allows you to create a link from the existing
// user account to an external federated user identity that has not yet been
// used to sign in. You can then use the federated user identity to sign in
// as the existing user account.
//
// For example, if there is an existing user with a username and password, this
// API links that user to a federated user identity. When the user signs in
// with a federated user identity, they sign in as the existing user account.
//
// The maximum number of federated identities linked to a user is five.
//
// Because this API allows a user with an external federated identity to sign
// in as an existing user in the user pool, it is critical that it only be used
// with external IdPs and provider attributes that have been trusted by the
// application owner.
//
// Amazon Cognito evaluates Identity and Access Management (IAM) policies in
// requests for this API operation. For this operation, you must use IAM credentials
// to authorize requests, and you must grant yourself the corresponding IAM
// permission in a policy.
//
// Learn more
//
//   - Signing Amazon Web Services API Requests (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html)
//
//   - Using the Amazon Cognito user pools API and user pool endpoints (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html)
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Amazon Cognito Identity Provider's
// API operation AdminLinkProviderForUser for usage and error information.
//
// Returned Error Types:
//
//   - ResourceNotFoundException
//     This exception is thrown when the Amazon Cognito service can't find the requested
//     resource.
//
//   - InvalidParameterException
//     This exception is thrown when the Amazon Cognito service encounters an invalid
//     parameter.
//
//   - TooManyRequestsException
//     This exception is thrown when the user has made too many requests for a given
//     operation.
//
//   - NotAuthorizedException
//     This exception is thrown when a user isn't authorized.
//
//   - UserNotFoundException
//     This exception is thrown when a user isn't found.
//
//   - AliasExistsException
//     This exception is thrown when a user tries to confirm the account with an
//     email address or phone number that has already been supplied as an alias
//     for a different user profile. This exception indicates that an account with
//     this email address or phone already exists in a user pool that you've configured
//     to use email address or phone number as a sign-in alias.
//
//   - LimitExceededException
//     This exception is thrown when a user exceeds the limit for a requested Amazon
//     Web Services resource.
//
//   - InternalErrorException
//     This exception is thrown when Amazon Cognito encounters an internal error.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AdminLinkProviderForUser
func (c *CognitoIdentityProvider) AdminLinkProviderForUser(input *AdminLinkProviderForUserInput) (*AdminLinkProviderForUserOutput, error) {
	req, out := c.AdminLinkProviderForUserRequest(input)
	return out, req.Send()
}

// AdminLinkProviderForUserWithContext is the same as AdminLinkProviderForUser with the addition of
// the ability to pass a context and additional request options.
//
// See AdminLinkProviderForUser for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) AdminLinkProviderForUserWithContext(ctx aws.Context, input *AdminLinkProviderForUserInput, opts ...request.Option) (*AdminLinkProviderForUserOutput, error) {
	req, out := c.AdminLinkProviderForUserRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opAdminListDevices = "AdminListDevices"

// AdminListDevicesRequest generates a "aws/request.Request" representing the
// client's request for the AdminListDevices operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See AdminListDevices for more information on using the AdminListDevices
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the AdminListDevicesRequest method.
//	req, resp := client.AdminListDevicesRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AdminListDevices
func (c *CognitoIdentityProvider) AdminListDevicesRequest(input *AdminListDevicesInput) (req *request.Request, output *AdminListDevicesOutput) {
	op := &request.Operation{
		Name:       opAdminListDevices,
		HTTPMethod: "POST",
		HTTPPath:   "/",
	}

	if input == nil {
		input = &AdminListDevicesInput{}
	}

	output = &AdminListDevicesOutput{}
	req = c.newRequest(op, input, output)
	return
}

// AdminListDevices API operation for Amazon Cognito Identity Provider.
//
// Lists devices, as an administrator.
//
// Amazon Cognito evaluates Identity and Access Management (IAM) policies in
// requests for this API operation. For this operation, you must use IAM credentials
// to authorize requests, and you must grant yourself the corresponding IAM
// permission in a policy.
//
// Learn more
//
//   - Signing Amazon Web Services API Requests (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html)
//
//   - Using the Amazon Cognito user pools API and user pool endpoints (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html)
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Amazon Cognito Identity Provider's
// API operation AdminListDevices for usage and error information.
//
// Returned Error Types:
//
//   - InvalidParameterException
//     This exception is thrown when the Amazon Cognito service encounters an invalid
//     parameter.
//
//   - ResourceNotFoundException
//     This exception is thrown when the Amazon Cognito service can't find the requested
//     resource.
//
//   - InvalidUserPoolConfigurationException
//     This exception is thrown when the user pool configuration is not valid.
//
//   - TooManyRequestsException
//     This exception is thrown when the user has made too many requests for a given
//     operation.
//
//   - InternalErrorException
//     This exception is thrown when Amazon Cognito encounters an internal error.
//
//   - NotAuthorizedException
//     This exception is thrown when a user isn't authorized.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AdminListDevices
func (c *CognitoIdentityProvider) AdminListDevices(input *AdminListDevicesInput) (*AdminListDevicesOutput, error) {
	req, out := c.AdminListDevicesRequest(input)
	return out, req.Send()
}

// AdminListDevicesWithContext is the same as AdminListDevices with the addition of
// the ability to pass a context and additional request options.
//
// See AdminListDevices for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) AdminListDevicesWithContext(ctx aws.Context, input *AdminListDevicesInput, opts ...request.Option) (*AdminListDevicesOutput, error) {
	req, out := c.AdminListDevicesRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opAdminListGroupsForUser = "AdminListGroupsForUser"

// AdminListGroupsForUserRequest generates a "aws/request.Request" representing the
// client's request for the AdminListGroupsForUser operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See AdminListGroupsForUser for more information on using the AdminListGroupsForUser
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the AdminListGroupsForUserRequest method.
//	req, resp := client.AdminListGroupsForUserRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AdminListGroupsForUser
func (c *CognitoIdentityProvider) AdminListGroupsForUserRequest(input *AdminListGroupsForUserInput) (req *request.Request, output *AdminListGroupsForUserOutput) {
	op := &request.Operation{
		Name:       opAdminListGroupsForUser,
		HTTPMethod: "POST",
		HTTPPath:   "/",
		Paginator: &request.Paginator{
			InputTokens:     []string{"NextToken"},
			OutputTokens:    []string{"NextToken"},
			LimitToken:      "Limit",
			TruncationToken: "",
		},
	}

	if input == nil {
		input = &AdminListGroupsForUserInput{}
	}

	output = &AdminListGroupsForUserOutput{}
	req = c.newRequest(op, input, output)
	return
}

// AdminListGroupsForUser API operation for Amazon Cognito Identity Provider.
//
// Lists the groups that a user belongs to.
//
// Amazon Cognito evaluates Identity and Access Management (IAM) policies in
// requests for this API operation. For this operation, you must use IAM credentials
// to authorize requests, and you must grant yourself the corresponding IAM
// permission in a policy.
//
// Learn more
//
//   - Signing Amazon Web Services API Requests (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html)
//
//   - Using the Amazon Cognito user pools API and user pool endpoints (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html)
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Amazon Cognito Identity Provider's
// API operation AdminListGroupsForUser for usage and error information.
//
// Returned Error Types:
//
//   - InvalidParameterException
//     This exception is thrown when the Amazon Cognito service encounters an invalid
//     parameter.
//
//   - ResourceNotFoundException
//     This exception is thrown when the Amazon Cognito service can't find the requested
//     resource.
//
//   - TooManyRequestsException
//     This exception is thrown when the user has made too many requests for a given
//     operation.
//
//   - NotAuthorizedException
//     This exception is thrown when a user isn't authorized.
//
//   - UserNotFoundException
//     This exception is thrown when a user isn't found.
//
//   - InternalErrorException
//     This exception is thrown when Amazon Cognito encounters an internal error.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AdminListGroupsForUser
func (c *CognitoIdentityProvider) AdminListGroupsForUser(input *AdminListGroupsForUserInput) (*AdminListGroupsForUserOutput, error) {
	req, out := c.AdminListGroupsForUserRequest(input)
	return out, req.Send()
}

// AdminListGroupsForUserWithContext is the same as AdminListGroupsForUser with the addition of
// the ability to pass a context and additional request options.
//
// See AdminListGroupsForUser for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) AdminListGroupsForUserWithContext(ctx aws.Context, input *AdminListGroupsForUserInput, opts ...request.Option) (*AdminListGroupsForUserOutput, error) {
	req, out := c.AdminListGroupsForUserRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

// AdminListGroupsForUserPages iterates over the pages of a AdminListGroupsForUser operation,
// calling the "fn" function with the response data for each page. To stop
// iterating, return false from the fn function.
//
// See AdminListGroupsForUser method for more information on how to use this operation.
//
// Note: This operation can generate multiple requests to a service.
//
//	// Example iterating over at most 3 pages of a AdminListGroupsForUser operation.
//	pageNum := 0
//	err := client.AdminListGroupsForUserPages(params,
//	    func(page *cognitoidentityprovider.AdminListGroupsForUserOutput, lastPage bool) bool {
//	        pageNum++
//	        fmt.Println(page)
//	        return pageNum <= 3
//	    })
func (c *CognitoIdentityProvider) AdminListGroupsForUserPages(input *AdminListGroupsForUserInput, fn func(*AdminListGroupsForUserOutput, bool) bool) error {
	return c.AdminListGroupsForUserPagesWithContext(aws.BackgroundContext(), input, fn)
}

// AdminListGroupsForUserPagesWithContext same as AdminListGroupsForUserPages except
// it takes a Context and allows setting request options on the pages.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) AdminListGroupsForUserPagesWithContext(ctx aws.Context, input *AdminListGroupsForUserInput, fn func(*AdminListGroupsForUserOutput, bool) bool, opts ...request.Option) error {
	p := request.Pagination{
		NewRequest: func() (*request.Request, error) {
			var inCpy *AdminListGroupsForUserInput
			if input != nil {
				tmp := *input
				inCpy = &tmp
			}
			req, _ := c.AdminListGroupsForUserRequest(inCpy)
			req.SetContext(ctx)
			req.ApplyOptions(opts...)
			return req, nil
		},
	}

	for p.Next() {
		if !fn(p.Page().(*AdminListGroupsForUserOutput), !p.HasNextPage()) {
			break
		}
	}

	return p.Err()
}

const opAdminListUserAuthEvents = "AdminListUserAuthEvents"

// AdminListUserAuthEventsRequest generates a "aws/request.Request" representing the
// client's request for the AdminListUserAuthEvents operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See AdminListUserAuthEvents for more information on using the AdminListUserAuthEvents
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the AdminListUserAuthEventsRequest method.
//	req, resp := client.AdminListUserAuthEventsRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AdminListUserAuthEvents
func (c *CognitoIdentityProvider) AdminListUserAuthEventsRequest(input *AdminListUserAuthEventsInput) (req *request.Request, output *AdminListUserAuthEventsOutput) {
	op := &request.Operation{
		Name:       opAdminListUserAuthEvents,
		HTTPMethod: "POST",
		HTTPPath:   "/",
		Paginator: &request.Paginator{
			InputTokens:     []string{"NextToken"},
			OutputTokens:    []string{"NextToken"},
			LimitToken:      "MaxResults",
			TruncationToken: "",
		},
	}

	if input == nil {
		input = &AdminListUserAuthEventsInput{}
	}

	output = &AdminListUserAuthEventsOutput{}
	req = c.newRequest(op, input, output)
	return
}

// AdminListUserAuthEvents API operation for Amazon Cognito Identity Provider.
//
// A history of user activity and any risks detected as part of Amazon Cognito
// advanced security.
//
// Amazon Cognito evaluates Identity and Access Management (IAM) policies in
// requests for this API operation. For this operation, you must use IAM credentials
// to authorize requests, and you must grant yourself the corresponding IAM
// permission in a policy.
//
// Learn more
//
//   - Signing Amazon Web Services API Requests (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html)
//
//   - Using the Amazon Cognito user pools API and user pool endpoints (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html)
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Amazon Cognito Identity Provider's
// API operation AdminListUserAuthEvents for usage and error information.
//
// Returned Error Types:
//
//   - InvalidParameterException
//     This exception is thrown when the Amazon Cognito service encounters an invalid
//     parameter.
//
//   - ResourceNotFoundException
//     This exception is thrown when the Amazon Cognito service can't find the requested
//     resource.
//
//   - TooManyRequestsException
//     This exception is thrown when the user has made too many requests for a given
//     operation.
//
//   - NotAuthorizedException
//     This exception is thrown when a user isn't authorized.
//
//   - UserNotFoundException
//     This exception is thrown when a user isn't found.
//
//   - UserPoolAddOnNotEnabledException
//     This exception is thrown when user pool add-ons aren't enabled.
//
//   - InternalErrorException
//     This exception is thrown when Amazon Cognito encounters an internal error.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AdminListUserAuthEvents
func (c *CognitoIdentityProvider) AdminListUserAuthEvents(input *AdminListUserAuthEventsInput) (*AdminListUserAuthEventsOutput, error) {
	req, out := c.AdminListUserAuthEventsRequest(input)
	return out, req.Send()
}

// AdminListUserAuthEventsWithContext is the same as AdminListUserAuthEvents with the addition of
// the ability to pass a context and additional request options.
//
// See AdminListUserAuthEvents for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) AdminListUserAuthEventsWithContext(ctx aws.Context, input *AdminListUserAuthEventsInput, opts ...request.Option) (*AdminListUserAuthEventsOutput, error) {
	req, out := c.AdminListUserAuthEventsRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

// AdminListUserAuthEventsPages iterates over the pages of a AdminListUserAuthEvents operation,
// calling the "fn" function with the response data for each page. To stop
// iterating, return false from the fn function.
//
// See AdminListUserAuthEvents method for more information on how to use this operation.
//
// Note: This operation can generate multiple requests to a service.
//
//	// Example iterating over at most 3 pages of a AdminListUserAuthEvents operation.
//	pageNum := 0
//	err := client.AdminListUserAuthEventsPages(params,
//	    func(page *cognitoidentityprovider.AdminListUserAuthEventsOutput, lastPage bool) bool {
//	        pageNum++
//	        fmt.Println(page)
//	        return pageNum <= 3
//	    })
func (c *CognitoIdentityProvider) AdminListUserAuthEventsPages(input *AdminListUserAuthEventsInput, fn func(*AdminListUserAuthEventsOutput, bool) bool) error {
	return c.AdminListUserAuthEventsPagesWithContext(aws.BackgroundContext(), input, fn)
}

// AdminListUserAuthEventsPagesWithContext same as AdminListUserAuthEventsPages except
// it takes a Context and allows setting request options on the pages.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) AdminListUserAuthEventsPagesWithContext(ctx aws.Context, input *AdminListUserAuthEventsInput, fn func(*AdminListUserAuthEventsOutput, bool) bool, opts ...request.Option) error {
	p := request.Pagination{
		NewRequest: func() (*request.Request, error) {
			var inCpy *AdminListUserAuthEventsInput
			if input != nil {
				tmp := *input
				inCpy = &tmp
			}
			req, _ := c.AdminListUserAuthEventsRequest(inCpy)
			req.SetContext(ctx)
			req.ApplyOptions(opts...)
			return req, nil
		},
	}

	for p.Next() {
		if !fn(p.Page().(*AdminListUserAuthEventsOutput), !p.HasNextPage()) {
			break
		}
	}

	return p.Err()
}

const opAdminRemoveUserFromGroup = "AdminRemoveUserFromGroup"

// AdminRemoveUserFromGroupRequest generates a "aws/request.Request" representing the
// client's request for the AdminRemoveUserFromGroup operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See AdminRemoveUserFromGroup for more information on using the AdminRemoveUserFromGroup
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the AdminRemoveUserFromGroupRequest method.
//	req, resp := client.AdminRemoveUserFromGroupRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AdminRemoveUserFromGroup
func (c *CognitoIdentityProvider) AdminRemoveUserFromGroupRequest(input *AdminRemoveUserFromGroupInput) (req *request.Request, output *AdminRemoveUserFromGroupOutput) {
	op := &request.Operation{
		Name:       opAdminRemoveUserFromGroup,
		HTTPMethod: "POST",
		HTTPPath:   "/",
	}

	if input == nil {
		input = &AdminRemoveUserFromGroupInput{}
	}

	output = &AdminRemoveUserFromGroupOutput{}
	req = c.newRequest(op, input, output)
	req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
	return
}

// AdminRemoveUserFromGroup API operation for Amazon Cognito Identity Provider.
//
// Removes the specified user from the specified group.
//
// Amazon Cognito evaluates Identity and Access Management (IAM) policies in
// requests for this API operation. For this operation, you must use IAM credentials
// to authorize requests, and you must grant yourself the corresponding IAM
// permission in a policy.
//
// Learn more
//
//   - Signing Amazon Web Services API Requests (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html)
//
//   - Using the Amazon Cognito user pools API and user pool endpoints (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html)
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Amazon Cognito Identity Provider's
// API operation AdminRemoveUserFromGroup for usage and error information.
//
// Returned Error Types:
//
//   - InvalidParameterException
//     This exception is thrown when the Amazon Cognito service encounters an invalid
//     parameter.
//
//   - ResourceNotFoundException
//     This exception is thrown when the Amazon Cognito service can't find the requested
//     resource.
//
//   - TooManyRequestsException
//     This exception is thrown when the user has made too many requests for a given
//     operation.
//
//   - NotAuthorizedException
//     This exception is thrown when a user isn't authorized.
//
//   - UserNotFoundException
//     This exception is thrown when a user isn't found.
//
//   - InternalErrorException
//     This exception is thrown when Amazon Cognito encounters an internal error.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AdminRemoveUserFromGroup
func (c *CognitoIdentityProvider) AdminRemoveUserFromGroup(input *AdminRemoveUserFromGroupInput) (*AdminRemoveUserFromGroupOutput, error) {
	req, out := c.AdminRemoveUserFromGroupRequest(input)
	return out, req.Send()
}

// AdminRemoveUserFromGroupWithContext is the same as AdminRemoveUserFromGroup with the addition of
// the ability to pass a context and additional request options.
//
// See AdminRemoveUserFromGroup for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) AdminRemoveUserFromGroupWithContext(ctx aws.Context, input *AdminRemoveUserFromGroupInput, opts ...request.Option) (*AdminRemoveUserFromGroupOutput, error) {
	req, out := c.AdminRemoveUserFromGroupRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opAdminResetUserPassword = "AdminResetUserPassword"

// AdminResetUserPasswordRequest generates a "aws/request.Request" representing the
// client's request for the AdminResetUserPassword operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See AdminResetUserPassword for more information on using the AdminResetUserPassword
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the AdminResetUserPasswordRequest method.
//	req, resp := client.AdminResetUserPasswordRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AdminResetUserPassword
func (c *CognitoIdentityProvider) AdminResetUserPasswordRequest(input *AdminResetUserPasswordInput) (req *request.Request, output *AdminResetUserPasswordOutput) {
	op := &request.Operation{
		Name:       opAdminResetUserPassword,
		HTTPMethod: "POST",
		HTTPPath:   "/",
	}

	if input == nil {
		input = &AdminResetUserPasswordInput{}
	}

	output = &AdminResetUserPasswordOutput{}
	req = c.newRequest(op, input, output)
	req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
	return
}

// AdminResetUserPassword API operation for Amazon Cognito Identity Provider.
//
// Resets the specified user's password in a user pool as an administrator.
// Works on any user.
//
// This action might generate an SMS text message. Starting June 1, 2021, US
// telecom carriers require you to register an origination phone number before
// you can send SMS messages to US phone numbers. If you use SMS text messages
// in Amazon Cognito, you must register a phone number with Amazon Pinpoint
// (https://console.aws.amazon.com/pinpoint/home/). Amazon Cognito uses the
// registered number automatically. Otherwise, Amazon Cognito users who must
// receive SMS messages might not be able to sign up, activate their accounts,
// or sign in.
//
// If you have never used SMS text messages with Amazon Cognito or any other
// Amazon Web Service, Amazon Simple Notification Service might place your account
// in the SMS sandbox. In sandbox mode (https://docs.aws.amazon.com/sns/latest/dg/sns-sms-sandbox.html)
// , you can send messages only to verified phone numbers. After you test your
// app while in the sandbox environment, you can move out of the sandbox and
// into production. For more information, see SMS message settings for Amazon
// Cognito user pools (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-sms-settings.html)
// in the Amazon Cognito Developer Guide.
//
// Deactivates a user's password, requiring them to change it. If a user tries
// to sign in after the API is called, Amazon Cognito responds with a PasswordResetRequiredException
// error. Your app must then perform the actions that reset your user's password:
// the forgot-password flow. In addition, if the user pool has phone verification
// selected and a verified phone number exists for the user, or if email verification
// is selected and a verified email exists for the user, calling this API will
// also result in sending a message to the end user with the code to change
// their password.
//
// Amazon Cognito evaluates Identity and Access Management (IAM) policies in
// requests for this API operation. For this operation, you must use IAM credentials
// to authorize requests, and you must grant yourself the corresponding IAM
// permission in a policy.
//
// Learn more
//
//   - Signing Amazon Web Services API Requests (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html)
//
//   - Using the Amazon Cognito user pools API and user pool endpoints (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html)
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Amazon Cognito Identity Provider's
// API operation AdminResetUserPassword for usage and error information.
//
// Returned Error Types:
//
//   - ResourceNotFoundException
//     This exception is thrown when the Amazon Cognito service can't find the requested
//     resource.
//
//   - InvalidParameterException
//     This exception is thrown when the Amazon Cognito service encounters an invalid
//     parameter.
//
//   - UnexpectedLambdaException
//     This exception is thrown when Amazon Cognito encounters an unexpected exception
//     with Lambda.
//
//   - UserLambdaValidationException
//     This exception is thrown when the Amazon Cognito service encounters a user
//     validation exception with the Lambda service.
//
//   - NotAuthorizedException
//     This exception is thrown when a user isn't authorized.
//
//   - InvalidLambdaResponseException
//     This exception is thrown when Amazon Cognito encounters an invalid Lambda
//     response.
//
//   - TooManyRequestsException
//     This exception is thrown when the user has made too many requests for a given
//     operation.
//
//   - LimitExceededException
//     This exception is thrown when a user exceeds the limit for a requested Amazon
//     Web Services resource.
//
//   - UserNotFoundException
//     This exception is thrown when a user isn't found.
//
//   - InvalidSmsRoleAccessPolicyException
//     This exception is returned when the role provided for SMS configuration doesn't
//     have permission to publish using Amazon SNS.
//
//   - InvalidEmailRoleAccessPolicyException
//     This exception is thrown when Amazon Cognito isn't allowed to use your email
//     identity. HTTP status code: 400.
//
//   - InvalidSmsRoleTrustRelationshipException
//     This exception is thrown when the trust relationship is not valid for the
//     role provided for SMS configuration. This can happen if you don't trust cognito-idp.amazonaws.com
//     or the external ID provided in the role does not match what is provided in
//     the SMS configuration for the user pool.
//
//   - InternalErrorException
//     This exception is thrown when Amazon Cognito encounters an internal error.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AdminResetUserPassword
func (c *CognitoIdentityProvider) AdminResetUserPassword(input *AdminResetUserPasswordInput) (*AdminResetUserPasswordOutput, error) {
	req, out := c.AdminResetUserPasswordRequest(input)
	return out, req.Send()
}

// AdminResetUserPasswordWithContext is the same as AdminResetUserPassword with the addition of
// the ability to pass a context and additional request options.
//
// See AdminResetUserPassword for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) AdminResetUserPasswordWithContext(ctx aws.Context, input *AdminResetUserPasswordInput, opts ...request.Option) (*AdminResetUserPasswordOutput, error) {
	req, out := c.AdminResetUserPasswordRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opAdminRespondToAuthChallenge = "AdminRespondToAuthChallenge"

// AdminRespondToAuthChallengeRequest generates a "aws/request.Request" representing the
// client's request for the AdminRespondToAuthChallenge operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See AdminRespondToAuthChallenge for more information on using the AdminRespondToAuthChallenge
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the AdminRespondToAuthChallengeRequest method.
//	req, resp := client.AdminRespondToAuthChallengeRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AdminRespondToAuthChallenge
func (c *CognitoIdentityProvider) AdminRespondToAuthChallengeRequest(input *AdminRespondToAuthChallengeInput) (req *request.Request, output *AdminRespondToAuthChallengeOutput) {
	op := &request.Operation{
		Name:       opAdminRespondToAuthChallenge,
		HTTPMethod: "POST",
		HTTPPath:   "/",
	}

	if input == nil {
		input = &AdminRespondToAuthChallengeInput{}
	}

	output = &AdminRespondToAuthChallengeOutput{}
	req = c.newRequest(op, input, output)
	return
}

// AdminRespondToAuthChallenge API operation for Amazon Cognito Identity Provider.
//
// Some API operations in a user pool generate a challenge, like a prompt for
// an MFA code, for device authentication that bypasses MFA, or for a custom
// authentication challenge. An AdminRespondToAuthChallenge API request provides
// the answer to that challenge, like a code or a secure remote password (SRP).
// The parameters of a response to an authentication challenge vary with the
// type of challenge.
//
// For more information about custom authentication challenges, see Custom authentication
// challenge Lambda triggers (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-challenge.html).
//
// This action might generate an SMS text message. Starting June 1, 2021, US
// telecom carriers require you to register an origination phone number before
// you can send SMS messages to US phone numbers. If you use SMS text messages
// in Amazon Cognito, you must register a phone number with Amazon Pinpoint
// (https://console.aws.amazon.com/pinpoint/home/). Amazon Cognito uses the
// registered number automatically. Otherwise, Amazon Cognito users who must
// receive SMS messages might not be able to sign up, activate their accounts,
// or sign in.
//
// If you have never used SMS text messages with Amazon Cognito or any other
// Amazon Web Service, Amazon Simple Notification Service might place your account
// in the SMS sandbox. In sandbox mode (https://docs.aws.amazon.com/sns/latest/dg/sns-sms-sandbox.html)
// , you can send messages only to verified phone numbers. After you test your
// app while in the sandbox environment, you can move out of the sandbox and
// into production. For more information, see SMS message settings for Amazon
// Cognito user pools (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-sms-settings.html)
// in the Amazon Cognito Developer Guide.
//
// Amazon Cognito evaluates Identity and Access Management (IAM) policies in
// requests for this API operation. For this operation, you must use IAM credentials
// to authorize requests, and you must grant yourself the corresponding IAM
// permission in a policy.
//
// Learn more
//
//   - Signing Amazon Web Services API Requests (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html)
//
//   - Using the Amazon Cognito user pools API and user pool endpoints (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html)
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Amazon Cognito Identity Provider's
// API operation AdminRespondToAuthChallenge for usage and error information.
//
// Returned Error Types:
//
//   - ResourceNotFoundException
//     This exception is thrown when the Amazon Cognito service can't find the requested
//     resource.
//
//   - InvalidParameterException
//     This exception is thrown when the Amazon Cognito service encounters an invalid
//     parameter.
//
//   - NotAuthorizedException
//     This exception is thrown when a user isn't authorized.
//
//   - CodeMismatchException
//     This exception is thrown if the provided code doesn't match what the server
//     was expecting.
//
//   - ExpiredCodeException
//     This exception is thrown if a code has expired.
//
//   - UnexpectedLambdaException
//     This exception is thrown when Amazon Cognito encounters an unexpected exception
//     with Lambda.
//
//   - InvalidPasswordException
//     This exception is thrown when Amazon Cognito encounters an invalid password.
//
//   - UserLambdaValidationException
//     This exception is thrown when the Amazon Cognito service encounters a user
//     validation exception with the Lambda service.
//
//   - InvalidLambdaResponseException
//     This exception is thrown when Amazon Cognito encounters an invalid Lambda
//     response.
//
//   - TooManyRequestsException
//     This exception is thrown when the user has made too many requests for a given
//     operation.
//
//   - InvalidUserPoolConfigurationException
//     This exception is thrown when the user pool configuration is not valid.
//
//   - InternalErrorException
//     This exception is thrown when Amazon Cognito encounters an internal error.
//
//   - MFAMethodNotFoundException
//     This exception is thrown when Amazon Cognito can't find a multi-factor authentication
//     (MFA) method.
//
//   - InvalidSmsRoleAccessPolicyException
//     This exception is returned when the role provided for SMS configuration doesn't
//     have permission to publish using Amazon SNS.
//
//   - InvalidSmsRoleTrustRelationshipException
//     This exception is thrown when the trust relationship is not valid for the
//     role provided for SMS configuration. This can happen if you don't trust cognito-idp.amazonaws.com
//     or the external ID provided in the role does not match what is provided in
//     the SMS configuration for the user pool.
//
//   - AliasExistsException
//     This exception is thrown when a user tries to confirm the account with an
//     email address or phone number that has already been supplied as an alias
//     for a different user profile. This exception indicates that an account with
//     this email address or phone already exists in a user pool that you've configured
//     to use email address or phone number as a sign-in alias.
//
//   - PasswordResetRequiredException
//     This exception is thrown when a password reset is required.
//
//   - UserNotFoundException
//     This exception is thrown when a user isn't found.
//
//   - UserNotConfirmedException
//     This exception is thrown when a user isn't confirmed successfully.
//
//   - SoftwareTokenMFANotFoundException
//     This exception is thrown when the software token time-based one-time password
//     (TOTP) multi-factor authentication (MFA) isn't activated for the user pool.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AdminRespondToAuthChallenge
func (c *CognitoIdentityProvider) AdminRespondToAuthChallenge(input *AdminRespondToAuthChallengeInput) (*AdminRespondToAuthChallengeOutput, error) {
	req, out := c.AdminRespondToAuthChallengeRequest(input)
	return out, req.Send()
}

// AdminRespondToAuthChallengeWithContext is the same as AdminRespondToAuthChallenge with the addition of
// the ability to pass a context and additional request options.
//
// See AdminRespondToAuthChallenge for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) AdminRespondToAuthChallengeWithContext(ctx aws.Context, input *AdminRespondToAuthChallengeInput, opts ...request.Option) (*AdminRespondToAuthChallengeOutput, error) {
	req, out := c.AdminRespondToAuthChallengeRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opAdminSetUserMFAPreference = "AdminSetUserMFAPreference"

// AdminSetUserMFAPreferenceRequest generates a "aws/request.Request" representing the
// client's request for the AdminSetUserMFAPreference operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See AdminSetUserMFAPreference for more information on using the AdminSetUserMFAPreference
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the AdminSetUserMFAPreferenceRequest method.
//	req, resp := client.AdminSetUserMFAPreferenceRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AdminSetUserMFAPreference
func (c *CognitoIdentityProvider) AdminSetUserMFAPreferenceRequest(input *AdminSetUserMFAPreferenceInput) (req *request.Request, output *AdminSetUserMFAPreferenceOutput) {
	op := &request.Operation{
		Name:       opAdminSetUserMFAPreference,
		HTTPMethod: "POST",
		HTTPPath:   "/",
	}

	if input == nil {
		input = &AdminSetUserMFAPreferenceInput{}
	}

	output = &AdminSetUserMFAPreferenceOutput{}
	req = c.newRequest(op, input, output)
	req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
	return
}

// AdminSetUserMFAPreference API operation for Amazon Cognito Identity Provider.
//
// The user's multi-factor authentication (MFA) preference, including which
// MFA options are activated, and if any are preferred. Only one factor can
// be set as preferred. The preferred MFA factor will be used to authenticate
// a user if multiple factors are activated. If multiple options are activated
// and no preference is set, a challenge to choose an MFA option will be returned
// during sign-in.
//
// Amazon Cognito evaluates Identity and Access Management (IAM) policies in
// requests for this API operation. For this operation, you must use IAM credentials
// to authorize requests, and you must grant yourself the corresponding IAM
// permission in a policy.
//
// Learn more
//
//   - Signing Amazon Web Services API Requests (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html)
//
//   - Using the Amazon Cognito user pools API and user pool endpoints (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html)
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Amazon Cognito Identity Provider's
// API operation AdminSetUserMFAPreference for usage and error information.
//
// Returned Error Types:
//
//   - ResourceNotFoundException
//     This exception is thrown when the Amazon Cognito service can't find the requested
//     resource.
//
//   - InvalidParameterException
//     This exception is thrown when the Amazon Cognito service encounters an invalid
//     parameter.
//
//   - NotAuthorizedException
//     This exception is thrown when a user isn't authorized.
//
//   - PasswordResetRequiredException
//     This exception is thrown when a password reset is required.
//
//   - UserNotFoundException
//     This exception is thrown when a user isn't found.
//
//   - UserNotConfirmedException
//     This exception is thrown when a user isn't confirmed successfully.
//
//   - InternalErrorException
//     This exception is thrown when Amazon Cognito encounters an internal error.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AdminSetUserMFAPreference
func (c *CognitoIdentityProvider) AdminSetUserMFAPreference(input *AdminSetUserMFAPreferenceInput) (*AdminSetUserMFAPreferenceOutput, error) {
	req, out := c.AdminSetUserMFAPreferenceRequest(input)
	return out, req.Send()
}

// AdminSetUserMFAPreferenceWithContext is the same as AdminSetUserMFAPreference with the addition of
// the ability to pass a context and additional request options.
//
// See AdminSetUserMFAPreference for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) AdminSetUserMFAPreferenceWithContext(ctx aws.Context, input *AdminSetUserMFAPreferenceInput, opts ...request.Option) (*AdminSetUserMFAPreferenceOutput, error) {
	req, out := c.AdminSetUserMFAPreferenceRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opAdminSetUserPassword = "AdminSetUserPassword"

// AdminSetUserPasswordRequest generates a "aws/request.Request" representing the
// client's request for the AdminSetUserPassword operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See AdminSetUserPassword for more information on using the AdminSetUserPassword
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the AdminSetUserPasswordRequest method.
//	req, resp := client.AdminSetUserPasswordRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AdminSetUserPassword
func (c *CognitoIdentityProvider) AdminSetUserPasswordRequest(input *AdminSetUserPasswordInput) (req *request.Request, output *AdminSetUserPasswordOutput) {
	op := &request.Operation{
		Name:       opAdminSetUserPassword,
		HTTPMethod: "POST",
		HTTPPath:   "/",
	}

	if input == nil {
		input = &AdminSetUserPasswordInput{}
	}

	output = &AdminSetUserPasswordOutput{}
	req = c.newRequest(op, input, output)
	req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
	return
}

// AdminSetUserPassword API operation for Amazon Cognito Identity Provider.
//
// Sets the specified user's password in a user pool as an administrator. Works
// on any user.
//
// The password can be temporary or permanent. If it is temporary, the user
// status enters the FORCE_CHANGE_PASSWORD state. When the user next tries to
// sign in, the InitiateAuth/AdminInitiateAuth response will contain the NEW_PASSWORD_REQUIRED
// challenge. If the user doesn't sign in before it expires, the user won't
// be able to sign in, and an administrator must reset their password.
//
// Once the user has set a new password, or the password is permanent, the user
// status is set to Confirmed.
//
// AdminSetUserPassword can set a password for the user profile that Amazon
// Cognito creates for third-party federated users. When you set a password,
// the federated user's status changes from EXTERNAL_PROVIDER to CONFIRMED.
// A user in this state can sign in as a federated user, and initiate authentication
// flows in the API like a linked native user. They can also modify their password
// and attributes in token-authenticated API requests like ChangePassword and
// UpdateUserAttributes. As a best security practice and to keep users in sync
// with your external IdP, don't set passwords on federated user profiles. To
// set up a federated user for native sign-in with a linked native user, refer
// to Linking federated users to an existing user profile (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-identity-federation-consolidate-users.html).
//
// Amazon Cognito evaluates Identity and Access Management (IAM) policies in
// requests for this API operation. For this operation, you must use IAM credentials
// to authorize requests, and you must grant yourself the corresponding IAM
// permission in a policy.
//
// Learn more
//
//   - Signing Amazon Web Services API Requests (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html)
//
//   - Using the Amazon Cognito user pools API and user pool endpoints (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html)
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Amazon Cognito Identity Provider's
// API operation AdminSetUserPassword for usage and error information.
//
// Returned Error Types:
//
//   - ResourceNotFoundException
//     This exception is thrown when the Amazon Cognito service can't find the requested
//     resource.
//
//   - NotAuthorizedException
//     This exception is thrown when a user isn't authorized.
//
//   - UserNotFoundException
//     This exception is thrown when a user isn't found.
//
//   - InternalErrorException
//     This exception is thrown when Amazon Cognito encounters an internal error.
//
//   - TooManyRequestsException
//     This exception is thrown when the user has made too many requests for a given
//     operation.
//
//   - InvalidParameterException
//     This exception is thrown when the Amazon Cognito service encounters an invalid
//     parameter.
//
//   - InvalidPasswordException
//     This exception is thrown when Amazon Cognito encounters an invalid password.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AdminSetUserPassword
func (c *CognitoIdentityProvider) AdminSetUserPassword(input *AdminSetUserPasswordInput) (*AdminSetUserPasswordOutput, error) {
	req, out := c.AdminSetUserPasswordRequest(input)
	return out, req.Send()
}

// AdminSetUserPasswordWithContext is the same as AdminSetUserPassword with the addition of
// the ability to pass a context and additional request options.
//
// See AdminSetUserPassword for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) AdminSetUserPasswordWithContext(ctx aws.Context, input *AdminSetUserPasswordInput, opts ...request.Option) (*AdminSetUserPasswordOutput, error) {
	req, out := c.AdminSetUserPasswordRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opAdminSetUserSettings = "AdminSetUserSettings"

// AdminSetUserSettingsRequest generates a "aws/request.Request" representing the
// client's request for the AdminSetUserSettings operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See AdminSetUserSettings for more information on using the AdminSetUserSettings
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the AdminSetUserSettingsRequest method.
//	req, resp := client.AdminSetUserSettingsRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AdminSetUserSettings
func (c *CognitoIdentityProvider) AdminSetUserSettingsRequest(input *AdminSetUserSettingsInput) (req *request.Request, output *AdminSetUserSettingsOutput) {
	op := &request.Operation{
		Name:       opAdminSetUserSettings,
		HTTPMethod: "POST",
		HTTPPath:   "/",
	}

	if input == nil {
		input = &AdminSetUserSettingsInput{}
	}

	output = &AdminSetUserSettingsOutput{}
	req = c.newRequest(op, input, output)
	req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
	return
}

// AdminSetUserSettings API operation for Amazon Cognito Identity Provider.
//
// This action is no longer supported. You can use it to configure only SMS
// MFA. You can't use it to configure time-based one-time password (TOTP) software
// token MFA. To configure either type of MFA, use AdminSetUserMFAPreference
// (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminSetUserMFAPreference.html)
// instead.
//
// Amazon Cognito evaluates Identity and Access Management (IAM) policies in
// requests for this API operation. For this operation, you must use IAM credentials
// to authorize requests, and you must grant yourself the corresponding IAM
// permission in a policy.
//
// Learn more
//
//   - Signing Amazon Web Services API Requests (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html)
//
//   - Using the Amazon Cognito user pools API and user pool endpoints (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html)
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Amazon Cognito Identity Provider's
// API operation AdminSetUserSettings for usage and error information.
//
// Returned Error Types:
//
//   - ResourceNotFoundException
//     This exception is thrown when the Amazon Cognito service can't find the requested
//     resource.
//
//   - InvalidParameterException
//     This exception is thrown when the Amazon Cognito service encounters an invalid
//     parameter.
//
//   - NotAuthorizedException
//     This exception is thrown when a user isn't authorized.
//
//   - UserNotFoundException
//     This exception is thrown when a user isn't found.
//
//   - InternalErrorException
//     This exception is thrown when Amazon Cognito encounters an internal error.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AdminSetUserSettings
func (c *CognitoIdentityProvider) AdminSetUserSettings(input *AdminSetUserSettingsInput) (*AdminSetUserSettingsOutput, error) {
	req, out := c.AdminSetUserSettingsRequest(input)
	return out, req.Send()
}

// AdminSetUserSettingsWithContext is the same as AdminSetUserSettings with the addition of
// the ability to pass a context and additional request options.
//
// See AdminSetUserSettings for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) AdminSetUserSettingsWithContext(ctx aws.Context, input *AdminSetUserSettingsInput, opts ...request.Option) (*AdminSetUserSettingsOutput, error) {
	req, out := c.AdminSetUserSettingsRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opAdminUpdateAuthEventFeedback = "AdminUpdateAuthEventFeedback"

// AdminUpdateAuthEventFeedbackRequest generates a "aws/request.Request" representing the
// client's request for the AdminUpdateAuthEventFeedback operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See AdminUpdateAuthEventFeedback for more information on using the AdminUpdateAuthEventFeedback
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the AdminUpdateAuthEventFeedbackRequest method.
//	req, resp := client.AdminUpdateAuthEventFeedbackRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AdminUpdateAuthEventFeedback
func (c *CognitoIdentityProvider) AdminUpdateAuthEventFeedbackRequest(input *AdminUpdateAuthEventFeedbackInput) (req *request.Request, output *AdminUpdateAuthEventFeedbackOutput) {
	op := &request.Operation{
		Name:       opAdminUpdateAuthEventFeedback,
		HTTPMethod: "POST",
		HTTPPath:   "/",
	}

	if input == nil {
		input = &AdminUpdateAuthEventFeedbackInput{}
	}

	output = &AdminUpdateAuthEventFeedbackOutput{}
	req = c.newRequest(op, input, output)
	req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
	return
}

// AdminUpdateAuthEventFeedback API operation for Amazon Cognito Identity Provider.
//
// Provides feedback for an authentication event indicating if it was from a
// valid user. This feedback is used for improving the risk evaluation decision
// for the user pool as part of Amazon Cognito advanced security.
//
// Amazon Cognito evaluates Identity and Access Management (IAM) policies in
// requests for this API operation. For this operation, you must use IAM credentials
// to authorize requests, and you must grant yourself the corresponding IAM
// permission in a policy.
//
// Learn more
//
//   - Signing Amazon Web Services API Requests (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html)
//
//   - Using the Amazon Cognito user pools API and user pool endpoints (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html)
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Amazon Cognito Identity Provider's
// API operation AdminUpdateAuthEventFeedback for usage and error information.
//
// Returned Error Types:
//
//   - InvalidParameterException
//     This exception is thrown when the Amazon Cognito service encounters an invalid
//     parameter.
//
//   - ResourceNotFoundException
//     This exception is thrown when the Amazon Cognito service can't find the requested
//     resource.
//
//   - TooManyRequestsException
//     This exception is thrown when the user has made too many requests for a given
//     operation.
//
//   - NotAuthorizedException
//     This exception is thrown when a user isn't authorized.
//
//   - UserNotFoundException
//     This exception is thrown when a user isn't found.
//
//   - UserPoolAddOnNotEnabledException
//     This exception is thrown when user pool add-ons aren't enabled.
//
//   - InternalErrorException
//     This exception is thrown when Amazon Cognito encounters an internal error.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AdminUpdateAuthEventFeedback
func (c *CognitoIdentityProvider) AdminUpdateAuthEventFeedback(input *AdminUpdateAuthEventFeedbackInput) (*AdminUpdateAuthEventFeedbackOutput, error) {
	req, out := c.AdminUpdateAuthEventFeedbackRequest(input)
	return out, req.Send()
}

// AdminUpdateAuthEventFeedbackWithContext is the same as AdminUpdateAuthEventFeedback with the addition of
// the ability to pass a context and additional request options.
//
// See AdminUpdateAuthEventFeedback for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) AdminUpdateAuthEventFeedbackWithContext(ctx aws.Context, input *AdminUpdateAuthEventFeedbackInput, opts ...request.Option) (*AdminUpdateAuthEventFeedbackOutput, error) {
	req, out := c.AdminUpdateAuthEventFeedbackRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opAdminUpdateDeviceStatus = "AdminUpdateDeviceStatus"

// AdminUpdateDeviceStatusRequest generates a "aws/request.Request" representing the
// client's request for the AdminUpdateDeviceStatus operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See AdminUpdateDeviceStatus for more information on using the AdminUpdateDeviceStatus
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the AdminUpdateDeviceStatusRequest method.
//	req, resp := client.AdminUpdateDeviceStatusRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AdminUpdateDeviceStatus
func (c *CognitoIdentityProvider) AdminUpdateDeviceStatusRequest(input *AdminUpdateDeviceStatusInput) (req *request.Request, output *AdminUpdateDeviceStatusOutput) {
	op := &request.Operation{
		Name:       opAdminUpdateDeviceStatus,
		HTTPMethod: "POST",
		HTTPPath:   "/",
	}

	if input == nil {
		input = &AdminUpdateDeviceStatusInput{}
	}

	output = &AdminUpdateDeviceStatusOutput{}
	req = c.newRequest(op, input, output)
	req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
	return
}

// AdminUpdateDeviceStatus API operation for Amazon Cognito Identity Provider.
//
// Updates the device status as an administrator.
//
// Amazon Cognito evaluates Identity and Access Management (IAM) policies in
// requests for this API operation. For this operation, you must use IAM credentials
// to authorize requests, and you must grant yourself the corresponding IAM
// permission in a policy.
//
// Learn more
//
//   - Signing Amazon Web Services API Requests (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html)
//
//   - Using the Amazon Cognito user pools API and user pool endpoints (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html)
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Amazon Cognito Identity Provider's
// API operation AdminUpdateDeviceStatus for usage and error information.
//
// Returned Error Types:
//
//   - InvalidParameterException
//     This exception is thrown when the Amazon Cognito service encounters an invalid
//     parameter.
//
//   - ResourceNotFoundException
//     This exception is thrown when the Amazon Cognito service can't find the requested
//     resource.
//
//   - InvalidUserPoolConfigurationException
//     This exception is thrown when the user pool configuration is not valid.
//
//   - TooManyRequestsException
//     This exception is thrown when the user has made too many requests for a given
//     operation.
//
//   - NotAuthorizedException
//     This exception is thrown when a user isn't authorized.
//
//   - UserNotFoundException
//     This exception is thrown when a user isn't found.
//
//   - InternalErrorException
//     This exception is thrown when Amazon Cognito encounters an internal error.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AdminUpdateDeviceStatus
func (c *CognitoIdentityProvider) AdminUpdateDeviceStatus(input *AdminUpdateDeviceStatusInput) (*AdminUpdateDeviceStatusOutput, error) {
	req, out := c.AdminUpdateDeviceStatusRequest(input)
	return out, req.Send()
}

// AdminUpdateDeviceStatusWithContext is the same as AdminUpdateDeviceStatus with the addition of
// the ability to pass a context and additional request options.
//
// See AdminUpdateDeviceStatus for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) AdminUpdateDeviceStatusWithContext(ctx aws.Context, input *AdminUpdateDeviceStatusInput, opts ...request.Option) (*AdminUpdateDeviceStatusOutput, error) {
	req, out := c.AdminUpdateDeviceStatusRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opAdminUpdateUserAttributes = "AdminUpdateUserAttributes"

// AdminUpdateUserAttributesRequest generates a "aws/request.Request" representing the
// client's request for the AdminUpdateUserAttributes operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See AdminUpdateUserAttributes for more information on using the AdminUpdateUserAttributes
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the AdminUpdateUserAttributesRequest method.
//	req, resp := client.AdminUpdateUserAttributesRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AdminUpdateUserAttributes
func (c *CognitoIdentityProvider) AdminUpdateUserAttributesRequest(input *AdminUpdateUserAttributesInput) (req *request.Request, output *AdminUpdateUserAttributesOutput) {
	op := &request.Operation{
		Name:       opAdminUpdateUserAttributes,
		HTTPMethod: "POST",
		HTTPPath:   "/",
	}

	if input == nil {
		input = &AdminUpdateUserAttributesInput{}
	}

	output = &AdminUpdateUserAttributesOutput{}
	req = c.newRequest(op, input, output)
	req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
	return
}

// AdminUpdateUserAttributes API operation for Amazon Cognito Identity Provider.
//
// This action might generate an SMS text message. Starting June 1, 2021, US
// telecom carriers require you to register an origination phone number before
// you can send SMS messages to US phone numbers. If you use SMS text messages
// in Amazon Cognito, you must register a phone number with Amazon Pinpoint
// (https://console.aws.amazon.com/pinpoint/home/). Amazon Cognito uses the
// registered number automatically. Otherwise, Amazon Cognito users who must
// receive SMS messages might not be able to sign up, activate their accounts,
// or sign in.
//
// If you have never used SMS text messages with Amazon Cognito or any other
// Amazon Web Service, Amazon Simple Notification Service might place your account
// in the SMS sandbox. In sandbox mode (https://docs.aws.amazon.com/sns/latest/dg/sns-sms-sandbox.html)
// , you can send messages only to verified phone numbers. After you test your
// app while in the sandbox environment, you can move out of the sandbox and
// into production. For more information, see SMS message settings for Amazon
// Cognito user pools (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-sms-settings.html)
// in the Amazon Cognito Developer Guide.
//
// Updates the specified user's attributes, including developer attributes,
// as an administrator. Works on any user. To delete an attribute from your
// user, submit the attribute in your API request with a blank value.
//
// For custom attributes, you must prepend the custom: prefix to the attribute
// name.
//
// In addition to updating user attributes, this API can also be used to mark
// phone and email as verified.
//
// Amazon Cognito evaluates Identity and Access Management (IAM) policies in
// requests for this API operation. For this operation, you must use IAM credentials
// to authorize requests, and you must grant yourself the corresponding IAM
// permission in a policy.
//
// Learn more
//
//   - Signing Amazon Web Services API Requests (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html)
//
//   - Using the Amazon Cognito user pools API and user pool endpoints (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html)
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Amazon Cognito Identity Provider's
// API operation AdminUpdateUserAttributes for usage and error information.
//
// Returned Error Types:
//
//   - ResourceNotFoundException
//     This exception is thrown when the Amazon Cognito service can't find the requested
//     resource.
//
//   - InvalidParameterException
//     This exception is thrown when the Amazon Cognito service encounters an invalid
//     parameter.
//
//   - UnexpectedLambdaException
//     This exception is thrown when Amazon Cognito encounters an unexpected exception
//     with Lambda.
//
//   - UserLambdaValidationException
//     This exception is thrown when the Amazon Cognito service encounters a user
//     validation exception with the Lambda service.
//
//   - InvalidLambdaResponseException
//     This exception is thrown when Amazon Cognito encounters an invalid Lambda
//     response.
//
//   - AliasExistsException
//     This exception is thrown when a user tries to confirm the account with an
//     email address or phone number that has already been supplied as an alias
//     for a different user profile. This exception indicates that an account with
//     this email address or phone already exists in a user pool that you've configured
//     to use email address or phone number as a sign-in alias.
//
//   - TooManyRequestsException
//     This exception is thrown when the user has made too many requests for a given
//     operation.
//
//   - NotAuthorizedException
//     This exception is thrown when a user isn't authorized.
//
//   - UserNotFoundException
//     This exception is thrown when a user isn't found.
//
//   - InternalErrorException
//     This exception is thrown when Amazon Cognito encounters an internal error.
//
//   - InvalidSmsRoleAccessPolicyException
//     This exception is returned when the role provided for SMS configuration doesn't
//     have permission to publish using Amazon SNS.
//
//   - InvalidEmailRoleAccessPolicyException
//     This exception is thrown when Amazon Cognito isn't allowed to use your email
//     identity. HTTP status code: 400.
//
//   - InvalidSmsRoleTrustRelationshipException
//     This exception is thrown when the trust relationship is not valid for the
//     role provided for SMS configuration. This can happen if you don't trust cognito-idp.amazonaws.com
//     or the external ID provided in the role does not match what is provided in
//     the SMS configuration for the user pool.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AdminUpdateUserAttributes
func (c *CognitoIdentityProvider) AdminUpdateUserAttributes(input *AdminUpdateUserAttributesInput) (*AdminUpdateUserAttributesOutput, error) {
	req, out := c.AdminUpdateUserAttributesRequest(input)
	return out, req.Send()
}

// AdminUpdateUserAttributesWithContext is the same as AdminUpdateUserAttributes with the addition of
// the ability to pass a context and additional request options.
//
// See AdminUpdateUserAttributes for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) AdminUpdateUserAttributesWithContext(ctx aws.Context, input *AdminUpdateUserAttributesInput, opts ...request.Option) (*AdminUpdateUserAttributesOutput, error) {
	req, out := c.AdminUpdateUserAttributesRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opAdminUserGlobalSignOut = "AdminUserGlobalSignOut"

// AdminUserGlobalSignOutRequest generates a "aws/request.Request" representing the
// client's request for the AdminUserGlobalSignOut operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See AdminUserGlobalSignOut for more information on using the AdminUserGlobalSignOut
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the AdminUserGlobalSignOutRequest method.
//	req, resp := client.AdminUserGlobalSignOutRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AdminUserGlobalSignOut
func (c *CognitoIdentityProvider) AdminUserGlobalSignOutRequest(input *AdminUserGlobalSignOutInput) (req *request.Request, output *AdminUserGlobalSignOutOutput) {
	op := &request.Operation{
		Name:       opAdminUserGlobalSignOut,
		HTTPMethod: "POST",
		HTTPPath:   "/",
	}

	if input == nil {
		input = &AdminUserGlobalSignOutInput{}
	}

	output = &AdminUserGlobalSignOutOutput{}
	req = c.newRequest(op, input, output)
	req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
	return
}

// AdminUserGlobalSignOut API operation for Amazon Cognito Identity Provider.
//
// Invalidates the identity, access, and refresh tokens that Amazon Cognito
// issued to a user. Call this operation with your administrative credentials
// when your user signs out of your app. This results in the following behavior.
//
//   - Amazon Cognito no longer accepts token-authorized user operations that
//     you authorize with a signed-out user's access tokens. For more information,
//     see Using the Amazon Cognito user pools API and user pool endpoints (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html).
//     Amazon Cognito returns an Access Token has been revoked error when your
//     app attempts to authorize a user pools API request with a revoked access
//     token that contains the scope aws.cognito.signin.user.admin.
//
//   - Amazon Cognito no longer accepts a signed-out user's ID token in a GetId
//     (https://docs.aws.amazon.com/cognitoidentity/latest/APIReference/API_GetId.html)
//     request to an identity pool with ServerSideTokenCheck enabled for its
//     user pool IdP configuration in CognitoIdentityProvider (https://docs.aws.amazon.com/cognitoidentity/latest/APIReference/API_CognitoIdentityProvider.html).
//
//   - Amazon Cognito no longer accepts a signed-out user's refresh tokens
//     in refresh requests.
//
// Other requests might be valid until your user's token expires.
//
// Amazon Cognito evaluates Identity and Access Management (IAM) policies in
// requests for this API operation. For this operation, you must use IAM credentials
// to authorize requests, and you must grant yourself the corresponding IAM
// permission in a policy.
//
// Learn more
//
//   - Signing Amazon Web Services API Requests (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html)
//
//   - Using the Amazon Cognito user pools API and user pool endpoints (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html)
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Amazon Cognito Identity Provider's
// API operation AdminUserGlobalSignOut for usage and error information.
//
// Returned Error Types:
//
//   - ResourceNotFoundException
//     This exception is thrown when the Amazon Cognito service can't find the requested
//     resource.
//
//   - InvalidParameterException
//     This exception is thrown when the Amazon Cognito service encounters an invalid
//     parameter.
//
//   - TooManyRequestsException
//     This exception is thrown when the user has made too many requests for a given
//     operation.
//
//   - NotAuthorizedException
//     This exception is thrown when a user isn't authorized.
//
//   - UserNotFoundException
//     This exception is thrown when a user isn't found.
//
//   - InternalErrorException
//     This exception is thrown when Amazon Cognito encounters an internal error.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AdminUserGlobalSignOut
func (c *CognitoIdentityProvider) AdminUserGlobalSignOut(input *AdminUserGlobalSignOutInput) (*AdminUserGlobalSignOutOutput, error) {
	req, out := c.AdminUserGlobalSignOutRequest(input)
	return out, req.Send()
}

// AdminUserGlobalSignOutWithContext is the same as AdminUserGlobalSignOut with the addition of
// the ability to pass a context and additional request options.
//
// See AdminUserGlobalSignOut for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) AdminUserGlobalSignOutWithContext(ctx aws.Context, input *AdminUserGlobalSignOutInput, opts ...request.Option) (*AdminUserGlobalSignOutOutput, error) {
	req, out := c.AdminUserGlobalSignOutRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opAssociateSoftwareToken = "AssociateSoftwareToken"

// AssociateSoftwareTokenRequest generates a "aws/request.Request" representing the
// client's request for the AssociateSoftwareToken operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See AssociateSoftwareToken for more information on using the AssociateSoftwareToken
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the AssociateSoftwareTokenRequest method.
//	req, resp := client.AssociateSoftwareTokenRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AssociateSoftwareToken
func (c *CognitoIdentityProvider) AssociateSoftwareTokenRequest(input *AssociateSoftwareTokenInput) (req *request.Request, output *AssociateSoftwareTokenOutput) {
	op := &request.Operation{
		Name:       opAssociateSoftwareToken,
		HTTPMethod: "POST",
		HTTPPath:   "/",
	}

	if input == nil {
		input = &AssociateSoftwareTokenInput{}
	}

	output = &AssociateSoftwareTokenOutput{}
	req = c.newRequest(op, input, output)
	req.Config.Credentials = credentials.AnonymousCredentials
	return
}

// AssociateSoftwareToken API operation for Amazon Cognito Identity Provider.
//
// Begins setup of time-based one-time password (TOTP) multi-factor authentication
// (MFA) for a user, with a unique private key that Amazon Cognito generates
// and returns in the API response. You can authorize an AssociateSoftwareToken
// request with either the user's access token, or a session string from a challenge
// response that you received from Amazon Cognito.
//
// Amazon Cognito disassociates an existing software token when you verify the
// new token in a VerifySoftwareToken (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_VerifySoftwareToken.html)
// API request. If you don't verify the software token and your user pool doesn't
// require MFA, the user can then authenticate with user name and password credentials
// alone. If your user pool requires TOTP MFA, Amazon Cognito generates an MFA_SETUP
// or SOFTWARE_TOKEN_SETUP challenge each time your user signs. Complete setup
// with AssociateSoftwareToken and VerifySoftwareToken.
//
// After you set up software token MFA for your user, Amazon Cognito generates
// a SOFTWARE_TOKEN_MFA challenge when they authenticate. Respond to this challenge
// with your user's TOTP.
//
// Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies
// in requests for this API operation. For this operation, you can't use IAM
// credentials to authorize requests, and you can't grant IAM permissions in
// policies. For more information about authorization models in Amazon Cognito,
// see Using the Amazon Cognito native and OIDC APIs (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html).
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Amazon Cognito Identity Provider's
// API operation AssociateSoftwareToken for usage and error information.
//
// Returned Error Types:
//
//   - ConcurrentModificationException
//     This exception is thrown if two or more modifications are happening concurrently.
//
//   - InvalidParameterException
//     This exception is thrown when the Amazon Cognito service encounters an invalid
//     parameter.
//
//   - NotAuthorizedException
//     This exception is thrown when a user isn't authorized.
//
//   - ResourceNotFoundException
//     This exception is thrown when the Amazon Cognito service can't find the requested
//     resource.
//
//   - InternalErrorException
//     This exception is thrown when Amazon Cognito encounters an internal error.
//
//   - SoftwareTokenMFANotFoundException
//     This exception is thrown when the software token time-based one-time password
//     (TOTP) multi-factor authentication (MFA) isn't activated for the user pool.
//
//   - ForbiddenException
//     This exception is thrown when WAF doesn't allow your request based on a web
//     ACL that's associated with your user pool.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/AssociateSoftwareToken
func (c *CognitoIdentityProvider) AssociateSoftwareToken(input *AssociateSoftwareTokenInput) (*AssociateSoftwareTokenOutput, error) {
	req, out := c.AssociateSoftwareTokenRequest(input)
	return out, req.Send()
}

// AssociateSoftwareTokenWithContext is the same as AssociateSoftwareToken with the addition of
// the ability to pass a context and additional request options.
//
// See AssociateSoftwareToken for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) AssociateSoftwareTokenWithContext(ctx aws.Context, input *AssociateSoftwareTokenInput, opts ...request.Option) (*AssociateSoftwareTokenOutput, error) {
	req, out := c.AssociateSoftwareTokenRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opChangePassword = "ChangePassword"

// ChangePasswordRequest generates a "aws/request.Request" representing the
// client's request for the ChangePassword operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See ChangePassword for more information on using the ChangePassword
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the ChangePasswordRequest method.
//	req, resp := client.ChangePasswordRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/ChangePassword
func (c *CognitoIdentityProvider) ChangePasswordRequest(input *ChangePasswordInput) (req *request.Request, output *ChangePasswordOutput) {
	op := &request.Operation{
		Name:       opChangePassword,
		HTTPMethod: "POST",
		HTTPPath:   "/",
	}

	if input == nil {
		input = &ChangePasswordInput{}
	}

	output = &ChangePasswordOutput{}
	req = c.newRequest(op, input, output)
	req.Config.Credentials = credentials.AnonymousCredentials
	req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
	return
}

// ChangePassword API operation for Amazon Cognito Identity Provider.
//
// Changes the password for a specified user in a user pool.
//
// Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies
// in requests for this API operation. For this operation, you can't use IAM
// credentials to authorize requests, and you can't grant IAM permissions in
// policies. For more information about authorization models in Amazon Cognito,
// see Using the Amazon Cognito native and OIDC APIs (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html).
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Amazon Cognito Identity Provider's
// API operation ChangePassword for usage and error information.
//
// Returned Error Types:
//
//   - ResourceNotFoundException
//     This exception is thrown when the Amazon Cognito service can't find the requested
//     resource.
//
//   - InvalidParameterException
//     This exception is thrown when the Amazon Cognito service encounters an invalid
//     parameter.
//
//   - InvalidPasswordException
//     This exception is thrown when Amazon Cognito encounters an invalid password.
//
//   - NotAuthorizedException
//     This exception is thrown when a user isn't authorized.
//
//   - TooManyRequestsException
//     This exception is thrown when the user has made too many requests for a given
//     operation.
//
//   - LimitExceededException
//     This exception is thrown when a user exceeds the limit for a requested Amazon
//     Web Services resource.
//
//   - PasswordResetRequiredException
//     This exception is thrown when a password reset is required.
//
//   - UserNotFoundException
//     This exception is thrown when a user isn't found.
//
//   - UserNotConfirmedException
//     This exception is thrown when a user isn't confirmed successfully.
//
//   - InternalErrorException
//     This exception is thrown when Amazon Cognito encounters an internal error.
//
//   - ForbiddenException
//     This exception is thrown when WAF doesn't allow your request based on a web
//     ACL that's associated with your user pool.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/ChangePassword
func (c *CognitoIdentityProvider) ChangePassword(input *ChangePasswordInput) (*ChangePasswordOutput, error) {
	req, out := c.ChangePasswordRequest(input)
	return out, req.Send()
}

// ChangePasswordWithContext is the same as ChangePassword with the addition of
// the ability to pass a context and additional request options.
//
// See ChangePassword for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) ChangePasswordWithContext(ctx aws.Context, input *ChangePasswordInput, opts ...request.Option) (*ChangePasswordOutput, error) {
	req, out := c.ChangePasswordRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opConfirmDevice = "ConfirmDevice"

// ConfirmDeviceRequest generates a "aws/request.Request" representing the
// client's request for the ConfirmDevice operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See ConfirmDevice for more information on using the ConfirmDevice
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the ConfirmDeviceRequest method.
//	req, resp := client.ConfirmDeviceRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/ConfirmDevice
func (c *CognitoIdentityProvider) ConfirmDeviceRequest(input *ConfirmDeviceInput) (req *request.Request, output *ConfirmDeviceOutput) {
	op := &request.Operation{
		Name:       opConfirmDevice,
		HTTPMethod: "POST",
		HTTPPath:   "/",
	}

	if input == nil {
		input = &ConfirmDeviceInput{}
	}

	output = &ConfirmDeviceOutput{}
	req = c.newRequest(op, input, output)
	req.Config.Credentials = credentials.AnonymousCredentials
	return
}

// ConfirmDevice API operation for Amazon Cognito Identity Provider.
//
// Confirms tracking of the device. This API call is the call that begins device
// tracking.
//
// Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies
// in requests for this API operation. For this operation, you can't use IAM
// credentials to authorize requests, and you can't grant IAM permissions in
// policies. For more information about authorization models in Amazon Cognito,
// see Using the Amazon Cognito native and OIDC APIs (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html).
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Amazon Cognito Identity Provider's
// API operation ConfirmDevice for usage and error information.
//
// Returned Error Types:
//
//   - ResourceNotFoundException
//     This exception is thrown when the Amazon Cognito service can't find the requested
//     resource.
//
//   - InvalidParameterException
//     This exception is thrown when the Amazon Cognito service encounters an invalid
//     parameter.
//
//   - NotAuthorizedException
//     This exception is thrown when a user isn't authorized.
//
//   - InvalidPasswordException
//     This exception is thrown when Amazon Cognito encounters an invalid password.
//
//   - InvalidLambdaResponseException
//     This exception is thrown when Amazon Cognito encounters an invalid Lambda
//     response.
//
//   - UsernameExistsException
//     This exception is thrown when Amazon Cognito encounters a user name that
//     already exists in the user pool.
//
//   - InvalidUserPoolConfigurationException
//     This exception is thrown when the user pool configuration is not valid.
//
//   - TooManyRequestsException
//     This exception is thrown when the user has made too many requests for a given
//     operation.
//
//   - PasswordResetRequiredException
//     This exception is thrown when a password reset is required.
//
//   - UserNotFoundException
//     This exception is thrown when a user isn't found.
//
//   - UserNotConfirmedException
//     This exception is thrown when a user isn't confirmed successfully.
//
//   - InternalErrorException
//     This exception is thrown when Amazon Cognito encounters an internal error.
//
//   - ForbiddenException
//     This exception is thrown when WAF doesn't allow your request based on a web
//     ACL that's associated with your user pool.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/ConfirmDevice
func (c *CognitoIdentityProvider) ConfirmDevice(input *ConfirmDeviceInput) (*ConfirmDeviceOutput, error) {
	req, out := c.ConfirmDeviceRequest(input)
	return out, req.Send()
}

// ConfirmDeviceWithContext is the same as ConfirmDevice with the addition of
// the ability to pass a context and additional request options.
//
// See ConfirmDevice for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) ConfirmDeviceWithContext(ctx aws.Context, input *ConfirmDeviceInput, opts ...request.Option) (*ConfirmDeviceOutput, error) {
	req, out := c.ConfirmDeviceRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opConfirmForgotPassword = "ConfirmForgotPassword"

// ConfirmForgotPasswordRequest generates a "aws/request.Request" representing the
// client's request for the ConfirmForgotPassword operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See ConfirmForgotPassword for more information on using the ConfirmForgotPassword
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the ConfirmForgotPasswordRequest method.
//	req, resp := client.ConfirmForgotPasswordRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/ConfirmForgotPassword
func (c *CognitoIdentityProvider) ConfirmForgotPasswordRequest(input *ConfirmForgotPasswordInput) (req *request.Request, output *ConfirmForgotPasswordOutput) {
	op := &request.Operation{
		Name:       opConfirmForgotPassword,
		HTTPMethod: "POST",
		HTTPPath:   "/",
	}

	if input == nil {
		input = &ConfirmForgotPasswordInput{}
	}

	output = &ConfirmForgotPasswordOutput{}
	req = c.newRequest(op, input, output)
	req.Config.Credentials = credentials.AnonymousCredentials
	req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
	return
}

// ConfirmForgotPassword API operation for Amazon Cognito Identity Provider.
//
// Allows a user to enter a confirmation code to reset a forgotten password.
//
// Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies
// in requests for this API operation. For this operation, you can't use IAM
// credentials to authorize requests, and you can't grant IAM permissions in
// policies. For more information about authorization models in Amazon Cognito,
// see Using the Amazon Cognito native and OIDC APIs (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html).
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Amazon Cognito Identity Provider's
// API operation ConfirmForgotPassword for usage and error information.
//
// Returned Error Types:
//
//   - ResourceNotFoundException
//     This exception is thrown when the Amazon Cognito service can't find the requested
//     resource.
//
//   - UnexpectedLambdaException
//     This exception is thrown when Amazon Cognito encounters an unexpected exception
//     with Lambda.
//
//   - UserLambdaValidationException
//     This exception is thrown when the Amazon Cognito service encounters a user
//     validation exception with the Lambda service.
//
//   - InvalidParameterException
//     This exception is thrown when the Amazon Cognito service encounters an invalid
//     parameter.
//
//   - InvalidPasswordException
//     This exception is thrown when Amazon Cognito encounters an invalid password.
//
//   - NotAuthorizedException
//     This exception is thrown when a user isn't authorized.
//
//   - CodeMismatchException
//     This exception is thrown if the provided code doesn't match what the server
//     was expecting.
//
//   - ExpiredCodeException
//     This exception is thrown if a code has expired.
//
//   - TooManyFailedAttemptsException
//     This exception is thrown when the user has made too many failed attempts
//     for a given action, such as sign-in.
//
//   - InvalidLambdaResponseException
//     This exception is thrown when Amazon Cognito encounters an invalid Lambda
//     response.
//
//   - TooManyRequestsException
//     This exception is thrown when the user has made too many requests for a given
//     operation.
//
//   - LimitExceededException
//     This exception is thrown when a user exceeds the limit for a requested Amazon
//     Web Services resource.
//
//   - UserNotFoundException
//     This exception is thrown when a user isn't found.
//
//   - UserNotConfirmedException
//     This exception is thrown when a user isn't confirmed successfully.
//
//   - InternalErrorException
//     This exception is thrown when Amazon Cognito encounters an internal error.
//
//   - ForbiddenException
//     This exception is thrown when WAF doesn't allow your request based on a web
//     ACL that's associated with your user pool.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/ConfirmForgotPassword
func (c *CognitoIdentityProvider) ConfirmForgotPassword(input *ConfirmForgotPasswordInput) (*ConfirmForgotPasswordOutput, error) {
	req, out := c.ConfirmForgotPasswordRequest(input)
	return out, req.Send()
}

// ConfirmForgotPasswordWithContext is the same as ConfirmForgotPassword with the addition of
// the ability to pass a context and additional request options.
//
// See ConfirmForgotPassword for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) ConfirmForgotPasswordWithContext(ctx aws.Context, input *ConfirmForgotPasswordInput, opts ...request.Option) (*ConfirmForgotPasswordOutput, error) {
	req, out := c.ConfirmForgotPasswordRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opConfirmSignUp = "ConfirmSignUp"

// ConfirmSignUpRequest generates a "aws/request.Request" representing the
// client's request for the ConfirmSignUp operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See ConfirmSignUp for more information on using the ConfirmSignUp
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the ConfirmSignUpRequest method.
//	req, resp := client.ConfirmSignUpRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/ConfirmSignUp
func (c *CognitoIdentityProvider) ConfirmSignUpRequest(input *ConfirmSignUpInput) (req *request.Request, output *ConfirmSignUpOutput) {
	op := &request.Operation{
		Name:       opConfirmSignUp,
		HTTPMethod: "POST",
		HTTPPath:   "/",
	}

	if input == nil {
		input = &ConfirmSignUpInput{}
	}

	output = &ConfirmSignUpOutput{}
	req = c.newRequest(op, input, output)
	req.Config.Credentials = credentials.AnonymousCredentials
	req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
	return
}

// ConfirmSignUp API operation for Amazon Cognito Identity Provider.
//
// This public API operation provides a code that Amazon Cognito sent to your
// user when they signed up in your user pool via the SignUp (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_SignUp.html)
// API operation. After your user enters their code, they confirm ownership
// of the email address or phone number that they provided, and their user account
// becomes active. Depending on your user pool configuration, your users will
// receive their confirmation code in an email or SMS message.
//
// Local users who signed up in your user pool are the only type of user who
// can confirm sign-up with a code. Users who federate through an external identity
// provider (IdP) have already been confirmed by their IdP. Administrator-created
// users, users created with the AdminCreateUser (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminCreateUser.html)
// API operation, confirm their accounts when they respond to their invitation
// email message and choose a password. They do not receive a confirmation code.
// Instead, they receive a temporary password.
//
// Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies
// in requests for this API operation. For this operation, you can't use IAM
// credentials to authorize requests, and you can't grant IAM permissions in
// policies. For more information about authorization models in Amazon Cognito,
// see Using the Amazon Cognito native and OIDC APIs (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html).
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Amazon Cognito Identity Provider's
// API operation ConfirmSignUp for usage and error information.
//
// Returned Error Types:
//
//   - ResourceNotFoundException
//     This exception is thrown when the Amazon Cognito service can't find the requested
//     resource.
//
//   - InvalidParameterException
//     This exception is thrown when the Amazon Cognito service encounters an invalid
//     parameter.
//
//   - UnexpectedLambdaException
//     This exception is thrown when Amazon Cognito encounters an unexpected exception
//     with Lambda.
//
//   - UserLambdaValidationException
//     This exception is thrown when the Amazon Cognito service encounters a user
//     validation exception with the Lambda service.
//
//   - NotAuthorizedException
//     This exception is thrown when a user isn't authorized.
//
//   - TooManyFailedAttemptsException
//     This exception is thrown when the user has made too many failed attempts
//     for a given action, such as sign-in.
//
//   - CodeMismatchException
//     This exception is thrown if the provided code doesn't match what the server
//     was expecting.
//
//   - ExpiredCodeException
//     This exception is thrown if a code has expired.
//
//   - InvalidLambdaResponseException
//     This exception is thrown when Amazon Cognito encounters an invalid Lambda
//     response.
//
//   - AliasExistsException
//     This exception is thrown when a user tries to confirm the account with an
//     email address or phone number that has already been supplied as an alias
//     for a different user profile. This exception indicates that an account with
//     this email address or phone already exists in a user pool that you've configured
//     to use email address or phone number as a sign-in alias.
//
//   - TooManyRequestsException
//     This exception is thrown when the user has made too many requests for a given
//     operation.
//
//   - LimitExceededException
//     This exception is thrown when a user exceeds the limit for a requested Amazon
//     Web Services resource.
//
//   - UserNotFoundException
//     This exception is thrown when a user isn't found.
//
//   - InternalErrorException
//     This exception is thrown when Amazon Cognito encounters an internal error.
//
//   - ForbiddenException
//     This exception is thrown when WAF doesn't allow your request based on a web
//     ACL that's associated with your user pool.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/ConfirmSignUp
func (c *CognitoIdentityProvider) ConfirmSignUp(input *ConfirmSignUpInput) (*ConfirmSignUpOutput, error) {
	req, out := c.ConfirmSignUpRequest(input)
	return out, req.Send()
}

// ConfirmSignUpWithContext is the same as ConfirmSignUp with the addition of
// the ability to pass a context and additional request options.
//
// See ConfirmSignUp for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) ConfirmSignUpWithContext(ctx aws.Context, input *ConfirmSignUpInput, opts ...request.Option) (*ConfirmSignUpOutput, error) {
	req, out := c.ConfirmSignUpRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opCreateGroup = "CreateGroup"

// CreateGroupRequest generates a "aws/request.Request" representing the
// client's request for the CreateGroup operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See CreateGroup for more information on using the CreateGroup
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the CreateGroupRequest method.
//	req, resp := client.CreateGroupRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/CreateGroup
func (c *CognitoIdentityProvider) CreateGroupRequest(input *CreateGroupInput) (req *request.Request, output *CreateGroupOutput) {
	op := &request.Operation{
		Name:       opCreateGroup,
		HTTPMethod: "POST",
		HTTPPath:   "/",
	}

	if input == nil {
		input = &CreateGroupInput{}
	}

	output = &CreateGroupOutput{}
	req = c.newRequest(op, input, output)
	return
}

// CreateGroup API operation for Amazon Cognito Identity Provider.
//
// Creates a new group in the specified user pool.
//
// Amazon Cognito evaluates Identity and Access Management (IAM) policies in
// requests for this API operation. For this operation, you must use IAM credentials
// to authorize requests, and you must grant yourself the corresponding IAM
// permission in a policy.
//
// Learn more
//
//   - Signing Amazon Web Services API Requests (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html)
//
//   - Using the Amazon Cognito user pools API and user pool endpoints (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html)
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Amazon Cognito Identity Provider's
// API operation CreateGroup for usage and error information.
//
// Returned Error Types:
//
//   - InvalidParameterException
//     This exception is thrown when the Amazon Cognito service encounters an invalid
//     parameter.
//
//   - GroupExistsException
//     This exception is thrown when Amazon Cognito encounters a group that already
//     exists in the user pool.
//
//   - ResourceNotFoundException
//     This exception is thrown when the Amazon Cognito service can't find the requested
//     resource.
//
//   - TooManyRequestsException
//     This exception is thrown when the user has made too many requests for a given
//     operation.
//
//   - LimitExceededException
//     This exception is thrown when a user exceeds the limit for a requested Amazon
//     Web Services resource.
//
//   - NotAuthorizedException
//     This exception is thrown when a user isn't authorized.
//
//   - InternalErrorException
//     This exception is thrown when Amazon Cognito encounters an internal error.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/CreateGroup
func (c *CognitoIdentityProvider) CreateGroup(input *CreateGroupInput) (*CreateGroupOutput, error) {
	req, out := c.CreateGroupRequest(input)
	return out, req.Send()
}

// CreateGroupWithContext is the same as CreateGroup with the addition of
// the ability to pass a context and additional request options.
//
// See CreateGroup for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) CreateGroupWithContext(ctx aws.Context, input *CreateGroupInput, opts ...request.Option) (*CreateGroupOutput, error) {
	req, out := c.CreateGroupRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opCreateIdentityProvider = "CreateIdentityProvider"

// CreateIdentityProviderRequest generates a "aws/request.Request" representing the
// client's request for the CreateIdentityProvider operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See CreateIdentityProvider for more information on using the CreateIdentityProvider
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the CreateIdentityProviderRequest method.
//	req, resp := client.CreateIdentityProviderRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/CreateIdentityProvider
func (c *CognitoIdentityProvider) CreateIdentityProviderRequest(input *CreateIdentityProviderInput) (req *request.Request, output *CreateIdentityProviderOutput) {
	op := &request.Operation{
		Name:       opCreateIdentityProvider,
		HTTPMethod: "POST",
		HTTPPath:   "/",
	}

	if input == nil {
		input = &CreateIdentityProviderInput{}
	}

	output = &CreateIdentityProviderOutput{}
	req = c.newRequest(op, input, output)
	return
}

// CreateIdentityProvider API operation for Amazon Cognito Identity Provider.
//
// Creates an IdP for a user pool.
//
// Amazon Cognito evaluates Identity and Access Management (IAM) policies in
// requests for this API operation. For this operation, you must use IAM credentials
// to authorize requests, and you must grant yourself the corresponding IAM
// permission in a policy.
//
// Learn more
//
//   - Signing Amazon Web Services API Requests (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html)
//
//   - Using the Amazon Cognito user pools API and user pool endpoints (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html)
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Amazon Cognito Identity Provider's
// API operation CreateIdentityProvider for usage and error information.
//
// Returned Error Types:
//
//   - InvalidParameterException
//     This exception is thrown when the Amazon Cognito service encounters an invalid
//     parameter.
//
//   - DuplicateProviderException
//     This exception is thrown when the provider is already supported by the user
//     pool.
//
//   - ResourceNotFoundException
//     This exception is thrown when the Amazon Cognito service can't find the requested
//     resource.
//
//   - NotAuthorizedException
//     This exception is thrown when a user isn't authorized.
//
//   - TooManyRequestsException
//     This exception is thrown when the user has made too many requests for a given
//     operation.
//
//   - LimitExceededException
//     This exception is thrown when a user exceeds the limit for a requested Amazon
//     Web Services resource.
//
//   - InternalErrorException
//     This exception is thrown when Amazon Cognito encounters an internal error.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/CreateIdentityProvider
func (c *CognitoIdentityProvider) CreateIdentityProvider(input *CreateIdentityProviderInput) (*CreateIdentityProviderOutput, error) {
	req, out := c.CreateIdentityProviderRequest(input)
	return out, req.Send()
}

// CreateIdentityProviderWithContext is the same as CreateIdentityProvider with the addition of
// the ability to pass a context and additional request options.
//
// See CreateIdentityProvider for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) CreateIdentityProviderWithContext(ctx aws.Context, input *CreateIdentityProviderInput, opts ...request.Option) (*CreateIdentityProviderOutput, error) {
	req, out := c.CreateIdentityProviderRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opCreateResourceServer = "CreateResourceServer"

// CreateResourceServerRequest generates a "aws/request.Request" representing the
// client's request for the CreateResourceServer operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See CreateResourceServer for more information on using the CreateResourceServer
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the CreateResourceServerRequest method.
//	req, resp := client.CreateResourceServerRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/CreateResourceServer
func (c *CognitoIdentityProvider) CreateResourceServerRequest(input *CreateResourceServerInput) (req *request.Request, output *CreateResourceServerOutput) {
	op := &request.Operation{
		Name:       opCreateResourceServer,
		HTTPMethod: "POST",
		HTTPPath:   "/",
	}

	if input == nil {
		input = &CreateResourceServerInput{}
	}

	output = &CreateResourceServerOutput{}
	req = c.newRequest(op, input, output)
	return
}

// CreateResourceServer API operation for Amazon Cognito Identity Provider.
//
// Creates a new OAuth2.0 resource server and defines custom scopes within it.
//
// Amazon Cognito evaluates Identity and Access Management (IAM) policies in
// requests for this API operation. For this operation, you must use IAM credentials
// to authorize requests, and you must grant yourself the corresponding IAM
// permission in a policy.
//
// Learn more
//
//   - Signing Amazon Web Services API Requests (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html)
//
//   - Using the Amazon Cognito user pools API and user pool endpoints (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html)
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Amazon Cognito Identity Provider's
// API operation CreateResourceServer for usage and error information.
//
// Returned Error Types:
//
//   - InvalidParameterException
//     This exception is thrown when the Amazon Cognito service encounters an invalid
//     parameter.
//
//   - ResourceNotFoundException
//     This exception is thrown when the Amazon Cognito service can't find the requested
//     resource.
//
//   - NotAuthorizedException
//     This exception is thrown when a user isn't authorized.
//
//   - TooManyRequestsException
//     This exception is thrown when the user has made too many requests for a given
//     operation.
//
//   - LimitExceededException
//     This exception is thrown when a user exceeds the limit for a requested Amazon
//     Web Services resource.
//
//   - InternalErrorException
//     This exception is thrown when Amazon Cognito encounters an internal error.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/CreateResourceServer
func (c *CognitoIdentityProvider) CreateResourceServer(input *CreateResourceServerInput) (*CreateResourceServerOutput, error) {
	req, out := c.CreateResourceServerRequest(input)
	return out, req.Send()
}

// CreateResourceServerWithContext is the same as CreateResourceServer with the addition of
// the ability to pass a context and additional request options.
//
// See CreateResourceServer for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) CreateResourceServerWithContext(ctx aws.Context, input *CreateResourceServerInput, opts ...request.Option) (*CreateResourceServerOutput, error) {
	req, out := c.CreateResourceServerRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opCreateUserImportJob = "CreateUserImportJob"

// CreateUserImportJobRequest generates a "aws/request.Request" representing the
// client's request for the CreateUserImportJob operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See CreateUserImportJob for more information on using the CreateUserImportJob
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the CreateUserImportJobRequest method.
//	req, resp := client.CreateUserImportJobRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/CreateUserImportJob
func (c *CognitoIdentityProvider) CreateUserImportJobRequest(input *CreateUserImportJobInput) (req *request.Request, output *CreateUserImportJobOutput) {
	op := &request.Operation{
		Name:       opCreateUserImportJob,
		HTTPMethod: "POST",
		HTTPPath:   "/",
	}

	if input == nil {
		input = &CreateUserImportJobInput{}
	}

	output = &CreateUserImportJobOutput{}
	req = c.newRequest(op, input, output)
	return
}

// CreateUserImportJob API operation for Amazon Cognito Identity Provider.
//
// Creates a user import job.
//
// Amazon Cognito evaluates Identity and Access Management (IAM) policies in
// requests for this API operation. For this operation, you must use IAM credentials
// to authorize requests, and you must grant yourself the corresponding IAM
// permission in a policy.
//
// Learn more
//
//   - Signing Amazon Web Services API Requests (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html)
//
//   - Using the Amazon Cognito user pools API and user pool endpoints (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html)
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Amazon Cognito Identity Provider's
// API operation CreateUserImportJob for usage and error information.
//
// Returned Error Types:
//
//   - ResourceNotFoundException
//     This exception is thrown when the Amazon Cognito service can't find the requested
//     resource.
//
//   - InvalidParameterException
//     This exception is thrown when the Amazon Cognito service encounters an invalid
//     parameter.
//
//   - TooManyRequestsException
//     This exception is thrown when the user has made too many requests for a given
//     operation.
//
//   - PreconditionNotMetException
//     This exception is thrown when a precondition is not met.
//
//   - NotAuthorizedException
//     This exception is thrown when a user isn't authorized.
//
//   - LimitExceededException
//     This exception is thrown when a user exceeds the limit for a requested Amazon
//     Web Services resource.
//
//   - InternalErrorException
//     This exception is thrown when Amazon Cognito encounters an internal error.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/CreateUserImportJob
func (c *CognitoIdentityProvider) CreateUserImportJob(input *CreateUserImportJobInput) (*CreateUserImportJobOutput, error) {
	req, out := c.CreateUserImportJobRequest(input)
	return out, req.Send()
}

// CreateUserImportJobWithContext is the same as CreateUserImportJob with the addition of
// the ability to pass a context and additional request options.
//
// See CreateUserImportJob for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) CreateUserImportJobWithContext(ctx aws.Context, input *CreateUserImportJobInput, opts ...request.Option) (*CreateUserImportJobOutput, error) {
	req, out := c.CreateUserImportJobRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opCreateUserPool = "CreateUserPool"

// CreateUserPoolRequest generates a "aws/request.Request" representing the
// client's request for the CreateUserPool operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See CreateUserPool for more information on using the CreateUserPool
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the CreateUserPoolRequest method.
//	req, resp := client.CreateUserPoolRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/CreateUserPool
func (c *CognitoIdentityProvider) CreateUserPoolRequest(input *CreateUserPoolInput) (req *request.Request, output *CreateUserPoolOutput) {
	op := &request.Operation{
		Name:       opCreateUserPool,
		HTTPMethod: "POST",
		HTTPPath:   "/",
	}

	if input == nil {
		input = &CreateUserPoolInput{}
	}

	output = &CreateUserPoolOutput{}
	req = c.newRequest(op, input, output)
	return
}

// CreateUserPool API operation for Amazon Cognito Identity Provider.
//
// This action might generate an SMS text message. Starting June 1, 2021, US
// telecom carriers require you to register an origination phone number before
// you can send SMS messages to US phone numbers. If you use SMS text messages
// in Amazon Cognito, you must register a phone number with Amazon Pinpoint
// (https://console.aws.amazon.com/pinpoint/home/). Amazon Cognito uses the
// registered number automatically. Otherwise, Amazon Cognito users who must
// receive SMS messages might not be able to sign up, activate their accounts,
// or sign in.
//
// If you have never used SMS text messages with Amazon Cognito or any other
// Amazon Web Service, Amazon Simple Notification Service might place your account
// in the SMS sandbox. In sandbox mode (https://docs.aws.amazon.com/sns/latest/dg/sns-sms-sandbox.html)
// , you can send messages only to verified phone numbers. After you test your
// app while in the sandbox environment, you can move out of the sandbox and
// into production. For more information, see SMS message settings for Amazon
// Cognito user pools (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-sms-settings.html)
// in the Amazon Cognito Developer Guide.
//
// Creates a new Amazon Cognito user pool and sets the password policy for the
// pool.
//
// If you don't provide a value for an attribute, Amazon Cognito sets it to
// its default value.
//
// Amazon Cognito evaluates Identity and Access Management (IAM) policies in
// requests for this API operation. For this operation, you must use IAM credentials
// to authorize requests, and you must grant yourself the corresponding IAM
// permission in a policy.
//
// Learn more
//
//   - Signing Amazon Web Services API Requests (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html)
//
//   - Using the Amazon Cognito user pools API and user pool endpoints (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html)
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Amazon Cognito Identity Provider's
// API operation CreateUserPool for usage and error information.
//
// Returned Error Types:
//
//   - InvalidParameterException
//     This exception is thrown when the Amazon Cognito service encounters an invalid
//     parameter.
//
//   - TooManyRequestsException
//     This exception is thrown when the user has made too many requests for a given
//     operation.
//
//   - LimitExceededException
//     This exception is thrown when a user exceeds the limit for a requested Amazon
//     Web Services resource.
//
//   - InvalidSmsRoleAccessPolicyException
//     This exception is returned when the role provided for SMS configuration doesn't
//     have permission to publish using Amazon SNS.
//
//   - InvalidSmsRoleTrustRelationshipException
//     This exception is thrown when the trust relationship is not valid for the
//     role provided for SMS configuration. This can happen if you don't trust cognito-idp.amazonaws.com
//     or the external ID provided in the role does not match what is provided in
//     the SMS configuration for the user pool.
//
//   - InvalidEmailRoleAccessPolicyException
//     This exception is thrown when Amazon Cognito isn't allowed to use your email
//     identity. HTTP status code: 400.
//
//   - NotAuthorizedException
//     This exception is thrown when a user isn't authorized.
//
//   - UserPoolTaggingException
//     This exception is thrown when a user pool tag can't be set or updated.
//
//   - InternalErrorException
//     This exception is thrown when Amazon Cognito encounters an internal error.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/CreateUserPool
func (c *CognitoIdentityProvider) CreateUserPool(input *CreateUserPoolInput) (*CreateUserPoolOutput, error) {
	req, out := c.CreateUserPoolRequest(input)
	return out, req.Send()
}

// CreateUserPoolWithContext is the same as CreateUserPool with the addition of
// the ability to pass a context and additional request options.
//
// See CreateUserPool for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) CreateUserPoolWithContext(ctx aws.Context, input *CreateUserPoolInput, opts ...request.Option) (*CreateUserPoolOutput, error) {
	req, out := c.CreateUserPoolRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opCreateUserPoolClient = "CreateUserPoolClient"

// CreateUserPoolClientRequest generates a "aws/request.Request" representing the
// client's request for the CreateUserPoolClient operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See CreateUserPoolClient for more information on using the CreateUserPoolClient
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the CreateUserPoolClientRequest method.
//	req, resp := client.CreateUserPoolClientRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/CreateUserPoolClient
func (c *CognitoIdentityProvider) CreateUserPoolClientRequest(input *CreateUserPoolClientInput) (req *request.Request, output *CreateUserPoolClientOutput) {
	op := &request.Operation{
		Name:       opCreateUserPoolClient,
		HTTPMethod: "POST",
		HTTPPath:   "/",
	}

	if input == nil {
		input = &CreateUserPoolClientInput{}
	}

	output = &CreateUserPoolClientOutput{}
	req = c.newRequest(op, input, output)
	return
}

// CreateUserPoolClient API operation for Amazon Cognito Identity Provider.
//
// Creates the user pool client.
//
// When you create a new user pool client, token revocation is automatically
// activated. For more information about revoking tokens, see RevokeToken (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_RevokeToken.html).
//
// If you don't provide a value for an attribute, Amazon Cognito sets it to
// its default value.
//
// Amazon Cognito evaluates Identity and Access Management (IAM) policies in
// requests for this API operation. For this operation, you must use IAM credentials
// to authorize requests, and you must grant yourself the corresponding IAM
// permission in a policy.
//
// Learn more
//
//   - Signing Amazon Web Services API Requests (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html)
//
//   - Using the Amazon Cognito user pools API and user pool endpoints (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html)
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Amazon Cognito Identity Provider's
// API operation CreateUserPoolClient for usage and error information.
//
// Returned Error Types:
//
//   - InvalidParameterException
//     This exception is thrown when the Amazon Cognito service encounters an invalid
//     parameter.
//
//   - ResourceNotFoundException
//     This exception is thrown when the Amazon Cognito service can't find the requested
//     resource.
//
//   - TooManyRequestsException
//     This exception is thrown when the user has made too many requests for a given
//     operation.
//
//   - LimitExceededException
//     This exception is thrown when a user exceeds the limit for a requested Amazon
//     Web Services resource.
//
//   - NotAuthorizedException
//     This exception is thrown when a user isn't authorized.
//
//   - ScopeDoesNotExistException
//     This exception is thrown when the specified scope doesn't exist.
//
//   - InvalidOAuthFlowException
//     This exception is thrown when the specified OAuth flow is not valid.
//
//   - InternalErrorException
//     This exception is thrown when Amazon Cognito encounters an internal error.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/CreateUserPoolClient
func (c *CognitoIdentityProvider) CreateUserPoolClient(input *CreateUserPoolClientInput) (*CreateUserPoolClientOutput, error) {
	req, out := c.CreateUserPoolClientRequest(input)
	return out, req.Send()
}

// CreateUserPoolClientWithContext is the same as CreateUserPoolClient with the addition of
// the ability to pass a context and additional request options.
//
// See CreateUserPoolClient for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) CreateUserPoolClientWithContext(ctx aws.Context, input *CreateUserPoolClientInput, opts ...request.Option) (*CreateUserPoolClientOutput, error) {
	req, out := c.CreateUserPoolClientRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opCreateUserPoolDomain = "CreateUserPoolDomain"

// CreateUserPoolDomainRequest generates a "aws/request.Request" representing the
// client's request for the CreateUserPoolDomain operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See CreateUserPoolDomain for more information on using the CreateUserPoolDomain
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the CreateUserPoolDomainRequest method.
//	req, resp := client.CreateUserPoolDomainRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/CreateUserPoolDomain
func (c *CognitoIdentityProvider) CreateUserPoolDomainRequest(input *CreateUserPoolDomainInput) (req *request.Request, output *CreateUserPoolDomainOutput) {
	op := &request.Operation{
		Name:       opCreateUserPoolDomain,
		HTTPMethod: "POST",
		HTTPPath:   "/",
	}

	if input == nil {
		input = &CreateUserPoolDomainInput{}
	}

	output = &CreateUserPoolDomainOutput{}
	req = c.newRequest(op, input, output)
	return
}

// CreateUserPoolDomain API operation for Amazon Cognito Identity Provider.
//
// Creates a new domain for a user pool.
//
// Amazon Cognito evaluates Identity and Access Management (IAM) policies in
// requests for this API operation. For this operation, you must use IAM credentials
// to authorize requests, and you must grant yourself the corresponding IAM
// permission in a policy.
//
// Learn more
//
//   - Signing Amazon Web Services API Requests (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html)
//
//   - Using the Amazon Cognito user pools API and user pool endpoints (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html)
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Amazon Cognito Identity Provider's
// API operation CreateUserPoolDomain for usage and error information.
//
// Returned Error Types:
//
//   - InvalidParameterException
//     This exception is thrown when the Amazon Cognito service encounters an invalid
//     parameter.
//
//   - NotAuthorizedException
//     This exception is thrown when a user isn't authorized.
//
//   - ResourceNotFoundException
//     This exception is thrown when the Amazon Cognito service can't find the requested
//     resource.
//
//   - LimitExceededException
//     This exception is thrown when a user exceeds the limit for a requested Amazon
//     Web Services resource.
//
//   - InternalErrorException
//     This exception is thrown when Amazon Cognito encounters an internal error.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/CreateUserPoolDomain
func (c *CognitoIdentityProvider) CreateUserPoolDomain(input *CreateUserPoolDomainInput) (*CreateUserPoolDomainOutput, error) {
	req, out := c.CreateUserPoolDomainRequest(input)
	return out, req.Send()
}

// CreateUserPoolDomainWithContext is the same as CreateUserPoolDomain with the addition of
// the ability to pass a context and additional request options.
//
// See CreateUserPoolDomain for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) CreateUserPoolDomainWithContext(ctx aws.Context, input *CreateUserPoolDomainInput, opts ...request.Option) (*CreateUserPoolDomainOutput, error) {
	req, out := c.CreateUserPoolDomainRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opDeleteGroup = "DeleteGroup"

// DeleteGroupRequest generates a "aws/request.Request" representing the
// client's request for the DeleteGroup operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See DeleteGroup for more information on using the DeleteGroup
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the DeleteGroupRequest method.
//	req, resp := client.DeleteGroupRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/DeleteGroup
func (c *CognitoIdentityProvider) DeleteGroupRequest(input *DeleteGroupInput) (req *request.Request, output *DeleteGroupOutput) {
	op := &request.Operation{
		Name:       opDeleteGroup,
		HTTPMethod: "POST",
		HTTPPath:   "/",
	}

	if input == nil {
		input = &DeleteGroupInput{}
	}

	output = &DeleteGroupOutput{}
	req = c.newRequest(op, input, output)
	req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
	return
}

// DeleteGroup API operation for Amazon Cognito Identity Provider.
//
// Deletes a group.
//
// Calling this action requires developer credentials.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Amazon Cognito Identity Provider's
// API operation DeleteGroup for usage and error information.
//
// Returned Error Types:
//
//   - ResourceNotFoundException
//     This exception is thrown when the Amazon Cognito service can't find the requested
//     resource.
//
//   - InvalidParameterException
//     This exception is thrown when the Amazon Cognito service encounters an invalid
//     parameter.
//
//   - TooManyRequestsException
//     This exception is thrown when the user has made too many requests for a given
//     operation.
//
//   - NotAuthorizedException
//     This exception is thrown when a user isn't authorized.
//
//   - InternalErrorException
//     This exception is thrown when Amazon Cognito encounters an internal error.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/DeleteGroup
func (c *CognitoIdentityProvider) DeleteGroup(input *DeleteGroupInput) (*DeleteGroupOutput, error) {
	req, out := c.DeleteGroupRequest(input)
	return out, req.Send()
}

// DeleteGroupWithContext is the same as DeleteGroup with the addition of
// the ability to pass a context and additional request options.
//
// See DeleteGroup for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) DeleteGroupWithContext(ctx aws.Context, input *DeleteGroupInput, opts ...request.Option) (*DeleteGroupOutput, error) {
	req, out := c.DeleteGroupRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opDeleteIdentityProvider = "DeleteIdentityProvider"

// DeleteIdentityProviderRequest generates a "aws/request.Request" representing the
// client's request for the DeleteIdentityProvider operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See DeleteIdentityProvider for more information on using the DeleteIdentityProvider
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the DeleteIdentityProviderRequest method.
//	req, resp := client.DeleteIdentityProviderRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/DeleteIdentityProvider
func (c *CognitoIdentityProvider) DeleteIdentityProviderRequest(input *DeleteIdentityProviderInput) (req *request.Request, output *DeleteIdentityProviderOutput) {
	op := &request.Operation{
		Name:       opDeleteIdentityProvider,
		HTTPMethod: "POST",
		HTTPPath:   "/",
	}

	if input == nil {
		input = &DeleteIdentityProviderInput{}
	}

	output = &DeleteIdentityProviderOutput{}
	req = c.newRequest(op, input, output)
	req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
	return
}

// DeleteIdentityProvider API operation for Amazon Cognito Identity Provider.
//
// Deletes an IdP for a user pool.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Amazon Cognito Identity Provider's
// API operation DeleteIdentityProvider for usage and error information.
//
// Returned Error Types:
//
//   - InvalidParameterException
//     This exception is thrown when the Amazon Cognito service encounters an invalid
//     parameter.
//
//   - UnsupportedIdentityProviderException
//     This exception is thrown when the specified identifier isn't supported.
//
//   - ConcurrentModificationException
//     This exception is thrown if two or more modifications are happening concurrently.
//
//   - ResourceNotFoundException
//     This exception is thrown when the Amazon Cognito service can't find the requested
//     resource.
//
//   - NotAuthorizedException
//     This exception is thrown when a user isn't authorized.
//
//   - TooManyRequestsException
//     This exception is thrown when the user has made too many requests for a given
//     operation.
//
//   - InternalErrorException
//     This exception is thrown when Amazon Cognito encounters an internal error.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/DeleteIdentityProvider
func (c *CognitoIdentityProvider) DeleteIdentityProvider(input *DeleteIdentityProviderInput) (*DeleteIdentityProviderOutput, error) {
	req, out := c.DeleteIdentityProviderRequest(input)
	return out, req.Send()
}

// DeleteIdentityProviderWithContext is the same as DeleteIdentityProvider with the addition of
// the ability to pass a context and additional request options.
//
// See DeleteIdentityProvider for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) DeleteIdentityProviderWithContext(ctx aws.Context, input *DeleteIdentityProviderInput, opts ...request.Option) (*DeleteIdentityProviderOutput, error) {
	req, out := c.DeleteIdentityProviderRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opDeleteResourceServer = "DeleteResourceServer"

// DeleteResourceServerRequest generates a "aws/request.Request" representing the
// client's request for the DeleteResourceServer operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See DeleteResourceServer for more information on using the DeleteResourceServer
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the DeleteResourceServerRequest method.
//	req, resp := client.DeleteResourceServerRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/DeleteResourceServer
func (c *CognitoIdentityProvider) DeleteResourceServerRequest(input *DeleteResourceServerInput) (req *request.Request, output *DeleteResourceServerOutput) {
	op := &request.Operation{
		Name:       opDeleteResourceServer,
		HTTPMethod: "POST",
		HTTPPath:   "/",
	}

	if input == nil {
		input = &DeleteResourceServerInput{}
	}

	output = &DeleteResourceServerOutput{}
	req = c.newRequest(op, input, output)
	req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
	return
}

// DeleteResourceServer API operation for Amazon Cognito Identity Provider.
//
// Deletes a resource server.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Amazon Cognito Identity Provider's
// API operation DeleteResourceServer for usage and error information.
//
// Returned Error Types:
//
//   - InvalidParameterException
//     This exception is thrown when the Amazon Cognito service encounters an invalid
//     parameter.
//
//   - ResourceNotFoundException
//     This exception is thrown when the Amazon Cognito service can't find the requested
//     resource.
//
//   - NotAuthorizedException
//     This exception is thrown when a user isn't authorized.
//
//   - TooManyRequestsException
//     This exception is thrown when the user has made too many requests for a given
//     operation.
//
//   - InternalErrorException
//     This exception is thrown when Amazon Cognito encounters an internal error.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/DeleteResourceServer
func (c *CognitoIdentityProvider) DeleteResourceServer(input *DeleteResourceServerInput) (*DeleteResourceServerOutput, error) {
	req, out := c.DeleteResourceServerRequest(input)
	return out, req.Send()
}

// DeleteResourceServerWithContext is the same as DeleteResourceServer with the addition of
// the ability to pass a context and additional request options.
//
// See DeleteResourceServer for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) DeleteResourceServerWithContext(ctx aws.Context, input *DeleteResourceServerInput, opts ...request.Option) (*DeleteResourceServerOutput, error) {
	req, out := c.DeleteResourceServerRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opDeleteUser = "DeleteUser"

// DeleteUserRequest generates a "aws/request.Request" representing the
// client's request for the DeleteUser operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See DeleteUser for more information on using the DeleteUser
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the DeleteUserRequest method.
//	req, resp := client.DeleteUserRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/DeleteUser
func (c *CognitoIdentityProvider) DeleteUserRequest(input *DeleteUserInput) (req *request.Request, output *DeleteUserOutput) {
	op := &request.Operation{
		Name:       opDeleteUser,
		HTTPMethod: "POST",
		HTTPPath:   "/",
	}

	if input == nil {
		input = &DeleteUserInput{}
	}

	output = &DeleteUserOutput{}
	req = c.newRequest(op, input, output)
	req.Config.Credentials = credentials.AnonymousCredentials
	req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
	return
}

// DeleteUser API operation for Amazon Cognito Identity Provider.
//
// Allows a user to delete their own user profile.
//
// Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies
// in requests for this API operation. For this operation, you can't use IAM
// credentials to authorize requests, and you can't grant IAM permissions in
// policies. For more information about authorization models in Amazon Cognito,
// see Using the Amazon Cognito native and OIDC APIs (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html).
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Amazon Cognito Identity Provider's
// API operation DeleteUser for usage and error information.
//
// Returned Error Types:
//
//   - ResourceNotFoundException
//     This exception is thrown when the Amazon Cognito service can't find the requested
//     resource.
//
//   - InvalidParameterException
//     This exception is thrown when the Amazon Cognito service encounters an invalid
//     parameter.
//
//   - NotAuthorizedException
//     This exception is thrown when a user isn't authorized.
//
//   - TooManyRequestsException
//     This exception is thrown when the user has made too many requests for a given
//     operation.
//
//   - PasswordResetRequiredException
//     This exception is thrown when a password reset is required.
//
//   - UserNotFoundException
//     This exception is thrown when a user isn't found.
//
//   - UserNotConfirmedException
//     This exception is thrown when a user isn't confirmed successfully.
//
//   - InternalErrorException
//     This exception is thrown when Amazon Cognito encounters an internal error.
//
//   - ForbiddenException
//     This exception is thrown when WAF doesn't allow your request based on a web
//     ACL that's associated with your user pool.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/DeleteUser
func (c *CognitoIdentityProvider) DeleteUser(input *DeleteUserInput) (*DeleteUserOutput, error) {
	req, out := c.DeleteUserRequest(input)
	return out, req.Send()
}

// DeleteUserWithContext is the same as DeleteUser with the addition of
// the ability to pass a context and additional request options.
//
// See DeleteUser for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) DeleteUserWithContext(ctx aws.Context, input *DeleteUserInput, opts ...request.Option) (*DeleteUserOutput, error) {
	req, out := c.DeleteUserRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opDeleteUserAttributes = "DeleteUserAttributes"

// DeleteUserAttributesRequest generates a "aws/request.Request" representing the
// client's request for the DeleteUserAttributes operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See DeleteUserAttributes for more information on using the DeleteUserAttributes
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the DeleteUserAttributesRequest method.
//	req, resp := client.DeleteUserAttributesRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/DeleteUserAttributes
func (c *CognitoIdentityProvider) DeleteUserAttributesRequest(input *DeleteUserAttributesInput) (req *request.Request, output *DeleteUserAttributesOutput) {
	op := &request.Operation{
		Name:       opDeleteUserAttributes,
		HTTPMethod: "POST",
		HTTPPath:   "/",
	}

	if input == nil {
		input = &DeleteUserAttributesInput{}
	}

	output = &DeleteUserAttributesOutput{}
	req = c.newRequest(op, input, output)
	req.Config.Credentials = credentials.AnonymousCredentials
	req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
	return
}

// DeleteUserAttributes API operation for Amazon Cognito Identity Provider.
//
// Deletes the attributes for a user.
//
// Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies
// in requests for this API operation. For this operation, you can't use IAM
// credentials to authorize requests, and you can't grant IAM permissions in
// policies. For more information about authorization models in Amazon Cognito,
// see Using the Amazon Cognito native and OIDC APIs (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html).
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Amazon Cognito Identity Provider's
// API operation DeleteUserAttributes for usage and error information.
//
// Returned Error Types:
//
//   - ResourceNotFoundException
//     This exception is thrown when the Amazon Cognito service can't find the requested
//     resource.
//
//   - InvalidParameterException
//     This exception is thrown when the Amazon Cognito service encounters an invalid
//     parameter.
//
//   - NotAuthorizedException
//     This exception is thrown when a user isn't authorized.
//
//   - TooManyRequestsException
//     This exception is thrown when the user has made too many requests for a given
//     operation.
//
//   - PasswordResetRequiredException
//     This exception is thrown when a password reset is required.
//
//   - UserNotFoundException
//     This exception is thrown when a user isn't found.
//
//   - UserNotConfirmedException
//     This exception is thrown when a user isn't confirmed successfully.
//
//   - InternalErrorException
//     This exception is thrown when Amazon Cognito encounters an internal error.
//
//   - ForbiddenException
//     This exception is thrown when WAF doesn't allow your request based on a web
//     ACL that's associated with your user pool.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/DeleteUserAttributes
func (c *CognitoIdentityProvider) DeleteUserAttributes(input *DeleteUserAttributesInput) (*DeleteUserAttributesOutput, error) {
	req, out := c.DeleteUserAttributesRequest(input)
	return out, req.Send()
}

// DeleteUserAttributesWithContext is the same as DeleteUserAttributes with the addition of
// the ability to pass a context and additional request options.
//
// See DeleteUserAttributes for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) DeleteUserAttributesWithContext(ctx aws.Context, input *DeleteUserAttributesInput, opts ...request.Option) (*DeleteUserAttributesOutput, error) {
	req, out := c.DeleteUserAttributesRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opDeleteUserPool = "DeleteUserPool"

// DeleteUserPoolRequest generates a "aws/request.Request" representing the
// client's request for the DeleteUserPool operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See DeleteUserPool for more information on using the DeleteUserPool
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the DeleteUserPoolRequest method.
//	req, resp := client.DeleteUserPoolRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/DeleteUserPool
func (c *CognitoIdentityProvider) DeleteUserPoolRequest(input *DeleteUserPoolInput) (req *request.Request, output *DeleteUserPoolOutput) {
	op := &request.Operation{
		Name:       opDeleteUserPool,
		HTTPMethod: "POST",
		HTTPPath:   "/",
	}

	if input == nil {
		input = &DeleteUserPoolInput{}
	}

	output = &DeleteUserPoolOutput{}
	req = c.newRequest(op, input, output)
	req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
	return
}

// DeleteUserPool API operation for Amazon Cognito Identity Provider.
//
// Deletes the specified Amazon Cognito user pool.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Amazon Cognito Identity Provider's
// API operation DeleteUserPool for usage and error information.
//
// Returned Error Types:
//
//   - ResourceNotFoundException
//     This exception is thrown when the Amazon Cognito service can't find the requested
//     resource.
//
//   - InvalidParameterException
//     This exception is thrown when the Amazon Cognito service encounters an invalid
//     parameter.
//
//   - TooManyRequestsException
//     This exception is thrown when the user has made too many requests for a given
//     operation.
//
//   - NotAuthorizedException
//     This exception is thrown when a user isn't authorized.
//
//   - UserImportInProgressException
//     This exception is thrown when you're trying to modify a user pool while a
//     user import job is in progress for that pool.
//
//   - InternalErrorException
//     This exception is thrown when Amazon Cognito encounters an internal error.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/DeleteUserPool
func (c *CognitoIdentityProvider) DeleteUserPool(input *DeleteUserPoolInput) (*DeleteUserPoolOutput, error) {
	req, out := c.DeleteUserPoolRequest(input)
	return out, req.Send()
}

// DeleteUserPoolWithContext is the same as DeleteUserPool with the addition of
// the ability to pass a context and additional request options.
//
// See DeleteUserPool for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) DeleteUserPoolWithContext(ctx aws.Context, input *DeleteUserPoolInput, opts ...request.Option) (*DeleteUserPoolOutput, error) {
	req, out := c.DeleteUserPoolRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opDeleteUserPoolClient = "DeleteUserPoolClient"

// DeleteUserPoolClientRequest generates a "aws/request.Request" representing the
// client's request for the DeleteUserPoolClient operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See DeleteUserPoolClient for more information on using the DeleteUserPoolClient
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the DeleteUserPoolClientRequest method.
//	req, resp := client.DeleteUserPoolClientRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/DeleteUserPoolClient
func (c *CognitoIdentityProvider) DeleteUserPoolClientRequest(input *DeleteUserPoolClientInput) (req *request.Request, output *DeleteUserPoolClientOutput) {
	op := &request.Operation{
		Name:       opDeleteUserPoolClient,
		HTTPMethod: "POST",
		HTTPPath:   "/",
	}

	if input == nil {
		input = &DeleteUserPoolClientInput{}
	}

	output = &DeleteUserPoolClientOutput{}
	req = c.newRequest(op, input, output)
	req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
	return
}

// DeleteUserPoolClient API operation for Amazon Cognito Identity Provider.
//
// Allows the developer to delete the user pool client.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Amazon Cognito Identity Provider's
// API operation DeleteUserPoolClient for usage and error information.
//
// Returned Error Types:
//
//   - ResourceNotFoundException
//     This exception is thrown when the Amazon Cognito service can't find the requested
//     resource.
//
//   - InvalidParameterException
//     This exception is thrown when the Amazon Cognito service encounters an invalid
//     parameter.
//
//   - TooManyRequestsException
//     This exception is thrown when the user has made too many requests for a given
//     operation.
//
//   - NotAuthorizedException
//     This exception is thrown when a user isn't authorized.
//
//   - ConcurrentModificationException
//     This exception is thrown if two or more modifications are happening concurrently.
//
//   - InternalErrorException
//     This exception is thrown when Amazon Cognito encounters an internal error.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/DeleteUserPoolClient
func (c *CognitoIdentityProvider) DeleteUserPoolClient(input *DeleteUserPoolClientInput) (*DeleteUserPoolClientOutput, error) {
	req, out := c.DeleteUserPoolClientRequest(input)
	return out, req.Send()
}

// DeleteUserPoolClientWithContext is the same as DeleteUserPoolClient with the addition of
// the ability to pass a context and additional request options.
//
// See DeleteUserPoolClient for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) DeleteUserPoolClientWithContext(ctx aws.Context, input *DeleteUserPoolClientInput, opts ...request.Option) (*DeleteUserPoolClientOutput, error) {
	req, out := c.DeleteUserPoolClientRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opDeleteUserPoolDomain = "DeleteUserPoolDomain"

// DeleteUserPoolDomainRequest generates a "aws/request.Request" representing the
// client's request for the DeleteUserPoolDomain operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See DeleteUserPoolDomain for more information on using the DeleteUserPoolDomain
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the DeleteUserPoolDomainRequest method.
//	req, resp := client.DeleteUserPoolDomainRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/DeleteUserPoolDomain
func (c *CognitoIdentityProvider) DeleteUserPoolDomainRequest(input *DeleteUserPoolDomainInput) (req *request.Request, output *DeleteUserPoolDomainOutput) {
	op := &request.Operation{
		Name:       opDeleteUserPoolDomain,
		HTTPMethod: "POST",
		HTTPPath:   "/",
	}

	if input == nil {
		input = &DeleteUserPoolDomainInput{}
	}

	output = &DeleteUserPoolDomainOutput{}
	req = c.newRequest(op, input, output)
	req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
	return
}

// DeleteUserPoolDomain API operation for Amazon Cognito Identity Provider.
//
// Deletes a domain for a user pool.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Amazon Cognito Identity Provider's
// API operation DeleteUserPoolDomain for usage and error information.
//
// Returned Error Types:
//
//   - NotAuthorizedException
//     This exception is thrown when a user isn't authorized.
//
//   - InvalidParameterException
//     This exception is thrown when the Amazon Cognito service encounters an invalid
//     parameter.
//
//   - ResourceNotFoundException
//     This exception is thrown when the Amazon Cognito service can't find the requested
//     resource.
//
//   - InternalErrorException
//     This exception is thrown when Amazon Cognito encounters an internal error.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/DeleteUserPoolDomain
func (c *CognitoIdentityProvider) DeleteUserPoolDomain(input *DeleteUserPoolDomainInput) (*DeleteUserPoolDomainOutput, error) {
	req, out := c.DeleteUserPoolDomainRequest(input)
	return out, req.Send()
}

// DeleteUserPoolDomainWithContext is the same as DeleteUserPoolDomain with the addition of
// the ability to pass a context and additional request options.
//
// See DeleteUserPoolDomain for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) DeleteUserPoolDomainWithContext(ctx aws.Context, input *DeleteUserPoolDomainInput, opts ...request.Option) (*DeleteUserPoolDomainOutput, error) {
	req, out := c.DeleteUserPoolDomainRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opDescribeIdentityProvider = "DescribeIdentityProvider"

// DescribeIdentityProviderRequest generates a "aws/request.Request" representing the
// client's request for the DescribeIdentityProvider operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See DescribeIdentityProvider for more information on using the DescribeIdentityProvider
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the DescribeIdentityProviderRequest method.
//	req, resp := client.DescribeIdentityProviderRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/DescribeIdentityProvider
func (c *CognitoIdentityProvider) DescribeIdentityProviderRequest(input *DescribeIdentityProviderInput) (req *request.Request, output *DescribeIdentityProviderOutput) {
	op := &request.Operation{
		Name:       opDescribeIdentityProvider,
		HTTPMethod: "POST",
		HTTPPath:   "/",
	}

	if input == nil {
		input = &DescribeIdentityProviderInput{}
	}

	output = &DescribeIdentityProviderOutput{}
	req = c.newRequest(op, input, output)
	return
}

// DescribeIdentityProvider API operation for Amazon Cognito Identity Provider.
//
// Gets information about a specific IdP.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Amazon Cognito Identity Provider's
// API operation DescribeIdentityProvider for usage and error information.
//
// Returned Error Types:
//
//   - InvalidParameterException
//     This exception is thrown when the Amazon Cognito service encounters an invalid
//     parameter.
//
//   - ResourceNotFoundException
//     This exception is thrown when the Amazon Cognito service can't find the requested
//     resource.
//
//   - NotAuthorizedException
//     This exception is thrown when a user isn't authorized.
//
//   - TooManyRequestsException
//     This exception is thrown when the user has made too many requests for a given
//     operation.
//
//   - InternalErrorException
//     This exception is thrown when Amazon Cognito encounters an internal error.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/DescribeIdentityProvider
func (c *CognitoIdentityProvider) DescribeIdentityProvider(input *DescribeIdentityProviderInput) (*DescribeIdentityProviderOutput, error) {
	req, out := c.DescribeIdentityProviderRequest(input)
	return out, req.Send()
}

// DescribeIdentityProviderWithContext is the same as DescribeIdentityProvider with the addition of
// the ability to pass a context and additional request options.
//
// See DescribeIdentityProvider for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) DescribeIdentityProviderWithContext(ctx aws.Context, input *DescribeIdentityProviderInput, opts ...request.Option) (*DescribeIdentityProviderOutput, error) {
	req, out := c.DescribeIdentityProviderRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opDescribeResourceServer = "DescribeResourceServer"

// DescribeResourceServerRequest generates a "aws/request.Request" representing the
// client's request for the DescribeResourceServer operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See DescribeResourceServer for more information on using the DescribeResourceServer
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the DescribeResourceServerRequest method.
//	req, resp := client.DescribeResourceServerRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/DescribeResourceServer
func (c *CognitoIdentityProvider) DescribeResourceServerRequest(input *DescribeResourceServerInput) (req *request.Request, output *DescribeResourceServerOutput) {
	op := &request.Operation{
		Name:       opDescribeResourceServer,
		HTTPMethod: "POST",
		HTTPPath:   "/",
	}

	if input == nil {
		input = &DescribeResourceServerInput{}
	}

	output = &DescribeResourceServerOutput{}
	req = c.newRequest(op, input, output)
	return
}

// DescribeResourceServer API operation for Amazon Cognito Identity Provider.
//
// Describes a resource server.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Amazon Cognito Identity Provider's
// API operation DescribeResourceServer for usage and error information.
//
// Returned Error Types:
//
//   - InvalidParameterException
//     This exception is thrown when the Amazon Cognito service encounters an invalid
//     parameter.
//
//   - ResourceNotFoundException
//     This exception is thrown when the Amazon Cognito service can't find the requested
//     resource.
//
//   - NotAuthorizedException
//     This exception is thrown when a user isn't authorized.
//
//   - TooManyRequestsException
//     This exception is thrown when the user has made too many requests for a given
//     operation.
//
//   - InternalErrorException
//     This exception is thrown when Amazon Cognito encounters an internal error.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/DescribeResourceServer
func (c *CognitoIdentityProvider) DescribeResourceServer(input *DescribeResourceServerInput) (*DescribeResourceServerOutput, error) {
	req, out := c.DescribeResourceServerRequest(input)
	return out, req.Send()
}

// DescribeResourceServerWithContext is the same as DescribeResourceServer with the addition of
// the ability to pass a context and additional request options.
//
// See DescribeResourceServer for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) DescribeResourceServerWithContext(ctx aws.Context, input *DescribeResourceServerInput, opts ...request.Option) (*DescribeResourceServerOutput, error) {
	req, out := c.DescribeResourceServerRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opDescribeRiskConfiguration = "DescribeRiskConfiguration"

// DescribeRiskConfigurationRequest generates a "aws/request.Request" representing the
// client's request for the DescribeRiskConfiguration operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See DescribeRiskConfiguration for more information on using the DescribeRiskConfiguration
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the DescribeRiskConfigurationRequest method.
//	req, resp := client.DescribeRiskConfigurationRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/DescribeRiskConfiguration
func (c *CognitoIdentityProvider) DescribeRiskConfigurationRequest(input *DescribeRiskConfigurationInput) (req *request.Request, output *DescribeRiskConfigurationOutput) {
	op := &request.Operation{
		Name:       opDescribeRiskConfiguration,
		HTTPMethod: "POST",
		HTTPPath:   "/",
	}

	if input == nil {
		input = &DescribeRiskConfigurationInput{}
	}

	output = &DescribeRiskConfigurationOutput{}
	req = c.newRequest(op, input, output)
	return
}

// DescribeRiskConfiguration API operation for Amazon Cognito Identity Provider.
//
// Describes the risk configuration.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Amazon Cognito Identity Provider's
// API operation DescribeRiskConfiguration for usage and error information.
//
// Returned Error Types:
//
//   - ResourceNotFoundException
//     This exception is thrown when the Amazon Cognito service can't find the requested
//     resource.
//
//   - InvalidParameterException
//     This exception is thrown when the Amazon Cognito service encounters an invalid
//     parameter.
//
//   - TooManyRequestsException
//     This exception is thrown when the user has made too many requests for a given
//     operation.
//
//   - NotAuthorizedException
//     This exception is thrown when a user isn't authorized.
//
//   - UserPoolAddOnNotEnabledException
//     This exception is thrown when user pool add-ons aren't enabled.
//
//   - InternalErrorException
//     This exception is thrown when Amazon Cognito encounters an internal error.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/DescribeRiskConfiguration
func (c *CognitoIdentityProvider) DescribeRiskConfiguration(input *DescribeRiskConfigurationInput) (*DescribeRiskConfigurationOutput, error) {
	req, out := c.DescribeRiskConfigurationRequest(input)
	return out, req.Send()
}

// DescribeRiskConfigurationWithContext is the same as DescribeRiskConfiguration with the addition of
// the ability to pass a context and additional request options.
//
// See DescribeRiskConfiguration for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) DescribeRiskConfigurationWithContext(ctx aws.Context, input *DescribeRiskConfigurationInput, opts ...request.Option) (*DescribeRiskConfigurationOutput, error) {
	req, out := c.DescribeRiskConfigurationRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opDescribeUserImportJob = "DescribeUserImportJob"

// DescribeUserImportJobRequest generates a "aws/request.Request" representing the
// client's request for the DescribeUserImportJob operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See DescribeUserImportJob for more information on using the DescribeUserImportJob
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the DescribeUserImportJobRequest method.
//	req, resp := client.DescribeUserImportJobRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/DescribeUserImportJob
func (c *CognitoIdentityProvider) DescribeUserImportJobRequest(input *DescribeUserImportJobInput) (req *request.Request, output *DescribeUserImportJobOutput) {
	op := &request.Operation{
		Name:       opDescribeUserImportJob,
		HTTPMethod: "POST",
		HTTPPath:   "/",
	}

	if input == nil {
		input = &DescribeUserImportJobInput{}
	}

	output = &DescribeUserImportJobOutput{}
	req = c.newRequest(op, input, output)
	return
}

// DescribeUserImportJob API operation for Amazon Cognito Identity Provider.
//
// Describes the user import job.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Amazon Cognito Identity Provider's
// API operation DescribeUserImportJob for usage and error information.
//
// Returned Error Types:
//
//   - ResourceNotFoundException
//     This exception is thrown when the Amazon Cognito service can't find the requested
//     resource.
//
//   - InvalidParameterException
//     This exception is thrown when the Amazon Cognito service encounters an invalid
//     parameter.
//
//   - TooManyRequestsException
//     This exception is thrown when the user has made too many requests for a given
//     operation.
//
//   - NotAuthorizedException
//     This exception is thrown when a user isn't authorized.
//
//   - InternalErrorException
//     This exception is thrown when Amazon Cognito encounters an internal error.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/DescribeUserImportJob
func (c *CognitoIdentityProvider) DescribeUserImportJob(input *DescribeUserImportJobInput) (*DescribeUserImportJobOutput, error) {
	req, out := c.DescribeUserImportJobRequest(input)
	return out, req.Send()
}

// DescribeUserImportJobWithContext is the same as DescribeUserImportJob with the addition of
// the ability to pass a context and additional request options.
//
// See DescribeUserImportJob for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) DescribeUserImportJobWithContext(ctx aws.Context, input *DescribeUserImportJobInput, opts ...request.Option) (*DescribeUserImportJobOutput, error) {
	req, out := c.DescribeUserImportJobRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opDescribeUserPool = "DescribeUserPool"

// DescribeUserPoolRequest generates a "aws/request.Request" representing the
// client's request for the DescribeUserPool operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See DescribeUserPool for more information on using the DescribeUserPool
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the DescribeUserPoolRequest method.
//	req, resp := client.DescribeUserPoolRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/DescribeUserPool
func (c *CognitoIdentityProvider) DescribeUserPoolRequest(input *DescribeUserPoolInput) (req *request.Request, output *DescribeUserPoolOutput) {
	op := &request.Operation{
		Name:       opDescribeUserPool,
		HTTPMethod: "POST",
		HTTPPath:   "/",
	}

	if input == nil {
		input = &DescribeUserPoolInput{}
	}

	output = &DescribeUserPoolOutput{}
	req = c.newRequest(op, input, output)
	return
}

// DescribeUserPool API operation for Amazon Cognito Identity Provider.
//
// Returns the configuration information and metadata of the specified user
// pool.
//
// Amazon Cognito evaluates Identity and Access Management (IAM) policies in
// requests for this API operation. For this operation, you must use IAM credentials
// to authorize requests, and you must grant yourself the corresponding IAM
// permission in a policy.
//
// Learn more
//
//   - Signing Amazon Web Services API Requests (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html)
//
//   - Using the Amazon Cognito user pools API and user pool endpoints (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html)
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Amazon Cognito Identity Provider's
// API operation DescribeUserPool for usage and error information.
//
// Returned Error Types:
//
//   - ResourceNotFoundException
//     This exception is thrown when the Amazon Cognito service can't find the requested
//     resource.
//
//   - InvalidParameterException
//     This exception is thrown when the Amazon Cognito service encounters an invalid
//     parameter.
//
//   - TooManyRequestsException
//     This exception is thrown when the user has made too many requests for a given
//     operation.
//
//   - NotAuthorizedException
//     This exception is thrown when a user isn't authorized.
//
//   - UserPoolTaggingException
//     This exception is thrown when a user pool tag can't be set or updated.
//
//   - InternalErrorException
//     This exception is thrown when Amazon Cognito encounters an internal error.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/DescribeUserPool
func (c *CognitoIdentityProvider) DescribeUserPool(input *DescribeUserPoolInput) (*DescribeUserPoolOutput, error) {
	req, out := c.DescribeUserPoolRequest(input)
	return out, req.Send()
}

// DescribeUserPoolWithContext is the same as DescribeUserPool with the addition of
// the ability to pass a context and additional request options.
//
// See DescribeUserPool for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) DescribeUserPoolWithContext(ctx aws.Context, input *DescribeUserPoolInput, opts ...request.Option) (*DescribeUserPoolOutput, error) {
	req, out := c.DescribeUserPoolRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opDescribeUserPoolClient = "DescribeUserPoolClient"

// DescribeUserPoolClientRequest generates a "aws/request.Request" representing the
// client's request for the DescribeUserPoolClient operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See DescribeUserPoolClient for more information on using the DescribeUserPoolClient
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the DescribeUserPoolClientRequest method.
//	req, resp := client.DescribeUserPoolClientRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/DescribeUserPoolClient
func (c *CognitoIdentityProvider) DescribeUserPoolClientRequest(input *DescribeUserPoolClientInput) (req *request.Request, output *DescribeUserPoolClientOutput) {
	op := &request.Operation{
		Name:       opDescribeUserPoolClient,
		HTTPMethod: "POST",
		HTTPPath:   "/",
	}

	if input == nil {
		input = &DescribeUserPoolClientInput{}
	}

	output = &DescribeUserPoolClientOutput{}
	req = c.newRequest(op, input, output)
	return
}

// DescribeUserPoolClient API operation for Amazon Cognito Identity Provider.
//
// Client method for returning the configuration information and metadata of
// the specified user pool app client.
//
// Amazon Cognito evaluates Identity and Access Management (IAM) policies in
// requests for this API operation. For this operation, you must use IAM credentials
// to authorize requests, and you must grant yourself the corresponding IAM
// permission in a policy.
//
// Learn more
//
//   - Signing Amazon Web Services API Requests (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html)
//
//   - Using the Amazon Cognito user pools API and user pool endpoints (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html)
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Amazon Cognito Identity Provider's
// API operation DescribeUserPoolClient for usage and error information.
//
// Returned Error Types:
//
//   - ResourceNotFoundException
//     This exception is thrown when the Amazon Cognito service can't find the requested
//     resource.
//
//   - InvalidParameterException
//     This exception is thrown when the Amazon Cognito service encounters an invalid
//     parameter.
//
//   - TooManyRequestsException
//     This exception is thrown when the user has made too many requests for a given
//     operation.
//
//   - NotAuthorizedException
//     This exception is thrown when a user isn't authorized.
//
//   - InternalErrorException
//     This exception is thrown when Amazon Cognito encounters an internal error.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/DescribeUserPoolClient
func (c *CognitoIdentityProvider) DescribeUserPoolClient(input *DescribeUserPoolClientInput) (*DescribeUserPoolClientOutput, error) {
	req, out := c.DescribeUserPoolClientRequest(input)
	return out, req.Send()
}

// DescribeUserPoolClientWithContext is the same as DescribeUserPoolClient with the addition of
// the ability to pass a context and additional request options.
//
// See DescribeUserPoolClient for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) DescribeUserPoolClientWithContext(ctx aws.Context, input *DescribeUserPoolClientInput, opts ...request.Option) (*DescribeUserPoolClientOutput, error) {
	req, out := c.DescribeUserPoolClientRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opDescribeUserPoolDomain = "DescribeUserPoolDomain"

// DescribeUserPoolDomainRequest generates a "aws/request.Request" representing the
// client's request for the DescribeUserPoolDomain operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See DescribeUserPoolDomain for more information on using the DescribeUserPoolDomain
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the DescribeUserPoolDomainRequest method.
//	req, resp := client.DescribeUserPoolDomainRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/DescribeUserPoolDomain
func (c *CognitoIdentityProvider) DescribeUserPoolDomainRequest(input *DescribeUserPoolDomainInput) (req *request.Request, output *DescribeUserPoolDomainOutput) {
	op := &request.Operation{
		Name:       opDescribeUserPoolDomain,
		HTTPMethod: "POST",
		HTTPPath:   "/",
	}

	if input == nil {
		input = &DescribeUserPoolDomainInput{}
	}

	output = &DescribeUserPoolDomainOutput{}
	req = c.newRequest(op, input, output)
	return
}

// DescribeUserPoolDomain API operation for Amazon Cognito Identity Provider.
//
// Gets information about a domain.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Amazon Cognito Identity Provider's
// API operation DescribeUserPoolDomain for usage and error information.
//
// Returned Error Types:
//
//   - NotAuthorizedException
//     This exception is thrown when a user isn't authorized.
//
//   - InvalidParameterException
//     This exception is thrown when the Amazon Cognito service encounters an invalid
//     parameter.
//
//   - ResourceNotFoundException
//     This exception is thrown when the Amazon Cognito service can't find the requested
//     resource.
//
//   - InternalErrorException
//     This exception is thrown when Amazon Cognito encounters an internal error.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/DescribeUserPoolDomain
func (c *CognitoIdentityProvider) DescribeUserPoolDomain(input *DescribeUserPoolDomainInput) (*DescribeUserPoolDomainOutput, error) {
	req, out := c.DescribeUserPoolDomainRequest(input)
	return out, req.Send()
}

// DescribeUserPoolDomainWithContext is the same as DescribeUserPoolDomain with the addition of
// the ability to pass a context and additional request options.
//
// See DescribeUserPoolDomain for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) DescribeUserPoolDomainWithContext(ctx aws.Context, input *DescribeUserPoolDomainInput, opts ...request.Option) (*DescribeUserPoolDomainOutput, error) {
	req, out := c.DescribeUserPoolDomainRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opForgetDevice = "ForgetDevice"

// ForgetDeviceRequest generates a "aws/request.Request" representing the
// client's request for the ForgetDevice operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See ForgetDevice for more information on using the ForgetDevice
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the ForgetDeviceRequest method.
//	req, resp := client.ForgetDeviceRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/ForgetDevice
func (c *CognitoIdentityProvider) ForgetDeviceRequest(input *ForgetDeviceInput) (req *request.Request, output *ForgetDeviceOutput) {
	op := &request.Operation{
		Name:       opForgetDevice,
		HTTPMethod: "POST",
		HTTPPath:   "/",
	}

	if input == nil {
		input = &ForgetDeviceInput{}
	}

	output = &ForgetDeviceOutput{}
	req = c.newRequest(op, input, output)
	req.Config.Credentials = credentials.AnonymousCredentials
	req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
	return
}

// ForgetDevice API operation for Amazon Cognito Identity Provider.
//
// Forgets the specified device.
//
// Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies
// in requests for this API operation. For this operation, you can't use IAM
// credentials to authorize requests, and you can't grant IAM permissions in
// policies. For more information about authorization models in Amazon Cognito,
// see Using the Amazon Cognito native and OIDC APIs (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html).
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Amazon Cognito Identity Provider's
// API operation ForgetDevice for usage and error information.
//
// Returned Error Types:
//
//   - ResourceNotFoundException
//     This exception is thrown when the Amazon Cognito service can't find the requested
//     resource.
//
//   - InvalidParameterException
//     This exception is thrown when the Amazon Cognito service encounters an invalid
//     parameter.
//
//   - NotAuthorizedException
//     This exception is thrown when a user isn't authorized.
//
//   - TooManyRequestsException
//     This exception is thrown when the user has made too many requests for a given
//     operation.
//
//   - InvalidUserPoolConfigurationException
//     This exception is thrown when the user pool configuration is not valid.
//
//   - PasswordResetRequiredException
//     This exception is thrown when a password reset is required.
//
//   - UserNotFoundException
//     This exception is thrown when a user isn't found.
//
//   - UserNotConfirmedException
//     This exception is thrown when a user isn't confirmed successfully.
//
//   - InternalErrorException
//     This exception is thrown when Amazon Cognito encounters an internal error.
//
//   - ForbiddenException
//     This exception is thrown when WAF doesn't allow your request based on a web
//     ACL that's associated with your user pool.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/ForgetDevice
func (c *CognitoIdentityProvider) ForgetDevice(input *ForgetDeviceInput) (*ForgetDeviceOutput, error) {
	req, out := c.ForgetDeviceRequest(input)
	return out, req.Send()
}

// ForgetDeviceWithContext is the same as ForgetDevice with the addition of
// the ability to pass a context and additional request options.
//
// See ForgetDevice for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) ForgetDeviceWithContext(ctx aws.Context, input *ForgetDeviceInput, opts ...request.Option) (*ForgetDeviceOutput, error) {
	req, out := c.ForgetDeviceRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opForgotPassword = "ForgotPassword"

// ForgotPasswordRequest generates a "aws/request.Request" representing the
// client's request for the ForgotPassword operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See ForgotPassword for more information on using the ForgotPassword
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the ForgotPasswordRequest method.
//	req, resp := client.ForgotPasswordRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/ForgotPassword
func (c *CognitoIdentityProvider) ForgotPasswordRequest(input *ForgotPasswordInput) (req *request.Request, output *ForgotPasswordOutput) {
	op := &request.Operation{
		Name:       opForgotPassword,
		HTTPMethod: "POST",
		HTTPPath:   "/",
	}

	if input == nil {
		input = &ForgotPasswordInput{}
	}

	output = &ForgotPasswordOutput{}
	req = c.newRequest(op, input, output)
	req.Config.Credentials = credentials.AnonymousCredentials
	return
}

// ForgotPassword API operation for Amazon Cognito Identity Provider.
//
// Calling this API causes a message to be sent to the end user with a confirmation
// code that is required to change the user's password. For the Username parameter,
// you can use the username or user alias. The method used to send the confirmation
// code is sent according to the specified AccountRecoverySetting. For more
// information, see Recovering User Accounts (https://docs.aws.amazon.com/cognito/latest/developerguide/how-to-recover-a-user-account.html)
// in the Amazon Cognito Developer Guide. To use the confirmation code for resetting
// the password, call ConfirmForgotPassword (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_ConfirmForgotPassword.html).
//
// If neither a verified phone number nor a verified email exists, this API
// returns InvalidParameterException. If your app client has a client secret
// and you don't provide a SECRET_HASH parameter, this API returns NotAuthorizedException.
//
// Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies
// in requests for this API operation. For this operation, you can't use IAM
// credentials to authorize requests, and you can't grant IAM permissions in
// policies. For more information about authorization models in Amazon Cognito,
// see Using the Amazon Cognito native and OIDC APIs (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html).
//
// This action might generate an SMS text message. Starting June 1, 2021, US
// telecom carriers require you to register an origination phone number before
// you can send SMS messages to US phone numbers. If you use SMS text messages
// in Amazon Cognito, you must register a phone number with Amazon Pinpoint
// (https://console.aws.amazon.com/pinpoint/home/). Amazon Cognito uses the
// registered number automatically. Otherwise, Amazon Cognito users who must
// receive SMS messages might not be able to sign up, activate their accounts,
// or sign in.
//
// If you have never used SMS text messages with Amazon Cognito or any other
// Amazon Web Service, Amazon Simple Notification Service might place your account
// in the SMS sandbox. In sandbox mode (https://docs.aws.amazon.com/sns/latest/dg/sns-sms-sandbox.html)
// , you can send messages only to verified phone numbers. After you test your
// app while in the sandbox environment, you can move out of the sandbox and
// into production. For more information, see SMS message settings for Amazon
// Cognito user pools (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-sms-settings.html)
// in the Amazon Cognito Developer Guide.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Amazon Cognito Identity Provider's
// API operation ForgotPassword for usage and error information.
//
// Returned Error Types:
//
//   - ResourceNotFoundException
//     This exception is thrown when the Amazon Cognito service can't find the requested
//     resource.
//
//   - InvalidParameterException
//     This exception is thrown when the Amazon Cognito service encounters an invalid
//     parameter.
//
//   - UnexpectedLambdaException
//     This exception is thrown when Amazon Cognito encounters an unexpected exception
//     with Lambda.
//
//   - UserLambdaValidationException
//     This exception is thrown when the Amazon Cognito service encounters a user
//     validation exception with the Lambda service.
//
//   - NotAuthorizedException
//     This exception is thrown when a user isn't authorized.
//
//   - InvalidLambdaResponseException
//     This exception is thrown when Amazon Cognito encounters an invalid Lambda
//     response.
//
//   - TooManyRequestsException
//     This exception is thrown when the user has made too many requests for a given
//     operation.
//
//   - LimitExceededException
//     This exception is thrown when a user exceeds the limit for a requested Amazon
//     Web Services resource.
//
//   - InvalidSmsRoleAccessPolicyException
//     This exception is returned when the role provided for SMS configuration doesn't
//     have permission to publish using Amazon SNS.
//
//   - InvalidSmsRoleTrustRelationshipException
//     This exception is thrown when the trust relationship is not valid for the
//     role provided for SMS configuration. This can happen if you don't trust cognito-idp.amazonaws.com
//     or the external ID provided in the role does not match what is provided in
//     the SMS configuration for the user pool.
//
//   - InvalidEmailRoleAccessPolicyException
//     This exception is thrown when Amazon Cognito isn't allowed to use your email
//     identity. HTTP status code: 400.
//
//   - CodeDeliveryFailureException
//     This exception is thrown when a verification code fails to deliver successfully.
//
//   - UserNotFoundException
//     This exception is thrown when a user isn't found.
//
//   - InternalErrorException
//     This exception is thrown when Amazon Cognito encounters an internal error.
//
//   - ForbiddenException
//     This exception is thrown when WAF doesn't allow your request based on a web
//     ACL that's associated with your user pool.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/ForgotPassword
func (c *CognitoIdentityProvider) ForgotPassword(input *ForgotPasswordInput) (*ForgotPasswordOutput, error) {
	req, out := c.ForgotPasswordRequest(input)
	return out, req.Send()
}

// ForgotPasswordWithContext is the same as ForgotPassword with the addition of
// the ability to pass a context and additional request options.
//
// See ForgotPassword for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) ForgotPasswordWithContext(ctx aws.Context, input *ForgotPasswordInput, opts ...request.Option) (*ForgotPasswordOutput, error) {
	req, out := c.ForgotPasswordRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opGetCSVHeader = "GetCSVHeader"

// GetCSVHeaderRequest generates a "aws/request.Request" representing the
// client's request for the GetCSVHeader operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See GetCSVHeader for more information on using the GetCSVHeader
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the GetCSVHeaderRequest method.
//	req, resp := client.GetCSVHeaderRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/GetCSVHeader
func (c *CognitoIdentityProvider) GetCSVHeaderRequest(input *GetCSVHeaderInput) (req *request.Request, output *GetCSVHeaderOutput) {
	op := &request.Operation{
		Name:       opGetCSVHeader,
		HTTPMethod: "POST",
		HTTPPath:   "/",
	}

	if input == nil {
		input = &GetCSVHeaderInput{}
	}

	output = &GetCSVHeaderOutput{}
	req = c.newRequest(op, input, output)
	return
}

// GetCSVHeader API operation for Amazon Cognito Identity Provider.
//
// Gets the header information for the comma-separated value (CSV) file to be
// used as input for the user import job.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Amazon Cognito Identity Provider's
// API operation GetCSVHeader for usage and error information.
//
// Returned Error Types:
//
//   - ResourceNotFoundException
//     This exception is thrown when the Amazon Cognito service can't find the requested
//     resource.
//
//   - InvalidParameterException
//     This exception is thrown when the Amazon Cognito service encounters an invalid
//     parameter.
//
//   - TooManyRequestsException
//     This exception is thrown when the user has made too many requests for a given
//     operation.
//
//   - NotAuthorizedException
//     This exception is thrown when a user isn't authorized.
//
//   - InternalErrorException
//     This exception is thrown when Amazon Cognito encounters an internal error.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/GetCSVHeader
func (c *CognitoIdentityProvider) GetCSVHeader(input *GetCSVHeaderInput) (*GetCSVHeaderOutput, error) {
	req, out := c.GetCSVHeaderRequest(input)
	return out, req.Send()
}

// GetCSVHeaderWithContext is the same as GetCSVHeader with the addition of
// the ability to pass a context and additional request options.
//
// See GetCSVHeader for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) GetCSVHeaderWithContext(ctx aws.Context, input *GetCSVHeaderInput, opts ...request.Option) (*GetCSVHeaderOutput, error) {
	req, out := c.GetCSVHeaderRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opGetDevice = "GetDevice"

// GetDeviceRequest generates a "aws/request.Request" representing the
// client's request for the GetDevice operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See GetDevice for more information on using the GetDevice
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the GetDeviceRequest method.
//	req, resp := client.GetDeviceRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/GetDevice
func (c *CognitoIdentityProvider) GetDeviceRequest(input *GetDeviceInput) (req *request.Request, output *GetDeviceOutput) {
	op := &request.Operation{
		Name:       opGetDevice,
		HTTPMethod: "POST",
		HTTPPath:   "/",
	}

	if input == nil {
		input = &GetDeviceInput{}
	}

	output = &GetDeviceOutput{}
	req = c.newRequest(op, input, output)
	req.Config.Credentials = credentials.AnonymousCredentials
	return
}

// GetDevice API operation for Amazon Cognito Identity Provider.
//
// Gets the device.
//
// Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies
// in requests for this API operation. For this operation, you can't use IAM
// credentials to authorize requests, and you can't grant IAM permissions in
// policies. For more information about authorization models in Amazon Cognito,
// see Using the Amazon Cognito native and OIDC APIs (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html).
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Amazon Cognito Identity Provider's
// API operation GetDevice for usage and error information.
//
// Returned Error Types:
//
//   - ResourceNotFoundException
//     This exception is thrown when the Amazon Cognito service can't find the requested
//     resource.
//
//   - InvalidParameterException
//     This exception is thrown when the Amazon Cognito service encounters an invalid
//     parameter.
//
//   - InvalidUserPoolConfigurationException
//     This exception is thrown when the user pool configuration is not valid.
//
//   - NotAuthorizedException
//     This exception is thrown when a user isn't authorized.
//
//   - TooManyRequestsException
//     This exception is thrown when the user has made too many requests for a given
//     operation.
//
//   - PasswordResetRequiredException
//     This exception is thrown when a password reset is required.
//
//   - UserNotFoundException
//     This exception is thrown when a user isn't found.
//
//   - UserNotConfirmedException
//     This exception is thrown when a user isn't confirmed successfully.
//
//   - InternalErrorException
//     This exception is thrown when Amazon Cognito encounters an internal error.
//
//   - ForbiddenException
//     This exception is thrown when WAF doesn't allow your request based on a web
//     ACL that's associated with your user pool.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/GetDevice
func (c *CognitoIdentityProvider) GetDevice(input *GetDeviceInput) (*GetDeviceOutput, error) {
	req, out := c.GetDeviceRequest(input)
	return out, req.Send()
}

// GetDeviceWithContext is the same as GetDevice with the addition of
// the ability to pass a context and additional request options.
//
// See GetDevice for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) GetDeviceWithContext(ctx aws.Context, input *GetDeviceInput, opts ...request.Option) (*GetDeviceOutput, error) {
	req, out := c.GetDeviceRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opGetGroup = "GetGroup"

// GetGroupRequest generates a "aws/request.Request" representing the
// client's request for the GetGroup operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See GetGroup for more information on using the GetGroup
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the GetGroupRequest method.
//	req, resp := client.GetGroupRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/GetGroup
func (c *CognitoIdentityProvider) GetGroupRequest(input *GetGroupInput) (req *request.Request, output *GetGroupOutput) {
	op := &request.Operation{
		Name:       opGetGroup,
		HTTPMethod: "POST",
		HTTPPath:   "/",
	}

	if input == nil {
		input = &GetGroupInput{}
	}

	output = &GetGroupOutput{}
	req = c.newRequest(op, input, output)
	return
}

// GetGroup API operation for Amazon Cognito Identity Provider.
//
// Gets a group.
//
// Calling this action requires developer credentials.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Amazon Cognito Identity Provider's
// API operation GetGroup for usage and error information.
//
// Returned Error Types:
//
//   - ResourceNotFoundException
//     This exception is thrown when the Amazon Cognito service can't find the requested
//     resource.
//
//   - InvalidParameterException
//     This exception is thrown when the Amazon Cognito service encounters an invalid
//     parameter.
//
//   - TooManyRequestsException
//     This exception is thrown when the user has made too many requests for a given
//     operation.
//
//   - NotAuthorizedException
//     This exception is thrown when a user isn't authorized.
//
//   - InternalErrorException
//     This exception is thrown when Amazon Cognito encounters an internal error.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/GetGroup
func (c *CognitoIdentityProvider) GetGroup(input *GetGroupInput) (*GetGroupOutput, error) {
	req, out := c.GetGroupRequest(input)
	return out, req.Send()
}

// GetGroupWithContext is the same as GetGroup with the addition of
// the ability to pass a context and additional request options.
//
// See GetGroup for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) GetGroupWithContext(ctx aws.Context, input *GetGroupInput, opts ...request.Option) (*GetGroupOutput, error) {
	req, out := c.GetGroupRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opGetIdentityProviderByIdentifier = "GetIdentityProviderByIdentifier"

// GetIdentityProviderByIdentifierRequest generates a "aws/request.Request" representing the
// client's request for the GetIdentityProviderByIdentifier operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See GetIdentityProviderByIdentifier for more information on using the GetIdentityProviderByIdentifier
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the GetIdentityProviderByIdentifierRequest method.
//	req, resp := client.GetIdentityProviderByIdentifierRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/GetIdentityProviderByIdentifier
func (c *CognitoIdentityProvider) GetIdentityProviderByIdentifierRequest(input *GetIdentityProviderByIdentifierInput) (req *request.Request, output *GetIdentityProviderByIdentifierOutput) {
	op := &request.Operation{
		Name:       opGetIdentityProviderByIdentifier,
		HTTPMethod: "POST",
		HTTPPath:   "/",
	}

	if input == nil {
		input = &GetIdentityProviderByIdentifierInput{}
	}

	output = &GetIdentityProviderByIdentifierOutput{}
	req = c.newRequest(op, input, output)
	return
}

// GetIdentityProviderByIdentifier API operation for Amazon Cognito Identity Provider.
//
// Gets the specified IdP.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Amazon Cognito Identity Provider's
// API operation GetIdentityProviderByIdentifier for usage and error information.
//
// Returned Error Types:
//
//   - InvalidParameterException
//     This exception is thrown when the Amazon Cognito service encounters an invalid
//     parameter.
//
//   - ResourceNotFoundException
//     This exception is thrown when the Amazon Cognito service can't find the requested
//     resource.
//
//   - NotAuthorizedException
//     This exception is thrown when a user isn't authorized.
//
//   - TooManyRequestsException
//     This exception is thrown when the user has made too many requests for a given
//     operation.
//
//   - InternalErrorException
//     This exception is thrown when Amazon Cognito encounters an internal error.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/GetIdentityProviderByIdentifier
func (c *CognitoIdentityProvider) GetIdentityProviderByIdentifier(input *GetIdentityProviderByIdentifierInput) (*GetIdentityProviderByIdentifierOutput, error) {
	req, out := c.GetIdentityProviderByIdentifierRequest(input)
	return out, req.Send()
}

// GetIdentityProviderByIdentifierWithContext is the same as GetIdentityProviderByIdentifier with the addition of
// the ability to pass a context and additional request options.
//
// See GetIdentityProviderByIdentifier for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) GetIdentityProviderByIdentifierWithContext(ctx aws.Context, input *GetIdentityProviderByIdentifierInput, opts ...request.Option) (*GetIdentityProviderByIdentifierOutput, error) {
	req, out := c.GetIdentityProviderByIdentifierRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opGetLogDeliveryConfiguration = "GetLogDeliveryConfiguration"

// GetLogDeliveryConfigurationRequest generates a "aws/request.Request" representing the
// client's request for the GetLogDeliveryConfiguration operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See GetLogDeliveryConfiguration for more information on using the GetLogDeliveryConfiguration
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the GetLogDeliveryConfigurationRequest method.
//	req, resp := client.GetLogDeliveryConfigurationRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/GetLogDeliveryConfiguration
func (c *CognitoIdentityProvider) GetLogDeliveryConfigurationRequest(input *GetLogDeliveryConfigurationInput) (req *request.Request, output *GetLogDeliveryConfigurationOutput) {
	op := &request.Operation{
		Name:       opGetLogDeliveryConfiguration,
		HTTPMethod: "POST",
		HTTPPath:   "/",
	}

	if input == nil {
		input = &GetLogDeliveryConfigurationInput{}
	}

	output = &GetLogDeliveryConfigurationOutput{}
	req = c.newRequest(op, input, output)
	return
}

// GetLogDeliveryConfiguration API operation for Amazon Cognito Identity Provider.
//
// Gets the detailed activity logging configuration for a user pool.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Amazon Cognito Identity Provider's
// API operation GetLogDeliveryConfiguration for usage and error information.
//
// Returned Error Types:
//
//   - InvalidParameterException
//     This exception is thrown when the Amazon Cognito service encounters an invalid
//     parameter.
//
//   - InternalErrorException
//     This exception is thrown when Amazon Cognito encounters an internal error.
//
//   - TooManyRequestsException
//     This exception is thrown when the user has made too many requests for a given
//     operation.
//
//   - NotAuthorizedException
//     This exception is thrown when a user isn't authorized.
//
//   - ResourceNotFoundException
//     This exception is thrown when the Amazon Cognito service can't find the requested
//     resource.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/GetLogDeliveryConfiguration
func (c *CognitoIdentityProvider) GetLogDeliveryConfiguration(input *GetLogDeliveryConfigurationInput) (*GetLogDeliveryConfigurationOutput, error) {
	req, out := c.GetLogDeliveryConfigurationRequest(input)
	return out, req.Send()
}

// GetLogDeliveryConfigurationWithContext is the same as GetLogDeliveryConfiguration with the addition of
// the ability to pass a context and additional request options.
//
// See GetLogDeliveryConfiguration for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) GetLogDeliveryConfigurationWithContext(ctx aws.Context, input *GetLogDeliveryConfigurationInput, opts ...request.Option) (*GetLogDeliveryConfigurationOutput, error) {
	req, out := c.GetLogDeliveryConfigurationRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opGetSigningCertificate = "GetSigningCertificate"

// GetSigningCertificateRequest generates a "aws/request.Request" representing the
// client's request for the GetSigningCertificate operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See GetSigningCertificate for more information on using the GetSigningCertificate
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the GetSigningCertificateRequest method.
//	req, resp := client.GetSigningCertificateRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/GetSigningCertificate
func (c *CognitoIdentityProvider) GetSigningCertificateRequest(input *GetSigningCertificateInput) (req *request.Request, output *GetSigningCertificateOutput) {
	op := &request.Operation{
		Name:       opGetSigningCertificate,
		HTTPMethod: "POST",
		HTTPPath:   "/",
	}

	if input == nil {
		input = &GetSigningCertificateInput{}
	}

	output = &GetSigningCertificateOutput{}
	req = c.newRequest(op, input, output)
	return
}

// GetSigningCertificate API operation for Amazon Cognito Identity Provider.
//
// This method takes a user pool ID, and returns the signing certificate. The
// issued certificate is valid for 10 years from the date of issue.
//
// Amazon Cognito issues and assigns a new signing certificate annually. This
// process returns a new value in the response to GetSigningCertificate, but
// doesn't invalidate the original certificate.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Amazon Cognito Identity Provider's
// API operation GetSigningCertificate for usage and error information.
//
// Returned Error Types:
//
//   - InternalErrorException
//     This exception is thrown when Amazon Cognito encounters an internal error.
//
//   - InvalidParameterException
//     This exception is thrown when the Amazon Cognito service encounters an invalid
//     parameter.
//
//   - ResourceNotFoundException
//     This exception is thrown when the Amazon Cognito service can't find the requested
//     resource.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/GetSigningCertificate
func (c *CognitoIdentityProvider) GetSigningCertificate(input *GetSigningCertificateInput) (*GetSigningCertificateOutput, error) {
	req, out := c.GetSigningCertificateRequest(input)
	return out, req.Send()
}

// GetSigningCertificateWithContext is the same as GetSigningCertificate with the addition of
// the ability to pass a context and additional request options.
//
// See GetSigningCertificate for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) GetSigningCertificateWithContext(ctx aws.Context, input *GetSigningCertificateInput, opts ...request.Option) (*GetSigningCertificateOutput, error) {
	req, out := c.GetSigningCertificateRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opGetUICustomization = "GetUICustomization"

// GetUICustomizationRequest generates a "aws/request.Request" representing the
// client's request for the GetUICustomization operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See GetUICustomization for more information on using the GetUICustomization
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the GetUICustomizationRequest method.
//	req, resp := client.GetUICustomizationRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/GetUICustomization
func (c *CognitoIdentityProvider) GetUICustomizationRequest(input *GetUICustomizationInput) (req *request.Request, output *GetUICustomizationOutput) {
	op := &request.Operation{
		Name:       opGetUICustomization,
		HTTPMethod: "POST",
		HTTPPath:   "/",
	}

	if input == nil {
		input = &GetUICustomizationInput{}
	}

	output = &GetUICustomizationOutput{}
	req = c.newRequest(op, input, output)
	return
}

// GetUICustomization API operation for Amazon Cognito Identity Provider.
//
// Gets the user interface (UI) Customization information for a particular app
// client's app UI, if any such information exists for the client. If nothing
// is set for the particular client, but there is an existing pool level customization
// (the app clientId is ALL), then that information is returned. If nothing
// is present, then an empty shape is returned.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Amazon Cognito Identity Provider's
// API operation GetUICustomization for usage and error information.
//
// Returned Error Types:
//
//   - InvalidParameterException
//     This exception is thrown when the Amazon Cognito service encounters an invalid
//     parameter.
//
//   - ResourceNotFoundException
//     This exception is thrown when the Amazon Cognito service can't find the requested
//     resource.
//
//   - NotAuthorizedException
//     This exception is thrown when a user isn't authorized.
//
//   - TooManyRequestsException
//     This exception is thrown when the user has made too many requests for a given
//     operation.
//
//   - InternalErrorException
//     This exception is thrown when Amazon Cognito encounters an internal error.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/GetUICustomization
func (c *CognitoIdentityProvider) GetUICustomization(input *GetUICustomizationInput) (*GetUICustomizationOutput, error) {
	req, out := c.GetUICustomizationRequest(input)
	return out, req.Send()
}

// GetUICustomizationWithContext is the same as GetUICustomization with the addition of
// the ability to pass a context and additional request options.
//
// See GetUICustomization for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) GetUICustomizationWithContext(ctx aws.Context, input *GetUICustomizationInput, opts ...request.Option) (*GetUICustomizationOutput, error) {
	req, out := c.GetUICustomizationRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opGetUser = "GetUser"

// GetUserRequest generates a "aws/request.Request" representing the
// client's request for the GetUser operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See GetUser for more information on using the GetUser
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the GetUserRequest method.
//	req, resp := client.GetUserRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/GetUser
func (c *CognitoIdentityProvider) GetUserRequest(input *GetUserInput) (req *request.Request, output *GetUserOutput) {
	op := &request.Operation{
		Name:       opGetUser,
		HTTPMethod: "POST",
		HTTPPath:   "/",
	}

	if input == nil {
		input = &GetUserInput{}
	}

	output = &GetUserOutput{}
	req = c.newRequest(op, input, output)
	req.Config.Credentials = credentials.AnonymousCredentials
	return
}

// GetUser API operation for Amazon Cognito Identity Provider.
//
// Gets the user attributes and metadata for a user.
//
// Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies
// in requests for this API operation. For this operation, you can't use IAM
// credentials to authorize requests, and you can't grant IAM permissions in
// policies. For more information about authorization models in Amazon Cognito,
// see Using the Amazon Cognito native and OIDC APIs (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html).
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Amazon Cognito Identity Provider's
// API operation GetUser for usage and error information.
//
// Returned Error Types:
//
//   - ResourceNotFoundException
//     This exception is thrown when the Amazon Cognito service can't find the requested
//     resource.
//
//   - InvalidParameterException
//     This exception is thrown when the Amazon Cognito service encounters an invalid
//     parameter.
//
//   - NotAuthorizedException
//     This exception is thrown when a user isn't authorized.
//
//   - TooManyRequestsException
//     This exception is thrown when the user has made too many requests for a given
//     operation.
//
//   - PasswordResetRequiredException
//     This exception is thrown when a password reset is required.
//
//   - UserNotFoundException
//     This exception is thrown when a user isn't found.
//
//   - UserNotConfirmedException
//     This exception is thrown when a user isn't confirmed successfully.
//
//   - InternalErrorException
//     This exception is thrown when Amazon Cognito encounters an internal error.
//
//   - ForbiddenException
//     This exception is thrown when WAF doesn't allow your request based on a web
//     ACL that's associated with your user pool.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/GetUser
func (c *CognitoIdentityProvider) GetUser(input *GetUserInput) (*GetUserOutput, error) {
	req, out := c.GetUserRequest(input)
	return out, req.Send()
}

// GetUserWithContext is the same as GetUser with the addition of
// the ability to pass a context and additional request options.
//
// See GetUser for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) GetUserWithContext(ctx aws.Context, input *GetUserInput, opts ...request.Option) (*GetUserOutput, error) {
	req, out := c.GetUserRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opGetUserAttributeVerificationCode = "GetUserAttributeVerificationCode"

// GetUserAttributeVerificationCodeRequest generates a "aws/request.Request" representing the
// client's request for the GetUserAttributeVerificationCode operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See GetUserAttributeVerificationCode for more information on using the GetUserAttributeVerificationCode
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the GetUserAttributeVerificationCodeRequest method.
//	req, resp := client.GetUserAttributeVerificationCodeRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/GetUserAttributeVerificationCode
func (c *CognitoIdentityProvider) GetUserAttributeVerificationCodeRequest(input *GetUserAttributeVerificationCodeInput) (req *request.Request, output *GetUserAttributeVerificationCodeOutput) {
	op := &request.Operation{
		Name:       opGetUserAttributeVerificationCode,
		HTTPMethod: "POST",
		HTTPPath:   "/",
	}

	if input == nil {
		input = &GetUserAttributeVerificationCodeInput{}
	}

	output = &GetUserAttributeVerificationCodeOutput{}
	req = c.newRequest(op, input, output)
	req.Config.Credentials = credentials.AnonymousCredentials
	return
}

// GetUserAttributeVerificationCode API operation for Amazon Cognito Identity Provider.
//
// Generates a user attribute verification code for the specified attribute
// name. Sends a message to a user with a code that they must return in a VerifyUserAttribute
// request.
//
// Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies
// in requests for this API operation. For this operation, you can't use IAM
// credentials to authorize requests, and you can't grant IAM permissions in
// policies. For more information about authorization models in Amazon Cognito,
// see Using the Amazon Cognito native and OIDC APIs (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html).
//
// This action might generate an SMS text message. Starting June 1, 2021, US
// telecom carriers require you to register an origination phone number before
// you can send SMS messages to US phone numbers. If you use SMS text messages
// in Amazon Cognito, you must register a phone number with Amazon Pinpoint
// (https://console.aws.amazon.com/pinpoint/home/). Amazon Cognito uses the
// registered number automatically. Otherwise, Amazon Cognito users who must
// receive SMS messages might not be able to sign up, activate their accounts,
// or sign in.
//
// If you have never used SMS text messages with Amazon Cognito or any other
// Amazon Web Service, Amazon Simple Notification Service might place your account
// in the SMS sandbox. In sandbox mode (https://docs.aws.amazon.com/sns/latest/dg/sns-sms-sandbox.html)
// , you can send messages only to verified phone numbers. After you test your
// app while in the sandbox environment, you can move out of the sandbox and
// into production. For more information, see SMS message settings for Amazon
// Cognito user pools (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-sms-settings.html)
// in the Amazon Cognito Developer Guide.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Amazon Cognito Identity Provider's
// API operation GetUserAttributeVerificationCode for usage and error information.
//
// Returned Error Types:
//
//   - ResourceNotFoundException
//     This exception is thrown when the Amazon Cognito service can't find the requested
//     resource.
//
//   - InvalidParameterException
//     This exception is thrown when the Amazon Cognito service encounters an invalid
//     parameter.
//
//   - TooManyRequestsException
//     This exception is thrown when the user has made too many requests for a given
//     operation.
//
//   - NotAuthorizedException
//     This exception is thrown when a user isn't authorized.
//
//   - UnexpectedLambdaException
//     This exception is thrown when Amazon Cognito encounters an unexpected exception
//     with Lambda.
//
//   - UserLambdaValidationException
//     This exception is thrown when the Amazon Cognito service encounters a user
//     validation exception with the Lambda service.
//
//   - InvalidLambdaResponseException
//     This exception is thrown when Amazon Cognito encounters an invalid Lambda
//     response.
//
//   - InvalidSmsRoleAccessPolicyException
//     This exception is returned when the role provided for SMS configuration doesn't
//     have permission to publish using Amazon SNS.
//
//   - InvalidSmsRoleTrustRelationshipException
//     This exception is thrown when the trust relationship is not valid for the
//     role provided for SMS configuration. This can happen if you don't trust cognito-idp.amazonaws.com
//     or the external ID provided in the role does not match what is provided in
//     the SMS configuration for the user pool.
//
//   - InvalidEmailRoleAccessPolicyException
//     This exception is thrown when Amazon Cognito isn't allowed to use your email
//     identity. HTTP status code: 400.
//
//   - CodeDeliveryFailureException
//     This exception is thrown when a verification code fails to deliver successfully.
//
//   - LimitExceededException
//     This exception is thrown when a user exceeds the limit for a requested Amazon
//     Web Services resource.
//
//   - PasswordResetRequiredException
//     This exception is thrown when a password reset is required.
//
//   - UserNotFoundException
//     This exception is thrown when a user isn't found.
//
//   - UserNotConfirmedException
//     This exception is thrown when a user isn't confirmed successfully.
//
//   - InternalErrorException
//     This exception is thrown when Amazon Cognito encounters an internal error.
//
//   - ForbiddenException
//     This exception is thrown when WAF doesn't allow your request based on a web
//     ACL that's associated with your user pool.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/GetUserAttributeVerificationCode
func (c *CognitoIdentityProvider) GetUserAttributeVerificationCode(input *GetUserAttributeVerificationCodeInput) (*GetUserAttributeVerificationCodeOutput, error) {
	req, out := c.GetUserAttributeVerificationCodeRequest(input)
	return out, req.Send()
}

// GetUserAttributeVerificationCodeWithContext is the same as GetUserAttributeVerificationCode with the addition of
// the ability to pass a context and additional request options.
//
// See GetUserAttributeVerificationCode for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) GetUserAttributeVerificationCodeWithContext(ctx aws.Context, input *GetUserAttributeVerificationCodeInput, opts ...request.Option) (*GetUserAttributeVerificationCodeOutput, error) {
	req, out := c.GetUserAttributeVerificationCodeRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opGetUserPoolMfaConfig = "GetUserPoolMfaConfig"

// GetUserPoolMfaConfigRequest generates a "aws/request.Request" representing the
// client's request for the GetUserPoolMfaConfig operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See GetUserPoolMfaConfig for more information on using the GetUserPoolMfaConfig
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the GetUserPoolMfaConfigRequest method.
//	req, resp := client.GetUserPoolMfaConfigRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/GetUserPoolMfaConfig
func (c *CognitoIdentityProvider) GetUserPoolMfaConfigRequest(input *GetUserPoolMfaConfigInput) (req *request.Request, output *GetUserPoolMfaConfigOutput) {
	op := &request.Operation{
		Name:       opGetUserPoolMfaConfig,
		HTTPMethod: "POST",
		HTTPPath:   "/",
	}

	if input == nil {
		input = &GetUserPoolMfaConfigInput{}
	}

	output = &GetUserPoolMfaConfigOutput{}
	req = c.newRequest(op, input, output)
	return
}

// GetUserPoolMfaConfig API operation for Amazon Cognito Identity Provider.
//
// Gets the user pool multi-factor authentication (MFA) configuration.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Amazon Cognito Identity Provider's
// API operation GetUserPoolMfaConfig for usage and error information.
//
// Returned Error Types:
//
//   - InvalidParameterException
//     This exception is thrown when the Amazon Cognito service encounters an invalid
//     parameter.
//
//   - TooManyRequestsException
//     This exception is thrown when the user has made too many requests for a given
//     operation.
//
//   - ResourceNotFoundException
//     This exception is thrown when the Amazon Cognito service can't find the requested
//     resource.
//
//   - NotAuthorizedException
//     This exception is thrown when a user isn't authorized.
//
//   - InternalErrorException
//     This exception is thrown when Amazon Cognito encounters an internal error.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/GetUserPoolMfaConfig
func (c *CognitoIdentityProvider) GetUserPoolMfaConfig(input *GetUserPoolMfaConfigInput) (*GetUserPoolMfaConfigOutput, error) {
	req, out := c.GetUserPoolMfaConfigRequest(input)
	return out, req.Send()
}

// GetUserPoolMfaConfigWithContext is the same as GetUserPoolMfaConfig with the addition of
// the ability to pass a context and additional request options.
//
// See GetUserPoolMfaConfig for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) GetUserPoolMfaConfigWithContext(ctx aws.Context, input *GetUserPoolMfaConfigInput, opts ...request.Option) (*GetUserPoolMfaConfigOutput, error) {
	req, out := c.GetUserPoolMfaConfigRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opGlobalSignOut = "GlobalSignOut"

// GlobalSignOutRequest generates a "aws/request.Request" representing the
// client's request for the GlobalSignOut operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See GlobalSignOut for more information on using the GlobalSignOut
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the GlobalSignOutRequest method.
//	req, resp := client.GlobalSignOutRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/GlobalSignOut
func (c *CognitoIdentityProvider) GlobalSignOutRequest(input *GlobalSignOutInput) (req *request.Request, output *GlobalSignOutOutput) {
	op := &request.Operation{
		Name:       opGlobalSignOut,
		HTTPMethod: "POST",
		HTTPPath:   "/",
	}

	if input == nil {
		input = &GlobalSignOutInput{}
	}

	output = &GlobalSignOutOutput{}
	req = c.newRequest(op, input, output)
	req.Config.Credentials = credentials.AnonymousCredentials
	req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
	return
}

// GlobalSignOut API operation for Amazon Cognito Identity Provider.
//
// Invalidates the identity, access, and refresh tokens that Amazon Cognito
// issued to a user. Call this operation when your user signs out of your app.
// This results in the following behavior.
//
//   - Amazon Cognito no longer accepts token-authorized user operations that
//     you authorize with a signed-out user's access tokens. For more information,
//     see Using the Amazon Cognito user pools API and user pool endpoints (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html).
//     Amazon Cognito returns an Access Token has been revoked error when your
//     app attempts to authorize a user pools API request with a revoked access
//     token that contains the scope aws.cognito.signin.user.admin.
//
//   - Amazon Cognito no longer accepts a signed-out user's ID token in a GetId
//     (https://docs.aws.amazon.com/cognitoidentity/latest/APIReference/API_GetId.html)
//     request to an identity pool with ServerSideTokenCheck enabled for its
//     user pool IdP configuration in CognitoIdentityProvider (https://docs.aws.amazon.com/cognitoidentity/latest/APIReference/API_CognitoIdentityProvider.html).
//
//   - Amazon Cognito no longer accepts a signed-out user's refresh tokens
//     in refresh requests.
//
// Other requests might be valid until your user's token expires.
//
// Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies
// in requests for this API operation. For this operation, you can't use IAM
// credentials to authorize requests, and you can't grant IAM permissions in
// policies. For more information about authorization models in Amazon Cognito,
// see Using the Amazon Cognito native and OIDC APIs (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html).
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Amazon Cognito Identity Provider's
// API operation GlobalSignOut for usage and error information.
//
// Returned Error Types:
//
//   - ResourceNotFoundException
//     This exception is thrown when the Amazon Cognito service can't find the requested
//     resource.
//
//   - InvalidParameterException
//     This exception is thrown when the Amazon Cognito service encounters an invalid
//     parameter.
//
//   - NotAuthorizedException
//     This exception is thrown when a user isn't authorized.
//
//   - TooManyRequestsException
//     This exception is thrown when the user has made too many requests for a given
//     operation.
//
//   - PasswordResetRequiredException
//     This exception is thrown when a password reset is required.
//
//   - UserNotConfirmedException
//     This exception is thrown when a user isn't confirmed successfully.
//
//   - InternalErrorException
//     This exception is thrown when Amazon Cognito encounters an internal error.
//
//   - ForbiddenException
//     This exception is thrown when WAF doesn't allow your request based on a web
//     ACL that's associated with your user pool.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/GlobalSignOut
func (c *CognitoIdentityProvider) GlobalSignOut(input *GlobalSignOutInput) (*GlobalSignOutOutput, error) {
	req, out := c.GlobalSignOutRequest(input)
	return out, req.Send()
}

// GlobalSignOutWithContext is the same as GlobalSignOut with the addition of
// the ability to pass a context and additional request options.
//
// See GlobalSignOut for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) GlobalSignOutWithContext(ctx aws.Context, input *GlobalSignOutInput, opts ...request.Option) (*GlobalSignOutOutput, error) {
	req, out := c.GlobalSignOutRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opInitiateAuth = "InitiateAuth"

// InitiateAuthRequest generates a "aws/request.Request" representing the
// client's request for the InitiateAuth operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See InitiateAuth for more information on using the InitiateAuth
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the InitiateAuthRequest method.
//	req, resp := client.InitiateAuthRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/InitiateAuth
func (c *CognitoIdentityProvider) InitiateAuthRequest(input *InitiateAuthInput) (req *request.Request, output *InitiateAuthOutput) {
	op := &request.Operation{
		Name:       opInitiateAuth,
		HTTPMethod: "POST",
		HTTPPath:   "/",
	}

	if input == nil {
		input = &InitiateAuthInput{}
	}

	output = &InitiateAuthOutput{}
	req = c.newRequest(op, input, output)
	req.Config.Credentials = credentials.AnonymousCredentials
	return
}

// InitiateAuth API operation for Amazon Cognito Identity Provider.
//
// Initiates sign-in for a user in the Amazon Cognito user directory. You can't
// sign in a user with a federated IdP with InitiateAuth. For more information,
// see Adding user pool sign-in through a third party (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-identity-federation.html).
//
// Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies
// in requests for this API operation. For this operation, you can't use IAM
// credentials to authorize requests, and you can't grant IAM permissions in
// policies. For more information about authorization models in Amazon Cognito,
// see Using the Amazon Cognito native and OIDC APIs (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html).
//
// This action might generate an SMS text message. Starting June 1, 2021, US
// telecom carriers require you to register an origination phone number before
// you can send SMS messages to US phone numbers. If you use SMS text messages
// in Amazon Cognito, you must register a phone number with Amazon Pinpoint
// (https://console.aws.amazon.com/pinpoint/home/). Amazon Cognito uses the
// registered number automatically. Otherwise, Amazon Cognito users who must
// receive SMS messages might not be able to sign up, activate their accounts,
// or sign in.
//
// If you have never used SMS text messages with Amazon Cognito or any other
// Amazon Web Service, Amazon Simple Notification Service might place your account
// in the SMS sandbox. In sandbox mode (https://docs.aws.amazon.com/sns/latest/dg/sns-sms-sandbox.html)
// , you can send messages only to verified phone numbers. After you test your
// app while in the sandbox environment, you can move out of the sandbox and
// into production. For more information, see SMS message settings for Amazon
// Cognito user pools (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-sms-settings.html)
// in the Amazon Cognito Developer Guide.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Amazon Cognito Identity Provider's
// API operation InitiateAuth for usage and error information.
//
// Returned Error Types:
//
//   - ResourceNotFoundException
//     This exception is thrown when the Amazon Cognito service can't find the requested
//     resource.
//
//   - InvalidParameterException
//     This exception is thrown when the Amazon Cognito service encounters an invalid
//     parameter.
//
//   - NotAuthorizedException
//     This exception is thrown when a user isn't authorized.
//
//   - TooManyRequestsException
//     This exception is thrown when the user has made too many requests for a given
//     operation.
//
//   - UnexpectedLambdaException
//     This exception is thrown when Amazon Cognito encounters an unexpected exception
//     with Lambda.
//
//   - InvalidUserPoolConfigurationException
//     This exception is thrown when the user pool configuration is not valid.
//
//   - UserLambdaValidationException
//     This exception is thrown when the Amazon Cognito service encounters a user
//     validation exception with the Lambda service.
//
//   - InvalidLambdaResponseException
//     This exception is thrown when Amazon Cognito encounters an invalid Lambda
//     response.
//
//   - PasswordResetRequiredException
//     This exception is thrown when a password reset is required.
//
//   - UserNotFoundException
//     This exception is thrown when a user isn't found.
//
//   - UserNotConfirmedException
//     This exception is thrown when a user isn't confirmed successfully.
//
//   - InternalErrorException
//     This exception is thrown when Amazon Cognito encounters an internal error.
//
//   - InvalidSmsRoleAccessPolicyException
//     This exception is returned when the role provided for SMS configuration doesn't
//     have permission to publish using Amazon SNS.
//
//   - InvalidSmsRoleTrustRelationshipException
//     This exception is thrown when the trust relationship is not valid for the
//     role provided for SMS configuration. This can happen if you don't trust cognito-idp.amazonaws.com
//     or the external ID provided in the role does not match what is provided in
//     the SMS configuration for the user pool.
//
//   - ForbiddenException
//     This exception is thrown when WAF doesn't allow your request based on a web
//     ACL that's associated with your user pool.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/InitiateAuth
func (c *CognitoIdentityProvider) InitiateAuth(input *InitiateAuthInput) (*InitiateAuthOutput, error) {
	req, out := c.InitiateAuthRequest(input)
	return out, req.Send()
}

// InitiateAuthWithContext is the same as InitiateAuth with the addition of
// the ability to pass a context and additional request options.
//
// See InitiateAuth for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) InitiateAuthWithContext(ctx aws.Context, input *InitiateAuthInput, opts ...request.Option) (*InitiateAuthOutput, error) {
	req, out := c.InitiateAuthRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opListDevices = "ListDevices"

// ListDevicesRequest generates a "aws/request.Request" representing the
// client's request for the ListDevices operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See ListDevices for more information on using the ListDevices
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the ListDevicesRequest method.
//	req, resp := client.ListDevicesRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/ListDevices
func (c *CognitoIdentityProvider) ListDevicesRequest(input *ListDevicesInput) (req *request.Request, output *ListDevicesOutput) {
	op := &request.Operation{
		Name:       opListDevices,
		HTTPMethod: "POST",
		HTTPPath:   "/",
	}

	if input == nil {
		input = &ListDevicesInput{}
	}

	output = &ListDevicesOutput{}
	req = c.newRequest(op, input, output)
	req.Config.Credentials = credentials.AnonymousCredentials
	return
}

// ListDevices API operation for Amazon Cognito Identity Provider.
//
// Lists the sign-in devices that Amazon Cognito has registered to the current
// user.
//
// Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies
// in requests for this API operation. For this operation, you can't use IAM
// credentials to authorize requests, and you can't grant IAM permissions in
// policies. For more information about authorization models in Amazon Cognito,
// see Using the Amazon Cognito native and OIDC APIs (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html).
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Amazon Cognito Identity Provider's
// API operation ListDevices for usage and error information.
//
// Returned Error Types:
//
//   - InvalidParameterException
//     This exception is thrown when the Amazon Cognito service encounters an invalid
//     parameter.
//
//   - ResourceNotFoundException
//     This exception is thrown when the Amazon Cognito service can't find the requested
//     resource.
//
//   - NotAuthorizedException
//     This exception is thrown when a user isn't authorized.
//
//   - InvalidUserPoolConfigurationException
//     This exception is thrown when the user pool configuration is not valid.
//
//   - TooManyRequestsException
//     This exception is thrown when the user has made too many requests for a given
//     operation.
//
//   - PasswordResetRequiredException
//     This exception is thrown when a password reset is required.
//
//   - UserNotFoundException
//     This exception is thrown when a user isn't found.
//
//   - UserNotConfirmedException
//     This exception is thrown when a user isn't confirmed successfully.
//
//   - InternalErrorException
//     This exception is thrown when Amazon Cognito encounters an internal error.
//
//   - ForbiddenException
//     This exception is thrown when WAF doesn't allow your request based on a web
//     ACL that's associated with your user pool.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/ListDevices
func (c *CognitoIdentityProvider) ListDevices(input *ListDevicesInput) (*ListDevicesOutput, error) {
	req, out := c.ListDevicesRequest(input)
	return out, req.Send()
}

// ListDevicesWithContext is the same as ListDevices with the addition of
// the ability to pass a context and additional request options.
//
// See ListDevices for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) ListDevicesWithContext(ctx aws.Context, input *ListDevicesInput, opts ...request.Option) (*ListDevicesOutput, error) {
	req, out := c.ListDevicesRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opListGroups = "ListGroups"

// ListGroupsRequest generates a "aws/request.Request" representing the
// client's request for the ListGroups operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See ListGroups for more information on using the ListGroups
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the ListGroupsRequest method.
//	req, resp := client.ListGroupsRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/ListGroups
func (c *CognitoIdentityProvider) ListGroupsRequest(input *ListGroupsInput) (req *request.Request, output *ListGroupsOutput) {
	op := &request.Operation{
		Name:       opListGroups,
		HTTPMethod: "POST",
		HTTPPath:   "/",
		Paginator: &request.Paginator{
			InputTokens:     []string{"NextToken"},
			OutputTokens:    []string{"NextToken"},
			LimitToken:      "Limit",
			TruncationToken: "",
		},
	}

	if input == nil {
		input = &ListGroupsInput{}
	}

	output = &ListGroupsOutput{}
	req = c.newRequest(op, input, output)
	return
}

// ListGroups API operation for Amazon Cognito Identity Provider.
//
// Lists the groups associated with a user pool.
//
// Amazon Cognito evaluates Identity and Access Management (IAM) policies in
// requests for this API operation. For this operation, you must use IAM credentials
// to authorize requests, and you must grant yourself the corresponding IAM
// permission in a policy.
//
// Learn more
//
//   - Signing Amazon Web Services API Requests (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html)
//
//   - Using the Amazon Cognito user pools API and user pool endpoints (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html)
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Amazon Cognito Identity Provider's
// API operation ListGroups for usage and error information.
//
// Returned Error Types:
//
//   - InvalidParameterException
//     This exception is thrown when the Amazon Cognito service encounters an invalid
//     parameter.
//
//   - ResourceNotFoundException
//     This exception is thrown when the Amazon Cognito service can't find the requested
//     resource.
//
//   - TooManyRequestsException
//     This exception is thrown when the user has made too many requests for a given
//     operation.
//
//   - NotAuthorizedException
//     This exception is thrown when a user isn't authorized.
//
//   - InternalErrorException
//     This exception is thrown when Amazon Cognito encounters an internal error.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/ListGroups
func (c *CognitoIdentityProvider) ListGroups(input *ListGroupsInput) (*ListGroupsOutput, error) {
	req, out := c.ListGroupsRequest(input)
	return out, req.Send()
}

// ListGroupsWithContext is the same as ListGroups with the addition of
// the ability to pass a context and additional request options.
//
// See ListGroups for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) ListGroupsWithContext(ctx aws.Context, input *ListGroupsInput, opts ...request.Option) (*ListGroupsOutput, error) {
	req, out := c.ListGroupsRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

// ListGroupsPages iterates over the pages of a ListGroups operation,
// calling the "fn" function with the response data for each page. To stop
// iterating, return false from the fn function.
//
// See ListGroups method for more information on how to use this operation.
//
// Note: This operation can generate multiple requests to a service.
//
//	// Example iterating over at most 3 pages of a ListGroups operation.
//	pageNum := 0
//	err := client.ListGroupsPages(params,
//	    func(page *cognitoidentityprovider.ListGroupsOutput, lastPage bool) bool {
//	        pageNum++
//	        fmt.Println(page)
//	        return pageNum <= 3
//	    })
func (c *CognitoIdentityProvider) ListGroupsPages(input *ListGroupsInput, fn func(*ListGroupsOutput, bool) bool) error {
	return c.ListGroupsPagesWithContext(aws.BackgroundContext(), input, fn)
}

// ListGroupsPagesWithContext same as ListGroupsPages except
// it takes a Context and allows setting request options on the pages.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) ListGroupsPagesWithContext(ctx aws.Context, input *ListGroupsInput, fn func(*ListGroupsOutput, bool) bool, opts ...request.Option) error {
	p := request.Pagination{
		NewRequest: func() (*request.Request, error) {
			var inCpy *ListGroupsInput
			if input != nil {
				tmp := *input
				inCpy = &tmp
			}
			req, _ := c.ListGroupsRequest(inCpy)
			req.SetContext(ctx)
			req.ApplyOptions(opts...)
			return req, nil
		},
	}

	for p.Next() {
		if !fn(p.Page().(*ListGroupsOutput), !p.HasNextPage()) {
			break
		}
	}

	return p.Err()
}

const opListIdentityProviders = "ListIdentityProviders"

// ListIdentityProvidersRequest generates a "aws/request.Request" representing the
// client's request for the ListIdentityProviders operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See ListIdentityProviders for more information on using the ListIdentityProviders
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the ListIdentityProvidersRequest method.
//	req, resp := client.ListIdentityProvidersRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/ListIdentityProviders
func (c *CognitoIdentityProvider) ListIdentityProvidersRequest(input *ListIdentityProvidersInput) (req *request.Request, output *ListIdentityProvidersOutput) {
	op := &request.Operation{
		Name:       opListIdentityProviders,
		HTTPMethod: "POST",
		HTTPPath:   "/",
		Paginator: &request.Paginator{
			InputTokens:     []string{"NextToken"},
			OutputTokens:    []string{"NextToken"},
			LimitToken:      "MaxResults",
			TruncationToken: "",
		},
	}

	if input == nil {
		input = &ListIdentityProvidersInput{}
	}

	output = &ListIdentityProvidersOutput{}
	req = c.newRequest(op, input, output)
	return
}

// ListIdentityProviders API operation for Amazon Cognito Identity Provider.
//
// Lists information about all IdPs for a user pool.
//
// Amazon Cognito evaluates Identity and Access Management (IAM) policies in
// requests for this API operation. For this operation, you must use IAM credentials
// to authorize requests, and you must grant yourself the corresponding IAM
// permission in a policy.
//
// Learn more
//
//   - Signing Amazon Web Services API Requests (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html)
//
//   - Using the Amazon Cognito user pools API and user pool endpoints (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html)
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Amazon Cognito Identity Provider's
// API operation ListIdentityProviders for usage and error information.
//
// Returned Error Types:
//
//   - InvalidParameterException
//     This exception is thrown when the Amazon Cognito service encounters an invalid
//     parameter.
//
//   - ResourceNotFoundException
//     This exception is thrown when the Amazon Cognito service can't find the requested
//     resource.
//
//   - NotAuthorizedException
//     This exception is thrown when a user isn't authorized.
//
//   - TooManyRequestsException
//     This exception is thrown when the user has made too many requests for a given
//     operation.
//
//   - InternalErrorException
//     This exception is thrown when Amazon Cognito encounters an internal error.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/ListIdentityProviders
func (c *CognitoIdentityProvider) ListIdentityProviders(input *ListIdentityProvidersInput) (*ListIdentityProvidersOutput, error) {
	req, out := c.ListIdentityProvidersRequest(input)
	return out, req.Send()
}

// ListIdentityProvidersWithContext is the same as ListIdentityProviders with the addition of
// the ability to pass a context and additional request options.
//
// See ListIdentityProviders for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) ListIdentityProvidersWithContext(ctx aws.Context, input *ListIdentityProvidersInput, opts ...request.Option) (*ListIdentityProvidersOutput, error) {
	req, out := c.ListIdentityProvidersRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

// ListIdentityProvidersPages iterates over the pages of a ListIdentityProviders operation,
// calling the "fn" function with the response data for each page. To stop
// iterating, return false from the fn function.
//
// See ListIdentityProviders method for more information on how to use this operation.
//
// Note: This operation can generate multiple requests to a service.
//
//	// Example iterating over at most 3 pages of a ListIdentityProviders operation.
//	pageNum := 0
//	err := client.ListIdentityProvidersPages(params,
//	    func(page *cognitoidentityprovider.ListIdentityProvidersOutput, lastPage bool) bool {
//	        pageNum++
//	        fmt.Println(page)
//	        return pageNum <= 3
//	    })
func (c *CognitoIdentityProvider) ListIdentityProvidersPages(input *ListIdentityProvidersInput, fn func(*ListIdentityProvidersOutput, bool) bool) error {
	return c.ListIdentityProvidersPagesWithContext(aws.BackgroundContext(), input, fn)
}

// ListIdentityProvidersPagesWithContext same as ListIdentityProvidersPages except
// it takes a Context and allows setting request options on the pages.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) ListIdentityProvidersPagesWithContext(ctx aws.Context, input *ListIdentityProvidersInput, fn func(*ListIdentityProvidersOutput, bool) bool, opts ...request.Option) error {
	p := request.Pagination{
		NewRequest: func() (*request.Request, error) {
			var inCpy *ListIdentityProvidersInput
			if input != nil {
				tmp := *input
				inCpy = &tmp
			}
			req, _ := c.ListIdentityProvidersRequest(inCpy)
			req.SetContext(ctx)
			req.ApplyOptions(opts...)
			return req, nil
		},
	}

	for p.Next() {
		if !fn(p.Page().(*ListIdentityProvidersOutput), !p.HasNextPage()) {
			break
		}
	}

	return p.Err()
}

const opListResourceServers = "ListResourceServers"

// ListResourceServersRequest generates a "aws/request.Request" representing the
// client's request for the ListResourceServers operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See ListResourceServers for more information on using the ListResourceServers
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the ListResourceServersRequest method.
//	req, resp := client.ListResourceServersRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/ListResourceServers
func (c *CognitoIdentityProvider) ListResourceServersRequest(input *ListResourceServersInput) (req *request.Request, output *ListResourceServersOutput) {
	op := &request.Operation{
		Name:       opListResourceServers,
		HTTPMethod: "POST",
		HTTPPath:   "/",
		Paginator: &request.Paginator{
			InputTokens:     []string{"NextToken"},
			OutputTokens:    []string{"NextToken"},
			LimitToken:      "MaxResults",
			TruncationToken: "",
		},
	}

	if input == nil {
		input = &ListResourceServersInput{}
	}

	output = &ListResourceServersOutput{}
	req = c.newRequest(op, input, output)
	return
}

// ListResourceServers API operation for Amazon Cognito Identity Provider.
//
// Lists the resource servers for a user pool.
//
// Amazon Cognito evaluates Identity and Access Management (IAM) policies in
// requests for this API operation. For this operation, you must use IAM credentials
// to authorize requests, and you must grant yourself the corresponding IAM
// permission in a policy.
//
// Learn more
//
//   - Signing Amazon Web Services API Requests (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html)
//
//   - Using the Amazon Cognito user pools API and user pool endpoints (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html)
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Amazon Cognito Identity Provider's
// API operation ListResourceServers for usage and error information.
//
// Returned Error Types:
//
//   - InvalidParameterException
//     This exception is thrown when the Amazon Cognito service encounters an invalid
//     parameter.
//
//   - ResourceNotFoundException
//     This exception is thrown when the Amazon Cognito service can't find the requested
//     resource.
//
//   - NotAuthorizedException
//     This exception is thrown when a user isn't authorized.
//
//   - TooManyRequestsException
//     This exception is thrown when the user has made too many requests for a given
//     operation.
//
//   - InternalErrorException
//     This exception is thrown when Amazon Cognito encounters an internal error.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/ListResourceServers
func (c *CognitoIdentityProvider) ListResourceServers(input *ListResourceServersInput) (*ListResourceServersOutput, error) {
	req, out := c.ListResourceServersRequest(input)
	return out, req.Send()
}

// ListResourceServersWithContext is the same as ListResourceServers with the addition of
// the ability to pass a context and additional request options.
//
// See ListResourceServers for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) ListResourceServersWithContext(ctx aws.Context, input *ListResourceServersInput, opts ...request.Option) (*ListResourceServersOutput, error) {
	req, out := c.ListResourceServersRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

// ListResourceServersPages iterates over the pages of a ListResourceServers operation,
// calling the "fn" function with the response data for each page. To stop
// iterating, return false from the fn function.
//
// See ListResourceServers method for more information on how to use this operation.
//
// Note: This operation can generate multiple requests to a service.
//
//	// Example iterating over at most 3 pages of a ListResourceServers operation.
//	pageNum := 0
//	err := client.ListResourceServersPages(params,
//	    func(page *cognitoidentityprovider.ListResourceServersOutput, lastPage bool) bool {
//	        pageNum++
//	        fmt.Println(page)
//	        return pageNum <= 3
//	    })
func (c *CognitoIdentityProvider) ListResourceServersPages(input *ListResourceServersInput, fn func(*ListResourceServersOutput, bool) bool) error {
	return c.ListResourceServersPagesWithContext(aws.BackgroundContext(), input, fn)
}

// ListResourceServersPagesWithContext same as ListResourceServersPages except
// it takes a Context and allows setting request options on the pages.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) ListResourceServersPagesWithContext(ctx aws.Context, input *ListResourceServersInput, fn func(*ListResourceServersOutput, bool) bool, opts ...request.Option) error {
	p := request.Pagination{
		NewRequest: func() (*request.Request, error) {
			var inCpy *ListResourceServersInput
			if input != nil {
				tmp := *input
				inCpy = &tmp
			}
			req, _ := c.ListResourceServersRequest(inCpy)
			req.SetContext(ctx)
			req.ApplyOptions(opts...)
			return req, nil
		},
	}

	for p.Next() {
		if !fn(p.Page().(*ListResourceServersOutput), !p.HasNextPage()) {
			break
		}
	}

	return p.Err()
}

const opListTagsForResource = "ListTagsForResource"

// ListTagsForResourceRequest generates a "aws/request.Request" representing the
// client's request for the ListTagsForResource operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See ListTagsForResource for more information on using the ListTagsForResource
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the ListTagsForResourceRequest method.
//	req, resp := client.ListTagsForResourceRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/ListTagsForResource
func (c *CognitoIdentityProvider) ListTagsForResourceRequest(input *ListTagsForResourceInput) (req *request.Request, output *ListTagsForResourceOutput) {
	op := &request.Operation{
		Name:       opListTagsForResource,
		HTTPMethod: "POST",
		HTTPPath:   "/",
	}

	if input == nil {
		input = &ListTagsForResourceInput{}
	}

	output = &ListTagsForResourceOutput{}
	req = c.newRequest(op, input, output)
	return
}

// ListTagsForResource API operation for Amazon Cognito Identity Provider.
//
// Lists the tags that are assigned to an Amazon Cognito user pool.
//
// A tag is a label that you can apply to user pools to categorize and manage
// them in different ways, such as by purpose, owner, environment, or other
// criteria.
//
// You can use this action up to 10 times per second, per account.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Amazon Cognito Identity Provider's
// API operation ListTagsForResource for usage and error information.
//
// Returned Error Types:
//
//   - ResourceNotFoundException
//     This exception is thrown when the Amazon Cognito service can't find the requested
//     resource.
//
//   - NotAuthorizedException
//     This exception is thrown when a user isn't authorized.
//
//   - TooManyRequestsException
//     This exception is thrown when the user has made too many requests for a given
//     operation.
//
//   - InvalidParameterException
//     This exception is thrown when the Amazon Cognito service encounters an invalid
//     parameter.
//
//   - InternalErrorException
//     This exception is thrown when Amazon Cognito encounters an internal error.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/ListTagsForResource
func (c *CognitoIdentityProvider) ListTagsForResource(input *ListTagsForResourceInput) (*ListTagsForResourceOutput, error) {
	req, out := c.ListTagsForResourceRequest(input)
	return out, req.Send()
}

// ListTagsForResourceWithContext is the same as ListTagsForResource with the addition of
// the ability to pass a context and additional request options.
//
// See ListTagsForResource for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) ListTagsForResourceWithContext(ctx aws.Context, input *ListTagsForResourceInput, opts ...request.Option) (*ListTagsForResourceOutput, error) {
	req, out := c.ListTagsForResourceRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opListUserImportJobs = "ListUserImportJobs"

// ListUserImportJobsRequest generates a "aws/request.Request" representing the
// client's request for the ListUserImportJobs operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See ListUserImportJobs for more information on using the ListUserImportJobs
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the ListUserImportJobsRequest method.
//	req, resp := client.ListUserImportJobsRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/ListUserImportJobs
func (c *CognitoIdentityProvider) ListUserImportJobsRequest(input *ListUserImportJobsInput) (req *request.Request, output *ListUserImportJobsOutput) {
	op := &request.Operation{
		Name:       opListUserImportJobs,
		HTTPMethod: "POST",
		HTTPPath:   "/",
	}

	if input == nil {
		input = &ListUserImportJobsInput{}
	}

	output = &ListUserImportJobsOutput{}
	req = c.newRequest(op, input, output)
	return
}

// ListUserImportJobs API operation for Amazon Cognito Identity Provider.
//
// Lists user import jobs for a user pool.
//
// Amazon Cognito evaluates Identity and Access Management (IAM) policies in
// requests for this API operation. For this operation, you must use IAM credentials
// to authorize requests, and you must grant yourself the corresponding IAM
// permission in a policy.
//
// Learn more
//
//   - Signing Amazon Web Services API Requests (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html)
//
//   - Using the Amazon Cognito user pools API and user pool endpoints (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html)
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Amazon Cognito Identity Provider's
// API operation ListUserImportJobs for usage and error information.
//
// Returned Error Types:
//
//   - ResourceNotFoundException
//     This exception is thrown when the Amazon Cognito service can't find the requested
//     resource.
//
//   - InvalidParameterException
//     This exception is thrown when the Amazon Cognito service encounters an invalid
//     parameter.
//
//   - TooManyRequestsException
//     This exception is thrown when the user has made too many requests for a given
//     operation.
//
//   - NotAuthorizedException
//     This exception is thrown when a user isn't authorized.
//
//   - InternalErrorException
//     This exception is thrown when Amazon Cognito encounters an internal error.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/ListUserImportJobs
func (c *CognitoIdentityProvider) ListUserImportJobs(input *ListUserImportJobsInput) (*ListUserImportJobsOutput, error) {
	req, out := c.ListUserImportJobsRequest(input)
	return out, req.Send()
}

// ListUserImportJobsWithContext is the same as ListUserImportJobs with the addition of
// the ability to pass a context and additional request options.
//
// See ListUserImportJobs for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) ListUserImportJobsWithContext(ctx aws.Context, input *ListUserImportJobsInput, opts ...request.Option) (*ListUserImportJobsOutput, error) {
	req, out := c.ListUserImportJobsRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opListUserPoolClients = "ListUserPoolClients"

// ListUserPoolClientsRequest generates a "aws/request.Request" representing the
// client's request for the ListUserPoolClients operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See ListUserPoolClients for more information on using the ListUserPoolClients
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the ListUserPoolClientsRequest method.
//	req, resp := client.ListUserPoolClientsRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/ListUserPoolClients
func (c *CognitoIdentityProvider) ListUserPoolClientsRequest(input *ListUserPoolClientsInput) (req *request.Request, output *ListUserPoolClientsOutput) {
	op := &request.Operation{
		Name:       opListUserPoolClients,
		HTTPMethod: "POST",
		HTTPPath:   "/",
		Paginator: &request.Paginator{
			InputTokens:     []string{"NextToken"},
			OutputTokens:    []string{"NextToken"},
			LimitToken:      "MaxResults",
			TruncationToken: "",
		},
	}

	if input == nil {
		input = &ListUserPoolClientsInput{}
	}

	output = &ListUserPoolClientsOutput{}
	req = c.newRequest(op, input, output)
	return
}

// ListUserPoolClients API operation for Amazon Cognito Identity Provider.
//
// Lists the clients that have been created for the specified user pool.
//
// Amazon Cognito evaluates Identity and Access Management (IAM) policies in
// requests for this API operation. For this operation, you must use IAM credentials
// to authorize requests, and you must grant yourself the corresponding IAM
// permission in a policy.
//
// Learn more
//
//   - Signing Amazon Web Services API Requests (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html)
//
//   - Using the Amazon Cognito user pools API and user pool endpoints (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html)
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Amazon Cognito Identity Provider's
// API operation ListUserPoolClients for usage and error information.
//
// Returned Error Types:
//
//   - InvalidParameterException
//     This exception is thrown when the Amazon Cognito service encounters an invalid
//     parameter.
//
//   - ResourceNotFoundException
//     This exception is thrown when the Amazon Cognito service can't find the requested
//     resource.
//
//   - TooManyRequestsException
//     This exception is thrown when the user has made too many requests for a given
//     operation.
//
//   - NotAuthorizedException
//     This exception is thrown when a user isn't authorized.
//
//   - InternalErrorException
//     This exception is thrown when Amazon Cognito encounters an internal error.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/ListUserPoolClients
func (c *CognitoIdentityProvider) ListUserPoolClients(input *ListUserPoolClientsInput) (*ListUserPoolClientsOutput, error) {
	req, out := c.ListUserPoolClientsRequest(input)
	return out, req.Send()
}

// ListUserPoolClientsWithContext is the same as ListUserPoolClients with the addition of
// the ability to pass a context and additional request options.
//
// See ListUserPoolClients for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) ListUserPoolClientsWithContext(ctx aws.Context, input *ListUserPoolClientsInput, opts ...request.Option) (*ListUserPoolClientsOutput, error) {
	req, out := c.ListUserPoolClientsRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

// ListUserPoolClientsPages iterates over the pages of a ListUserPoolClients operation,
// calling the "fn" function with the response data for each page. To stop
// iterating, return false from the fn function.
//
// See ListUserPoolClients method for more information on how to use this operation.
//
// Note: This operation can generate multiple requests to a service.
//
//	// Example iterating over at most 3 pages of a ListUserPoolClients operation.
//	pageNum := 0
//	err := client.ListUserPoolClientsPages(params,
//	    func(page *cognitoidentityprovider.ListUserPoolClientsOutput, lastPage bool) bool {
//	        pageNum++
//	        fmt.Println(page)
//	        return pageNum <= 3
//	    })
func (c *CognitoIdentityProvider) ListUserPoolClientsPages(input *ListUserPoolClientsInput, fn func(*ListUserPoolClientsOutput, bool) bool) error {
	return c.ListUserPoolClientsPagesWithContext(aws.BackgroundContext(), input, fn)
}

// ListUserPoolClientsPagesWithContext same as ListUserPoolClientsPages except
// it takes a Context and allows setting request options on the pages.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) ListUserPoolClientsPagesWithContext(ctx aws.Context, input *ListUserPoolClientsInput, fn func(*ListUserPoolClientsOutput, bool) bool, opts ...request.Option) error {
	p := request.Pagination{
		NewRequest: func() (*request.Request, error) {
			var inCpy *ListUserPoolClientsInput
			if input != nil {
				tmp := *input
				inCpy = &tmp
			}
			req, _ := c.ListUserPoolClientsRequest(inCpy)
			req.SetContext(ctx)
			req.ApplyOptions(opts...)
			return req, nil
		},
	}

	for p.Next() {
		if !fn(p.Page().(*ListUserPoolClientsOutput), !p.HasNextPage()) {
			break
		}
	}

	return p.Err()
}

const opListUserPools = "ListUserPools"

// ListUserPoolsRequest generates a "aws/request.Request" representing the
// client's request for the ListUserPools operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See ListUserPools for more information on using the ListUserPools
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the ListUserPoolsRequest method.
//	req, resp := client.ListUserPoolsRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/ListUserPools
func (c *CognitoIdentityProvider) ListUserPoolsRequest(input *ListUserPoolsInput) (req *request.Request, output *ListUserPoolsOutput) {
	op := &request.Operation{
		Name:       opListUserPools,
		HTTPMethod: "POST",
		HTTPPath:   "/",
		Paginator: &request.Paginator{
			InputTokens:     []string{"NextToken"},
			OutputTokens:    []string{"NextToken"},
			LimitToken:      "MaxResults",
			TruncationToken: "",
		},
	}

	if input == nil {
		input = &ListUserPoolsInput{}
	}

	output = &ListUserPoolsOutput{}
	req = c.newRequest(op, input, output)
	return
}

// ListUserPools API operation for Amazon Cognito Identity Provider.
//
// Lists the user pools associated with an Amazon Web Services account.
//
// Amazon Cognito evaluates Identity and Access Management (IAM) policies in
// requests for this API operation. For this operation, you must use IAM credentials
// to authorize requests, and you must grant yourself the corresponding IAM
// permission in a policy.
//
// Learn more
//
//   - Signing Amazon Web Services API Requests (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html)
//
//   - Using the Amazon Cognito user pools API and user pool endpoints (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html)
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Amazon Cognito Identity Provider's
// API operation ListUserPools for usage and error information.
//
// Returned Error Types:
//
//   - InvalidParameterException
//     This exception is thrown when the Amazon Cognito service encounters an invalid
//     parameter.
//
//   - TooManyRequestsException
//     This exception is thrown when the user has made too many requests for a given
//     operation.
//
//   - NotAuthorizedException
//     This exception is thrown when a user isn't authorized.
//
//   - InternalErrorException
//     This exception is thrown when Amazon Cognito encounters an internal error.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/ListUserPools
func (c *CognitoIdentityProvider) ListUserPools(input *ListUserPoolsInput) (*ListUserPoolsOutput, error) {
	req, out := c.ListUserPoolsRequest(input)
	return out, req.Send()
}

// ListUserPoolsWithContext is the same as ListUserPools with the addition of
// the ability to pass a context and additional request options.
//
// See ListUserPools for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) ListUserPoolsWithContext(ctx aws.Context, input *ListUserPoolsInput, opts ...request.Option) (*ListUserPoolsOutput, error) {
	req, out := c.ListUserPoolsRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

// ListUserPoolsPages iterates over the pages of a ListUserPools operation,
// calling the "fn" function with the response data for each page. To stop
// iterating, return false from the fn function.
//
// See ListUserPools method for more information on how to use this operation.
//
// Note: This operation can generate multiple requests to a service.
//
//	// Example iterating over at most 3 pages of a ListUserPools operation.
//	pageNum := 0
//	err := client.ListUserPoolsPages(params,
//	    func(page *cognitoidentityprovider.ListUserPoolsOutput, lastPage bool) bool {
//	        pageNum++
//	        fmt.Println(page)
//	        return pageNum <= 3
//	    })
func (c *CognitoIdentityProvider) ListUserPoolsPages(input *ListUserPoolsInput, fn func(*ListUserPoolsOutput, bool) bool) error {
	return c.ListUserPoolsPagesWithContext(aws.BackgroundContext(), input, fn)
}

// ListUserPoolsPagesWithContext same as ListUserPoolsPages except
// it takes a Context and allows setting request options on the pages.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) ListUserPoolsPagesWithContext(ctx aws.Context, input *ListUserPoolsInput, fn func(*ListUserPoolsOutput, bool) bool, opts ...request.Option) error {
	p := request.Pagination{
		NewRequest: func() (*request.Request, error) {
			var inCpy *ListUserPoolsInput
			if input != nil {
				tmp := *input
				inCpy = &tmp
			}
			req, _ := c.ListUserPoolsRequest(inCpy)
			req.SetContext(ctx)
			req.ApplyOptions(opts...)
			return req, nil
		},
	}

	for p.Next() {
		if !fn(p.Page().(*ListUserPoolsOutput), !p.HasNextPage()) {
			break
		}
	}

	return p.Err()
}

const opListUsers = "ListUsers"

// ListUsersRequest generates a "aws/request.Request" representing the
// client's request for the ListUsers operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See ListUsers for more information on using the ListUsers
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the ListUsersRequest method.
//	req, resp := client.ListUsersRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/ListUsers
func (c *CognitoIdentityProvider) ListUsersRequest(input *ListUsersInput) (req *request.Request, output *ListUsersOutput) {
	op := &request.Operation{
		Name:       opListUsers,
		HTTPMethod: "POST",
		HTTPPath:   "/",
		Paginator: &request.Paginator{
			InputTokens:     []string{"PaginationToken"},
			OutputTokens:    []string{"PaginationToken"},
			LimitToken:      "Limit",
			TruncationToken: "",
		},
	}

	if input == nil {
		input = &ListUsersInput{}
	}

	output = &ListUsersOutput{}
	req = c.newRequest(op, input, output)
	return
}

// ListUsers API operation for Amazon Cognito Identity Provider.
//
// Lists users and their basic details in a user pool.
//
// Amazon Cognito evaluates Identity and Access Management (IAM) policies in
// requests for this API operation. For this operation, you must use IAM credentials
// to authorize requests, and you must grant yourself the corresponding IAM
// permission in a policy.
//
// Learn more
//
//   - Signing Amazon Web Services API Requests (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html)
//
//   - Using the Amazon Cognito user pools API and user pool endpoints (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html)
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Amazon Cognito Identity Provider's
// API operation ListUsers for usage and error information.
//
// Returned Error Types:
//
//   - InvalidParameterException
//     This exception is thrown when the Amazon Cognito service encounters an invalid
//     parameter.
//
//   - ResourceNotFoundException
//     This exception is thrown when the Amazon Cognito service can't find the requested
//     resource.
//
//   - TooManyRequestsException
//     This exception is thrown when the user has made too many requests for a given
//     operation.
//
//   - NotAuthorizedException
//     This exception is thrown when a user isn't authorized.
//
//   - InternalErrorException
//     This exception is thrown when Amazon Cognito encounters an internal error.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/ListUsers
func (c *CognitoIdentityProvider) ListUsers(input *ListUsersInput) (*ListUsersOutput, error) {
	req, out := c.ListUsersRequest(input)
	return out, req.Send()
}

// ListUsersWithContext is the same as ListUsers with the addition of
// the ability to pass a context and additional request options.
//
// See ListUsers for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) ListUsersWithContext(ctx aws.Context, input *ListUsersInput, opts ...request.Option) (*ListUsersOutput, error) {
	req, out := c.ListUsersRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

// ListUsersPages iterates over the pages of a ListUsers operation,
// calling the "fn" function with the response data for each page. To stop
// iterating, return false from the fn function.
//
// See ListUsers method for more information on how to use this operation.
//
// Note: This operation can generate multiple requests to a service.
//
//	// Example iterating over at most 3 pages of a ListUsers operation.
//	pageNum := 0
//	err := client.ListUsersPages(params,
//	    func(page *cognitoidentityprovider.ListUsersOutput, lastPage bool) bool {
//	        pageNum++
//	        fmt.Println(page)
//	        return pageNum <= 3
//	    })
func (c *CognitoIdentityProvider) ListUsersPages(input *ListUsersInput, fn func(*ListUsersOutput, bool) bool) error {
	return c.ListUsersPagesWithContext(aws.BackgroundContext(), input, fn)
}

// ListUsersPagesWithContext same as ListUsersPages except
// it takes a Context and allows setting request options on the pages.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) ListUsersPagesWithContext(ctx aws.Context, input *ListUsersInput, fn func(*ListUsersOutput, bool) bool, opts ...request.Option) error {
	p := request.Pagination{
		NewRequest: func() (*request.Request, error) {
			var inCpy *ListUsersInput
			if input != nil {
				tmp := *input
				inCpy = &tmp
			}
			req, _ := c.ListUsersRequest(inCpy)
			req.SetContext(ctx)
			req.ApplyOptions(opts...)
			return req, nil
		},
	}

	for p.Next() {
		if !fn(p.Page().(*ListUsersOutput), !p.HasNextPage()) {
			break
		}
	}

	return p.Err()
}

const opListUsersInGroup = "ListUsersInGroup"

// ListUsersInGroupRequest generates a "aws/request.Request" representing the
// client's request for the ListUsersInGroup operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See ListUsersInGroup for more information on using the ListUsersInGroup
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the ListUsersInGroupRequest method.
//	req, resp := client.ListUsersInGroupRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/ListUsersInGroup
func (c *CognitoIdentityProvider) ListUsersInGroupRequest(input *ListUsersInGroupInput) (req *request.Request, output *ListUsersInGroupOutput) {
	op := &request.Operation{
		Name:       opListUsersInGroup,
		HTTPMethod: "POST",
		HTTPPath:   "/",
		Paginator: &request.Paginator{
			InputTokens:     []string{"NextToken"},
			OutputTokens:    []string{"NextToken"},
			LimitToken:      "Limit",
			TruncationToken: "",
		},
	}

	if input == nil {
		input = &ListUsersInGroupInput{}
	}

	output = &ListUsersInGroupOutput{}
	req = c.newRequest(op, input, output)
	return
}

// ListUsersInGroup API operation for Amazon Cognito Identity Provider.
//
// Lists the users in the specified group.
//
// Amazon Cognito evaluates Identity and Access Management (IAM) policies in
// requests for this API operation. For this operation, you must use IAM credentials
// to authorize requests, and you must grant yourself the corresponding IAM
// permission in a policy.
//
// Learn more
//
//   - Signing Amazon Web Services API Requests (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html)
//
//   - Using the Amazon Cognito user pools API and user pool endpoints (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html)
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Amazon Cognito Identity Provider's
// API operation ListUsersInGroup for usage and error information.
//
// Returned Error Types:
//
//   - InvalidParameterException
//     This exception is thrown when the Amazon Cognito service encounters an invalid
//     parameter.
//
//   - ResourceNotFoundException
//     This exception is thrown when the Amazon Cognito service can't find the requested
//     resource.
//
//   - TooManyRequestsException
//     This exception is thrown when the user has made too many requests for a given
//     operation.
//
//   - NotAuthorizedException
//     This exception is thrown when a user isn't authorized.
//
//   - InternalErrorException
//     This exception is thrown when Amazon Cognito encounters an internal error.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/ListUsersInGroup
func (c *CognitoIdentityProvider) ListUsersInGroup(input *ListUsersInGroupInput) (*ListUsersInGroupOutput, error) {
	req, out := c.ListUsersInGroupRequest(input)
	return out, req.Send()
}

// ListUsersInGroupWithContext is the same as ListUsersInGroup with the addition of
// the ability to pass a context and additional request options.
//
// See ListUsersInGroup for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) ListUsersInGroupWithContext(ctx aws.Context, input *ListUsersInGroupInput, opts ...request.Option) (*ListUsersInGroupOutput, error) {
	req, out := c.ListUsersInGroupRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

// ListUsersInGroupPages iterates over the pages of a ListUsersInGroup operation,
// calling the "fn" function with the response data for each page. To stop
// iterating, return false from the fn function.
//
// See ListUsersInGroup method for more information on how to use this operation.
//
// Note: This operation can generate multiple requests to a service.
//
//	// Example iterating over at most 3 pages of a ListUsersInGroup operation.
//	pageNum := 0
//	err := client.ListUsersInGroupPages(params,
//	    func(page *cognitoidentityprovider.ListUsersInGroupOutput, lastPage bool) bool {
//	        pageNum++
//	        fmt.Println(page)
//	        return pageNum <= 3
//	    })
func (c *CognitoIdentityProvider) ListUsersInGroupPages(input *ListUsersInGroupInput, fn func(*ListUsersInGroupOutput, bool) bool) error {
	return c.ListUsersInGroupPagesWithContext(aws.BackgroundContext(), input, fn)
}

// ListUsersInGroupPagesWithContext same as ListUsersInGroupPages except
// it takes a Context and allows setting request options on the pages.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) ListUsersInGroupPagesWithContext(ctx aws.Context, input *ListUsersInGroupInput, fn func(*ListUsersInGroupOutput, bool) bool, opts ...request.Option) error {
	p := request.Pagination{
		NewRequest: func() (*request.Request, error) {
			var inCpy *ListUsersInGroupInput
			if input != nil {
				tmp := *input
				inCpy = &tmp
			}
			req, _ := c.ListUsersInGroupRequest(inCpy)
			req.SetContext(ctx)
			req.ApplyOptions(opts...)
			return req, nil
		},
	}

	for p.Next() {
		if !fn(p.Page().(*ListUsersInGroupOutput), !p.HasNextPage()) {
			break
		}
	}

	return p.Err()
}

const opResendConfirmationCode = "ResendConfirmationCode"

// ResendConfirmationCodeRequest generates a "aws/request.Request" representing the
// client's request for the ResendConfirmationCode operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See ResendConfirmationCode for more information on using the ResendConfirmationCode
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the ResendConfirmationCodeRequest method.
//	req, resp := client.ResendConfirmationCodeRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/ResendConfirmationCode
func (c *CognitoIdentityProvider) ResendConfirmationCodeRequest(input *ResendConfirmationCodeInput) (req *request.Request, output *ResendConfirmationCodeOutput) {
	op := &request.Operation{
		Name:       opResendConfirmationCode,
		HTTPMethod: "POST",
		HTTPPath:   "/",
	}

	if input == nil {
		input = &ResendConfirmationCodeInput{}
	}

	output = &ResendConfirmationCodeOutput{}
	req = c.newRequest(op, input, output)
	req.Config.Credentials = credentials.AnonymousCredentials
	return
}

// ResendConfirmationCode API operation for Amazon Cognito Identity Provider.
//
// Resends the confirmation (for confirmation of registration) to a specific
// user in the user pool.
//
// Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies
// in requests for this API operation. For this operation, you can't use IAM
// credentials to authorize requests, and you can't grant IAM permissions in
// policies. For more information about authorization models in Amazon Cognito,
// see Using the Amazon Cognito native and OIDC APIs (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html).
//
// This action might generate an SMS text message. Starting June 1, 2021, US
// telecom carriers require you to register an origination phone number before
// you can send SMS messages to US phone numbers. If you use SMS text messages
// in Amazon Cognito, you must register a phone number with Amazon Pinpoint
// (https://console.aws.amazon.com/pinpoint/home/). Amazon Cognito uses the
// registered number automatically. Otherwise, Amazon Cognito users who must
// receive SMS messages might not be able to sign up, activate their accounts,
// or sign in.
//
// If you have never used SMS text messages with Amazon Cognito or any other
// Amazon Web Service, Amazon Simple Notification Service might place your account
// in the SMS sandbox. In sandbox mode (https://docs.aws.amazon.com/sns/latest/dg/sns-sms-sandbox.html)
// , you can send messages only to verified phone numbers. After you test your
// app while in the sandbox environment, you can move out of the sandbox and
// into production. For more information, see SMS message settings for Amazon
// Cognito user pools (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-sms-settings.html)
// in the Amazon Cognito Developer Guide.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Amazon Cognito Identity Provider's
// API operation ResendConfirmationCode for usage and error information.
//
// Returned Error Types:
//
//   - ResourceNotFoundException
//     This exception is thrown when the Amazon Cognito service can't find the requested
//     resource.
//
//   - InvalidParameterException
//     This exception is thrown when the Amazon Cognito service encounters an invalid
//     parameter.
//
//   - UnexpectedLambdaException
//     This exception is thrown when Amazon Cognito encounters an unexpected exception
//     with Lambda.
//
//   - UserLambdaValidationException
//     This exception is thrown when the Amazon Cognito service encounters a user
//     validation exception with the Lambda service.
//
//   - NotAuthorizedException
//     This exception is thrown when a user isn't authorized.
//
//   - InvalidLambdaResponseException
//     This exception is thrown when Amazon Cognito encounters an invalid Lambda
//     response.
//
//   - TooManyRequestsException
//     This exception is thrown when the user has made too many requests for a given
//     operation.
//
//   - LimitExceededException
//     This exception is thrown when a user exceeds the limit for a requested Amazon
//     Web Services resource.
//
//   - InvalidSmsRoleAccessPolicyException
//     This exception is returned when the role provided for SMS configuration doesn't
//     have permission to publish using Amazon SNS.
//
//   - InvalidSmsRoleTrustRelationshipException
//     This exception is thrown when the trust relationship is not valid for the
//     role provided for SMS configuration. This can happen if you don't trust cognito-idp.amazonaws.com
//     or the external ID provided in the role does not match what is provided in
//     the SMS configuration for the user pool.
//
//   - InvalidEmailRoleAccessPolicyException
//     This exception is thrown when Amazon Cognito isn't allowed to use your email
//     identity. HTTP status code: 400.
//
//   - CodeDeliveryFailureException
//     This exception is thrown when a verification code fails to deliver successfully.
//
//   - UserNotFoundException
//     This exception is thrown when a user isn't found.
//
//   - InternalErrorException
//     This exception is thrown when Amazon Cognito encounters an internal error.
//
//   - ForbiddenException
//     This exception is thrown when WAF doesn't allow your request based on a web
//     ACL that's associated with your user pool.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/ResendConfirmationCode
func (c *CognitoIdentityProvider) ResendConfirmationCode(input *ResendConfirmationCodeInput) (*ResendConfirmationCodeOutput, error) {
	req, out := c.ResendConfirmationCodeRequest(input)
	return out, req.Send()
}

// ResendConfirmationCodeWithContext is the same as ResendConfirmationCode with the addition of
// the ability to pass a context and additional request options.
//
// See ResendConfirmationCode for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) ResendConfirmationCodeWithContext(ctx aws.Context, input *ResendConfirmationCodeInput, opts ...request.Option) (*ResendConfirmationCodeOutput, error) {
	req, out := c.ResendConfirmationCodeRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opRespondToAuthChallenge = "RespondToAuthChallenge"

// RespondToAuthChallengeRequest generates a "aws/request.Request" representing the
// client's request for the RespondToAuthChallenge operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See RespondToAuthChallenge for more information on using the RespondToAuthChallenge
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the RespondToAuthChallengeRequest method.
//	req, resp := client.RespondToAuthChallengeRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/RespondToAuthChallenge
func (c *CognitoIdentityProvider) RespondToAuthChallengeRequest(input *RespondToAuthChallengeInput) (req *request.Request, output *RespondToAuthChallengeOutput) {
	op := &request.Operation{
		Name:       opRespondToAuthChallenge,
		HTTPMethod: "POST",
		HTTPPath:   "/",
	}

	if input == nil {
		input = &RespondToAuthChallengeInput{}
	}

	output = &RespondToAuthChallengeOutput{}
	req = c.newRequest(op, input, output)
	req.Config.Credentials = credentials.AnonymousCredentials
	return
}

// RespondToAuthChallenge API operation for Amazon Cognito Identity Provider.
//
// Some API operations in a user pool generate a challenge, like a prompt for
// an MFA code, for device authentication that bypasses MFA, or for a custom
// authentication challenge. A RespondToAuthChallenge API request provides the
// answer to that challenge, like a code or a secure remote password (SRP).
// The parameters of a response to an authentication challenge vary with the
// type of challenge.
//
// For more information about custom authentication challenges, see Custom authentication
// challenge Lambda triggers (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-challenge.html).
//
// Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies
// in requests for this API operation. For this operation, you can't use IAM
// credentials to authorize requests, and you can't grant IAM permissions in
// policies. For more information about authorization models in Amazon Cognito,
// see Using the Amazon Cognito native and OIDC APIs (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html).
//
// This action might generate an SMS text message. Starting June 1, 2021, US
// telecom carriers require you to register an origination phone number before
// you can send SMS messages to US phone numbers. If you use SMS text messages
// in Amazon Cognito, you must register a phone number with Amazon Pinpoint
// (https://console.aws.amazon.com/pinpoint/home/). Amazon Cognito uses the
// registered number automatically. Otherwise, Amazon Cognito users who must
// receive SMS messages might not be able to sign up, activate their accounts,
// or sign in.
//
// If you have never used SMS text messages with Amazon Cognito or any other
// Amazon Web Service, Amazon Simple Notification Service might place your account
// in the SMS sandbox. In sandbox mode (https://docs.aws.amazon.com/sns/latest/dg/sns-sms-sandbox.html)
// , you can send messages only to verified phone numbers. After you test your
// app while in the sandbox environment, you can move out of the sandbox and
// into production. For more information, see SMS message settings for Amazon
// Cognito user pools (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-sms-settings.html)
// in the Amazon Cognito Developer Guide.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Amazon Cognito Identity Provider's
// API operation RespondToAuthChallenge for usage and error information.
//
// Returned Error Types:
//
//   - ResourceNotFoundException
//     This exception is thrown when the Amazon Cognito service can't find the requested
//     resource.
//
//   - InvalidParameterException
//     This exception is thrown when the Amazon Cognito service encounters an invalid
//     parameter.
//
//   - NotAuthorizedException
//     This exception is thrown when a user isn't authorized.
//
//   - CodeMismatchException
//     This exception is thrown if the provided code doesn't match what the server
//     was expecting.
//
//   - ExpiredCodeException
//     This exception is thrown if a code has expired.
//
//   - UnexpectedLambdaException
//     This exception is thrown when Amazon Cognito encounters an unexpected exception
//     with Lambda.
//
//   - UserLambdaValidationException
//     This exception is thrown when the Amazon Cognito service encounters a user
//     validation exception with the Lambda service.
//
//   - InvalidPasswordException
//     This exception is thrown when Amazon Cognito encounters an invalid password.
//
//   - InvalidLambdaResponseException
//     This exception is thrown when Amazon Cognito encounters an invalid Lambda
//     response.
//
//   - TooManyRequestsException
//     This exception is thrown when the user has made too many requests for a given
//     operation.
//
//   - InvalidUserPoolConfigurationException
//     This exception is thrown when the user pool configuration is not valid.
//
//   - MFAMethodNotFoundException
//     This exception is thrown when Amazon Cognito can't find a multi-factor authentication
//     (MFA) method.
//
//   - PasswordResetRequiredException
//     This exception is thrown when a password reset is required.
//
//   - UserNotFoundException
//     This exception is thrown when a user isn't found.
//
//   - UserNotConfirmedException
//     This exception is thrown when a user isn't confirmed successfully.
//
//   - InvalidSmsRoleAccessPolicyException
//     This exception is returned when the role provided for SMS configuration doesn't
//     have permission to publish using Amazon SNS.
//
//   - InvalidSmsRoleTrustRelationshipException
//     This exception is thrown when the trust relationship is not valid for the
//     role provided for SMS configuration. This can happen if you don't trust cognito-idp.amazonaws.com
//     or the external ID provided in the role does not match what is provided in
//     the SMS configuration for the user pool.
//
//   - AliasExistsException
//     This exception is thrown when a user tries to confirm the account with an
//     email address or phone number that has already been supplied as an alias
//     for a different user profile. This exception indicates that an account with
//     this email address or phone already exists in a user pool that you've configured
//     to use email address or phone number as a sign-in alias.
//
//   - InternalErrorException
//     This exception is thrown when Amazon Cognito encounters an internal error.
//
//   - SoftwareTokenMFANotFoundException
//     This exception is thrown when the software token time-based one-time password
//     (TOTP) multi-factor authentication (MFA) isn't activated for the user pool.
//
//   - ForbiddenException
//     This exception is thrown when WAF doesn't allow your request based on a web
//     ACL that's associated with your user pool.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/RespondToAuthChallenge
func (c *CognitoIdentityProvider) RespondToAuthChallenge(input *RespondToAuthChallengeInput) (*RespondToAuthChallengeOutput, error) {
	req, out := c.RespondToAuthChallengeRequest(input)
	return out, req.Send()
}

// RespondToAuthChallengeWithContext is the same as RespondToAuthChallenge with the addition of
// the ability to pass a context and additional request options.
//
// See RespondToAuthChallenge for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) RespondToAuthChallengeWithContext(ctx aws.Context, input *RespondToAuthChallengeInput, opts ...request.Option) (*RespondToAuthChallengeOutput, error) {
	req, out := c.RespondToAuthChallengeRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opRevokeToken = "RevokeToken"

// RevokeTokenRequest generates a "aws/request.Request" representing the
// client's request for the RevokeToken operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See RevokeToken for more information on using the RevokeToken
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the RevokeTokenRequest method.
//	req, resp := client.RevokeTokenRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/RevokeToken
func (c *CognitoIdentityProvider) RevokeTokenRequest(input *RevokeTokenInput) (req *request.Request, output *RevokeTokenOutput) {
	op := &request.Operation{
		Name:       opRevokeToken,
		HTTPMethod: "POST",
		HTTPPath:   "/",
	}

	if input == nil {
		input = &RevokeTokenInput{}
	}

	output = &RevokeTokenOutput{}
	req = c.newRequest(op, input, output)
	req.Config.Credentials = credentials.AnonymousCredentials
	req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
	return
}

// RevokeToken API operation for Amazon Cognito Identity Provider.
//
// Revokes all of the access tokens generated by, and at the same time as, the
// specified refresh token. After a token is revoked, you can't use the revoked
// token to access Amazon Cognito user APIs, or to authorize access to your
// resource server.
//
// Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies
// in requests for this API operation. For this operation, you can't use IAM
// credentials to authorize requests, and you can't grant IAM permissions in
// policies. For more information about authorization models in Amazon Cognito,
// see Using the Amazon Cognito native and OIDC APIs (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html).
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Amazon Cognito Identity Provider's
// API operation RevokeToken for usage and error information.
//
// Returned Error Types:
//
//   - TooManyRequestsException
//     This exception is thrown when the user has made too many requests for a given
//     operation.
//
//   - InternalErrorException
//     This exception is thrown when Amazon Cognito encounters an internal error.
//
//   - UnauthorizedException
//     Exception that is thrown when the request isn't authorized. This can happen
//     due to an invalid access token in the request.
//
//   - InvalidParameterException
//     This exception is thrown when the Amazon Cognito service encounters an invalid
//     parameter.
//
//   - UnsupportedOperationException
//     Exception that is thrown when you attempt to perform an operation that isn't
//     enabled for the user pool client.
//
//   - UnsupportedTokenTypeException
//     Exception that is thrown when an unsupported token is passed to an operation.
//
//   - ForbiddenException
//     This exception is thrown when WAF doesn't allow your request based on a web
//     ACL that's associated with your user pool.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/RevokeToken
func (c *CognitoIdentityProvider) RevokeToken(input *RevokeTokenInput) (*RevokeTokenOutput, error) {
	req, out := c.RevokeTokenRequest(input)
	return out, req.Send()
}

// RevokeTokenWithContext is the same as RevokeToken with the addition of
// the ability to pass a context and additional request options.
//
// See RevokeToken for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) RevokeTokenWithContext(ctx aws.Context, input *RevokeTokenInput, opts ...request.Option) (*RevokeTokenOutput, error) {
	req, out := c.RevokeTokenRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opSetLogDeliveryConfiguration = "SetLogDeliveryConfiguration"

// SetLogDeliveryConfigurationRequest generates a "aws/request.Request" representing the
// client's request for the SetLogDeliveryConfiguration operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See SetLogDeliveryConfiguration for more information on using the SetLogDeliveryConfiguration
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the SetLogDeliveryConfigurationRequest method.
//	req, resp := client.SetLogDeliveryConfigurationRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/SetLogDeliveryConfiguration
func (c *CognitoIdentityProvider) SetLogDeliveryConfigurationRequest(input *SetLogDeliveryConfigurationInput) (req *request.Request, output *SetLogDeliveryConfigurationOutput) {
	op := &request.Operation{
		Name:       opSetLogDeliveryConfiguration,
		HTTPMethod: "POST",
		HTTPPath:   "/",
	}

	if input == nil {
		input = &SetLogDeliveryConfigurationInput{}
	}

	output = &SetLogDeliveryConfigurationOutput{}
	req = c.newRequest(op, input, output)
	return
}

// SetLogDeliveryConfiguration API operation for Amazon Cognito Identity Provider.
//
// Sets up or modifies the detailed activity logging configuration of a user
// pool.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Amazon Cognito Identity Provider's
// API operation SetLogDeliveryConfiguration for usage and error information.
//
// Returned Error Types:
//
//   - InvalidParameterException
//     This exception is thrown when the Amazon Cognito service encounters an invalid
//     parameter.
//
//   - InternalErrorException
//     This exception is thrown when Amazon Cognito encounters an internal error.
//
//   - TooManyRequestsException
//     This exception is thrown when the user has made too many requests for a given
//     operation.
//
//   - NotAuthorizedException
//     This exception is thrown when a user isn't authorized.
//
//   - ResourceNotFoundException
//     This exception is thrown when the Amazon Cognito service can't find the requested
//     resource.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/SetLogDeliveryConfiguration
func (c *CognitoIdentityProvider) SetLogDeliveryConfiguration(input *SetLogDeliveryConfigurationInput) (*SetLogDeliveryConfigurationOutput, error) {
	req, out := c.SetLogDeliveryConfigurationRequest(input)
	return out, req.Send()
}

// SetLogDeliveryConfigurationWithContext is the same as SetLogDeliveryConfiguration with the addition of
// the ability to pass a context and additional request options.
//
// See SetLogDeliveryConfiguration for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) SetLogDeliveryConfigurationWithContext(ctx aws.Context, input *SetLogDeliveryConfigurationInput, opts ...request.Option) (*SetLogDeliveryConfigurationOutput, error) {
	req, out := c.SetLogDeliveryConfigurationRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opSetRiskConfiguration = "SetRiskConfiguration"

// SetRiskConfigurationRequest generates a "aws/request.Request" representing the
// client's request for the SetRiskConfiguration operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See SetRiskConfiguration for more information on using the SetRiskConfiguration
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the SetRiskConfigurationRequest method.
//	req, resp := client.SetRiskConfigurationRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/SetRiskConfiguration
func (c *CognitoIdentityProvider) SetRiskConfigurationRequest(input *SetRiskConfigurationInput) (req *request.Request, output *SetRiskConfigurationOutput) {
	op := &request.Operation{
		Name:       opSetRiskConfiguration,
		HTTPMethod: "POST",
		HTTPPath:   "/",
	}

	if input == nil {
		input = &SetRiskConfigurationInput{}
	}

	output = &SetRiskConfigurationOutput{}
	req = c.newRequest(op, input, output)
	return
}

// SetRiskConfiguration API operation for Amazon Cognito Identity Provider.
//
// Configures actions on detected risks. To delete the risk configuration for
// UserPoolId or ClientId, pass null values for all four configuration types.
//
// To activate Amazon Cognito advanced security features, update the user pool
// to include the UserPoolAddOns keyAdvancedSecurityMode.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Amazon Cognito Identity Provider's
// API operation SetRiskConfiguration for usage and error information.
//
// Returned Error Types:
//
//   - ResourceNotFoundException
//     This exception is thrown when the Amazon Cognito service can't find the requested
//     resource.
//
//   - InvalidParameterException
//     This exception is thrown when the Amazon Cognito service encounters an invalid
//     parameter.
//
//   - TooManyRequestsException
//     This exception is thrown when the user has made too many requests for a given
//     operation.
//
//   - NotAuthorizedException
//     This exception is thrown when a user isn't authorized.
//
//   - UserPoolAddOnNotEnabledException
//     This exception is thrown when user pool add-ons aren't enabled.
//
//   - CodeDeliveryFailureException
//     This exception is thrown when a verification code fails to deliver successfully.
//
//   - InvalidEmailRoleAccessPolicyException
//     This exception is thrown when Amazon Cognito isn't allowed to use your email
//     identity. HTTP status code: 400.
//
//   - InternalErrorException
//     This exception is thrown when Amazon Cognito encounters an internal error.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/SetRiskConfiguration
func (c *CognitoIdentityProvider) SetRiskConfiguration(input *SetRiskConfigurationInput) (*SetRiskConfigurationOutput, error) {
	req, out := c.SetRiskConfigurationRequest(input)
	return out, req.Send()
}

// SetRiskConfigurationWithContext is the same as SetRiskConfiguration with the addition of
// the ability to pass a context and additional request options.
//
// See SetRiskConfiguration for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) SetRiskConfigurationWithContext(ctx aws.Context, input *SetRiskConfigurationInput, opts ...request.Option) (*SetRiskConfigurationOutput, error) {
	req, out := c.SetRiskConfigurationRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opSetUICustomization = "SetUICustomization"

// SetUICustomizationRequest generates a "aws/request.Request" representing the
// client's request for the SetUICustomization operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See SetUICustomization for more information on using the SetUICustomization
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the SetUICustomizationRequest method.
//	req, resp := client.SetUICustomizationRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/SetUICustomization
func (c *CognitoIdentityProvider) SetUICustomizationRequest(input *SetUICustomizationInput) (req *request.Request, output *SetUICustomizationOutput) {
	op := &request.Operation{
		Name:       opSetUICustomization,
		HTTPMethod: "POST",
		HTTPPath:   "/",
	}

	if input == nil {
		input = &SetUICustomizationInput{}
	}

	output = &SetUICustomizationOutput{}
	req = c.newRequest(op, input, output)
	return
}

// SetUICustomization API operation for Amazon Cognito Identity Provider.
//
// Sets the user interface (UI) customization information for a user pool's
// built-in app UI.
//
// You can specify app UI customization settings for a single client (with a
// specific clientId) or for all clients (by setting the clientId to ALL). If
// you specify ALL, the default configuration is used for every client that
// has no previously set UI customization. If you specify UI customization settings
// for a particular client, it will no longer return to the ALL configuration.
//
// To use this API, your user pool must have a domain associated with it. Otherwise,
// there is no place to host the app's pages, and the service will throw an
// error.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Amazon Cognito Identity Provider's
// API operation SetUICustomization for usage and error information.
//
// Returned Error Types:
//
//   - InvalidParameterException
//     This exception is thrown when the Amazon Cognito service encounters an invalid
//     parameter.
//
//   - ResourceNotFoundException
//     This exception is thrown when the Amazon Cognito service can't find the requested
//     resource.
//
//   - NotAuthorizedException
//     This exception is thrown when a user isn't authorized.
//
//   - TooManyRequestsException
//     This exception is thrown when the user has made too many requests for a given
//     operation.
//
//   - InternalErrorException
//     This exception is thrown when Amazon Cognito encounters an internal error.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/SetUICustomization
func (c *CognitoIdentityProvider) SetUICustomization(input *SetUICustomizationInput) (*SetUICustomizationOutput, error) {
	req, out := c.SetUICustomizationRequest(input)
	return out, req.Send()
}

// SetUICustomizationWithContext is the same as SetUICustomization with the addition of
// the ability to pass a context and additional request options.
//
// See SetUICustomization for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) SetUICustomizationWithContext(ctx aws.Context, input *SetUICustomizationInput, opts ...request.Option) (*SetUICustomizationOutput, error) {
	req, out := c.SetUICustomizationRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opSetUserMFAPreference = "SetUserMFAPreference"

// SetUserMFAPreferenceRequest generates a "aws/request.Request" representing the
// client's request for the SetUserMFAPreference operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See SetUserMFAPreference for more information on using the SetUserMFAPreference
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the SetUserMFAPreferenceRequest method.
//	req, resp := client.SetUserMFAPreferenceRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/SetUserMFAPreference
func (c *CognitoIdentityProvider) SetUserMFAPreferenceRequest(input *SetUserMFAPreferenceInput) (req *request.Request, output *SetUserMFAPreferenceOutput) {
	op := &request.Operation{
		Name:       opSetUserMFAPreference,
		HTTPMethod: "POST",
		HTTPPath:   "/",
	}

	if input == nil {
		input = &SetUserMFAPreferenceInput{}
	}

	output = &SetUserMFAPreferenceOutput{}
	req = c.newRequest(op, input, output)
	req.Config.Credentials = credentials.AnonymousCredentials
	req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
	return
}

// SetUserMFAPreference API operation for Amazon Cognito Identity Provider.
//
// Set the user's multi-factor authentication (MFA) method preference, including
// which MFA factors are activated and if any are preferred. Only one factor
// can be set as preferred. The preferred MFA factor will be used to authenticate
// a user if multiple factors are activated. If multiple options are activated
// and no preference is set, a challenge to choose an MFA option will be returned
// during sign-in. If an MFA type is activated for a user, the user will be
// prompted for MFA during all sign-in attempts unless device tracking is turned
// on and the device has been trusted. If you want MFA to be applied selectively
// based on the assessed risk level of sign-in attempts, deactivate MFA for
// users and turn on Adaptive Authentication for the user pool.
//
// Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies
// in requests for this API operation. For this operation, you can't use IAM
// credentials to authorize requests, and you can't grant IAM permissions in
// policies. For more information about authorization models in Amazon Cognito,
// see Using the Amazon Cognito native and OIDC APIs (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html).
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Amazon Cognito Identity Provider's
// API operation SetUserMFAPreference for usage and error information.
//
// Returned Error Types:
//
//   - ResourceNotFoundException
//     This exception is thrown when the Amazon Cognito service can't find the requested
//     resource.
//
//   - InvalidParameterException
//     This exception is thrown when the Amazon Cognito service encounters an invalid
//     parameter.
//
//   - NotAuthorizedException
//     This exception is thrown when a user isn't authorized.
//
//   - PasswordResetRequiredException
//     This exception is thrown when a password reset is required.
//
//   - UserNotFoundException
//     This exception is thrown when a user isn't found.
//
//   - UserNotConfirmedException
//     This exception is thrown when a user isn't confirmed successfully.
//
//   - InternalErrorException
//     This exception is thrown when Amazon Cognito encounters an internal error.
//
//   - ForbiddenException
//     This exception is thrown when WAF doesn't allow your request based on a web
//     ACL that's associated with your user pool.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/SetUserMFAPreference
func (c *CognitoIdentityProvider) SetUserMFAPreference(input *SetUserMFAPreferenceInput) (*SetUserMFAPreferenceOutput, error) {
	req, out := c.SetUserMFAPreferenceRequest(input)
	return out, req.Send()
}

// SetUserMFAPreferenceWithContext is the same as SetUserMFAPreference with the addition of
// the ability to pass a context and additional request options.
//
// See SetUserMFAPreference for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) SetUserMFAPreferenceWithContext(ctx aws.Context, input *SetUserMFAPreferenceInput, opts ...request.Option) (*SetUserMFAPreferenceOutput, error) {
	req, out := c.SetUserMFAPreferenceRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opSetUserPoolMfaConfig = "SetUserPoolMfaConfig"

// SetUserPoolMfaConfigRequest generates a "aws/request.Request" representing the
// client's request for the SetUserPoolMfaConfig operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See SetUserPoolMfaConfig for more information on using the SetUserPoolMfaConfig
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the SetUserPoolMfaConfigRequest method.
//	req, resp := client.SetUserPoolMfaConfigRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/SetUserPoolMfaConfig
func (c *CognitoIdentityProvider) SetUserPoolMfaConfigRequest(input *SetUserPoolMfaConfigInput) (req *request.Request, output *SetUserPoolMfaConfigOutput) {
	op := &request.Operation{
		Name:       opSetUserPoolMfaConfig,
		HTTPMethod: "POST",
		HTTPPath:   "/",
	}

	if input == nil {
		input = &SetUserPoolMfaConfigInput{}
	}

	output = &SetUserPoolMfaConfigOutput{}
	req = c.newRequest(op, input, output)
	return
}

// SetUserPoolMfaConfig API operation for Amazon Cognito Identity Provider.
//
// Sets the user pool multi-factor authentication (MFA) configuration.
//
// This action might generate an SMS text message. Starting June 1, 2021, US
// telecom carriers require you to register an origination phone number before
// you can send SMS messages to US phone numbers. If you use SMS text messages
// in Amazon Cognito, you must register a phone number with Amazon Pinpoint
// (https://console.aws.amazon.com/pinpoint/home/). Amazon Cognito uses the
// registered number automatically. Otherwise, Amazon Cognito users who must
// receive SMS messages might not be able to sign up, activate their accounts,
// or sign in.
//
// If you have never used SMS text messages with Amazon Cognito or any other
// Amazon Web Service, Amazon Simple Notification Service might place your account
// in the SMS sandbox. In sandbox mode (https://docs.aws.amazon.com/sns/latest/dg/sns-sms-sandbox.html)
// , you can send messages only to verified phone numbers. After you test your
// app while in the sandbox environment, you can move out of the sandbox and
// into production. For more information, see SMS message settings for Amazon
// Cognito user pools (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-sms-settings.html)
// in the Amazon Cognito Developer Guide.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Amazon Cognito Identity Provider's
// API operation SetUserPoolMfaConfig for usage and error information.
//
// Returned Error Types:
//
//   - InvalidParameterException
//     This exception is thrown when the Amazon Cognito service encounters an invalid
//     parameter.
//
//   - TooManyRequestsException
//     This exception is thrown when the user has made too many requests for a given
//     operation.
//
//   - ResourceNotFoundException
//     This exception is thrown when the Amazon Cognito service can't find the requested
//     resource.
//
//   - InvalidSmsRoleAccessPolicyException
//     This exception is returned when the role provided for SMS configuration doesn't
//     have permission to publish using Amazon SNS.
//
//   - InvalidSmsRoleTrustRelationshipException
//     This exception is thrown when the trust relationship is not valid for the
//     role provided for SMS configuration. This can happen if you don't trust cognito-idp.amazonaws.com
//     or the external ID provided in the role does not match what is provided in
//     the SMS configuration for the user pool.
//
//   - NotAuthorizedException
//     This exception is thrown when a user isn't authorized.
//
//   - InternalErrorException
//     This exception is thrown when Amazon Cognito encounters an internal error.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/SetUserPoolMfaConfig
func (c *CognitoIdentityProvider) SetUserPoolMfaConfig(input *SetUserPoolMfaConfigInput) (*SetUserPoolMfaConfigOutput, error) {
	req, out := c.SetUserPoolMfaConfigRequest(input)
	return out, req.Send()
}

// SetUserPoolMfaConfigWithContext is the same as SetUserPoolMfaConfig with the addition of
// the ability to pass a context and additional request options.
//
// See SetUserPoolMfaConfig for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) SetUserPoolMfaConfigWithContext(ctx aws.Context, input *SetUserPoolMfaConfigInput, opts ...request.Option) (*SetUserPoolMfaConfigOutput, error) {
	req, out := c.SetUserPoolMfaConfigRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opSetUserSettings = "SetUserSettings"

// SetUserSettingsRequest generates a "aws/request.Request" representing the
// client's request for the SetUserSettings operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See SetUserSettings for more information on using the SetUserSettings
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the SetUserSettingsRequest method.
//	req, resp := client.SetUserSettingsRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/SetUserSettings
func (c *CognitoIdentityProvider) SetUserSettingsRequest(input *SetUserSettingsInput) (req *request.Request, output *SetUserSettingsOutput) {
	op := &request.Operation{
		Name:       opSetUserSettings,
		HTTPMethod: "POST",
		HTTPPath:   "/",
	}

	if input == nil {
		input = &SetUserSettingsInput{}
	}

	output = &SetUserSettingsOutput{}
	req = c.newRequest(op, input, output)
	req.Config.Credentials = credentials.AnonymousCredentials
	req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
	return
}

// SetUserSettings API operation for Amazon Cognito Identity Provider.
//
// This action is no longer supported. You can use it to configure only SMS
// MFA. You can't use it to configure time-based one-time password (TOTP) software
// token MFA. To configure either type of MFA, use SetUserMFAPreference (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_SetUserMFAPreference.html)
// instead.
//
// Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies
// in requests for this API operation. For this operation, you can't use IAM
// credentials to authorize requests, and you can't grant IAM permissions in
// policies. For more information about authorization models in Amazon Cognito,
// see Using the Amazon Cognito native and OIDC APIs (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html).
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Amazon Cognito Identity Provider's
// API operation SetUserSettings for usage and error information.
//
// Returned Error Types:
//
//   - ResourceNotFoundException
//     This exception is thrown when the Amazon Cognito service can't find the requested
//     resource.
//
//   - InvalidParameterException
//     This exception is thrown when the Amazon Cognito service encounters an invalid
//     parameter.
//
//   - NotAuthorizedException
//     This exception is thrown when a user isn't authorized.
//
//   - PasswordResetRequiredException
//     This exception is thrown when a password reset is required.
//
//   - UserNotFoundException
//     This exception is thrown when a user isn't found.
//
//   - UserNotConfirmedException
//     This exception is thrown when a user isn't confirmed successfully.
//
//   - InternalErrorException
//     This exception is thrown when Amazon Cognito encounters an internal error.
//
//   - ForbiddenException
//     This exception is thrown when WAF doesn't allow your request based on a web
//     ACL that's associated with your user pool.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/SetUserSettings
func (c *CognitoIdentityProvider) SetUserSettings(input *SetUserSettingsInput) (*SetUserSettingsOutput, error) {
	req, out := c.SetUserSettingsRequest(input)
	return out, req.Send()
}

// SetUserSettingsWithContext is the same as SetUserSettings with the addition of
// the ability to pass a context and additional request options.
//
// See SetUserSettings for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) SetUserSettingsWithContext(ctx aws.Context, input *SetUserSettingsInput, opts ...request.Option) (*SetUserSettingsOutput, error) {
	req, out := c.SetUserSettingsRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opSignUp = "SignUp"

// SignUpRequest generates a "aws/request.Request" representing the
// client's request for the SignUp operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See SignUp for more information on using the SignUp
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the SignUpRequest method.
//	req, resp := client.SignUpRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/SignUp
func (c *CognitoIdentityProvider) SignUpRequest(input *SignUpInput) (req *request.Request, output *SignUpOutput) {
	op := &request.Operation{
		Name:       opSignUp,
		HTTPMethod: "POST",
		HTTPPath:   "/",
	}

	if input == nil {
		input = &SignUpInput{}
	}

	output = &SignUpOutput{}
	req = c.newRequest(op, input, output)
	req.Config.Credentials = credentials.AnonymousCredentials
	return
}

// SignUp API operation for Amazon Cognito Identity Provider.
//
// Registers the user in the specified user pool and creates a user name, password,
// and user attributes.
//
// Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies
// in requests for this API operation. For this operation, you can't use IAM
// credentials to authorize requests, and you can't grant IAM permissions in
// policies. For more information about authorization models in Amazon Cognito,
// see Using the Amazon Cognito native and OIDC APIs (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html).
//
// This action might generate an SMS text message. Starting June 1, 2021, US
// telecom carriers require you to register an origination phone number before
// you can send SMS messages to US phone numbers. If you use SMS text messages
// in Amazon Cognito, you must register a phone number with Amazon Pinpoint
// (https://console.aws.amazon.com/pinpoint/home/). Amazon Cognito uses the
// registered number automatically. Otherwise, Amazon Cognito users who must
// receive SMS messages might not be able to sign up, activate their accounts,
// or sign in.
//
// If you have never used SMS text messages with Amazon Cognito or any other
// Amazon Web Service, Amazon Simple Notification Service might place your account
// in the SMS sandbox. In sandbox mode (https://docs.aws.amazon.com/sns/latest/dg/sns-sms-sandbox.html)
// , you can send messages only to verified phone numbers. After you test your
// app while in the sandbox environment, you can move out of the sandbox and
// into production. For more information, see SMS message settings for Amazon
// Cognito user pools (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-sms-settings.html)
// in the Amazon Cognito Developer Guide.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Amazon Cognito Identity Provider's
// API operation SignUp for usage and error information.
//
// Returned Error Types:
//
//   - ResourceNotFoundException
//     This exception is thrown when the Amazon Cognito service can't find the requested
//     resource.
//
//   - InvalidParameterException
//     This exception is thrown when the Amazon Cognito service encounters an invalid
//     parameter.
//
//   - UnexpectedLambdaException
//     This exception is thrown when Amazon Cognito encounters an unexpected exception
//     with Lambda.
//
//   - UserLambdaValidationException
//     This exception is thrown when the Amazon Cognito service encounters a user
//     validation exception with the Lambda service.
//
//   - NotAuthorizedException
//     This exception is thrown when a user isn't authorized.
//
//   - InvalidPasswordException
//     This exception is thrown when Amazon Cognito encounters an invalid password.
//
//   - InvalidLambdaResponseException
//     This exception is thrown when Amazon Cognito encounters an invalid Lambda
//     response.
//
//   - UsernameExistsException
//     This exception is thrown when Amazon Cognito encounters a user name that
//     already exists in the user pool.
//
//   - TooManyRequestsException
//     This exception is thrown when the user has made too many requests for a given
//     operation.
//
//   - InternalErrorException
//     This exception is thrown when Amazon Cognito encounters an internal error.
//
//   - InvalidSmsRoleAccessPolicyException
//     This exception is returned when the role provided for SMS configuration doesn't
//     have permission to publish using Amazon SNS.
//
//   - InvalidSmsRoleTrustRelationshipException
//     This exception is thrown when the trust relationship is not valid for the
//     role provided for SMS configuration. This can happen if you don't trust cognito-idp.amazonaws.com
//     or the external ID provided in the role does not match what is provided in
//     the SMS configuration for the user pool.
//
//   - InvalidEmailRoleAccessPolicyException
//     This exception is thrown when Amazon Cognito isn't allowed to use your email
//     identity. HTTP status code: 400.
//
//   - CodeDeliveryFailureException
//     This exception is thrown when a verification code fails to deliver successfully.
//
//   - ForbiddenException
//     This exception is thrown when WAF doesn't allow your request based on a web
//     ACL that's associated with your user pool.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/SignUp
func (c *CognitoIdentityProvider) SignUp(input *SignUpInput) (*SignUpOutput, error) {
	req, out := c.SignUpRequest(input)
	return out, req.Send()
}

// SignUpWithContext is the same as SignUp with the addition of
// the ability to pass a context and additional request options.
//
// See SignUp for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) SignUpWithContext(ctx aws.Context, input *SignUpInput, opts ...request.Option) (*SignUpOutput, error) {
	req, out := c.SignUpRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opStartUserImportJob = "StartUserImportJob"

// StartUserImportJobRequest generates a "aws/request.Request" representing the
// client's request for the StartUserImportJob operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See StartUserImportJob for more information on using the StartUserImportJob
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the StartUserImportJobRequest method.
//	req, resp := client.StartUserImportJobRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/StartUserImportJob
func (c *CognitoIdentityProvider) StartUserImportJobRequest(input *StartUserImportJobInput) (req *request.Request, output *StartUserImportJobOutput) {
	op := &request.Operation{
		Name:       opStartUserImportJob,
		HTTPMethod: "POST",
		HTTPPath:   "/",
	}

	if input == nil {
		input = &StartUserImportJobInput{}
	}

	output = &StartUserImportJobOutput{}
	req = c.newRequest(op, input, output)
	return
}

// StartUserImportJob API operation for Amazon Cognito Identity Provider.
//
// Starts the user import.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Amazon Cognito Identity Provider's
// API operation StartUserImportJob for usage and error information.
//
// Returned Error Types:
//
//   - ResourceNotFoundException
//     This exception is thrown when the Amazon Cognito service can't find the requested
//     resource.
//
//   - InvalidParameterException
//     This exception is thrown when the Amazon Cognito service encounters an invalid
//     parameter.
//
//   - TooManyRequestsException
//     This exception is thrown when the user has made too many requests for a given
//     operation.
//
//   - InternalErrorException
//     This exception is thrown when Amazon Cognito encounters an internal error.
//
//   - PreconditionNotMetException
//     This exception is thrown when a precondition is not met.
//
//   - NotAuthorizedException
//     This exception is thrown when a user isn't authorized.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/StartUserImportJob
func (c *CognitoIdentityProvider) StartUserImportJob(input *StartUserImportJobInput) (*StartUserImportJobOutput, error) {
	req, out := c.StartUserImportJobRequest(input)
	return out, req.Send()
}

// StartUserImportJobWithContext is the same as StartUserImportJob with the addition of
// the ability to pass a context and additional request options.
//
// See StartUserImportJob for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) StartUserImportJobWithContext(ctx aws.Context, input *StartUserImportJobInput, opts ...request.Option) (*StartUserImportJobOutput, error) {
	req, out := c.StartUserImportJobRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opStopUserImportJob = "StopUserImportJob"

// StopUserImportJobRequest generates a "aws/request.Request" representing the
// client's request for the StopUserImportJob operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See StopUserImportJob for more information on using the StopUserImportJob
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the StopUserImportJobRequest method.
//	req, resp := client.StopUserImportJobRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/StopUserImportJob
func (c *CognitoIdentityProvider) StopUserImportJobRequest(input *StopUserImportJobInput) (req *request.Request, output *StopUserImportJobOutput) {
	op := &request.Operation{
		Name:       opStopUserImportJob,
		HTTPMethod: "POST",
		HTTPPath:   "/",
	}

	if input == nil {
		input = &StopUserImportJobInput{}
	}

	output = &StopUserImportJobOutput{}
	req = c.newRequest(op, input, output)
	return
}

// StopUserImportJob API operation for Amazon Cognito Identity Provider.
//
// Stops the user import job.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Amazon Cognito Identity Provider's
// API operation StopUserImportJob for usage and error information.
//
// Returned Error Types:
//
//   - ResourceNotFoundException
//     This exception is thrown when the Amazon Cognito service can't find the requested
//     resource.
//
//   - InvalidParameterException
//     This exception is thrown when the Amazon Cognito service encounters an invalid
//     parameter.
//
//   - TooManyRequestsException
//     This exception is thrown when the user has made too many requests for a given
//     operation.
//
//   - InternalErrorException
//     This exception is thrown when Amazon Cognito encounters an internal error.
//
//   - PreconditionNotMetException
//     This exception is thrown when a precondition is not met.
//
//   - NotAuthorizedException
//     This exception is thrown when a user isn't authorized.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/StopUserImportJob
func (c *CognitoIdentityProvider) StopUserImportJob(input *StopUserImportJobInput) (*StopUserImportJobOutput, error) {
	req, out := c.StopUserImportJobRequest(input)
	return out, req.Send()
}

// StopUserImportJobWithContext is the same as StopUserImportJob with the addition of
// the ability to pass a context and additional request options.
//
// See StopUserImportJob for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) StopUserImportJobWithContext(ctx aws.Context, input *StopUserImportJobInput, opts ...request.Option) (*StopUserImportJobOutput, error) {
	req, out := c.StopUserImportJobRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opTagResource = "TagResource"

// TagResourceRequest generates a "aws/request.Request" representing the
// client's request for the TagResource operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See TagResource for more information on using the TagResource
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the TagResourceRequest method.
//	req, resp := client.TagResourceRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/TagResource
func (c *CognitoIdentityProvider) TagResourceRequest(input *TagResourceInput) (req *request.Request, output *TagResourceOutput) {
	op := &request.Operation{
		Name:       opTagResource,
		HTTPMethod: "POST",
		HTTPPath:   "/",
	}

	if input == nil {
		input = &TagResourceInput{}
	}

	output = &TagResourceOutput{}
	req = c.newRequest(op, input, output)
	req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
	return
}

// TagResource API operation for Amazon Cognito Identity Provider.
//
// Assigns a set of tags to an Amazon Cognito user pool. A tag is a label that
// you can use to categorize and manage user pools in different ways, such as
// by purpose, owner, environment, or other criteria.
//
// Each tag consists of a key and value, both of which you define. A key is
// a general category for more specific values. For example, if you have two
// versions of a user pool, one for testing and another for production, you
// might assign an Environment tag key to both user pools. The value of this
// key might be Test for one user pool, and Production for the other.
//
// Tags are useful for cost tracking and access control. You can activate your
// tags so that they appear on the Billing and Cost Management console, where
// you can track the costs associated with your user pools. In an Identity and
// Access Management policy, you can constrain permissions for user pools based
// on specific tags or tag values.
//
// You can use this action up to 5 times per second, per account. A user pool
// can have as many as 50 tags.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Amazon Cognito Identity Provider's
// API operation TagResource for usage and error information.
//
// Returned Error Types:
//
//   - ResourceNotFoundException
//     This exception is thrown when the Amazon Cognito service can't find the requested
//     resource.
//
//   - NotAuthorizedException
//     This exception is thrown when a user isn't authorized.
//
//   - TooManyRequestsException
//     This exception is thrown when the user has made too many requests for a given
//     operation.
//
//   - InvalidParameterException
//     This exception is thrown when the Amazon Cognito service encounters an invalid
//     parameter.
//
//   - InternalErrorException
//     This exception is thrown when Amazon Cognito encounters an internal error.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/TagResource
func (c *CognitoIdentityProvider) TagResource(input *TagResourceInput) (*TagResourceOutput, error) {
	req, out := c.TagResourceRequest(input)
	return out, req.Send()
}

// TagResourceWithContext is the same as TagResource with the addition of
// the ability to pass a context and additional request options.
//
// See TagResource for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) TagResourceWithContext(ctx aws.Context, input *TagResourceInput, opts ...request.Option) (*TagResourceOutput, error) {
	req, out := c.TagResourceRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opUntagResource = "UntagResource"

// UntagResourceRequest generates a "aws/request.Request" representing the
// client's request for the UntagResource operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See UntagResource for more information on using the UntagResource
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the UntagResourceRequest method.
//	req, resp := client.UntagResourceRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/UntagResource
func (c *CognitoIdentityProvider) UntagResourceRequest(input *UntagResourceInput) (req *request.Request, output *UntagResourceOutput) {
	op := &request.Operation{
		Name:       opUntagResource,
		HTTPMethod: "POST",
		HTTPPath:   "/",
	}

	if input == nil {
		input = &UntagResourceInput{}
	}

	output = &UntagResourceOutput{}
	req = c.newRequest(op, input, output)
	req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
	return
}

// UntagResource API operation for Amazon Cognito Identity Provider.
//
// Removes the specified tags from an Amazon Cognito user pool. You can use
// this action up to 5 times per second, per account.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Amazon Cognito Identity Provider's
// API operation UntagResource for usage and error information.
//
// Returned Error Types:
//
//   - ResourceNotFoundException
//     This exception is thrown when the Amazon Cognito service can't find the requested
//     resource.
//
//   - NotAuthorizedException
//     This exception is thrown when a user isn't authorized.
//
//   - TooManyRequestsException
//     This exception is thrown when the user has made too many requests for a given
//     operation.
//
//   - InvalidParameterException
//     This exception is thrown when the Amazon Cognito service encounters an invalid
//     parameter.
//
//   - InternalErrorException
//     This exception is thrown when Amazon Cognito encounters an internal error.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/UntagResource
func (c *CognitoIdentityProvider) UntagResource(input *UntagResourceInput) (*UntagResourceOutput, error) {
	req, out := c.UntagResourceRequest(input)
	return out, req.Send()
}

// UntagResourceWithContext is the same as UntagResource with the addition of
// the ability to pass a context and additional request options.
//
// See UntagResource for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) UntagResourceWithContext(ctx aws.Context, input *UntagResourceInput, opts ...request.Option) (*UntagResourceOutput, error) {
	req, out := c.UntagResourceRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opUpdateAuthEventFeedback = "UpdateAuthEventFeedback"

// UpdateAuthEventFeedbackRequest generates a "aws/request.Request" representing the
// client's request for the UpdateAuthEventFeedback operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See UpdateAuthEventFeedback for more information on using the UpdateAuthEventFeedback
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the UpdateAuthEventFeedbackRequest method.
//	req, resp := client.UpdateAuthEventFeedbackRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/UpdateAuthEventFeedback
func (c *CognitoIdentityProvider) UpdateAuthEventFeedbackRequest(input *UpdateAuthEventFeedbackInput) (req *request.Request, output *UpdateAuthEventFeedbackOutput) {
	op := &request.Operation{
		Name:       opUpdateAuthEventFeedback,
		HTTPMethod: "POST",
		HTTPPath:   "/",
	}

	if input == nil {
		input = &UpdateAuthEventFeedbackInput{}
	}

	output = &UpdateAuthEventFeedbackOutput{}
	req = c.newRequest(op, input, output)
	req.Config.Credentials = credentials.AnonymousCredentials
	req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
	return
}

// UpdateAuthEventFeedback API operation for Amazon Cognito Identity Provider.
//
// Provides the feedback for an authentication event, whether it was from a
// valid user or not. This feedback is used for improving the risk evaluation
// decision for the user pool as part of Amazon Cognito advanced security.
//
// Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies
// in requests for this API operation. For this operation, you can't use IAM
// credentials to authorize requests, and you can't grant IAM permissions in
// policies. For more information about authorization models in Amazon Cognito,
// see Using the Amazon Cognito native and OIDC APIs (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html).
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Amazon Cognito Identity Provider's
// API operation UpdateAuthEventFeedback for usage and error information.
//
// Returned Error Types:
//
//   - InvalidParameterException
//     This exception is thrown when the Amazon Cognito service encounters an invalid
//     parameter.
//
//   - ResourceNotFoundException
//     This exception is thrown when the Amazon Cognito service can't find the requested
//     resource.
//
//   - TooManyRequestsException
//     This exception is thrown when the user has made too many requests for a given
//     operation.
//
//   - NotAuthorizedException
//     This exception is thrown when a user isn't authorized.
//
//   - UserNotFoundException
//     This exception is thrown when a user isn't found.
//
//   - UserPoolAddOnNotEnabledException
//     This exception is thrown when user pool add-ons aren't enabled.
//
//   - InternalErrorException
//     This exception is thrown when Amazon Cognito encounters an internal error.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/UpdateAuthEventFeedback
func (c *CognitoIdentityProvider) UpdateAuthEventFeedback(input *UpdateAuthEventFeedbackInput) (*UpdateAuthEventFeedbackOutput, error) {
	req, out := c.UpdateAuthEventFeedbackRequest(input)
	return out, req.Send()
}

// UpdateAuthEventFeedbackWithContext is the same as UpdateAuthEventFeedback with the addition of
// the ability to pass a context and additional request options.
//
// See UpdateAuthEventFeedback for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) UpdateAuthEventFeedbackWithContext(ctx aws.Context, input *UpdateAuthEventFeedbackInput, opts ...request.Option) (*UpdateAuthEventFeedbackOutput, error) {
	req, out := c.UpdateAuthEventFeedbackRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opUpdateDeviceStatus = "UpdateDeviceStatus"

// UpdateDeviceStatusRequest generates a "aws/request.Request" representing the
// client's request for the UpdateDeviceStatus operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See UpdateDeviceStatus for more information on using the UpdateDeviceStatus
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the UpdateDeviceStatusRequest method.
//	req, resp := client.UpdateDeviceStatusRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/UpdateDeviceStatus
func (c *CognitoIdentityProvider) UpdateDeviceStatusRequest(input *UpdateDeviceStatusInput) (req *request.Request, output *UpdateDeviceStatusOutput) {
	op := &request.Operation{
		Name:       opUpdateDeviceStatus,
		HTTPMethod: "POST",
		HTTPPath:   "/",
	}

	if input == nil {
		input = &UpdateDeviceStatusInput{}
	}

	output = &UpdateDeviceStatusOutput{}
	req = c.newRequest(op, input, output)
	req.Config.Credentials = credentials.AnonymousCredentials
	req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
	return
}

// UpdateDeviceStatus API operation for Amazon Cognito Identity Provider.
//
// Updates the device status.
//
// Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies
// in requests for this API operation. For this operation, you can't use IAM
// credentials to authorize requests, and you can't grant IAM permissions in
// policies. For more information about authorization models in Amazon Cognito,
// see Using the Amazon Cognito native and OIDC APIs (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html).
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Amazon Cognito Identity Provider's
// API operation UpdateDeviceStatus for usage and error information.
//
// Returned Error Types:
//
//   - InvalidParameterException
//     This exception is thrown when the Amazon Cognito service encounters an invalid
//     parameter.
//
//   - ResourceNotFoundException
//     This exception is thrown when the Amazon Cognito service can't find the requested
//     resource.
//
//   - NotAuthorizedException
//     This exception is thrown when a user isn't authorized.
//
//   - InvalidUserPoolConfigurationException
//     This exception is thrown when the user pool configuration is not valid.
//
//   - TooManyRequestsException
//     This exception is thrown when the user has made too many requests for a given
//     operation.
//
//   - PasswordResetRequiredException
//     This exception is thrown when a password reset is required.
//
//   - UserNotFoundException
//     This exception is thrown when a user isn't found.
//
//   - UserNotConfirmedException
//     This exception is thrown when a user isn't confirmed successfully.
//
//   - InternalErrorException
//     This exception is thrown when Amazon Cognito encounters an internal error.
//
//   - ForbiddenException
//     This exception is thrown when WAF doesn't allow your request based on a web
//     ACL that's associated with your user pool.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/UpdateDeviceStatus
func (c *CognitoIdentityProvider) UpdateDeviceStatus(input *UpdateDeviceStatusInput) (*UpdateDeviceStatusOutput, error) {
	req, out := c.UpdateDeviceStatusRequest(input)
	return out, req.Send()
}

// UpdateDeviceStatusWithContext is the same as UpdateDeviceStatus with the addition of
// the ability to pass a context and additional request options.
//
// See UpdateDeviceStatus for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) UpdateDeviceStatusWithContext(ctx aws.Context, input *UpdateDeviceStatusInput, opts ...request.Option) (*UpdateDeviceStatusOutput, error) {
	req, out := c.UpdateDeviceStatusRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opUpdateGroup = "UpdateGroup"

// UpdateGroupRequest generates a "aws/request.Request" representing the
// client's request for the UpdateGroup operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See UpdateGroup for more information on using the UpdateGroup
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the UpdateGroupRequest method.
//	req, resp := client.UpdateGroupRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/UpdateGroup
func (c *CognitoIdentityProvider) UpdateGroupRequest(input *UpdateGroupInput) (req *request.Request, output *UpdateGroupOutput) {
	op := &request.Operation{
		Name:       opUpdateGroup,
		HTTPMethod: "POST",
		HTTPPath:   "/",
	}

	if input == nil {
		input = &UpdateGroupInput{}
	}

	output = &UpdateGroupOutput{}
	req = c.newRequest(op, input, output)
	return
}

// UpdateGroup API operation for Amazon Cognito Identity Provider.
//
// Updates the specified group with the specified attributes.
//
// Amazon Cognito evaluates Identity and Access Management (IAM) policies in
// requests for this API operation. For this operation, you must use IAM credentials
// to authorize requests, and you must grant yourself the corresponding IAM
// permission in a policy.
//
// Learn more
//
//   - Signing Amazon Web Services API Requests (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html)
//
//   - Using the Amazon Cognito user pools API and user pool endpoints (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html)
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Amazon Cognito Identity Provider's
// API operation UpdateGroup for usage and error information.
//
// Returned Error Types:
//
//   - ResourceNotFoundException
//     This exception is thrown when the Amazon Cognito service can't find the requested
//     resource.
//
//   - InvalidParameterException
//     This exception is thrown when the Amazon Cognito service encounters an invalid
//     parameter.
//
//   - TooManyRequestsException
//     This exception is thrown when the user has made too many requests for a given
//     operation.
//
//   - NotAuthorizedException
//     This exception is thrown when a user isn't authorized.
//
//   - InternalErrorException
//     This exception is thrown when Amazon Cognito encounters an internal error.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/UpdateGroup
func (c *CognitoIdentityProvider) UpdateGroup(input *UpdateGroupInput) (*UpdateGroupOutput, error) {
	req, out := c.UpdateGroupRequest(input)
	return out, req.Send()
}

// UpdateGroupWithContext is the same as UpdateGroup with the addition of
// the ability to pass a context and additional request options.
//
// See UpdateGroup for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) UpdateGroupWithContext(ctx aws.Context, input *UpdateGroupInput, opts ...request.Option) (*UpdateGroupOutput, error) {
	req, out := c.UpdateGroupRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opUpdateIdentityProvider = "UpdateIdentityProvider"

// UpdateIdentityProviderRequest generates a "aws/request.Request" representing the
// client's request for the UpdateIdentityProvider operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See UpdateIdentityProvider for more information on using the UpdateIdentityProvider
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the UpdateIdentityProviderRequest method.
//	req, resp := client.UpdateIdentityProviderRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/UpdateIdentityProvider
func (c *CognitoIdentityProvider) UpdateIdentityProviderRequest(input *UpdateIdentityProviderInput) (req *request.Request, output *UpdateIdentityProviderOutput) {
	op := &request.Operation{
		Name:       opUpdateIdentityProvider,
		HTTPMethod: "POST",
		HTTPPath:   "/",
	}

	if input == nil {
		input = &UpdateIdentityProviderInput{}
	}

	output = &UpdateIdentityProviderOutput{}
	req = c.newRequest(op, input, output)
	return
}

// UpdateIdentityProvider API operation for Amazon Cognito Identity Provider.
//
// Updates IdP information for a user pool.
//
// Amazon Cognito evaluates Identity and Access Management (IAM) policies in
// requests for this API operation. For this operation, you must use IAM credentials
// to authorize requests, and you must grant yourself the corresponding IAM
// permission in a policy.
//
// Learn more
//
//   - Signing Amazon Web Services API Requests (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html)
//
//   - Using the Amazon Cognito user pools API and user pool endpoints (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html)
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Amazon Cognito Identity Provider's
// API operation UpdateIdentityProvider for usage and error information.
//
// Returned Error Types:
//
//   - InvalidParameterException
//     This exception is thrown when the Amazon Cognito service encounters an invalid
//     parameter.
//
//   - UnsupportedIdentityProviderException
//     This exception is thrown when the specified identifier isn't supported.
//
//   - ResourceNotFoundException
//     This exception is thrown when the Amazon Cognito service can't find the requested
//     resource.
//
//   - ConcurrentModificationException
//     This exception is thrown if two or more modifications are happening concurrently.
//
//   - NotAuthorizedException
//     This exception is thrown when a user isn't authorized.
//
//   - TooManyRequestsException
//     This exception is thrown when the user has made too many requests for a given
//     operation.
//
//   - InternalErrorException
//     This exception is thrown when Amazon Cognito encounters an internal error.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/UpdateIdentityProvider
func (c *CognitoIdentityProvider) UpdateIdentityProvider(input *UpdateIdentityProviderInput) (*UpdateIdentityProviderOutput, error) {
	req, out := c.UpdateIdentityProviderRequest(input)
	return out, req.Send()
}

// UpdateIdentityProviderWithContext is the same as UpdateIdentityProvider with the addition of
// the ability to pass a context and additional request options.
//
// See UpdateIdentityProvider for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) UpdateIdentityProviderWithContext(ctx aws.Context, input *UpdateIdentityProviderInput, opts ...request.Option) (*UpdateIdentityProviderOutput, error) {
	req, out := c.UpdateIdentityProviderRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opUpdateResourceServer = "UpdateResourceServer"

// UpdateResourceServerRequest generates a "aws/request.Request" representing the
// client's request for the UpdateResourceServer operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See UpdateResourceServer for more information on using the UpdateResourceServer
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the UpdateResourceServerRequest method.
//	req, resp := client.UpdateResourceServerRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/UpdateResourceServer
func (c *CognitoIdentityProvider) UpdateResourceServerRequest(input *UpdateResourceServerInput) (req *request.Request, output *UpdateResourceServerOutput) {
	op := &request.Operation{
		Name:       opUpdateResourceServer,
		HTTPMethod: "POST",
		HTTPPath:   "/",
	}

	if input == nil {
		input = &UpdateResourceServerInput{}
	}

	output = &UpdateResourceServerOutput{}
	req = c.newRequest(op, input, output)
	return
}

// UpdateResourceServer API operation for Amazon Cognito Identity Provider.
//
// Updates the name and scopes of resource server. All other fields are read-only.
//
// If you don't provide a value for an attribute, it is set to the default value.
//
// Amazon Cognito evaluates Identity and Access Management (IAM) policies in
// requests for this API operation. For this operation, you must use IAM credentials
// to authorize requests, and you must grant yourself the corresponding IAM
// permission in a policy.
//
// Learn more
//
//   - Signing Amazon Web Services API Requests (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html)
//
//   - Using the Amazon Cognito user pools API and user pool endpoints (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html)
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Amazon Cognito Identity Provider's
// API operation UpdateResourceServer for usage and error information.
//
// Returned Error Types:
//
//   - InvalidParameterException
//     This exception is thrown when the Amazon Cognito service encounters an invalid
//     parameter.
//
//   - ResourceNotFoundException
//     This exception is thrown when the Amazon Cognito service can't find the requested
//     resource.
//
//   - NotAuthorizedException
//     This exception is thrown when a user isn't authorized.
//
//   - TooManyRequestsException
//     This exception is thrown when the user has made too many requests for a given
//     operation.
//
//   - InternalErrorException
//     This exception is thrown when Amazon Cognito encounters an internal error.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/UpdateResourceServer
func (c *CognitoIdentityProvider) UpdateResourceServer(input *UpdateResourceServerInput) (*UpdateResourceServerOutput, error) {
	req, out := c.UpdateResourceServerRequest(input)
	return out, req.Send()
}

// UpdateResourceServerWithContext is the same as UpdateResourceServer with the addition of
// the ability to pass a context and additional request options.
//
// See UpdateResourceServer for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) UpdateResourceServerWithContext(ctx aws.Context, input *UpdateResourceServerInput, opts ...request.Option) (*UpdateResourceServerOutput, error) {
	req, out := c.UpdateResourceServerRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opUpdateUserAttributes = "UpdateUserAttributes"

// UpdateUserAttributesRequest generates a "aws/request.Request" representing the
// client's request for the UpdateUserAttributes operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See UpdateUserAttributes for more information on using the UpdateUserAttributes
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the UpdateUserAttributesRequest method.
//	req, resp := client.UpdateUserAttributesRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/UpdateUserAttributes
func (c *CognitoIdentityProvider) UpdateUserAttributesRequest(input *UpdateUserAttributesInput) (req *request.Request, output *UpdateUserAttributesOutput) {
	op := &request.Operation{
		Name:       opUpdateUserAttributes,
		HTTPMethod: "POST",
		HTTPPath:   "/",
	}

	if input == nil {
		input = &UpdateUserAttributesInput{}
	}

	output = &UpdateUserAttributesOutput{}
	req = c.newRequest(op, input, output)
	req.Config.Credentials = credentials.AnonymousCredentials
	return
}

// UpdateUserAttributes API operation for Amazon Cognito Identity Provider.
//
// With this operation, your users can update one or more of their attributes
// with their own credentials. You authorize this API request with the user's
// access token. To delete an attribute from your user, submit the attribute
// in your API request with a blank value. Custom attribute values in this request
// must include the custom: prefix.
//
// Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies
// in requests for this API operation. For this operation, you can't use IAM
// credentials to authorize requests, and you can't grant IAM permissions in
// policies. For more information about authorization models in Amazon Cognito,
// see Using the Amazon Cognito native and OIDC APIs (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html).
//
// This action might generate an SMS text message. Starting June 1, 2021, US
// telecom carriers require you to register an origination phone number before
// you can send SMS messages to US phone numbers. If you use SMS text messages
// in Amazon Cognito, you must register a phone number with Amazon Pinpoint
// (https://console.aws.amazon.com/pinpoint/home/). Amazon Cognito uses the
// registered number automatically. Otherwise, Amazon Cognito users who must
// receive SMS messages might not be able to sign up, activate their accounts,
// or sign in.
//
// If you have never used SMS text messages with Amazon Cognito or any other
// Amazon Web Service, Amazon Simple Notification Service might place your account
// in the SMS sandbox. In sandbox mode (https://docs.aws.amazon.com/sns/latest/dg/sns-sms-sandbox.html)
// , you can send messages only to verified phone numbers. After you test your
// app while in the sandbox environment, you can move out of the sandbox and
// into production. For more information, see SMS message settings for Amazon
// Cognito user pools (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-sms-settings.html)
// in the Amazon Cognito Developer Guide.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Amazon Cognito Identity Provider's
// API operation UpdateUserAttributes for usage and error information.
//
// Returned Error Types:
//
//   - ResourceNotFoundException
//     This exception is thrown when the Amazon Cognito service can't find the requested
//     resource.
//
//   - InvalidParameterException
//     This exception is thrown when the Amazon Cognito service encounters an invalid
//     parameter.
//
//   - CodeMismatchException
//     This exception is thrown if the provided code doesn't match what the server
//     was expecting.
//
//   - ExpiredCodeException
//     This exception is thrown if a code has expired.
//
//   - NotAuthorizedException
//     This exception is thrown when a user isn't authorized.
//
//   - UnexpectedLambdaException
//     This exception is thrown when Amazon Cognito encounters an unexpected exception
//     with Lambda.
//
//   - UserLambdaValidationException
//     This exception is thrown when the Amazon Cognito service encounters a user
//     validation exception with the Lambda service.
//
//   - InvalidLambdaResponseException
//     This exception is thrown when Amazon Cognito encounters an invalid Lambda
//     response.
//
//   - TooManyRequestsException
//     This exception is thrown when the user has made too many requests for a given
//     operation.
//
//   - AliasExistsException
//     This exception is thrown when a user tries to confirm the account with an
//     email address or phone number that has already been supplied as an alias
//     for a different user profile. This exception indicates that an account with
//     this email address or phone already exists in a user pool that you've configured
//     to use email address or phone number as a sign-in alias.
//
//   - InvalidSmsRoleAccessPolicyException
//     This exception is returned when the role provided for SMS configuration doesn't
//     have permission to publish using Amazon SNS.
//
//   - InvalidSmsRoleTrustRelationshipException
//     This exception is thrown when the trust relationship is not valid for the
//     role provided for SMS configuration. This can happen if you don't trust cognito-idp.amazonaws.com
//     or the external ID provided in the role does not match what is provided in
//     the SMS configuration for the user pool.
//
//   - InvalidEmailRoleAccessPolicyException
//     This exception is thrown when Amazon Cognito isn't allowed to use your email
//     identity. HTTP status code: 400.
//
//   - CodeDeliveryFailureException
//     This exception is thrown when a verification code fails to deliver successfully.
//
//   - PasswordResetRequiredException
//     This exception is thrown when a password reset is required.
//
//   - UserNotFoundException
//     This exception is thrown when a user isn't found.
//
//   - UserNotConfirmedException
//     This exception is thrown when a user isn't confirmed successfully.
//
//   - InternalErrorException
//     This exception is thrown when Amazon Cognito encounters an internal error.
//
//   - ForbiddenException
//     This exception is thrown when WAF doesn't allow your request based on a web
//     ACL that's associated with your user pool.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/UpdateUserAttributes
func (c *CognitoIdentityProvider) UpdateUserAttributes(input *UpdateUserAttributesInput) (*UpdateUserAttributesOutput, error) {
	req, out := c.UpdateUserAttributesRequest(input)
	return out, req.Send()
}

// UpdateUserAttributesWithContext is the same as UpdateUserAttributes with the addition of
// the ability to pass a context and additional request options.
//
// See UpdateUserAttributes for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) UpdateUserAttributesWithContext(ctx aws.Context, input *UpdateUserAttributesInput, opts ...request.Option) (*UpdateUserAttributesOutput, error) {
	req, out := c.UpdateUserAttributesRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opUpdateUserPool = "UpdateUserPool"

// UpdateUserPoolRequest generates a "aws/request.Request" representing the
// client's request for the UpdateUserPool operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See UpdateUserPool for more information on using the UpdateUserPool
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the UpdateUserPoolRequest method.
//	req, resp := client.UpdateUserPoolRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/UpdateUserPool
func (c *CognitoIdentityProvider) UpdateUserPoolRequest(input *UpdateUserPoolInput) (req *request.Request, output *UpdateUserPoolOutput) {
	op := &request.Operation{
		Name:       opUpdateUserPool,
		HTTPMethod: "POST",
		HTTPPath:   "/",
	}

	if input == nil {
		input = &UpdateUserPoolInput{}
	}

	output = &UpdateUserPoolOutput{}
	req = c.newRequest(op, input, output)
	req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
	return
}

// UpdateUserPool API operation for Amazon Cognito Identity Provider.
//
// This action might generate an SMS text message. Starting June 1, 2021, US
// telecom carriers require you to register an origination phone number before
// you can send SMS messages to US phone numbers. If you use SMS text messages
// in Amazon Cognito, you must register a phone number with Amazon Pinpoint
// (https://console.aws.amazon.com/pinpoint/home/). Amazon Cognito uses the
// registered number automatically. Otherwise, Amazon Cognito users who must
// receive SMS messages might not be able to sign up, activate their accounts,
// or sign in.
//
// If you have never used SMS text messages with Amazon Cognito or any other
// Amazon Web Service, Amazon Simple Notification Service might place your account
// in the SMS sandbox. In sandbox mode (https://docs.aws.amazon.com/sns/latest/dg/sns-sms-sandbox.html)
// , you can send messages only to verified phone numbers. After you test your
// app while in the sandbox environment, you can move out of the sandbox and
// into production. For more information, see SMS message settings for Amazon
// Cognito user pools (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-sms-settings.html)
// in the Amazon Cognito Developer Guide.
//
// Updates the specified user pool with the specified attributes. You can get
// a list of the current user pool settings using DescribeUserPool (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_DescribeUserPool.html).
//
// If you don't provide a value for an attribute, Amazon Cognito sets it to
// its default value.
//
// Amazon Cognito evaluates Identity and Access Management (IAM) policies in
// requests for this API operation. For this operation, you must use IAM credentials
// to authorize requests, and you must grant yourself the corresponding IAM
// permission in a policy.
//
// Learn more
//
//   - Signing Amazon Web Services API Requests (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html)
//
//   - Using the Amazon Cognito user pools API and user pool endpoints (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html)
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Amazon Cognito Identity Provider's
// API operation UpdateUserPool for usage and error information.
//
// Returned Error Types:
//
//   - ResourceNotFoundException
//     This exception is thrown when the Amazon Cognito service can't find the requested
//     resource.
//
//   - InvalidParameterException
//     This exception is thrown when the Amazon Cognito service encounters an invalid
//     parameter.
//
//   - ConcurrentModificationException
//     This exception is thrown if two or more modifications are happening concurrently.
//
//   - TooManyRequestsException
//     This exception is thrown when the user has made too many requests for a given
//     operation.
//
//   - NotAuthorizedException
//     This exception is thrown when a user isn't authorized.
//
//   - UserImportInProgressException
//     This exception is thrown when you're trying to modify a user pool while a
//     user import job is in progress for that pool.
//
//   - InternalErrorException
//     This exception is thrown when Amazon Cognito encounters an internal error.
//
//   - InvalidSmsRoleAccessPolicyException
//     This exception is returned when the role provided for SMS configuration doesn't
//     have permission to publish using Amazon SNS.
//
//   - InvalidSmsRoleTrustRelationshipException
//     This exception is thrown when the trust relationship is not valid for the
//     role provided for SMS configuration. This can happen if you don't trust cognito-idp.amazonaws.com
//     or the external ID provided in the role does not match what is provided in
//     the SMS configuration for the user pool.
//
//   - UserPoolTaggingException
//     This exception is thrown when a user pool tag can't be set or updated.
//
//   - InvalidEmailRoleAccessPolicyException
//     This exception is thrown when Amazon Cognito isn't allowed to use your email
//     identity. HTTP status code: 400.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/UpdateUserPool
func (c *CognitoIdentityProvider) UpdateUserPool(input *UpdateUserPoolInput) (*UpdateUserPoolOutput, error) {
	req, out := c.UpdateUserPoolRequest(input)
	return out, req.Send()
}

// UpdateUserPoolWithContext is the same as UpdateUserPool with the addition of
// the ability to pass a context and additional request options.
//
// See UpdateUserPool for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) UpdateUserPoolWithContext(ctx aws.Context, input *UpdateUserPoolInput, opts ...request.Option) (*UpdateUserPoolOutput, error) {
	req, out := c.UpdateUserPoolRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opUpdateUserPoolClient = "UpdateUserPoolClient"

// UpdateUserPoolClientRequest generates a "aws/request.Request" representing the
// client's request for the UpdateUserPoolClient operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See UpdateUserPoolClient for more information on using the UpdateUserPoolClient
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the UpdateUserPoolClientRequest method.
//	req, resp := client.UpdateUserPoolClientRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/UpdateUserPoolClient
func (c *CognitoIdentityProvider) UpdateUserPoolClientRequest(input *UpdateUserPoolClientInput) (req *request.Request, output *UpdateUserPoolClientOutput) {
	op := &request.Operation{
		Name:       opUpdateUserPoolClient,
		HTTPMethod: "POST",
		HTTPPath:   "/",
	}

	if input == nil {
		input = &UpdateUserPoolClientInput{}
	}

	output = &UpdateUserPoolClientOutput{}
	req = c.newRequest(op, input, output)
	return
}

// UpdateUserPoolClient API operation for Amazon Cognito Identity Provider.
//
// Updates the specified user pool app client with the specified attributes.
// You can get a list of the current user pool app client settings using DescribeUserPoolClient
// (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_DescribeUserPoolClient.html).
//
// If you don't provide a value for an attribute, Amazon Cognito sets it to
// its default value.
//
// You can also use this operation to enable token revocation for user pool
// clients. For more information about revoking tokens, see RevokeToken (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_RevokeToken.html).
//
// Amazon Cognito evaluates Identity and Access Management (IAM) policies in
// requests for this API operation. For this operation, you must use IAM credentials
// to authorize requests, and you must grant yourself the corresponding IAM
// permission in a policy.
//
// Learn more
//
//   - Signing Amazon Web Services API Requests (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html)
//
//   - Using the Amazon Cognito user pools API and user pool endpoints (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html)
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Amazon Cognito Identity Provider's
// API operation UpdateUserPoolClient for usage and error information.
//
// Returned Error Types:
//
//   - ResourceNotFoundException
//     This exception is thrown when the Amazon Cognito service can't find the requested
//     resource.
//
//   - InvalidParameterException
//     This exception is thrown when the Amazon Cognito service encounters an invalid
//     parameter.
//
//   - ConcurrentModificationException
//     This exception is thrown if two or more modifications are happening concurrently.
//
//   - TooManyRequestsException
//     This exception is thrown when the user has made too many requests for a given
//     operation.
//
//   - NotAuthorizedException
//     This exception is thrown when a user isn't authorized.
//
//   - ScopeDoesNotExistException
//     This exception is thrown when the specified scope doesn't exist.
//
//   - InvalidOAuthFlowException
//     This exception is thrown when the specified OAuth flow is not valid.
//
//   - InternalErrorException
//     This exception is thrown when Amazon Cognito encounters an internal error.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/UpdateUserPoolClient
func (c *CognitoIdentityProvider) UpdateUserPoolClient(input *UpdateUserPoolClientInput) (*UpdateUserPoolClientOutput, error) {
	req, out := c.UpdateUserPoolClientRequest(input)
	return out, req.Send()
}

// UpdateUserPoolClientWithContext is the same as UpdateUserPoolClient with the addition of
// the ability to pass a context and additional request options.
//
// See UpdateUserPoolClient for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) UpdateUserPoolClientWithContext(ctx aws.Context, input *UpdateUserPoolClientInput, opts ...request.Option) (*UpdateUserPoolClientOutput, error) {
	req, out := c.UpdateUserPoolClientRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opUpdateUserPoolDomain = "UpdateUserPoolDomain"

// UpdateUserPoolDomainRequest generates a "aws/request.Request" representing the
// client's request for the UpdateUserPoolDomain operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See UpdateUserPoolDomain for more information on using the UpdateUserPoolDomain
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the UpdateUserPoolDomainRequest method.
//	req, resp := client.UpdateUserPoolDomainRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/UpdateUserPoolDomain
func (c *CognitoIdentityProvider) UpdateUserPoolDomainRequest(input *UpdateUserPoolDomainInput) (req *request.Request, output *UpdateUserPoolDomainOutput) {
	op := &request.Operation{
		Name:       opUpdateUserPoolDomain,
		HTTPMethod: "POST",
		HTTPPath:   "/",
	}

	if input == nil {
		input = &UpdateUserPoolDomainInput{}
	}

	output = &UpdateUserPoolDomainOutput{}
	req = c.newRequest(op, input, output)
	return
}

// UpdateUserPoolDomain API operation for Amazon Cognito Identity Provider.
//
// Updates the Secure Sockets Layer (SSL) certificate for the custom domain
// for your user pool.
//
// You can use this operation to provide the Amazon Resource Name (ARN) of a
// new certificate to Amazon Cognito. You can't use it to change the domain
// for a user pool.
//
// A custom domain is used to host the Amazon Cognito hosted UI, which provides
// sign-up and sign-in pages for your application. When you set up a custom
// domain, you provide a certificate that you manage with Certificate Manager
// (ACM). When necessary, you can use this operation to change the certificate
// that you applied to your custom domain.
//
// Usually, this is unnecessary following routine certificate renewal with ACM.
// When you renew your existing certificate in ACM, the ARN for your certificate
// remains the same, and your custom domain uses the new certificate automatically.
//
// However, if you replace your existing certificate with a new one, ACM gives
// the new certificate a new ARN. To apply the new certificate to your custom
// domain, you must provide this ARN to Amazon Cognito.
//
// When you add your new certificate in ACM, you must choose US East (N. Virginia)
// as the Amazon Web Services Region.
//
// After you submit your request, Amazon Cognito requires up to 1 hour to distribute
// your new certificate to your custom domain.
//
// For more information about adding a custom domain to your user pool, see
// Using Your Own Domain for the Hosted UI (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-add-custom-domain.html).
//
// Amazon Cognito evaluates Identity and Access Management (IAM) policies in
// requests for this API operation. For this operation, you must use IAM credentials
// to authorize requests, and you must grant yourself the corresponding IAM
// permission in a policy.
//
// Learn more
//
//   - Signing Amazon Web Services API Requests (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html)
//
//   - Using the Amazon Cognito user pools API and user pool endpoints (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html)
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Amazon Cognito Identity Provider's
// API operation UpdateUserPoolDomain for usage and error information.
//
// Returned Error Types:
//
//   - InvalidParameterException
//     This exception is thrown when the Amazon Cognito service encounters an invalid
//     parameter.
//
//   - NotAuthorizedException
//     This exception is thrown when a user isn't authorized.
//
//   - ResourceNotFoundException
//     This exception is thrown when the Amazon Cognito service can't find the requested
//     resource.
//
//   - TooManyRequestsException
//     This exception is thrown when the user has made too many requests for a given
//     operation.
//
//   - InternalErrorException
//     This exception is thrown when Amazon Cognito encounters an internal error.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/UpdateUserPoolDomain
func (c *CognitoIdentityProvider) UpdateUserPoolDomain(input *UpdateUserPoolDomainInput) (*UpdateUserPoolDomainOutput, error) {
	req, out := c.UpdateUserPoolDomainRequest(input)
	return out, req.Send()
}

// UpdateUserPoolDomainWithContext is the same as UpdateUserPoolDomain with the addition of
// the ability to pass a context and additional request options.
//
// See UpdateUserPoolDomain for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) UpdateUserPoolDomainWithContext(ctx aws.Context, input *UpdateUserPoolDomainInput, opts ...request.Option) (*UpdateUserPoolDomainOutput, error) {
	req, out := c.UpdateUserPoolDomainRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opVerifySoftwareToken = "VerifySoftwareToken"

// VerifySoftwareTokenRequest generates a "aws/request.Request" representing the
// client's request for the VerifySoftwareToken operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See VerifySoftwareToken for more information on using the VerifySoftwareToken
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the VerifySoftwareTokenRequest method.
//	req, resp := client.VerifySoftwareTokenRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/VerifySoftwareToken
func (c *CognitoIdentityProvider) VerifySoftwareTokenRequest(input *VerifySoftwareTokenInput) (req *request.Request, output *VerifySoftwareTokenOutput) {
	op := &request.Operation{
		Name:       opVerifySoftwareToken,
		HTTPMethod: "POST",
		HTTPPath:   "/",
	}

	if input == nil {
		input = &VerifySoftwareTokenInput{}
	}

	output = &VerifySoftwareTokenOutput{}
	req = c.newRequest(op, input, output)
	req.Config.Credentials = credentials.AnonymousCredentials
	return
}

// VerifySoftwareToken API operation for Amazon Cognito Identity Provider.
//
// Use this API to register a user's entered time-based one-time password (TOTP)
// code and mark the user's software token MFA status as "verified" if successful.
// The request takes an access token or a session string, but not both.
//
// Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies
// in requests for this API operation. For this operation, you can't use IAM
// credentials to authorize requests, and you can't grant IAM permissions in
// policies. For more information about authorization models in Amazon Cognito,
// see Using the Amazon Cognito native and OIDC APIs (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html).
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Amazon Cognito Identity Provider's
// API operation VerifySoftwareToken for usage and error information.
//
// Returned Error Types:
//
//   - InvalidParameterException
//     This exception is thrown when the Amazon Cognito service encounters an invalid
//     parameter.
//
//   - ResourceNotFoundException
//     This exception is thrown when the Amazon Cognito service can't find the requested
//     resource.
//
//   - InvalidUserPoolConfigurationException
//     This exception is thrown when the user pool configuration is not valid.
//
//   - NotAuthorizedException
//     This exception is thrown when a user isn't authorized.
//
//   - TooManyRequestsException
//     This exception is thrown when the user has made too many requests for a given
//     operation.
//
//   - PasswordResetRequiredException
//     This exception is thrown when a password reset is required.
//
//   - UserNotFoundException
//     This exception is thrown when a user isn't found.
//
//   - UserNotConfirmedException
//     This exception is thrown when a user isn't confirmed successfully.
//
//   - InternalErrorException
//     This exception is thrown when Amazon Cognito encounters an internal error.
//
//   - EnableSoftwareTokenMFAException
//     This exception is thrown when there is a code mismatch and the service fails
//     to configure the software token TOTP multi-factor authentication (MFA).
//
//   - NotAuthorizedException
//     This exception is thrown when a user isn't authorized.
//
//   - SoftwareTokenMFANotFoundException
//     This exception is thrown when the software token time-based one-time password
//     (TOTP) multi-factor authentication (MFA) isn't activated for the user pool.
//
//   - CodeMismatchException
//     This exception is thrown if the provided code doesn't match what the server
//     was expecting.
//
//   - ForbiddenException
//     This exception is thrown when WAF doesn't allow your request based on a web
//     ACL that's associated with your user pool.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/VerifySoftwareToken
func (c *CognitoIdentityProvider) VerifySoftwareToken(input *VerifySoftwareTokenInput) (*VerifySoftwareTokenOutput, error) {
	req, out := c.VerifySoftwareTokenRequest(input)
	return out, req.Send()
}

// VerifySoftwareTokenWithContext is the same as VerifySoftwareToken with the addition of
// the ability to pass a context and additional request options.
//
// See VerifySoftwareToken for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) VerifySoftwareTokenWithContext(ctx aws.Context, input *VerifySoftwareTokenInput, opts ...request.Option) (*VerifySoftwareTokenOutput, error) {
	req, out := c.VerifySoftwareTokenRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

const opVerifyUserAttribute = "VerifyUserAttribute"

// VerifyUserAttributeRequest generates a "aws/request.Request" representing the
// client's request for the VerifyUserAttribute operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See VerifyUserAttribute for more information on using the VerifyUserAttribute
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//	// Example sending a request using the VerifyUserAttributeRequest method.
//	req, resp := client.VerifyUserAttributeRequest(params)
//
//	err := req.Send()
//	if err == nil { // resp is now filled
//	    fmt.Println(resp)
//	}
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/VerifyUserAttribute
func (c *CognitoIdentityProvider) VerifyUserAttributeRequest(input *VerifyUserAttributeInput) (req *request.Request, output *VerifyUserAttributeOutput) {
	op := &request.Operation{
		Name:       opVerifyUserAttribute,
		HTTPMethod: "POST",
		HTTPPath:   "/",
	}

	if input == nil {
		input = &VerifyUserAttributeInput{}
	}

	output = &VerifyUserAttributeOutput{}
	req = c.newRequest(op, input, output)
	req.Config.Credentials = credentials.AnonymousCredentials
	req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
	return
}

// VerifyUserAttribute API operation for Amazon Cognito Identity Provider.
//
// Verifies the specified user attributes in the user pool.
//
// If your user pool requires verification before Amazon Cognito updates the
// attribute value, VerifyUserAttribute updates the affected attribute to its
// pending value. For more information, see UserAttributeUpdateSettingsType
// (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UserAttributeUpdateSettingsType.html).
//
// Amazon Cognito doesn't evaluate Identity and Access Management (IAM) policies
// in requests for this API operation. For this operation, you can't use IAM
// credentials to authorize requests, and you can't grant IAM permissions in
// policies. For more information about authorization models in Amazon Cognito,
// see Using the Amazon Cognito native and OIDC APIs (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pools-API-operations.html).
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Amazon Cognito Identity Provider's
// API operation VerifyUserAttribute for usage and error information.
//
// Returned Error Types:
//
//   - ResourceNotFoundException
//     This exception is thrown when the Amazon Cognito service can't find the requested
//     resource.
//
//   - InvalidParameterException
//     This exception is thrown when the Amazon Cognito service encounters an invalid
//     parameter.
//
//   - CodeMismatchException
//     This exception is thrown if the provided code doesn't match what the server
//     was expecting.
//
//   - ExpiredCodeException
//     This exception is thrown if a code has expired.
//
//   - NotAuthorizedException
//     This exception is thrown when a user isn't authorized.
//
//   - TooManyRequestsException
//     This exception is thrown when the user has made too many requests for a given
//     operation.
//
//   - LimitExceededException
//     This exception is thrown when a user exceeds the limit for a requested Amazon
//     Web Services resource.
//
//   - PasswordResetRequiredException
//     This exception is thrown when a password reset is required.
//
//   - UserNotFoundException
//     This exception is thrown when a user isn't found.
//
//   - UserNotConfirmedException
//     This exception is thrown when a user isn't confirmed successfully.
//
//   - InternalErrorException
//     This exception is thrown when Amazon Cognito encounters an internal error.
//
//   - AliasExistsException
//     This exception is thrown when a user tries to confirm the account with an
//     email address or phone number that has already been supplied as an alias
//     for a different user profile. This exception indicates that an account with
//     this email address or phone already exists in a user pool that you've configured
//     to use email address or phone number as a sign-in alias.
//
//   - ForbiddenException
//     This exception is thrown when WAF doesn't allow your request based on a web
//     ACL that's associated with your user pool.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/VerifyUserAttribute
func (c *CognitoIdentityProvider) VerifyUserAttribute(input *VerifyUserAttributeInput) (*VerifyUserAttributeOutput, error) {
	req, out := c.VerifyUserAttributeRequest(input)
	return out, req.Send()
}

// VerifyUserAttributeWithContext is the same as VerifyUserAttribute with the addition of
// the ability to pass a context and additional request options.
//
// See VerifyUserAttribute for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *CognitoIdentityProvider) VerifyUserAttributeWithContext(ctx aws.Context, input *VerifyUserAttributeInput, opts ...request.Option) (*VerifyUserAttributeOutput, error) {
	req, out := c.VerifyUserAttributeRequest(input)
	req.SetContext(ctx)
	req.ApplyOptions(opts...)
	return out, req.Send()
}

// The data type for AccountRecoverySetting.
type AccountRecoverySettingType struct {
	_ struct{} `type:"structure"`

	// The list of RecoveryOptionTypes.
	RecoveryMechanisms []*RecoveryOptionType `min:"1" type:"list"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AccountRecoverySettingType) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AccountRecoverySettingType) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *AccountRecoverySettingType) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "AccountRecoverySettingType"}
	if s.RecoveryMechanisms != nil && len(s.RecoveryMechanisms) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("RecoveryMechanisms", 1))
	}
	if s.RecoveryMechanisms != nil {
		for i, v := range s.RecoveryMechanisms {
			if v == nil {
				continue
			}
			if err := v.Validate(); err != nil {
				invalidParams.AddNested(fmt.Sprintf("%s[%v]", "RecoveryMechanisms", i), err.(request.ErrInvalidParams))
			}
		}
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetRecoveryMechanisms sets the RecoveryMechanisms field's value.
func (s *AccountRecoverySettingType) SetRecoveryMechanisms(v []*RecoveryOptionType) *AccountRecoverySettingType {
	s.RecoveryMechanisms = v
	return s
}

// Account takeover action type.
type AccountTakeoverActionType struct {
	_ struct{} `type:"structure"`

	// The action to take in response to the account takeover action. Valid values
	// are as follows:
	//
	//    * BLOCK Choosing this action will block the request.
	//
	//    * MFA_IF_CONFIGURED Present an MFA challenge if user has configured it,
	//    else allow the request.
	//
	//    * MFA_REQUIRED Present an MFA challenge if user has configured it, else
	//    block the request.
	//
	//    * NO_ACTION Allow the user to sign in.
	//
	// EventAction is a required field
	EventAction *string `type:"string" required:"true" enum:"AccountTakeoverEventActionType"`

	// Flag specifying whether to send a notification.
	//
	// Notify is a required field
	Notify *bool `type:"boolean" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AccountTakeoverActionType) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AccountTakeoverActionType) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *AccountTakeoverActionType) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "AccountTakeoverActionType"}
	if s.EventAction == nil {
		invalidParams.Add(request.NewErrParamRequired("EventAction"))
	}
	if s.Notify == nil {
		invalidParams.Add(request.NewErrParamRequired("Notify"))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetEventAction sets the EventAction field's value.
func (s *AccountTakeoverActionType) SetEventAction(v string) *AccountTakeoverActionType {
	s.EventAction = &v
	return s
}

// SetNotify sets the Notify field's value.
func (s *AccountTakeoverActionType) SetNotify(v bool) *AccountTakeoverActionType {
	s.Notify = &v
	return s
}

// Account takeover actions type.
type AccountTakeoverActionsType struct {
	_ struct{} `type:"structure"`

	// Action to take for a high risk.
	HighAction *AccountTakeoverActionType `type:"structure"`

	// Action to take for a low risk.
	LowAction *AccountTakeoverActionType `type:"structure"`

	// Action to take for a medium risk.
	MediumAction *AccountTakeoverActionType `type:"structure"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AccountTakeoverActionsType) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AccountTakeoverActionsType) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *AccountTakeoverActionsType) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "AccountTakeoverActionsType"}
	if s.HighAction != nil {
		if err := s.HighAction.Validate(); err != nil {
			invalidParams.AddNested("HighAction", err.(request.ErrInvalidParams))
		}
	}
	if s.LowAction != nil {
		if err := s.LowAction.Validate(); err != nil {
			invalidParams.AddNested("LowAction", err.(request.ErrInvalidParams))
		}
	}
	if s.MediumAction != nil {
		if err := s.MediumAction.Validate(); err != nil {
			invalidParams.AddNested("MediumAction", err.(request.ErrInvalidParams))
		}
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetHighAction sets the HighAction field's value.
func (s *AccountTakeoverActionsType) SetHighAction(v *AccountTakeoverActionType) *AccountTakeoverActionsType {
	s.HighAction = v
	return s
}

// SetLowAction sets the LowAction field's value.
func (s *AccountTakeoverActionsType) SetLowAction(v *AccountTakeoverActionType) *AccountTakeoverActionsType {
	s.LowAction = v
	return s
}

// SetMediumAction sets the MediumAction field's value.
func (s *AccountTakeoverActionsType) SetMediumAction(v *AccountTakeoverActionType) *AccountTakeoverActionsType {
	s.MediumAction = v
	return s
}

// Configuration for mitigation actions and notification for different levels
// of risk detected for a potential account takeover.
type AccountTakeoverRiskConfigurationType struct {
	_ struct{} `type:"structure"`

	// Account takeover risk configuration actions.
	//
	// Actions is a required field
	Actions *AccountTakeoverActionsType `type:"structure" required:"true"`

	// The notify configuration used to construct email notifications.
	NotifyConfiguration *NotifyConfigurationType `type:"structure"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AccountTakeoverRiskConfigurationType) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AccountTakeoverRiskConfigurationType) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *AccountTakeoverRiskConfigurationType) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "AccountTakeoverRiskConfigurationType"}
	if s.Actions == nil {
		invalidParams.Add(request.NewErrParamRequired("Actions"))
	}
	if s.Actions != nil {
		if err := s.Actions.Validate(); err != nil {
			invalidParams.AddNested("Actions", err.(request.ErrInvalidParams))
		}
	}
	if s.NotifyConfiguration != nil {
		if err := s.NotifyConfiguration.Validate(); err != nil {
			invalidParams.AddNested("NotifyConfiguration", err.(request.ErrInvalidParams))
		}
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetActions sets the Actions field's value.
func (s *AccountTakeoverRiskConfigurationType) SetActions(v *AccountTakeoverActionsType) *AccountTakeoverRiskConfigurationType {
	s.Actions = v
	return s
}

// SetNotifyConfiguration sets the NotifyConfiguration field's value.
func (s *AccountTakeoverRiskConfigurationType) SetNotifyConfiguration(v *NotifyConfigurationType) *AccountTakeoverRiskConfigurationType {
	s.NotifyConfiguration = v
	return s
}

// Represents the request to add custom attributes.
type AddCustomAttributesInput struct {
	_ struct{} `type:"structure"`

	// An array of custom attributes, such as Mutable and Name.
	//
	// CustomAttributes is a required field
	CustomAttributes []*SchemaAttributeType `min:"1" type:"list" required:"true"`

	// The user pool ID for the user pool where you want to add custom attributes.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AddCustomAttributesInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AddCustomAttributesInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *AddCustomAttributesInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "AddCustomAttributesInput"}
	if s.CustomAttributes == nil {
		invalidParams.Add(request.NewErrParamRequired("CustomAttributes"))
	}
	if s.CustomAttributes != nil && len(s.CustomAttributes) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("CustomAttributes", 1))
	}
	if s.UserPoolId == nil {
		invalidParams.Add(request.NewErrParamRequired("UserPoolId"))
	}
	if s.UserPoolId != nil && len(*s.UserPoolId) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("UserPoolId", 1))
	}
	if s.CustomAttributes != nil {
		for i, v := range s.CustomAttributes {
			if v == nil {
				continue
			}
			if err := v.Validate(); err != nil {
				invalidParams.AddNested(fmt.Sprintf("%s[%v]", "CustomAttributes", i), err.(request.ErrInvalidParams))
			}
		}
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetCustomAttributes sets the CustomAttributes field's value.
func (s *AddCustomAttributesInput) SetCustomAttributes(v []*SchemaAttributeType) *AddCustomAttributesInput {
	s.CustomAttributes = v
	return s
}

// SetUserPoolId sets the UserPoolId field's value.
func (s *AddCustomAttributesInput) SetUserPoolId(v string) *AddCustomAttributesInput {
	s.UserPoolId = &v
	return s
}

// Represents the response from the server for the request to add custom attributes.
type AddCustomAttributesOutput struct {
	_ struct{} `type:"structure"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AddCustomAttributesOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AddCustomAttributesOutput) GoString() string {
	return s.String()
}

type AdminAddUserToGroupInput struct {
	_ struct{} `type:"structure"`

	// The name of the group that you want to add your user to.
	//
	// GroupName is a required field
	GroupName *string `min:"1" type:"string" required:"true"`

	// The user pool ID for the user pool.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`

	// The username of the user that you want to query or modify. The value of this
	// parameter is typically your user's username, but it can be any of their alias
	// attributes. If username isn't an alias attribute in your user pool, you can
	// also use their sub in this request.
	//
	// Username is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by AdminAddUserToGroupInput's
	// String and GoString methods.
	//
	// Username is a required field
	Username *string `min:"1" type:"string" required:"true" sensitive:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AdminAddUserToGroupInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AdminAddUserToGroupInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *AdminAddUserToGroupInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "AdminAddUserToGroupInput"}
	if s.GroupName == nil {
		invalidParams.Add(request.NewErrParamRequired("GroupName"))
	}
	if s.GroupName != nil && len(*s.GroupName) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("GroupName", 1))
	}
	if s.UserPoolId == nil {
		invalidParams.Add(request.NewErrParamRequired("UserPoolId"))
	}
	if s.UserPoolId != nil && len(*s.UserPoolId) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("UserPoolId", 1))
	}
	if s.Username == nil {
		invalidParams.Add(request.NewErrParamRequired("Username"))
	}
	if s.Username != nil && len(*s.Username) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("Username", 1))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetGroupName sets the GroupName field's value.
func (s *AdminAddUserToGroupInput) SetGroupName(v string) *AdminAddUserToGroupInput {
	s.GroupName = &v
	return s
}

// SetUserPoolId sets the UserPoolId field's value.
func (s *AdminAddUserToGroupInput) SetUserPoolId(v string) *AdminAddUserToGroupInput {
	s.UserPoolId = &v
	return s
}

// SetUsername sets the Username field's value.
func (s *AdminAddUserToGroupInput) SetUsername(v string) *AdminAddUserToGroupInput {
	s.Username = &v
	return s
}

type AdminAddUserToGroupOutput struct {
	_ struct{} `type:"structure"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AdminAddUserToGroupOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AdminAddUserToGroupOutput) GoString() string {
	return s.String()
}

// Confirm a user's registration as a user pool administrator.
type AdminConfirmSignUpInput struct {
	_ struct{} `type:"structure"`

	// A map of custom key-value pairs that you can provide as input for any custom
	// workflows that this action triggers.
	//
	// If your user pool configuration includes triggers, the AdminConfirmSignUp
	// API action invokes the Lambda function that is specified for the post confirmation
	// trigger. When Amazon Cognito invokes this function, it passes a JSON payload,
	// which the function receives as input. In this payload, the clientMetadata
	// attribute provides the data that you assigned to the ClientMetadata parameter
	// in your AdminConfirmSignUp request. In your function code in Lambda, you
	// can process the ClientMetadata value to enhance your workflow for your specific
	// needs.
	//
	// For more information, see Customizing user pool Workflows with Lambda Triggers
	// (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools-working-with-aws-lambda-triggers.html)
	// in the Amazon Cognito Developer Guide.
	//
	// When you use the ClientMetadata parameter, remember that Amazon Cognito won't
	// do the following:
	//
	//    * Store the ClientMetadata value. This data is available only to Lambda
	//    triggers that are assigned to a user pool to support custom workflows.
	//    If your user pool configuration doesn't include triggers, the ClientMetadata
	//    parameter serves no purpose.
	//
	//    * Validate the ClientMetadata value.
	//
	//    * Encrypt the ClientMetadata value. Don't use Amazon Cognito to provide
	//    sensitive information.
	ClientMetadata map[string]*string `type:"map"`

	// The user pool ID for which you want to confirm user registration.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`

	// The username of the user that you want to query or modify. The value of this
	// parameter is typically your user's username, but it can be any of their alias
	// attributes. If username isn't an alias attribute in your user pool, you can
	// also use their sub in this request.
	//
	// Username is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by AdminConfirmSignUpInput's
	// String and GoString methods.
	//
	// Username is a required field
	Username *string `min:"1" type:"string" required:"true" sensitive:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AdminConfirmSignUpInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AdminConfirmSignUpInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *AdminConfirmSignUpInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "AdminConfirmSignUpInput"}
	if s.UserPoolId == nil {
		invalidParams.Add(request.NewErrParamRequired("UserPoolId"))
	}
	if s.UserPoolId != nil && len(*s.UserPoolId) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("UserPoolId", 1))
	}
	if s.Username == nil {
		invalidParams.Add(request.NewErrParamRequired("Username"))
	}
	if s.Username != nil && len(*s.Username) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("Username", 1))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetClientMetadata sets the ClientMetadata field's value.
func (s *AdminConfirmSignUpInput) SetClientMetadata(v map[string]*string) *AdminConfirmSignUpInput {
	s.ClientMetadata = v
	return s
}

// SetUserPoolId sets the UserPoolId field's value.
func (s *AdminConfirmSignUpInput) SetUserPoolId(v string) *AdminConfirmSignUpInput {
	s.UserPoolId = &v
	return s
}

// SetUsername sets the Username field's value.
func (s *AdminConfirmSignUpInput) SetUsername(v string) *AdminConfirmSignUpInput {
	s.Username = &v
	return s
}

// Represents the response from the server for the request to confirm registration.
type AdminConfirmSignUpOutput struct {
	_ struct{} `type:"structure"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AdminConfirmSignUpOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AdminConfirmSignUpOutput) GoString() string {
	return s.String()
}

// The configuration for creating a new user profile.
type AdminCreateUserConfigType struct {
	_ struct{} `type:"structure"`

	// Set to True if only the administrator is allowed to create user profiles.
	// Set to False if users can sign themselves up via an app.
	AllowAdminCreateUserOnly *bool `type:"boolean"`

	// The message template to be used for the welcome message to new users.
	//
	// See also Customizing User Invitation Messages (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-message-customizations.html#cognito-user-pool-settings-user-invitation-message-customization).
	InviteMessageTemplate *MessageTemplateType `type:"structure"`

	// The user account expiration limit, in days, after which a new account that
	// hasn't signed in is no longer usable. To reset the account after that time
	// limit, you must call AdminCreateUser again, specifying "RESEND" for the MessageAction
	// parameter. The default value for this parameter is 7.
	//
	// If you set a value for TemporaryPasswordValidityDays in PasswordPolicy, that
	// value will be used, and UnusedAccountValidityDays will be no longer be an
	// available parameter for that user pool.
	UnusedAccountValidityDays *int64 `type:"integer"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AdminCreateUserConfigType) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AdminCreateUserConfigType) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *AdminCreateUserConfigType) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "AdminCreateUserConfigType"}
	if s.InviteMessageTemplate != nil {
		if err := s.InviteMessageTemplate.Validate(); err != nil {
			invalidParams.AddNested("InviteMessageTemplate", err.(request.ErrInvalidParams))
		}
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetAllowAdminCreateUserOnly sets the AllowAdminCreateUserOnly field's value.
func (s *AdminCreateUserConfigType) SetAllowAdminCreateUserOnly(v bool) *AdminCreateUserConfigType {
	s.AllowAdminCreateUserOnly = &v
	return s
}

// SetInviteMessageTemplate sets the InviteMessageTemplate field's value.
func (s *AdminCreateUserConfigType) SetInviteMessageTemplate(v *MessageTemplateType) *AdminCreateUserConfigType {
	s.InviteMessageTemplate = v
	return s
}

// SetUnusedAccountValidityDays sets the UnusedAccountValidityDays field's value.
func (s *AdminCreateUserConfigType) SetUnusedAccountValidityDays(v int64) *AdminCreateUserConfigType {
	s.UnusedAccountValidityDays = &v
	return s
}

// Represents the request to create a user in the specified user pool.
type AdminCreateUserInput struct {
	_ struct{} `type:"structure"`

	// A map of custom key-value pairs that you can provide as input for any custom
	// workflows that this action triggers.
	//
	// You create custom workflows by assigning Lambda functions to user pool triggers.
	// When you use the AdminCreateUser API action, Amazon Cognito invokes the function
	// that is assigned to the pre sign-up trigger. When Amazon Cognito invokes
	// this function, it passes a JSON payload, which the function receives as input.
	// This payload contains a clientMetadata attribute, which provides the data
	// that you assigned to the ClientMetadata parameter in your AdminCreateUser
	// request. In your function code in Lambda, you can process the clientMetadata
	// value to enhance your workflow for your specific needs.
	//
	// For more information, see Customizing user pool Workflows with Lambda Triggers
	// (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools-working-with-aws-lambda-triggers.html)
	// in the Amazon Cognito Developer Guide.
	//
	// When you use the ClientMetadata parameter, remember that Amazon Cognito won't
	// do the following:
	//
	//    * Store the ClientMetadata value. This data is available only to Lambda
	//    triggers that are assigned to a user pool to support custom workflows.
	//    If your user pool configuration doesn't include triggers, the ClientMetadata
	//    parameter serves no purpose.
	//
	//    * Validate the ClientMetadata value.
	//
	//    * Encrypt the ClientMetadata value. Don't use Amazon Cognito to provide
	//    sensitive information.
	ClientMetadata map[string]*string `type:"map"`

	// Specify "EMAIL" if email will be used to send the welcome message. Specify
	// "SMS" if the phone number will be used. The default value is "SMS". You can
	// specify more than one value.
	DesiredDeliveryMediums []*string `type:"list" enum:"DeliveryMediumType"`

	// This parameter is used only if the phone_number_verified or email_verified
	// attribute is set to True. Otherwise, it is ignored.
	//
	// If this parameter is set to True and the phone number or email address specified
	// in the UserAttributes parameter already exists as an alias with a different
	// user, the API call will migrate the alias from the previous user to the newly
	// created user. The previous user will no longer be able to log in using that
	// alias.
	//
	// If this parameter is set to False, the API throws an AliasExistsException
	// error if the alias already exists. The default value is False.
	ForceAliasCreation *bool `type:"boolean"`

	// Set to RESEND to resend the invitation message to a user that already exists
	// and reset the expiration limit on the user's account. Set to SUPPRESS to
	// suppress sending the message. You can specify only one value.
	MessageAction *string `type:"string" enum:"MessageActionType"`

	// The user's temporary password. This password must conform to the password
	// policy that you specified when you created the user pool.
	//
	// The temporary password is valid only once. To complete the Admin Create User
	// flow, the user must enter the temporary password in the sign-in page, along
	// with a new password to be used in all future sign-ins.
	//
	// This parameter isn't required. If you don't specify a value, Amazon Cognito
	// generates one for you.
	//
	// The temporary password can only be used until the user account expiration
	// limit that you set for your user pool. To reset the account after that time
	// limit, you must call AdminCreateUser again and specify RESEND for the MessageAction
	// parameter.
	//
	// TemporaryPassword is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by AdminCreateUserInput's
	// String and GoString methods.
	TemporaryPassword *string `type:"string" sensitive:"true"`

	// An array of name-value pairs that contain user attributes and attribute values
	// to be set for the user to be created. You can create a user without specifying
	// any attributes other than Username. However, any attributes that you specify
	// as required (when creating a user pool or in the Attributes tab of the console)
	// either you should supply (in your call to AdminCreateUser) or the user should
	// supply (when they sign up in response to your welcome message).
	//
	// For custom attributes, you must prepend the custom: prefix to the attribute
	// name.
	//
	// To send a message inviting the user to sign up, you must specify the user's
	// email address or phone number. You can do this in your call to AdminCreateUser
	// or in the Users tab of the Amazon Cognito console for managing your user
	// pools.
	//
	// In your call to AdminCreateUser, you can set the email_verified attribute
	// to True, and you can set the phone_number_verified attribute to True. You
	// can also do this by calling AdminUpdateUserAttributes (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminUpdateUserAttributes.html).
	//
	//    * email: The email address of the user to whom the message that contains
	//    the code and username will be sent. Required if the email_verified attribute
	//    is set to True, or if "EMAIL" is specified in the DesiredDeliveryMediums
	//    parameter.
	//
	//    * phone_number: The phone number of the user to whom the message that
	//    contains the code and username will be sent. Required if the phone_number_verified
	//    attribute is set to True, or if "SMS" is specified in the DesiredDeliveryMediums
	//    parameter.
	UserAttributes []*AttributeType `type:"list"`

	// The user pool ID for the user pool where the user will be created.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`

	// The value that you want to set as the username sign-in attribute. The following
	// conditions apply to the username parameter.
	//
	//    * The username can't be a duplicate of another username in the same user
	//    pool.
	//
	//    * You can't change the value of a username after you create it.
	//
	//    * You can only provide a value if usernames are a valid sign-in attribute
	//    for your user pool. If your user pool only supports phone numbers or email
	//    addresses as sign-in attributes, Amazon Cognito automatically generates
	//    a username value. For more information, see Customizing sign-in attributes
	//    (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-attributes.html#user-pool-settings-aliases).
	//
	// Username is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by AdminCreateUserInput's
	// String and GoString methods.
	//
	// Username is a required field
	Username *string `min:"1" type:"string" required:"true" sensitive:"true"`

	// Temporary user attributes that contribute to the outcomes of your pre sign-up
	// Lambda trigger. This set of key-value pairs are for custom validation of
	// information that you collect from your users but don't need to retain.
	//
	// Your Lambda function can analyze this additional data and act on it. Your
	// function might perform external API operations like logging user attributes
	// and validation data to Amazon CloudWatch Logs. Validation data might also
	// affect the response that your function returns to Amazon Cognito, like automatically
	// confirming the user if they sign up from within your network.
	//
	// For more information about the pre sign-up Lambda trigger, see Pre sign-up
	// Lambda trigger (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-pre-sign-up.html).
	ValidationData []*AttributeType `type:"list"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AdminCreateUserInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AdminCreateUserInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *AdminCreateUserInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "AdminCreateUserInput"}
	if s.UserPoolId == nil {
		invalidParams.Add(request.NewErrParamRequired("UserPoolId"))
	}
	if s.UserPoolId != nil && len(*s.UserPoolId) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("UserPoolId", 1))
	}
	if s.Username == nil {
		invalidParams.Add(request.NewErrParamRequired("Username"))
	}
	if s.Username != nil && len(*s.Username) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("Username", 1))
	}
	if s.UserAttributes != nil {
		for i, v := range s.UserAttributes {
			if v == nil {
				continue
			}
			if err := v.Validate(); err != nil {
				invalidParams.AddNested(fmt.Sprintf("%s[%v]", "UserAttributes", i), err.(request.ErrInvalidParams))
			}
		}
	}
	if s.ValidationData != nil {
		for i, v := range s.ValidationData {
			if v == nil {
				continue
			}
			if err := v.Validate(); err != nil {
				invalidParams.AddNested(fmt.Sprintf("%s[%v]", "ValidationData", i), err.(request.ErrInvalidParams))
			}
		}
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetClientMetadata sets the ClientMetadata field's value.
func (s *AdminCreateUserInput) SetClientMetadata(v map[string]*string) *AdminCreateUserInput {
	s.ClientMetadata = v
	return s
}

// SetDesiredDeliveryMediums sets the DesiredDeliveryMediums field's value.
func (s *AdminCreateUserInput) SetDesiredDeliveryMediums(v []*string) *AdminCreateUserInput {
	s.DesiredDeliveryMediums = v
	return s
}

// SetForceAliasCreation sets the ForceAliasCreation field's value.
func (s *AdminCreateUserInput) SetForceAliasCreation(v bool) *AdminCreateUserInput {
	s.ForceAliasCreation = &v
	return s
}

// SetMessageAction sets the MessageAction field's value.
func (s *AdminCreateUserInput) SetMessageAction(v string) *AdminCreateUserInput {
	s.MessageAction = &v
	return s
}

// SetTemporaryPassword sets the TemporaryPassword field's value.
func (s *AdminCreateUserInput) SetTemporaryPassword(v string) *AdminCreateUserInput {
	s.TemporaryPassword = &v
	return s
}

// SetUserAttributes sets the UserAttributes field's value.
func (s *AdminCreateUserInput) SetUserAttributes(v []*AttributeType) *AdminCreateUserInput {
	s.UserAttributes = v
	return s
}

// SetUserPoolId sets the UserPoolId field's value.
func (s *AdminCreateUserInput) SetUserPoolId(v string) *AdminCreateUserInput {
	s.UserPoolId = &v
	return s
}

// SetUsername sets the Username field's value.
func (s *AdminCreateUserInput) SetUsername(v string) *AdminCreateUserInput {
	s.Username = &v
	return s
}

// SetValidationData sets the ValidationData field's value.
func (s *AdminCreateUserInput) SetValidationData(v []*AttributeType) *AdminCreateUserInput {
	s.ValidationData = v
	return s
}

// Represents the response from the server to the request to create the user.
type AdminCreateUserOutput struct {
	_ struct{} `type:"structure"`

	// The newly created user.
	User *UserType `type:"structure"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AdminCreateUserOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AdminCreateUserOutput) GoString() string {
	return s.String()
}

// SetUser sets the User field's value.
func (s *AdminCreateUserOutput) SetUser(v *UserType) *AdminCreateUserOutput {
	s.User = v
	return s
}

// Represents the request to delete user attributes as an administrator.
type AdminDeleteUserAttributesInput struct {
	_ struct{} `type:"structure"`

	// An array of strings representing the user attribute names you want to delete.
	//
	// For custom attributes, you must prepend the custom: prefix to the attribute
	// name.
	//
	// UserAttributeNames is a required field
	UserAttributeNames []*string `type:"list" required:"true"`

	// The user pool ID for the user pool where you want to delete user attributes.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`

	// The username of the user that you want to query or modify. The value of this
	// parameter is typically your user's username, but it can be any of their alias
	// attributes. If username isn't an alias attribute in your user pool, you can
	// also use their sub in this request.
	//
	// Username is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by AdminDeleteUserAttributesInput's
	// String and GoString methods.
	//
	// Username is a required field
	Username *string `min:"1" type:"string" required:"true" sensitive:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AdminDeleteUserAttributesInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AdminDeleteUserAttributesInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *AdminDeleteUserAttributesInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "AdminDeleteUserAttributesInput"}
	if s.UserAttributeNames == nil {
		invalidParams.Add(request.NewErrParamRequired("UserAttributeNames"))
	}
	if s.UserPoolId == nil {
		invalidParams.Add(request.NewErrParamRequired("UserPoolId"))
	}
	if s.UserPoolId != nil && len(*s.UserPoolId) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("UserPoolId", 1))
	}
	if s.Username == nil {
		invalidParams.Add(request.NewErrParamRequired("Username"))
	}
	if s.Username != nil && len(*s.Username) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("Username", 1))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetUserAttributeNames sets the UserAttributeNames field's value.
func (s *AdminDeleteUserAttributesInput) SetUserAttributeNames(v []*string) *AdminDeleteUserAttributesInput {
	s.UserAttributeNames = v
	return s
}

// SetUserPoolId sets the UserPoolId field's value.
func (s *AdminDeleteUserAttributesInput) SetUserPoolId(v string) *AdminDeleteUserAttributesInput {
	s.UserPoolId = &v
	return s
}

// SetUsername sets the Username field's value.
func (s *AdminDeleteUserAttributesInput) SetUsername(v string) *AdminDeleteUserAttributesInput {
	s.Username = &v
	return s
}

// Represents the response received from the server for a request to delete
// user attributes.
type AdminDeleteUserAttributesOutput struct {
	_ struct{} `type:"structure"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AdminDeleteUserAttributesOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AdminDeleteUserAttributesOutput) GoString() string {
	return s.String()
}

// Represents the request to delete a user as an administrator.
type AdminDeleteUserInput struct {
	_ struct{} `type:"structure"`

	// The user pool ID for the user pool where you want to delete the user.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`

	// The username of the user that you want to query or modify. The value of this
	// parameter is typically your user's username, but it can be any of their alias
	// attributes. If username isn't an alias attribute in your user pool, you can
	// also use their sub in this request.
	//
	// Username is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by AdminDeleteUserInput's
	// String and GoString methods.
	//
	// Username is a required field
	Username *string `min:"1" type:"string" required:"true" sensitive:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AdminDeleteUserInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AdminDeleteUserInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *AdminDeleteUserInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "AdminDeleteUserInput"}
	if s.UserPoolId == nil {
		invalidParams.Add(request.NewErrParamRequired("UserPoolId"))
	}
	if s.UserPoolId != nil && len(*s.UserPoolId) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("UserPoolId", 1))
	}
	if s.Username == nil {
		invalidParams.Add(request.NewErrParamRequired("Username"))
	}
	if s.Username != nil && len(*s.Username) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("Username", 1))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetUserPoolId sets the UserPoolId field's value.
func (s *AdminDeleteUserInput) SetUserPoolId(v string) *AdminDeleteUserInput {
	s.UserPoolId = &v
	return s
}

// SetUsername sets the Username field's value.
func (s *AdminDeleteUserInput) SetUsername(v string) *AdminDeleteUserInput {
	s.Username = &v
	return s
}

type AdminDeleteUserOutput struct {
	_ struct{} `type:"structure"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AdminDeleteUserOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AdminDeleteUserOutput) GoString() string {
	return s.String()
}

type AdminDisableProviderForUserInput struct {
	_ struct{} `type:"structure"`

	// The user to be disabled.
	//
	// User is a required field
	User *ProviderUserIdentifierType `type:"structure" required:"true"`

	// The user pool ID for the user pool.
	//
	// UserPoolId is a required field
	UserPoolId *string `type:"string" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AdminDisableProviderForUserInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AdminDisableProviderForUserInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *AdminDisableProviderForUserInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "AdminDisableProviderForUserInput"}
	if s.User == nil {
		invalidParams.Add(request.NewErrParamRequired("User"))
	}
	if s.UserPoolId == nil {
		invalidParams.Add(request.NewErrParamRequired("UserPoolId"))
	}
	if s.User != nil {
		if err := s.User.Validate(); err != nil {
			invalidParams.AddNested("User", err.(request.ErrInvalidParams))
		}
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetUser sets the User field's value.
func (s *AdminDisableProviderForUserInput) SetUser(v *ProviderUserIdentifierType) *AdminDisableProviderForUserInput {
	s.User = v
	return s
}

// SetUserPoolId sets the UserPoolId field's value.
func (s *AdminDisableProviderForUserInput) SetUserPoolId(v string) *AdminDisableProviderForUserInput {
	s.UserPoolId = &v
	return s
}

type AdminDisableProviderForUserOutput struct {
	_ struct{} `type:"structure"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AdminDisableProviderForUserOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AdminDisableProviderForUserOutput) GoString() string {
	return s.String()
}

// Represents the request to disable the user as an administrator.
type AdminDisableUserInput struct {
	_ struct{} `type:"structure"`

	// The user pool ID for the user pool where you want to disable the user.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`

	// The username of the user that you want to query or modify. The value of this
	// parameter is typically your user's username, but it can be any of their alias
	// attributes. If username isn't an alias attribute in your user pool, you can
	// also use their sub in this request.
	//
	// Username is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by AdminDisableUserInput's
	// String and GoString methods.
	//
	// Username is a required field
	Username *string `min:"1" type:"string" required:"true" sensitive:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AdminDisableUserInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AdminDisableUserInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *AdminDisableUserInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "AdminDisableUserInput"}
	if s.UserPoolId == nil {
		invalidParams.Add(request.NewErrParamRequired("UserPoolId"))
	}
	if s.UserPoolId != nil && len(*s.UserPoolId) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("UserPoolId", 1))
	}
	if s.Username == nil {
		invalidParams.Add(request.NewErrParamRequired("Username"))
	}
	if s.Username != nil && len(*s.Username) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("Username", 1))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetUserPoolId sets the UserPoolId field's value.
func (s *AdminDisableUserInput) SetUserPoolId(v string) *AdminDisableUserInput {
	s.UserPoolId = &v
	return s
}

// SetUsername sets the Username field's value.
func (s *AdminDisableUserInput) SetUsername(v string) *AdminDisableUserInput {
	s.Username = &v
	return s
}

// Represents the response received from the server to disable the user as an
// administrator.
type AdminDisableUserOutput struct {
	_ struct{} `type:"structure"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AdminDisableUserOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AdminDisableUserOutput) GoString() string {
	return s.String()
}

// Represents the request that enables the user as an administrator.
type AdminEnableUserInput struct {
	_ struct{} `type:"structure"`

	// The user pool ID for the user pool where you want to enable the user.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`

	// The username of the user that you want to query or modify. The value of this
	// parameter is typically your user's username, but it can be any of their alias
	// attributes. If username isn't an alias attribute in your user pool, you can
	// also use their sub in this request.
	//
	// Username is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by AdminEnableUserInput's
	// String and GoString methods.
	//
	// Username is a required field
	Username *string `min:"1" type:"string" required:"true" sensitive:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AdminEnableUserInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AdminEnableUserInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *AdminEnableUserInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "AdminEnableUserInput"}
	if s.UserPoolId == nil {
		invalidParams.Add(request.NewErrParamRequired("UserPoolId"))
	}
	if s.UserPoolId != nil && len(*s.UserPoolId) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("UserPoolId", 1))
	}
	if s.Username == nil {
		invalidParams.Add(request.NewErrParamRequired("Username"))
	}
	if s.Username != nil && len(*s.Username) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("Username", 1))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetUserPoolId sets the UserPoolId field's value.
func (s *AdminEnableUserInput) SetUserPoolId(v string) *AdminEnableUserInput {
	s.UserPoolId = &v
	return s
}

// SetUsername sets the Username field's value.
func (s *AdminEnableUserInput) SetUsername(v string) *AdminEnableUserInput {
	s.Username = &v
	return s
}

// Represents the response from the server for the request to enable a user
// as an administrator.
type AdminEnableUserOutput struct {
	_ struct{} `type:"structure"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AdminEnableUserOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AdminEnableUserOutput) GoString() string {
	return s.String()
}

// Sends the forgot device request, as an administrator.
type AdminForgetDeviceInput struct {
	_ struct{} `type:"structure"`

	// The device key.
	//
	// DeviceKey is a required field
	DeviceKey *string `min:"1" type:"string" required:"true"`

	// The user pool ID.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`

	// The username of the user that you want to query or modify. The value of this
	// parameter is typically your user's username, but it can be any of their alias
	// attributes. If username isn't an alias attribute in your user pool, you can
	// also use their sub in this request.
	//
	// Username is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by AdminForgetDeviceInput's
	// String and GoString methods.
	//
	// Username is a required field
	Username *string `min:"1" type:"string" required:"true" sensitive:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AdminForgetDeviceInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AdminForgetDeviceInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *AdminForgetDeviceInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "AdminForgetDeviceInput"}
	if s.DeviceKey == nil {
		invalidParams.Add(request.NewErrParamRequired("DeviceKey"))
	}
	if s.DeviceKey != nil && len(*s.DeviceKey) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("DeviceKey", 1))
	}
	if s.UserPoolId == nil {
		invalidParams.Add(request.NewErrParamRequired("UserPoolId"))
	}
	if s.UserPoolId != nil && len(*s.UserPoolId) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("UserPoolId", 1))
	}
	if s.Username == nil {
		invalidParams.Add(request.NewErrParamRequired("Username"))
	}
	if s.Username != nil && len(*s.Username) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("Username", 1))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetDeviceKey sets the DeviceKey field's value.
func (s *AdminForgetDeviceInput) SetDeviceKey(v string) *AdminForgetDeviceInput {
	s.DeviceKey = &v
	return s
}

// SetUserPoolId sets the UserPoolId field's value.
func (s *AdminForgetDeviceInput) SetUserPoolId(v string) *AdminForgetDeviceInput {
	s.UserPoolId = &v
	return s
}

// SetUsername sets the Username field's value.
func (s *AdminForgetDeviceInput) SetUsername(v string) *AdminForgetDeviceInput {
	s.Username = &v
	return s
}

type AdminForgetDeviceOutput struct {
	_ struct{} `type:"structure"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AdminForgetDeviceOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AdminForgetDeviceOutput) GoString() string {
	return s.String()
}

// Represents the request to get the device, as an administrator.
type AdminGetDeviceInput struct {
	_ struct{} `type:"structure"`

	// The device key.
	//
	// DeviceKey is a required field
	DeviceKey *string `min:"1" type:"string" required:"true"`

	// The user pool ID.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`

	// The username of the user that you want to query or modify. The value of this
	// parameter is typically your user's username, but it can be any of their alias
	// attributes. If username isn't an alias attribute in your user pool, you can
	// also use their sub in this request.
	//
	// Username is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by AdminGetDeviceInput's
	// String and GoString methods.
	//
	// Username is a required field
	Username *string `min:"1" type:"string" required:"true" sensitive:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AdminGetDeviceInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AdminGetDeviceInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *AdminGetDeviceInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "AdminGetDeviceInput"}
	if s.DeviceKey == nil {
		invalidParams.Add(request.NewErrParamRequired("DeviceKey"))
	}
	if s.DeviceKey != nil && len(*s.DeviceKey) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("DeviceKey", 1))
	}
	if s.UserPoolId == nil {
		invalidParams.Add(request.NewErrParamRequired("UserPoolId"))
	}
	if s.UserPoolId != nil && len(*s.UserPoolId) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("UserPoolId", 1))
	}
	if s.Username == nil {
		invalidParams.Add(request.NewErrParamRequired("Username"))
	}
	if s.Username != nil && len(*s.Username) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("Username", 1))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetDeviceKey sets the DeviceKey field's value.
func (s *AdminGetDeviceInput) SetDeviceKey(v string) *AdminGetDeviceInput {
	s.DeviceKey = &v
	return s
}

// SetUserPoolId sets the UserPoolId field's value.
func (s *AdminGetDeviceInput) SetUserPoolId(v string) *AdminGetDeviceInput {
	s.UserPoolId = &v
	return s
}

// SetUsername sets the Username field's value.
func (s *AdminGetDeviceInput) SetUsername(v string) *AdminGetDeviceInput {
	s.Username = &v
	return s
}

// Gets the device response, as an administrator.
type AdminGetDeviceOutput struct {
	_ struct{} `type:"structure"`

	// The device.
	//
	// Device is a required field
	Device *DeviceType `type:"structure" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AdminGetDeviceOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AdminGetDeviceOutput) GoString() string {
	return s.String()
}

// SetDevice sets the Device field's value.
func (s *AdminGetDeviceOutput) SetDevice(v *DeviceType) *AdminGetDeviceOutput {
	s.Device = v
	return s
}

// Represents the request to get the specified user as an administrator.
type AdminGetUserInput struct {
	_ struct{} `type:"structure"`

	// The user pool ID for the user pool where you want to get information about
	// the user.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`

	// The username of the user that you want to query or modify. The value of this
	// parameter is typically your user's username, but it can be any of their alias
	// attributes. If username isn't an alias attribute in your user pool, you can
	// also use their sub in this request.
	//
	// Username is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by AdminGetUserInput's
	// String and GoString methods.
	//
	// Username is a required field
	Username *string `min:"1" type:"string" required:"true" sensitive:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AdminGetUserInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AdminGetUserInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *AdminGetUserInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "AdminGetUserInput"}
	if s.UserPoolId == nil {
		invalidParams.Add(request.NewErrParamRequired("UserPoolId"))
	}
	if s.UserPoolId != nil && len(*s.UserPoolId) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("UserPoolId", 1))
	}
	if s.Username == nil {
		invalidParams.Add(request.NewErrParamRequired("Username"))
	}
	if s.Username != nil && len(*s.Username) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("Username", 1))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetUserPoolId sets the UserPoolId field's value.
func (s *AdminGetUserInput) SetUserPoolId(v string) *AdminGetUserInput {
	s.UserPoolId = &v
	return s
}

// SetUsername sets the Username field's value.
func (s *AdminGetUserInput) SetUsername(v string) *AdminGetUserInput {
	s.Username = &v
	return s
}

// Represents the response from the server from the request to get the specified
// user as an administrator.
type AdminGetUserOutput struct {
	_ struct{} `type:"structure"`

	// Indicates that the status is enabled.
	Enabled *bool `type:"boolean"`

	// This response parameter is no longer supported. It provides information only
	// about SMS MFA configurations. It doesn't provide information about time-based
	// one-time password (TOTP) software token MFA configurations. To look up information
	// about either type of MFA configuration, use UserMFASettingList instead.
	MFAOptions []*MFAOptionType `type:"list"`

	// The user's preferred MFA setting.
	PreferredMfaSetting *string `type:"string"`

	// An array of name-value pairs representing user attributes.
	UserAttributes []*AttributeType `type:"list"`

	// The date the user was created.
	UserCreateDate *time.Time `type:"timestamp"`

	// The date and time, in ISO 8601 (https://www.iso.org/iso-8601-date-and-time-format.html)
	// format, when the item was modified.
	UserLastModifiedDate *time.Time `type:"timestamp"`

	// The MFA options that are activated for the user. The possible values in this
	// list are SMS_MFA and SOFTWARE_TOKEN_MFA.
	UserMFASettingList []*string `type:"list"`

	// The user status. Can be one of the following:
	//
	//    * UNCONFIRMED - User has been created but not confirmed.
	//
	//    * CONFIRMED - User has been confirmed.
	//
	//    * UNKNOWN - User status isn't known.
	//
	//    * RESET_REQUIRED - User is confirmed, but the user must request a code
	//    and reset their password before they can sign in.
	//
	//    * FORCE_CHANGE_PASSWORD - The user is confirmed and the user can sign
	//    in using a temporary password, but on first sign-in, the user must change
	//    their password to a new value before doing anything else.
	UserStatus *string `type:"string" enum:"UserStatusType"`

	// The username of the user that you requested.
	//
	// Username is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by AdminGetUserOutput's
	// String and GoString methods.
	//
	// Username is a required field
	Username *string `min:"1" type:"string" required:"true" sensitive:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AdminGetUserOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AdminGetUserOutput) GoString() string {
	return s.String()
}

// SetEnabled sets the Enabled field's value.
func (s *AdminGetUserOutput) SetEnabled(v bool) *AdminGetUserOutput {
	s.Enabled = &v
	return s
}

// SetMFAOptions sets the MFAOptions field's value.
func (s *AdminGetUserOutput) SetMFAOptions(v []*MFAOptionType) *AdminGetUserOutput {
	s.MFAOptions = v
	return s
}

// SetPreferredMfaSetting sets the PreferredMfaSetting field's value.
func (s *AdminGetUserOutput) SetPreferredMfaSetting(v string) *AdminGetUserOutput {
	s.PreferredMfaSetting = &v
	return s
}

// SetUserAttributes sets the UserAttributes field's value.
func (s *AdminGetUserOutput) SetUserAttributes(v []*AttributeType) *AdminGetUserOutput {
	s.UserAttributes = v
	return s
}

// SetUserCreateDate sets the UserCreateDate field's value.
func (s *AdminGetUserOutput) SetUserCreateDate(v time.Time) *AdminGetUserOutput {
	s.UserCreateDate = &v
	return s
}

// SetUserLastModifiedDate sets the UserLastModifiedDate field's value.
func (s *AdminGetUserOutput) SetUserLastModifiedDate(v time.Time) *AdminGetUserOutput {
	s.UserLastModifiedDate = &v
	return s
}

// SetUserMFASettingList sets the UserMFASettingList field's value.
func (s *AdminGetUserOutput) SetUserMFASettingList(v []*string) *AdminGetUserOutput {
	s.UserMFASettingList = v
	return s
}

// SetUserStatus sets the UserStatus field's value.
func (s *AdminGetUserOutput) SetUserStatus(v string) *AdminGetUserOutput {
	s.UserStatus = &v
	return s
}

// SetUsername sets the Username field's value.
func (s *AdminGetUserOutput) SetUsername(v string) *AdminGetUserOutput {
	s.Username = &v
	return s
}

// Initiates the authorization request, as an administrator.
type AdminInitiateAuthInput struct {
	_ struct{} `type:"structure"`

	// The analytics metadata for collecting Amazon Pinpoint metrics for AdminInitiateAuth
	// calls.
	AnalyticsMetadata *AnalyticsMetadataType `type:"structure"`

	// The authentication flow for this call to run. The API action will depend
	// on this value. For example:
	//
	//    * REFRESH_TOKEN_AUTH will take in a valid refresh token and return new
	//    tokens.
	//
	//    * USER_SRP_AUTH will take in USERNAME and SRP_A and return the Secure
	//    Remote Password (SRP) protocol variables to be used for next challenge
	//    execution.
	//
	//    * ADMIN_USER_PASSWORD_AUTH will take in USERNAME and PASSWORD and return
	//    the next challenge or tokens.
	//
	// Valid values include:
	//
	//    * USER_SRP_AUTH: Authentication flow for the Secure Remote Password (SRP)
	//    protocol.
	//
	//    * REFRESH_TOKEN_AUTH/REFRESH_TOKEN: Authentication flow for refreshing
	//    the access token and ID token by supplying a valid refresh token.
	//
	//    * CUSTOM_AUTH: Custom authentication flow.
	//
	//    * ADMIN_NO_SRP_AUTH: Non-SRP authentication flow; you can pass in the
	//    USERNAME and PASSWORD directly if the flow is enabled for calling the
	//    app client.
	//
	//    * ADMIN_USER_PASSWORD_AUTH: Admin-based user password authentication.
	//    This replaces the ADMIN_NO_SRP_AUTH authentication flow. In this flow,
	//    Amazon Cognito receives the password in the request instead of using the
	//    SRP process to verify passwords.
	//
	// AuthFlow is a required field
	AuthFlow *string `type:"string" required:"true" enum:"AuthFlowType"`

	// The authentication parameters. These are inputs corresponding to the AuthFlow
	// that you're invoking. The required values depend on the value of AuthFlow:
	//
	//    * For USER_SRP_AUTH: USERNAME (required), SRP_A (required), SECRET_HASH
	//    (required if the app client is configured with a client secret), DEVICE_KEY.
	//
	//    * For ADMIN_USER_PASSWORD_AUTH: USERNAME (required), PASSWORD (required),
	//    SECRET_HASH (required if the app client is configured with a client secret),
	//    DEVICE_KEY.
	//
	//    * For REFRESH_TOKEN_AUTH/REFRESH_TOKEN: REFRESH_TOKEN (required), SECRET_HASH
	//    (required if the app client is configured with a client secret), DEVICE_KEY.
	//
	//    * For CUSTOM_AUTH: USERNAME (required), SECRET_HASH (if app client is
	//    configured with client secret), DEVICE_KEY. To start the authentication
	//    flow with password verification, include ChallengeName: SRP_A and SRP_A:
	//    (The SRP_A Value).
	//
	// For more information about SECRET_HASH, see Computing secret hash values
	// (https://docs.aws.amazon.com/cognito/latest/developerguide/signing-up-users-in-your-app.html#cognito-user-pools-computing-secret-hash).
	// For information about DEVICE_KEY, see Working with user devices in your user
	// pool (https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-device-tracking.html).
	//
	// AuthParameters is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by AdminInitiateAuthInput's
	// String and GoString methods.
	AuthParameters map[string]*string `type:"map" sensitive:"true"`

	// The app client ID.
	//
	// ClientId is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by AdminInitiateAuthInput's
	// String and GoString methods.
	//
	// ClientId is a required field
	ClientId *string `min:"1" type:"string" required:"true" sensitive:"true"`

	// A map of custom key-value pairs that you can provide as input for certain
	// custom workflows that this action triggers.
	//
	// You create custom workflows by assigning Lambda functions to user pool triggers.
	// When you use the AdminInitiateAuth API action, Amazon Cognito invokes the
	// Lambda functions that are specified for various triggers. The ClientMetadata
	// value is passed as input to the functions for only the following triggers:
	//
	//    * Pre signup
	//
	//    * Pre authentication
	//
	//    * User migration
	//
	// When Amazon Cognito invokes the functions for these triggers, it passes a
	// JSON payload, which the function receives as input. This payload contains
	// a validationData attribute, which provides the data that you assigned to
	// the ClientMetadata parameter in your AdminInitiateAuth request. In your function
	// code in Lambda, you can process the validationData value to enhance your
	// workflow for your specific needs.
	//
	// When you use the AdminInitiateAuth API action, Amazon Cognito also invokes
	// the functions for the following triggers, but it doesn't provide the ClientMetadata
	// value as input:
	//
	//    * Post authentication
	//
	//    * Custom message
	//
	//    * Pre token generation
	//
	//    * Create auth challenge
	//
	//    * Define auth challenge
	//
	// For more information, see Customizing user pool Workflows with Lambda Triggers
	// (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools-working-with-aws-lambda-triggers.html)
	// in the Amazon Cognito Developer Guide.
	//
	// When you use the ClientMetadata parameter, remember that Amazon Cognito won't
	// do the following:
	//
	//    * Store the ClientMetadata value. This data is available only to Lambda
	//    triggers that are assigned to a user pool to support custom workflows.
	//    If your user pool configuration doesn't include triggers, the ClientMetadata
	//    parameter serves no purpose.
	//
	//    * Validate the ClientMetadata value.
	//
	//    * Encrypt the ClientMetadata value. Don't use Amazon Cognito to provide
	//    sensitive information.
	ClientMetadata map[string]*string `type:"map"`

	// Contextual data about your user session, such as the device fingerprint,
	// IP address, or location. Amazon Cognito advanced security evaluates the risk
	// of an authentication event based on the context that your app generates and
	// passes to Amazon Cognito when it makes API requests.
	ContextData *ContextDataType `type:"structure"`

	// The ID of the Amazon Cognito user pool.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AdminInitiateAuthInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AdminInitiateAuthInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *AdminInitiateAuthInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "AdminInitiateAuthInput"}
	if s.AuthFlow == nil {
		invalidParams.Add(request.NewErrParamRequired("AuthFlow"))
	}
	if s.ClientId == nil {
		invalidParams.Add(request.NewErrParamRequired("ClientId"))
	}
	if s.ClientId != nil && len(*s.ClientId) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("ClientId", 1))
	}
	if s.UserPoolId == nil {
		invalidParams.Add(request.NewErrParamRequired("UserPoolId"))
	}
	if s.UserPoolId != nil && len(*s.UserPoolId) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("UserPoolId", 1))
	}
	if s.ContextData != nil {
		if err := s.ContextData.Validate(); err != nil {
			invalidParams.AddNested("ContextData", err.(request.ErrInvalidParams))
		}
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetAnalyticsMetadata sets the AnalyticsMetadata field's value.
func (s *AdminInitiateAuthInput) SetAnalyticsMetadata(v *AnalyticsMetadataType) *AdminInitiateAuthInput {
	s.AnalyticsMetadata = v
	return s
}

// SetAuthFlow sets the AuthFlow field's value.
func (s *AdminInitiateAuthInput) SetAuthFlow(v string) *AdminInitiateAuthInput {
	s.AuthFlow = &v
	return s
}

// SetAuthParameters sets the AuthParameters field's value.
func (s *AdminInitiateAuthInput) SetAuthParameters(v map[string]*string) *AdminInitiateAuthInput {
	s.AuthParameters = v
	return s
}

// SetClientId sets the ClientId field's value.
func (s *AdminInitiateAuthInput) SetClientId(v string) *AdminInitiateAuthInput {
	s.ClientId = &v
	return s
}

// SetClientMetadata sets the ClientMetadata field's value.
func (s *AdminInitiateAuthInput) SetClientMetadata(v map[string]*string) *AdminInitiateAuthInput {
	s.ClientMetadata = v
	return s
}

// SetContextData sets the ContextData field's value.
func (s *AdminInitiateAuthInput) SetContextData(v *ContextDataType) *AdminInitiateAuthInput {
	s.ContextData = v
	return s
}

// SetUserPoolId sets the UserPoolId field's value.
func (s *AdminInitiateAuthInput) SetUserPoolId(v string) *AdminInitiateAuthInput {
	s.UserPoolId = &v
	return s
}

// Initiates the authentication response, as an administrator.
type AdminInitiateAuthOutput struct {
	_ struct{} `type:"structure"`

	// The result of the authentication response. This is only returned if the caller
	// doesn't need to pass another challenge. If the caller does need to pass another
	// challenge before it gets tokens, ChallengeName, ChallengeParameters, and
	// Session are returned.
	AuthenticationResult *AuthenticationResultType `type:"structure"`

	// The name of the challenge that you're responding to with this call. This
	// is returned in the AdminInitiateAuth response if you must pass another challenge.
	//
	//    * MFA_SETUP: If MFA is required, users who don't have at least one of
	//    the MFA methods set up are presented with an MFA_SETUP challenge. The
	//    user must set up at least one MFA type to continue to authenticate.
	//
	//    * SELECT_MFA_TYPE: Selects the MFA type. Valid MFA options are SMS_MFA
	//    for text SMS MFA, and SOFTWARE_TOKEN_MFA for time-based one-time password
	//    (TOTP) software token MFA.
	//
	//    * SMS_MFA: Next challenge is to supply an SMS_MFA_CODE, delivered via
	//    SMS.
	//
	//    * PASSWORD_VERIFIER: Next challenge is to supply PASSWORD_CLAIM_SIGNATURE,
	//    PASSWORD_CLAIM_SECRET_BLOCK, and TIMESTAMP after the client-side SRP calculations.
	//
	//    * CUSTOM_CHALLENGE: This is returned if your custom authentication flow
	//    determines that the user should pass another challenge before tokens are
	//    issued.
	//
	//    * DEVICE_SRP_AUTH: If device tracking was activated in your user pool
	//    and the previous challenges were passed, this challenge is returned so
	//    that Amazon Cognito can start tracking this device.
	//
	//    * DEVICE_PASSWORD_VERIFIER: Similar to PASSWORD_VERIFIER, but for devices
	//    only.
	//
	//    * ADMIN_NO_SRP_AUTH: This is returned if you must authenticate with USERNAME
	//    and PASSWORD directly. An app client must be enabled to use this flow.
	//
	//    * NEW_PASSWORD_REQUIRED: For users who are required to change their passwords
	//    after successful first login. Respond to this challenge with NEW_PASSWORD
	//    and any required attributes that Amazon Cognito returned in the requiredAttributes
	//    parameter. You can also set values for attributes that aren't required
	//    by your user pool and that your app client can write. For more information,
	//    see AdminRespondToAuthChallenge (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminRespondToAuthChallenge.html).
	//    In a NEW_PASSWORD_REQUIRED challenge response, you can't modify a required
	//    attribute that already has a value. In AdminRespondToAuthChallenge, set
	//    a value for any keys that Amazon Cognito returned in the requiredAttributes
	//    parameter, then use the AdminUpdateUserAttributes API operation to modify
	//    the value of any additional attributes.
	//
	//    * MFA_SETUP: For users who are required to set up an MFA factor before
	//    they can sign in. The MFA types activated for the user pool will be listed
	//    in the challenge parameters MFAS_CAN_SETUP value. To set up software token
	//    MFA, use the session returned here from InitiateAuth as an input to AssociateSoftwareToken,
	//    and use the session returned by VerifySoftwareToken as an input to RespondToAuthChallenge
	//    with challenge name MFA_SETUP to complete sign-in. To set up SMS MFA,
	//    users will need help from an administrator to add a phone number to their
	//    account and then call InitiateAuth again to restart sign-in.
	ChallengeName *string `type:"string" enum:"ChallengeNameType"`

	// The challenge parameters. These are returned to you in the AdminInitiateAuth
	// response if you must pass another challenge. The responses in this parameter
	// should be used to compute inputs to the next call (AdminRespondToAuthChallenge).
	//
	// All challenges require USERNAME and SECRET_HASH (if applicable).
	//
	// The value of the USER_ID_FOR_SRP attribute is the user's actual username,
	// not an alias (such as email address or phone number), even if you specified
	// an alias in your call to AdminInitiateAuth. This happens because, in the
	// AdminRespondToAuthChallenge API ChallengeResponses, the USERNAME attribute
	// can't be an alias.
	ChallengeParameters map[string]*string `type:"map"`

	// The session that should be passed both ways in challenge-response calls to
	// the service. If AdminInitiateAuth or AdminRespondToAuthChallenge API call
	// determines that the caller must pass another challenge, they return a session
	// with other challenge parameters. This session should be passed as it is to
	// the next AdminRespondToAuthChallenge API call.
	//
	// Session is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by AdminInitiateAuthOutput's
	// String and GoString methods.
	Session *string `min:"20" type:"string" sensitive:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AdminInitiateAuthOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AdminInitiateAuthOutput) GoString() string {
	return s.String()
}

// SetAuthenticationResult sets the AuthenticationResult field's value.
func (s *AdminInitiateAuthOutput) SetAuthenticationResult(v *AuthenticationResultType) *AdminInitiateAuthOutput {
	s.AuthenticationResult = v
	return s
}

// SetChallengeName sets the ChallengeName field's value.
func (s *AdminInitiateAuthOutput) SetChallengeName(v string) *AdminInitiateAuthOutput {
	s.ChallengeName = &v
	return s
}

// SetChallengeParameters sets the ChallengeParameters field's value.
func (s *AdminInitiateAuthOutput) SetChallengeParameters(v map[string]*string) *AdminInitiateAuthOutput {
	s.ChallengeParameters = v
	return s
}

// SetSession sets the Session field's value.
func (s *AdminInitiateAuthOutput) SetSession(v string) *AdminInitiateAuthOutput {
	s.Session = &v
	return s
}

type AdminLinkProviderForUserInput struct {
	_ struct{} `type:"structure"`

	// The existing user in the user pool that you want to assign to the external
	// IdP user account. This user can be a local (Username + Password) Amazon Cognito
	// user pools user or a federated user (for example, a SAML or Facebook user).
	// If the user doesn't exist, Amazon Cognito generates an exception. Amazon
	// Cognito returns this user when the new user (with the linked IdP attribute)
	// signs in.
	//
	// For a native username + password user, the ProviderAttributeValue for the
	// DestinationUser should be the username in the user pool. For a federated
	// user, it should be the provider-specific user_id.
	//
	// The ProviderAttributeName of the DestinationUser is ignored.
	//
	// The ProviderName should be set to Cognito for users in Cognito user pools.
	//
	// All attributes in the DestinationUser profile must be mutable. If you have
	// assigned the user any immutable custom attributes, the operation won't succeed.
	//
	// DestinationUser is a required field
	DestinationUser *ProviderUserIdentifierType `type:"structure" required:"true"`

	// An external IdP account for a user who doesn't exist yet in the user pool.
	// This user must be a federated user (for example, a SAML or Facebook user),
	// not another native user.
	//
	// If the SourceUser is using a federated social IdP, such as Facebook, Google,
	// or Login with Amazon, you must set the ProviderAttributeName to Cognito_Subject.
	// For social IdPs, the ProviderName will be Facebook, Google, or LoginWithAmazon,
	// and Amazon Cognito will automatically parse the Facebook, Google, and Login
	// with Amazon tokens for id, sub, and user_id, respectively. The ProviderAttributeValue
	// for the user must be the same value as the id, sub, or user_id value found
	// in the social IdP token.
	//
	// For OIDC, the ProviderAttributeName can be any value that matches a claim
	// in the ID token, or that your app retrieves from the userInfo endpoint. You
	// must map the claim to a user pool attribute in your IdP configuration, and
	// set the user pool attribute name as the value of ProviderAttributeName in
	// your AdminLinkProviderForUser request.
	//
	// For SAML, the ProviderAttributeName can be any value that matches a claim
	// in the SAML assertion. To link SAML users based on the subject of the SAML
	// assertion, map the subject to a claim through the SAML IdP and set that claim
	// name as the value of ProviderAttributeName in your AdminLinkProviderForUser
	// request.
	//
	// For both OIDC and SAML users, when you set ProviderAttributeName to Cognito_Subject,
	// Amazon Cognito will automatically parse the default unique identifier found
	// in the subject from the IdP token.
	//
	// SourceUser is a required field
	SourceUser *ProviderUserIdentifierType `type:"structure" required:"true"`

	// The user pool ID for the user pool.
	//
	// UserPoolId is a required field
	UserPoolId *string `type:"string" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AdminLinkProviderForUserInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AdminLinkProviderForUserInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *AdminLinkProviderForUserInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "AdminLinkProviderForUserInput"}
	if s.DestinationUser == nil {
		invalidParams.Add(request.NewErrParamRequired("DestinationUser"))
	}
	if s.SourceUser == nil {
		invalidParams.Add(request.NewErrParamRequired("SourceUser"))
	}
	if s.UserPoolId == nil {
		invalidParams.Add(request.NewErrParamRequired("UserPoolId"))
	}
	if s.DestinationUser != nil {
		if err := s.DestinationUser.Validate(); err != nil {
			invalidParams.AddNested("DestinationUser", err.(request.ErrInvalidParams))
		}
	}
	if s.SourceUser != nil {
		if err := s.SourceUser.Validate(); err != nil {
			invalidParams.AddNested("SourceUser", err.(request.ErrInvalidParams))
		}
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetDestinationUser sets the DestinationUser field's value.
func (s *AdminLinkProviderForUserInput) SetDestinationUser(v *ProviderUserIdentifierType) *AdminLinkProviderForUserInput {
	s.DestinationUser = v
	return s
}

// SetSourceUser sets the SourceUser field's value.
func (s *AdminLinkProviderForUserInput) SetSourceUser(v *ProviderUserIdentifierType) *AdminLinkProviderForUserInput {
	s.SourceUser = v
	return s
}

// SetUserPoolId sets the UserPoolId field's value.
func (s *AdminLinkProviderForUserInput) SetUserPoolId(v string) *AdminLinkProviderForUserInput {
	s.UserPoolId = &v
	return s
}

type AdminLinkProviderForUserOutput struct {
	_ struct{} `type:"structure"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AdminLinkProviderForUserOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AdminLinkProviderForUserOutput) GoString() string {
	return s.String()
}

// Represents the request to list devices, as an administrator.
type AdminListDevicesInput struct {
	_ struct{} `type:"structure"`

	// The limit of the devices request.
	Limit *int64 `type:"integer"`

	// This API operation returns a limited number of results. The pagination token
	// is an identifier that you can present in an additional API request with the
	// same parameters. When you include the pagination token, Amazon Cognito returns
	// the next set of items after the current list. Subsequent requests return
	// a new pagination token. By use of this token, you can paginate through the
	// full list of items.
	PaginationToken *string `min:"1" type:"string"`

	// The user pool ID.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`

	// The username of the user that you want to query or modify. The value of this
	// parameter is typically your user's username, but it can be any of their alias
	// attributes. If username isn't an alias attribute in your user pool, you can
	// also use their sub in this request.
	//
	// Username is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by AdminListDevicesInput's
	// String and GoString methods.
	//
	// Username is a required field
	Username *string `min:"1" type:"string" required:"true" sensitive:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AdminListDevicesInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AdminListDevicesInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *AdminListDevicesInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "AdminListDevicesInput"}
	if s.PaginationToken != nil && len(*s.PaginationToken) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("PaginationToken", 1))
	}
	if s.UserPoolId == nil {
		invalidParams.Add(request.NewErrParamRequired("UserPoolId"))
	}
	if s.UserPoolId != nil && len(*s.UserPoolId) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("UserPoolId", 1))
	}
	if s.Username == nil {
		invalidParams.Add(request.NewErrParamRequired("Username"))
	}
	if s.Username != nil && len(*s.Username) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("Username", 1))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetLimit sets the Limit field's value.
func (s *AdminListDevicesInput) SetLimit(v int64) *AdminListDevicesInput {
	s.Limit = &v
	return s
}

// SetPaginationToken sets the PaginationToken field's value.
func (s *AdminListDevicesInput) SetPaginationToken(v string) *AdminListDevicesInput {
	s.PaginationToken = &v
	return s
}

// SetUserPoolId sets the UserPoolId field's value.
func (s *AdminListDevicesInput) SetUserPoolId(v string) *AdminListDevicesInput {
	s.UserPoolId = &v
	return s
}

// SetUsername sets the Username field's value.
func (s *AdminListDevicesInput) SetUsername(v string) *AdminListDevicesInput {
	s.Username = &v
	return s
}

// Lists the device's response, as an administrator.
type AdminListDevicesOutput struct {
	_ struct{} `type:"structure"`

	// The devices in the list of devices response.
	Devices []*DeviceType `type:"list"`

	// The identifier that Amazon Cognito returned with the previous request to
	// this operation. When you include a pagination token in your request, Amazon
	// Cognito returns the next set of items in the list. By use of this token,
	// you can paginate through the full list of items.
	PaginationToken *string `min:"1" type:"string"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AdminListDevicesOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AdminListDevicesOutput) GoString() string {
	return s.String()
}

// SetDevices sets the Devices field's value.
func (s *AdminListDevicesOutput) SetDevices(v []*DeviceType) *AdminListDevicesOutput {
	s.Devices = v
	return s
}

// SetPaginationToken sets the PaginationToken field's value.
func (s *AdminListDevicesOutput) SetPaginationToken(v string) *AdminListDevicesOutput {
	s.PaginationToken = &v
	return s
}

type AdminListGroupsForUserInput struct {
	_ struct{} `type:"structure"`

	// The limit of the request to list groups.
	Limit *int64 `type:"integer"`

	// An identifier that was returned from the previous call to this operation,
	// which can be used to return the next set of items in the list.
	NextToken *string `min:"1" type:"string"`

	// The user pool ID for the user pool.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`

	// The username of the user that you want to query or modify. The value of this
	// parameter is typically your user's username, but it can be any of their alias
	// attributes. If username isn't an alias attribute in your user pool, you can
	// also use their sub in this request.
	//
	// Username is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by AdminListGroupsForUserInput's
	// String and GoString methods.
	//
	// Username is a required field
	Username *string `min:"1" type:"string" required:"true" sensitive:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AdminListGroupsForUserInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AdminListGroupsForUserInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *AdminListGroupsForUserInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "AdminListGroupsForUserInput"}
	if s.NextToken != nil && len(*s.NextToken) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("NextToken", 1))
	}
	if s.UserPoolId == nil {
		invalidParams.Add(request.NewErrParamRequired("UserPoolId"))
	}
	if s.UserPoolId != nil && len(*s.UserPoolId) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("UserPoolId", 1))
	}
	if s.Username == nil {
		invalidParams.Add(request.NewErrParamRequired("Username"))
	}
	if s.Username != nil && len(*s.Username) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("Username", 1))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetLimit sets the Limit field's value.
func (s *AdminListGroupsForUserInput) SetLimit(v int64) *AdminListGroupsForUserInput {
	s.Limit = &v
	return s
}

// SetNextToken sets the NextToken field's value.
func (s *AdminListGroupsForUserInput) SetNextToken(v string) *AdminListGroupsForUserInput {
	s.NextToken = &v
	return s
}

// SetUserPoolId sets the UserPoolId field's value.
func (s *AdminListGroupsForUserInput) SetUserPoolId(v string) *AdminListGroupsForUserInput {
	s.UserPoolId = &v
	return s
}

// SetUsername sets the Username field's value.
func (s *AdminListGroupsForUserInput) SetUsername(v string) *AdminListGroupsForUserInput {
	s.Username = &v
	return s
}

type AdminListGroupsForUserOutput struct {
	_ struct{} `type:"structure"`

	// The groups that the user belongs to.
	Groups []*GroupType `type:"list"`

	// An identifier that was returned from the previous call to this operation,
	// which can be used to return the next set of items in the list.
	NextToken *string `min:"1" type:"string"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AdminListGroupsForUserOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AdminListGroupsForUserOutput) GoString() string {
	return s.String()
}

// SetGroups sets the Groups field's value.
func (s *AdminListGroupsForUserOutput) SetGroups(v []*GroupType) *AdminListGroupsForUserOutput {
	s.Groups = v
	return s
}

// SetNextToken sets the NextToken field's value.
func (s *AdminListGroupsForUserOutput) SetNextToken(v string) *AdminListGroupsForUserOutput {
	s.NextToken = &v
	return s
}

type AdminListUserAuthEventsInput struct {
	_ struct{} `type:"structure"`

	// The maximum number of authentication events to return. Returns 60 events
	// if you set MaxResults to 0, or if you don't include a MaxResults parameter.
	MaxResults *int64 `type:"integer"`

	// A pagination token.
	NextToken *string `min:"1" type:"string"`

	// The user pool ID.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`

	// The username of the user that you want to query or modify. The value of this
	// parameter is typically your user's username, but it can be any of their alias
	// attributes. If username isn't an alias attribute in your user pool, you can
	// also use their sub in this request.
	//
	// Username is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by AdminListUserAuthEventsInput's
	// String and GoString methods.
	//
	// Username is a required field
	Username *string `min:"1" type:"string" required:"true" sensitive:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AdminListUserAuthEventsInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AdminListUserAuthEventsInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *AdminListUserAuthEventsInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "AdminListUserAuthEventsInput"}
	if s.NextToken != nil && len(*s.NextToken) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("NextToken", 1))
	}
	if s.UserPoolId == nil {
		invalidParams.Add(request.NewErrParamRequired("UserPoolId"))
	}
	if s.UserPoolId != nil && len(*s.UserPoolId) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("UserPoolId", 1))
	}
	if s.Username == nil {
		invalidParams.Add(request.NewErrParamRequired("Username"))
	}
	if s.Username != nil && len(*s.Username) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("Username", 1))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetMaxResults sets the MaxResults field's value.
func (s *AdminListUserAuthEventsInput) SetMaxResults(v int64) *AdminListUserAuthEventsInput {
	s.MaxResults = &v
	return s
}

// SetNextToken sets the NextToken field's value.
func (s *AdminListUserAuthEventsInput) SetNextToken(v string) *AdminListUserAuthEventsInput {
	s.NextToken = &v
	return s
}

// SetUserPoolId sets the UserPoolId field's value.
func (s *AdminListUserAuthEventsInput) SetUserPoolId(v string) *AdminListUserAuthEventsInput {
	s.UserPoolId = &v
	return s
}

// SetUsername sets the Username field's value.
func (s *AdminListUserAuthEventsInput) SetUsername(v string) *AdminListUserAuthEventsInput {
	s.Username = &v
	return s
}

type AdminListUserAuthEventsOutput struct {
	_ struct{} `type:"structure"`

	// The response object. It includes the EventID, EventType, CreationDate, EventRisk,
	// and EventResponse.
	AuthEvents []*AuthEventType `type:"list"`

	// A pagination token.
	NextToken *string `min:"1" type:"string"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AdminListUserAuthEventsOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AdminListUserAuthEventsOutput) GoString() string {
	return s.String()
}

// SetAuthEvents sets the AuthEvents field's value.
func (s *AdminListUserAuthEventsOutput) SetAuthEvents(v []*AuthEventType) *AdminListUserAuthEventsOutput {
	s.AuthEvents = v
	return s
}

// SetNextToken sets the NextToken field's value.
func (s *AdminListUserAuthEventsOutput) SetNextToken(v string) *AdminListUserAuthEventsOutput {
	s.NextToken = &v
	return s
}

type AdminRemoveUserFromGroupInput struct {
	_ struct{} `type:"structure"`

	// The group name.
	//
	// GroupName is a required field
	GroupName *string `min:"1" type:"string" required:"true"`

	// The user pool ID for the user pool.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`

	// The username of the user that you want to query or modify. The value of this
	// parameter is typically your user's username, but it can be any of their alias
	// attributes. If username isn't an alias attribute in your user pool, you can
	// also use their sub in this request.
	//
	// Username is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by AdminRemoveUserFromGroupInput's
	// String and GoString methods.
	//
	// Username is a required field
	Username *string `min:"1" type:"string" required:"true" sensitive:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AdminRemoveUserFromGroupInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AdminRemoveUserFromGroupInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *AdminRemoveUserFromGroupInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "AdminRemoveUserFromGroupInput"}
	if s.GroupName == nil {
		invalidParams.Add(request.NewErrParamRequired("GroupName"))
	}
	if s.GroupName != nil && len(*s.GroupName) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("GroupName", 1))
	}
	if s.UserPoolId == nil {
		invalidParams.Add(request.NewErrParamRequired("UserPoolId"))
	}
	if s.UserPoolId != nil && len(*s.UserPoolId) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("UserPoolId", 1))
	}
	if s.Username == nil {
		invalidParams.Add(request.NewErrParamRequired("Username"))
	}
	if s.Username != nil && len(*s.Username) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("Username", 1))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetGroupName sets the GroupName field's value.
func (s *AdminRemoveUserFromGroupInput) SetGroupName(v string) *AdminRemoveUserFromGroupInput {
	s.GroupName = &v
	return s
}

// SetUserPoolId sets the UserPoolId field's value.
func (s *AdminRemoveUserFromGroupInput) SetUserPoolId(v string) *AdminRemoveUserFromGroupInput {
	s.UserPoolId = &v
	return s
}

// SetUsername sets the Username field's value.
func (s *AdminRemoveUserFromGroupInput) SetUsername(v string) *AdminRemoveUserFromGroupInput {
	s.Username = &v
	return s
}

type AdminRemoveUserFromGroupOutput struct {
	_ struct{} `type:"structure"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AdminRemoveUserFromGroupOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AdminRemoveUserFromGroupOutput) GoString() string {
	return s.String()
}

// Represents the request to reset a user's password as an administrator.
type AdminResetUserPasswordInput struct {
	_ struct{} `type:"structure"`

	// A map of custom key-value pairs that you can provide as input for any custom
	// workflows that this action triggers.
	//
	// You create custom workflows by assigning Lambda functions to user pool triggers.
	// When you use the AdminResetUserPassword API action, Amazon Cognito invokes
	// the function that is assigned to the custom message trigger. When Amazon
	// Cognito invokes this function, it passes a JSON payload, which the function
	// receives as input. This payload contains a clientMetadata attribute, which
	// provides the data that you assigned to the ClientMetadata parameter in your
	// AdminResetUserPassword request. In your function code in Lambda, you can
	// process the clientMetadata value to enhance your workflow for your specific
	// needs.
	//
	// For more information, see Customizing user pool Workflows with Lambda Triggers
	// (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools-working-with-aws-lambda-triggers.html)
	// in the Amazon Cognito Developer Guide.
	//
	// When you use the ClientMetadata parameter, remember that Amazon Cognito won't
	// do the following:
	//
	//    * Store the ClientMetadata value. This data is available only to Lambda
	//    triggers that are assigned to a user pool to support custom workflows.
	//    If your user pool configuration doesn't include triggers, the ClientMetadata
	//    parameter serves no purpose.
	//
	//    * Validate the ClientMetadata value.
	//
	//    * Encrypt the ClientMetadata value. Don't use Amazon Cognito to provide
	//    sensitive information.
	ClientMetadata map[string]*string `type:"map"`

	// The user pool ID for the user pool where you want to reset the user's password.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`

	// The username of the user that you want to query or modify. The value of this
	// parameter is typically your user's username, but it can be any of their alias
	// attributes. If username isn't an alias attribute in your user pool, you can
	// also use their sub in this request.
	//
	// Username is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by AdminResetUserPasswordInput's
	// String and GoString methods.
	//
	// Username is a required field
	Username *string `min:"1" type:"string" required:"true" sensitive:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AdminResetUserPasswordInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AdminResetUserPasswordInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *AdminResetUserPasswordInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "AdminResetUserPasswordInput"}
	if s.UserPoolId == nil {
		invalidParams.Add(request.NewErrParamRequired("UserPoolId"))
	}
	if s.UserPoolId != nil && len(*s.UserPoolId) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("UserPoolId", 1))
	}
	if s.Username == nil {
		invalidParams.Add(request.NewErrParamRequired("Username"))
	}
	if s.Username != nil && len(*s.Username) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("Username", 1))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetClientMetadata sets the ClientMetadata field's value.
func (s *AdminResetUserPasswordInput) SetClientMetadata(v map[string]*string) *AdminResetUserPasswordInput {
	s.ClientMetadata = v
	return s
}

// SetUserPoolId sets the UserPoolId field's value.
func (s *AdminResetUserPasswordInput) SetUserPoolId(v string) *AdminResetUserPasswordInput {
	s.UserPoolId = &v
	return s
}

// SetUsername sets the Username field's value.
func (s *AdminResetUserPasswordInput) SetUsername(v string) *AdminResetUserPasswordInput {
	s.Username = &v
	return s
}

// Represents the response from the server to reset a user password as an administrator.
type AdminResetUserPasswordOutput struct {
	_ struct{} `type:"structure"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AdminResetUserPasswordOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AdminResetUserPasswordOutput) GoString() string {
	return s.String()
}

// The request to respond to the authentication challenge, as an administrator.
type AdminRespondToAuthChallengeInput struct {
	_ struct{} `type:"structure"`

	// The analytics metadata for collecting Amazon Pinpoint metrics for AdminRespondToAuthChallenge
	// calls.
	AnalyticsMetadata *AnalyticsMetadataType `type:"structure"`

	// The challenge name. For more information, see AdminInitiateAuth (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminInitiateAuth.html).
	//
	// ChallengeName is a required field
	ChallengeName *string `type:"string" required:"true" enum:"ChallengeNameType"`

	// The responses to the challenge that you received in the previous request.
	// Each challenge has its own required response parameters. The following examples
	// are partial JSON request bodies that highlight challenge-response parameters.
	//
	// You must provide a SECRET_HASH parameter in all challenge responses to an
	// app client that has a client secret.
	//
	// SMS_MFA
	//
	// "ChallengeName": "SMS_MFA", "ChallengeResponses": {"SMS_MFA_CODE": "[SMS_code]",
	// "USERNAME": "[username]"}
	//
	// PASSWORD_VERIFIER
	//
	// "ChallengeName": "PASSWORD_VERIFIER", "ChallengeResponses": {"PASSWORD_CLAIM_SIGNATURE":
	// "[claim_signature]", "PASSWORD_CLAIM_SECRET_BLOCK": "[secret_block]", "TIMESTAMP":
	// [timestamp], "USERNAME": "[username]"}
	//
	// Add "DEVICE_KEY" when you sign in with a remembered device.
	//
	// CUSTOM_CHALLENGE
	//
	// "ChallengeName": "CUSTOM_CHALLENGE", "ChallengeResponses": {"USERNAME": "[username]",
	// "ANSWER": "[challenge_answer]"}
	//
	// Add "DEVICE_KEY" when you sign in with a remembered device.
	//
	// NEW_PASSWORD_REQUIRED
	//
	// "ChallengeName": "NEW_PASSWORD_REQUIRED", "ChallengeResponses": {"NEW_PASSWORD":
	// "[new_password]", "USERNAME": "[username]"}
	//
	// To set any required attributes that InitiateAuth returned in an requiredAttributes
	// parameter, add "userAttributes.[attribute_name]": "[attribute_value]". This
	// parameter can also set values for writable attributes that aren't required
	// by your user pool.
	//
	// In a NEW_PASSWORD_REQUIRED challenge response, you can't modify a required
	// attribute that already has a value. In RespondToAuthChallenge, set a value
	// for any keys that Amazon Cognito returned in the requiredAttributes parameter,
	// then use the UpdateUserAttributes API operation to modify the value of any
	// additional attributes.
	//
	// SOFTWARE_TOKEN_MFA
	//
	// "ChallengeName": "SOFTWARE_TOKEN_MFA", "ChallengeResponses": {"USERNAME":
	// "[username]", "SOFTWARE_TOKEN_MFA_CODE": [authenticator_code]}
	//
	// DEVICE_SRP_AUTH
	//
	// "ChallengeName": "DEVICE_SRP_AUTH", "ChallengeResponses": {"USERNAME": "[username]",
	// "DEVICE_KEY": "[device_key]", "SRP_A": "[srp_a]"}
	//
	// DEVICE_PASSWORD_VERIFIER
	//
	// "ChallengeName": "DEVICE_PASSWORD_VERIFIER", "ChallengeResponses": {"DEVICE_KEY":
	// "[device_key]", "PASSWORD_CLAIM_SIGNATURE": "[claim_signature]", "PASSWORD_CLAIM_SECRET_BLOCK":
	// "[secret_block]", "TIMESTAMP": [timestamp], "USERNAME": "[username]"}
	//
	// MFA_SETUP
	//
	// "ChallengeName": "MFA_SETUP", "ChallengeResponses": {"USERNAME": "[username]"},
	// "SESSION": "[Session ID from VerifySoftwareToken]"
	//
	// SELECT_MFA_TYPE
	//
	// "ChallengeName": "SELECT_MFA_TYPE", "ChallengeResponses": {"USERNAME": "[username]",
	// "ANSWER": "[SMS_MFA or SOFTWARE_TOKEN_MFA]"}
	//
	// For more information about SECRET_HASH, see Computing secret hash values
	// (https://docs.aws.amazon.com/cognito/latest/developerguide/signing-up-users-in-your-app.html#cognito-user-pools-computing-secret-hash).
	// For information about DEVICE_KEY, see Working with user devices in your user
	// pool (https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-device-tracking.html).
	//
	// ChallengeResponses is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by AdminRespondToAuthChallengeInput's
	// String and GoString methods.
	ChallengeResponses map[string]*string `type:"map" sensitive:"true"`

	// The app client ID.
	//
	// ClientId is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by AdminRespondToAuthChallengeInput's
	// String and GoString methods.
	//
	// ClientId is a required field
	ClientId *string `min:"1" type:"string" required:"true" sensitive:"true"`

	// A map of custom key-value pairs that you can provide as input for any custom
	// workflows that this action triggers.
	//
	// You create custom workflows by assigning Lambda functions to user pool triggers.
	// When you use the AdminRespondToAuthChallenge API action, Amazon Cognito invokes
	// any functions that you have assigned to the following triggers:
	//
	//    * pre sign-up
	//
	//    * custom message
	//
	//    * post authentication
	//
	//    * user migration
	//
	//    * pre token generation
	//
	//    * define auth challenge
	//
	//    * create auth challenge
	//
	//    * verify auth challenge response
	//
	// When Amazon Cognito invokes any of these functions, it passes a JSON payload,
	// which the function receives as input. This payload contains a clientMetadata
	// attribute that provides the data that you assigned to the ClientMetadata
	// parameter in your AdminRespondToAuthChallenge request. In your function code
	// in Lambda, you can process the clientMetadata value to enhance your workflow
	// for your specific needs.
	//
	// For more information, see Customizing user pool Workflows with Lambda Triggers
	// (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools-working-with-aws-lambda-triggers.html)
	// in the Amazon Cognito Developer Guide.
	//
	// When you use the ClientMetadata parameter, remember that Amazon Cognito won't
	// do the following:
	//
	//    * Store the ClientMetadata value. This data is available only to Lambda
	//    triggers that are assigned to a user pool to support custom workflows.
	//    If your user pool configuration doesn't include triggers, the ClientMetadata
	//    parameter serves no purpose.
	//
	//    * Validate the ClientMetadata value.
	//
	//    * Encrypt the ClientMetadata value. Don't use Amazon Cognito to provide
	//    sensitive information.
	ClientMetadata map[string]*string `type:"map"`

	// Contextual data about your user session, such as the device fingerprint,
	// IP address, or location. Amazon Cognito advanced security evaluates the risk
	// of an authentication event based on the context that your app generates and
	// passes to Amazon Cognito when it makes API requests.
	ContextData *ContextDataType `type:"structure"`

	// The session that should be passed both ways in challenge-response calls to
	// the service. If an InitiateAuth or RespondToAuthChallenge API call determines
	// that the caller must pass another challenge, it returns a session with other
	// challenge parameters. This session should be passed as it is to the next
	// RespondToAuthChallenge API call.
	//
	// Session is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by AdminRespondToAuthChallengeInput's
	// String and GoString methods.
	Session *string `min:"20" type:"string" sensitive:"true"`

	// The ID of the Amazon Cognito user pool.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AdminRespondToAuthChallengeInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AdminRespondToAuthChallengeInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *AdminRespondToAuthChallengeInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "AdminRespondToAuthChallengeInput"}
	if s.ChallengeName == nil {
		invalidParams.Add(request.NewErrParamRequired("ChallengeName"))
	}
	if s.ClientId == nil {
		invalidParams.Add(request.NewErrParamRequired("ClientId"))
	}
	if s.ClientId != nil && len(*s.ClientId) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("ClientId", 1))
	}
	if s.Session != nil && len(*s.Session) < 20 {
		invalidParams.Add(request.NewErrParamMinLen("Session", 20))
	}
	if s.UserPoolId == nil {
		invalidParams.Add(request.NewErrParamRequired("UserPoolId"))
	}
	if s.UserPoolId != nil && len(*s.UserPoolId) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("UserPoolId", 1))
	}
	if s.ContextData != nil {
		if err := s.ContextData.Validate(); err != nil {
			invalidParams.AddNested("ContextData", err.(request.ErrInvalidParams))
		}
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetAnalyticsMetadata sets the AnalyticsMetadata field's value.
func (s *AdminRespondToAuthChallengeInput) SetAnalyticsMetadata(v *AnalyticsMetadataType) *AdminRespondToAuthChallengeInput {
	s.AnalyticsMetadata = v
	return s
}

// SetChallengeName sets the ChallengeName field's value.
func (s *AdminRespondToAuthChallengeInput) SetChallengeName(v string) *AdminRespondToAuthChallengeInput {
	s.ChallengeName = &v
	return s
}

// SetChallengeResponses sets the ChallengeResponses field's value.
func (s *AdminRespondToAuthChallengeInput) SetChallengeResponses(v map[string]*string) *AdminRespondToAuthChallengeInput {
	s.ChallengeResponses = v
	return s
}

// SetClientId sets the ClientId field's value.
func (s *AdminRespondToAuthChallengeInput) SetClientId(v string) *AdminRespondToAuthChallengeInput {
	s.ClientId = &v
	return s
}

// SetClientMetadata sets the ClientMetadata field's value.
func (s *AdminRespondToAuthChallengeInput) SetClientMetadata(v map[string]*string) *AdminRespondToAuthChallengeInput {
	s.ClientMetadata = v
	return s
}

// SetContextData sets the ContextData field's value.
func (s *AdminRespondToAuthChallengeInput) SetContextData(v *ContextDataType) *AdminRespondToAuthChallengeInput {
	s.ContextData = v
	return s
}

// SetSession sets the Session field's value.
func (s *AdminRespondToAuthChallengeInput) SetSession(v string) *AdminRespondToAuthChallengeInput {
	s.Session = &v
	return s
}

// SetUserPoolId sets the UserPoolId field's value.
func (s *AdminRespondToAuthChallengeInput) SetUserPoolId(v string) *AdminRespondToAuthChallengeInput {
	s.UserPoolId = &v
	return s
}

// Responds to the authentication challenge, as an administrator.
type AdminRespondToAuthChallengeOutput struct {
	_ struct{} `type:"structure"`

	// The result returned by the server in response to the authentication request.
	AuthenticationResult *AuthenticationResultType `type:"structure"`

	// The name of the challenge. For more information, see AdminInitiateAuth (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminInitiateAuth.html).
	ChallengeName *string `type:"string" enum:"ChallengeNameType"`

	// The challenge parameters. For more information, see AdminInitiateAuth (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminInitiateAuth.html).
	ChallengeParameters map[string]*string `type:"map"`

	// The session that should be passed both ways in challenge-response calls to
	// the service. If the caller must pass another challenge, they return a session
	// with other challenge parameters. This session should be passed as it is to
	// the next RespondToAuthChallenge API call.
	//
	// Session is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by AdminRespondToAuthChallengeOutput's
	// String and GoString methods.
	Session *string `min:"20" type:"string" sensitive:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AdminRespondToAuthChallengeOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AdminRespondToAuthChallengeOutput) GoString() string {
	return s.String()
}

// SetAuthenticationResult sets the AuthenticationResult field's value.
func (s *AdminRespondToAuthChallengeOutput) SetAuthenticationResult(v *AuthenticationResultType) *AdminRespondToAuthChallengeOutput {
	s.AuthenticationResult = v
	return s
}

// SetChallengeName sets the ChallengeName field's value.
func (s *AdminRespondToAuthChallengeOutput) SetChallengeName(v string) *AdminRespondToAuthChallengeOutput {
	s.ChallengeName = &v
	return s
}

// SetChallengeParameters sets the ChallengeParameters field's value.
func (s *AdminRespondToAuthChallengeOutput) SetChallengeParameters(v map[string]*string) *AdminRespondToAuthChallengeOutput {
	s.ChallengeParameters = v
	return s
}

// SetSession sets the Session field's value.
func (s *AdminRespondToAuthChallengeOutput) SetSession(v string) *AdminRespondToAuthChallengeOutput {
	s.Session = &v
	return s
}

type AdminSetUserMFAPreferenceInput struct {
	_ struct{} `type:"structure"`

	// The SMS text message MFA settings.
	SMSMfaSettings *SMSMfaSettingsType `type:"structure"`

	// The time-based one-time password software token MFA settings.
	SoftwareTokenMfaSettings *SoftwareTokenMfaSettingsType `type:"structure"`

	// The user pool ID.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`

	// The username of the user that you want to query or modify. The value of this
	// parameter is typically your user's username, but it can be any of their alias
	// attributes. If username isn't an alias attribute in your user pool, you can
	// also use their sub in this request.
	//
	// Username is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by AdminSetUserMFAPreferenceInput's
	// String and GoString methods.
	//
	// Username is a required field
	Username *string `min:"1" type:"string" required:"true" sensitive:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AdminSetUserMFAPreferenceInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AdminSetUserMFAPreferenceInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *AdminSetUserMFAPreferenceInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "AdminSetUserMFAPreferenceInput"}
	if s.UserPoolId == nil {
		invalidParams.Add(request.NewErrParamRequired("UserPoolId"))
	}
	if s.UserPoolId != nil && len(*s.UserPoolId) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("UserPoolId", 1))
	}
	if s.Username == nil {
		invalidParams.Add(request.NewErrParamRequired("Username"))
	}
	if s.Username != nil && len(*s.Username) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("Username", 1))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetSMSMfaSettings sets the SMSMfaSettings field's value.
func (s *AdminSetUserMFAPreferenceInput) SetSMSMfaSettings(v *SMSMfaSettingsType) *AdminSetUserMFAPreferenceInput {
	s.SMSMfaSettings = v
	return s
}

// SetSoftwareTokenMfaSettings sets the SoftwareTokenMfaSettings field's value.
func (s *AdminSetUserMFAPreferenceInput) SetSoftwareTokenMfaSettings(v *SoftwareTokenMfaSettingsType) *AdminSetUserMFAPreferenceInput {
	s.SoftwareTokenMfaSettings = v
	return s
}

// SetUserPoolId sets the UserPoolId field's value.
func (s *AdminSetUserMFAPreferenceInput) SetUserPoolId(v string) *AdminSetUserMFAPreferenceInput {
	s.UserPoolId = &v
	return s
}

// SetUsername sets the Username field's value.
func (s *AdminSetUserMFAPreferenceInput) SetUsername(v string) *AdminSetUserMFAPreferenceInput {
	s.Username = &v
	return s
}

type AdminSetUserMFAPreferenceOutput struct {
	_ struct{} `type:"structure"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AdminSetUserMFAPreferenceOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AdminSetUserMFAPreferenceOutput) GoString() string {
	return s.String()
}

type AdminSetUserPasswordInput struct {
	_ struct{} `type:"structure"`

	// The password for the user.
	//
	// Password is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by AdminSetUserPasswordInput's
	// String and GoString methods.
	//
	// Password is a required field
	Password *string `type:"string" required:"true" sensitive:"true"`

	// True if the password is permanent, False if it is temporary.
	Permanent *bool `type:"boolean"`

	// The user pool ID for the user pool where you want to set the user's password.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`

	// The username of the user that you want to query or modify. The value of this
	// parameter is typically your user's username, but it can be any of their alias
	// attributes. If username isn't an alias attribute in your user pool, you can
	// also use their sub in this request.
	//
	// Username is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by AdminSetUserPasswordInput's
	// String and GoString methods.
	//
	// Username is a required field
	Username *string `min:"1" type:"string" required:"true" sensitive:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AdminSetUserPasswordInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AdminSetUserPasswordInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *AdminSetUserPasswordInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "AdminSetUserPasswordInput"}
	if s.Password == nil {
		invalidParams.Add(request.NewErrParamRequired("Password"))
	}
	if s.UserPoolId == nil {
		invalidParams.Add(request.NewErrParamRequired("UserPoolId"))
	}
	if s.UserPoolId != nil && len(*s.UserPoolId) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("UserPoolId", 1))
	}
	if s.Username == nil {
		invalidParams.Add(request.NewErrParamRequired("Username"))
	}
	if s.Username != nil && len(*s.Username) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("Username", 1))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetPassword sets the Password field's value.
func (s *AdminSetUserPasswordInput) SetPassword(v string) *AdminSetUserPasswordInput {
	s.Password = &v
	return s
}

// SetPermanent sets the Permanent field's value.
func (s *AdminSetUserPasswordInput) SetPermanent(v bool) *AdminSetUserPasswordInput {
	s.Permanent = &v
	return s
}

// SetUserPoolId sets the UserPoolId field's value.
func (s *AdminSetUserPasswordInput) SetUserPoolId(v string) *AdminSetUserPasswordInput {
	s.UserPoolId = &v
	return s
}

// SetUsername sets the Username field's value.
func (s *AdminSetUserPasswordInput) SetUsername(v string) *AdminSetUserPasswordInput {
	s.Username = &v
	return s
}

type AdminSetUserPasswordOutput struct {
	_ struct{} `type:"structure"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AdminSetUserPasswordOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AdminSetUserPasswordOutput) GoString() string {
	return s.String()
}

// You can use this parameter to set an MFA configuration that uses the SMS
// delivery medium.
type AdminSetUserSettingsInput struct {
	_ struct{} `type:"structure"`

	// You can use this parameter only to set an SMS configuration that uses SMS
	// for delivery.
	//
	// MFAOptions is a required field
	MFAOptions []*MFAOptionType `type:"list" required:"true"`

	// The ID of the user pool that contains the user whose options you're setting.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`

	// The username of the user that you want to query or modify. The value of this
	// parameter is typically your user's username, but it can be any of their alias
	// attributes. If username isn't an alias attribute in your user pool, you can
	// also use their sub in this request.
	//
	// Username is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by AdminSetUserSettingsInput's
	// String and GoString methods.
	//
	// Username is a required field
	Username *string `min:"1" type:"string" required:"true" sensitive:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AdminSetUserSettingsInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AdminSetUserSettingsInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *AdminSetUserSettingsInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "AdminSetUserSettingsInput"}
	if s.MFAOptions == nil {
		invalidParams.Add(request.NewErrParamRequired("MFAOptions"))
	}
	if s.UserPoolId == nil {
		invalidParams.Add(request.NewErrParamRequired("UserPoolId"))
	}
	if s.UserPoolId != nil && len(*s.UserPoolId) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("UserPoolId", 1))
	}
	if s.Username == nil {
		invalidParams.Add(request.NewErrParamRequired("Username"))
	}
	if s.Username != nil && len(*s.Username) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("Username", 1))
	}
	if s.MFAOptions != nil {
		for i, v := range s.MFAOptions {
			if v == nil {
				continue
			}
			if err := v.Validate(); err != nil {
				invalidParams.AddNested(fmt.Sprintf("%s[%v]", "MFAOptions", i), err.(request.ErrInvalidParams))
			}
		}
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetMFAOptions sets the MFAOptions field's value.
func (s *AdminSetUserSettingsInput) SetMFAOptions(v []*MFAOptionType) *AdminSetUserSettingsInput {
	s.MFAOptions = v
	return s
}

// SetUserPoolId sets the UserPoolId field's value.
func (s *AdminSetUserSettingsInput) SetUserPoolId(v string) *AdminSetUserSettingsInput {
	s.UserPoolId = &v
	return s
}

// SetUsername sets the Username field's value.
func (s *AdminSetUserSettingsInput) SetUsername(v string) *AdminSetUserSettingsInput {
	s.Username = &v
	return s
}

// Represents the response from the server to set user settings as an administrator.
type AdminSetUserSettingsOutput struct {
	_ struct{} `type:"structure"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AdminSetUserSettingsOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AdminSetUserSettingsOutput) GoString() string {
	return s.String()
}

type AdminUpdateAuthEventFeedbackInput struct {
	_ struct{} `type:"structure"`

	// The authentication event ID.
	//
	// EventId is a required field
	EventId *string `min:"1" type:"string" required:"true"`

	// The authentication event feedback value. When you provide a FeedbackValue
	// value of valid, you tell Amazon Cognito that you trust a user session where
	// Amazon Cognito has evaluated some level of risk. When you provide a FeedbackValue
	// value of invalid, you tell Amazon Cognito that you don't trust a user session,
	// or you don't believe that Amazon Cognito evaluated a high-enough risk level.
	//
	// FeedbackValue is a required field
	FeedbackValue *string `type:"string" required:"true" enum:"FeedbackValueType"`

	// The user pool ID.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`

	// The username of the user that you want to query or modify. The value of this
	// parameter is typically your user's username, but it can be any of their alias
	// attributes. If username isn't an alias attribute in your user pool, you can
	// also use their sub in this request.
	//
	// Username is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by AdminUpdateAuthEventFeedbackInput's
	// String and GoString methods.
	//
	// Username is a required field
	Username *string `min:"1" type:"string" required:"true" sensitive:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AdminUpdateAuthEventFeedbackInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AdminUpdateAuthEventFeedbackInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *AdminUpdateAuthEventFeedbackInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "AdminUpdateAuthEventFeedbackInput"}
	if s.EventId == nil {
		invalidParams.Add(request.NewErrParamRequired("EventId"))
	}
	if s.EventId != nil && len(*s.EventId) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("EventId", 1))
	}
	if s.FeedbackValue == nil {
		invalidParams.Add(request.NewErrParamRequired("FeedbackValue"))
	}
	if s.UserPoolId == nil {
		invalidParams.Add(request.NewErrParamRequired("UserPoolId"))
	}
	if s.UserPoolId != nil && len(*s.UserPoolId) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("UserPoolId", 1))
	}
	if s.Username == nil {
		invalidParams.Add(request.NewErrParamRequired("Username"))
	}
	if s.Username != nil && len(*s.Username) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("Username", 1))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetEventId sets the EventId field's value.
func (s *AdminUpdateAuthEventFeedbackInput) SetEventId(v string) *AdminUpdateAuthEventFeedbackInput {
	s.EventId = &v
	return s
}

// SetFeedbackValue sets the FeedbackValue field's value.
func (s *AdminUpdateAuthEventFeedbackInput) SetFeedbackValue(v string) *AdminUpdateAuthEventFeedbackInput {
	s.FeedbackValue = &v
	return s
}

// SetUserPoolId sets the UserPoolId field's value.
func (s *AdminUpdateAuthEventFeedbackInput) SetUserPoolId(v string) *AdminUpdateAuthEventFeedbackInput {
	s.UserPoolId = &v
	return s
}

// SetUsername sets the Username field's value.
func (s *AdminUpdateAuthEventFeedbackInput) SetUsername(v string) *AdminUpdateAuthEventFeedbackInput {
	s.Username = &v
	return s
}

type AdminUpdateAuthEventFeedbackOutput struct {
	_ struct{} `type:"structure"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AdminUpdateAuthEventFeedbackOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AdminUpdateAuthEventFeedbackOutput) GoString() string {
	return s.String()
}

// The request to update the device status, as an administrator.
type AdminUpdateDeviceStatusInput struct {
	_ struct{} `type:"structure"`

	// The device key.
	//
	// DeviceKey is a required field
	DeviceKey *string `min:"1" type:"string" required:"true"`

	// The status indicating whether a device has been remembered or not.
	DeviceRememberedStatus *string `type:"string" enum:"DeviceRememberedStatusType"`

	// The user pool ID.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`

	// The username of the user that you want to query or modify. The value of this
	// parameter is typically your user's username, but it can be any of their alias
	// attributes. If username isn't an alias attribute in your user pool, you can
	// also use their sub in this request.
	//
	// Username is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by AdminUpdateDeviceStatusInput's
	// String and GoString methods.
	//
	// Username is a required field
	Username *string `min:"1" type:"string" required:"true" sensitive:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AdminUpdateDeviceStatusInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AdminUpdateDeviceStatusInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *AdminUpdateDeviceStatusInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "AdminUpdateDeviceStatusInput"}
	if s.DeviceKey == nil {
		invalidParams.Add(request.NewErrParamRequired("DeviceKey"))
	}
	if s.DeviceKey != nil && len(*s.DeviceKey) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("DeviceKey", 1))
	}
	if s.UserPoolId == nil {
		invalidParams.Add(request.NewErrParamRequired("UserPoolId"))
	}
	if s.UserPoolId != nil && len(*s.UserPoolId) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("UserPoolId", 1))
	}
	if s.Username == nil {
		invalidParams.Add(request.NewErrParamRequired("Username"))
	}
	if s.Username != nil && len(*s.Username) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("Username", 1))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetDeviceKey sets the DeviceKey field's value.
func (s *AdminUpdateDeviceStatusInput) SetDeviceKey(v string) *AdminUpdateDeviceStatusInput {
	s.DeviceKey = &v
	return s
}

// SetDeviceRememberedStatus sets the DeviceRememberedStatus field's value.
func (s *AdminUpdateDeviceStatusInput) SetDeviceRememberedStatus(v string) *AdminUpdateDeviceStatusInput {
	s.DeviceRememberedStatus = &v
	return s
}

// SetUserPoolId sets the UserPoolId field's value.
func (s *AdminUpdateDeviceStatusInput) SetUserPoolId(v string) *AdminUpdateDeviceStatusInput {
	s.UserPoolId = &v
	return s
}

// SetUsername sets the Username field's value.
func (s *AdminUpdateDeviceStatusInput) SetUsername(v string) *AdminUpdateDeviceStatusInput {
	s.Username = &v
	return s
}

// The status response to the request to update the device, as an administrator.
type AdminUpdateDeviceStatusOutput struct {
	_ struct{} `type:"structure"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AdminUpdateDeviceStatusOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AdminUpdateDeviceStatusOutput) GoString() string {
	return s.String()
}

// Represents the request to update the user's attributes as an administrator.
type AdminUpdateUserAttributesInput struct {
	_ struct{} `type:"structure"`

	// A map of custom key-value pairs that you can provide as input for any custom
	// workflows that this action triggers.
	//
	// You create custom workflows by assigning Lambda functions to user pool triggers.
	// When you use the AdminUpdateUserAttributes API action, Amazon Cognito invokes
	// the function that is assigned to the custom message trigger. When Amazon
	// Cognito invokes this function, it passes a JSON payload, which the function
	// receives as input. This payload contains a clientMetadata attribute, which
	// provides the data that you assigned to the ClientMetadata parameter in your
	// AdminUpdateUserAttributes request. In your function code in Lambda, you can
	// process the clientMetadata value to enhance your workflow for your specific
	// needs.
	//
	// For more information, see Customizing user pool Workflows with Lambda Triggers
	// (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools-working-with-aws-lambda-triggers.html)
	// in the Amazon Cognito Developer Guide.
	//
	// When you use the ClientMetadata parameter, remember that Amazon Cognito won't
	// do the following:
	//
	//    * Store the ClientMetadata value. This data is available only to Lambda
	//    triggers that are assigned to a user pool to support custom workflows.
	//    If your user pool configuration doesn't include triggers, the ClientMetadata
	//    parameter serves no purpose.
	//
	//    * Validate the ClientMetadata value.
	//
	//    * Encrypt the ClientMetadata value. Don't use Amazon Cognito to provide
	//    sensitive information.
	ClientMetadata map[string]*string `type:"map"`

	// An array of name-value pairs representing user attributes.
	//
	// For custom attributes, you must prepend the custom: prefix to the attribute
	// name.
	//
	// If your user pool requires verification before Amazon Cognito updates an
	// attribute value that you specify in this request, Amazon Cognito doesn’t
	// immediately update the value of that attribute. After your user receives
	// and responds to a verification message to verify the new value, Amazon Cognito
	// updates the attribute value. Your user can sign in and receive messages with
	// the original attribute value until they verify the new value.
	//
	// To update the value of an attribute that requires verification in the same
	// API request, include the email_verified or phone_number_verified attribute,
	// with a value of true. If you set the email_verified or phone_number_verified
	// value for an email or phone_number attribute that requires verification to
	// true, Amazon Cognito doesn’t send a verification message to your user.
	//
	// UserAttributes is a required field
	UserAttributes []*AttributeType `type:"list" required:"true"`

	// The user pool ID for the user pool where you want to update user attributes.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`

	// The username of the user that you want to query or modify. The value of this
	// parameter is typically your user's username, but it can be any of their alias
	// attributes. If username isn't an alias attribute in your user pool, you can
	// also use their sub in this request.
	//
	// Username is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by AdminUpdateUserAttributesInput's
	// String and GoString methods.
	//
	// Username is a required field
	Username *string `min:"1" type:"string" required:"true" sensitive:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AdminUpdateUserAttributesInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AdminUpdateUserAttributesInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *AdminUpdateUserAttributesInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "AdminUpdateUserAttributesInput"}
	if s.UserAttributes == nil {
		invalidParams.Add(request.NewErrParamRequired("UserAttributes"))
	}
	if s.UserPoolId == nil {
		invalidParams.Add(request.NewErrParamRequired("UserPoolId"))
	}
	if s.UserPoolId != nil && len(*s.UserPoolId) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("UserPoolId", 1))
	}
	if s.Username == nil {
		invalidParams.Add(request.NewErrParamRequired("Username"))
	}
	if s.Username != nil && len(*s.Username) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("Username", 1))
	}
	if s.UserAttributes != nil {
		for i, v := range s.UserAttributes {
			if v == nil {
				continue
			}
			if err := v.Validate(); err != nil {
				invalidParams.AddNested(fmt.Sprintf("%s[%v]", "UserAttributes", i), err.(request.ErrInvalidParams))
			}
		}
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetClientMetadata sets the ClientMetadata field's value.
func (s *AdminUpdateUserAttributesInput) SetClientMetadata(v map[string]*string) *AdminUpdateUserAttributesInput {
	s.ClientMetadata = v
	return s
}

// SetUserAttributes sets the UserAttributes field's value.
func (s *AdminUpdateUserAttributesInput) SetUserAttributes(v []*AttributeType) *AdminUpdateUserAttributesInput {
	s.UserAttributes = v
	return s
}

// SetUserPoolId sets the UserPoolId field's value.
func (s *AdminUpdateUserAttributesInput) SetUserPoolId(v string) *AdminUpdateUserAttributesInput {
	s.UserPoolId = &v
	return s
}

// SetUsername sets the Username field's value.
func (s *AdminUpdateUserAttributesInput) SetUsername(v string) *AdminUpdateUserAttributesInput {
	s.Username = &v
	return s
}

// Represents the response from the server for the request to update user attributes
// as an administrator.
type AdminUpdateUserAttributesOutput struct {
	_ struct{} `type:"structure"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AdminUpdateUserAttributesOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AdminUpdateUserAttributesOutput) GoString() string {
	return s.String()
}

// The request to sign out of all devices, as an administrator.
type AdminUserGlobalSignOutInput struct {
	_ struct{} `type:"structure"`

	// The user pool ID.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`

	// The username of the user that you want to query or modify. The value of this
	// parameter is typically your user's username, but it can be any of their alias
	// attributes. If username isn't an alias attribute in your user pool, you can
	// also use their sub in this request.
	//
	// Username is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by AdminUserGlobalSignOutInput's
	// String and GoString methods.
	//
	// Username is a required field
	Username *string `min:"1" type:"string" required:"true" sensitive:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AdminUserGlobalSignOutInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AdminUserGlobalSignOutInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *AdminUserGlobalSignOutInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "AdminUserGlobalSignOutInput"}
	if s.UserPoolId == nil {
		invalidParams.Add(request.NewErrParamRequired("UserPoolId"))
	}
	if s.UserPoolId != nil && len(*s.UserPoolId) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("UserPoolId", 1))
	}
	if s.Username == nil {
		invalidParams.Add(request.NewErrParamRequired("Username"))
	}
	if s.Username != nil && len(*s.Username) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("Username", 1))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetUserPoolId sets the UserPoolId field's value.
func (s *AdminUserGlobalSignOutInput) SetUserPoolId(v string) *AdminUserGlobalSignOutInput {
	s.UserPoolId = &v
	return s
}

// SetUsername sets the Username field's value.
func (s *AdminUserGlobalSignOutInput) SetUsername(v string) *AdminUserGlobalSignOutInput {
	s.Username = &v
	return s
}

// The global sign-out response, as an administrator.
type AdminUserGlobalSignOutOutput struct {
	_ struct{} `type:"structure"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AdminUserGlobalSignOutOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AdminUserGlobalSignOutOutput) GoString() string {
	return s.String()
}

// This exception is thrown when a user tries to confirm the account with an
// email address or phone number that has already been supplied as an alias
// for a different user profile. This exception indicates that an account with
// this email address or phone already exists in a user pool that you've configured
// to use email address or phone number as a sign-in alias.
type AliasExistsException struct {
	_            struct{}                  `type:"structure"`
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	// The message that Amazon Cognito sends to the user when the value of an alias
	// attribute is already linked to another user profile.
	Message_ *string `locationName:"message" type:"string"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AliasExistsException) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AliasExistsException) GoString() string {
	return s.String()
}

func newErrorAliasExistsException(v protocol.ResponseMetadata) error {
	return &AliasExistsException{
		RespMetadata: v,
	}
}

// Code returns the exception type name.
func (s *AliasExistsException) Code() string {
	return "AliasExistsException"
}

// Message returns the exception's message.
func (s *AliasExistsException) Message() string {
	if s.Message_ != nil {
		return *s.Message_
	}
	return ""
}

// OrigErr always returns nil, satisfies awserr.Error interface.
func (s *AliasExistsException) OrigErr() error {
	return nil
}

func (s *AliasExistsException) Error() string {
	return fmt.Sprintf("%s: %s", s.Code(), s.Message())
}

// Status code returns the HTTP status code for the request's response error.
func (s *AliasExistsException) StatusCode() int {
	return s.RespMetadata.StatusCode
}

// RequestID returns the service's response RequestID for request.
func (s *AliasExistsException) RequestID() string {
	return s.RespMetadata.RequestID
}

// The Amazon Pinpoint analytics configuration necessary to collect metrics
// for a user pool.
//
// In Regions where Amazon Pinpoint isn't available, user pools only support
// sending events to Amazon Pinpoint projects in us-east-1. In Regions where
// Amazon Pinpoint is available, user pools support sending events to Amazon
// Pinpoint projects within that same Region.
type AnalyticsConfigurationType struct {
	_ struct{} `type:"structure"`

	// The Amazon Resource Name (ARN) of an Amazon Pinpoint project. You can use
	// the Amazon Pinpoint project to integrate with the chosen user pool Client.
	// Amazon Cognito publishes events to the Amazon Pinpoint project that the app
	// ARN declares.
	ApplicationArn *string `min:"20" type:"string"`

	// The application ID for an Amazon Pinpoint application.
	ApplicationId *string `type:"string"`

	// The external ID.
	ExternalId *string `type:"string"`

	// The ARN of an Identity and Access Management role that authorizes Amazon
	// Cognito to publish events to Amazon Pinpoint analytics.
	RoleArn *string `min:"20" type:"string"`

	// If UserDataShared is true, Amazon Cognito includes user data in the events
	// that it publishes to Amazon Pinpoint analytics.
	UserDataShared *bool `type:"boolean"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AnalyticsConfigurationType) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AnalyticsConfigurationType) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *AnalyticsConfigurationType) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "AnalyticsConfigurationType"}
	if s.ApplicationArn != nil && len(*s.ApplicationArn) < 20 {
		invalidParams.Add(request.NewErrParamMinLen("ApplicationArn", 20))
	}
	if s.RoleArn != nil && len(*s.RoleArn) < 20 {
		invalidParams.Add(request.NewErrParamMinLen("RoleArn", 20))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetApplicationArn sets the ApplicationArn field's value.
func (s *AnalyticsConfigurationType) SetApplicationArn(v string) *AnalyticsConfigurationType {
	s.ApplicationArn = &v
	return s
}

// SetApplicationId sets the ApplicationId field's value.
func (s *AnalyticsConfigurationType) SetApplicationId(v string) *AnalyticsConfigurationType {
	s.ApplicationId = &v
	return s
}

// SetExternalId sets the ExternalId field's value.
func (s *AnalyticsConfigurationType) SetExternalId(v string) *AnalyticsConfigurationType {
	s.ExternalId = &v
	return s
}

// SetRoleArn sets the RoleArn field's value.
func (s *AnalyticsConfigurationType) SetRoleArn(v string) *AnalyticsConfigurationType {
	s.RoleArn = &v
	return s
}

// SetUserDataShared sets the UserDataShared field's value.
func (s *AnalyticsConfigurationType) SetUserDataShared(v bool) *AnalyticsConfigurationType {
	s.UserDataShared = &v
	return s
}

// An Amazon Pinpoint analytics endpoint.
//
// An endpoint uniquely identifies a mobile device, email address, or phone
// number that can receive messages from Amazon Pinpoint analytics. For more
// information about Amazon Web Services Regions that can contain Amazon Pinpoint
// resources for use with Amazon Cognito user pools, see Using Amazon Pinpoint
// analytics with Amazon Cognito user pools (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-pinpoint-integration.html).
type AnalyticsMetadataType struct {
	_ struct{} `type:"structure"`

	// The endpoint ID.
	AnalyticsEndpointId *string `type:"string"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AnalyticsMetadataType) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AnalyticsMetadataType) GoString() string {
	return s.String()
}

// SetAnalyticsEndpointId sets the AnalyticsEndpointId field's value.
func (s *AnalyticsMetadataType) SetAnalyticsEndpointId(v string) *AnalyticsMetadataType {
	s.AnalyticsEndpointId = &v
	return s
}

type AssociateSoftwareTokenInput struct {
	_ struct{} `type:"structure"`

	// A valid access token that Amazon Cognito issued to the user whose software
	// token you want to generate.
	//
	// AccessToken is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by AssociateSoftwareTokenInput's
	// String and GoString methods.
	AccessToken *string `type:"string" sensitive:"true"`

	// The session that should be passed both ways in challenge-response calls to
	// the service. This allows authentication of the user as part of the MFA setup
	// process.
	//
	// Session is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by AssociateSoftwareTokenInput's
	// String and GoString methods.
	Session *string `min:"20" type:"string" sensitive:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AssociateSoftwareTokenInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AssociateSoftwareTokenInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *AssociateSoftwareTokenInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "AssociateSoftwareTokenInput"}
	if s.Session != nil && len(*s.Session) < 20 {
		invalidParams.Add(request.NewErrParamMinLen("Session", 20))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetAccessToken sets the AccessToken field's value.
func (s *AssociateSoftwareTokenInput) SetAccessToken(v string) *AssociateSoftwareTokenInput {
	s.AccessToken = &v
	return s
}

// SetSession sets the Session field's value.
func (s *AssociateSoftwareTokenInput) SetSession(v string) *AssociateSoftwareTokenInput {
	s.Session = &v
	return s
}

type AssociateSoftwareTokenOutput struct {
	_ struct{} `type:"structure"`

	// A unique generated shared secret code that is used in the TOTP algorithm
	// to generate a one-time code.
	//
	// SecretCode is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by AssociateSoftwareTokenOutput's
	// String and GoString methods.
	SecretCode *string `min:"16" type:"string" sensitive:"true"`

	// The session that should be passed both ways in challenge-response calls to
	// the service. This allows authentication of the user as part of the MFA setup
	// process.
	//
	// Session is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by AssociateSoftwareTokenOutput's
	// String and GoString methods.
	Session *string `min:"20" type:"string" sensitive:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AssociateSoftwareTokenOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AssociateSoftwareTokenOutput) GoString() string {
	return s.String()
}

// SetSecretCode sets the SecretCode field's value.
func (s *AssociateSoftwareTokenOutput) SetSecretCode(v string) *AssociateSoftwareTokenOutput {
	s.SecretCode = &v
	return s
}

// SetSession sets the Session field's value.
func (s *AssociateSoftwareTokenOutput) SetSession(v string) *AssociateSoftwareTokenOutput {
	s.Session = &v
	return s
}

// Specifies whether the attribute is standard or custom.
type AttributeType struct {
	_ struct{} `type:"structure"`

	// The name of the attribute.
	//
	// Name is a required field
	Name *string `min:"1" type:"string" required:"true"`

	// The value of the attribute.
	//
	// Value is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by AttributeType's
	// String and GoString methods.
	Value *string `type:"string" sensitive:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AttributeType) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AttributeType) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *AttributeType) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "AttributeType"}
	if s.Name == nil {
		invalidParams.Add(request.NewErrParamRequired("Name"))
	}
	if s.Name != nil && len(*s.Name) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("Name", 1))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetName sets the Name field's value.
func (s *AttributeType) SetName(v string) *AttributeType {
	s.Name = &v
	return s
}

// SetValue sets the Value field's value.
func (s *AttributeType) SetValue(v string) *AttributeType {
	s.Value = &v
	return s
}

// The authentication event type.
type AuthEventType struct {
	_ struct{} `type:"structure"`

	// The challenge responses.
	ChallengeResponses []*ChallengeResponseType `type:"list"`

	// The date and time, in ISO 8601 (https://www.iso.org/iso-8601-date-and-time-format.html)
	// format, when the item was created.
	CreationDate *time.Time `type:"timestamp"`

	// The user context data captured at the time of an event request. This value
	// provides additional information about the client from which event the request
	// is received.
	EventContextData *EventContextDataType `type:"structure"`

	// A flag specifying the user feedback captured at the time of an event request
	// is good or bad.
	EventFeedback *EventFeedbackType `type:"structure"`

	// The event ID.
	EventId *string `type:"string"`

	// The event response.
	EventResponse *string `type:"string" enum:"EventResponseType"`

	// The event risk.
	EventRisk *EventRiskType `type:"structure"`

	// The event type.
	EventType *string `type:"string" enum:"EventType"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AuthEventType) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AuthEventType) GoString() string {
	return s.String()
}

// SetChallengeResponses sets the ChallengeResponses field's value.
func (s *AuthEventType) SetChallengeResponses(v []*ChallengeResponseType) *AuthEventType {
	s.ChallengeResponses = v
	return s
}

// SetCreationDate sets the CreationDate field's value.
func (s *AuthEventType) SetCreationDate(v time.Time) *AuthEventType {
	s.CreationDate = &v
	return s
}

// SetEventContextData sets the EventContextData field's value.
func (s *AuthEventType) SetEventContextData(v *EventContextDataType) *AuthEventType {
	s.EventContextData = v
	return s
}

// SetEventFeedback sets the EventFeedback field's value.
func (s *AuthEventType) SetEventFeedback(v *EventFeedbackType) *AuthEventType {
	s.EventFeedback = v
	return s
}

// SetEventId sets the EventId field's value.
func (s *AuthEventType) SetEventId(v string) *AuthEventType {
	s.EventId = &v
	return s
}

// SetEventResponse sets the EventResponse field's value.
func (s *AuthEventType) SetEventResponse(v string) *AuthEventType {
	s.EventResponse = &v
	return s
}

// SetEventRisk sets the EventRisk field's value.
func (s *AuthEventType) SetEventRisk(v *EventRiskType) *AuthEventType {
	s.EventRisk = v
	return s
}

// SetEventType sets the EventType field's value.
func (s *AuthEventType) SetEventType(v string) *AuthEventType {
	s.EventType = &v
	return s
}

// The authentication result.
type AuthenticationResultType struct {
	_ struct{} `type:"structure"`

	// A valid access token that Amazon Cognito issued to the user who you want
	// to authenticate.
	//
	// AccessToken is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by AuthenticationResultType's
	// String and GoString methods.
	AccessToken *string `type:"string" sensitive:"true"`

	// The expiration period of the authentication result in seconds.
	ExpiresIn *int64 `type:"integer"`

	// The ID token.
	//
	// IdToken is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by AuthenticationResultType's
	// String and GoString methods.
	IdToken *string `type:"string" sensitive:"true"`

	// The new device metadata from an authentication result.
	NewDeviceMetadata *NewDeviceMetadataType `type:"structure"`

	// The refresh token.
	//
	// RefreshToken is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by AuthenticationResultType's
	// String and GoString methods.
	RefreshToken *string `type:"string" sensitive:"true"`

	// The token type.
	TokenType *string `type:"string"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AuthenticationResultType) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AuthenticationResultType) GoString() string {
	return s.String()
}

// SetAccessToken sets the AccessToken field's value.
func (s *AuthenticationResultType) SetAccessToken(v string) *AuthenticationResultType {
	s.AccessToken = &v
	return s
}

// SetExpiresIn sets the ExpiresIn field's value.
func (s *AuthenticationResultType) SetExpiresIn(v int64) *AuthenticationResultType {
	s.ExpiresIn = &v
	return s
}

// SetIdToken sets the IdToken field's value.
func (s *AuthenticationResultType) SetIdToken(v string) *AuthenticationResultType {
	s.IdToken = &v
	return s
}

// SetNewDeviceMetadata sets the NewDeviceMetadata field's value.
func (s *AuthenticationResultType) SetNewDeviceMetadata(v *NewDeviceMetadataType) *AuthenticationResultType {
	s.NewDeviceMetadata = v
	return s
}

// SetRefreshToken sets the RefreshToken field's value.
func (s *AuthenticationResultType) SetRefreshToken(v string) *AuthenticationResultType {
	s.RefreshToken = &v
	return s
}

// SetTokenType sets the TokenType field's value.
func (s *AuthenticationResultType) SetTokenType(v string) *AuthenticationResultType {
	s.TokenType = &v
	return s
}

// The challenge response type.
type ChallengeResponseType struct {
	_ struct{} `type:"structure"`

	// The challenge name.
	ChallengeName *string `type:"string" enum:"ChallengeName"`

	// The challenge response.
	ChallengeResponse *string `type:"string" enum:"ChallengeResponse"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ChallengeResponseType) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ChallengeResponseType) GoString() string {
	return s.String()
}

// SetChallengeName sets the ChallengeName field's value.
func (s *ChallengeResponseType) SetChallengeName(v string) *ChallengeResponseType {
	s.ChallengeName = &v
	return s
}

// SetChallengeResponse sets the ChallengeResponse field's value.
func (s *ChallengeResponseType) SetChallengeResponse(v string) *ChallengeResponseType {
	s.ChallengeResponse = &v
	return s
}

// Represents the request to change a user password.
type ChangePasswordInput struct {
	_ struct{} `type:"structure"`

	// A valid access token that Amazon Cognito issued to the user whose password
	// you want to change.
	//
	// AccessToken is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by ChangePasswordInput's
	// String and GoString methods.
	//
	// AccessToken is a required field
	AccessToken *string `type:"string" required:"true" sensitive:"true"`

	// The old password.
	//
	// PreviousPassword is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by ChangePasswordInput's
	// String and GoString methods.
	//
	// PreviousPassword is a required field
	PreviousPassword *string `type:"string" required:"true" sensitive:"true"`

	// The new password.
	//
	// ProposedPassword is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by ChangePasswordInput's
	// String and GoString methods.
	//
	// ProposedPassword is a required field
	ProposedPassword *string `type:"string" required:"true" sensitive:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ChangePasswordInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ChangePasswordInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *ChangePasswordInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "ChangePasswordInput"}
	if s.AccessToken == nil {
		invalidParams.Add(request.NewErrParamRequired("AccessToken"))
	}
	if s.PreviousPassword == nil {
		invalidParams.Add(request.NewErrParamRequired("PreviousPassword"))
	}
	if s.ProposedPassword == nil {
		invalidParams.Add(request.NewErrParamRequired("ProposedPassword"))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetAccessToken sets the AccessToken field's value.
func (s *ChangePasswordInput) SetAccessToken(v string) *ChangePasswordInput {
	s.AccessToken = &v
	return s
}

// SetPreviousPassword sets the PreviousPassword field's value.
func (s *ChangePasswordInput) SetPreviousPassword(v string) *ChangePasswordInput {
	s.PreviousPassword = &v
	return s
}

// SetProposedPassword sets the ProposedPassword field's value.
func (s *ChangePasswordInput) SetProposedPassword(v string) *ChangePasswordInput {
	s.ProposedPassword = &v
	return s
}

// The response from the server to the change password request.
type ChangePasswordOutput struct {
	_ struct{} `type:"structure"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ChangePasswordOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ChangePasswordOutput) GoString() string {
	return s.String()
}

// The CloudWatch logging destination of a user pool detailed activity logging
// configuration.
type CloudWatchLogsConfigurationType struct {
	_ struct{} `type:"structure"`

	// The Amazon Resource Name (arn) of a CloudWatch Logs log group where your
	// user pool sends logs. The log group must not be encrypted with Key Management
	// Service and must be in the same Amazon Web Services account as your user
	// pool.
	//
	// To send logs to log groups with a resource policy of a size greater than
	// 5120 characters, configure a log group with a path that starts with /aws/vendedlogs.
	// For more information, see Enabling logging from certain Amazon Web Services
	// services (https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/AWS-logs-and-resource-policy.html).
	LogGroupArn *string `min:"20" type:"string"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s CloudWatchLogsConfigurationType) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s CloudWatchLogsConfigurationType) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *CloudWatchLogsConfigurationType) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "CloudWatchLogsConfigurationType"}
	if s.LogGroupArn != nil && len(*s.LogGroupArn) < 20 {
		invalidParams.Add(request.NewErrParamMinLen("LogGroupArn", 20))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetLogGroupArn sets the LogGroupArn field's value.
func (s *CloudWatchLogsConfigurationType) SetLogGroupArn(v string) *CloudWatchLogsConfigurationType {
	s.LogGroupArn = &v
	return s
}

// The delivery details for an email or SMS message that Amazon Cognito sent
// for authentication or verification.
type CodeDeliveryDetailsType struct {
	_ struct{} `type:"structure"`

	// The name of the attribute that Amazon Cognito verifies with the code.
	AttributeName *string `min:"1" type:"string"`

	// The method that Amazon Cognito used to send the code.
	DeliveryMedium *string `type:"string" enum:"DeliveryMediumType"`

	// The email address or phone number destination where Amazon Cognito sent the
	// code.
	Destination *string `type:"string"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s CodeDeliveryDetailsType) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s CodeDeliveryDetailsType) GoString() string {
	return s.String()
}

// SetAttributeName sets the AttributeName field's value.
func (s *CodeDeliveryDetailsType) SetAttributeName(v string) *CodeDeliveryDetailsType {
	s.AttributeName = &v
	return s
}

// SetDeliveryMedium sets the DeliveryMedium field's value.
func (s *CodeDeliveryDetailsType) SetDeliveryMedium(v string) *CodeDeliveryDetailsType {
	s.DeliveryMedium = &v
	return s
}

// SetDestination sets the Destination field's value.
func (s *CodeDeliveryDetailsType) SetDestination(v string) *CodeDeliveryDetailsType {
	s.Destination = &v
	return s
}

// This exception is thrown when a verification code fails to deliver successfully.
type CodeDeliveryFailureException struct {
	_            struct{}                  `type:"structure"`
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	// The message sent when a verification code fails to deliver successfully.
	Message_ *string `locationName:"message" type:"string"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s CodeDeliveryFailureException) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s CodeDeliveryFailureException) GoString() string {
	return s.String()
}

func newErrorCodeDeliveryFailureException(v protocol.ResponseMetadata) error {
	return &CodeDeliveryFailureException{
		RespMetadata: v,
	}
}

// Code returns the exception type name.
func (s *CodeDeliveryFailureException) Code() string {
	return "CodeDeliveryFailureException"
}

// Message returns the exception's message.
func (s *CodeDeliveryFailureException) Message() string {
	if s.Message_ != nil {
		return *s.Message_
	}
	return ""
}

// OrigErr always returns nil, satisfies awserr.Error interface.
func (s *CodeDeliveryFailureException) OrigErr() error {
	return nil
}

func (s *CodeDeliveryFailureException) Error() string {
	return fmt.Sprintf("%s: %s", s.Code(), s.Message())
}

// Status code returns the HTTP status code for the request's response error.
func (s *CodeDeliveryFailureException) StatusCode() int {
	return s.RespMetadata.StatusCode
}

// RequestID returns the service's response RequestID for request.
func (s *CodeDeliveryFailureException) RequestID() string {
	return s.RespMetadata.RequestID
}

// This exception is thrown if the provided code doesn't match what the server
// was expecting.
type CodeMismatchException struct {
	_            struct{}                  `type:"structure"`
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	// The message provided when the code mismatch exception is thrown.
	Message_ *string `locationName:"message" type:"string"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s CodeMismatchException) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s CodeMismatchException) GoString() string {
	return s.String()
}

func newErrorCodeMismatchException(v protocol.ResponseMetadata) error {
	return &CodeMismatchException{
		RespMetadata: v,
	}
}

// Code returns the exception type name.
func (s *CodeMismatchException) Code() string {
	return "CodeMismatchException"
}

// Message returns the exception's message.
func (s *CodeMismatchException) Message() string {
	if s.Message_ != nil {
		return *s.Message_
	}
	return ""
}

// OrigErr always returns nil, satisfies awserr.Error interface.
func (s *CodeMismatchException) OrigErr() error {
	return nil
}

func (s *CodeMismatchException) Error() string {
	return fmt.Sprintf("%s: %s", s.Code(), s.Message())
}

// Status code returns the HTTP status code for the request's response error.
func (s *CodeMismatchException) StatusCode() int {
	return s.RespMetadata.StatusCode
}

// RequestID returns the service's response RequestID for request.
func (s *CodeMismatchException) RequestID() string {
	return s.RespMetadata.RequestID
}

// The compromised credentials actions type.
type CompromisedCredentialsActionsType struct {
	_ struct{} `type:"structure"`

	// The event action.
	//
	// EventAction is a required field
	EventAction *string `type:"string" required:"true" enum:"CompromisedCredentialsEventActionType"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s CompromisedCredentialsActionsType) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s CompromisedCredentialsActionsType) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *CompromisedCredentialsActionsType) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "CompromisedCredentialsActionsType"}
	if s.EventAction == nil {
		invalidParams.Add(request.NewErrParamRequired("EventAction"))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetEventAction sets the EventAction field's value.
func (s *CompromisedCredentialsActionsType) SetEventAction(v string) *CompromisedCredentialsActionsType {
	s.EventAction = &v
	return s
}

// The compromised credentials risk configuration type.
type CompromisedCredentialsRiskConfigurationType struct {
	_ struct{} `type:"structure"`

	// The compromised credentials risk configuration actions.
	//
	// Actions is a required field
	Actions *CompromisedCredentialsActionsType `type:"structure" required:"true"`

	// Perform the action for these events. The default is to perform all events
	// if no event filter is specified.
	EventFilter []*string `type:"list" enum:"EventFilterType"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s CompromisedCredentialsRiskConfigurationType) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s CompromisedCredentialsRiskConfigurationType) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *CompromisedCredentialsRiskConfigurationType) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "CompromisedCredentialsRiskConfigurationType"}
	if s.Actions == nil {
		invalidParams.Add(request.NewErrParamRequired("Actions"))
	}
	if s.Actions != nil {
		if err := s.Actions.Validate(); err != nil {
			invalidParams.AddNested("Actions", err.(request.ErrInvalidParams))
		}
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetActions sets the Actions field's value.
func (s *CompromisedCredentialsRiskConfigurationType) SetActions(v *CompromisedCredentialsActionsType) *CompromisedCredentialsRiskConfigurationType {
	s.Actions = v
	return s
}

// SetEventFilter sets the EventFilter field's value.
func (s *CompromisedCredentialsRiskConfigurationType) SetEventFilter(v []*string) *CompromisedCredentialsRiskConfigurationType {
	s.EventFilter = v
	return s
}

// This exception is thrown if two or more modifications are happening concurrently.
type ConcurrentModificationException struct {
	_            struct{}                  `type:"structure"`
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	// The message provided when the concurrent exception is thrown.
	Message_ *string `locationName:"message" type:"string"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ConcurrentModificationException) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ConcurrentModificationException) GoString() string {
	return s.String()
}

func newErrorConcurrentModificationException(v protocol.ResponseMetadata) error {
	return &ConcurrentModificationException{
		RespMetadata: v,
	}
}

// Code returns the exception type name.
func (s *ConcurrentModificationException) Code() string {
	return "ConcurrentModificationException"
}

// Message returns the exception's message.
func (s *ConcurrentModificationException) Message() string {
	if s.Message_ != nil {
		return *s.Message_
	}
	return ""
}

// OrigErr always returns nil, satisfies awserr.Error interface.
func (s *ConcurrentModificationException) OrigErr() error {
	return nil
}

func (s *ConcurrentModificationException) Error() string {
	return fmt.Sprintf("%s: %s", s.Code(), s.Message())
}

// Status code returns the HTTP status code for the request's response error.
func (s *ConcurrentModificationException) StatusCode() int {
	return s.RespMetadata.StatusCode
}

// RequestID returns the service's response RequestID for request.
func (s *ConcurrentModificationException) RequestID() string {
	return s.RespMetadata.RequestID
}

// Confirms the device request.
type ConfirmDeviceInput struct {
	_ struct{} `type:"structure"`

	// A valid access token that Amazon Cognito issued to the user whose device
	// you want to confirm.
	//
	// AccessToken is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by ConfirmDeviceInput's
	// String and GoString methods.
	//
	// AccessToken is a required field
	AccessToken *string `type:"string" required:"true" sensitive:"true"`

	// The device key.
	//
	// DeviceKey is a required field
	DeviceKey *string `min:"1" type:"string" required:"true"`

	// The device name.
	DeviceName *string `min:"1" type:"string"`

	// The configuration of the device secret verifier.
	DeviceSecretVerifierConfig *DeviceSecretVerifierConfigType `type:"structure"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ConfirmDeviceInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ConfirmDeviceInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *ConfirmDeviceInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "ConfirmDeviceInput"}
	if s.AccessToken == nil {
		invalidParams.Add(request.NewErrParamRequired("AccessToken"))
	}
	if s.DeviceKey == nil {
		invalidParams.Add(request.NewErrParamRequired("DeviceKey"))
	}
	if s.DeviceKey != nil && len(*s.DeviceKey) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("DeviceKey", 1))
	}
	if s.DeviceName != nil && len(*s.DeviceName) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("DeviceName", 1))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetAccessToken sets the AccessToken field's value.
func (s *ConfirmDeviceInput) SetAccessToken(v string) *ConfirmDeviceInput {
	s.AccessToken = &v
	return s
}

// SetDeviceKey sets the DeviceKey field's value.
func (s *ConfirmDeviceInput) SetDeviceKey(v string) *ConfirmDeviceInput {
	s.DeviceKey = &v
	return s
}

// SetDeviceName sets the DeviceName field's value.
func (s *ConfirmDeviceInput) SetDeviceName(v string) *ConfirmDeviceInput {
	s.DeviceName = &v
	return s
}

// SetDeviceSecretVerifierConfig sets the DeviceSecretVerifierConfig field's value.
func (s *ConfirmDeviceInput) SetDeviceSecretVerifierConfig(v *DeviceSecretVerifierConfigType) *ConfirmDeviceInput {
	s.DeviceSecretVerifierConfig = v
	return s
}

// Confirms the device response.
type ConfirmDeviceOutput struct {
	_ struct{} `type:"structure"`

	// Indicates whether the user confirmation must confirm the device response.
	UserConfirmationNecessary *bool `type:"boolean"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ConfirmDeviceOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ConfirmDeviceOutput) GoString() string {
	return s.String()
}

// SetUserConfirmationNecessary sets the UserConfirmationNecessary field's value.
func (s *ConfirmDeviceOutput) SetUserConfirmationNecessary(v bool) *ConfirmDeviceOutput {
	s.UserConfirmationNecessary = &v
	return s
}

// The request representing the confirmation for a password reset.
type ConfirmForgotPasswordInput struct {
	_ struct{} `type:"structure"`

	// The Amazon Pinpoint analytics metadata for collecting metrics for ConfirmForgotPassword
	// calls.
	AnalyticsMetadata *AnalyticsMetadataType `type:"structure"`

	// The app client ID of the app associated with the user pool.
	//
	// ClientId is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by ConfirmForgotPasswordInput's
	// String and GoString methods.
	//
	// ClientId is a required field
	ClientId *string `min:"1" type:"string" required:"true" sensitive:"true"`

	// A map of custom key-value pairs that you can provide as input for any custom
	// workflows that this action triggers.
	//
	// You create custom workflows by assigning Lambda functions to user pool triggers.
	// When you use the ConfirmForgotPassword API action, Amazon Cognito invokes
	// the function that is assigned to the post confirmation trigger. When Amazon
	// Cognito invokes this function, it passes a JSON payload, which the function
	// receives as input. This payload contains a clientMetadata attribute, which
	// provides the data that you assigned to the ClientMetadata parameter in your
	// ConfirmForgotPassword request. In your function code in Lambda, you can process
	// the clientMetadata value to enhance your workflow for your specific needs.
	//
	// For more information, see Customizing user pool Workflows with Lambda Triggers
	// (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools-working-with-aws-lambda-triggers.html)
	// in the Amazon Cognito Developer Guide.
	//
	// When you use the ClientMetadata parameter, remember that Amazon Cognito won't
	// do the following:
	//
	//    * Store the ClientMetadata value. This data is available only to Lambda
	//    triggers that are assigned to a user pool to support custom workflows.
	//    If your user pool configuration doesn't include triggers, the ClientMetadata
	//    parameter serves no purpose.
	//
	//    * Validate the ClientMetadata value.
	//
	//    * Encrypt the ClientMetadata value. Don't use Amazon Cognito to provide
	//    sensitive information.
	ClientMetadata map[string]*string `type:"map"`

	// The confirmation code from your user's request to reset their password. For
	// more information, see ForgotPassword (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_ForgotPassword.html).
	//
	// ConfirmationCode is a required field
	ConfirmationCode *string `min:"1" type:"string" required:"true"`

	// The new password that your user wants to set.
	//
	// Password is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by ConfirmForgotPasswordInput's
	// String and GoString methods.
	//
	// Password is a required field
	Password *string `type:"string" required:"true" sensitive:"true"`

	// A keyed-hash message authentication code (HMAC) calculated using the secret
	// key of a user pool client and username plus the client ID in the message.
	// For more information about SecretHash, see Computing secret hash values (https://docs.aws.amazon.com/cognito/latest/developerguide/signing-up-users-in-your-app.html#cognito-user-pools-computing-secret-hash).
	//
	// SecretHash is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by ConfirmForgotPasswordInput's
	// String and GoString methods.
	SecretHash *string `min:"1" type:"string" sensitive:"true"`

	// Contextual data about your user session, such as the device fingerprint,
	// IP address, or location. Amazon Cognito advanced security evaluates the risk
	// of an authentication event based on the context that your app generates and
	// passes to Amazon Cognito when it makes API requests.
	//
	// UserContextData is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by ConfirmForgotPasswordInput's
	// String and GoString methods.
	UserContextData *UserContextDataType `type:"structure" sensitive:"true"`

	// The username of the user that you want to query or modify. The value of this
	// parameter is typically your user's username, but it can be any of their alias
	// attributes. If username isn't an alias attribute in your user pool, you can
	// also use their sub in this request.
	//
	// Username is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by ConfirmForgotPasswordInput's
	// String and GoString methods.
	//
	// Username is a required field
	Username *string `min:"1" type:"string" required:"true" sensitive:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ConfirmForgotPasswordInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ConfirmForgotPasswordInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *ConfirmForgotPasswordInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "ConfirmForgotPasswordInput"}
	if s.ClientId == nil {
		invalidParams.Add(request.NewErrParamRequired("ClientId"))
	}
	if s.ClientId != nil && len(*s.ClientId) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("ClientId", 1))
	}
	if s.ConfirmationCode == nil {
		invalidParams.Add(request.NewErrParamRequired("ConfirmationCode"))
	}
	if s.ConfirmationCode != nil && len(*s.ConfirmationCode) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("ConfirmationCode", 1))
	}
	if s.Password == nil {
		invalidParams.Add(request.NewErrParamRequired("Password"))
	}
	if s.SecretHash != nil && len(*s.SecretHash) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("SecretHash", 1))
	}
	if s.Username == nil {
		invalidParams.Add(request.NewErrParamRequired("Username"))
	}
	if s.Username != nil && len(*s.Username) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("Username", 1))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetAnalyticsMetadata sets the AnalyticsMetadata field's value.
func (s *ConfirmForgotPasswordInput) SetAnalyticsMetadata(v *AnalyticsMetadataType) *ConfirmForgotPasswordInput {
	s.AnalyticsMetadata = v
	return s
}

// SetClientId sets the ClientId field's value.
func (s *ConfirmForgotPasswordInput) SetClientId(v string) *ConfirmForgotPasswordInput {
	s.ClientId = &v
	return s
}

// SetClientMetadata sets the ClientMetadata field's value.
func (s *ConfirmForgotPasswordInput) SetClientMetadata(v map[string]*string) *ConfirmForgotPasswordInput {
	s.ClientMetadata = v
	return s
}

// SetConfirmationCode sets the ConfirmationCode field's value.
func (s *ConfirmForgotPasswordInput) SetConfirmationCode(v string) *ConfirmForgotPasswordInput {
	s.ConfirmationCode = &v
	return s
}

// SetPassword sets the Password field's value.
func (s *ConfirmForgotPasswordInput) SetPassword(v string) *ConfirmForgotPasswordInput {
	s.Password = &v
	return s
}

// SetSecretHash sets the SecretHash field's value.
func (s *ConfirmForgotPasswordInput) SetSecretHash(v string) *ConfirmForgotPasswordInput {
	s.SecretHash = &v
	return s
}

// SetUserContextData sets the UserContextData field's value.
func (s *ConfirmForgotPasswordInput) SetUserContextData(v *UserContextDataType) *ConfirmForgotPasswordInput {
	s.UserContextData = v
	return s
}

// SetUsername sets the Username field's value.
func (s *ConfirmForgotPasswordInput) SetUsername(v string) *ConfirmForgotPasswordInput {
	s.Username = &v
	return s
}

// The response from the server that results from a user's request to retrieve
// a forgotten password.
type ConfirmForgotPasswordOutput struct {
	_ struct{} `type:"structure"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ConfirmForgotPasswordOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ConfirmForgotPasswordOutput) GoString() string {
	return s.String()
}

// Represents the request to confirm registration of a user.
type ConfirmSignUpInput struct {
	_ struct{} `type:"structure"`

	// The Amazon Pinpoint analytics metadata for collecting metrics for ConfirmSignUp
	// calls.
	AnalyticsMetadata *AnalyticsMetadataType `type:"structure"`

	// The ID of the app client associated with the user pool.
	//
	// ClientId is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by ConfirmSignUpInput's
	// String and GoString methods.
	//
	// ClientId is a required field
	ClientId *string `min:"1" type:"string" required:"true" sensitive:"true"`

	// A map of custom key-value pairs that you can provide as input for any custom
	// workflows that this action triggers.
	//
	// You create custom workflows by assigning Lambda functions to user pool triggers.
	// When you use the ConfirmSignUp API action, Amazon Cognito invokes the function
	// that is assigned to the post confirmation trigger. When Amazon Cognito invokes
	// this function, it passes a JSON payload, which the function receives as input.
	// This payload contains a clientMetadata attribute, which provides the data
	// that you assigned to the ClientMetadata parameter in your ConfirmSignUp request.
	// In your function code in Lambda, you can process the clientMetadata value
	// to enhance your workflow for your specific needs.
	//
	// For more information, see Customizing user pool Workflows with Lambda Triggers
	// (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools-working-with-aws-lambda-triggers.html)
	// in the Amazon Cognito Developer Guide.
	//
	// When you use the ClientMetadata parameter, remember that Amazon Cognito won't
	// do the following:
	//
	//    * Store the ClientMetadata value. This data is available only to Lambda
	//    triggers that are assigned to a user pool to support custom workflows.
	//    If your user pool configuration doesn't include triggers, the ClientMetadata
	//    parameter serves no purpose.
	//
	//    * Validate the ClientMetadata value.
	//
	//    * Encrypt the ClientMetadata value. Don't use Amazon Cognito to provide
	//    sensitive information.
	ClientMetadata map[string]*string `type:"map"`

	// The confirmation code sent by a user's request to confirm registration.
	//
	// ConfirmationCode is a required field
	ConfirmationCode *string `min:"1" type:"string" required:"true"`

	// Boolean to be specified to force user confirmation irrespective of existing
	// alias. By default set to False. If this parameter is set to True and the
	// phone number/email used for sign up confirmation already exists as an alias
	// with a different user, the API call will migrate the alias from the previous
	// user to the newly created user being confirmed. If set to False, the API
	// will throw an AliasExistsException error.
	ForceAliasCreation *bool `type:"boolean"`

	// A keyed-hash message authentication code (HMAC) calculated using the secret
	// key of a user pool client and username plus the client ID in the message.
	//
	// SecretHash is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by ConfirmSignUpInput's
	// String and GoString methods.
	SecretHash *string `min:"1" type:"string" sensitive:"true"`

	// Contextual data about your user session, such as the device fingerprint,
	// IP address, or location. Amazon Cognito advanced security evaluates the risk
	// of an authentication event based on the context that your app generates and
	// passes to Amazon Cognito when it makes API requests.
	//
	// UserContextData is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by ConfirmSignUpInput's
	// String and GoString methods.
	UserContextData *UserContextDataType `type:"structure" sensitive:"true"`

	// The username of the user that you want to query or modify. The value of this
	// parameter is typically your user's username, but it can be any of their alias
	// attributes. If username isn't an alias attribute in your user pool, you can
	// also use their sub in this request.
	//
	// Username is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by ConfirmSignUpInput's
	// String and GoString methods.
	//
	// Username is a required field
	Username *string `min:"1" type:"string" required:"true" sensitive:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ConfirmSignUpInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ConfirmSignUpInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *ConfirmSignUpInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "ConfirmSignUpInput"}
	if s.ClientId == nil {
		invalidParams.Add(request.NewErrParamRequired("ClientId"))
	}
	if s.ClientId != nil && len(*s.ClientId) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("ClientId", 1))
	}
	if s.ConfirmationCode == nil {
		invalidParams.Add(request.NewErrParamRequired("ConfirmationCode"))
	}
	if s.ConfirmationCode != nil && len(*s.ConfirmationCode) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("ConfirmationCode", 1))
	}
	if s.SecretHash != nil && len(*s.SecretHash) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("SecretHash", 1))
	}
	if s.Username == nil {
		invalidParams.Add(request.NewErrParamRequired("Username"))
	}
	if s.Username != nil && len(*s.Username) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("Username", 1))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetAnalyticsMetadata sets the AnalyticsMetadata field's value.
func (s *ConfirmSignUpInput) SetAnalyticsMetadata(v *AnalyticsMetadataType) *ConfirmSignUpInput {
	s.AnalyticsMetadata = v
	return s
}

// SetClientId sets the ClientId field's value.
func (s *ConfirmSignUpInput) SetClientId(v string) *ConfirmSignUpInput {
	s.ClientId = &v
	return s
}

// SetClientMetadata sets the ClientMetadata field's value.
func (s *ConfirmSignUpInput) SetClientMetadata(v map[string]*string) *ConfirmSignUpInput {
	s.ClientMetadata = v
	return s
}

// SetConfirmationCode sets the ConfirmationCode field's value.
func (s *ConfirmSignUpInput) SetConfirmationCode(v string) *ConfirmSignUpInput {
	s.ConfirmationCode = &v
	return s
}

// SetForceAliasCreation sets the ForceAliasCreation field's value.
func (s *ConfirmSignUpInput) SetForceAliasCreation(v bool) *ConfirmSignUpInput {
	s.ForceAliasCreation = &v
	return s
}

// SetSecretHash sets the SecretHash field's value.
func (s *ConfirmSignUpInput) SetSecretHash(v string) *ConfirmSignUpInput {
	s.SecretHash = &v
	return s
}

// SetUserContextData sets the UserContextData field's value.
func (s *ConfirmSignUpInput) SetUserContextData(v *UserContextDataType) *ConfirmSignUpInput {
	s.UserContextData = v
	return s
}

// SetUsername sets the Username field's value.
func (s *ConfirmSignUpInput) SetUsername(v string) *ConfirmSignUpInput {
	s.Username = &v
	return s
}

// Represents the response from the server for the registration confirmation.
type ConfirmSignUpOutput struct {
	_ struct{} `type:"structure"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ConfirmSignUpOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ConfirmSignUpOutput) GoString() string {
	return s.String()
}

// Contextual user data type used for evaluating the risk of an unexpected event
// by Amazon Cognito advanced security.
type ContextDataType struct {
	_ struct{} `type:"structure"`

	// Encoded device-fingerprint details that your app collected with the Amazon
	// Cognito context data collection library. For more information, see Adding
	// user device and session data to API requests (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-adaptive-authentication.html#user-pool-settings-adaptive-authentication-device-fingerprint).
	EncodedData *string `type:"string"`

	// HttpHeaders received on your server in same order.
	//
	// HttpHeaders is a required field
	HttpHeaders []*HttpHeader `type:"list" required:"true"`

	// The source IP address of your user's device.
	//
	// IpAddress is a required field
	IpAddress *string `type:"string" required:"true"`

	// Your server endpoint where this API is invoked.
	//
	// ServerName is a required field
	ServerName *string `type:"string" required:"true"`

	// Your server path where this API is invoked.
	//
	// ServerPath is a required field
	ServerPath *string `type:"string" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ContextDataType) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ContextDataType) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *ContextDataType) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "ContextDataType"}
	if s.HttpHeaders == nil {
		invalidParams.Add(request.NewErrParamRequired("HttpHeaders"))
	}
	if s.IpAddress == nil {
		invalidParams.Add(request.NewErrParamRequired("IpAddress"))
	}
	if s.ServerName == nil {
		invalidParams.Add(request.NewErrParamRequired("ServerName"))
	}
	if s.ServerPath == nil {
		invalidParams.Add(request.NewErrParamRequired("ServerPath"))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetEncodedData sets the EncodedData field's value.
func (s *ContextDataType) SetEncodedData(v string) *ContextDataType {
	s.EncodedData = &v
	return s
}

// SetHttpHeaders sets the HttpHeaders field's value.
func (s *ContextDataType) SetHttpHeaders(v []*HttpHeader) *ContextDataType {
	s.HttpHeaders = v
	return s
}

// SetIpAddress sets the IpAddress field's value.
func (s *ContextDataType) SetIpAddress(v string) *ContextDataType {
	s.IpAddress = &v
	return s
}

// SetServerName sets the ServerName field's value.
func (s *ContextDataType) SetServerName(v string) *ContextDataType {
	s.ServerName = &v
	return s
}

// SetServerPath sets the ServerPath field's value.
func (s *ContextDataType) SetServerPath(v string) *ContextDataType {
	s.ServerPath = &v
	return s
}

type CreateGroupInput struct {
	_ struct{} `type:"structure"`

	// A string containing the description of the group.
	Description *string `type:"string"`

	// The name of the group. Must be unique.
	//
	// GroupName is a required field
	GroupName *string `min:"1" type:"string" required:"true"`

	// A non-negative integer value that specifies the precedence of this group
	// relative to the other groups that a user can belong to in the user pool.
	// Zero is the highest precedence value. Groups with lower Precedence values
	// take precedence over groups with higher or null Precedence values. If a user
	// belongs to two or more groups, it is the group with the lowest precedence
	// value whose role ARN is given in the user's tokens for the cognito:roles
	// and cognito:preferred_role claims.
	//
	// Two groups can have the same Precedence value. If this happens, neither group
	// takes precedence over the other. If two groups with the same Precedence have
	// the same role ARN, that role is used in the cognito:preferred_role claim
	// in tokens for users in each group. If the two groups have different role
	// ARNs, the cognito:preferred_role claim isn't set in users' tokens.
	//
	// The default Precedence value is null. The maximum Precedence value is 2^31-1.
	Precedence *int64 `type:"integer"`

	// The role Amazon Resource Name (ARN) for the group.
	RoleArn *string `min:"20" type:"string"`

	// The user pool ID for the user pool.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s CreateGroupInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s CreateGroupInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *CreateGroupInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "CreateGroupInput"}
	if s.GroupName == nil {
		invalidParams.Add(request.NewErrParamRequired("GroupName"))
	}
	if s.GroupName != nil && len(*s.GroupName) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("GroupName", 1))
	}
	if s.RoleArn != nil && len(*s.RoleArn) < 20 {
		invalidParams.Add(request.NewErrParamMinLen("RoleArn", 20))
	}
	if s.UserPoolId == nil {
		invalidParams.Add(request.NewErrParamRequired("UserPoolId"))
	}
	if s.UserPoolId != nil && len(*s.UserPoolId) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("UserPoolId", 1))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetDescription sets the Description field's value.
func (s *CreateGroupInput) SetDescription(v string) *CreateGroupInput {
	s.Description = &v
	return s
}

// SetGroupName sets the GroupName field's value.
func (s *CreateGroupInput) SetGroupName(v string) *CreateGroupInput {
	s.GroupName = &v
	return s
}

// SetPrecedence sets the Precedence field's value.
func (s *CreateGroupInput) SetPrecedence(v int64) *CreateGroupInput {
	s.Precedence = &v
	return s
}

// SetRoleArn sets the RoleArn field's value.
func (s *CreateGroupInput) SetRoleArn(v string) *CreateGroupInput {
	s.RoleArn = &v
	return s
}

// SetUserPoolId sets the UserPoolId field's value.
func (s *CreateGroupInput) SetUserPoolId(v string) *CreateGroupInput {
	s.UserPoolId = &v
	return s
}

type CreateGroupOutput struct {
	_ struct{} `type:"structure"`

	// The group object for the group.
	Group *GroupType `type:"structure"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s CreateGroupOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s CreateGroupOutput) GoString() string {
	return s.String()
}

// SetGroup sets the Group field's value.
func (s *CreateGroupOutput) SetGroup(v *GroupType) *CreateGroupOutput {
	s.Group = v
	return s
}

type CreateIdentityProviderInput struct {
	_ struct{} `type:"structure"`

	// A mapping of IdP attributes to standard and custom user pool attributes.
	AttributeMapping map[string]*string `type:"map"`

	// A list of IdP identifiers.
	IdpIdentifiers []*string `type:"list"`

	// The IdP details. The following list describes the provider detail keys for
	// each IdP type.
	//
	//    * For Google and Login with Amazon: client_id client_secret authorize_scopes
	//
	//    * For Facebook: client_id client_secret authorize_scopes api_version
	//
	//    * For Sign in with Apple: client_id team_id key_id private_key authorize_scopes
	//
	//    * For OpenID Connect (OIDC) providers: client_id client_secret attributes_request_method
	//    oidc_issuer authorize_scopes The following keys are only present if Amazon
	//    Cognito didn't discover them at the oidc_issuer URL. authorize_url token_url
	//    attributes_url jwks_uri Amazon Cognito sets the value of the following
	//    keys automatically. They are read-only. attributes_url_add_attributes
	//
	//    * For SAML providers: MetadataFile or MetadataURL IDPSignout optional
	//
	// ProviderDetails is a required field
	ProviderDetails map[string]*string `type:"map" required:"true"`

	// The IdP name.
	//
	// ProviderName is a required field
	ProviderName *string `min:"1" type:"string" required:"true"`

	// The IdP type.
	//
	// ProviderType is a required field
	ProviderType *string `type:"string" required:"true" enum:"IdentityProviderTypeType"`

	// The user pool ID.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s CreateIdentityProviderInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s CreateIdentityProviderInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *CreateIdentityProviderInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "CreateIdentityProviderInput"}
	if s.ProviderDetails == nil {
		invalidParams.Add(request.NewErrParamRequired("ProviderDetails"))
	}
	if s.ProviderName == nil {
		invalidParams.Add(request.NewErrParamRequired("ProviderName"))
	}
	if s.ProviderName != nil && len(*s.ProviderName) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("ProviderName", 1))
	}
	if s.ProviderType == nil {
		invalidParams.Add(request.NewErrParamRequired("ProviderType"))
	}
	if s.UserPoolId == nil {
		invalidParams.Add(request.NewErrParamRequired("UserPoolId"))
	}
	if s.UserPoolId != nil && len(*s.UserPoolId) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("UserPoolId", 1))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetAttributeMapping sets the AttributeMapping field's value.
func (s *CreateIdentityProviderInput) SetAttributeMapping(v map[string]*string) *CreateIdentityProviderInput {
	s.AttributeMapping = v
	return s
}

// SetIdpIdentifiers sets the IdpIdentifiers field's value.
func (s *CreateIdentityProviderInput) SetIdpIdentifiers(v []*string) *CreateIdentityProviderInput {
	s.IdpIdentifiers = v
	return s
}

// SetProviderDetails sets the ProviderDetails field's value.
func (s *CreateIdentityProviderInput) SetProviderDetails(v map[string]*string) *CreateIdentityProviderInput {
	s.ProviderDetails = v
	return s
}

// SetProviderName sets the ProviderName field's value.
func (s *CreateIdentityProviderInput) SetProviderName(v string) *CreateIdentityProviderInput {
	s.ProviderName = &v
	return s
}

// SetProviderType sets the ProviderType field's value.
func (s *CreateIdentityProviderInput) SetProviderType(v string) *CreateIdentityProviderInput {
	s.ProviderType = &v
	return s
}

// SetUserPoolId sets the UserPoolId field's value.
func (s *CreateIdentityProviderInput) SetUserPoolId(v string) *CreateIdentityProviderInput {
	s.UserPoolId = &v
	return s
}

type CreateIdentityProviderOutput struct {
	_ struct{} `type:"structure"`

	// The newly created IdP object.
	//
	// IdentityProvider is a required field
	IdentityProvider *IdentityProviderType `type:"structure" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s CreateIdentityProviderOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s CreateIdentityProviderOutput) GoString() string {
	return s.String()
}

// SetIdentityProvider sets the IdentityProvider field's value.
func (s *CreateIdentityProviderOutput) SetIdentityProvider(v *IdentityProviderType) *CreateIdentityProviderOutput {
	s.IdentityProvider = v
	return s
}

type CreateResourceServerInput struct {
	_ struct{} `type:"structure"`

	// A unique resource server identifier for the resource server. This could be
	// an HTTPS endpoint where the resource server is located, such as https://my-weather-api.example.com.
	//
	// Identifier is a required field
	Identifier *string `min:"1" type:"string" required:"true"`

	// A friendly name for the resource server.
	//
	// Name is a required field
	Name *string `min:"1" type:"string" required:"true"`

	// A list of scopes. Each scope is a key-value map with the keys name and description.
	Scopes []*ResourceServerScopeType `type:"list"`

	// The user pool ID for the user pool.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s CreateResourceServerInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s CreateResourceServerInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *CreateResourceServerInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "CreateResourceServerInput"}
	if s.Identifier == nil {
		invalidParams.Add(request.NewErrParamRequired("Identifier"))
	}
	if s.Identifier != nil && len(*s.Identifier) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("Identifier", 1))
	}
	if s.Name == nil {
		invalidParams.Add(request.NewErrParamRequired("Name"))
	}
	if s.Name != nil && len(*s.Name) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("Name", 1))
	}
	if s.UserPoolId == nil {
		invalidParams.Add(request.NewErrParamRequired("UserPoolId"))
	}
	if s.UserPoolId != nil && len(*s.UserPoolId) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("UserPoolId", 1))
	}
	if s.Scopes != nil {
		for i, v := range s.Scopes {
			if v == nil {
				continue
			}
			if err := v.Validate(); err != nil {
				invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Scopes", i), err.(request.ErrInvalidParams))
			}
		}
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetIdentifier sets the Identifier field's value.
func (s *CreateResourceServerInput) SetIdentifier(v string) *CreateResourceServerInput {
	s.Identifier = &v
	return s
}

// SetName sets the Name field's value.
func (s *CreateResourceServerInput) SetName(v string) *CreateResourceServerInput {
	s.Name = &v
	return s
}

// SetScopes sets the Scopes field's value.
func (s *CreateResourceServerInput) SetScopes(v []*ResourceServerScopeType) *CreateResourceServerInput {
	s.Scopes = v
	return s
}

// SetUserPoolId sets the UserPoolId field's value.
func (s *CreateResourceServerInput) SetUserPoolId(v string) *CreateResourceServerInput {
	s.UserPoolId = &v
	return s
}

type CreateResourceServerOutput struct {
	_ struct{} `type:"structure"`

	// The newly created resource server.
	//
	// ResourceServer is a required field
	ResourceServer *ResourceServerType `type:"structure" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s CreateResourceServerOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s CreateResourceServerOutput) GoString() string {
	return s.String()
}

// SetResourceServer sets the ResourceServer field's value.
func (s *CreateResourceServerOutput) SetResourceServer(v *ResourceServerType) *CreateResourceServerOutput {
	s.ResourceServer = v
	return s
}

// Represents the request to create the user import job.
type CreateUserImportJobInput struct {
	_ struct{} `type:"structure"`

	// The role ARN for the Amazon CloudWatch Logs Logging role for the user import
	// job.
	//
	// CloudWatchLogsRoleArn is a required field
	CloudWatchLogsRoleArn *string `min:"20" type:"string" required:"true"`

	// The job name for the user import job.
	//
	// JobName is a required field
	JobName *string `min:"1" type:"string" required:"true"`

	// The user pool ID for the user pool that the users are being imported into.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s CreateUserImportJobInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s CreateUserImportJobInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *CreateUserImportJobInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "CreateUserImportJobInput"}
	if s.CloudWatchLogsRoleArn == nil {
		invalidParams.Add(request.NewErrParamRequired("CloudWatchLogsRoleArn"))
	}
	if s.CloudWatchLogsRoleArn != nil && len(*s.CloudWatchLogsRoleArn) < 20 {
		invalidParams.Add(request.NewErrParamMinLen("CloudWatchLogsRoleArn", 20))
	}
	if s.JobName == nil {
		invalidParams.Add(request.NewErrParamRequired("JobName"))
	}
	if s.JobName != nil && len(*s.JobName) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("JobName", 1))
	}
	if s.UserPoolId == nil {
		invalidParams.Add(request.NewErrParamRequired("UserPoolId"))
	}
	if s.UserPoolId != nil && len(*s.UserPoolId) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("UserPoolId", 1))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetCloudWatchLogsRoleArn sets the CloudWatchLogsRoleArn field's value.
func (s *CreateUserImportJobInput) SetCloudWatchLogsRoleArn(v string) *CreateUserImportJobInput {
	s.CloudWatchLogsRoleArn = &v
	return s
}

// SetJobName sets the JobName field's value.
func (s *CreateUserImportJobInput) SetJobName(v string) *CreateUserImportJobInput {
	s.JobName = &v
	return s
}

// SetUserPoolId sets the UserPoolId field's value.
func (s *CreateUserImportJobInput) SetUserPoolId(v string) *CreateUserImportJobInput {
	s.UserPoolId = &v
	return s
}

// Represents the response from the server to the request to create the user
// import job.
type CreateUserImportJobOutput struct {
	_ struct{} `type:"structure"`

	// The job object that represents the user import job.
	UserImportJob *UserImportJobType `type:"structure"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s CreateUserImportJobOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s CreateUserImportJobOutput) GoString() string {
	return s.String()
}

// SetUserImportJob sets the UserImportJob field's value.
func (s *CreateUserImportJobOutput) SetUserImportJob(v *UserImportJobType) *CreateUserImportJobOutput {
	s.UserImportJob = v
	return s
}

// Represents the request to create a user pool client.
type CreateUserPoolClientInput struct {
	_ struct{} `type:"structure"`

	// The access token time limit. After this limit expires, your user can't use
	// their access token. To specify the time unit for AccessTokenValidity as seconds,
	// minutes, hours, or days, set a TokenValidityUnits value in your API request.
	//
	// For example, when you set AccessTokenValidity to 10 and TokenValidityUnits
	// to hours, your user can authorize access with their access token for 10 hours.
	//
	// The default time unit for AccessTokenValidity in an API request is hours.
	// Valid range is displayed below in seconds.
	//
	// If you don't specify otherwise in the configuration of your app client, your
	// access tokens are valid for one hour.
	AccessTokenValidity *int64 `min:"1" type:"integer"`

	// The allowed OAuth flows.
	//
	// code
	//
	// Use a code grant flow, which provides an authorization code as the response.
	// This code can be exchanged for access tokens with the /oauth2/token endpoint.
	//
	// implicit
	//
	// Issue the access token (and, optionally, ID token, based on scopes) directly
	// to your user.
	//
	// client_credentials
	//
	// Issue the access token from the /oauth2/token endpoint directly to a non-person
	// user using a combination of the client ID and client secret.
	AllowedOAuthFlows []*string `type:"list" enum:"OAuthFlowType"`

	// Set to true to use OAuth 2.0 features in your user pool app client.
	//
	// AllowedOAuthFlowsUserPoolClient must be true before you can configure the
	// following features in your app client.
	//
	//    * CallBackURLs: Callback URLs.
	//
	//    * LogoutURLs: Sign-out redirect URLs.
	//
	//    * AllowedOAuthScopes: OAuth 2.0 scopes.
	//
	//    * AllowedOAuthFlows: Support for authorization code, implicit, and client
	//    credentials OAuth 2.0 grants.
	//
	// To use OAuth 2.0 features, configure one of these features in the Amazon
	// Cognito console or set AllowedOAuthFlowsUserPoolClient to true in a CreateUserPoolClient
	// or UpdateUserPoolClient API request. If you don't set a value for AllowedOAuthFlowsUserPoolClient
	// in a request with the CLI or SDKs, it defaults to false.
	AllowedOAuthFlowsUserPoolClient *bool `type:"boolean"`

	// The allowed OAuth scopes. Possible values provided by OAuth are phone, email,
	// openid, and profile. Possible values provided by Amazon Web Services are
	// aws.cognito.signin.user.admin. Custom scopes created in Resource Servers
	// are also supported.
	AllowedOAuthScopes []*string `type:"list"`

	// The user pool analytics configuration for collecting metrics and sending
	// them to your Amazon Pinpoint campaign.
	//
	// In Amazon Web Services Regions where Amazon Pinpoint isn't available, user
	// pools only support sending events to Amazon Pinpoint projects in Amazon Web
	// Services Region us-east-1. In Regions where Amazon Pinpoint is available,
	// user pools support sending events to Amazon Pinpoint projects within that
	// same Region.
	AnalyticsConfiguration *AnalyticsConfigurationType `type:"structure"`

	// Amazon Cognito creates a session token for each API request in an authentication
	// flow. AuthSessionValidity is the duration, in minutes, of that session token.
	// Your user pool native user must respond to each authentication challenge
	// before the session expires.
	AuthSessionValidity *int64 `min:"3" type:"integer"`

	// A list of allowed redirect (callback) URLs for the IdPs.
	//
	// A redirect URI must:
	//
	//    * Be an absolute URI.
	//
	//    * Be registered with the authorization server.
	//
	//    * Not include a fragment component.
	//
	// See OAuth 2.0 - Redirection Endpoint (https://tools.ietf.org/html/rfc6749#section-3.1.2).
	//
	// Amazon Cognito requires HTTPS over HTTP except for http://localhost for testing
	// purposes only.
	//
	// App callback URLs such as myapp://example are also supported.
	CallbackURLs []*string `type:"list"`

	// The client name for the user pool client you would like to create.
	//
	// ClientName is a required field
	ClientName *string `min:"1" type:"string" required:"true"`

	// The default redirect URI. Must be in the CallbackURLs list.
	//
	// A redirect URI must:
	//
	//    * Be an absolute URI.
	//
	//    * Be registered with the authorization server.
	//
	//    * Not include a fragment component.
	//
	// See OAuth 2.0 - Redirection Endpoint (https://tools.ietf.org/html/rfc6749#section-3.1.2).
	//
	// Amazon Cognito requires HTTPS over HTTP except for http://localhost for testing
	// purposes only.
	//
	// App callback URLs such as myapp://example are also supported.
	DefaultRedirectURI *string `min:"1" type:"string"`

	// Activates the propagation of additional user context data. For more information
	// about propagation of user context data, see Adding advanced security to a
	// user pool (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-advanced-security.html).
	// If you don’t include this parameter, you can't send device fingerprint
	// information, including source IP address, to Amazon Cognito advanced security.
	// You can only activate EnablePropagateAdditionalUserContextData in an app
	// client that has a client secret.
	EnablePropagateAdditionalUserContextData *bool `type:"boolean"`

	// Activates or deactivates token revocation. For more information about revoking
	// tokens, see RevokeToken (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_RevokeToken.html).
	//
	// If you don't include this parameter, token revocation is automatically activated
	// for the new user pool client.
	EnableTokenRevocation *bool `type:"boolean"`

	// The authentication flows that you want your user pool client to support.
	// For each app client in your user pool, you can sign in your users with any
	// combination of one or more flows, including with a user name and Secure Remote
	// Password (SRP), a user name and password, or a custom authentication process
	// that you define with Lambda functions.
	//
	// If you don't specify a value for ExplicitAuthFlows, your user client supports
	// ALLOW_REFRESH_TOKEN_AUTH, ALLOW_USER_SRP_AUTH, and ALLOW_CUSTOM_AUTH.
	//
	// Valid values include:
	//
	//    * ALLOW_ADMIN_USER_PASSWORD_AUTH: Enable admin based user password authentication
	//    flow ADMIN_USER_PASSWORD_AUTH. This setting replaces the ADMIN_NO_SRP_AUTH
	//    setting. With this authentication flow, your app passes a user name and
	//    password to Amazon Cognito in the request, instead of using the Secure
	//    Remote Password (SRP) protocol to securely transmit the password.
	//
	//    * ALLOW_CUSTOM_AUTH: Enable Lambda trigger based authentication.
	//
	//    * ALLOW_USER_PASSWORD_AUTH: Enable user password-based authentication.
	//    In this flow, Amazon Cognito receives the password in the request instead
	//    of using the SRP protocol to verify passwords.
	//
	//    * ALLOW_USER_SRP_AUTH: Enable SRP-based authentication.
	//
	//    * ALLOW_REFRESH_TOKEN_AUTH: Enable authflow to refresh tokens.
	//
	// In some environments, you will see the values ADMIN_NO_SRP_AUTH, CUSTOM_AUTH_FLOW_ONLY,
	// or USER_PASSWORD_AUTH. You can't assign these legacy ExplicitAuthFlows values
	// to user pool clients at the same time as values that begin with ALLOW_, like
	// ALLOW_USER_SRP_AUTH.
	ExplicitAuthFlows []*string `type:"list" enum:"ExplicitAuthFlowsType"`

	// Boolean to specify whether you want to generate a secret for the user pool
	// client being created.
	GenerateSecret *bool `type:"boolean"`

	// The ID token time limit. After this limit expires, your user can't use their
	// ID token. To specify the time unit for IdTokenValidity as seconds, minutes,
	// hours, or days, set a TokenValidityUnits value in your API request.
	//
	// For example, when you set IdTokenValidity as 10 and TokenValidityUnits as
	// hours, your user can authenticate their session with their ID token for 10
	// hours.
	//
	// The default time unit for IdTokenValidity in an API request is hours. Valid
	// range is displayed below in seconds.
	//
	// If you don't specify otherwise in the configuration of your app client, your
	// ID tokens are valid for one hour.
	IdTokenValidity *int64 `min:"1" type:"integer"`

	// A list of allowed logout URLs for the IdPs.
	LogoutURLs []*string `type:"list"`

	// Errors and responses that you want Amazon Cognito APIs to return during authentication,
	// account confirmation, and password recovery when the user doesn't exist in
	// the user pool. When set to ENABLED and the user doesn't exist, authentication
	// returns an error indicating either the username or password was incorrect.
	// Account confirmation and password recovery return a response indicating a
	// code was sent to a simulated destination. When set to LEGACY, those APIs
	// return a UserNotFoundException exception if the user doesn't exist in the
	// user pool.
	//
	// Valid values include:
	//
	//    * ENABLED - This prevents user existence-related errors.
	//
	//    * LEGACY - This represents the early behavior of Amazon Cognito where
	//    user existence related errors aren't prevented.
	PreventUserExistenceErrors *string `type:"string" enum:"PreventUserExistenceErrorTypes"`

	// The list of user attributes that you want your app client to have read-only
	// access to. After your user authenticates in your app, their access token
	// authorizes them to read their own attribute value for any attribute in this
	// list. An example of this kind of activity is when your user selects a link
	// to view their profile information. Your app makes a GetUser (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_GetUser.html)
	// API request to retrieve and display your user's profile data.
	//
	// When you don't specify the ReadAttributes for your app client, your app can
	// read the values of email_verified, phone_number_verified, and the Standard
	// attributes of your user pool. When your user pool has read access to these
	// default attributes, ReadAttributes doesn't return any information. Amazon
	// Cognito only populates ReadAttributes in the API response if you have specified
	// your own custom set of read attributes.
	ReadAttributes []*string `type:"list"`

	// The refresh token time limit. After this limit expires, your user can't use
	// their refresh token. To specify the time unit for RefreshTokenValidity as
	// seconds, minutes, hours, or days, set a TokenValidityUnits value in your
	// API request.
	//
	// For example, when you set RefreshTokenValidity as 10 and TokenValidityUnits
	// as days, your user can refresh their session and retrieve new access and
	// ID tokens for 10 days.
	//
	// The default time unit for RefreshTokenValidity in an API request is days.
	// You can't set RefreshTokenValidity to 0. If you do, Amazon Cognito overrides
	// the value with the default value of 30 days. Valid range is displayed below
	// in seconds.
	//
	// If you don't specify otherwise in the configuration of your app client, your
	// refresh tokens are valid for 30 days.
	RefreshTokenValidity *int64 `type:"integer"`

	// A list of provider names for the identity providers (IdPs) that are supported
	// on this client. The following are supported: COGNITO, Facebook, Google, SignInWithApple,
	// and LoginWithAmazon. You can also specify the names that you configured for
	// the SAML and OIDC IdPs in your user pool, for example MySAMLIdP or MyOIDCIdP.
	SupportedIdentityProviders []*string `type:"list"`

	// The units in which the validity times are represented. The default unit for
	// RefreshToken is days, and default for ID and access tokens are hours.
	TokenValidityUnits *TokenValidityUnitsType `type:"structure"`

	// The user pool ID for the user pool where you want to create a user pool client.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`

	// The list of user attributes that you want your app client to have write access
	// to. After your user authenticates in your app, their access token authorizes
	// them to set or modify their own attribute value for any attribute in this
	// list. An example of this kind of activity is when you present your user with
	// a form to update their profile information and they change their last name.
	// Your app then makes an UpdateUserAttributes (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UpdateUserAttributes.html)
	// API request and sets family_name to the new value.
	//
	// When you don't specify the WriteAttributes for your app client, your app
	// can write the values of the Standard attributes of your user pool. When your
	// user pool has write access to these default attributes, WriteAttributes doesn't
	// return any information. Amazon Cognito only populates WriteAttributes in
	// the API response if you have specified your own custom set of write attributes.
	//
	// If your app client allows users to sign in through an IdP, this array must
	// include all attributes that you have mapped to IdP attributes. Amazon Cognito
	// updates mapped attributes when users sign in to your application through
	// an IdP. If your app client does not have write access to a mapped attribute,
	// Amazon Cognito throws an error when it tries to update the attribute. For
	// more information, see Specifying IdP Attribute Mappings for Your user pool
	// (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-specifying-attribute-mapping.html).
	WriteAttributes []*string `type:"list"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s CreateUserPoolClientInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s CreateUserPoolClientInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *CreateUserPoolClientInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "CreateUserPoolClientInput"}
	if s.AccessTokenValidity != nil && *s.AccessTokenValidity < 1 {
		invalidParams.Add(request.NewErrParamMinValue("AccessTokenValidity", 1))
	}
	if s.AuthSessionValidity != nil && *s.AuthSessionValidity < 3 {
		invalidParams.Add(request.NewErrParamMinValue("AuthSessionValidity", 3))
	}
	if s.ClientName == nil {
		invalidParams.Add(request.NewErrParamRequired("ClientName"))
	}
	if s.ClientName != nil && len(*s.ClientName) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("ClientName", 1))
	}
	if s.DefaultRedirectURI != nil && len(*s.DefaultRedirectURI) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("DefaultRedirectURI", 1))
	}
	if s.IdTokenValidity != nil && *s.IdTokenValidity < 1 {
		invalidParams.Add(request.NewErrParamMinValue("IdTokenValidity", 1))
	}
	if s.UserPoolId == nil {
		invalidParams.Add(request.NewErrParamRequired("UserPoolId"))
	}
	if s.UserPoolId != nil && len(*s.UserPoolId) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("UserPoolId", 1))
	}
	if s.AnalyticsConfiguration != nil {
		if err := s.AnalyticsConfiguration.Validate(); err != nil {
			invalidParams.AddNested("AnalyticsConfiguration", err.(request.ErrInvalidParams))
		}
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetAccessTokenValidity sets the AccessTokenValidity field's value.
func (s *CreateUserPoolClientInput) SetAccessTokenValidity(v int64) *CreateUserPoolClientInput {
	s.AccessTokenValidity = &v
	return s
}

// SetAllowedOAuthFlows sets the AllowedOAuthFlows field's value.
func (s *CreateUserPoolClientInput) SetAllowedOAuthFlows(v []*string) *CreateUserPoolClientInput {
	s.AllowedOAuthFlows = v
	return s
}

// SetAllowedOAuthFlowsUserPoolClient sets the AllowedOAuthFlowsUserPoolClient field's value.
func (s *CreateUserPoolClientInput) SetAllowedOAuthFlowsUserPoolClient(v bool) *CreateUserPoolClientInput {
	s.AllowedOAuthFlowsUserPoolClient = &v
	return s
}

// SetAllowedOAuthScopes sets the AllowedOAuthScopes field's value.
func (s *CreateUserPoolClientInput) SetAllowedOAuthScopes(v []*string) *CreateUserPoolClientInput {
	s.AllowedOAuthScopes = v
	return s
}

// SetAnalyticsConfiguration sets the AnalyticsConfiguration field's value.
func (s *CreateUserPoolClientInput) SetAnalyticsConfiguration(v *AnalyticsConfigurationType) *CreateUserPoolClientInput {
	s.AnalyticsConfiguration = v
	return s
}

// SetAuthSessionValidity sets the AuthSessionValidity field's value.
func (s *CreateUserPoolClientInput) SetAuthSessionValidity(v int64) *CreateUserPoolClientInput {
	s.AuthSessionValidity = &v
	return s
}

// SetCallbackURLs sets the CallbackURLs field's value.
func (s *CreateUserPoolClientInput) SetCallbackURLs(v []*string) *CreateUserPoolClientInput {
	s.CallbackURLs = v
	return s
}

// SetClientName sets the ClientName field's value.
func (s *CreateUserPoolClientInput) SetClientName(v string) *CreateUserPoolClientInput {
	s.ClientName = &v
	return s
}

// SetDefaultRedirectURI sets the DefaultRedirectURI field's value.
func (s *CreateUserPoolClientInput) SetDefaultRedirectURI(v string) *CreateUserPoolClientInput {
	s.DefaultRedirectURI = &v
	return s
}

// SetEnablePropagateAdditionalUserContextData sets the EnablePropagateAdditionalUserContextData field's value.
func (s *CreateUserPoolClientInput) SetEnablePropagateAdditionalUserContextData(v bool) *CreateUserPoolClientInput {
	s.EnablePropagateAdditionalUserContextData = &v
	return s
}

// SetEnableTokenRevocation sets the EnableTokenRevocation field's value.
func (s *CreateUserPoolClientInput) SetEnableTokenRevocation(v bool) *CreateUserPoolClientInput {
	s.EnableTokenRevocation = &v
	return s
}

// SetExplicitAuthFlows sets the ExplicitAuthFlows field's value.
func (s *CreateUserPoolClientInput) SetExplicitAuthFlows(v []*string) *CreateUserPoolClientInput {
	s.ExplicitAuthFlows = v
	return s
}

// SetGenerateSecret sets the GenerateSecret field's value.
func (s *CreateUserPoolClientInput) SetGenerateSecret(v bool) *CreateUserPoolClientInput {
	s.GenerateSecret = &v
	return s
}

// SetIdTokenValidity sets the IdTokenValidity field's value.
func (s *CreateUserPoolClientInput) SetIdTokenValidity(v int64) *CreateUserPoolClientInput {
	s.IdTokenValidity = &v
	return s
}

// SetLogoutURLs sets the LogoutURLs field's value.
func (s *CreateUserPoolClientInput) SetLogoutURLs(v []*string) *CreateUserPoolClientInput {
	s.LogoutURLs = v
	return s
}

// SetPreventUserExistenceErrors sets the PreventUserExistenceErrors field's value.
func (s *CreateUserPoolClientInput) SetPreventUserExistenceErrors(v string) *CreateUserPoolClientInput {
	s.PreventUserExistenceErrors = &v
	return s
}

// SetReadAttributes sets the ReadAttributes field's value.
func (s *CreateUserPoolClientInput) SetReadAttributes(v []*string) *CreateUserPoolClientInput {
	s.ReadAttributes = v
	return s
}

// SetRefreshTokenValidity sets the RefreshTokenValidity field's value.
func (s *CreateUserPoolClientInput) SetRefreshTokenValidity(v int64) *CreateUserPoolClientInput {
	s.RefreshTokenValidity = &v
	return s
}

// SetSupportedIdentityProviders sets the SupportedIdentityProviders field's value.
func (s *CreateUserPoolClientInput) SetSupportedIdentityProviders(v []*string) *CreateUserPoolClientInput {
	s.SupportedIdentityProviders = v
	return s
}

// SetTokenValidityUnits sets the TokenValidityUnits field's value.
func (s *CreateUserPoolClientInput) SetTokenValidityUnits(v *TokenValidityUnitsType) *CreateUserPoolClientInput {
	s.TokenValidityUnits = v
	return s
}

// SetUserPoolId sets the UserPoolId field's value.
func (s *CreateUserPoolClientInput) SetUserPoolId(v string) *CreateUserPoolClientInput {
	s.UserPoolId = &v
	return s
}

// SetWriteAttributes sets the WriteAttributes field's value.
func (s *CreateUserPoolClientInput) SetWriteAttributes(v []*string) *CreateUserPoolClientInput {
	s.WriteAttributes = v
	return s
}

// Represents the response from the server to create a user pool client.
type CreateUserPoolClientOutput struct {
	_ struct{} `type:"structure"`

	// The user pool client that was just created.
	UserPoolClient *UserPoolClientType `type:"structure"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s CreateUserPoolClientOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s CreateUserPoolClientOutput) GoString() string {
	return s.String()
}

// SetUserPoolClient sets the UserPoolClient field's value.
func (s *CreateUserPoolClientOutput) SetUserPoolClient(v *UserPoolClientType) *CreateUserPoolClientOutput {
	s.UserPoolClient = v
	return s
}

type CreateUserPoolDomainInput struct {
	_ struct{} `type:"structure"`

	// The configuration for a custom domain that hosts the sign-up and sign-in
	// webpages for your application.
	//
	// Provide this parameter only if you want to use a custom domain for your user
	// pool. Otherwise, you can exclude this parameter and use the Amazon Cognito
	// hosted domain instead.
	//
	// For more information about the hosted domain and custom domains, see Configuring
	// a User Pool Domain (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-assign-domain.html).
	CustomDomainConfig *CustomDomainConfigType `type:"structure"`

	// The domain string. For custom domains, this is the fully-qualified domain
	// name, such as auth.example.com. For Amazon Cognito prefix domains, this is
	// the prefix alone, such as auth.
	//
	// Domain is a required field
	Domain *string `min:"1" type:"string" required:"true"`

	// The user pool ID.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s CreateUserPoolDomainInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s CreateUserPoolDomainInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *CreateUserPoolDomainInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "CreateUserPoolDomainInput"}
	if s.Domain == nil {
		invalidParams.Add(request.NewErrParamRequired("Domain"))
	}
	if s.Domain != nil && len(*s.Domain) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("Domain", 1))
	}
	if s.UserPoolId == nil {
		invalidParams.Add(request.NewErrParamRequired("UserPoolId"))
	}
	if s.UserPoolId != nil && len(*s.UserPoolId) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("UserPoolId", 1))
	}
	if s.CustomDomainConfig != nil {
		if err := s.CustomDomainConfig.Validate(); err != nil {
			invalidParams.AddNested("CustomDomainConfig", err.(request.ErrInvalidParams))
		}
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetCustomDomainConfig sets the CustomDomainConfig field's value.
func (s *CreateUserPoolDomainInput) SetCustomDomainConfig(v *CustomDomainConfigType) *CreateUserPoolDomainInput {
	s.CustomDomainConfig = v
	return s
}

// SetDomain sets the Domain field's value.
func (s *CreateUserPoolDomainInput) SetDomain(v string) *CreateUserPoolDomainInput {
	s.Domain = &v
	return s
}

// SetUserPoolId sets the UserPoolId field's value.
func (s *CreateUserPoolDomainInput) SetUserPoolId(v string) *CreateUserPoolDomainInput {
	s.UserPoolId = &v
	return s
}

type CreateUserPoolDomainOutput struct {
	_ struct{} `type:"structure"`

	// The Amazon CloudFront endpoint that you use as the target of the alias that
	// you set up with your Domain Name Service (DNS) provider.
	CloudFrontDomain *string `min:"1" type:"string"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s CreateUserPoolDomainOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s CreateUserPoolDomainOutput) GoString() string {
	return s.String()
}

// SetCloudFrontDomain sets the CloudFrontDomain field's value.
func (s *CreateUserPoolDomainOutput) SetCloudFrontDomain(v string) *CreateUserPoolDomainOutput {
	s.CloudFrontDomain = &v
	return s
}

// Represents the request to create a user pool.
type CreateUserPoolInput struct {
	_ struct{} `type:"structure"`

	// The available verified method a user can use to recover their password when
	// they call ForgotPassword. You can use this setting to define a preferred
	// method when a user has more than one method available. With this setting,
	// SMS doesn't qualify for a valid password recovery mechanism if the user also
	// has SMS multi-factor authentication (MFA) activated. In the absence of this
	// setting, Amazon Cognito uses the legacy behavior to determine the recovery
	// method where SMS is preferred through email.
	AccountRecoverySetting *AccountRecoverySettingType `type:"structure"`

	// The configuration for AdminCreateUser requests.
	AdminCreateUserConfig *AdminCreateUserConfigType `type:"structure"`

	// Attributes supported as an alias for this user pool. Possible values: phone_number,
	// email, or preferred_username.
	AliasAttributes []*string `type:"list" enum:"AliasAttributeType"`

	// The attributes to be auto-verified. Possible values: email, phone_number.
	AutoVerifiedAttributes []*string `type:"list" enum:"VerifiedAttributeType"`

	// When active, DeletionProtection prevents accidental deletion of your user
	// pool. Before you can delete a user pool that you have protected against deletion,
	// you must deactivate this feature.
	//
	// When you try to delete a protected user pool in a DeleteUserPool API request,
	// Amazon Cognito returns an InvalidParameterException error. To delete a protected
	// user pool, send a new DeleteUserPool request after you deactivate deletion
	// protection in an UpdateUserPool API request.
	DeletionProtection *string `type:"string" enum:"DeletionProtectionType"`

	// The device-remembering configuration for a user pool. A null value indicates
	// that you have deactivated device remembering in your user pool.
	//
	// When you provide a value for any DeviceConfiguration field, you activate
	// the Amazon Cognito device-remembering feature.
	DeviceConfiguration *DeviceConfigurationType `type:"structure"`

	// The email configuration of your user pool. The email configuration type sets
	// your preferred sending method, Amazon Web Services Region, and sender for
	// messages from your user pool.
	EmailConfiguration *EmailConfigurationType `type:"structure"`

	// This parameter is no longer used. See VerificationMessageTemplateType (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_VerificationMessageTemplateType.html).
	EmailVerificationMessage *string `min:"6" type:"string"`

	// This parameter is no longer used. See VerificationMessageTemplateType (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_VerificationMessageTemplateType.html).
	EmailVerificationSubject *string `min:"1" type:"string"`

	// The Lambda trigger configuration information for the new user pool.
	//
	// In a push model, event sources (such as Amazon S3 and custom applications)
	// need permission to invoke a function. So you must make an extra call to add
	// permission for these event sources to invoke your Lambda function.
	//
	// For more information on using the Lambda API to add permission, see AddPermission
	// (https://docs.aws.amazon.com/lambda/latest/dg/API_AddPermission.html).
	//
	// For adding permission using the CLI, see add-permission (https://docs.aws.amazon.com/cli/latest/reference/lambda/add-permission.html).
	LambdaConfig *LambdaConfigType `type:"structure"`

	// Specifies MFA configuration details.
	MfaConfiguration *string `type:"string" enum:"UserPoolMfaType"`

	// The policies associated with the new user pool.
	Policies *UserPoolPolicyType `type:"structure"`

	// A string used to name the user pool.
	//
	// PoolName is a required field
	PoolName *string `min:"1" type:"string" required:"true"`

	// An array of schema attributes for the new user pool. These attributes can
	// be standard or custom attributes.
	Schema []*SchemaAttributeType `min:"1" type:"list"`

	// A string representing the SMS authentication message.
	SmsAuthenticationMessage *string `min:"6" type:"string"`

	// The SMS configuration with the settings that your Amazon Cognito user pool
	// must use to send an SMS message from your Amazon Web Services account through
	// Amazon Simple Notification Service. To send SMS messages with Amazon SNS
	// in the Amazon Web Services Region that you want, the Amazon Cognito user
	// pool uses an Identity and Access Management (IAM) role in your Amazon Web
	// Services account.
	SmsConfiguration *SmsConfigurationType `type:"structure"`

	// This parameter is no longer used. See VerificationMessageTemplateType (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_VerificationMessageTemplateType.html).
	SmsVerificationMessage *string `min:"6" type:"string"`

	// The settings for updates to user attributes. These settings include the property
	// AttributesRequireVerificationBeforeUpdate, a user-pool setting that tells
	// Amazon Cognito how to handle changes to the value of your users' email address
	// and phone number attributes. For more information, see Verifying updates
	// to email addresses and phone numbers (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-email-phone-verification.html#user-pool-settings-verifications-verify-attribute-updates).
	UserAttributeUpdateSettings *UserAttributeUpdateSettingsType `type:"structure"`

	// User pool add-ons. Contains settings for activation of advanced security
	// features. To log user security information but take no action, set to AUDIT.
	// To configure automatic security responses to risky traffic to your user pool,
	// set to ENFORCED.
	//
	// For more information, see Adding advanced security to a user pool (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-advanced-security.html).
	UserPoolAddOns *UserPoolAddOnsType `type:"structure"`

	// The tag keys and values to assign to the user pool. A tag is a label that
	// you can use to categorize and manage user pools in different ways, such as
	// by purpose, owner, environment, or other criteria.
	UserPoolTags map[string]*string `type:"map"`

	// Specifies whether a user can use an email address or phone number as a username
	// when they sign up.
	UsernameAttributes []*string `type:"list" enum:"UsernameAttributeType"`

	// Case sensitivity on the username input for the selected sign-in option. When
	// case sensitivity is set to False (case insensitive), users can sign in with
	// any combination of capital and lowercase letters. For example, username,
	// USERNAME, or UserName, or for email, email@example.com or EMaiL@eXamplE.Com.
	// For most use cases, set case sensitivity to False (case insensitive) as a
	// best practice. When usernames and email addresses are case insensitive, Amazon
	// Cognito treats any variation in case as the same user, and prevents a case
	// variation from being assigned to the same attribute for a different user.
	//
	// This configuration is immutable after you set it. For more information, see
	// UsernameConfigurationType (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UsernameConfigurationType.html).
	UsernameConfiguration *UsernameConfigurationType `type:"structure"`

	// The template for the verification message that the user sees when the app
	// requests permission to access the user's information.
	VerificationMessageTemplate *VerificationMessageTemplateType `type:"structure"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s CreateUserPoolInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s CreateUserPoolInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *CreateUserPoolInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "CreateUserPoolInput"}
	if s.EmailVerificationMessage != nil && len(*s.EmailVerificationMessage) < 6 {
		invalidParams.Add(request.NewErrParamMinLen("EmailVerificationMessage", 6))
	}
	if s.EmailVerificationSubject != nil && len(*s.EmailVerificationSubject) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("EmailVerificationSubject", 1))
	}
	if s.PoolName == nil {
		invalidParams.Add(request.NewErrParamRequired("PoolName"))
	}
	if s.PoolName != nil && len(*s.PoolName) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("PoolName", 1))
	}
	if s.Schema != nil && len(s.Schema) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("Schema", 1))
	}
	if s.SmsAuthenticationMessage != nil && len(*s.SmsAuthenticationMessage) < 6 {
		invalidParams.Add(request.NewErrParamMinLen("SmsAuthenticationMessage", 6))
	}
	if s.SmsVerificationMessage != nil && len(*s.SmsVerificationMessage) < 6 {
		invalidParams.Add(request.NewErrParamMinLen("SmsVerificationMessage", 6))
	}
	if s.AccountRecoverySetting != nil {
		if err := s.AccountRecoverySetting.Validate(); err != nil {
			invalidParams.AddNested("AccountRecoverySetting", err.(request.ErrInvalidParams))
		}
	}
	if s.AdminCreateUserConfig != nil {
		if err := s.AdminCreateUserConfig.Validate(); err != nil {
			invalidParams.AddNested("AdminCreateUserConfig", err.(request.ErrInvalidParams))
		}
	}
	if s.EmailConfiguration != nil {
		if err := s.EmailConfiguration.Validate(); err != nil {
			invalidParams.AddNested("EmailConfiguration", err.(request.ErrInvalidParams))
		}
	}
	if s.LambdaConfig != nil {
		if err := s.LambdaConfig.Validate(); err != nil {
			invalidParams.AddNested("LambdaConfig", err.(request.ErrInvalidParams))
		}
	}
	if s.Policies != nil {
		if err := s.Policies.Validate(); err != nil {
			invalidParams.AddNested("Policies", err.(request.ErrInvalidParams))
		}
	}
	if s.Schema != nil {
		for i, v := range s.Schema {
			if v == nil {
				continue
			}
			if err := v.Validate(); err != nil {
				invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Schema", i), err.(request.ErrInvalidParams))
			}
		}
	}
	if s.SmsConfiguration != nil {
		if err := s.SmsConfiguration.Validate(); err != nil {
			invalidParams.AddNested("SmsConfiguration", err.(request.ErrInvalidParams))
		}
	}
	if s.UserPoolAddOns != nil {
		if err := s.UserPoolAddOns.Validate(); err != nil {
			invalidParams.AddNested("UserPoolAddOns", err.(request.ErrInvalidParams))
		}
	}
	if s.UsernameConfiguration != nil {
		if err := s.UsernameConfiguration.Validate(); err != nil {
			invalidParams.AddNested("UsernameConfiguration", err.(request.ErrInvalidParams))
		}
	}
	if s.VerificationMessageTemplate != nil {
		if err := s.VerificationMessageTemplate.Validate(); err != nil {
			invalidParams.AddNested("VerificationMessageTemplate", err.(request.ErrInvalidParams))
		}
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetAccountRecoverySetting sets the AccountRecoverySetting field's value.
func (s *CreateUserPoolInput) SetAccountRecoverySetting(v *AccountRecoverySettingType) *CreateUserPoolInput {
	s.AccountRecoverySetting = v
	return s
}

// SetAdminCreateUserConfig sets the AdminCreateUserConfig field's value.
func (s *CreateUserPoolInput) SetAdminCreateUserConfig(v *AdminCreateUserConfigType) *CreateUserPoolInput {
	s.AdminCreateUserConfig = v
	return s
}

// SetAliasAttributes sets the AliasAttributes field's value.
func (s *CreateUserPoolInput) SetAliasAttributes(v []*string) *CreateUserPoolInput {
	s.AliasAttributes = v
	return s
}

// SetAutoVerifiedAttributes sets the AutoVerifiedAttributes field's value.
func (s *CreateUserPoolInput) SetAutoVerifiedAttributes(v []*string) *CreateUserPoolInput {
	s.AutoVerifiedAttributes = v
	return s
}

// SetDeletionProtection sets the DeletionProtection field's value.
func (s *CreateUserPoolInput) SetDeletionProtection(v string) *CreateUserPoolInput {
	s.DeletionProtection = &v
	return s
}

// SetDeviceConfiguration sets the DeviceConfiguration field's value.
func (s *CreateUserPoolInput) SetDeviceConfiguration(v *DeviceConfigurationType) *CreateUserPoolInput {
	s.DeviceConfiguration = v
	return s
}

// SetEmailConfiguration sets the EmailConfiguration field's value.
func (s *CreateUserPoolInput) SetEmailConfiguration(v *EmailConfigurationType) *CreateUserPoolInput {
	s.EmailConfiguration = v
	return s
}

// SetEmailVerificationMessage sets the EmailVerificationMessage field's value.
func (s *CreateUserPoolInput) SetEmailVerificationMessage(v string) *CreateUserPoolInput {
	s.EmailVerificationMessage = &v
	return s
}

// SetEmailVerificationSubject sets the EmailVerificationSubject field's value.
func (s *CreateUserPoolInput) SetEmailVerificationSubject(v string) *CreateUserPoolInput {
	s.EmailVerificationSubject = &v
	return s
}

// SetLambdaConfig sets the LambdaConfig field's value.
func (s *CreateUserPoolInput) SetLambdaConfig(v *LambdaConfigType) *CreateUserPoolInput {
	s.LambdaConfig = v
	return s
}

// SetMfaConfiguration sets the MfaConfiguration field's value.
func (s *CreateUserPoolInput) SetMfaConfiguration(v string) *CreateUserPoolInput {
	s.MfaConfiguration = &v
	return s
}

// SetPolicies sets the Policies field's value.
func (s *CreateUserPoolInput) SetPolicies(v *UserPoolPolicyType) *CreateUserPoolInput {
	s.Policies = v
	return s
}

// SetPoolName sets the PoolName field's value.
func (s *CreateUserPoolInput) SetPoolName(v string) *CreateUserPoolInput {
	s.PoolName = &v
	return s
}

// SetSchema sets the Schema field's value.
func (s *CreateUserPoolInput) SetSchema(v []*SchemaAttributeType) *CreateUserPoolInput {
	s.Schema = v
	return s
}

// SetSmsAuthenticationMessage sets the SmsAuthenticationMessage field's value.
func (s *CreateUserPoolInput) SetSmsAuthenticationMessage(v string) *CreateUserPoolInput {
	s.SmsAuthenticationMessage = &v
	return s
}

// SetSmsConfiguration sets the SmsConfiguration field's value.
func (s *CreateUserPoolInput) SetSmsConfiguration(v *SmsConfigurationType) *CreateUserPoolInput {
	s.SmsConfiguration = v
	return s
}

// SetSmsVerificationMessage sets the SmsVerificationMessage field's value.
func (s *CreateUserPoolInput) SetSmsVerificationMessage(v string) *CreateUserPoolInput {
	s.SmsVerificationMessage = &v
	return s
}

// SetUserAttributeUpdateSettings sets the UserAttributeUpdateSettings field's value.
func (s *CreateUserPoolInput) SetUserAttributeUpdateSettings(v *UserAttributeUpdateSettingsType) *CreateUserPoolInput {
	s.UserAttributeUpdateSettings = v
	return s
}

// SetUserPoolAddOns sets the UserPoolAddOns field's value.
func (s *CreateUserPoolInput) SetUserPoolAddOns(v *UserPoolAddOnsType) *CreateUserPoolInput {
	s.UserPoolAddOns = v
	return s
}

// SetUserPoolTags sets the UserPoolTags field's value.
func (s *CreateUserPoolInput) SetUserPoolTags(v map[string]*string) *CreateUserPoolInput {
	s.UserPoolTags = v
	return s
}

// SetUsernameAttributes sets the UsernameAttributes field's value.
func (s *CreateUserPoolInput) SetUsernameAttributes(v []*string) *CreateUserPoolInput {
	s.UsernameAttributes = v
	return s
}

// SetUsernameConfiguration sets the UsernameConfiguration field's value.
func (s *CreateUserPoolInput) SetUsernameConfiguration(v *UsernameConfigurationType) *CreateUserPoolInput {
	s.UsernameConfiguration = v
	return s
}

// SetVerificationMessageTemplate sets the VerificationMessageTemplate field's value.
func (s *CreateUserPoolInput) SetVerificationMessageTemplate(v *VerificationMessageTemplateType) *CreateUserPoolInput {
	s.VerificationMessageTemplate = v
	return s
}

// Represents the response from the server for the request to create a user
// pool.
type CreateUserPoolOutput struct {
	_ struct{} `type:"structure"`

	// A container for the user pool details.
	UserPool *UserPoolType `type:"structure"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s CreateUserPoolOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s CreateUserPoolOutput) GoString() string {
	return s.String()
}

// SetUserPool sets the UserPool field's value.
func (s *CreateUserPoolOutput) SetUserPool(v *UserPoolType) *CreateUserPoolOutput {
	s.UserPool = v
	return s
}

// The configuration for a custom domain that hosts the sign-up and sign-in
// webpages for your application.
type CustomDomainConfigType struct {
	_ struct{} `type:"structure"`

	// The Amazon Resource Name (ARN) of an Certificate Manager SSL certificate.
	// You use this certificate for the subdomain of your custom domain.
	//
	// CertificateArn is a required field
	CertificateArn *string `min:"20" type:"string" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s CustomDomainConfigType) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s CustomDomainConfigType) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *CustomDomainConfigType) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "CustomDomainConfigType"}
	if s.CertificateArn == nil {
		invalidParams.Add(request.NewErrParamRequired("CertificateArn"))
	}
	if s.CertificateArn != nil && len(*s.CertificateArn) < 20 {
		invalidParams.Add(request.NewErrParamMinLen("CertificateArn", 20))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetCertificateArn sets the CertificateArn field's value.
func (s *CustomDomainConfigType) SetCertificateArn(v string) *CustomDomainConfigType {
	s.CertificateArn = &v
	return s
}

// The properties of a custom email sender Lambda trigger.
type CustomEmailLambdaVersionConfigType struct {
	_ struct{} `type:"structure"`

	// The Amazon Resource Name (ARN) of the function that you want to assign to
	// your Lambda trigger.
	//
	// LambdaArn is a required field
	LambdaArn *string `min:"20" type:"string" required:"true"`

	// The user pool trigger version of the request that Amazon Cognito sends to
	// your Lambda function. Higher-numbered versions add fields that support new
	// features.
	//
	// You must use a LambdaVersion of V1_0 with a custom sender function.
	//
	// LambdaVersion is a required field
	LambdaVersion *string `type:"string" required:"true" enum:"CustomEmailSenderLambdaVersionType"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s CustomEmailLambdaVersionConfigType) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s CustomEmailLambdaVersionConfigType) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *CustomEmailLambdaVersionConfigType) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "CustomEmailLambdaVersionConfigType"}
	if s.LambdaArn == nil {
		invalidParams.Add(request.NewErrParamRequired("LambdaArn"))
	}
	if s.LambdaArn != nil && len(*s.LambdaArn) < 20 {
		invalidParams.Add(request.NewErrParamMinLen("LambdaArn", 20))
	}
	if s.LambdaVersion == nil {
		invalidParams.Add(request.NewErrParamRequired("LambdaVersion"))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetLambdaArn sets the LambdaArn field's value.
func (s *CustomEmailLambdaVersionConfigType) SetLambdaArn(v string) *CustomEmailLambdaVersionConfigType {
	s.LambdaArn = &v
	return s
}

// SetLambdaVersion sets the LambdaVersion field's value.
func (s *CustomEmailLambdaVersionConfigType) SetLambdaVersion(v string) *CustomEmailLambdaVersionConfigType {
	s.LambdaVersion = &v
	return s
}

// The properties of a custom SMS sender Lambda trigger.
type CustomSMSLambdaVersionConfigType struct {
	_ struct{} `type:"structure"`

	// The Amazon Resource Name (ARN) of the function that you want to assign to
	// your Lambda trigger.
	//
	// LambdaArn is a required field
	LambdaArn *string `min:"20" type:"string" required:"true"`

	// The user pool trigger version of the request that Amazon Cognito sends to
	// your Lambda function. Higher-numbered versions add fields that support new
	// features.
	//
	// You must use a LambdaVersion of V1_0 with a custom sender function.
	//
	// LambdaVersion is a required field
	LambdaVersion *string `type:"string" required:"true" enum:"CustomSMSSenderLambdaVersionType"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s CustomSMSLambdaVersionConfigType) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s CustomSMSLambdaVersionConfigType) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *CustomSMSLambdaVersionConfigType) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "CustomSMSLambdaVersionConfigType"}
	if s.LambdaArn == nil {
		invalidParams.Add(request.NewErrParamRequired("LambdaArn"))
	}
	if s.LambdaArn != nil && len(*s.LambdaArn) < 20 {
		invalidParams.Add(request.NewErrParamMinLen("LambdaArn", 20))
	}
	if s.LambdaVersion == nil {
		invalidParams.Add(request.NewErrParamRequired("LambdaVersion"))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetLambdaArn sets the LambdaArn field's value.
func (s *CustomSMSLambdaVersionConfigType) SetLambdaArn(v string) *CustomSMSLambdaVersionConfigType {
	s.LambdaArn = &v
	return s
}

// SetLambdaVersion sets the LambdaVersion field's value.
func (s *CustomSMSLambdaVersionConfigType) SetLambdaVersion(v string) *CustomSMSLambdaVersionConfigType {
	s.LambdaVersion = &v
	return s
}

type DeleteGroupInput struct {
	_ struct{} `type:"structure"`

	// The name of the group.
	//
	// GroupName is a required field
	GroupName *string `min:"1" type:"string" required:"true"`

	// The user pool ID for the user pool.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s DeleteGroupInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s DeleteGroupInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *DeleteGroupInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "DeleteGroupInput"}
	if s.GroupName == nil {
		invalidParams.Add(request.NewErrParamRequired("GroupName"))
	}
	if s.GroupName != nil && len(*s.GroupName) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("GroupName", 1))
	}
	if s.UserPoolId == nil {
		invalidParams.Add(request.NewErrParamRequired("UserPoolId"))
	}
	if s.UserPoolId != nil && len(*s.UserPoolId) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("UserPoolId", 1))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetGroupName sets the GroupName field's value.
func (s *DeleteGroupInput) SetGroupName(v string) *DeleteGroupInput {
	s.GroupName = &v
	return s
}

// SetUserPoolId sets the UserPoolId field's value.
func (s *DeleteGroupInput) SetUserPoolId(v string) *DeleteGroupInput {
	s.UserPoolId = &v
	return s
}

type DeleteGroupOutput struct {
	_ struct{} `type:"structure"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s DeleteGroupOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s DeleteGroupOutput) GoString() string {
	return s.String()
}

type DeleteIdentityProviderInput struct {
	_ struct{} `type:"structure"`

	// The IdP name.
	//
	// ProviderName is a required field
	ProviderName *string `min:"1" type:"string" required:"true"`

	// The user pool ID.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s DeleteIdentityProviderInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s DeleteIdentityProviderInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *DeleteIdentityProviderInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "DeleteIdentityProviderInput"}
	if s.ProviderName == nil {
		invalidParams.Add(request.NewErrParamRequired("ProviderName"))
	}
	if s.ProviderName != nil && len(*s.ProviderName) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("ProviderName", 1))
	}
	if s.UserPoolId == nil {
		invalidParams.Add(request.NewErrParamRequired("UserPoolId"))
	}
	if s.UserPoolId != nil && len(*s.UserPoolId) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("UserPoolId", 1))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetProviderName sets the ProviderName field's value.
func (s *DeleteIdentityProviderInput) SetProviderName(v string) *DeleteIdentityProviderInput {
	s.ProviderName = &v
	return s
}

// SetUserPoolId sets the UserPoolId field's value.
func (s *DeleteIdentityProviderInput) SetUserPoolId(v string) *DeleteIdentityProviderInput {
	s.UserPoolId = &v
	return s
}

type DeleteIdentityProviderOutput struct {
	_ struct{} `type:"structure"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s DeleteIdentityProviderOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s DeleteIdentityProviderOutput) GoString() string {
	return s.String()
}

type DeleteResourceServerInput struct {
	_ struct{} `type:"structure"`

	// The identifier for the resource server.
	//
	// Identifier is a required field
	Identifier *string `min:"1" type:"string" required:"true"`

	// The user pool ID for the user pool that hosts the resource server.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s DeleteResourceServerInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s DeleteResourceServerInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *DeleteResourceServerInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "DeleteResourceServerInput"}
	if s.Identifier == nil {
		invalidParams.Add(request.NewErrParamRequired("Identifier"))
	}
	if s.Identifier != nil && len(*s.Identifier) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("Identifier", 1))
	}
	if s.UserPoolId == nil {
		invalidParams.Add(request.NewErrParamRequired("UserPoolId"))
	}
	if s.UserPoolId != nil && len(*s.UserPoolId) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("UserPoolId", 1))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetIdentifier sets the Identifier field's value.
func (s *DeleteResourceServerInput) SetIdentifier(v string) *DeleteResourceServerInput {
	s.Identifier = &v
	return s
}

// SetUserPoolId sets the UserPoolId field's value.
func (s *DeleteResourceServerInput) SetUserPoolId(v string) *DeleteResourceServerInput {
	s.UserPoolId = &v
	return s
}

type DeleteResourceServerOutput struct {
	_ struct{} `type:"structure"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s DeleteResourceServerOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s DeleteResourceServerOutput) GoString() string {
	return s.String()
}

// Represents the request to delete user attributes.
type DeleteUserAttributesInput struct {
	_ struct{} `type:"structure"`

	// A valid access token that Amazon Cognito issued to the user whose attributes
	// you want to delete.
	//
	// AccessToken is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by DeleteUserAttributesInput's
	// String and GoString methods.
	//
	// AccessToken is a required field
	AccessToken *string `type:"string" required:"true" sensitive:"true"`

	// An array of strings representing the user attribute names you want to delete.
	//
	// For custom attributes, you must prependattach the custom: prefix to the front
	// of the attribute name.
	//
	// UserAttributeNames is a required field
	UserAttributeNames []*string `type:"list" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s DeleteUserAttributesInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s DeleteUserAttributesInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *DeleteUserAttributesInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "DeleteUserAttributesInput"}
	if s.AccessToken == nil {
		invalidParams.Add(request.NewErrParamRequired("AccessToken"))
	}
	if s.UserAttributeNames == nil {
		invalidParams.Add(request.NewErrParamRequired("UserAttributeNames"))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetAccessToken sets the AccessToken field's value.
func (s *DeleteUserAttributesInput) SetAccessToken(v string) *DeleteUserAttributesInput {
	s.AccessToken = &v
	return s
}

// SetUserAttributeNames sets the UserAttributeNames field's value.
func (s *DeleteUserAttributesInput) SetUserAttributeNames(v []*string) *DeleteUserAttributesInput {
	s.UserAttributeNames = v
	return s
}

// Represents the response from the server to delete user attributes.
type DeleteUserAttributesOutput struct {
	_ struct{} `type:"structure"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s DeleteUserAttributesOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s DeleteUserAttributesOutput) GoString() string {
	return s.String()
}

// Represents the request to delete a user.
type DeleteUserInput struct {
	_ struct{} `type:"structure"`

	// A valid access token that Amazon Cognito issued to the user whose user profile
	// you want to delete.
	//
	// AccessToken is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by DeleteUserInput's
	// String and GoString methods.
	//
	// AccessToken is a required field
	AccessToken *string `type:"string" required:"true" sensitive:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s DeleteUserInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s DeleteUserInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *DeleteUserInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "DeleteUserInput"}
	if s.AccessToken == nil {
		invalidParams.Add(request.NewErrParamRequired("AccessToken"))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetAccessToken sets the AccessToken field's value.
func (s *DeleteUserInput) SetAccessToken(v string) *DeleteUserInput {
	s.AccessToken = &v
	return s
}

type DeleteUserOutput struct {
	_ struct{} `type:"structure"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s DeleteUserOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s DeleteUserOutput) GoString() string {
	return s.String()
}

// Represents the request to delete a user pool client.
type DeleteUserPoolClientInput struct {
	_ struct{} `type:"structure"`

	// The app client ID of the app associated with the user pool.
	//
	// ClientId is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by DeleteUserPoolClientInput's
	// String and GoString methods.
	//
	// ClientId is a required field
	ClientId *string `min:"1" type:"string" required:"true" sensitive:"true"`

	// The user pool ID for the user pool where you want to delete the client.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s DeleteUserPoolClientInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s DeleteUserPoolClientInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *DeleteUserPoolClientInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "DeleteUserPoolClientInput"}
	if s.ClientId == nil {
		invalidParams.Add(request.NewErrParamRequired("ClientId"))
	}
	if s.ClientId != nil && len(*s.ClientId) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("ClientId", 1))
	}
	if s.UserPoolId == nil {
		invalidParams.Add(request.NewErrParamRequired("UserPoolId"))
	}
	if s.UserPoolId != nil && len(*s.UserPoolId) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("UserPoolId", 1))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetClientId sets the ClientId field's value.
func (s *DeleteUserPoolClientInput) SetClientId(v string) *DeleteUserPoolClientInput {
	s.ClientId = &v
	return s
}

// SetUserPoolId sets the UserPoolId field's value.
func (s *DeleteUserPoolClientInput) SetUserPoolId(v string) *DeleteUserPoolClientInput {
	s.UserPoolId = &v
	return s
}

type DeleteUserPoolClientOutput struct {
	_ struct{} `type:"structure"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s DeleteUserPoolClientOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s DeleteUserPoolClientOutput) GoString() string {
	return s.String()
}

type DeleteUserPoolDomainInput struct {
	_ struct{} `type:"structure"`

	// The domain string. For custom domains, this is the fully-qualified domain
	// name, such as auth.example.com. For Amazon Cognito prefix domains, this is
	// the prefix alone, such as auth.
	//
	// Domain is a required field
	Domain *string `min:"1" type:"string" required:"true"`

	// The user pool ID.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s DeleteUserPoolDomainInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s DeleteUserPoolDomainInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *DeleteUserPoolDomainInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "DeleteUserPoolDomainInput"}
	if s.Domain == nil {
		invalidParams.Add(request.NewErrParamRequired("Domain"))
	}
	if s.Domain != nil && len(*s.Domain) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("Domain", 1))
	}
	if s.UserPoolId == nil {
		invalidParams.Add(request.NewErrParamRequired("UserPoolId"))
	}
	if s.UserPoolId != nil && len(*s.UserPoolId) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("UserPoolId", 1))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetDomain sets the Domain field's value.
func (s *DeleteUserPoolDomainInput) SetDomain(v string) *DeleteUserPoolDomainInput {
	s.Domain = &v
	return s
}

// SetUserPoolId sets the UserPoolId field's value.
func (s *DeleteUserPoolDomainInput) SetUserPoolId(v string) *DeleteUserPoolDomainInput {
	s.UserPoolId = &v
	return s
}

type DeleteUserPoolDomainOutput struct {
	_ struct{} `type:"structure"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s DeleteUserPoolDomainOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s DeleteUserPoolDomainOutput) GoString() string {
	return s.String()
}

// Represents the request to delete a user pool.
type DeleteUserPoolInput struct {
	_ struct{} `type:"structure"`

	// The user pool ID for the user pool you want to delete.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s DeleteUserPoolInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s DeleteUserPoolInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *DeleteUserPoolInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "DeleteUserPoolInput"}
	if s.UserPoolId == nil {
		invalidParams.Add(request.NewErrParamRequired("UserPoolId"))
	}
	if s.UserPoolId != nil && len(*s.UserPoolId) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("UserPoolId", 1))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetUserPoolId sets the UserPoolId field's value.
func (s *DeleteUserPoolInput) SetUserPoolId(v string) *DeleteUserPoolInput {
	s.UserPoolId = &v
	return s
}

type DeleteUserPoolOutput struct {
	_ struct{} `type:"structure"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s DeleteUserPoolOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s DeleteUserPoolOutput) GoString() string {
	return s.String()
}

type DescribeIdentityProviderInput struct {
	_ struct{} `type:"structure"`

	// The IdP name.
	//
	// ProviderName is a required field
	ProviderName *string `min:"1" type:"string" required:"true"`

	// The user pool ID.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s DescribeIdentityProviderInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s DescribeIdentityProviderInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *DescribeIdentityProviderInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "DescribeIdentityProviderInput"}
	if s.ProviderName == nil {
		invalidParams.Add(request.NewErrParamRequired("ProviderName"))
	}
	if s.ProviderName != nil && len(*s.ProviderName) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("ProviderName", 1))
	}
	if s.UserPoolId == nil {
		invalidParams.Add(request.NewErrParamRequired("UserPoolId"))
	}
	if s.UserPoolId != nil && len(*s.UserPoolId) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("UserPoolId", 1))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetProviderName sets the ProviderName field's value.
func (s *DescribeIdentityProviderInput) SetProviderName(v string) *DescribeIdentityProviderInput {
	s.ProviderName = &v
	return s
}

// SetUserPoolId sets the UserPoolId field's value.
func (s *DescribeIdentityProviderInput) SetUserPoolId(v string) *DescribeIdentityProviderInput {
	s.UserPoolId = &v
	return s
}

type DescribeIdentityProviderOutput struct {
	_ struct{} `type:"structure"`

	// The identity provider details.
	//
	// IdentityProvider is a required field
	IdentityProvider *IdentityProviderType `type:"structure" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s DescribeIdentityProviderOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s DescribeIdentityProviderOutput) GoString() string {
	return s.String()
}

// SetIdentityProvider sets the IdentityProvider field's value.
func (s *DescribeIdentityProviderOutput) SetIdentityProvider(v *IdentityProviderType) *DescribeIdentityProviderOutput {
	s.IdentityProvider = v
	return s
}

type DescribeResourceServerInput struct {
	_ struct{} `type:"structure"`

	// The identifier for the resource server
	//
	// Identifier is a required field
	Identifier *string `min:"1" type:"string" required:"true"`

	// The user pool ID for the user pool that hosts the resource server.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s DescribeResourceServerInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s DescribeResourceServerInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *DescribeResourceServerInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "DescribeResourceServerInput"}
	if s.Identifier == nil {
		invalidParams.Add(request.NewErrParamRequired("Identifier"))
	}
	if s.Identifier != nil && len(*s.Identifier) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("Identifier", 1))
	}
	if s.UserPoolId == nil {
		invalidParams.Add(request.NewErrParamRequired("UserPoolId"))
	}
	if s.UserPoolId != nil && len(*s.UserPoolId) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("UserPoolId", 1))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetIdentifier sets the Identifier field's value.
func (s *DescribeResourceServerInput) SetIdentifier(v string) *DescribeResourceServerInput {
	s.Identifier = &v
	return s
}

// SetUserPoolId sets the UserPoolId field's value.
func (s *DescribeResourceServerInput) SetUserPoolId(v string) *DescribeResourceServerInput {
	s.UserPoolId = &v
	return s
}

type DescribeResourceServerOutput struct {
	_ struct{} `type:"structure"`

	// The resource server.
	//
	// ResourceServer is a required field
	ResourceServer *ResourceServerType `type:"structure" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s DescribeResourceServerOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s DescribeResourceServerOutput) GoString() string {
	return s.String()
}

// SetResourceServer sets the ResourceServer field's value.
func (s *DescribeResourceServerOutput) SetResourceServer(v *ResourceServerType) *DescribeResourceServerOutput {
	s.ResourceServer = v
	return s
}

type DescribeRiskConfigurationInput struct {
	_ struct{} `type:"structure"`

	// The app client ID.
	//
	// ClientId is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by DescribeRiskConfigurationInput's
	// String and GoString methods.
	ClientId *string `min:"1" type:"string" sensitive:"true"`

	// The user pool ID.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s DescribeRiskConfigurationInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s DescribeRiskConfigurationInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *DescribeRiskConfigurationInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "DescribeRiskConfigurationInput"}
	if s.ClientId != nil && len(*s.ClientId) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("ClientId", 1))
	}
	if s.UserPoolId == nil {
		invalidParams.Add(request.NewErrParamRequired("UserPoolId"))
	}
	if s.UserPoolId != nil && len(*s.UserPoolId) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("UserPoolId", 1))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetClientId sets the ClientId field's value.
func (s *DescribeRiskConfigurationInput) SetClientId(v string) *DescribeRiskConfigurationInput {
	s.ClientId = &v
	return s
}

// SetUserPoolId sets the UserPoolId field's value.
func (s *DescribeRiskConfigurationInput) SetUserPoolId(v string) *DescribeRiskConfigurationInput {
	s.UserPoolId = &v
	return s
}

type DescribeRiskConfigurationOutput struct {
	_ struct{} `type:"structure"`

	// The risk configuration.
	//
	// RiskConfiguration is a required field
	RiskConfiguration *RiskConfigurationType `type:"structure" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s DescribeRiskConfigurationOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s DescribeRiskConfigurationOutput) GoString() string {
	return s.String()
}

// SetRiskConfiguration sets the RiskConfiguration field's value.
func (s *DescribeRiskConfigurationOutput) SetRiskConfiguration(v *RiskConfigurationType) *DescribeRiskConfigurationOutput {
	s.RiskConfiguration = v
	return s
}

// Represents the request to describe the user import job.
type DescribeUserImportJobInput struct {
	_ struct{} `type:"structure"`

	// The job ID for the user import job.
	//
	// JobId is a required field
	JobId *string `min:"1" type:"string" required:"true"`

	// The user pool ID for the user pool that the users are being imported into.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s DescribeUserImportJobInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s DescribeUserImportJobInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *DescribeUserImportJobInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "DescribeUserImportJobInput"}
	if s.JobId == nil {
		invalidParams.Add(request.NewErrParamRequired("JobId"))
	}
	if s.JobId != nil && len(*s.JobId) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("JobId", 1))
	}
	if s.UserPoolId == nil {
		invalidParams.Add(request.NewErrParamRequired("UserPoolId"))
	}
	if s.UserPoolId != nil && len(*s.UserPoolId) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("UserPoolId", 1))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetJobId sets the JobId field's value.
func (s *DescribeUserImportJobInput) SetJobId(v string) *DescribeUserImportJobInput {
	s.JobId = &v
	return s
}

// SetUserPoolId sets the UserPoolId field's value.
func (s *DescribeUserImportJobInput) SetUserPoolId(v string) *DescribeUserImportJobInput {
	s.UserPoolId = &v
	return s
}

// Represents the response from the server to the request to describe the user
// import job.
type DescribeUserImportJobOutput struct {
	_ struct{} `type:"structure"`

	// The job object that represents the user import job.
	UserImportJob *UserImportJobType `type:"structure"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s DescribeUserImportJobOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s DescribeUserImportJobOutput) GoString() string {
	return s.String()
}

// SetUserImportJob sets the UserImportJob field's value.
func (s *DescribeUserImportJobOutput) SetUserImportJob(v *UserImportJobType) *DescribeUserImportJobOutput {
	s.UserImportJob = v
	return s
}

// Represents the request to describe a user pool client.
type DescribeUserPoolClientInput struct {
	_ struct{} `type:"structure"`

	// The app client ID of the app associated with the user pool.
	//
	// ClientId is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by DescribeUserPoolClientInput's
	// String and GoString methods.
	//
	// ClientId is a required field
	ClientId *string `min:"1" type:"string" required:"true" sensitive:"true"`

	// The user pool ID for the user pool you want to describe.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s DescribeUserPoolClientInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s DescribeUserPoolClientInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *DescribeUserPoolClientInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "DescribeUserPoolClientInput"}
	if s.ClientId == nil {
		invalidParams.Add(request.NewErrParamRequired("ClientId"))
	}
	if s.ClientId != nil && len(*s.ClientId) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("ClientId", 1))
	}
	if s.UserPoolId == nil {
		invalidParams.Add(request.NewErrParamRequired("UserPoolId"))
	}
	if s.UserPoolId != nil && len(*s.UserPoolId) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("UserPoolId", 1))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetClientId sets the ClientId field's value.
func (s *DescribeUserPoolClientInput) SetClientId(v string) *DescribeUserPoolClientInput {
	s.ClientId = &v
	return s
}

// SetUserPoolId sets the UserPoolId field's value.
func (s *DescribeUserPoolClientInput) SetUserPoolId(v string) *DescribeUserPoolClientInput {
	s.UserPoolId = &v
	return s
}

// Represents the response from the server from a request to describe the user
// pool client.
type DescribeUserPoolClientOutput struct {
	_ struct{} `type:"structure"`

	// The user pool client from a server response to describe the user pool client.
	UserPoolClient *UserPoolClientType `type:"structure"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s DescribeUserPoolClientOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s DescribeUserPoolClientOutput) GoString() string {
	return s.String()
}

// SetUserPoolClient sets the UserPoolClient field's value.
func (s *DescribeUserPoolClientOutput) SetUserPoolClient(v *UserPoolClientType) *DescribeUserPoolClientOutput {
	s.UserPoolClient = v
	return s
}

type DescribeUserPoolDomainInput struct {
	_ struct{} `type:"structure"`

	// The domain string. For custom domains, this is the fully-qualified domain
	// name, such as auth.example.com. For Amazon Cognito prefix domains, this is
	// the prefix alone, such as auth.
	//
	// Domain is a required field
	Domain *string `min:"1" type:"string" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s DescribeUserPoolDomainInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s DescribeUserPoolDomainInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *DescribeUserPoolDomainInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "DescribeUserPoolDomainInput"}
	if s.Domain == nil {
		invalidParams.Add(request.NewErrParamRequired("Domain"))
	}
	if s.Domain != nil && len(*s.Domain) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("Domain", 1))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetDomain sets the Domain field's value.
func (s *DescribeUserPoolDomainInput) SetDomain(v string) *DescribeUserPoolDomainInput {
	s.Domain = &v
	return s
}

type DescribeUserPoolDomainOutput struct {
	_ struct{} `type:"structure"`

	// A domain description object containing information about the domain.
	DomainDescription *DomainDescriptionType `type:"structure"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s DescribeUserPoolDomainOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s DescribeUserPoolDomainOutput) GoString() string {
	return s.String()
}

// SetDomainDescription sets the DomainDescription field's value.
func (s *DescribeUserPoolDomainOutput) SetDomainDescription(v *DomainDescriptionType) *DescribeUserPoolDomainOutput {
	s.DomainDescription = v
	return s
}

// Represents the request to describe the user pool.
type DescribeUserPoolInput struct {
	_ struct{} `type:"structure"`

	// The user pool ID for the user pool you want to describe.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s DescribeUserPoolInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s DescribeUserPoolInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *DescribeUserPoolInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "DescribeUserPoolInput"}
	if s.UserPoolId == nil {
		invalidParams.Add(request.NewErrParamRequired("UserPoolId"))
	}
	if s.UserPoolId != nil && len(*s.UserPoolId) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("UserPoolId", 1))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetUserPoolId sets the UserPoolId field's value.
func (s *DescribeUserPoolInput) SetUserPoolId(v string) *DescribeUserPoolInput {
	s.UserPoolId = &v
	return s
}

// Represents the response to describe the user pool.
type DescribeUserPoolOutput struct {
	_ struct{} `type:"structure"`

	// The container of metadata returned by the server to describe the pool.
	UserPool *UserPoolType `type:"structure"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s DescribeUserPoolOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s DescribeUserPoolOutput) GoString() string {
	return s.String()
}

// SetUserPool sets the UserPool field's value.
func (s *DescribeUserPoolOutput) SetUserPool(v *UserPoolType) *DescribeUserPoolOutput {
	s.UserPool = v
	return s
}

// The device-remembering configuration for a user pool. A DescribeUserPool
// (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_DescribeUserPool.html)
// request returns a null value for this object when the user pool isn't configured
// to remember devices. When device remembering is active, you can remember
// a user's device with a ConfirmDevice (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_ConfirmDevice.html)
// API request. Additionally. when the property DeviceOnlyRememberedOnUserPrompt
// is true, you must follow ConfirmDevice with an UpdateDeviceStatus (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UpdateDeviceStatus.html)
// API request that sets the user's device to remembered or not_remembered.
//
// To sign in with a remembered device, include DEVICE_KEY in the authentication
// parameters in your user's InitiateAuth (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_InitiateAuth.html)
// request. If your app doesn't include a DEVICE_KEY parameter, the response
// (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_InitiateAuth.html#API_InitiateAuth_ResponseSyntax)
// from Amazon Cognito includes newly-generated DEVICE_KEY and DEVICE_GROUP_KEY
// values under NewDeviceMetadata. Store these values to use in future device-authentication
// requests.
//
// When you provide a value for any property of DeviceConfiguration, you activate
// the device remembering for the user pool.
type DeviceConfigurationType struct {
	_ struct{} `type:"structure"`

	// When true, a remembered device can sign in with device authentication instead
	// of SMS and time-based one-time password (TOTP) factors for multi-factor authentication
	// (MFA).
	//
	// Whether or not ChallengeRequiredOnNewDevice is true, users who sign in with
	// devices that have not been confirmed or remembered must still provide a second
	// factor in a user pool that requires MFA.
	ChallengeRequiredOnNewDevice *bool `type:"boolean"`

	// When true, Amazon Cognito doesn't automatically remember a user's device
	// when your app sends a ConfirmDevice (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_ConfirmDevice.html)
	// API request. In your app, create a prompt for your user to choose whether
	// they want to remember their device. Return the user's choice in an UpdateDeviceStatus
	// (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UpdateDeviceStatus.html)
	// API request.
	//
	// When DeviceOnlyRememberedOnUserPrompt is false, Amazon Cognito immediately
	// remembers devices that you register in a ConfirmDevice API request.
	DeviceOnlyRememberedOnUserPrompt *bool `type:"boolean"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s DeviceConfigurationType) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s DeviceConfigurationType) GoString() string {
	return s.String()
}

// SetChallengeRequiredOnNewDevice sets the ChallengeRequiredOnNewDevice field's value.
func (s *DeviceConfigurationType) SetChallengeRequiredOnNewDevice(v bool) *DeviceConfigurationType {
	s.ChallengeRequiredOnNewDevice = &v
	return s
}

// SetDeviceOnlyRememberedOnUserPrompt sets the DeviceOnlyRememberedOnUserPrompt field's value.
func (s *DeviceConfigurationType) SetDeviceOnlyRememberedOnUserPrompt(v bool) *DeviceConfigurationType {
	s.DeviceOnlyRememberedOnUserPrompt = &v
	return s
}

// The device verifier against which it is authenticated.
type DeviceSecretVerifierConfigType struct {
	_ struct{} `type:"structure"`

	// The password verifier.
	PasswordVerifier *string `type:"string"`

	// The salt (https://en.wikipedia.org/wiki/Salt_(cryptography))
	Salt *string `type:"string"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s DeviceSecretVerifierConfigType) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s DeviceSecretVerifierConfigType) GoString() string {
	return s.String()
}

// SetPasswordVerifier sets the PasswordVerifier field's value.
func (s *DeviceSecretVerifierConfigType) SetPasswordVerifier(v string) *DeviceSecretVerifierConfigType {
	s.PasswordVerifier = &v
	return s
}

// SetSalt sets the Salt field's value.
func (s *DeviceSecretVerifierConfigType) SetSalt(v string) *DeviceSecretVerifierConfigType {
	s.Salt = &v
	return s
}

// The device type.
type DeviceType struct {
	_ struct{} `type:"structure"`

	// The device attributes.
	DeviceAttributes []*AttributeType `type:"list"`

	// The creation date of the device.
	DeviceCreateDate *time.Time `type:"timestamp"`

	// The device key.
	DeviceKey *string `min:"1" type:"string"`

	// The date when the device was last authenticated.
	DeviceLastAuthenticatedDate *time.Time `type:"timestamp"`

	// The date and time, in ISO 8601 (https://www.iso.org/iso-8601-date-and-time-format.html)
	// format, when the item was modified.
	DeviceLastModifiedDate *time.Time `type:"timestamp"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s DeviceType) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s DeviceType) GoString() string {
	return s.String()
}

// SetDeviceAttributes sets the DeviceAttributes field's value.
func (s *DeviceType) SetDeviceAttributes(v []*AttributeType) *DeviceType {
	s.DeviceAttributes = v
	return s
}

// SetDeviceCreateDate sets the DeviceCreateDate field's value.
func (s *DeviceType) SetDeviceCreateDate(v time.Time) *DeviceType {
	s.DeviceCreateDate = &v
	return s
}

// SetDeviceKey sets the DeviceKey field's value.
func (s *DeviceType) SetDeviceKey(v string) *DeviceType {
	s.DeviceKey = &v
	return s
}

// SetDeviceLastAuthenticatedDate sets the DeviceLastAuthenticatedDate field's value.
func (s *DeviceType) SetDeviceLastAuthenticatedDate(v time.Time) *DeviceType {
	s.DeviceLastAuthenticatedDate = &v
	return s
}

// SetDeviceLastModifiedDate sets the DeviceLastModifiedDate field's value.
func (s *DeviceType) SetDeviceLastModifiedDate(v time.Time) *DeviceType {
	s.DeviceLastModifiedDate = &v
	return s
}

// A container for information about a domain.
type DomainDescriptionType struct {
	_ struct{} `type:"structure"`

	// The Amazon Web Services ID for the user pool owner.
	AWSAccountId *string `type:"string"`

	// The Amazon CloudFront endpoint that you use as the target of the alias that
	// you set up with your Domain Name Service (DNS) provider.
	CloudFrontDistribution *string `type:"string"`

	// The configuration for a custom domain that hosts the sign-up and sign-in
	// webpages for your application.
	CustomDomainConfig *CustomDomainConfigType `type:"structure"`

	// The domain string. For custom domains, this is the fully-qualified domain
	// name, such as auth.example.com. For Amazon Cognito prefix domains, this is
	// the prefix alone, such as auth.
	Domain *string `min:"1" type:"string"`

	// The Amazon S3 bucket where the static files for this domain are stored.
	S3Bucket *string `min:"3" type:"string"`

	// The domain status.
	Status *string `type:"string" enum:"DomainStatusType"`

	// The user pool ID.
	UserPoolId *string `min:"1" type:"string"`

	// The app version.
	Version *string `min:"1" type:"string"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s DomainDescriptionType) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s DomainDescriptionType) GoString() string {
	return s.String()
}

// SetAWSAccountId sets the AWSAccountId field's value.
func (s *DomainDescriptionType) SetAWSAccountId(v string) *DomainDescriptionType {
	s.AWSAccountId = &v
	return s
}

// SetCloudFrontDistribution sets the CloudFrontDistribution field's value.
func (s *DomainDescriptionType) SetCloudFrontDistribution(v string) *DomainDescriptionType {
	s.CloudFrontDistribution = &v
	return s
}

// SetCustomDomainConfig sets the CustomDomainConfig field's value.
func (s *DomainDescriptionType) SetCustomDomainConfig(v *CustomDomainConfigType) *DomainDescriptionType {
	s.CustomDomainConfig = v
	return s
}

// SetDomain sets the Domain field's value.
func (s *DomainDescriptionType) SetDomain(v string) *DomainDescriptionType {
	s.Domain = &v
	return s
}

// SetS3Bucket sets the S3Bucket field's value.
func (s *DomainDescriptionType) SetS3Bucket(v string) *DomainDescriptionType {
	s.S3Bucket = &v
	return s
}

// SetStatus sets the Status field's value.
func (s *DomainDescriptionType) SetStatus(v string) *DomainDescriptionType {
	s.Status = &v
	return s
}

// SetUserPoolId sets the UserPoolId field's value.
func (s *DomainDescriptionType) SetUserPoolId(v string) *DomainDescriptionType {
	s.UserPoolId = &v
	return s
}

// SetVersion sets the Version field's value.
func (s *DomainDescriptionType) SetVersion(v string) *DomainDescriptionType {
	s.Version = &v
	return s
}

// This exception is thrown when the provider is already supported by the user
// pool.
type DuplicateProviderException struct {
	_            struct{}                  `type:"structure"`
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	Message_ *string `locationName:"message" type:"string"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s DuplicateProviderException) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s DuplicateProviderException) GoString() string {
	return s.String()
}

func newErrorDuplicateProviderException(v protocol.ResponseMetadata) error {
	return &DuplicateProviderException{
		RespMetadata: v,
	}
}

// Code returns the exception type name.
func (s *DuplicateProviderException) Code() string {
	return "DuplicateProviderException"
}

// Message returns the exception's message.
func (s *DuplicateProviderException) Message() string {
	if s.Message_ != nil {
		return *s.Message_
	}
	return ""
}

// OrigErr always returns nil, satisfies awserr.Error interface.
func (s *DuplicateProviderException) OrigErr() error {
	return nil
}

func (s *DuplicateProviderException) Error() string {
	return fmt.Sprintf("%s: %s", s.Code(), s.Message())
}

// Status code returns the HTTP status code for the request's response error.
func (s *DuplicateProviderException) StatusCode() int {
	return s.RespMetadata.StatusCode
}

// RequestID returns the service's response RequestID for request.
func (s *DuplicateProviderException) RequestID() string {
	return s.RespMetadata.RequestID
}

// The email configuration of your user pool. The email configuration type sets
// your preferred sending method, Amazon Web Services Region, and sender for
// messages from your user pool.
//
// Amazon Cognito can send email messages with Amazon Simple Email Service resources
// in the Amazon Web Services Region where you created your user pool, and in
// alternate Regions in some cases. For more information on the supported Regions,
// see Email settings for Amazon Cognito user pools (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-email.html).
type EmailConfigurationType struct {
	_ struct{} `type:"structure"`

	// The set of configuration rules that can be applied to emails sent using Amazon
	// Simple Email Service. A configuration set is applied to an email by including
	// a reference to the configuration set in the headers of the email. Once applied,
	// all of the rules in that configuration set are applied to the email. Configuration
	// sets can be used to apply the following types of rules to emails:
	//
	// Event publishing
	//
	// Amazon Simple Email Service can track the number of send, delivery, open,
	// click, bounce, and complaint events for each email sent. Use event publishing
	// to send information about these events to other Amazon Web Services services
	// such as and Amazon CloudWatch
	//
	// IP pool management
	//
	// When leasing dedicated IP addresses with Amazon Simple Email Service, you
	// can create groups of IP addresses, called dedicated IP pools. You can then
	// associate the dedicated IP pools with configuration sets.
	ConfigurationSet *string `min:"1" type:"string"`

	// Specifies whether Amazon Cognito uses its built-in functionality to send
	// your users email messages, or uses your Amazon Simple Email Service email
	// configuration. Specify one of the following values:
	//
	// COGNITO_DEFAULT
	//
	// When Amazon Cognito emails your users, it uses its built-in email functionality.
	// When you use the default option, Amazon Cognito allows only a limited number
	// of emails each day for your user pool. For typical production environments,
	// the default email limit is less than the required delivery volume. To achieve
	// a higher delivery volume, specify DEVELOPER to use your Amazon SES email
	// configuration.
	//
	// To look up the email delivery limit for the default option, see Limits (https://docs.aws.amazon.com/cognito/latest/developerguide/limits.html)
	// in the Amazon Cognito Developer Guide.
	//
	// The default FROM address is no-reply@verificationemail.com. To customize
	// the FROM address, provide the Amazon Resource Name (ARN) of an Amazon SES
	// verified email address for the SourceArn parameter.
	//
	// DEVELOPER
	//
	// When Amazon Cognito emails your users, it uses your Amazon SES configuration.
	// Amazon Cognito calls Amazon SES on your behalf to send email from your verified
	// email address. When you use this option, the email delivery limits are the
	// same limits that apply to your Amazon SES verified email address in your
	// Amazon Web Services account.
	//
	// If you use this option, provide the ARN of an Amazon SES verified email address
	// for the SourceArn parameter.
	//
	// Before Amazon Cognito can email your users, it requires additional permissions
	// to call Amazon SES on your behalf. When you update your user pool with this
	// option, Amazon Cognito creates a service-linked role, which is a type of
	// role in your Amazon Web Services account. This role contains the permissions
	// that allow you to access Amazon SES and send email messages from your email
	// address. For more information about the service-linked role that Amazon Cognito
	// creates, see Using Service-Linked Roles for Amazon Cognito (https://docs.aws.amazon.com/cognito/latest/developerguide/using-service-linked-roles.html)
	// in the Amazon Cognito Developer Guide.
	EmailSendingAccount *string `type:"string" enum:"EmailSendingAccountType"`

	// Either the sender’s email address or the sender’s name with their email
	// address. For example, testuser@example.com or Test User <testuser@example.com>.
	// This address appears before the body of the email.
	From *string `type:"string"`

	// The destination to which the receiver of the email should reply.
	ReplyToEmailAddress *string `type:"string"`

	// The ARN of a verified email address or an address from a verified domain
	// in Amazon SES. You can set a SourceArn email from a verified domain only
	// with an API request. You can set a verified email address, but not an address
	// in a verified domain, in the Amazon Cognito console. Amazon Cognito uses
	// the email address that you provide in one of the following ways, depending
	// on the value that you specify for the EmailSendingAccount parameter:
	//
	//    * If you specify COGNITO_DEFAULT, Amazon Cognito uses this address as
	//    the custom FROM address when it emails your users using its built-in email
	//    account.
	//
	//    * If you specify DEVELOPER, Amazon Cognito emails your users with this
	//    address by calling Amazon SES on your behalf.
	//
	// The Region value of the SourceArn parameter must indicate a supported Amazon
	// Web Services Region of your user pool. Typically, the Region in the SourceArn
	// and the user pool Region are the same. For more information, see Amazon SES
	// email configuration regions (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-email.html#user-pool-email-developer-region-mapping)
	// in the Amazon Cognito Developer Guide (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools.html).
	SourceArn *string `min:"20" type:"string"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s EmailConfigurationType) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s EmailConfigurationType) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *EmailConfigurationType) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "EmailConfigurationType"}
	if s.ConfigurationSet != nil && len(*s.ConfigurationSet) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("ConfigurationSet", 1))
	}
	if s.SourceArn != nil && len(*s.SourceArn) < 20 {
		invalidParams.Add(request.NewErrParamMinLen("SourceArn", 20))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetConfigurationSet sets the ConfigurationSet field's value.
func (s *EmailConfigurationType) SetConfigurationSet(v string) *EmailConfigurationType {
	s.ConfigurationSet = &v
	return s
}

// SetEmailSendingAccount sets the EmailSendingAccount field's value.
func (s *EmailConfigurationType) SetEmailSendingAccount(v string) *EmailConfigurationType {
	s.EmailSendingAccount = &v
	return s
}

// SetFrom sets the From field's value.
func (s *EmailConfigurationType) SetFrom(v string) *EmailConfigurationType {
	s.From = &v
	return s
}

// SetReplyToEmailAddress sets the ReplyToEmailAddress field's value.
func (s *EmailConfigurationType) SetReplyToEmailAddress(v string) *EmailConfigurationType {
	s.ReplyToEmailAddress = &v
	return s
}

// SetSourceArn sets the SourceArn field's value.
func (s *EmailConfigurationType) SetSourceArn(v string) *EmailConfigurationType {
	s.SourceArn = &v
	return s
}

// This exception is thrown when there is a code mismatch and the service fails
// to configure the software token TOTP multi-factor authentication (MFA).
type EnableSoftwareTokenMFAException struct {
	_            struct{}                  `type:"structure"`
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	Message_ *string `locationName:"message" type:"string"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s EnableSoftwareTokenMFAException) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s EnableSoftwareTokenMFAException) GoString() string {
	return s.String()
}

func newErrorEnableSoftwareTokenMFAException(v protocol.ResponseMetadata) error {
	return &EnableSoftwareTokenMFAException{
		RespMetadata: v,
	}
}

// Code returns the exception type name.
func (s *EnableSoftwareTokenMFAException) Code() string {
	return "EnableSoftwareTokenMFAException"
}

// Message returns the exception's message.
func (s *EnableSoftwareTokenMFAException) Message() string {
	if s.Message_ != nil {
		return *s.Message_
	}
	return ""
}

// OrigErr always returns nil, satisfies awserr.Error interface.
func (s *EnableSoftwareTokenMFAException) OrigErr() error {
	return nil
}

func (s *EnableSoftwareTokenMFAException) Error() string {
	return fmt.Sprintf("%s: %s", s.Code(), s.Message())
}

// Status code returns the HTTP status code for the request's response error.
func (s *EnableSoftwareTokenMFAException) StatusCode() int {
	return s.RespMetadata.StatusCode
}

// RequestID returns the service's response RequestID for request.
func (s *EnableSoftwareTokenMFAException) RequestID() string {
	return s.RespMetadata.RequestID
}

// Specifies the user context data captured at the time of an event request.
type EventContextDataType struct {
	_ struct{} `type:"structure"`

	// The user's city.
	City *string `type:"string"`

	// The user's country.
	Country *string `type:"string"`

	// The user's device name.
	DeviceName *string `type:"string"`

	// The source IP address of your user's device.
	IpAddress *string `type:"string"`

	// The user's time zone.
	Timezone *string `type:"string"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s EventContextDataType) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s EventContextDataType) GoString() string {
	return s.String()
}

// SetCity sets the City field's value.
func (s *EventContextDataType) SetCity(v string) *EventContextDataType {
	s.City = &v
	return s
}

// SetCountry sets the Country field's value.
func (s *EventContextDataType) SetCountry(v string) *EventContextDataType {
	s.Country = &v
	return s
}

// SetDeviceName sets the DeviceName field's value.
func (s *EventContextDataType) SetDeviceName(v string) *EventContextDataType {
	s.DeviceName = &v
	return s
}

// SetIpAddress sets the IpAddress field's value.
func (s *EventContextDataType) SetIpAddress(v string) *EventContextDataType {
	s.IpAddress = &v
	return s
}

// SetTimezone sets the Timezone field's value.
func (s *EventContextDataType) SetTimezone(v string) *EventContextDataType {
	s.Timezone = &v
	return s
}

// Specifies the event feedback type.
type EventFeedbackType struct {
	_ struct{} `type:"structure"`

	// The event feedback date.
	FeedbackDate *time.Time `type:"timestamp"`

	// The authentication event feedback value. When you provide a FeedbackValue
	// value of valid, you tell Amazon Cognito that you trust a user session where
	// Amazon Cognito has evaluated some level of risk. When you provide a FeedbackValue
	// value of invalid, you tell Amazon Cognito that you don't trust a user session,
	// or you don't believe that Amazon Cognito evaluated a high-enough risk level.
	//
	// FeedbackValue is a required field
	FeedbackValue *string `type:"string" required:"true" enum:"FeedbackValueType"`

	// The provider.
	//
	// Provider is a required field
	Provider *string `type:"string" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s EventFeedbackType) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s EventFeedbackType) GoString() string {
	return s.String()
}

// SetFeedbackDate sets the FeedbackDate field's value.
func (s *EventFeedbackType) SetFeedbackDate(v time.Time) *EventFeedbackType {
	s.FeedbackDate = &v
	return s
}

// SetFeedbackValue sets the FeedbackValue field's value.
func (s *EventFeedbackType) SetFeedbackValue(v string) *EventFeedbackType {
	s.FeedbackValue = &v
	return s
}

// SetProvider sets the Provider field's value.
func (s *EventFeedbackType) SetProvider(v string) *EventFeedbackType {
	s.Provider = &v
	return s
}

// The event risk type.
type EventRiskType struct {
	_ struct{} `type:"structure"`

	// Indicates whether compromised credentials were detected during an authentication
	// event.
	CompromisedCredentialsDetected *bool `type:"boolean"`

	// The risk decision.
	RiskDecision *string `type:"string" enum:"RiskDecisionType"`

	// The risk level.
	RiskLevel *string `type:"string" enum:"RiskLevelType"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s EventRiskType) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s EventRiskType) GoString() string {
	return s.String()
}

// SetCompromisedCredentialsDetected sets the CompromisedCredentialsDetected field's value.
func (s *EventRiskType) SetCompromisedCredentialsDetected(v bool) *EventRiskType {
	s.CompromisedCredentialsDetected = &v
	return s
}

// SetRiskDecision sets the RiskDecision field's value.
func (s *EventRiskType) SetRiskDecision(v string) *EventRiskType {
	s.RiskDecision = &v
	return s
}

// SetRiskLevel sets the RiskLevel field's value.
func (s *EventRiskType) SetRiskLevel(v string) *EventRiskType {
	s.RiskLevel = &v
	return s
}

// This exception is thrown if a code has expired.
type ExpiredCodeException struct {
	_            struct{}                  `type:"structure"`
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	// The message returned when the expired code exception is thrown.
	Message_ *string `locationName:"message" type:"string"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ExpiredCodeException) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ExpiredCodeException) GoString() string {
	return s.String()
}

func newErrorExpiredCodeException(v protocol.ResponseMetadata) error {
	return &ExpiredCodeException{
		RespMetadata: v,
	}
}

// Code returns the exception type name.
func (s *ExpiredCodeException) Code() string {
	return "ExpiredCodeException"
}

// Message returns the exception's message.
func (s *ExpiredCodeException) Message() string {
	if s.Message_ != nil {
		return *s.Message_
	}
	return ""
}

// OrigErr always returns nil, satisfies awserr.Error interface.
func (s *ExpiredCodeException) OrigErr() error {
	return nil
}

func (s *ExpiredCodeException) Error() string {
	return fmt.Sprintf("%s: %s", s.Code(), s.Message())
}

// Status code returns the HTTP status code for the request's response error.
func (s *ExpiredCodeException) StatusCode() int {
	return s.RespMetadata.StatusCode
}

// RequestID returns the service's response RequestID for request.
func (s *ExpiredCodeException) RequestID() string {
	return s.RespMetadata.RequestID
}

// This exception is thrown when WAF doesn't allow your request based on a web
// ACL that's associated with your user pool.
type ForbiddenException struct {
	_            struct{}                  `type:"structure"`
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	// The message returned when WAF doesn't allow your request based on a web ACL
	// that's associated with your user pool.
	Message_ *string `locationName:"message" type:"string"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ForbiddenException) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ForbiddenException) GoString() string {
	return s.String()
}

func newErrorForbiddenException(v protocol.ResponseMetadata) error {
	return &ForbiddenException{
		RespMetadata: v,
	}
}

// Code returns the exception type name.
func (s *ForbiddenException) Code() string {
	return "ForbiddenException"
}

// Message returns the exception's message.
func (s *ForbiddenException) Message() string {
	if s.Message_ != nil {
		return *s.Message_
	}
	return ""
}

// OrigErr always returns nil, satisfies awserr.Error interface.
func (s *ForbiddenException) OrigErr() error {
	return nil
}

func (s *ForbiddenException) Error() string {
	return fmt.Sprintf("%s: %s", s.Code(), s.Message())
}

// Status code returns the HTTP status code for the request's response error.
func (s *ForbiddenException) StatusCode() int {
	return s.RespMetadata.StatusCode
}

// RequestID returns the service's response RequestID for request.
func (s *ForbiddenException) RequestID() string {
	return s.RespMetadata.RequestID
}

// Represents the request to forget the device.
type ForgetDeviceInput struct {
	_ struct{} `type:"structure"`

	// A valid access token that Amazon Cognito issued to the user whose registered
	// device you want to forget.
	//
	// AccessToken is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by ForgetDeviceInput's
	// String and GoString methods.
	AccessToken *string `type:"string" sensitive:"true"`

	// The device key.
	//
	// DeviceKey is a required field
	DeviceKey *string `min:"1" type:"string" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ForgetDeviceInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ForgetDeviceInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *ForgetDeviceInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "ForgetDeviceInput"}
	if s.DeviceKey == nil {
		invalidParams.Add(request.NewErrParamRequired("DeviceKey"))
	}
	if s.DeviceKey != nil && len(*s.DeviceKey) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("DeviceKey", 1))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetAccessToken sets the AccessToken field's value.
func (s *ForgetDeviceInput) SetAccessToken(v string) *ForgetDeviceInput {
	s.AccessToken = &v
	return s
}

// SetDeviceKey sets the DeviceKey field's value.
func (s *ForgetDeviceInput) SetDeviceKey(v string) *ForgetDeviceInput {
	s.DeviceKey = &v
	return s
}

type ForgetDeviceOutput struct {
	_ struct{} `type:"structure"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ForgetDeviceOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ForgetDeviceOutput) GoString() string {
	return s.String()
}

// Represents the request to reset a user's password.
type ForgotPasswordInput struct {
	_ struct{} `type:"structure"`

	// The Amazon Pinpoint analytics metadata that contributes to your metrics for
	// ForgotPassword calls.
	AnalyticsMetadata *AnalyticsMetadataType `type:"structure"`

	// The ID of the client associated with the user pool.
	//
	// ClientId is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by ForgotPasswordInput's
	// String and GoString methods.
	//
	// ClientId is a required field
	ClientId *string `min:"1" type:"string" required:"true" sensitive:"true"`

	// A map of custom key-value pairs that you can provide as input for any custom
	// workflows that this action triggers.
	//
	// You create custom workflows by assigning Lambda functions to user pool triggers.
	// When you use the ForgotPassword API action, Amazon Cognito invokes any functions
	// that are assigned to the following triggers: pre sign-up, custom message,
	// and user migration. When Amazon Cognito invokes any of these functions, it
	// passes a JSON payload, which the function receives as input. This payload
	// contains a clientMetadata attribute, which provides the data that you assigned
	// to the ClientMetadata parameter in your ForgotPassword request. In your function
	// code in Lambda, you can process the clientMetadata value to enhance your
	// workflow for your specific needs.
	//
	// For more information, see Customizing user pool Workflows with Lambda Triggers
	// (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools-working-with-aws-lambda-triggers.html)
	// in the Amazon Cognito Developer Guide.
	//
	// When you use the ClientMetadata parameter, remember that Amazon Cognito won't
	// do the following:
	//
	//    * Store the ClientMetadata value. This data is available only to Lambda
	//    triggers that are assigned to a user pool to support custom workflows.
	//    If your user pool configuration doesn't include triggers, the ClientMetadata
	//    parameter serves no purpose.
	//
	//    * Validate the ClientMetadata value.
	//
	//    * Encrypt the ClientMetadata value. Don't use Amazon Cognito to provide
	//    sensitive information.
	ClientMetadata map[string]*string `type:"map"`

	// A keyed-hash message authentication code (HMAC) calculated using the secret
	// key of a user pool client and username plus the client ID in the message.
	//
	// SecretHash is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by ForgotPasswordInput's
	// String and GoString methods.
	SecretHash *string `min:"1" type:"string" sensitive:"true"`

	// Contextual data about your user session, such as the device fingerprint,
	// IP address, or location. Amazon Cognito advanced security evaluates the risk
	// of an authentication event based on the context that your app generates and
	// passes to Amazon Cognito when it makes API requests.
	//
	// UserContextData is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by ForgotPasswordInput's
	// String and GoString methods.
	UserContextData *UserContextDataType `type:"structure" sensitive:"true"`

	// The username of the user that you want to query or modify. The value of this
	// parameter is typically your user's username, but it can be any of their alias
	// attributes. If username isn't an alias attribute in your user pool, you can
	// also use their sub in this request.
	//
	// Username is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by ForgotPasswordInput's
	// String and GoString methods.
	//
	// Username is a required field
	Username *string `min:"1" type:"string" required:"true" sensitive:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ForgotPasswordInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ForgotPasswordInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *ForgotPasswordInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "ForgotPasswordInput"}
	if s.ClientId == nil {
		invalidParams.Add(request.NewErrParamRequired("ClientId"))
	}
	if s.ClientId != nil && len(*s.ClientId) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("ClientId", 1))
	}
	if s.SecretHash != nil && len(*s.SecretHash) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("SecretHash", 1))
	}
	if s.Username == nil {
		invalidParams.Add(request.NewErrParamRequired("Username"))
	}
	if s.Username != nil && len(*s.Username) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("Username", 1))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetAnalyticsMetadata sets the AnalyticsMetadata field's value.
func (s *ForgotPasswordInput) SetAnalyticsMetadata(v *AnalyticsMetadataType) *ForgotPasswordInput {
	s.AnalyticsMetadata = v
	return s
}

// SetClientId sets the ClientId field's value.
func (s *ForgotPasswordInput) SetClientId(v string) *ForgotPasswordInput {
	s.ClientId = &v
	return s
}

// SetClientMetadata sets the ClientMetadata field's value.
func (s *ForgotPasswordInput) SetClientMetadata(v map[string]*string) *ForgotPasswordInput {
	s.ClientMetadata = v
	return s
}

// SetSecretHash sets the SecretHash field's value.
func (s *ForgotPasswordInput) SetSecretHash(v string) *ForgotPasswordInput {
	s.SecretHash = &v
	return s
}

// SetUserContextData sets the UserContextData field's value.
func (s *ForgotPasswordInput) SetUserContextData(v *UserContextDataType) *ForgotPasswordInput {
	s.UserContextData = v
	return s
}

// SetUsername sets the Username field's value.
func (s *ForgotPasswordInput) SetUsername(v string) *ForgotPasswordInput {
	s.Username = &v
	return s
}

// The response from Amazon Cognito to a request to reset a password.
type ForgotPasswordOutput struct {
	_ struct{} `type:"structure"`

	// The code delivery details returned by the server in response to the request
	// to reset a password.
	CodeDeliveryDetails *CodeDeliveryDetailsType `type:"structure"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ForgotPasswordOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ForgotPasswordOutput) GoString() string {
	return s.String()
}

// SetCodeDeliveryDetails sets the CodeDeliveryDetails field's value.
func (s *ForgotPasswordOutput) SetCodeDeliveryDetails(v *CodeDeliveryDetailsType) *ForgotPasswordOutput {
	s.CodeDeliveryDetails = v
	return s
}

// Represents the request to get the header information of the CSV file for
// the user import job.
type GetCSVHeaderInput struct {
	_ struct{} `type:"structure"`

	// The user pool ID for the user pool that the users are to be imported into.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GetCSVHeaderInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GetCSVHeaderInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *GetCSVHeaderInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "GetCSVHeaderInput"}
	if s.UserPoolId == nil {
		invalidParams.Add(request.NewErrParamRequired("UserPoolId"))
	}
	if s.UserPoolId != nil && len(*s.UserPoolId) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("UserPoolId", 1))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetUserPoolId sets the UserPoolId field's value.
func (s *GetCSVHeaderInput) SetUserPoolId(v string) *GetCSVHeaderInput {
	s.UserPoolId = &v
	return s
}

// Represents the response from the server to the request to get the header
// information of the CSV file for the user import job.
type GetCSVHeaderOutput struct {
	_ struct{} `type:"structure"`

	// The header information of the CSV file for the user import job.
	CSVHeader []*string `type:"list"`

	// The user pool ID for the user pool that the users are to be imported into.
	UserPoolId *string `min:"1" type:"string"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GetCSVHeaderOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GetCSVHeaderOutput) GoString() string {
	return s.String()
}

// SetCSVHeader sets the CSVHeader field's value.
func (s *GetCSVHeaderOutput) SetCSVHeader(v []*string) *GetCSVHeaderOutput {
	s.CSVHeader = v
	return s
}

// SetUserPoolId sets the UserPoolId field's value.
func (s *GetCSVHeaderOutput) SetUserPoolId(v string) *GetCSVHeaderOutput {
	s.UserPoolId = &v
	return s
}

// Represents the request to get the device.
type GetDeviceInput struct {
	_ struct{} `type:"structure"`

	// A valid access token that Amazon Cognito issued to the user whose device
	// information you want to request.
	//
	// AccessToken is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by GetDeviceInput's
	// String and GoString methods.
	AccessToken *string `type:"string" sensitive:"true"`

	// The device key.
	//
	// DeviceKey is a required field
	DeviceKey *string `min:"1" type:"string" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GetDeviceInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GetDeviceInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *GetDeviceInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "GetDeviceInput"}
	if s.DeviceKey == nil {
		invalidParams.Add(request.NewErrParamRequired("DeviceKey"))
	}
	if s.DeviceKey != nil && len(*s.DeviceKey) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("DeviceKey", 1))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetAccessToken sets the AccessToken field's value.
func (s *GetDeviceInput) SetAccessToken(v string) *GetDeviceInput {
	s.AccessToken = &v
	return s
}

// SetDeviceKey sets the DeviceKey field's value.
func (s *GetDeviceInput) SetDeviceKey(v string) *GetDeviceInput {
	s.DeviceKey = &v
	return s
}

// Gets the device response.
type GetDeviceOutput struct {
	_ struct{} `type:"structure"`

	// The device.
	//
	// Device is a required field
	Device *DeviceType `type:"structure" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GetDeviceOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GetDeviceOutput) GoString() string {
	return s.String()
}

// SetDevice sets the Device field's value.
func (s *GetDeviceOutput) SetDevice(v *DeviceType) *GetDeviceOutput {
	s.Device = v
	return s
}

type GetGroupInput struct {
	_ struct{} `type:"structure"`

	// The name of the group.
	//
	// GroupName is a required field
	GroupName *string `min:"1" type:"string" required:"true"`

	// The user pool ID for the user pool.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GetGroupInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GetGroupInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *GetGroupInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "GetGroupInput"}
	if s.GroupName == nil {
		invalidParams.Add(request.NewErrParamRequired("GroupName"))
	}
	if s.GroupName != nil && len(*s.GroupName) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("GroupName", 1))
	}
	if s.UserPoolId == nil {
		invalidParams.Add(request.NewErrParamRequired("UserPoolId"))
	}
	if s.UserPoolId != nil && len(*s.UserPoolId) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("UserPoolId", 1))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetGroupName sets the GroupName field's value.
func (s *GetGroupInput) SetGroupName(v string) *GetGroupInput {
	s.GroupName = &v
	return s
}

// SetUserPoolId sets the UserPoolId field's value.
func (s *GetGroupInput) SetUserPoolId(v string) *GetGroupInput {
	s.UserPoolId = &v
	return s
}

type GetGroupOutput struct {
	_ struct{} `type:"structure"`

	// The group object for the group.
	Group *GroupType `type:"structure"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GetGroupOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GetGroupOutput) GoString() string {
	return s.String()
}

// SetGroup sets the Group field's value.
func (s *GetGroupOutput) SetGroup(v *GroupType) *GetGroupOutput {
	s.Group = v
	return s
}

type GetIdentityProviderByIdentifierInput struct {
	_ struct{} `type:"structure"`

	// The IdP identifier.
	//
	// IdpIdentifier is a required field
	IdpIdentifier *string `min:"1" type:"string" required:"true"`

	// The user pool ID.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GetIdentityProviderByIdentifierInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GetIdentityProviderByIdentifierInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *GetIdentityProviderByIdentifierInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "GetIdentityProviderByIdentifierInput"}
	if s.IdpIdentifier == nil {
		invalidParams.Add(request.NewErrParamRequired("IdpIdentifier"))
	}
	if s.IdpIdentifier != nil && len(*s.IdpIdentifier) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("IdpIdentifier", 1))
	}
	if s.UserPoolId == nil {
		invalidParams.Add(request.NewErrParamRequired("UserPoolId"))
	}
	if s.UserPoolId != nil && len(*s.UserPoolId) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("UserPoolId", 1))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetIdpIdentifier sets the IdpIdentifier field's value.
func (s *GetIdentityProviderByIdentifierInput) SetIdpIdentifier(v string) *GetIdentityProviderByIdentifierInput {
	s.IdpIdentifier = &v
	return s
}

// SetUserPoolId sets the UserPoolId field's value.
func (s *GetIdentityProviderByIdentifierInput) SetUserPoolId(v string) *GetIdentityProviderByIdentifierInput {
	s.UserPoolId = &v
	return s
}

type GetIdentityProviderByIdentifierOutput struct {
	_ struct{} `type:"structure"`

	// The identity provider details.
	//
	// IdentityProvider is a required field
	IdentityProvider *IdentityProviderType `type:"structure" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GetIdentityProviderByIdentifierOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GetIdentityProviderByIdentifierOutput) GoString() string {
	return s.String()
}

// SetIdentityProvider sets the IdentityProvider field's value.
func (s *GetIdentityProviderByIdentifierOutput) SetIdentityProvider(v *IdentityProviderType) *GetIdentityProviderByIdentifierOutput {
	s.IdentityProvider = v
	return s
}

type GetLogDeliveryConfigurationInput struct {
	_ struct{} `type:"structure"`

	// The ID of the user pool where you want to view detailed activity logging
	// configuration.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GetLogDeliveryConfigurationInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GetLogDeliveryConfigurationInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *GetLogDeliveryConfigurationInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "GetLogDeliveryConfigurationInput"}
	if s.UserPoolId == nil {
		invalidParams.Add(request.NewErrParamRequired("UserPoolId"))
	}
	if s.UserPoolId != nil && len(*s.UserPoolId) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("UserPoolId", 1))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetUserPoolId sets the UserPoolId field's value.
func (s *GetLogDeliveryConfigurationInput) SetUserPoolId(v string) *GetLogDeliveryConfigurationInput {
	s.UserPoolId = &v
	return s
}

type GetLogDeliveryConfigurationOutput struct {
	_ struct{} `type:"structure"`

	// The detailed activity logging configuration of the requested user pool.
	LogDeliveryConfiguration *LogDeliveryConfigurationType `type:"structure"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GetLogDeliveryConfigurationOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GetLogDeliveryConfigurationOutput) GoString() string {
	return s.String()
}

// SetLogDeliveryConfiguration sets the LogDeliveryConfiguration field's value.
func (s *GetLogDeliveryConfigurationOutput) SetLogDeliveryConfiguration(v *LogDeliveryConfigurationType) *GetLogDeliveryConfigurationOutput {
	s.LogDeliveryConfiguration = v
	return s
}

// Request to get a signing certificate from Amazon Cognito.
type GetSigningCertificateInput struct {
	_ struct{} `type:"structure"`

	// The user pool ID.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GetSigningCertificateInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GetSigningCertificateInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *GetSigningCertificateInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "GetSigningCertificateInput"}
	if s.UserPoolId == nil {
		invalidParams.Add(request.NewErrParamRequired("UserPoolId"))
	}
	if s.UserPoolId != nil && len(*s.UserPoolId) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("UserPoolId", 1))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetUserPoolId sets the UserPoolId field's value.
func (s *GetSigningCertificateInput) SetUserPoolId(v string) *GetSigningCertificateInput {
	s.UserPoolId = &v
	return s
}

// Response from Amazon Cognito for a signing certificate request.
type GetSigningCertificateOutput struct {
	_ struct{} `type:"structure"`

	// The signing certificate.
	Certificate *string `type:"string"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GetSigningCertificateOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GetSigningCertificateOutput) GoString() string {
	return s.String()
}

// SetCertificate sets the Certificate field's value.
func (s *GetSigningCertificateOutput) SetCertificate(v string) *GetSigningCertificateOutput {
	s.Certificate = &v
	return s
}

type GetUICustomizationInput struct {
	_ struct{} `type:"structure"`

	// The client ID for the client app.
	//
	// ClientId is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by GetUICustomizationInput's
	// String and GoString methods.
	ClientId *string `min:"1" type:"string" sensitive:"true"`

	// The user pool ID for the user pool.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GetUICustomizationInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GetUICustomizationInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *GetUICustomizationInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "GetUICustomizationInput"}
	if s.ClientId != nil && len(*s.ClientId) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("ClientId", 1))
	}
	if s.UserPoolId == nil {
		invalidParams.Add(request.NewErrParamRequired("UserPoolId"))
	}
	if s.UserPoolId != nil && len(*s.UserPoolId) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("UserPoolId", 1))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetClientId sets the ClientId field's value.
func (s *GetUICustomizationInput) SetClientId(v string) *GetUICustomizationInput {
	s.ClientId = &v
	return s
}

// SetUserPoolId sets the UserPoolId field's value.
func (s *GetUICustomizationInput) SetUserPoolId(v string) *GetUICustomizationInput {
	s.UserPoolId = &v
	return s
}

type GetUICustomizationOutput struct {
	_ struct{} `type:"structure"`

	// The UI customization information.
	//
	// UICustomization is a required field
	UICustomization *UICustomizationType `type:"structure" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GetUICustomizationOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GetUICustomizationOutput) GoString() string {
	return s.String()
}

// SetUICustomization sets the UICustomization field's value.
func (s *GetUICustomizationOutput) SetUICustomization(v *UICustomizationType) *GetUICustomizationOutput {
	s.UICustomization = v
	return s
}

// Represents the request to get user attribute verification.
type GetUserAttributeVerificationCodeInput struct {
	_ struct{} `type:"structure"`

	// A non-expired access token for the user whose attribute verification code
	// you want to generate.
	//
	// AccessToken is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by GetUserAttributeVerificationCodeInput's
	// String and GoString methods.
	//
	// AccessToken is a required field
	AccessToken *string `type:"string" required:"true" sensitive:"true"`

	// The attribute name returned by the server response to get the user attribute
	// verification code.
	//
	// AttributeName is a required field
	AttributeName *string `min:"1" type:"string" required:"true"`

	// A map of custom key-value pairs that you can provide as input for any custom
	// workflows that this action triggers.
	//
	// You create custom workflows by assigning Lambda functions to user pool triggers.
	// When you use the GetUserAttributeVerificationCode API action, Amazon Cognito
	// invokes the function that is assigned to the custom message trigger. When
	// Amazon Cognito invokes this function, it passes a JSON payload, which the
	// function receives as input. This payload contains a clientMetadata attribute,
	// which provides the data that you assigned to the ClientMetadata parameter
	// in your GetUserAttributeVerificationCode request. In your function code in
	// Lambda, you can process the clientMetadata value to enhance your workflow
	// for your specific needs.
	//
	// For more information, see Customizing user pool Workflows with Lambda Triggers
	// (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools-working-with-aws-lambda-triggers.html)
	// in the Amazon Cognito Developer Guide.
	//
	// When you use the ClientMetadata parameter, remember that Amazon Cognito won't
	// do the following:
	//
	//    * Store the ClientMetadata value. This data is available only to Lambda
	//    triggers that are assigned to a user pool to support custom workflows.
	//    If your user pool configuration doesn't include triggers, the ClientMetadata
	//    parameter serves no purpose.
	//
	//    * Validate the ClientMetadata value.
	//
	//    * Encrypt the ClientMetadata value. Don't use Amazon Cognito to provide
	//    sensitive information.
	ClientMetadata map[string]*string `type:"map"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GetUserAttributeVerificationCodeInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GetUserAttributeVerificationCodeInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *GetUserAttributeVerificationCodeInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "GetUserAttributeVerificationCodeInput"}
	if s.AccessToken == nil {
		invalidParams.Add(request.NewErrParamRequired("AccessToken"))
	}
	if s.AttributeName == nil {
		invalidParams.Add(request.NewErrParamRequired("AttributeName"))
	}
	if s.AttributeName != nil && len(*s.AttributeName) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("AttributeName", 1))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetAccessToken sets the AccessToken field's value.
func (s *GetUserAttributeVerificationCodeInput) SetAccessToken(v string) *GetUserAttributeVerificationCodeInput {
	s.AccessToken = &v
	return s
}

// SetAttributeName sets the AttributeName field's value.
func (s *GetUserAttributeVerificationCodeInput) SetAttributeName(v string) *GetUserAttributeVerificationCodeInput {
	s.AttributeName = &v
	return s
}

// SetClientMetadata sets the ClientMetadata field's value.
func (s *GetUserAttributeVerificationCodeInput) SetClientMetadata(v map[string]*string) *GetUserAttributeVerificationCodeInput {
	s.ClientMetadata = v
	return s
}

// The verification code response returned by the server response to get the
// user attribute verification code.
type GetUserAttributeVerificationCodeOutput struct {
	_ struct{} `type:"structure"`

	// The code delivery details returned by the server in response to the request
	// to get the user attribute verification code.
	CodeDeliveryDetails *CodeDeliveryDetailsType `type:"structure"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GetUserAttributeVerificationCodeOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GetUserAttributeVerificationCodeOutput) GoString() string {
	return s.String()
}

// SetCodeDeliveryDetails sets the CodeDeliveryDetails field's value.
func (s *GetUserAttributeVerificationCodeOutput) SetCodeDeliveryDetails(v *CodeDeliveryDetailsType) *GetUserAttributeVerificationCodeOutput {
	s.CodeDeliveryDetails = v
	return s
}

// Represents the request to get information about the user.
type GetUserInput struct {
	_ struct{} `type:"structure"`

	// A non-expired access token for the user whose information you want to query.
	//
	// AccessToken is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by GetUserInput's
	// String and GoString methods.
	//
	// AccessToken is a required field
	AccessToken *string `type:"string" required:"true" sensitive:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GetUserInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GetUserInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *GetUserInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "GetUserInput"}
	if s.AccessToken == nil {
		invalidParams.Add(request.NewErrParamRequired("AccessToken"))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetAccessToken sets the AccessToken field's value.
func (s *GetUserInput) SetAccessToken(v string) *GetUserInput {
	s.AccessToken = &v
	return s
}

// Represents the response from the server from the request to get information
// about the user.
type GetUserOutput struct {
	_ struct{} `type:"structure"`

	// This response parameter is no longer supported. It provides information only
	// about SMS MFA configurations. It doesn't provide information about time-based
	// one-time password (TOTP) software token MFA configurations. To look up information
	// about either type of MFA configuration, use UserMFASettingList instead.
	MFAOptions []*MFAOptionType `type:"list"`

	// The user's preferred MFA setting.
	PreferredMfaSetting *string `type:"string"`

	// An array of name-value pairs representing user attributes.
	//
	// For custom attributes, you must prepend the custom: prefix to the attribute
	// name.
	//
	// UserAttributes is a required field
	UserAttributes []*AttributeType `type:"list" required:"true"`

	// The MFA options that are activated for the user. The possible values in this
	// list are SMS_MFA and SOFTWARE_TOKEN_MFA.
	UserMFASettingList []*string `type:"list"`

	// The username of the user that you requested.
	//
	// Username is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by GetUserOutput's
	// String and GoString methods.
	//
	// Username is a required field
	Username *string `min:"1" type:"string" required:"true" sensitive:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GetUserOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GetUserOutput) GoString() string {
	return s.String()
}

// SetMFAOptions sets the MFAOptions field's value.
func (s *GetUserOutput) SetMFAOptions(v []*MFAOptionType) *GetUserOutput {
	s.MFAOptions = v
	return s
}

// SetPreferredMfaSetting sets the PreferredMfaSetting field's value.
func (s *GetUserOutput) SetPreferredMfaSetting(v string) *GetUserOutput {
	s.PreferredMfaSetting = &v
	return s
}

// SetUserAttributes sets the UserAttributes field's value.
func (s *GetUserOutput) SetUserAttributes(v []*AttributeType) *GetUserOutput {
	s.UserAttributes = v
	return s
}

// SetUserMFASettingList sets the UserMFASettingList field's value.
func (s *GetUserOutput) SetUserMFASettingList(v []*string) *GetUserOutput {
	s.UserMFASettingList = v
	return s
}

// SetUsername sets the Username field's value.
func (s *GetUserOutput) SetUsername(v string) *GetUserOutput {
	s.Username = &v
	return s
}

type GetUserPoolMfaConfigInput struct {
	_ struct{} `type:"structure"`

	// The user pool ID.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GetUserPoolMfaConfigInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GetUserPoolMfaConfigInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *GetUserPoolMfaConfigInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "GetUserPoolMfaConfigInput"}
	if s.UserPoolId == nil {
		invalidParams.Add(request.NewErrParamRequired("UserPoolId"))
	}
	if s.UserPoolId != nil && len(*s.UserPoolId) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("UserPoolId", 1))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetUserPoolId sets the UserPoolId field's value.
func (s *GetUserPoolMfaConfigInput) SetUserPoolId(v string) *GetUserPoolMfaConfigInput {
	s.UserPoolId = &v
	return s
}

type GetUserPoolMfaConfigOutput struct {
	_ struct{} `type:"structure"`

	// The multi-factor authentication (MFA) configuration. Valid values include:
	//
	//    * OFF MFA won't be used for any users.
	//
	//    * ON MFA is required for all users to sign in.
	//
	//    * OPTIONAL MFA will be required only for individual users who have an
	//    MFA factor activated.
	MfaConfiguration *string `type:"string" enum:"UserPoolMfaType"`

	// The SMS text message multi-factor authentication (MFA) configuration.
	SmsMfaConfiguration *SmsMfaConfigType `type:"structure"`

	// The software token multi-factor authentication (MFA) configuration.
	SoftwareTokenMfaConfiguration *SoftwareTokenMfaConfigType `type:"structure"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GetUserPoolMfaConfigOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GetUserPoolMfaConfigOutput) GoString() string {
	return s.String()
}

// SetMfaConfiguration sets the MfaConfiguration field's value.
func (s *GetUserPoolMfaConfigOutput) SetMfaConfiguration(v string) *GetUserPoolMfaConfigOutput {
	s.MfaConfiguration = &v
	return s
}

// SetSmsMfaConfiguration sets the SmsMfaConfiguration field's value.
func (s *GetUserPoolMfaConfigOutput) SetSmsMfaConfiguration(v *SmsMfaConfigType) *GetUserPoolMfaConfigOutput {
	s.SmsMfaConfiguration = v
	return s
}

// SetSoftwareTokenMfaConfiguration sets the SoftwareTokenMfaConfiguration field's value.
func (s *GetUserPoolMfaConfigOutput) SetSoftwareTokenMfaConfiguration(v *SoftwareTokenMfaConfigType) *GetUserPoolMfaConfigOutput {
	s.SoftwareTokenMfaConfiguration = v
	return s
}

// Represents the request to sign out all devices.
type GlobalSignOutInput struct {
	_ struct{} `type:"structure"`

	// A valid access token that Amazon Cognito issued to the user who you want
	// to sign out.
	//
	// AccessToken is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by GlobalSignOutInput's
	// String and GoString methods.
	//
	// AccessToken is a required field
	AccessToken *string `type:"string" required:"true" sensitive:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GlobalSignOutInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GlobalSignOutInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *GlobalSignOutInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "GlobalSignOutInput"}
	if s.AccessToken == nil {
		invalidParams.Add(request.NewErrParamRequired("AccessToken"))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetAccessToken sets the AccessToken field's value.
func (s *GlobalSignOutInput) SetAccessToken(v string) *GlobalSignOutInput {
	s.AccessToken = &v
	return s
}

// The response to the request to sign out all devices.
type GlobalSignOutOutput struct {
	_ struct{} `type:"structure"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GlobalSignOutOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GlobalSignOutOutput) GoString() string {
	return s.String()
}

// This exception is thrown when Amazon Cognito encounters a group that already
// exists in the user pool.
type GroupExistsException struct {
	_            struct{}                  `type:"structure"`
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	Message_ *string `locationName:"message" type:"string"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GroupExistsException) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GroupExistsException) GoString() string {
	return s.String()
}

func newErrorGroupExistsException(v protocol.ResponseMetadata) error {
	return &GroupExistsException{
		RespMetadata: v,
	}
}

// Code returns the exception type name.
func (s *GroupExistsException) Code() string {
	return "GroupExistsException"
}

// Message returns the exception's message.
func (s *GroupExistsException) Message() string {
	if s.Message_ != nil {
		return *s.Message_
	}
	return ""
}

// OrigErr always returns nil, satisfies awserr.Error interface.
func (s *GroupExistsException) OrigErr() error {
	return nil
}

func (s *GroupExistsException) Error() string {
	return fmt.Sprintf("%s: %s", s.Code(), s.Message())
}

// Status code returns the HTTP status code for the request's response error.
func (s *GroupExistsException) StatusCode() int {
	return s.RespMetadata.StatusCode
}

// RequestID returns the service's response RequestID for request.
func (s *GroupExistsException) RequestID() string {
	return s.RespMetadata.RequestID
}

// The group type.
type GroupType struct {
	_ struct{} `type:"structure"`

	// The date and time, in ISO 8601 (https://www.iso.org/iso-8601-date-and-time-format.html)
	// format, when the item was created.
	CreationDate *time.Time `type:"timestamp"`

	// A string containing the description of the group.
	Description *string `type:"string"`

	// The name of the group.
	GroupName *string `min:"1" type:"string"`

	// The date and time, in ISO 8601 (https://www.iso.org/iso-8601-date-and-time-format.html)
	// format, when the item was modified.
	LastModifiedDate *time.Time `type:"timestamp"`

	// A non-negative integer value that specifies the precedence of this group
	// relative to the other groups that a user can belong to in the user pool.
	// Zero is the highest precedence value. Groups with lower Precedence values
	// take precedence over groups with higher ornull Precedence values. If a user
	// belongs to two or more groups, it is the group with the lowest precedence
	// value whose role ARN is given in the user's tokens for the cognito:roles
	// and cognito:preferred_role claims.
	//
	// Two groups can have the same Precedence value. If this happens, neither group
	// takes precedence over the other. If two groups with the same Precedence have
	// the same role ARN, that role is used in the cognito:preferred_role claim
	// in tokens for users in each group. If the two groups have different role
	// ARNs, the cognito:preferred_role claim isn't set in users' tokens.
	//
	// The default Precedence value is null.
	Precedence *int64 `type:"integer"`

	// The role Amazon Resource Name (ARN) for the group.
	RoleArn *string `min:"20" type:"string"`

	// The user pool ID for the user pool.
	UserPoolId *string `min:"1" type:"string"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GroupType) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GroupType) GoString() string {
	return s.String()
}

// SetCreationDate sets the CreationDate field's value.
func (s *GroupType) SetCreationDate(v time.Time) *GroupType {
	s.CreationDate = &v
	return s
}

// SetDescription sets the Description field's value.
func (s *GroupType) SetDescription(v string) *GroupType {
	s.Description = &v
	return s
}

// SetGroupName sets the GroupName field's value.
func (s *GroupType) SetGroupName(v string) *GroupType {
	s.GroupName = &v
	return s
}

// SetLastModifiedDate sets the LastModifiedDate field's value.
func (s *GroupType) SetLastModifiedDate(v time.Time) *GroupType {
	s.LastModifiedDate = &v
	return s
}

// SetPrecedence sets the Precedence field's value.
func (s *GroupType) SetPrecedence(v int64) *GroupType {
	s.Precedence = &v
	return s
}

// SetRoleArn sets the RoleArn field's value.
func (s *GroupType) SetRoleArn(v string) *GroupType {
	s.RoleArn = &v
	return s
}

// SetUserPoolId sets the UserPoolId field's value.
func (s *GroupType) SetUserPoolId(v string) *GroupType {
	s.UserPoolId = &v
	return s
}

// The HTTP header.
type HttpHeader struct {
	_ struct{} `type:"structure"`

	// The header name.
	HeaderName *string `locationName:"headerName" type:"string"`

	// The header value.
	HeaderValue *string `locationName:"headerValue" type:"string"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s HttpHeader) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s HttpHeader) GoString() string {
	return s.String()
}

// SetHeaderName sets the HeaderName field's value.
func (s *HttpHeader) SetHeaderName(v string) *HttpHeader {
	s.HeaderName = &v
	return s
}

// SetHeaderValue sets the HeaderValue field's value.
func (s *HttpHeader) SetHeaderValue(v string) *HttpHeader {
	s.HeaderValue = &v
	return s
}

// A container for information about an IdP.
type IdentityProviderType struct {
	_ struct{} `type:"structure"`

	// A mapping of IdP attributes to standard and custom user pool attributes.
	AttributeMapping map[string]*string `type:"map"`

	// The date and time, in ISO 8601 (https://www.iso.org/iso-8601-date-and-time-format.html)
	// format, when the item was created.
	CreationDate *time.Time `type:"timestamp"`

	// A list of IdP identifiers.
	IdpIdentifiers []*string `type:"list"`

	// The date and time, in ISO 8601 (https://www.iso.org/iso-8601-date-and-time-format.html)
	// format, when the item was modified.
	LastModifiedDate *time.Time `type:"timestamp"`

	// The IdP details. The following list describes the provider detail keys for
	// each IdP type.
	//
	//    * For Google and Login with Amazon: client_id client_secret authorize_scopes
	//
	//    * For Facebook: client_id client_secret authorize_scopes api_version
	//
	//    * For Sign in with Apple: client_id team_id key_id private_key You can
	//    submit a private_key when you add or update an IdP. Describe operations
	//    don't return the private key. authorize_scopes
	//
	//    * For OIDC providers: client_id client_secret attributes_request_method
	//    oidc_issuer authorize_scopes The following keys are only present if Amazon
	//    Cognito didn't discover them at the oidc_issuer URL. authorize_url token_url
	//    attributes_url jwks_uri Amazon Cognito sets the value of the following
	//    keys automatically. They are read-only. attributes_url_add_attributes
	//
	//    * For SAML providers: MetadataFile or MetadataURL IDPSignout optional
	ProviderDetails map[string]*string `type:"map"`

	// The IdP name.
	ProviderName *string `min:"1" type:"string"`

	// The IdP type.
	ProviderType *string `type:"string" enum:"IdentityProviderTypeType"`

	// The user pool ID.
	UserPoolId *string `min:"1" type:"string"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s IdentityProviderType) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s IdentityProviderType) GoString() string {
	return s.String()
}

// SetAttributeMapping sets the AttributeMapping field's value.
func (s *IdentityProviderType) SetAttributeMapping(v map[string]*string) *IdentityProviderType {
	s.AttributeMapping = v
	return s
}

// SetCreationDate sets the CreationDate field's value.
func (s *IdentityProviderType) SetCreationDate(v time.Time) *IdentityProviderType {
	s.CreationDate = &v
	return s
}

// SetIdpIdentifiers sets the IdpIdentifiers field's value.
func (s *IdentityProviderType) SetIdpIdentifiers(v []*string) *IdentityProviderType {
	s.IdpIdentifiers = v
	return s
}

// SetLastModifiedDate sets the LastModifiedDate field's value.
func (s *IdentityProviderType) SetLastModifiedDate(v time.Time) *IdentityProviderType {
	s.LastModifiedDate = &v
	return s
}

// SetProviderDetails sets the ProviderDetails field's value.
func (s *IdentityProviderType) SetProviderDetails(v map[string]*string) *IdentityProviderType {
	s.ProviderDetails = v
	return s
}

// SetProviderName sets the ProviderName field's value.
func (s *IdentityProviderType) SetProviderName(v string) *IdentityProviderType {
	s.ProviderName = &v
	return s
}

// SetProviderType sets the ProviderType field's value.
func (s *IdentityProviderType) SetProviderType(v string) *IdentityProviderType {
	s.ProviderType = &v
	return s
}

// SetUserPoolId sets the UserPoolId field's value.
func (s *IdentityProviderType) SetUserPoolId(v string) *IdentityProviderType {
	s.UserPoolId = &v
	return s
}

// Initiates the authentication request.
type InitiateAuthInput struct {
	_ struct{} `type:"structure"`

	// The Amazon Pinpoint analytics metadata that contributes to your metrics for
	// InitiateAuth calls.
	AnalyticsMetadata *AnalyticsMetadataType `type:"structure"`

	// The authentication flow for this call to run. The API action will depend
	// on this value. For example:
	//
	//    * REFRESH_TOKEN_AUTH takes in a valid refresh token and returns new tokens.
	//
	//    * USER_SRP_AUTH takes in USERNAME and SRP_A and returns the SRP variables
	//    to be used for next challenge execution.
	//
	//    * USER_PASSWORD_AUTH takes in USERNAME and PASSWORD and returns the next
	//    challenge or tokens.
	//
	// Valid values include:
	//
	//    * USER_SRP_AUTH: Authentication flow for the Secure Remote Password (SRP)
	//    protocol.
	//
	//    * REFRESH_TOKEN_AUTH/REFRESH_TOKEN: Authentication flow for refreshing
	//    the access token and ID token by supplying a valid refresh token.
	//
	//    * CUSTOM_AUTH: Custom authentication flow.
	//
	//    * USER_PASSWORD_AUTH: Non-SRP authentication flow; user name and password
	//    are passed directly. If a user migration Lambda trigger is set, this flow
	//    will invoke the user migration Lambda if it doesn't find the user name
	//    in the user pool.
	//
	// ADMIN_NO_SRP_AUTH isn't a valid value.
	//
	// AuthFlow is a required field
	AuthFlow *string `type:"string" required:"true" enum:"AuthFlowType"`

	// The authentication parameters. These are inputs corresponding to the AuthFlow
	// that you're invoking. The required values depend on the value of AuthFlow:
	//
	//    * For USER_SRP_AUTH: USERNAME (required), SRP_A (required), SECRET_HASH
	//    (required if the app client is configured with a client secret), DEVICE_KEY.
	//
	//    * For USER_PASSWORD_AUTH: USERNAME (required), PASSWORD (required), SECRET_HASH
	//    (required if the app client is configured with a client secret), DEVICE_KEY.
	//
	//    * For REFRESH_TOKEN_AUTH/REFRESH_TOKEN: REFRESH_TOKEN (required), SECRET_HASH
	//    (required if the app client is configured with a client secret), DEVICE_KEY.
	//
	//    * For CUSTOM_AUTH: USERNAME (required), SECRET_HASH (if app client is
	//    configured with client secret), DEVICE_KEY. To start the authentication
	//    flow with password verification, include ChallengeName: SRP_A and SRP_A:
	//    (The SRP_A Value).
	//
	// For more information about SECRET_HASH, see Computing secret hash values
	// (https://docs.aws.amazon.com/cognito/latest/developerguide/signing-up-users-in-your-app.html#cognito-user-pools-computing-secret-hash).
	// For information about DEVICE_KEY, see Working with user devices in your user
	// pool (https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-device-tracking.html).
	//
	// AuthParameters is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by InitiateAuthInput's
	// String and GoString methods.
	AuthParameters map[string]*string `type:"map" sensitive:"true"`

	// The app client ID.
	//
	// ClientId is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by InitiateAuthInput's
	// String and GoString methods.
	//
	// ClientId is a required field
	ClientId *string `min:"1" type:"string" required:"true" sensitive:"true"`

	// A map of custom key-value pairs that you can provide as input for certain
	// custom workflows that this action triggers.
	//
	// You create custom workflows by assigning Lambda functions to user pool triggers.
	// When you use the InitiateAuth API action, Amazon Cognito invokes the Lambda
	// functions that are specified for various triggers. The ClientMetadata value
	// is passed as input to the functions for only the following triggers:
	//
	//    * Pre signup
	//
	//    * Pre authentication
	//
	//    * User migration
	//
	// When Amazon Cognito invokes the functions for these triggers, it passes a
	// JSON payload, which the function receives as input. This payload contains
	// a validationData attribute, which provides the data that you assigned to
	// the ClientMetadata parameter in your InitiateAuth request. In your function
	// code in Lambda, you can process the validationData value to enhance your
	// workflow for your specific needs.
	//
	// When you use the InitiateAuth API action, Amazon Cognito also invokes the
	// functions for the following triggers, but it doesn't provide the ClientMetadata
	// value as input:
	//
	//    * Post authentication
	//
	//    * Custom message
	//
	//    * Pre token generation
	//
	//    * Create auth challenge
	//
	//    * Define auth challenge
	//
	// For more information, see Customizing user pool Workflows with Lambda Triggers
	// (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools-working-with-aws-lambda-triggers.html)
	// in the Amazon Cognito Developer Guide.
	//
	// When you use the ClientMetadata parameter, remember that Amazon Cognito won't
	// do the following:
	//
	//    * Store the ClientMetadata value. This data is available only to Lambda
	//    triggers that are assigned to a user pool to support custom workflows.
	//    If your user pool configuration doesn't include triggers, the ClientMetadata
	//    parameter serves no purpose.
	//
	//    * Validate the ClientMetadata value.
	//
	//    * Encrypt the ClientMetadata value. Don't use Amazon Cognito to provide
	//    sensitive information.
	ClientMetadata map[string]*string `type:"map"`

	// Contextual data about your user session, such as the device fingerprint,
	// IP address, or location. Amazon Cognito advanced security evaluates the risk
	// of an authentication event based on the context that your app generates and
	// passes to Amazon Cognito when it makes API requests.
	//
	// UserContextData is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by InitiateAuthInput's
	// String and GoString methods.
	UserContextData *UserContextDataType `type:"structure" sensitive:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s InitiateAuthInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s InitiateAuthInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *InitiateAuthInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "InitiateAuthInput"}
	if s.AuthFlow == nil {
		invalidParams.Add(request.NewErrParamRequired("AuthFlow"))
	}
	if s.ClientId == nil {
		invalidParams.Add(request.NewErrParamRequired("ClientId"))
	}
	if s.ClientId != nil && len(*s.ClientId) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("ClientId", 1))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetAnalyticsMetadata sets the AnalyticsMetadata field's value.
func (s *InitiateAuthInput) SetAnalyticsMetadata(v *AnalyticsMetadataType) *InitiateAuthInput {
	s.AnalyticsMetadata = v
	return s
}

// SetAuthFlow sets the AuthFlow field's value.
func (s *InitiateAuthInput) SetAuthFlow(v string) *InitiateAuthInput {
	s.AuthFlow = &v
	return s
}

// SetAuthParameters sets the AuthParameters field's value.
func (s *InitiateAuthInput) SetAuthParameters(v map[string]*string) *InitiateAuthInput {
	s.AuthParameters = v
	return s
}

// SetClientId sets the ClientId field's value.
func (s *InitiateAuthInput) SetClientId(v string) *InitiateAuthInput {
	s.ClientId = &v
	return s
}

// SetClientMetadata sets the ClientMetadata field's value.
func (s *InitiateAuthInput) SetClientMetadata(v map[string]*string) *InitiateAuthInput {
	s.ClientMetadata = v
	return s
}

// SetUserContextData sets the UserContextData field's value.
func (s *InitiateAuthInput) SetUserContextData(v *UserContextDataType) *InitiateAuthInput {
	s.UserContextData = v
	return s
}

// Initiates the authentication response.
type InitiateAuthOutput struct {
	_ struct{} `type:"structure"`

	// The result of the authentication response. This result is only returned if
	// the caller doesn't need to pass another challenge. If the caller does need
	// to pass another challenge before it gets tokens, ChallengeName, ChallengeParameters,
	// and Session are returned.
	AuthenticationResult *AuthenticationResultType `type:"structure"`

	// The name of the challenge that you're responding to with this call. This
	// name is returned in the InitiateAuth response if you must pass another challenge.
	//
	// Valid values include the following:
	//
	// All of the following challenges require USERNAME and SECRET_HASH (if applicable)
	// in the parameters.
	//
	//    * SMS_MFA: Next challenge is to supply an SMS_MFA_CODE, delivered via
	//    SMS.
	//
	//    * PASSWORD_VERIFIER: Next challenge is to supply PASSWORD_CLAIM_SIGNATURE,
	//    PASSWORD_CLAIM_SECRET_BLOCK, and TIMESTAMP after the client-side SRP calculations.
	//
	//    * CUSTOM_CHALLENGE: This is returned if your custom authentication flow
	//    determines that the user should pass another challenge before tokens are
	//    issued.
	//
	//    * DEVICE_SRP_AUTH: If device tracking was activated on your user pool
	//    and the previous challenges were passed, this challenge is returned so
	//    that Amazon Cognito can start tracking this device.
	//
	//    * DEVICE_PASSWORD_VERIFIER: Similar to PASSWORD_VERIFIER, but for devices
	//    only.
	//
	//    * NEW_PASSWORD_REQUIRED: For users who are required to change their passwords
	//    after successful first login. Respond to this challenge with NEW_PASSWORD
	//    and any required attributes that Amazon Cognito returned in the requiredAttributes
	//    parameter. You can also set values for attributes that aren't required
	//    by your user pool and that your app client can write. For more information,
	//    see RespondToAuthChallenge (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_RespondToAuthChallenge.html).
	//    In a NEW_PASSWORD_REQUIRED challenge response, you can't modify a required
	//    attribute that already has a value. In RespondToAuthChallenge, set a value
	//    for any keys that Amazon Cognito returned in the requiredAttributes parameter,
	//    then use the UpdateUserAttributes API operation to modify the value of
	//    any additional attributes.
	//
	//    * MFA_SETUP: For users who are required to setup an MFA factor before
	//    they can sign in. The MFA types activated for the user pool will be listed
	//    in the challenge parameters MFAS_CAN_SETUP value. To set up software token
	//    MFA, use the session returned here from InitiateAuth as an input to AssociateSoftwareToken.
	//    Use the session returned by VerifySoftwareToken as an input to RespondToAuthChallenge
	//    with challenge name MFA_SETUP to complete sign-in. To set up SMS MFA,
	//    an administrator should help the user to add a phone number to their account,
	//    and then the user should call InitiateAuth again to restart sign-in.
	ChallengeName *string `type:"string" enum:"ChallengeNameType"`

	// The challenge parameters. These are returned in the InitiateAuth response
	// if you must pass another challenge. The responses in this parameter should
	// be used to compute inputs to the next call (RespondToAuthChallenge).
	//
	// All challenges require USERNAME and SECRET_HASH (if applicable).
	ChallengeParameters map[string]*string `type:"map"`

	// The session that should pass both ways in challenge-response calls to the
	// service. If the caller must pass another challenge, they return a session
	// with other challenge parameters. This session should be passed as it is to
	// the next RespondToAuthChallenge API call.
	//
	// Session is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by InitiateAuthOutput's
	// String and GoString methods.
	Session *string `min:"20" type:"string" sensitive:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s InitiateAuthOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s InitiateAuthOutput) GoString() string {
	return s.String()
}

// SetAuthenticationResult sets the AuthenticationResult field's value.
func (s *InitiateAuthOutput) SetAuthenticationResult(v *AuthenticationResultType) *InitiateAuthOutput {
	s.AuthenticationResult = v
	return s
}

// SetChallengeName sets the ChallengeName field's value.
func (s *InitiateAuthOutput) SetChallengeName(v string) *InitiateAuthOutput {
	s.ChallengeName = &v
	return s
}

// SetChallengeParameters sets the ChallengeParameters field's value.
func (s *InitiateAuthOutput) SetChallengeParameters(v map[string]*string) *InitiateAuthOutput {
	s.ChallengeParameters = v
	return s
}

// SetSession sets the Session field's value.
func (s *InitiateAuthOutput) SetSession(v string) *InitiateAuthOutput {
	s.Session = &v
	return s
}

// This exception is thrown when Amazon Cognito encounters an internal error.
type InternalErrorException struct {
	_            struct{}                  `type:"structure"`
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	// The message returned when Amazon Cognito throws an internal error exception.
	Message_ *string `locationName:"message" type:"string"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s InternalErrorException) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s InternalErrorException) GoString() string {
	return s.String()
}

func newErrorInternalErrorException(v protocol.ResponseMetadata) error {
	return &InternalErrorException{
		RespMetadata: v,
	}
}

// Code returns the exception type name.
func (s *InternalErrorException) Code() string {
	return "InternalErrorException"
}

// Message returns the exception's message.
func (s *InternalErrorException) Message() string {
	if s.Message_ != nil {
		return *s.Message_
	}
	return ""
}

// OrigErr always returns nil, satisfies awserr.Error interface.
func (s *InternalErrorException) OrigErr() error {
	return nil
}

func (s *InternalErrorException) Error() string {
	return fmt.Sprintf("%s: %s", s.Code(), s.Message())
}

// Status code returns the HTTP status code for the request's response error.
func (s *InternalErrorException) StatusCode() int {
	return s.RespMetadata.StatusCode
}

// RequestID returns the service's response RequestID for request.
func (s *InternalErrorException) RequestID() string {
	return s.RespMetadata.RequestID
}

// This exception is thrown when Amazon Cognito isn't allowed to use your email
// identity. HTTP status code: 400.
type InvalidEmailRoleAccessPolicyException struct {
	_            struct{}                  `type:"structure"`
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	// The message returned when you have an unverified email address or the identity
	// policy isn't set on an email address that Amazon Cognito can access.
	Message_ *string `locationName:"message" type:"string"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s InvalidEmailRoleAccessPolicyException) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s InvalidEmailRoleAccessPolicyException) GoString() string {
	return s.String()
}

func newErrorInvalidEmailRoleAccessPolicyException(v protocol.ResponseMetadata) error {
	return &InvalidEmailRoleAccessPolicyException{
		RespMetadata: v,
	}
}

// Code returns the exception type name.
func (s *InvalidEmailRoleAccessPolicyException) Code() string {
	return "InvalidEmailRoleAccessPolicyException"
}

// Message returns the exception's message.
func (s *InvalidEmailRoleAccessPolicyException) Message() string {
	if s.Message_ != nil {
		return *s.Message_
	}
	return ""
}

// OrigErr always returns nil, satisfies awserr.Error interface.
func (s *InvalidEmailRoleAccessPolicyException) OrigErr() error {
	return nil
}

func (s *InvalidEmailRoleAccessPolicyException) Error() string {
	return fmt.Sprintf("%s: %s", s.Code(), s.Message())
}

// Status code returns the HTTP status code for the request's response error.
func (s *InvalidEmailRoleAccessPolicyException) StatusCode() int {
	return s.RespMetadata.StatusCode
}

// RequestID returns the service's response RequestID for request.
func (s *InvalidEmailRoleAccessPolicyException) RequestID() string {
	return s.RespMetadata.RequestID
}

// This exception is thrown when Amazon Cognito encounters an invalid Lambda
// response.
type InvalidLambdaResponseException struct {
	_            struct{}                  `type:"structure"`
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	// The message returned when Amazon Cognito throws an invalid Lambda response
	// exception.
	Message_ *string `locationName:"message" type:"string"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s InvalidLambdaResponseException) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s InvalidLambdaResponseException) GoString() string {
	return s.String()
}

func newErrorInvalidLambdaResponseException(v protocol.ResponseMetadata) error {
	return &InvalidLambdaResponseException{
		RespMetadata: v,
	}
}

// Code returns the exception type name.
func (s *InvalidLambdaResponseException) Code() string {
	return "InvalidLambdaResponseException"
}

// Message returns the exception's message.
func (s *InvalidLambdaResponseException) Message() string {
	if s.Message_ != nil {
		return *s.Message_
	}
	return ""
}

// OrigErr always returns nil, satisfies awserr.Error interface.
func (s *InvalidLambdaResponseException) OrigErr() error {
	return nil
}

func (s *InvalidLambdaResponseException) Error() string {
	return fmt.Sprintf("%s: %s", s.Code(), s.Message())
}

// Status code returns the HTTP status code for the request's response error.
func (s *InvalidLambdaResponseException) StatusCode() int {
	return s.RespMetadata.StatusCode
}

// RequestID returns the service's response RequestID for request.
func (s *InvalidLambdaResponseException) RequestID() string {
	return s.RespMetadata.RequestID
}

// This exception is thrown when the specified OAuth flow is not valid.
type InvalidOAuthFlowException struct {
	_            struct{}                  `type:"structure"`
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	Message_ *string `locationName:"message" type:"string"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s InvalidOAuthFlowException) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s InvalidOAuthFlowException) GoString() string {
	return s.String()
}

func newErrorInvalidOAuthFlowException(v protocol.ResponseMetadata) error {
	return &InvalidOAuthFlowException{
		RespMetadata: v,
	}
}

// Code returns the exception type name.
func (s *InvalidOAuthFlowException) Code() string {
	return "InvalidOAuthFlowException"
}

// Message returns the exception's message.
func (s *InvalidOAuthFlowException) Message() string {
	if s.Message_ != nil {
		return *s.Message_
	}
	return ""
}

// OrigErr always returns nil, satisfies awserr.Error interface.
func (s *InvalidOAuthFlowException) OrigErr() error {
	return nil
}

func (s *InvalidOAuthFlowException) Error() string {
	return fmt.Sprintf("%s: %s", s.Code(), s.Message())
}

// Status code returns the HTTP status code for the request's response error.
func (s *InvalidOAuthFlowException) StatusCode() int {
	return s.RespMetadata.StatusCode
}

// RequestID returns the service's response RequestID for request.
func (s *InvalidOAuthFlowException) RequestID() string {
	return s.RespMetadata.RequestID
}

// This exception is thrown when the Amazon Cognito service encounters an invalid
// parameter.
type InvalidParameterException struct {
	_            struct{}                  `type:"structure"`
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	// The message returned when the Amazon Cognito service throws an invalid parameter
	// exception.
	Message_ *string `locationName:"message" type:"string"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s InvalidParameterException) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s InvalidParameterException) GoString() string {
	return s.String()
}

func newErrorInvalidParameterException(v protocol.ResponseMetadata) error {
	return &InvalidParameterException{
		RespMetadata: v,
	}
}

// Code returns the exception type name.
func (s *InvalidParameterException) Code() string {
	return "InvalidParameterException"
}

// Message returns the exception's message.
func (s *InvalidParameterException) Message() string {
	if s.Message_ != nil {
		return *s.Message_
	}
	return ""
}

// OrigErr always returns nil, satisfies awserr.Error interface.
func (s *InvalidParameterException) OrigErr() error {
	return nil
}

func (s *InvalidParameterException) Error() string {
	return fmt.Sprintf("%s: %s", s.Code(), s.Message())
}

// Status code returns the HTTP status code for the request's response error.
func (s *InvalidParameterException) StatusCode() int {
	return s.RespMetadata.StatusCode
}

// RequestID returns the service's response RequestID for request.
func (s *InvalidParameterException) RequestID() string {
	return s.RespMetadata.RequestID
}

// This exception is thrown when Amazon Cognito encounters an invalid password.
type InvalidPasswordException struct {
	_            struct{}                  `type:"structure"`
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	// The message returned when Amazon Cognito throws an invalid user password
	// exception.
	Message_ *string `locationName:"message" type:"string"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s InvalidPasswordException) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s InvalidPasswordException) GoString() string {
	return s.String()
}

func newErrorInvalidPasswordException(v protocol.ResponseMetadata) error {
	return &InvalidPasswordException{
		RespMetadata: v,
	}
}

// Code returns the exception type name.
func (s *InvalidPasswordException) Code() string {
	return "InvalidPasswordException"
}

// Message returns the exception's message.
func (s *InvalidPasswordException) Message() string {
	if s.Message_ != nil {
		return *s.Message_
	}
	return ""
}

// OrigErr always returns nil, satisfies awserr.Error interface.
func (s *InvalidPasswordException) OrigErr() error {
	return nil
}

func (s *InvalidPasswordException) Error() string {
	return fmt.Sprintf("%s: %s", s.Code(), s.Message())
}

// Status code returns the HTTP status code for the request's response error.
func (s *InvalidPasswordException) StatusCode() int {
	return s.RespMetadata.StatusCode
}

// RequestID returns the service's response RequestID for request.
func (s *InvalidPasswordException) RequestID() string {
	return s.RespMetadata.RequestID
}

// This exception is returned when the role provided for SMS configuration doesn't
// have permission to publish using Amazon SNS.
type InvalidSmsRoleAccessPolicyException struct {
	_            struct{}                  `type:"structure"`
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	// The message returned when the invalid SMS role access policy exception is
	// thrown.
	Message_ *string `locationName:"message" type:"string"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s InvalidSmsRoleAccessPolicyException) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s InvalidSmsRoleAccessPolicyException) GoString() string {
	return s.String()
}

func newErrorInvalidSmsRoleAccessPolicyException(v protocol.ResponseMetadata) error {
	return &InvalidSmsRoleAccessPolicyException{
		RespMetadata: v,
	}
}

// Code returns the exception type name.
func (s *InvalidSmsRoleAccessPolicyException) Code() string {
	return "InvalidSmsRoleAccessPolicyException"
}

// Message returns the exception's message.
func (s *InvalidSmsRoleAccessPolicyException) Message() string {
	if s.Message_ != nil {
		return *s.Message_
	}
	return ""
}

// OrigErr always returns nil, satisfies awserr.Error interface.
func (s *InvalidSmsRoleAccessPolicyException) OrigErr() error {
	return nil
}

func (s *InvalidSmsRoleAccessPolicyException) Error() string {
	return fmt.Sprintf("%s: %s", s.Code(), s.Message())
}

// Status code returns the HTTP status code for the request's response error.
func (s *InvalidSmsRoleAccessPolicyException) StatusCode() int {
	return s.RespMetadata.StatusCode
}

// RequestID returns the service's response RequestID for request.
func (s *InvalidSmsRoleAccessPolicyException) RequestID() string {
	return s.RespMetadata.RequestID
}

// This exception is thrown when the trust relationship is not valid for the
// role provided for SMS configuration. This can happen if you don't trust cognito-idp.amazonaws.com
// or the external ID provided in the role does not match what is provided in
// the SMS configuration for the user pool.
type InvalidSmsRoleTrustRelationshipException struct {
	_            struct{}                  `type:"structure"`
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	// The message returned when the role trust relationship for the SMS message
	// is not valid.
	Message_ *string `locationName:"message" type:"string"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s InvalidSmsRoleTrustRelationshipException) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s InvalidSmsRoleTrustRelationshipException) GoString() string {
	return s.String()
}

func newErrorInvalidSmsRoleTrustRelationshipException(v protocol.ResponseMetadata) error {
	return &InvalidSmsRoleTrustRelationshipException{
		RespMetadata: v,
	}
}

// Code returns the exception type name.
func (s *InvalidSmsRoleTrustRelationshipException) Code() string {
	return "InvalidSmsRoleTrustRelationshipException"
}

// Message returns the exception's message.
func (s *InvalidSmsRoleTrustRelationshipException) Message() string {
	if s.Message_ != nil {
		return *s.Message_
	}
	return ""
}

// OrigErr always returns nil, satisfies awserr.Error interface.
func (s *InvalidSmsRoleTrustRelationshipException) OrigErr() error {
	return nil
}

func (s *InvalidSmsRoleTrustRelationshipException) Error() string {
	return fmt.Sprintf("%s: %s", s.Code(), s.Message())
}

// Status code returns the HTTP status code for the request's response error.
func (s *InvalidSmsRoleTrustRelationshipException) StatusCode() int {
	return s.RespMetadata.StatusCode
}

// RequestID returns the service's response RequestID for request.
func (s *InvalidSmsRoleTrustRelationshipException) RequestID() string {
	return s.RespMetadata.RequestID
}

// This exception is thrown when the user pool configuration is not valid.
type InvalidUserPoolConfigurationException struct {
	_            struct{}                  `type:"structure"`
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	// The message returned when the user pool configuration is not valid.
	Message_ *string `locationName:"message" type:"string"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s InvalidUserPoolConfigurationException) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s InvalidUserPoolConfigurationException) GoString() string {
	return s.String()
}

func newErrorInvalidUserPoolConfigurationException(v protocol.ResponseMetadata) error {
	return &InvalidUserPoolConfigurationException{
		RespMetadata: v,
	}
}

// Code returns the exception type name.
func (s *InvalidUserPoolConfigurationException) Code() string {
	return "InvalidUserPoolConfigurationException"
}

// Message returns the exception's message.
func (s *InvalidUserPoolConfigurationException) Message() string {
	if s.Message_ != nil {
		return *s.Message_
	}
	return ""
}

// OrigErr always returns nil, satisfies awserr.Error interface.
func (s *InvalidUserPoolConfigurationException) OrigErr() error {
	return nil
}

func (s *InvalidUserPoolConfigurationException) Error() string {
	return fmt.Sprintf("%s: %s", s.Code(), s.Message())
}

// Status code returns the HTTP status code for the request's response error.
func (s *InvalidUserPoolConfigurationException) StatusCode() int {
	return s.RespMetadata.StatusCode
}

// RequestID returns the service's response RequestID for request.
func (s *InvalidUserPoolConfigurationException) RequestID() string {
	return s.RespMetadata.RequestID
}

// Specifies the configuration for Lambda triggers.
type LambdaConfigType struct {
	_ struct{} `type:"structure"`

	// Creates an authentication challenge.
	CreateAuthChallenge *string `min:"20" type:"string"`

	// A custom email sender Lambda trigger.
	CustomEmailSender *CustomEmailLambdaVersionConfigType `type:"structure"`

	// A custom Message Lambda trigger.
	CustomMessage *string `min:"20" type:"string"`

	// A custom SMS sender Lambda trigger.
	CustomSMSSender *CustomSMSLambdaVersionConfigType `type:"structure"`

	// Defines the authentication challenge.
	DefineAuthChallenge *string `min:"20" type:"string"`

	// The Amazon Resource Name (ARN) of an KMS key (/kms/latest/developerguide/concepts.html#master_keys).
	// Amazon Cognito uses the key to encrypt codes and temporary passwords sent
	// to CustomEmailSender and CustomSMSSender.
	KMSKeyID *string `min:"20" type:"string"`

	// A post-authentication Lambda trigger.
	PostAuthentication *string `min:"20" type:"string"`

	// A post-confirmation Lambda trigger.
	PostConfirmation *string `min:"20" type:"string"`

	// A pre-authentication Lambda trigger.
	PreAuthentication *string `min:"20" type:"string"`

	// A pre-registration Lambda trigger.
	PreSignUp *string `min:"20" type:"string"`

	// The Amazon Resource Name (ARN) of the function that you want to assign to
	// your Lambda trigger.
	//
	// Set this parameter for legacy purposes. If you also set an ARN in PreTokenGenerationConfig,
	// its value must be identical to PreTokenGeneration. For new instances of pre
	// token generation triggers, set the LambdaArn of PreTokenGenerationConfig.
	//
	// You can set
	PreTokenGeneration *string `min:"20" type:"string"`

	// The detailed configuration of a pre token generation trigger. If you also
	// set an ARN in PreTokenGeneration, its value must be identical to PreTokenGenerationConfig.
	PreTokenGenerationConfig *PreTokenGenerationVersionConfigType `type:"structure"`

	// The user migration Lambda config type.
	UserMigration *string `min:"20" type:"string"`

	// Verifies the authentication challenge response.
	VerifyAuthChallengeResponse *string `min:"20" type:"string"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s LambdaConfigType) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s LambdaConfigType) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *LambdaConfigType) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "LambdaConfigType"}
	if s.CreateAuthChallenge != nil && len(*s.CreateAuthChallenge) < 20 {
		invalidParams.Add(request.NewErrParamMinLen("CreateAuthChallenge", 20))
	}
	if s.CustomMessage != nil && len(*s.CustomMessage) < 20 {
		invalidParams.Add(request.NewErrParamMinLen("CustomMessage", 20))
	}
	if s.DefineAuthChallenge != nil && len(*s.DefineAuthChallenge) < 20 {
		invalidParams.Add(request.NewErrParamMinLen("DefineAuthChallenge", 20))
	}
	if s.KMSKeyID != nil && len(*s.KMSKeyID) < 20 {
		invalidParams.Add(request.NewErrParamMinLen("KMSKeyID", 20))
	}
	if s.PostAuthentication != nil && len(*s.PostAuthentication) < 20 {
		invalidParams.Add(request.NewErrParamMinLen("PostAuthentication", 20))
	}
	if s.PostConfirmation != nil && len(*s.PostConfirmation) < 20 {
		invalidParams.Add(request.NewErrParamMinLen("PostConfirmation", 20))
	}
	if s.PreAuthentication != nil && len(*s.PreAuthentication) < 20 {
		invalidParams.Add(request.NewErrParamMinLen("PreAuthentication", 20))
	}
	if s.PreSignUp != nil && len(*s.PreSignUp) < 20 {
		invalidParams.Add(request.NewErrParamMinLen("PreSignUp", 20))
	}
	if s.PreTokenGeneration != nil && len(*s.PreTokenGeneration) < 20 {
		invalidParams.Add(request.NewErrParamMinLen("PreTokenGeneration", 20))
	}
	if s.UserMigration != nil && len(*s.UserMigration) < 20 {
		invalidParams.Add(request.NewErrParamMinLen("UserMigration", 20))
	}
	if s.VerifyAuthChallengeResponse != nil && len(*s.VerifyAuthChallengeResponse) < 20 {
		invalidParams.Add(request.NewErrParamMinLen("VerifyAuthChallengeResponse", 20))
	}
	if s.CustomEmailSender != nil {
		if err := s.CustomEmailSender.Validate(); err != nil {
			invalidParams.AddNested("CustomEmailSender", err.(request.ErrInvalidParams))
		}
	}
	if s.CustomSMSSender != nil {
		if err := s.CustomSMSSender.Validate(); err != nil {
			invalidParams.AddNested("CustomSMSSender", err.(request.ErrInvalidParams))
		}
	}
	if s.PreTokenGenerationConfig != nil {
		if err := s.PreTokenGenerationConfig.Validate(); err != nil {
			invalidParams.AddNested("PreTokenGenerationConfig", err.(request.ErrInvalidParams))
		}
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetCreateAuthChallenge sets the CreateAuthChallenge field's value.
func (s *LambdaConfigType) SetCreateAuthChallenge(v string) *LambdaConfigType {
	s.CreateAuthChallenge = &v
	return s
}

// SetCustomEmailSender sets the CustomEmailSender field's value.
func (s *LambdaConfigType) SetCustomEmailSender(v *CustomEmailLambdaVersionConfigType) *LambdaConfigType {
	s.CustomEmailSender = v
	return s
}

// SetCustomMessage sets the CustomMessage field's value.
func (s *LambdaConfigType) SetCustomMessage(v string) *LambdaConfigType {
	s.CustomMessage = &v
	return s
}

// SetCustomSMSSender sets the CustomSMSSender field's value.
func (s *LambdaConfigType) SetCustomSMSSender(v *CustomSMSLambdaVersionConfigType) *LambdaConfigType {
	s.CustomSMSSender = v
	return s
}

// SetDefineAuthChallenge sets the DefineAuthChallenge field's value.
func (s *LambdaConfigType) SetDefineAuthChallenge(v string) *LambdaConfigType {
	s.DefineAuthChallenge = &v
	return s
}

// SetKMSKeyID sets the KMSKeyID field's value.
func (s *LambdaConfigType) SetKMSKeyID(v string) *LambdaConfigType {
	s.KMSKeyID = &v
	return s
}

// SetPostAuthentication sets the PostAuthentication field's value.
func (s *LambdaConfigType) SetPostAuthentication(v string) *LambdaConfigType {
	s.PostAuthentication = &v
	return s
}

// SetPostConfirmation sets the PostConfirmation field's value.
func (s *LambdaConfigType) SetPostConfirmation(v string) *LambdaConfigType {
	s.PostConfirmation = &v
	return s
}

// SetPreAuthentication sets the PreAuthentication field's value.
func (s *LambdaConfigType) SetPreAuthentication(v string) *LambdaConfigType {
	s.PreAuthentication = &v
	return s
}

// SetPreSignUp sets the PreSignUp field's value.
func (s *LambdaConfigType) SetPreSignUp(v string) *LambdaConfigType {
	s.PreSignUp = &v
	return s
}

// SetPreTokenGeneration sets the PreTokenGeneration field's value.
func (s *LambdaConfigType) SetPreTokenGeneration(v string) *LambdaConfigType {
	s.PreTokenGeneration = &v
	return s
}

// SetPreTokenGenerationConfig sets the PreTokenGenerationConfig field's value.
func (s *LambdaConfigType) SetPreTokenGenerationConfig(v *PreTokenGenerationVersionConfigType) *LambdaConfigType {
	s.PreTokenGenerationConfig = v
	return s
}

// SetUserMigration sets the UserMigration field's value.
func (s *LambdaConfigType) SetUserMigration(v string) *LambdaConfigType {
	s.UserMigration = &v
	return s
}

// SetVerifyAuthChallengeResponse sets the VerifyAuthChallengeResponse field's value.
func (s *LambdaConfigType) SetVerifyAuthChallengeResponse(v string) *LambdaConfigType {
	s.VerifyAuthChallengeResponse = &v
	return s
}

// This exception is thrown when a user exceeds the limit for a requested Amazon
// Web Services resource.
type LimitExceededException struct {
	_            struct{}                  `type:"structure"`
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	// The message returned when Amazon Cognito throws a limit exceeded exception.
	Message_ *string `locationName:"message" type:"string"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s LimitExceededException) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s LimitExceededException) GoString() string {
	return s.String()
}

func newErrorLimitExceededException(v protocol.ResponseMetadata) error {
	return &LimitExceededException{
		RespMetadata: v,
	}
}

// Code returns the exception type name.
func (s *LimitExceededException) Code() string {
	return "LimitExceededException"
}

// Message returns the exception's message.
func (s *LimitExceededException) Message() string {
	if s.Message_ != nil {
		return *s.Message_
	}
	return ""
}

// OrigErr always returns nil, satisfies awserr.Error interface.
func (s *LimitExceededException) OrigErr() error {
	return nil
}

func (s *LimitExceededException) Error() string {
	return fmt.Sprintf("%s: %s", s.Code(), s.Message())
}

// Status code returns the HTTP status code for the request's response error.
func (s *LimitExceededException) StatusCode() int {
	return s.RespMetadata.StatusCode
}

// RequestID returns the service's response RequestID for request.
func (s *LimitExceededException) RequestID() string {
	return s.RespMetadata.RequestID
}

// Represents the request to list the devices.
type ListDevicesInput struct {
	_ struct{} `type:"structure"`

	// A valid access token that Amazon Cognito issued to the user whose list of
	// devices you want to view.
	//
	// AccessToken is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by ListDevicesInput's
	// String and GoString methods.
	//
	// AccessToken is a required field
	AccessToken *string `type:"string" required:"true" sensitive:"true"`

	// The limit of the device request.
	Limit *int64 `type:"integer"`

	// This API operation returns a limited number of results. The pagination token
	// is an identifier that you can present in an additional API request with the
	// same parameters. When you include the pagination token, Amazon Cognito returns
	// the next set of items after the current list. Subsequent requests return
	// a new pagination token. By use of this token, you can paginate through the
	// full list of items.
	PaginationToken *string `min:"1" type:"string"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListDevicesInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListDevicesInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *ListDevicesInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "ListDevicesInput"}
	if s.AccessToken == nil {
		invalidParams.Add(request.NewErrParamRequired("AccessToken"))
	}
	if s.PaginationToken != nil && len(*s.PaginationToken) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("PaginationToken", 1))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetAccessToken sets the AccessToken field's value.
func (s *ListDevicesInput) SetAccessToken(v string) *ListDevicesInput {
	s.AccessToken = &v
	return s
}

// SetLimit sets the Limit field's value.
func (s *ListDevicesInput) SetLimit(v int64) *ListDevicesInput {
	s.Limit = &v
	return s
}

// SetPaginationToken sets the PaginationToken field's value.
func (s *ListDevicesInput) SetPaginationToken(v string) *ListDevicesInput {
	s.PaginationToken = &v
	return s
}

// Represents the response to list devices.
type ListDevicesOutput struct {
	_ struct{} `type:"structure"`

	// The devices returned in the list devices response.
	Devices []*DeviceType `type:"list"`

	// The identifier that Amazon Cognito returned with the previous request to
	// this operation. When you include a pagination token in your request, Amazon
	// Cognito returns the next set of items in the list. By use of this token,
	// you can paginate through the full list of items.
	PaginationToken *string `min:"1" type:"string"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListDevicesOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListDevicesOutput) GoString() string {
	return s.String()
}

// SetDevices sets the Devices field's value.
func (s *ListDevicesOutput) SetDevices(v []*DeviceType) *ListDevicesOutput {
	s.Devices = v
	return s
}

// SetPaginationToken sets the PaginationToken field's value.
func (s *ListDevicesOutput) SetPaginationToken(v string) *ListDevicesOutput {
	s.PaginationToken = &v
	return s
}

type ListGroupsInput struct {
	_ struct{} `type:"structure"`

	// The limit of the request to list groups.
	Limit *int64 `type:"integer"`

	// An identifier that was returned from the previous call to this operation,
	// which can be used to return the next set of items in the list.
	NextToken *string `min:"1" type:"string"`

	// The user pool ID for the user pool.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListGroupsInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListGroupsInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *ListGroupsInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "ListGroupsInput"}
	if s.NextToken != nil && len(*s.NextToken) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("NextToken", 1))
	}
	if s.UserPoolId == nil {
		invalidParams.Add(request.NewErrParamRequired("UserPoolId"))
	}
	if s.UserPoolId != nil && len(*s.UserPoolId) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("UserPoolId", 1))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetLimit sets the Limit field's value.
func (s *ListGroupsInput) SetLimit(v int64) *ListGroupsInput {
	s.Limit = &v
	return s
}

// SetNextToken sets the NextToken field's value.
func (s *ListGroupsInput) SetNextToken(v string) *ListGroupsInput {
	s.NextToken = &v
	return s
}

// SetUserPoolId sets the UserPoolId field's value.
func (s *ListGroupsInput) SetUserPoolId(v string) *ListGroupsInput {
	s.UserPoolId = &v
	return s
}

type ListGroupsOutput struct {
	_ struct{} `type:"structure"`

	// The group objects for the groups.
	Groups []*GroupType `type:"list"`

	// An identifier that was returned from the previous call to this operation,
	// which can be used to return the next set of items in the list.
	NextToken *string `min:"1" type:"string"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListGroupsOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListGroupsOutput) GoString() string {
	return s.String()
}

// SetGroups sets the Groups field's value.
func (s *ListGroupsOutput) SetGroups(v []*GroupType) *ListGroupsOutput {
	s.Groups = v
	return s
}

// SetNextToken sets the NextToken field's value.
func (s *ListGroupsOutput) SetNextToken(v string) *ListGroupsOutput {
	s.NextToken = &v
	return s
}

type ListIdentityProvidersInput struct {
	_ struct{} `type:"structure"`

	// The maximum number of IdPs to return.
	MaxResults *int64 `type:"integer"`

	// A pagination token.
	NextToken *string `min:"1" type:"string"`

	// The user pool ID.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListIdentityProvidersInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListIdentityProvidersInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *ListIdentityProvidersInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "ListIdentityProvidersInput"}
	if s.NextToken != nil && len(*s.NextToken) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("NextToken", 1))
	}
	if s.UserPoolId == nil {
		invalidParams.Add(request.NewErrParamRequired("UserPoolId"))
	}
	if s.UserPoolId != nil && len(*s.UserPoolId) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("UserPoolId", 1))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetMaxResults sets the MaxResults field's value.
func (s *ListIdentityProvidersInput) SetMaxResults(v int64) *ListIdentityProvidersInput {
	s.MaxResults = &v
	return s
}

// SetNextToken sets the NextToken field's value.
func (s *ListIdentityProvidersInput) SetNextToken(v string) *ListIdentityProvidersInput {
	s.NextToken = &v
	return s
}

// SetUserPoolId sets the UserPoolId field's value.
func (s *ListIdentityProvidersInput) SetUserPoolId(v string) *ListIdentityProvidersInput {
	s.UserPoolId = &v
	return s
}

type ListIdentityProvidersOutput struct {
	_ struct{} `type:"structure"`

	// A pagination token.
	NextToken *string `min:"1" type:"string"`

	// A list of IdP objects.
	//
	// Providers is a required field
	Providers []*ProviderDescription `type:"list" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListIdentityProvidersOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListIdentityProvidersOutput) GoString() string {
	return s.String()
}

// SetNextToken sets the NextToken field's value.
func (s *ListIdentityProvidersOutput) SetNextToken(v string) *ListIdentityProvidersOutput {
	s.NextToken = &v
	return s
}

// SetProviders sets the Providers field's value.
func (s *ListIdentityProvidersOutput) SetProviders(v []*ProviderDescription) *ListIdentityProvidersOutput {
	s.Providers = v
	return s
}

type ListResourceServersInput struct {
	_ struct{} `type:"structure"`

	// The maximum number of resource servers to return.
	MaxResults *int64 `min:"1" type:"integer"`

	// A pagination token.
	NextToken *string `min:"1" type:"string"`

	// The user pool ID for the user pool.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListResourceServersInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListResourceServersInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *ListResourceServersInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "ListResourceServersInput"}
	if s.MaxResults != nil && *s.MaxResults < 1 {
		invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1))
	}
	if s.NextToken != nil && len(*s.NextToken) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("NextToken", 1))
	}
	if s.UserPoolId == nil {
		invalidParams.Add(request.NewErrParamRequired("UserPoolId"))
	}
	if s.UserPoolId != nil && len(*s.UserPoolId) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("UserPoolId", 1))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetMaxResults sets the MaxResults field's value.
func (s *ListResourceServersInput) SetMaxResults(v int64) *ListResourceServersInput {
	s.MaxResults = &v
	return s
}

// SetNextToken sets the NextToken field's value.
func (s *ListResourceServersInput) SetNextToken(v string) *ListResourceServersInput {
	s.NextToken = &v
	return s
}

// SetUserPoolId sets the UserPoolId field's value.
func (s *ListResourceServersInput) SetUserPoolId(v string) *ListResourceServersInput {
	s.UserPoolId = &v
	return s
}

type ListResourceServersOutput struct {
	_ struct{} `type:"structure"`

	// A pagination token.
	NextToken *string `min:"1" type:"string"`

	// The resource servers.
	//
	// ResourceServers is a required field
	ResourceServers []*ResourceServerType `type:"list" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListResourceServersOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListResourceServersOutput) GoString() string {
	return s.String()
}

// SetNextToken sets the NextToken field's value.
func (s *ListResourceServersOutput) SetNextToken(v string) *ListResourceServersOutput {
	s.NextToken = &v
	return s
}

// SetResourceServers sets the ResourceServers field's value.
func (s *ListResourceServersOutput) SetResourceServers(v []*ResourceServerType) *ListResourceServersOutput {
	s.ResourceServers = v
	return s
}

type ListTagsForResourceInput struct {
	_ struct{} `type:"structure"`

	// The Amazon Resource Name (ARN) of the user pool that the tags are assigned
	// to.
	//
	// ResourceArn is a required field
	ResourceArn *string `min:"20" type:"string" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListTagsForResourceInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListTagsForResourceInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *ListTagsForResourceInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "ListTagsForResourceInput"}
	if s.ResourceArn == nil {
		invalidParams.Add(request.NewErrParamRequired("ResourceArn"))
	}
	if s.ResourceArn != nil && len(*s.ResourceArn) < 20 {
		invalidParams.Add(request.NewErrParamMinLen("ResourceArn", 20))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetResourceArn sets the ResourceArn field's value.
func (s *ListTagsForResourceInput) SetResourceArn(v string) *ListTagsForResourceInput {
	s.ResourceArn = &v
	return s
}

type ListTagsForResourceOutput struct {
	_ struct{} `type:"structure"`

	// The tags that are assigned to the user pool.
	Tags map[string]*string `type:"map"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListTagsForResourceOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListTagsForResourceOutput) GoString() string {
	return s.String()
}

// SetTags sets the Tags field's value.
func (s *ListTagsForResourceOutput) SetTags(v map[string]*string) *ListTagsForResourceOutput {
	s.Tags = v
	return s
}

// Represents the request to list the user import jobs.
type ListUserImportJobsInput struct {
	_ struct{} `type:"structure"`

	// The maximum number of import jobs you want the request to return.
	//
	// MaxResults is a required field
	MaxResults *int64 `min:"1" type:"integer" required:"true"`

	// This API operation returns a limited number of results. The pagination token
	// is an identifier that you can present in an additional API request with the
	// same parameters. When you include the pagination token, Amazon Cognito returns
	// the next set of items after the current list. Subsequent requests return
	// a new pagination token. By use of this token, you can paginate through the
	// full list of items.
	PaginationToken *string `min:"1" type:"string"`

	// The user pool ID for the user pool that the users are being imported into.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListUserImportJobsInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListUserImportJobsInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *ListUserImportJobsInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "ListUserImportJobsInput"}
	if s.MaxResults == nil {
		invalidParams.Add(request.NewErrParamRequired("MaxResults"))
	}
	if s.MaxResults != nil && *s.MaxResults < 1 {
		invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1))
	}
	if s.PaginationToken != nil && len(*s.PaginationToken) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("PaginationToken", 1))
	}
	if s.UserPoolId == nil {
		invalidParams.Add(request.NewErrParamRequired("UserPoolId"))
	}
	if s.UserPoolId != nil && len(*s.UserPoolId) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("UserPoolId", 1))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetMaxResults sets the MaxResults field's value.
func (s *ListUserImportJobsInput) SetMaxResults(v int64) *ListUserImportJobsInput {
	s.MaxResults = &v
	return s
}

// SetPaginationToken sets the PaginationToken field's value.
func (s *ListUserImportJobsInput) SetPaginationToken(v string) *ListUserImportJobsInput {
	s.PaginationToken = &v
	return s
}

// SetUserPoolId sets the UserPoolId field's value.
func (s *ListUserImportJobsInput) SetUserPoolId(v string) *ListUserImportJobsInput {
	s.UserPoolId = &v
	return s
}

// Represents the response from the server to the request to list the user import
// jobs.
type ListUserImportJobsOutput struct {
	_ struct{} `type:"structure"`

	// The identifier that Amazon Cognito returned with the previous request to
	// this operation. When you include a pagination token in your request, Amazon
	// Cognito returns the next set of items in the list. By use of this token,
	// you can paginate through the full list of items.
	PaginationToken *string `min:"1" type:"string"`

	// The user import jobs.
	UserImportJobs []*UserImportJobType `min:"1" type:"list"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListUserImportJobsOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListUserImportJobsOutput) GoString() string {
	return s.String()
}

// SetPaginationToken sets the PaginationToken field's value.
func (s *ListUserImportJobsOutput) SetPaginationToken(v string) *ListUserImportJobsOutput {
	s.PaginationToken = &v
	return s
}

// SetUserImportJobs sets the UserImportJobs field's value.
func (s *ListUserImportJobsOutput) SetUserImportJobs(v []*UserImportJobType) *ListUserImportJobsOutput {
	s.UserImportJobs = v
	return s
}

// Represents the request to list the user pool clients.
type ListUserPoolClientsInput struct {
	_ struct{} `type:"structure"`

	// The maximum number of results you want the request to return when listing
	// the user pool clients.
	MaxResults *int64 `min:"1" type:"integer"`

	// An identifier that was returned from the previous call to this operation,
	// which can be used to return the next set of items in the list.
	NextToken *string `min:"1" type:"string"`

	// The user pool ID for the user pool where you want to list user pool clients.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListUserPoolClientsInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListUserPoolClientsInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *ListUserPoolClientsInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "ListUserPoolClientsInput"}
	if s.MaxResults != nil && *s.MaxResults < 1 {
		invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1))
	}
	if s.NextToken != nil && len(*s.NextToken) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("NextToken", 1))
	}
	if s.UserPoolId == nil {
		invalidParams.Add(request.NewErrParamRequired("UserPoolId"))
	}
	if s.UserPoolId != nil && len(*s.UserPoolId) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("UserPoolId", 1))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetMaxResults sets the MaxResults field's value.
func (s *ListUserPoolClientsInput) SetMaxResults(v int64) *ListUserPoolClientsInput {
	s.MaxResults = &v
	return s
}

// SetNextToken sets the NextToken field's value.
func (s *ListUserPoolClientsInput) SetNextToken(v string) *ListUserPoolClientsInput {
	s.NextToken = &v
	return s
}

// SetUserPoolId sets the UserPoolId field's value.
func (s *ListUserPoolClientsInput) SetUserPoolId(v string) *ListUserPoolClientsInput {
	s.UserPoolId = &v
	return s
}

// Represents the response from the server that lists user pool clients.
type ListUserPoolClientsOutput struct {
	_ struct{} `type:"structure"`

	// An identifier that was returned from the previous call to this operation,
	// which can be used to return the next set of items in the list.
	NextToken *string `min:"1" type:"string"`

	// The user pool clients in the response that lists user pool clients.
	UserPoolClients []*UserPoolClientDescription `type:"list"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListUserPoolClientsOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListUserPoolClientsOutput) GoString() string {
	return s.String()
}

// SetNextToken sets the NextToken field's value.
func (s *ListUserPoolClientsOutput) SetNextToken(v string) *ListUserPoolClientsOutput {
	s.NextToken = &v
	return s
}

// SetUserPoolClients sets the UserPoolClients field's value.
func (s *ListUserPoolClientsOutput) SetUserPoolClients(v []*UserPoolClientDescription) *ListUserPoolClientsOutput {
	s.UserPoolClients = v
	return s
}

// Represents the request to list user pools.
type ListUserPoolsInput struct {
	_ struct{} `type:"structure"`

	// The maximum number of results you want the request to return when listing
	// the user pools.
	//
	// MaxResults is a required field
	MaxResults *int64 `min:"1" type:"integer" required:"true"`

	// An identifier that was returned from the previous call to this operation,
	// which can be used to return the next set of items in the list.
	NextToken *string `min:"1" type:"string"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListUserPoolsInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListUserPoolsInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *ListUserPoolsInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "ListUserPoolsInput"}
	if s.MaxResults == nil {
		invalidParams.Add(request.NewErrParamRequired("MaxResults"))
	}
	if s.MaxResults != nil && *s.MaxResults < 1 {
		invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1))
	}
	if s.NextToken != nil && len(*s.NextToken) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("NextToken", 1))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetMaxResults sets the MaxResults field's value.
func (s *ListUserPoolsInput) SetMaxResults(v int64) *ListUserPoolsInput {
	s.MaxResults = &v
	return s
}

// SetNextToken sets the NextToken field's value.
func (s *ListUserPoolsInput) SetNextToken(v string) *ListUserPoolsInput {
	s.NextToken = &v
	return s
}

// Represents the response to list user pools.
type ListUserPoolsOutput struct {
	_ struct{} `type:"structure"`

	// An identifier that was returned from the previous call to this operation,
	// which can be used to return the next set of items in the list.
	NextToken *string `min:"1" type:"string"`

	// The user pools from the response to list users.
	UserPools []*UserPoolDescriptionType `type:"list"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListUserPoolsOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListUserPoolsOutput) GoString() string {
	return s.String()
}

// SetNextToken sets the NextToken field's value.
func (s *ListUserPoolsOutput) SetNextToken(v string) *ListUserPoolsOutput {
	s.NextToken = &v
	return s
}

// SetUserPools sets the UserPools field's value.
func (s *ListUserPoolsOutput) SetUserPools(v []*UserPoolDescriptionType) *ListUserPoolsOutput {
	s.UserPools = v
	return s
}

type ListUsersInGroupInput struct {
	_ struct{} `type:"structure"`

	// The name of the group.
	//
	// GroupName is a required field
	GroupName *string `min:"1" type:"string" required:"true"`

	// The maximum number of users that you want to retrieve before pagination.
	Limit *int64 `type:"integer"`

	// An identifier that was returned from the previous call to this operation,
	// which can be used to return the next set of items in the list.
	NextToken *string `min:"1" type:"string"`

	// The user pool ID for the user pool.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListUsersInGroupInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListUsersInGroupInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *ListUsersInGroupInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "ListUsersInGroupInput"}
	if s.GroupName == nil {
		invalidParams.Add(request.NewErrParamRequired("GroupName"))
	}
	if s.GroupName != nil && len(*s.GroupName) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("GroupName", 1))
	}
	if s.NextToken != nil && len(*s.NextToken) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("NextToken", 1))
	}
	if s.UserPoolId == nil {
		invalidParams.Add(request.NewErrParamRequired("UserPoolId"))
	}
	if s.UserPoolId != nil && len(*s.UserPoolId) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("UserPoolId", 1))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetGroupName sets the GroupName field's value.
func (s *ListUsersInGroupInput) SetGroupName(v string) *ListUsersInGroupInput {
	s.GroupName = &v
	return s
}

// SetLimit sets the Limit field's value.
func (s *ListUsersInGroupInput) SetLimit(v int64) *ListUsersInGroupInput {
	s.Limit = &v
	return s
}

// SetNextToken sets the NextToken field's value.
func (s *ListUsersInGroupInput) SetNextToken(v string) *ListUsersInGroupInput {
	s.NextToken = &v
	return s
}

// SetUserPoolId sets the UserPoolId field's value.
func (s *ListUsersInGroupInput) SetUserPoolId(v string) *ListUsersInGroupInput {
	s.UserPoolId = &v
	return s
}

type ListUsersInGroupOutput struct {
	_ struct{} `type:"structure"`

	// An identifier that you can use in a later request to return the next set
	// of items in the list.
	NextToken *string `min:"1" type:"string"`

	// A list of users in the group, and their attributes.
	Users []*UserType `type:"list"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListUsersInGroupOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListUsersInGroupOutput) GoString() string {
	return s.String()
}

// SetNextToken sets the NextToken field's value.
func (s *ListUsersInGroupOutput) SetNextToken(v string) *ListUsersInGroupOutput {
	s.NextToken = &v
	return s
}

// SetUsers sets the Users field's value.
func (s *ListUsersInGroupOutput) SetUsers(v []*UserType) *ListUsersInGroupOutput {
	s.Users = v
	return s
}

// Represents the request to list users.
type ListUsersInput struct {
	_ struct{} `type:"structure"`

	// A JSON array of user attribute names, for example given_name, that you want
	// Amazon Cognito to include in the response for each user. When you don't provide
	// an AttributesToGet parameter, Amazon Cognito returns all attributes for each
	// user.
	//
	// Use AttributesToGet with required attributes in your user pool, or in conjunction
	// with Filter. Amazon Cognito returns an error if not all users in the results
	// have set a value for the attribute you request. Attributes that you can't
	// filter on, including custom attributes, must have a value set in every user
	// profile before an AttributesToGet parameter returns results.
	AttributesToGet []*string `type:"list"`

	// A filter string of the form "AttributeName Filter-Type "AttributeValue"".
	// Quotation marks within the filter string must be escaped using the backslash
	// (\) character. For example, "family_name = \"Reddy\"".
	//
	//    * AttributeName: The name of the attribute to search for. You can only
	//    search for one attribute at a time.
	//
	//    * Filter-Type: For an exact match, use =, for example, "given_name = \"Jon\"".
	//    For a prefix ("starts with") match, use ^=, for example, "given_name ^=
	//    \"Jon\"".
	//
	//    * AttributeValue: The attribute value that must be matched for each user.
	//
	// If the filter string is empty, ListUsers returns all users in the user pool.
	//
	// You can only search for the following standard attributes:
	//
	//    * username (case-sensitive)
	//
	//    * email
	//
	//    * phone_number
	//
	//    * name
	//
	//    * given_name
	//
	//    * family_name
	//
	//    * preferred_username
	//
	//    * cognito:user_status (called Status in the Console) (case-insensitive)
	//
	//    * status (called Enabled in the Console) (case-sensitive)
	//
	//    * sub
	//
	// Custom attributes aren't searchable.
	//
	// You can also list users with a client-side filter. The server-side filter
	// matches no more than one attribute. For an advanced search, use a client-side
	// filter with the --query parameter of the list-users action in the CLI. When
	// you use a client-side filter, ListUsers returns a paginated list of zero
	// or more users. You can receive multiple pages in a row with zero results.
	// Repeat the query with each pagination token that is returned until you receive
	// a null pagination token value, and then review the combined result.
	//
	// For more information about server-side and client-side filtering, see FilteringCLI
	// output (https://docs.aws.amazon.com/cli/latest/userguide/cli-usage-filter.html)
	// in the Command Line Interface User Guide (https://docs.aws.amazon.com/cli/latest/userguide/cli-usage-filter.html).
	//
	// For more information, see Searching for Users Using the ListUsers API (https://docs.aws.amazon.com/cognito/latest/developerguide/how-to-manage-user-accounts.html#cognito-user-pools-searching-for-users-using-listusers-api)
	// and Examples of Using the ListUsers API (https://docs.aws.amazon.com/cognito/latest/developerguide/how-to-manage-user-accounts.html#cognito-user-pools-searching-for-users-listusers-api-examples)
	// in the Amazon Cognito Developer Guide.
	Filter *string `type:"string"`

	// Maximum number of users to be returned.
	Limit *int64 `type:"integer"`

	// This API operation returns a limited number of results. The pagination token
	// is an identifier that you can present in an additional API request with the
	// same parameters. When you include the pagination token, Amazon Cognito returns
	// the next set of items after the current list. Subsequent requests return
	// a new pagination token. By use of this token, you can paginate through the
	// full list of items.
	PaginationToken *string `min:"1" type:"string"`

	// The user pool ID for the user pool on which the search should be performed.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListUsersInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListUsersInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *ListUsersInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "ListUsersInput"}
	if s.PaginationToken != nil && len(*s.PaginationToken) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("PaginationToken", 1))
	}
	if s.UserPoolId == nil {
		invalidParams.Add(request.NewErrParamRequired("UserPoolId"))
	}
	if s.UserPoolId != nil && len(*s.UserPoolId) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("UserPoolId", 1))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetAttributesToGet sets the AttributesToGet field's value.
func (s *ListUsersInput) SetAttributesToGet(v []*string) *ListUsersInput {
	s.AttributesToGet = v
	return s
}

// SetFilter sets the Filter field's value.
func (s *ListUsersInput) SetFilter(v string) *ListUsersInput {
	s.Filter = &v
	return s
}

// SetLimit sets the Limit field's value.
func (s *ListUsersInput) SetLimit(v int64) *ListUsersInput {
	s.Limit = &v
	return s
}

// SetPaginationToken sets the PaginationToken field's value.
func (s *ListUsersInput) SetPaginationToken(v string) *ListUsersInput {
	s.PaginationToken = &v
	return s
}

// SetUserPoolId sets the UserPoolId field's value.
func (s *ListUsersInput) SetUserPoolId(v string) *ListUsersInput {
	s.UserPoolId = &v
	return s
}

// The response from the request to list users.
type ListUsersOutput struct {
	_ struct{} `type:"structure"`

	// The identifier that Amazon Cognito returned with the previous request to
	// this operation. When you include a pagination token in your request, Amazon
	// Cognito returns the next set of items in the list. By use of this token,
	// you can paginate through the full list of items.
	PaginationToken *string `min:"1" type:"string"`

	// A list of the user pool users, and their attributes, that match your query.
	//
	// Amazon Cognito creates a profile in your user pool for each native user in
	// your user pool, and each unique user ID from your third-party identity providers
	// (IdPs). When you link users with the AdminLinkProviderForUser (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminLinkProviderForUser.html)
	// API operation, the output of ListUsers displays both the IdP user and the
	// native user that you linked. You can identify IdP users in the Users object
	// of this API response by the IdP prefix that Amazon Cognito appends to Username.
	Users []*UserType `type:"list"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListUsersOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListUsersOutput) GoString() string {
	return s.String()
}

// SetPaginationToken sets the PaginationToken field's value.
func (s *ListUsersOutput) SetPaginationToken(v string) *ListUsersOutput {
	s.PaginationToken = &v
	return s
}

// SetUsers sets the Users field's value.
func (s *ListUsersOutput) SetUsers(v []*UserType) *ListUsersOutput {
	s.Users = v
	return s
}

// The logging parameters of a user pool.
type LogConfigurationType struct {
	_ struct{} `type:"structure"`

	// The CloudWatch logging destination of a user pool.
	CloudWatchLogsConfiguration *CloudWatchLogsConfigurationType `type:"structure"`

	// The source of events that your user pool sends for detailed activity logging.
	//
	// EventSource is a required field
	EventSource *string `type:"string" required:"true" enum:"EventSourceName"`

	// The errorlevel selection of logs that a user pool sends for detailed activity
	// logging.
	//
	// LogLevel is a required field
	LogLevel *string `type:"string" required:"true" enum:"LogLevel"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s LogConfigurationType) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s LogConfigurationType) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *LogConfigurationType) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "LogConfigurationType"}
	if s.EventSource == nil {
		invalidParams.Add(request.NewErrParamRequired("EventSource"))
	}
	if s.LogLevel == nil {
		invalidParams.Add(request.NewErrParamRequired("LogLevel"))
	}
	if s.CloudWatchLogsConfiguration != nil {
		if err := s.CloudWatchLogsConfiguration.Validate(); err != nil {
			invalidParams.AddNested("CloudWatchLogsConfiguration", err.(request.ErrInvalidParams))
		}
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetCloudWatchLogsConfiguration sets the CloudWatchLogsConfiguration field's value.
func (s *LogConfigurationType) SetCloudWatchLogsConfiguration(v *CloudWatchLogsConfigurationType) *LogConfigurationType {
	s.CloudWatchLogsConfiguration = v
	return s
}

// SetEventSource sets the EventSource field's value.
func (s *LogConfigurationType) SetEventSource(v string) *LogConfigurationType {
	s.EventSource = &v
	return s
}

// SetLogLevel sets the LogLevel field's value.
func (s *LogConfigurationType) SetLogLevel(v string) *LogConfigurationType {
	s.LogLevel = &v
	return s
}

// The logging parameters of a user pool.
type LogDeliveryConfigurationType struct {
	_ struct{} `type:"structure"`

	// The detailed activity logging destination of a user pool.
	//
	// LogConfigurations is a required field
	LogConfigurations []*LogConfigurationType `type:"list" required:"true"`

	// The ID of the user pool where you configured detailed activity logging.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s LogDeliveryConfigurationType) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s LogDeliveryConfigurationType) GoString() string {
	return s.String()
}

// SetLogConfigurations sets the LogConfigurations field's value.
func (s *LogDeliveryConfigurationType) SetLogConfigurations(v []*LogConfigurationType) *LogDeliveryConfigurationType {
	s.LogConfigurations = v
	return s
}

// SetUserPoolId sets the UserPoolId field's value.
func (s *LogDeliveryConfigurationType) SetUserPoolId(v string) *LogDeliveryConfigurationType {
	s.UserPoolId = &v
	return s
}

// This exception is thrown when Amazon Cognito can't find a multi-factor authentication
// (MFA) method.
type MFAMethodNotFoundException struct {
	_            struct{}                  `type:"structure"`
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	// The message returned when Amazon Cognito throws an MFA method not found exception.
	Message_ *string `locationName:"message" type:"string"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s MFAMethodNotFoundException) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s MFAMethodNotFoundException) GoString() string {
	return s.String()
}

func newErrorMFAMethodNotFoundException(v protocol.ResponseMetadata) error {
	return &MFAMethodNotFoundException{
		RespMetadata: v,
	}
}

// Code returns the exception type name.
func (s *MFAMethodNotFoundException) Code() string {
	return "MFAMethodNotFoundException"
}

// Message returns the exception's message.
func (s *MFAMethodNotFoundException) Message() string {
	if s.Message_ != nil {
		return *s.Message_
	}
	return ""
}

// OrigErr always returns nil, satisfies awserr.Error interface.
func (s *MFAMethodNotFoundException) OrigErr() error {
	return nil
}

func (s *MFAMethodNotFoundException) Error() string {
	return fmt.Sprintf("%s: %s", s.Code(), s.Message())
}

// Status code returns the HTTP status code for the request's response error.
func (s *MFAMethodNotFoundException) StatusCode() int {
	return s.RespMetadata.StatusCode
}

// RequestID returns the service's response RequestID for request.
func (s *MFAMethodNotFoundException) RequestID() string {
	return s.RespMetadata.RequestID
}

// This data type is no longer supported. Applies only to SMS multi-factor authentication
// (MFA) configurations. Does not apply to time-based one-time password (TOTP)
// software token MFA configurations.
type MFAOptionType struct {
	_ struct{} `type:"structure"`

	// The attribute name of the MFA option type. The only valid value is phone_number.
	AttributeName *string `min:"1" type:"string"`

	// The delivery medium to send the MFA code. You can use this parameter to set
	// only the SMS delivery medium value.
	DeliveryMedium *string `type:"string" enum:"DeliveryMediumType"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s MFAOptionType) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s MFAOptionType) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *MFAOptionType) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "MFAOptionType"}
	if s.AttributeName != nil && len(*s.AttributeName) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("AttributeName", 1))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetAttributeName sets the AttributeName field's value.
func (s *MFAOptionType) SetAttributeName(v string) *MFAOptionType {
	s.AttributeName = &v
	return s
}

// SetDeliveryMedium sets the DeliveryMedium field's value.
func (s *MFAOptionType) SetDeliveryMedium(v string) *MFAOptionType {
	s.DeliveryMedium = &v
	return s
}

// The message template structure.
type MessageTemplateType struct {
	_ struct{} `type:"structure"`

	// The message template for email messages. EmailMessage is allowed only if
	// EmailSendingAccount (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount)
	// is DEVELOPER.
	EmailMessage *string `min:"6" type:"string"`

	// The subject line for email messages. EmailSubject is allowed only if EmailSendingAccount
	// (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount)
	// is DEVELOPER.
	EmailSubject *string `min:"1" type:"string"`

	// The message template for SMS messages.
	SMSMessage *string `min:"6" type:"string"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s MessageTemplateType) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s MessageTemplateType) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *MessageTemplateType) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "MessageTemplateType"}
	if s.EmailMessage != nil && len(*s.EmailMessage) < 6 {
		invalidParams.Add(request.NewErrParamMinLen("EmailMessage", 6))
	}
	if s.EmailSubject != nil && len(*s.EmailSubject) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("EmailSubject", 1))
	}
	if s.SMSMessage != nil && len(*s.SMSMessage) < 6 {
		invalidParams.Add(request.NewErrParamMinLen("SMSMessage", 6))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetEmailMessage sets the EmailMessage field's value.
func (s *MessageTemplateType) SetEmailMessage(v string) *MessageTemplateType {
	s.EmailMessage = &v
	return s
}

// SetEmailSubject sets the EmailSubject field's value.
func (s *MessageTemplateType) SetEmailSubject(v string) *MessageTemplateType {
	s.EmailSubject = &v
	return s
}

// SetSMSMessage sets the SMSMessage field's value.
func (s *MessageTemplateType) SetSMSMessage(v string) *MessageTemplateType {
	s.SMSMessage = &v
	return s
}

// The new device metadata type.
type NewDeviceMetadataType struct {
	_ struct{} `type:"structure"`

	// The device group key.
	DeviceGroupKey *string `type:"string"`

	// The device key.
	DeviceKey *string `min:"1" type:"string"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s NewDeviceMetadataType) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s NewDeviceMetadataType) GoString() string {
	return s.String()
}

// SetDeviceGroupKey sets the DeviceGroupKey field's value.
func (s *NewDeviceMetadataType) SetDeviceGroupKey(v string) *NewDeviceMetadataType {
	s.DeviceGroupKey = &v
	return s
}

// SetDeviceKey sets the DeviceKey field's value.
func (s *NewDeviceMetadataType) SetDeviceKey(v string) *NewDeviceMetadataType {
	s.DeviceKey = &v
	return s
}

// This exception is thrown when a user isn't authorized.
type NotAuthorizedException struct {
	_            struct{}                  `type:"structure"`
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	// The message returned when the Amazon Cognito service returns a not authorized
	// exception.
	Message_ *string `locationName:"message" type:"string"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s NotAuthorizedException) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s NotAuthorizedException) GoString() string {
	return s.String()
}

func newErrorNotAuthorizedException(v protocol.ResponseMetadata) error {
	return &NotAuthorizedException{
		RespMetadata: v,
	}
}

// Code returns the exception type name.
func (s *NotAuthorizedException) Code() string {
	return "NotAuthorizedException"
}

// Message returns the exception's message.
func (s *NotAuthorizedException) Message() string {
	if s.Message_ != nil {
		return *s.Message_
	}
	return ""
}

// OrigErr always returns nil, satisfies awserr.Error interface.
func (s *NotAuthorizedException) OrigErr() error {
	return nil
}

func (s *NotAuthorizedException) Error() string {
	return fmt.Sprintf("%s: %s", s.Code(), s.Message())
}

// Status code returns the HTTP status code for the request's response error.
func (s *NotAuthorizedException) StatusCode() int {
	return s.RespMetadata.StatusCode
}

// RequestID returns the service's response RequestID for request.
func (s *NotAuthorizedException) RequestID() string {
	return s.RespMetadata.RequestID
}

// The notify configuration type.
type NotifyConfigurationType struct {
	_ struct{} `type:"structure"`

	// Email template used when a detected risk event is blocked.
	BlockEmail *NotifyEmailType `type:"structure"`

	// The email address that is sending the email. The address must be either individually
	// verified with Amazon Simple Email Service, or from a domain that has been
	// verified with Amazon SES.
	From *string `type:"string"`

	// The multi-factor authentication (MFA) email template used when MFA is challenged
	// as part of a detected risk.
	MfaEmail *NotifyEmailType `type:"structure"`

	// The email template used when a detected risk event is allowed.
	NoActionEmail *NotifyEmailType `type:"structure"`

	// The destination to which the receiver of an email should reply to.
	ReplyTo *string `type:"string"`

	// The Amazon Resource Name (ARN) of the identity that is associated with the
	// sending authorization policy. This identity permits Amazon Cognito to send
	// for the email address specified in the From parameter.
	//
	// SourceArn is a required field
	SourceArn *string `min:"20" type:"string" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s NotifyConfigurationType) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s NotifyConfigurationType) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *NotifyConfigurationType) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "NotifyConfigurationType"}
	if s.SourceArn == nil {
		invalidParams.Add(request.NewErrParamRequired("SourceArn"))
	}
	if s.SourceArn != nil && len(*s.SourceArn) < 20 {
		invalidParams.Add(request.NewErrParamMinLen("SourceArn", 20))
	}
	if s.BlockEmail != nil {
		if err := s.BlockEmail.Validate(); err != nil {
			invalidParams.AddNested("BlockEmail", err.(request.ErrInvalidParams))
		}
	}
	if s.MfaEmail != nil {
		if err := s.MfaEmail.Validate(); err != nil {
			invalidParams.AddNested("MfaEmail", err.(request.ErrInvalidParams))
		}
	}
	if s.NoActionEmail != nil {
		if err := s.NoActionEmail.Validate(); err != nil {
			invalidParams.AddNested("NoActionEmail", err.(request.ErrInvalidParams))
		}
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetBlockEmail sets the BlockEmail field's value.
func (s *NotifyConfigurationType) SetBlockEmail(v *NotifyEmailType) *NotifyConfigurationType {
	s.BlockEmail = v
	return s
}

// SetFrom sets the From field's value.
func (s *NotifyConfigurationType) SetFrom(v string) *NotifyConfigurationType {
	s.From = &v
	return s
}

// SetMfaEmail sets the MfaEmail field's value.
func (s *NotifyConfigurationType) SetMfaEmail(v *NotifyEmailType) *NotifyConfigurationType {
	s.MfaEmail = v
	return s
}

// SetNoActionEmail sets the NoActionEmail field's value.
func (s *NotifyConfigurationType) SetNoActionEmail(v *NotifyEmailType) *NotifyConfigurationType {
	s.NoActionEmail = v
	return s
}

// SetReplyTo sets the ReplyTo field's value.
func (s *NotifyConfigurationType) SetReplyTo(v string) *NotifyConfigurationType {
	s.ReplyTo = &v
	return s
}

// SetSourceArn sets the SourceArn field's value.
func (s *NotifyConfigurationType) SetSourceArn(v string) *NotifyConfigurationType {
	s.SourceArn = &v
	return s
}

// The notify email type.
type NotifyEmailType struct {
	_ struct{} `type:"structure"`

	// The email HTML body.
	HtmlBody *string `min:"6" type:"string"`

	// The email subject.
	//
	// Subject is a required field
	Subject *string `min:"1" type:"string" required:"true"`

	// The email text body.
	TextBody *string `min:"6" type:"string"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s NotifyEmailType) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s NotifyEmailType) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *NotifyEmailType) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "NotifyEmailType"}
	if s.HtmlBody != nil && len(*s.HtmlBody) < 6 {
		invalidParams.Add(request.NewErrParamMinLen("HtmlBody", 6))
	}
	if s.Subject == nil {
		invalidParams.Add(request.NewErrParamRequired("Subject"))
	}
	if s.Subject != nil && len(*s.Subject) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("Subject", 1))
	}
	if s.TextBody != nil && len(*s.TextBody) < 6 {
		invalidParams.Add(request.NewErrParamMinLen("TextBody", 6))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetHtmlBody sets the HtmlBody field's value.
func (s *NotifyEmailType) SetHtmlBody(v string) *NotifyEmailType {
	s.HtmlBody = &v
	return s
}

// SetSubject sets the Subject field's value.
func (s *NotifyEmailType) SetSubject(v string) *NotifyEmailType {
	s.Subject = &v
	return s
}

// SetTextBody sets the TextBody field's value.
func (s *NotifyEmailType) SetTextBody(v string) *NotifyEmailType {
	s.TextBody = &v
	return s
}

// The minimum and maximum values of an attribute that is of the number data
// type.
type NumberAttributeConstraintsType struct {
	_ struct{} `type:"structure"`

	// The maximum value of an attribute that is of the number data type.
	MaxValue *string `type:"string"`

	// The minimum value of an attribute that is of the number data type.
	MinValue *string `type:"string"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s NumberAttributeConstraintsType) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s NumberAttributeConstraintsType) GoString() string {
	return s.String()
}

// SetMaxValue sets the MaxValue field's value.
func (s *NumberAttributeConstraintsType) SetMaxValue(v string) *NumberAttributeConstraintsType {
	s.MaxValue = &v
	return s
}

// SetMinValue sets the MinValue field's value.
func (s *NumberAttributeConstraintsType) SetMinValue(v string) *NumberAttributeConstraintsType {
	s.MinValue = &v
	return s
}

// The password policy type.
type PasswordPolicyType struct {
	_ struct{} `type:"structure"`

	// The minimum length of the password in the policy that you have set. This
	// value can't be less than 6.
	MinimumLength *int64 `min:"6" type:"integer"`

	// In the password policy that you have set, refers to whether you have required
	// users to use at least one lowercase letter in their password.
	RequireLowercase *bool `type:"boolean"`

	// In the password policy that you have set, refers to whether you have required
	// users to use at least one number in their password.
	RequireNumbers *bool `type:"boolean"`

	// In the password policy that you have set, refers to whether you have required
	// users to use at least one symbol in their password.
	RequireSymbols *bool `type:"boolean"`

	// In the password policy that you have set, refers to whether you have required
	// users to use at least one uppercase letter in their password.
	RequireUppercase *bool `type:"boolean"`

	// The number of days a temporary password is valid in the password policy.
	// If the user doesn't sign in during this time, an administrator must reset
	// their password. Defaults to 7. If you submit a value of 0, Amazon Cognito
	// treats it as a null value and sets TemporaryPasswordValidityDays to its default
	// value.
	//
	// When you set TemporaryPasswordValidityDays for a user pool, you can no longer
	// set a value for the legacy UnusedAccountValidityDays parameter in that user
	// pool.
	TemporaryPasswordValidityDays *int64 `type:"integer"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s PasswordPolicyType) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s PasswordPolicyType) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *PasswordPolicyType) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "PasswordPolicyType"}
	if s.MinimumLength != nil && *s.MinimumLength < 6 {
		invalidParams.Add(request.NewErrParamMinValue("MinimumLength", 6))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetMinimumLength sets the MinimumLength field's value.
func (s *PasswordPolicyType) SetMinimumLength(v int64) *PasswordPolicyType {
	s.MinimumLength = &v
	return s
}

// SetRequireLowercase sets the RequireLowercase field's value.
func (s *PasswordPolicyType) SetRequireLowercase(v bool) *PasswordPolicyType {
	s.RequireLowercase = &v
	return s
}

// SetRequireNumbers sets the RequireNumbers field's value.
func (s *PasswordPolicyType) SetRequireNumbers(v bool) *PasswordPolicyType {
	s.RequireNumbers = &v
	return s
}

// SetRequireSymbols sets the RequireSymbols field's value.
func (s *PasswordPolicyType) SetRequireSymbols(v bool) *PasswordPolicyType {
	s.RequireSymbols = &v
	return s
}

// SetRequireUppercase sets the RequireUppercase field's value.
func (s *PasswordPolicyType) SetRequireUppercase(v bool) *PasswordPolicyType {
	s.RequireUppercase = &v
	return s
}

// SetTemporaryPasswordValidityDays sets the TemporaryPasswordValidityDays field's value.
func (s *PasswordPolicyType) SetTemporaryPasswordValidityDays(v int64) *PasswordPolicyType {
	s.TemporaryPasswordValidityDays = &v
	return s
}

// This exception is thrown when a password reset is required.
type PasswordResetRequiredException struct {
	_            struct{}                  `type:"structure"`
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	// The message returned when a password reset is required.
	Message_ *string `locationName:"message" type:"string"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s PasswordResetRequiredException) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s PasswordResetRequiredException) GoString() string {
	return s.String()
}

func newErrorPasswordResetRequiredException(v protocol.ResponseMetadata) error {
	return &PasswordResetRequiredException{
		RespMetadata: v,
	}
}

// Code returns the exception type name.
func (s *PasswordResetRequiredException) Code() string {
	return "PasswordResetRequiredException"
}

// Message returns the exception's message.
func (s *PasswordResetRequiredException) Message() string {
	if s.Message_ != nil {
		return *s.Message_
	}
	return ""
}

// OrigErr always returns nil, satisfies awserr.Error interface.
func (s *PasswordResetRequiredException) OrigErr() error {
	return nil
}

func (s *PasswordResetRequiredException) Error() string {
	return fmt.Sprintf("%s: %s", s.Code(), s.Message())
}

// Status code returns the HTTP status code for the request's response error.
func (s *PasswordResetRequiredException) StatusCode() int {
	return s.RespMetadata.StatusCode
}

// RequestID returns the service's response RequestID for request.
func (s *PasswordResetRequiredException) RequestID() string {
	return s.RespMetadata.RequestID
}

// The properties of a pre token generation Lambda trigger.
type PreTokenGenerationVersionConfigType struct {
	_ struct{} `type:"structure"`

	// The Amazon Resource Name (ARN) of the function that you want to assign to
	// your Lambda trigger.
	//
	// This parameter and the PreTokenGeneration property of LambdaConfig have the
	// same value. For new instances of pre token generation triggers, set LambdaArn.
	//
	// LambdaArn is a required field
	LambdaArn *string `min:"20" type:"string" required:"true"`

	// The user pool trigger version of the request that Amazon Cognito sends to
	// your Lambda function. Higher-numbered versions add fields that support new
	// features.
	//
	// LambdaVersion is a required field
	LambdaVersion *string `type:"string" required:"true" enum:"PreTokenGenerationLambdaVersionType"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s PreTokenGenerationVersionConfigType) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s PreTokenGenerationVersionConfigType) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *PreTokenGenerationVersionConfigType) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "PreTokenGenerationVersionConfigType"}
	if s.LambdaArn == nil {
		invalidParams.Add(request.NewErrParamRequired("LambdaArn"))
	}
	if s.LambdaArn != nil && len(*s.LambdaArn) < 20 {
		invalidParams.Add(request.NewErrParamMinLen("LambdaArn", 20))
	}
	if s.LambdaVersion == nil {
		invalidParams.Add(request.NewErrParamRequired("LambdaVersion"))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetLambdaArn sets the LambdaArn field's value.
func (s *PreTokenGenerationVersionConfigType) SetLambdaArn(v string) *PreTokenGenerationVersionConfigType {
	s.LambdaArn = &v
	return s
}

// SetLambdaVersion sets the LambdaVersion field's value.
func (s *PreTokenGenerationVersionConfigType) SetLambdaVersion(v string) *PreTokenGenerationVersionConfigType {
	s.LambdaVersion = &v
	return s
}

// This exception is thrown when a precondition is not met.
type PreconditionNotMetException struct {
	_            struct{}                  `type:"structure"`
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	// The message returned when a precondition is not met.
	Message_ *string `locationName:"message" type:"string"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s PreconditionNotMetException) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s PreconditionNotMetException) GoString() string {
	return s.String()
}

func newErrorPreconditionNotMetException(v protocol.ResponseMetadata) error {
	return &PreconditionNotMetException{
		RespMetadata: v,
	}
}

// Code returns the exception type name.
func (s *PreconditionNotMetException) Code() string {
	return "PreconditionNotMetException"
}

// Message returns the exception's message.
func (s *PreconditionNotMetException) Message() string {
	if s.Message_ != nil {
		return *s.Message_
	}
	return ""
}

// OrigErr always returns nil, satisfies awserr.Error interface.
func (s *PreconditionNotMetException) OrigErr() error {
	return nil
}

func (s *PreconditionNotMetException) Error() string {
	return fmt.Sprintf("%s: %s", s.Code(), s.Message())
}

// Status code returns the HTTP status code for the request's response error.
func (s *PreconditionNotMetException) StatusCode() int {
	return s.RespMetadata.StatusCode
}

// RequestID returns the service's response RequestID for request.
func (s *PreconditionNotMetException) RequestID() string {
	return s.RespMetadata.RequestID
}

// A container for IdP details.
type ProviderDescription struct {
	_ struct{} `type:"structure"`

	// The date and time, in ISO 8601 (https://www.iso.org/iso-8601-date-and-time-format.html)
	// format, when the item was created.
	CreationDate *time.Time `type:"timestamp"`

	// The date the provider was last modified.
	LastModifiedDate *time.Time `type:"timestamp"`

	// The IdP name.
	ProviderName *string `min:"1" type:"string"`

	// The IdP type.
	ProviderType *string `type:"string" enum:"IdentityProviderTypeType"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ProviderDescription) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ProviderDescription) GoString() string {
	return s.String()
}

// SetCreationDate sets the CreationDate field's value.
func (s *ProviderDescription) SetCreationDate(v time.Time) *ProviderDescription {
	s.CreationDate = &v
	return s
}

// SetLastModifiedDate sets the LastModifiedDate field's value.
func (s *ProviderDescription) SetLastModifiedDate(v time.Time) *ProviderDescription {
	s.LastModifiedDate = &v
	return s
}

// SetProviderName sets the ProviderName field's value.
func (s *ProviderDescription) SetProviderName(v string) *ProviderDescription {
	s.ProviderName = &v
	return s
}

// SetProviderType sets the ProviderType field's value.
func (s *ProviderDescription) SetProviderType(v string) *ProviderDescription {
	s.ProviderType = &v
	return s
}

// A container for information about an IdP for a user pool.
type ProviderUserIdentifierType struct {
	_ struct{} `type:"structure"`

	// The name of the provider attribute to link to, such as NameID.
	ProviderAttributeName *string `type:"string"`

	// The value of the provider attribute to link to, such as xxxxx_account.
	ProviderAttributeValue *string `type:"string"`

	// The name of the provider, such as Facebook, Google, or Login with Amazon.
	ProviderName *string `min:"1" type:"string"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ProviderUserIdentifierType) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ProviderUserIdentifierType) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *ProviderUserIdentifierType) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "ProviderUserIdentifierType"}
	if s.ProviderName != nil && len(*s.ProviderName) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("ProviderName", 1))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetProviderAttributeName sets the ProviderAttributeName field's value.
func (s *ProviderUserIdentifierType) SetProviderAttributeName(v string) *ProviderUserIdentifierType {
	s.ProviderAttributeName = &v
	return s
}

// SetProviderAttributeValue sets the ProviderAttributeValue field's value.
func (s *ProviderUserIdentifierType) SetProviderAttributeValue(v string) *ProviderUserIdentifierType {
	s.ProviderAttributeValue = &v
	return s
}

// SetProviderName sets the ProviderName field's value.
func (s *ProviderUserIdentifierType) SetProviderName(v string) *ProviderUserIdentifierType {
	s.ProviderName = &v
	return s
}

// A map containing a priority as a key, and recovery method name as a value.
type RecoveryOptionType struct {
	_ struct{} `type:"structure"`

	// The recovery method for a user.
	//
	// Name is a required field
	Name *string `type:"string" required:"true" enum:"RecoveryOptionNameType"`

	// A positive integer specifying priority of a method with 1 being the highest
	// priority.
	//
	// Priority is a required field
	Priority *int64 `min:"1" type:"integer" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s RecoveryOptionType) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s RecoveryOptionType) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *RecoveryOptionType) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "RecoveryOptionType"}
	if s.Name == nil {
		invalidParams.Add(request.NewErrParamRequired("Name"))
	}
	if s.Priority == nil {
		invalidParams.Add(request.NewErrParamRequired("Priority"))
	}
	if s.Priority != nil && *s.Priority < 1 {
		invalidParams.Add(request.NewErrParamMinValue("Priority", 1))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetName sets the Name field's value.
func (s *RecoveryOptionType) SetName(v string) *RecoveryOptionType {
	s.Name = &v
	return s
}

// SetPriority sets the Priority field's value.
func (s *RecoveryOptionType) SetPriority(v int64) *RecoveryOptionType {
	s.Priority = &v
	return s
}

// Represents the request to resend the confirmation code.
type ResendConfirmationCodeInput struct {
	_ struct{} `type:"structure"`

	// The Amazon Pinpoint analytics metadata that contributes to your metrics for
	// ResendConfirmationCode calls.
	AnalyticsMetadata *AnalyticsMetadataType `type:"structure"`

	// The ID of the client associated with the user pool.
	//
	// ClientId is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by ResendConfirmationCodeInput's
	// String and GoString methods.
	//
	// ClientId is a required field
	ClientId *string `min:"1" type:"string" required:"true" sensitive:"true"`

	// A map of custom key-value pairs that you can provide as input for any custom
	// workflows that this action triggers.
	//
	// You create custom workflows by assigning Lambda functions to user pool triggers.
	// When you use the ResendConfirmationCode API action, Amazon Cognito invokes
	// the function that is assigned to the custom message trigger. When Amazon
	// Cognito invokes this function, it passes a JSON payload, which the function
	// receives as input. This payload contains a clientMetadata attribute, which
	// provides the data that you assigned to the ClientMetadata parameter in your
	// ResendConfirmationCode request. In your function code in Lambda, you can
	// process the clientMetadata value to enhance your workflow for your specific
	// needs.
	//
	// For more information, see Customizing user pool Workflows with Lambda Triggers
	// (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools-working-with-aws-lambda-triggers.html)
	// in the Amazon Cognito Developer Guide.
	//
	// When you use the ClientMetadata parameter, remember that Amazon Cognito won't
	// do the following:
	//
	//    * Store the ClientMetadata value. This data is available only to Lambda
	//    triggers that are assigned to a user pool to support custom workflows.
	//    If your user pool configuration doesn't include triggers, the ClientMetadata
	//    parameter serves no purpose.
	//
	//    * Validate the ClientMetadata value.
	//
	//    * Encrypt the ClientMetadata value. Don't use Amazon Cognito to provide
	//    sensitive information.
	ClientMetadata map[string]*string `type:"map"`

	// A keyed-hash message authentication code (HMAC) calculated using the secret
	// key of a user pool client and username plus the client ID in the message.
	//
	// SecretHash is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by ResendConfirmationCodeInput's
	// String and GoString methods.
	SecretHash *string `min:"1" type:"string" sensitive:"true"`

	// Contextual data about your user session, such as the device fingerprint,
	// IP address, or location. Amazon Cognito advanced security evaluates the risk
	// of an authentication event based on the context that your app generates and
	// passes to Amazon Cognito when it makes API requests.
	//
	// UserContextData is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by ResendConfirmationCodeInput's
	// String and GoString methods.
	UserContextData *UserContextDataType `type:"structure" sensitive:"true"`

	// The username of the user that you want to query or modify. The value of this
	// parameter is typically your user's username, but it can be any of their alias
	// attributes. If username isn't an alias attribute in your user pool, you can
	// also use their sub in this request.
	//
	// Username is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by ResendConfirmationCodeInput's
	// String and GoString methods.
	//
	// Username is a required field
	Username *string `min:"1" type:"string" required:"true" sensitive:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ResendConfirmationCodeInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ResendConfirmationCodeInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *ResendConfirmationCodeInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "ResendConfirmationCodeInput"}
	if s.ClientId == nil {
		invalidParams.Add(request.NewErrParamRequired("ClientId"))
	}
	if s.ClientId != nil && len(*s.ClientId) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("ClientId", 1))
	}
	if s.SecretHash != nil && len(*s.SecretHash) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("SecretHash", 1))
	}
	if s.Username == nil {
		invalidParams.Add(request.NewErrParamRequired("Username"))
	}
	if s.Username != nil && len(*s.Username) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("Username", 1))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetAnalyticsMetadata sets the AnalyticsMetadata field's value.
func (s *ResendConfirmationCodeInput) SetAnalyticsMetadata(v *AnalyticsMetadataType) *ResendConfirmationCodeInput {
	s.AnalyticsMetadata = v
	return s
}

// SetClientId sets the ClientId field's value.
func (s *ResendConfirmationCodeInput) SetClientId(v string) *ResendConfirmationCodeInput {
	s.ClientId = &v
	return s
}

// SetClientMetadata sets the ClientMetadata field's value.
func (s *ResendConfirmationCodeInput) SetClientMetadata(v map[string]*string) *ResendConfirmationCodeInput {
	s.ClientMetadata = v
	return s
}

// SetSecretHash sets the SecretHash field's value.
func (s *ResendConfirmationCodeInput) SetSecretHash(v string) *ResendConfirmationCodeInput {
	s.SecretHash = &v
	return s
}

// SetUserContextData sets the UserContextData field's value.
func (s *ResendConfirmationCodeInput) SetUserContextData(v *UserContextDataType) *ResendConfirmationCodeInput {
	s.UserContextData = v
	return s
}

// SetUsername sets the Username field's value.
func (s *ResendConfirmationCodeInput) SetUsername(v string) *ResendConfirmationCodeInput {
	s.Username = &v
	return s
}

// The response from the server when Amazon Cognito makes the request to resend
// a confirmation code.
type ResendConfirmationCodeOutput struct {
	_ struct{} `type:"structure"`

	// The code delivery details returned by the server in response to the request
	// to resend the confirmation code.
	CodeDeliveryDetails *CodeDeliveryDetailsType `type:"structure"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ResendConfirmationCodeOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ResendConfirmationCodeOutput) GoString() string {
	return s.String()
}

// SetCodeDeliveryDetails sets the CodeDeliveryDetails field's value.
func (s *ResendConfirmationCodeOutput) SetCodeDeliveryDetails(v *CodeDeliveryDetailsType) *ResendConfirmationCodeOutput {
	s.CodeDeliveryDetails = v
	return s
}

// This exception is thrown when the Amazon Cognito service can't find the requested
// resource.
type ResourceNotFoundException struct {
	_            struct{}                  `type:"structure"`
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	// The message returned when the Amazon Cognito service returns a resource not
	// found exception.
	Message_ *string `locationName:"message" type:"string"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ResourceNotFoundException) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ResourceNotFoundException) GoString() string {
	return s.String()
}

func newErrorResourceNotFoundException(v protocol.ResponseMetadata) error {
	return &ResourceNotFoundException{
		RespMetadata: v,
	}
}

// Code returns the exception type name.
func (s *ResourceNotFoundException) Code() string {
	return "ResourceNotFoundException"
}

// Message returns the exception's message.
func (s *ResourceNotFoundException) Message() string {
	if s.Message_ != nil {
		return *s.Message_
	}
	return ""
}

// OrigErr always returns nil, satisfies awserr.Error interface.
func (s *ResourceNotFoundException) OrigErr() error {
	return nil
}

func (s *ResourceNotFoundException) Error() string {
	return fmt.Sprintf("%s: %s", s.Code(), s.Message())
}

// Status code returns the HTTP status code for the request's response error.
func (s *ResourceNotFoundException) StatusCode() int {
	return s.RespMetadata.StatusCode
}

// RequestID returns the service's response RequestID for request.
func (s *ResourceNotFoundException) RequestID() string {
	return s.RespMetadata.RequestID
}

// A resource server scope.
type ResourceServerScopeType struct {
	_ struct{} `type:"structure"`

	// A description of the scope.
	//
	// ScopeDescription is a required field
	ScopeDescription *string `min:"1" type:"string" required:"true"`

	// The name of the scope.
	//
	// ScopeName is a required field
	ScopeName *string `min:"1" type:"string" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ResourceServerScopeType) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ResourceServerScopeType) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *ResourceServerScopeType) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "ResourceServerScopeType"}
	if s.ScopeDescription == nil {
		invalidParams.Add(request.NewErrParamRequired("ScopeDescription"))
	}
	if s.ScopeDescription != nil && len(*s.ScopeDescription) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("ScopeDescription", 1))
	}
	if s.ScopeName == nil {
		invalidParams.Add(request.NewErrParamRequired("ScopeName"))
	}
	if s.ScopeName != nil && len(*s.ScopeName) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("ScopeName", 1))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetScopeDescription sets the ScopeDescription field's value.
func (s *ResourceServerScopeType) SetScopeDescription(v string) *ResourceServerScopeType {
	s.ScopeDescription = &v
	return s
}

// SetScopeName sets the ScopeName field's value.
func (s *ResourceServerScopeType) SetScopeName(v string) *ResourceServerScopeType {
	s.ScopeName = &v
	return s
}

// A container for information about a resource server for a user pool.
type ResourceServerType struct {
	_ struct{} `type:"structure"`

	// The identifier for the resource server.
	Identifier *string `min:"1" type:"string"`

	// The name of the resource server.
	Name *string `min:"1" type:"string"`

	// A list of scopes that are defined for the resource server.
	Scopes []*ResourceServerScopeType `type:"list"`

	// The user pool ID for the user pool that hosts the resource server.
	UserPoolId *string `min:"1" type:"string"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ResourceServerType) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ResourceServerType) GoString() string {
	return s.String()
}

// SetIdentifier sets the Identifier field's value.
func (s *ResourceServerType) SetIdentifier(v string) *ResourceServerType {
	s.Identifier = &v
	return s
}

// SetName sets the Name field's value.
func (s *ResourceServerType) SetName(v string) *ResourceServerType {
	s.Name = &v
	return s
}

// SetScopes sets the Scopes field's value.
func (s *ResourceServerType) SetScopes(v []*ResourceServerScopeType) *ResourceServerType {
	s.Scopes = v
	return s
}

// SetUserPoolId sets the UserPoolId field's value.
func (s *ResourceServerType) SetUserPoolId(v string) *ResourceServerType {
	s.UserPoolId = &v
	return s
}

// The request to respond to an authentication challenge.
type RespondToAuthChallengeInput struct {
	_ struct{} `type:"structure"`

	// The Amazon Pinpoint analytics metadata that contributes to your metrics for
	// RespondToAuthChallenge calls.
	AnalyticsMetadata *AnalyticsMetadataType `type:"structure"`

	// The challenge name. For more information, see InitiateAuth (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_InitiateAuth.html).
	//
	// ADMIN_NO_SRP_AUTH isn't a valid value.
	//
	// ChallengeName is a required field
	ChallengeName *string `type:"string" required:"true" enum:"ChallengeNameType"`

	// The responses to the challenge that you received in the previous request.
	// Each challenge has its own required response parameters. The following examples
	// are partial JSON request bodies that highlight challenge-response parameters.
	//
	// You must provide a SECRET_HASH parameter in all challenge responses to an
	// app client that has a client secret.
	//
	// SMS_MFA
	//
	// "ChallengeName": "SMS_MFA", "ChallengeResponses": {"SMS_MFA_CODE": "[SMS_code]",
	// "USERNAME": "[username]"}
	//
	// PASSWORD_VERIFIER
	//
	// "ChallengeName": "PASSWORD_VERIFIER", "ChallengeResponses": {"PASSWORD_CLAIM_SIGNATURE":
	// "[claim_signature]", "PASSWORD_CLAIM_SECRET_BLOCK": "[secret_block]", "TIMESTAMP":
	// [timestamp], "USERNAME": "[username]"}
	//
	// Add "DEVICE_KEY" when you sign in with a remembered device.
	//
	// CUSTOM_CHALLENGE
	//
	// "ChallengeName": "CUSTOM_CHALLENGE", "ChallengeResponses": {"USERNAME": "[username]",
	// "ANSWER": "[challenge_answer]"}
	//
	// Add "DEVICE_KEY" when you sign in with a remembered device.
	//
	// NEW_PASSWORD_REQUIRED
	//
	// "ChallengeName": "NEW_PASSWORD_REQUIRED", "ChallengeResponses": {"NEW_PASSWORD":
	// "[new_password]", "USERNAME": "[username]"}
	//
	// To set any required attributes that InitiateAuth returned in an requiredAttributes
	// parameter, add "userAttributes.[attribute_name]": "[attribute_value]". This
	// parameter can also set values for writable attributes that aren't required
	// by your user pool.
	//
	// In a NEW_PASSWORD_REQUIRED challenge response, you can't modify a required
	// attribute that already has a value. In RespondToAuthChallenge, set a value
	// for any keys that Amazon Cognito returned in the requiredAttributes parameter,
	// then use the UpdateUserAttributes API operation to modify the value of any
	// additional attributes.
	//
	// SOFTWARE_TOKEN_MFA
	//
	// "ChallengeName": "SOFTWARE_TOKEN_MFA", "ChallengeResponses": {"USERNAME":
	// "[username]", "SOFTWARE_TOKEN_MFA_CODE": [authenticator_code]}
	//
	// DEVICE_SRP_AUTH
	//
	// "ChallengeName": "DEVICE_SRP_AUTH", "ChallengeResponses": {"USERNAME": "[username]",
	// "DEVICE_KEY": "[device_key]", "SRP_A": "[srp_a]"}
	//
	// DEVICE_PASSWORD_VERIFIER
	//
	// "ChallengeName": "DEVICE_PASSWORD_VERIFIER", "ChallengeResponses": {"DEVICE_KEY":
	// "[device_key]", "PASSWORD_CLAIM_SIGNATURE": "[claim_signature]", "PASSWORD_CLAIM_SECRET_BLOCK":
	// "[secret_block]", "TIMESTAMP": [timestamp], "USERNAME": "[username]"}
	//
	// MFA_SETUP
	//
	// "ChallengeName": "MFA_SETUP", "ChallengeResponses": {"USERNAME": "[username]"},
	// "SESSION": "[Session ID from VerifySoftwareToken]"
	//
	// SELECT_MFA_TYPE
	//
	// "ChallengeName": "SELECT_MFA_TYPE", "ChallengeResponses": {"USERNAME": "[username]",
	// "ANSWER": "[SMS_MFA or SOFTWARE_TOKEN_MFA]"}
	//
	// For more information about SECRET_HASH, see Computing secret hash values
	// (https://docs.aws.amazon.com/cognito/latest/developerguide/signing-up-users-in-your-app.html#cognito-user-pools-computing-secret-hash).
	// For information about DEVICE_KEY, see Working with user devices in your user
	// pool (https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-device-tracking.html).
	//
	// ChallengeResponses is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by RespondToAuthChallengeInput's
	// String and GoString methods.
	ChallengeResponses map[string]*string `type:"map" sensitive:"true"`

	// The app client ID.
	//
	// ClientId is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by RespondToAuthChallengeInput's
	// String and GoString methods.
	//
	// ClientId is a required field
	ClientId *string `min:"1" type:"string" required:"true" sensitive:"true"`

	// A map of custom key-value pairs that you can provide as input for any custom
	// workflows that this action triggers.
	//
	// You create custom workflows by assigning Lambda functions to user pool triggers.
	// When you use the RespondToAuthChallenge API action, Amazon Cognito invokes
	// any functions that are assigned to the following triggers: post authentication,
	// pre token generation, define auth challenge, create auth challenge, and verify
	// auth challenge. When Amazon Cognito invokes any of these functions, it passes
	// a JSON payload, which the function receives as input. This payload contains
	// a clientMetadata attribute, which provides the data that you assigned to
	// the ClientMetadata parameter in your RespondToAuthChallenge request. In your
	// function code in Lambda, you can process the clientMetadata value to enhance
	// your workflow for your specific needs.
	//
	// For more information, see Customizing user pool Workflows with Lambda Triggers
	// (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools-working-with-aws-lambda-triggers.html)
	// in the Amazon Cognito Developer Guide.
	//
	// When you use the ClientMetadata parameter, remember that Amazon Cognito won't
	// do the following:
	//
	//    * Store the ClientMetadata value. This data is available only to Lambda
	//    triggers that are assigned to a user pool to support custom workflows.
	//    If your user pool configuration doesn't include triggers, the ClientMetadata
	//    parameter serves no purpose.
	//
	//    * Validate the ClientMetadata value.
	//
	//    * Encrypt the ClientMetadata value. Don't use Amazon Cognito to provide
	//    sensitive information.
	ClientMetadata map[string]*string `type:"map"`

	// The session that should be passed both ways in challenge-response calls to
	// the service. If InitiateAuth or RespondToAuthChallenge API call determines
	// that the caller must pass another challenge, they return a session with other
	// challenge parameters. This session should be passed as it is to the next
	// RespondToAuthChallenge API call.
	//
	// Session is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by RespondToAuthChallengeInput's
	// String and GoString methods.
	Session *string `min:"20" type:"string" sensitive:"true"`

	// Contextual data about your user session, such as the device fingerprint,
	// IP address, or location. Amazon Cognito advanced security evaluates the risk
	// of an authentication event based on the context that your app generates and
	// passes to Amazon Cognito when it makes API requests.
	//
	// UserContextData is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by RespondToAuthChallengeInput's
	// String and GoString methods.
	UserContextData *UserContextDataType `type:"structure" sensitive:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s RespondToAuthChallengeInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s RespondToAuthChallengeInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *RespondToAuthChallengeInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "RespondToAuthChallengeInput"}
	if s.ChallengeName == nil {
		invalidParams.Add(request.NewErrParamRequired("ChallengeName"))
	}
	if s.ClientId == nil {
		invalidParams.Add(request.NewErrParamRequired("ClientId"))
	}
	if s.ClientId != nil && len(*s.ClientId) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("ClientId", 1))
	}
	if s.Session != nil && len(*s.Session) < 20 {
		invalidParams.Add(request.NewErrParamMinLen("Session", 20))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetAnalyticsMetadata sets the AnalyticsMetadata field's value.
func (s *RespondToAuthChallengeInput) SetAnalyticsMetadata(v *AnalyticsMetadataType) *RespondToAuthChallengeInput {
	s.AnalyticsMetadata = v
	return s
}

// SetChallengeName sets the ChallengeName field's value.
func (s *RespondToAuthChallengeInput) SetChallengeName(v string) *RespondToAuthChallengeInput {
	s.ChallengeName = &v
	return s
}

// SetChallengeResponses sets the ChallengeResponses field's value.
func (s *RespondToAuthChallengeInput) SetChallengeResponses(v map[string]*string) *RespondToAuthChallengeInput {
	s.ChallengeResponses = v
	return s
}

// SetClientId sets the ClientId field's value.
func (s *RespondToAuthChallengeInput) SetClientId(v string) *RespondToAuthChallengeInput {
	s.ClientId = &v
	return s
}

// SetClientMetadata sets the ClientMetadata field's value.
func (s *RespondToAuthChallengeInput) SetClientMetadata(v map[string]*string) *RespondToAuthChallengeInput {
	s.ClientMetadata = v
	return s
}

// SetSession sets the Session field's value.
func (s *RespondToAuthChallengeInput) SetSession(v string) *RespondToAuthChallengeInput {
	s.Session = &v
	return s
}

// SetUserContextData sets the UserContextData field's value.
func (s *RespondToAuthChallengeInput) SetUserContextData(v *UserContextDataType) *RespondToAuthChallengeInput {
	s.UserContextData = v
	return s
}

// The response to respond to the authentication challenge.
type RespondToAuthChallengeOutput struct {
	_ struct{} `type:"structure"`

	// The result returned by the server in response to the request to respond to
	// the authentication challenge.
	AuthenticationResult *AuthenticationResultType `type:"structure"`

	// The challenge name. For more information, see InitiateAuth (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_InitiateAuth.html).
	ChallengeName *string `type:"string" enum:"ChallengeNameType"`

	// The challenge parameters. For more information, see InitiateAuth (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_InitiateAuth.html).
	ChallengeParameters map[string]*string `type:"map"`

	// The session that should be passed both ways in challenge-response calls to
	// the service. If the caller must pass another challenge, they return a session
	// with other challenge parameters. This session should be passed as it is to
	// the next RespondToAuthChallenge API call.
	//
	// Session is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by RespondToAuthChallengeOutput's
	// String and GoString methods.
	Session *string `min:"20" type:"string" sensitive:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s RespondToAuthChallengeOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s RespondToAuthChallengeOutput) GoString() string {
	return s.String()
}

// SetAuthenticationResult sets the AuthenticationResult field's value.
func (s *RespondToAuthChallengeOutput) SetAuthenticationResult(v *AuthenticationResultType) *RespondToAuthChallengeOutput {
	s.AuthenticationResult = v
	return s
}

// SetChallengeName sets the ChallengeName field's value.
func (s *RespondToAuthChallengeOutput) SetChallengeName(v string) *RespondToAuthChallengeOutput {
	s.ChallengeName = &v
	return s
}

// SetChallengeParameters sets the ChallengeParameters field's value.
func (s *RespondToAuthChallengeOutput) SetChallengeParameters(v map[string]*string) *RespondToAuthChallengeOutput {
	s.ChallengeParameters = v
	return s
}

// SetSession sets the Session field's value.
func (s *RespondToAuthChallengeOutput) SetSession(v string) *RespondToAuthChallengeOutput {
	s.Session = &v
	return s
}

type RevokeTokenInput struct {
	_ struct{} `type:"structure"`

	// The client ID for the token that you want to revoke.
	//
	// ClientId is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by RevokeTokenInput's
	// String and GoString methods.
	//
	// ClientId is a required field
	ClientId *string `min:"1" type:"string" required:"true" sensitive:"true"`

	// The secret for the client ID. This is required only if the client ID has
	// a secret.
	//
	// ClientSecret is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by RevokeTokenInput's
	// String and GoString methods.
	ClientSecret *string `min:"1" type:"string" sensitive:"true"`

	// The refresh token that you want to revoke.
	//
	// Token is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by RevokeTokenInput's
	// String and GoString methods.
	//
	// Token is a required field
	Token *string `type:"string" required:"true" sensitive:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s RevokeTokenInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s RevokeTokenInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *RevokeTokenInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "RevokeTokenInput"}
	if s.ClientId == nil {
		invalidParams.Add(request.NewErrParamRequired("ClientId"))
	}
	if s.ClientId != nil && len(*s.ClientId) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("ClientId", 1))
	}
	if s.ClientSecret != nil && len(*s.ClientSecret) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("ClientSecret", 1))
	}
	if s.Token == nil {
		invalidParams.Add(request.NewErrParamRequired("Token"))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetClientId sets the ClientId field's value.
func (s *RevokeTokenInput) SetClientId(v string) *RevokeTokenInput {
	s.ClientId = &v
	return s
}

// SetClientSecret sets the ClientSecret field's value.
func (s *RevokeTokenInput) SetClientSecret(v string) *RevokeTokenInput {
	s.ClientSecret = &v
	return s
}

// SetToken sets the Token field's value.
func (s *RevokeTokenInput) SetToken(v string) *RevokeTokenInput {
	s.Token = &v
	return s
}

type RevokeTokenOutput struct {
	_ struct{} `type:"structure"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s RevokeTokenOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s RevokeTokenOutput) GoString() string {
	return s.String()
}

// The risk configuration type.
type RiskConfigurationType struct {
	_ struct{} `type:"structure"`

	// The account takeover risk configuration object, including the NotifyConfiguration
	// object and Actions to take if there is an account takeover.
	AccountTakeoverRiskConfiguration *AccountTakeoverRiskConfigurationType `type:"structure"`

	// The app client ID.
	//
	// ClientId is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by RiskConfigurationType's
	// String and GoString methods.
	ClientId *string `min:"1" type:"string" sensitive:"true"`

	// The compromised credentials risk configuration object, including the EventFilter
	// and the EventAction.
	CompromisedCredentialsRiskConfiguration *CompromisedCredentialsRiskConfigurationType `type:"structure"`

	// The date and time, in ISO 8601 (https://www.iso.org/iso-8601-date-and-time-format.html)
	// format, when the item was modified.
	LastModifiedDate *time.Time `type:"timestamp"`

	// The configuration to override the risk decision.
	RiskExceptionConfiguration *RiskExceptionConfigurationType `type:"structure"`

	// The user pool ID.
	UserPoolId *string `min:"1" type:"string"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s RiskConfigurationType) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s RiskConfigurationType) GoString() string {
	return s.String()
}

// SetAccountTakeoverRiskConfiguration sets the AccountTakeoverRiskConfiguration field's value.
func (s *RiskConfigurationType) SetAccountTakeoverRiskConfiguration(v *AccountTakeoverRiskConfigurationType) *RiskConfigurationType {
	s.AccountTakeoverRiskConfiguration = v
	return s
}

// SetClientId sets the ClientId field's value.
func (s *RiskConfigurationType) SetClientId(v string) *RiskConfigurationType {
	s.ClientId = &v
	return s
}

// SetCompromisedCredentialsRiskConfiguration sets the CompromisedCredentialsRiskConfiguration field's value.
func (s *RiskConfigurationType) SetCompromisedCredentialsRiskConfiguration(v *CompromisedCredentialsRiskConfigurationType) *RiskConfigurationType {
	s.CompromisedCredentialsRiskConfiguration = v
	return s
}

// SetLastModifiedDate sets the LastModifiedDate field's value.
func (s *RiskConfigurationType) SetLastModifiedDate(v time.Time) *RiskConfigurationType {
	s.LastModifiedDate = &v
	return s
}

// SetRiskExceptionConfiguration sets the RiskExceptionConfiguration field's value.
func (s *RiskConfigurationType) SetRiskExceptionConfiguration(v *RiskExceptionConfigurationType) *RiskConfigurationType {
	s.RiskExceptionConfiguration = v
	return s
}

// SetUserPoolId sets the UserPoolId field's value.
func (s *RiskConfigurationType) SetUserPoolId(v string) *RiskConfigurationType {
	s.UserPoolId = &v
	return s
}

// The type of the configuration to override the risk decision.
type RiskExceptionConfigurationType struct {
	_ struct{} `type:"structure"`

	// Overrides the risk decision to always block the pre-authentication requests.
	// The IP range is in CIDR notation, a compact representation of an IP address
	// and its routing prefix.
	BlockedIPRangeList []*string `type:"list"`

	// Risk detection isn't performed on the IP addresses in this range list. The
	// IP range is in CIDR notation.
	SkippedIPRangeList []*string `type:"list"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s RiskExceptionConfigurationType) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s RiskExceptionConfigurationType) GoString() string {
	return s.String()
}

// SetBlockedIPRangeList sets the BlockedIPRangeList field's value.
func (s *RiskExceptionConfigurationType) SetBlockedIPRangeList(v []*string) *RiskExceptionConfigurationType {
	s.BlockedIPRangeList = v
	return s
}

// SetSkippedIPRangeList sets the SkippedIPRangeList field's value.
func (s *RiskExceptionConfigurationType) SetSkippedIPRangeList(v []*string) *RiskExceptionConfigurationType {
	s.SkippedIPRangeList = v
	return s
}

// The type used for enabling SMS multi-factor authentication (MFA) at the user
// level. Phone numbers don't need to be verified to be used for SMS MFA. If
// an MFA type is activated for a user, the user will be prompted for MFA during
// all sign-in attempts, unless device tracking is turned on and the device
// has been trusted. If you would like MFA to be applied selectively based on
// the assessed risk level of sign-in attempts, deactivate MFA for users and
// turn on Adaptive Authentication for the user pool.
type SMSMfaSettingsType struct {
	_ struct{} `type:"structure"`

	// Specifies whether SMS text message MFA is activated. If an MFA type is activated
	// for a user, the user will be prompted for MFA during all sign-in attempts,
	// unless device tracking is turned on and the device has been trusted.
	Enabled *bool `type:"boolean"`

	// Specifies whether SMS is the preferred MFA method.
	PreferredMfa *bool `type:"boolean"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s SMSMfaSettingsType) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s SMSMfaSettingsType) GoString() string {
	return s.String()
}

// SetEnabled sets the Enabled field's value.
func (s *SMSMfaSettingsType) SetEnabled(v bool) *SMSMfaSettingsType {
	s.Enabled = &v
	return s
}

// SetPreferredMfa sets the PreferredMfa field's value.
func (s *SMSMfaSettingsType) SetPreferredMfa(v bool) *SMSMfaSettingsType {
	s.PreferredMfa = &v
	return s
}

// A list of the user attributes and their properties in your user pool. The
// attribute schema contains standard attributes, custom attributes with a custom:
// prefix, and developer attributes with a dev: prefix. For more information,
// see User pool attributes (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-attributes.html).
//
// Developer-only attributes are a legacy feature of user pools, are read-only
// to all app clients. You can create and update developer-only attributes only
// with IAM-authenticated API operations. Use app client read/write permissions
// instead.
type SchemaAttributeType struct {
	_ struct{} `type:"structure"`

	// The data format of the values for your attribute. When you choose an AttributeDataType,
	// Amazon Cognito validates the input against the data type. A custom attribute
	// value in your user's ID token is always a string, for example "custom:isMember"
	// : "true" or "custom:YearsAsMember" : "12".
	AttributeDataType *string `type:"string" enum:"AttributeDataType"`

	//
	// You should use WriteAttributes (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UserPoolClientType.html#CognitoUserPools-Type-UserPoolClientType-WriteAttributes)
	// in the user pool client to control how attributes can be mutated for new
	// use cases instead of using DeveloperOnlyAttribute.
	//
	// Specifies whether the attribute type is developer only. This attribute can
	// only be modified by an administrator. Users won't be able to modify this
	// attribute using their access token. For example, DeveloperOnlyAttribute can
	// be modified using AdminUpdateUserAttributes but can't be updated using UpdateUserAttributes.
	DeveloperOnlyAttribute *bool `type:"boolean"`

	// Specifies whether the value of the attribute can be changed.
	//
	// Any user pool attribute whose value you map from an IdP attribute must be
	// mutable, with a parameter value of true. Amazon Cognito updates mapped attributes
	// when users sign in to your application through an IdP. If an attribute is
	// immutable, Amazon Cognito throws an error when it attempts to update the
	// attribute. For more information, see Specifying Identity Provider Attribute
	// Mappings for Your User Pool (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-specifying-attribute-mapping.html).
	Mutable *bool `type:"boolean"`

	// The name of your user pool attribute. When you create or update a user pool,
	// adding a schema attribute creates a custom or developer-only attribute. When
	// you add an attribute with a Name value of MyAttribute, Amazon Cognito creates
	// the custom attribute custom:MyAttribute. When DeveloperOnlyAttribute is true,
	// Amazon Cognito creates your attribute as dev:MyAttribute. In an operation
	// that describes a user pool, Amazon Cognito returns this value as value for
	// standard attributes, custom:value for custom attributes, and dev:value for
	// developer-only attributes..
	Name *string `min:"1" type:"string"`

	// Specifies the constraints for an attribute of the number type.
	NumberAttributeConstraints *NumberAttributeConstraintsType `type:"structure"`

	// Specifies whether a user pool attribute is required. If the attribute is
	// required and the user doesn't provide a value, registration or sign-in will
	// fail.
	Required *bool `type:"boolean"`

	// Specifies the constraints for an attribute of the string type.
	StringAttributeConstraints *StringAttributeConstraintsType `type:"structure"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s SchemaAttributeType) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s SchemaAttributeType) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *SchemaAttributeType) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "SchemaAttributeType"}
	if s.Name != nil && len(*s.Name) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("Name", 1))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetAttributeDataType sets the AttributeDataType field's value.
func (s *SchemaAttributeType) SetAttributeDataType(v string) *SchemaAttributeType {
	s.AttributeDataType = &v
	return s
}

// SetDeveloperOnlyAttribute sets the DeveloperOnlyAttribute field's value.
func (s *SchemaAttributeType) SetDeveloperOnlyAttribute(v bool) *SchemaAttributeType {
	s.DeveloperOnlyAttribute = &v
	return s
}

// SetMutable sets the Mutable field's value.
func (s *SchemaAttributeType) SetMutable(v bool) *SchemaAttributeType {
	s.Mutable = &v
	return s
}

// SetName sets the Name field's value.
func (s *SchemaAttributeType) SetName(v string) *SchemaAttributeType {
	s.Name = &v
	return s
}

// SetNumberAttributeConstraints sets the NumberAttributeConstraints field's value.
func (s *SchemaAttributeType) SetNumberAttributeConstraints(v *NumberAttributeConstraintsType) *SchemaAttributeType {
	s.NumberAttributeConstraints = v
	return s
}

// SetRequired sets the Required field's value.
func (s *SchemaAttributeType) SetRequired(v bool) *SchemaAttributeType {
	s.Required = &v
	return s
}

// SetStringAttributeConstraints sets the StringAttributeConstraints field's value.
func (s *SchemaAttributeType) SetStringAttributeConstraints(v *StringAttributeConstraintsType) *SchemaAttributeType {
	s.StringAttributeConstraints = v
	return s
}

// This exception is thrown when the specified scope doesn't exist.
type ScopeDoesNotExistException struct {
	_            struct{}                  `type:"structure"`
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	Message_ *string `locationName:"message" type:"string"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ScopeDoesNotExistException) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ScopeDoesNotExistException) GoString() string {
	return s.String()
}

func newErrorScopeDoesNotExistException(v protocol.ResponseMetadata) error {
	return &ScopeDoesNotExistException{
		RespMetadata: v,
	}
}

// Code returns the exception type name.
func (s *ScopeDoesNotExistException) Code() string {
	return "ScopeDoesNotExistException"
}

// Message returns the exception's message.
func (s *ScopeDoesNotExistException) Message() string {
	if s.Message_ != nil {
		return *s.Message_
	}
	return ""
}

// OrigErr always returns nil, satisfies awserr.Error interface.
func (s *ScopeDoesNotExistException) OrigErr() error {
	return nil
}

func (s *ScopeDoesNotExistException) Error() string {
	return fmt.Sprintf("%s: %s", s.Code(), s.Message())
}

// Status code returns the HTTP status code for the request's response error.
func (s *ScopeDoesNotExistException) StatusCode() int {
	return s.RespMetadata.StatusCode
}

// RequestID returns the service's response RequestID for request.
func (s *ScopeDoesNotExistException) RequestID() string {
	return s.RespMetadata.RequestID
}

type SetLogDeliveryConfigurationInput struct {
	_ struct{} `type:"structure"`

	// A collection of all of the detailed activity logging configurations for a
	// user pool.
	//
	// LogConfigurations is a required field
	LogConfigurations []*LogConfigurationType `type:"list" required:"true"`

	// The ID of the user pool where you want to configure detailed activity logging .
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s SetLogDeliveryConfigurationInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s SetLogDeliveryConfigurationInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *SetLogDeliveryConfigurationInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "SetLogDeliveryConfigurationInput"}
	if s.LogConfigurations == nil {
		invalidParams.Add(request.NewErrParamRequired("LogConfigurations"))
	}
	if s.UserPoolId == nil {
		invalidParams.Add(request.NewErrParamRequired("UserPoolId"))
	}
	if s.UserPoolId != nil && len(*s.UserPoolId) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("UserPoolId", 1))
	}
	if s.LogConfigurations != nil {
		for i, v := range s.LogConfigurations {
			if v == nil {
				continue
			}
			if err := v.Validate(); err != nil {
				invalidParams.AddNested(fmt.Sprintf("%s[%v]", "LogConfigurations", i), err.(request.ErrInvalidParams))
			}
		}
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetLogConfigurations sets the LogConfigurations field's value.
func (s *SetLogDeliveryConfigurationInput) SetLogConfigurations(v []*LogConfigurationType) *SetLogDeliveryConfigurationInput {
	s.LogConfigurations = v
	return s
}

// SetUserPoolId sets the UserPoolId field's value.
func (s *SetLogDeliveryConfigurationInput) SetUserPoolId(v string) *SetLogDeliveryConfigurationInput {
	s.UserPoolId = &v
	return s
}

type SetLogDeliveryConfigurationOutput struct {
	_ struct{} `type:"structure"`

	// The detailed activity logging configuration that you applied to the requested
	// user pool.
	LogDeliveryConfiguration *LogDeliveryConfigurationType `type:"structure"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s SetLogDeliveryConfigurationOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s SetLogDeliveryConfigurationOutput) GoString() string {
	return s.String()
}

// SetLogDeliveryConfiguration sets the LogDeliveryConfiguration field's value.
func (s *SetLogDeliveryConfigurationOutput) SetLogDeliveryConfiguration(v *LogDeliveryConfigurationType) *SetLogDeliveryConfigurationOutput {
	s.LogDeliveryConfiguration = v
	return s
}

type SetRiskConfigurationInput struct {
	_ struct{} `type:"structure"`

	// The account takeover risk configuration.
	AccountTakeoverRiskConfiguration *AccountTakeoverRiskConfigurationType `type:"structure"`

	// The app client ID. If ClientId is null, then the risk configuration is mapped
	// to userPoolId. When the client ID is null, the same risk configuration is
	// applied to all the clients in the userPool.
	//
	// Otherwise, ClientId is mapped to the client. When the client ID isn't null,
	// the user pool configuration is overridden and the risk configuration for
	// the client is used instead.
	//
	// ClientId is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by SetRiskConfigurationInput's
	// String and GoString methods.
	ClientId *string `min:"1" type:"string" sensitive:"true"`

	// The compromised credentials risk configuration.
	CompromisedCredentialsRiskConfiguration *CompromisedCredentialsRiskConfigurationType `type:"structure"`

	// The configuration to override the risk decision.
	RiskExceptionConfiguration *RiskExceptionConfigurationType `type:"structure"`

	// The user pool ID.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s SetRiskConfigurationInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s SetRiskConfigurationInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *SetRiskConfigurationInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "SetRiskConfigurationInput"}
	if s.ClientId != nil && len(*s.ClientId) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("ClientId", 1))
	}
	if s.UserPoolId == nil {
		invalidParams.Add(request.NewErrParamRequired("UserPoolId"))
	}
	if s.UserPoolId != nil && len(*s.UserPoolId) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("UserPoolId", 1))
	}
	if s.AccountTakeoverRiskConfiguration != nil {
		if err := s.AccountTakeoverRiskConfiguration.Validate(); err != nil {
			invalidParams.AddNested("AccountTakeoverRiskConfiguration", err.(request.ErrInvalidParams))
		}
	}
	if s.CompromisedCredentialsRiskConfiguration != nil {
		if err := s.CompromisedCredentialsRiskConfiguration.Validate(); err != nil {
			invalidParams.AddNested("CompromisedCredentialsRiskConfiguration", err.(request.ErrInvalidParams))
		}
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetAccountTakeoverRiskConfiguration sets the AccountTakeoverRiskConfiguration field's value.
func (s *SetRiskConfigurationInput) SetAccountTakeoverRiskConfiguration(v *AccountTakeoverRiskConfigurationType) *SetRiskConfigurationInput {
	s.AccountTakeoverRiskConfiguration = v
	return s
}

// SetClientId sets the ClientId field's value.
func (s *SetRiskConfigurationInput) SetClientId(v string) *SetRiskConfigurationInput {
	s.ClientId = &v
	return s
}

// SetCompromisedCredentialsRiskConfiguration sets the CompromisedCredentialsRiskConfiguration field's value.
func (s *SetRiskConfigurationInput) SetCompromisedCredentialsRiskConfiguration(v *CompromisedCredentialsRiskConfigurationType) *SetRiskConfigurationInput {
	s.CompromisedCredentialsRiskConfiguration = v
	return s
}

// SetRiskExceptionConfiguration sets the RiskExceptionConfiguration field's value.
func (s *SetRiskConfigurationInput) SetRiskExceptionConfiguration(v *RiskExceptionConfigurationType) *SetRiskConfigurationInput {
	s.RiskExceptionConfiguration = v
	return s
}

// SetUserPoolId sets the UserPoolId field's value.
func (s *SetRiskConfigurationInput) SetUserPoolId(v string) *SetRiskConfigurationInput {
	s.UserPoolId = &v
	return s
}

type SetRiskConfigurationOutput struct {
	_ struct{} `type:"structure"`

	// The risk configuration.
	//
	// RiskConfiguration is a required field
	RiskConfiguration *RiskConfigurationType `type:"structure" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s SetRiskConfigurationOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s SetRiskConfigurationOutput) GoString() string {
	return s.String()
}

// SetRiskConfiguration sets the RiskConfiguration field's value.
func (s *SetRiskConfigurationOutput) SetRiskConfiguration(v *RiskConfigurationType) *SetRiskConfigurationOutput {
	s.RiskConfiguration = v
	return s
}

type SetUICustomizationInput struct {
	_ struct{} `type:"structure"`

	// The CSS values in the UI customization.
	CSS *string `type:"string"`

	// The client ID for the client app.
	//
	// ClientId is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by SetUICustomizationInput's
	// String and GoString methods.
	ClientId *string `min:"1" type:"string" sensitive:"true"`

	// The uploaded logo image for the UI customization.
	// ImageFile is automatically base64 encoded/decoded by the SDK.
	ImageFile []byte `type:"blob"`

	// The user pool ID for the user pool.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s SetUICustomizationInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s SetUICustomizationInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *SetUICustomizationInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "SetUICustomizationInput"}
	if s.ClientId != nil && len(*s.ClientId) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("ClientId", 1))
	}
	if s.UserPoolId == nil {
		invalidParams.Add(request.NewErrParamRequired("UserPoolId"))
	}
	if s.UserPoolId != nil && len(*s.UserPoolId) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("UserPoolId", 1))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetCSS sets the CSS field's value.
func (s *SetUICustomizationInput) SetCSS(v string) *SetUICustomizationInput {
	s.CSS = &v
	return s
}

// SetClientId sets the ClientId field's value.
func (s *SetUICustomizationInput) SetClientId(v string) *SetUICustomizationInput {
	s.ClientId = &v
	return s
}

// SetImageFile sets the ImageFile field's value.
func (s *SetUICustomizationInput) SetImageFile(v []byte) *SetUICustomizationInput {
	s.ImageFile = v
	return s
}

// SetUserPoolId sets the UserPoolId field's value.
func (s *SetUICustomizationInput) SetUserPoolId(v string) *SetUICustomizationInput {
	s.UserPoolId = &v
	return s
}

type SetUICustomizationOutput struct {
	_ struct{} `type:"structure"`

	// The UI customization information.
	//
	// UICustomization is a required field
	UICustomization *UICustomizationType `type:"structure" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s SetUICustomizationOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s SetUICustomizationOutput) GoString() string {
	return s.String()
}

// SetUICustomization sets the UICustomization field's value.
func (s *SetUICustomizationOutput) SetUICustomization(v *UICustomizationType) *SetUICustomizationOutput {
	s.UICustomization = v
	return s
}

type SetUserMFAPreferenceInput struct {
	_ struct{} `type:"structure"`

	// A valid access token that Amazon Cognito issued to the user whose MFA preference
	// you want to set.
	//
	// AccessToken is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by SetUserMFAPreferenceInput's
	// String and GoString methods.
	//
	// AccessToken is a required field
	AccessToken *string `type:"string" required:"true" sensitive:"true"`

	// The SMS text message multi-factor authentication (MFA) settings.
	SMSMfaSettings *SMSMfaSettingsType `type:"structure"`

	// The time-based one-time password (TOTP) software token MFA settings.
	SoftwareTokenMfaSettings *SoftwareTokenMfaSettingsType `type:"structure"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s SetUserMFAPreferenceInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s SetUserMFAPreferenceInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *SetUserMFAPreferenceInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "SetUserMFAPreferenceInput"}
	if s.AccessToken == nil {
		invalidParams.Add(request.NewErrParamRequired("AccessToken"))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetAccessToken sets the AccessToken field's value.
func (s *SetUserMFAPreferenceInput) SetAccessToken(v string) *SetUserMFAPreferenceInput {
	s.AccessToken = &v
	return s
}

// SetSMSMfaSettings sets the SMSMfaSettings field's value.
func (s *SetUserMFAPreferenceInput) SetSMSMfaSettings(v *SMSMfaSettingsType) *SetUserMFAPreferenceInput {
	s.SMSMfaSettings = v
	return s
}

// SetSoftwareTokenMfaSettings sets the SoftwareTokenMfaSettings field's value.
func (s *SetUserMFAPreferenceInput) SetSoftwareTokenMfaSettings(v *SoftwareTokenMfaSettingsType) *SetUserMFAPreferenceInput {
	s.SoftwareTokenMfaSettings = v
	return s
}

type SetUserMFAPreferenceOutput struct {
	_ struct{} `type:"structure"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s SetUserMFAPreferenceOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s SetUserMFAPreferenceOutput) GoString() string {
	return s.String()
}

type SetUserPoolMfaConfigInput struct {
	_ struct{} `type:"structure"`

	// The MFA configuration. If you set the MfaConfiguration value to ‘ON’,
	// only users who have set up an MFA factor can sign in. To learn more, see
	// Adding Multi-Factor Authentication (MFA) to a user pool (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-mfa.html).
	// Valid values include:
	//
	//    * OFF MFA won't be used for any users.
	//
	//    * ON MFA is required for all users to sign in.
	//
	//    * OPTIONAL MFA will be required only for individual users who have an
	//    MFA factor activated.
	MfaConfiguration *string `type:"string" enum:"UserPoolMfaType"`

	// The SMS text message MFA configuration.
	SmsMfaConfiguration *SmsMfaConfigType `type:"structure"`

	// The software token MFA configuration.
	SoftwareTokenMfaConfiguration *SoftwareTokenMfaConfigType `type:"structure"`

	// The user pool ID.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s SetUserPoolMfaConfigInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s SetUserPoolMfaConfigInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *SetUserPoolMfaConfigInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "SetUserPoolMfaConfigInput"}
	if s.UserPoolId == nil {
		invalidParams.Add(request.NewErrParamRequired("UserPoolId"))
	}
	if s.UserPoolId != nil && len(*s.UserPoolId) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("UserPoolId", 1))
	}
	if s.SmsMfaConfiguration != nil {
		if err := s.SmsMfaConfiguration.Validate(); err != nil {
			invalidParams.AddNested("SmsMfaConfiguration", err.(request.ErrInvalidParams))
		}
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetMfaConfiguration sets the MfaConfiguration field's value.
func (s *SetUserPoolMfaConfigInput) SetMfaConfiguration(v string) *SetUserPoolMfaConfigInput {
	s.MfaConfiguration = &v
	return s
}

// SetSmsMfaConfiguration sets the SmsMfaConfiguration field's value.
func (s *SetUserPoolMfaConfigInput) SetSmsMfaConfiguration(v *SmsMfaConfigType) *SetUserPoolMfaConfigInput {
	s.SmsMfaConfiguration = v
	return s
}

// SetSoftwareTokenMfaConfiguration sets the SoftwareTokenMfaConfiguration field's value.
func (s *SetUserPoolMfaConfigInput) SetSoftwareTokenMfaConfiguration(v *SoftwareTokenMfaConfigType) *SetUserPoolMfaConfigInput {
	s.SoftwareTokenMfaConfiguration = v
	return s
}

// SetUserPoolId sets the UserPoolId field's value.
func (s *SetUserPoolMfaConfigInput) SetUserPoolId(v string) *SetUserPoolMfaConfigInput {
	s.UserPoolId = &v
	return s
}

type SetUserPoolMfaConfigOutput struct {
	_ struct{} `type:"structure"`

	// The MFA configuration. Valid values include:
	//
	//    * OFF MFA won't be used for any users.
	//
	//    * ON MFA is required for all users to sign in.
	//
	//    * OPTIONAL MFA will be required only for individual users who have an
	//    MFA factor enabled.
	MfaConfiguration *string `type:"string" enum:"UserPoolMfaType"`

	// The SMS text message MFA configuration.
	SmsMfaConfiguration *SmsMfaConfigType `type:"structure"`

	// The software token MFA configuration.
	SoftwareTokenMfaConfiguration *SoftwareTokenMfaConfigType `type:"structure"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s SetUserPoolMfaConfigOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s SetUserPoolMfaConfigOutput) GoString() string {
	return s.String()
}

// SetMfaConfiguration sets the MfaConfiguration field's value.
func (s *SetUserPoolMfaConfigOutput) SetMfaConfiguration(v string) *SetUserPoolMfaConfigOutput {
	s.MfaConfiguration = &v
	return s
}

// SetSmsMfaConfiguration sets the SmsMfaConfiguration field's value.
func (s *SetUserPoolMfaConfigOutput) SetSmsMfaConfiguration(v *SmsMfaConfigType) *SetUserPoolMfaConfigOutput {
	s.SmsMfaConfiguration = v
	return s
}

// SetSoftwareTokenMfaConfiguration sets the SoftwareTokenMfaConfiguration field's value.
func (s *SetUserPoolMfaConfigOutput) SetSoftwareTokenMfaConfiguration(v *SoftwareTokenMfaConfigType) *SetUserPoolMfaConfigOutput {
	s.SoftwareTokenMfaConfiguration = v
	return s
}

// Represents the request to set user settings.
type SetUserSettingsInput struct {
	_ struct{} `type:"structure"`

	// A valid access token that Amazon Cognito issued to the user whose user settings
	// you want to configure.
	//
	// AccessToken is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by SetUserSettingsInput's
	// String and GoString methods.
	//
	// AccessToken is a required field
	AccessToken *string `type:"string" required:"true" sensitive:"true"`

	// You can use this parameter only to set an SMS configuration that uses SMS
	// for delivery.
	//
	// MFAOptions is a required field
	MFAOptions []*MFAOptionType `type:"list" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s SetUserSettingsInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s SetUserSettingsInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *SetUserSettingsInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "SetUserSettingsInput"}
	if s.AccessToken == nil {
		invalidParams.Add(request.NewErrParamRequired("AccessToken"))
	}
	if s.MFAOptions == nil {
		invalidParams.Add(request.NewErrParamRequired("MFAOptions"))
	}
	if s.MFAOptions != nil {
		for i, v := range s.MFAOptions {
			if v == nil {
				continue
			}
			if err := v.Validate(); err != nil {
				invalidParams.AddNested(fmt.Sprintf("%s[%v]", "MFAOptions", i), err.(request.ErrInvalidParams))
			}
		}
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetAccessToken sets the AccessToken field's value.
func (s *SetUserSettingsInput) SetAccessToken(v string) *SetUserSettingsInput {
	s.AccessToken = &v
	return s
}

// SetMFAOptions sets the MFAOptions field's value.
func (s *SetUserSettingsInput) SetMFAOptions(v []*MFAOptionType) *SetUserSettingsInput {
	s.MFAOptions = v
	return s
}

// The response from the server for a set user settings request.
type SetUserSettingsOutput struct {
	_ struct{} `type:"structure"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s SetUserSettingsOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s SetUserSettingsOutput) GoString() string {
	return s.String()
}

// Represents the request to register a user.
type SignUpInput struct {
	_ struct{} `type:"structure"`

	// The Amazon Pinpoint analytics metadata that contributes to your metrics for
	// SignUp calls.
	AnalyticsMetadata *AnalyticsMetadataType `type:"structure"`

	// The ID of the client associated with the user pool.
	//
	// ClientId is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by SignUpInput's
	// String and GoString methods.
	//
	// ClientId is a required field
	ClientId *string `min:"1" type:"string" required:"true" sensitive:"true"`

	// A map of custom key-value pairs that you can provide as input for any custom
	// workflows that this action triggers.
	//
	// You create custom workflows by assigning Lambda functions to user pool triggers.
	// When you use the SignUp API action, Amazon Cognito invokes any functions
	// that are assigned to the following triggers: pre sign-up, custom message,
	// and post confirmation. When Amazon Cognito invokes any of these functions,
	// it passes a JSON payload, which the function receives as input. This payload
	// contains a clientMetadata attribute, which provides the data that you assigned
	// to the ClientMetadata parameter in your SignUp request. In your function
	// code in Lambda, you can process the clientMetadata value to enhance your
	// workflow for your specific needs.
	//
	// For more information, see Customizing user pool Workflows with Lambda Triggers
	// (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools-working-with-aws-lambda-triggers.html)
	// in the Amazon Cognito Developer Guide.
	//
	// When you use the ClientMetadata parameter, remember that Amazon Cognito won't
	// do the following:
	//
	//    * Store the ClientMetadata value. This data is available only to Lambda
	//    triggers that are assigned to a user pool to support custom workflows.
	//    If your user pool configuration doesn't include triggers, the ClientMetadata
	//    parameter serves no purpose.
	//
	//    * Validate the ClientMetadata value.
	//
	//    * Encrypt the ClientMetadata value. Don't use Amazon Cognito to provide
	//    sensitive information.
	ClientMetadata map[string]*string `type:"map"`

	// The password of the user you want to register.
	//
	// Password is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by SignUpInput's
	// String and GoString methods.
	//
	// Password is a required field
	Password *string `type:"string" required:"true" sensitive:"true"`

	// A keyed-hash message authentication code (HMAC) calculated using the secret
	// key of a user pool client and username plus the client ID in the message.
	//
	// SecretHash is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by SignUpInput's
	// String and GoString methods.
	SecretHash *string `min:"1" type:"string" sensitive:"true"`

	// An array of name-value pairs representing user attributes.
	//
	// For custom attributes, you must prepend the custom: prefix to the attribute
	// name.
	UserAttributes []*AttributeType `type:"list"`

	// Contextual data about your user session, such as the device fingerprint,
	// IP address, or location. Amazon Cognito advanced security evaluates the risk
	// of an authentication event based on the context that your app generates and
	// passes to Amazon Cognito when it makes API requests.
	//
	// UserContextData is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by SignUpInput's
	// String and GoString methods.
	UserContextData *UserContextDataType `type:"structure" sensitive:"true"`

	// The username of the user that you want to sign up. The value of this parameter
	// is typically a username, but can be any alias attribute in your user pool.
	//
	// Username is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by SignUpInput's
	// String and GoString methods.
	//
	// Username is a required field
	Username *string `min:"1" type:"string" required:"true" sensitive:"true"`

	// Temporary user attributes that contribute to the outcomes of your pre sign-up
	// Lambda trigger. This set of key-value pairs are for custom validation of
	// information that you collect from your users but don't need to retain.
	//
	// Your Lambda function can analyze this additional data and act on it. Your
	// function might perform external API operations like logging user attributes
	// and validation data to Amazon CloudWatch Logs. Validation data might also
	// affect the response that your function returns to Amazon Cognito, like automatically
	// confirming the user if they sign up from within your network.
	//
	// For more information about the pre sign-up Lambda trigger, see Pre sign-up
	// Lambda trigger (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-pre-sign-up.html).
	ValidationData []*AttributeType `type:"list"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s SignUpInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s SignUpInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *SignUpInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "SignUpInput"}
	if s.ClientId == nil {
		invalidParams.Add(request.NewErrParamRequired("ClientId"))
	}
	if s.ClientId != nil && len(*s.ClientId) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("ClientId", 1))
	}
	if s.Password == nil {
		invalidParams.Add(request.NewErrParamRequired("Password"))
	}
	if s.SecretHash != nil && len(*s.SecretHash) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("SecretHash", 1))
	}
	if s.Username == nil {
		invalidParams.Add(request.NewErrParamRequired("Username"))
	}
	if s.Username != nil && len(*s.Username) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("Username", 1))
	}
	if s.UserAttributes != nil {
		for i, v := range s.UserAttributes {
			if v == nil {
				continue
			}
			if err := v.Validate(); err != nil {
				invalidParams.AddNested(fmt.Sprintf("%s[%v]", "UserAttributes", i), err.(request.ErrInvalidParams))
			}
		}
	}
	if s.ValidationData != nil {
		for i, v := range s.ValidationData {
			if v == nil {
				continue
			}
			if err := v.Validate(); err != nil {
				invalidParams.AddNested(fmt.Sprintf("%s[%v]", "ValidationData", i), err.(request.ErrInvalidParams))
			}
		}
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetAnalyticsMetadata sets the AnalyticsMetadata field's value.
func (s *SignUpInput) SetAnalyticsMetadata(v *AnalyticsMetadataType) *SignUpInput {
	s.AnalyticsMetadata = v
	return s
}

// SetClientId sets the ClientId field's value.
func (s *SignUpInput) SetClientId(v string) *SignUpInput {
	s.ClientId = &v
	return s
}

// SetClientMetadata sets the ClientMetadata field's value.
func (s *SignUpInput) SetClientMetadata(v map[string]*string) *SignUpInput {
	s.ClientMetadata = v
	return s
}

// SetPassword sets the Password field's value.
func (s *SignUpInput) SetPassword(v string) *SignUpInput {
	s.Password = &v
	return s
}

// SetSecretHash sets the SecretHash field's value.
func (s *SignUpInput) SetSecretHash(v string) *SignUpInput {
	s.SecretHash = &v
	return s
}

// SetUserAttributes sets the UserAttributes field's value.
func (s *SignUpInput) SetUserAttributes(v []*AttributeType) *SignUpInput {
	s.UserAttributes = v
	return s
}

// SetUserContextData sets the UserContextData field's value.
func (s *SignUpInput) SetUserContextData(v *UserContextDataType) *SignUpInput {
	s.UserContextData = v
	return s
}

// SetUsername sets the Username field's value.
func (s *SignUpInput) SetUsername(v string) *SignUpInput {
	s.Username = &v
	return s
}

// SetValidationData sets the ValidationData field's value.
func (s *SignUpInput) SetValidationData(v []*AttributeType) *SignUpInput {
	s.ValidationData = v
	return s
}

// The response from the server for a registration request.
type SignUpOutput struct {
	_ struct{} `type:"structure"`

	// The code delivery details returned by the server response to the user registration
	// request.
	CodeDeliveryDetails *CodeDeliveryDetailsType `type:"structure"`

	// A response from the server indicating that a user registration has been confirmed.
	//
	// UserConfirmed is a required field
	UserConfirmed *bool `type:"boolean" required:"true"`

	// The UUID of the authenticated user. This isn't the same as username.
	//
	// UserSub is a required field
	UserSub *string `type:"string" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s SignUpOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s SignUpOutput) GoString() string {
	return s.String()
}

// SetCodeDeliveryDetails sets the CodeDeliveryDetails field's value.
func (s *SignUpOutput) SetCodeDeliveryDetails(v *CodeDeliveryDetailsType) *SignUpOutput {
	s.CodeDeliveryDetails = v
	return s
}

// SetUserConfirmed sets the UserConfirmed field's value.
func (s *SignUpOutput) SetUserConfirmed(v bool) *SignUpOutput {
	s.UserConfirmed = &v
	return s
}

// SetUserSub sets the UserSub field's value.
func (s *SignUpOutput) SetUserSub(v string) *SignUpOutput {
	s.UserSub = &v
	return s
}

// The SMS configuration type is the settings that your Amazon Cognito user
// pool must use to send an SMS message from your Amazon Web Services account
// through Amazon Simple Notification Service. To send SMS messages with Amazon
// SNS in the Amazon Web Services Region that you want, the Amazon Cognito user
// pool uses an Identity and Access Management (IAM) role in your Amazon Web
// Services account.
type SmsConfigurationType struct {
	_ struct{} `type:"structure"`

	// The external ID provides additional security for your IAM role. You can use
	// an ExternalId with the IAM role that you use with Amazon SNS to send SMS
	// messages for your user pool. If you provide an ExternalId, your Amazon Cognito
	// user pool includes it in the request to assume your IAM role. You can configure
	// the role trust policy to require that Amazon Cognito, and any principal,
	// provide the ExternalID. If you use the Amazon Cognito Management Console
	// to create a role for SMS multi-factor authentication (MFA), Amazon Cognito
	// creates a role with the required permissions and a trust policy that demonstrates
	// use of the ExternalId.
	//
	// For more information about the ExternalId of a role, see How to use an external
	// ID when granting access to your Amazon Web Services resources to a third
	// party (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_create_for-user_externalid.html)
	ExternalId *string `type:"string"`

	// The Amazon Resource Name (ARN) of the Amazon SNS caller. This is the ARN
	// of the IAM role in your Amazon Web Services account that Amazon Cognito will
	// use to send SMS messages. SMS messages are subject to a spending limit (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-email-phone-verification.html).
	//
	// SnsCallerArn is a required field
	SnsCallerArn *string `min:"20" type:"string" required:"true"`

	// The Amazon Web Services Region to use with Amazon SNS integration. You can
	// choose the same Region as your user pool, or a supported Legacy Amazon SNS
	// alternate Region.
	//
	// Amazon Cognito resources in the Asia Pacific (Seoul) Amazon Web Services
	// Region must use your Amazon SNS configuration in the Asia Pacific (Tokyo)
	// Region. For more information, see SMS message settings for Amazon Cognito
	// user pools (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-sms-settings.html).
	SnsRegion *string `min:"5" type:"string"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s SmsConfigurationType) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s SmsConfigurationType) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *SmsConfigurationType) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "SmsConfigurationType"}
	if s.SnsCallerArn == nil {
		invalidParams.Add(request.NewErrParamRequired("SnsCallerArn"))
	}
	if s.SnsCallerArn != nil && len(*s.SnsCallerArn) < 20 {
		invalidParams.Add(request.NewErrParamMinLen("SnsCallerArn", 20))
	}
	if s.SnsRegion != nil && len(*s.SnsRegion) < 5 {
		invalidParams.Add(request.NewErrParamMinLen("SnsRegion", 5))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetExternalId sets the ExternalId field's value.
func (s *SmsConfigurationType) SetExternalId(v string) *SmsConfigurationType {
	s.ExternalId = &v
	return s
}

// SetSnsCallerArn sets the SnsCallerArn field's value.
func (s *SmsConfigurationType) SetSnsCallerArn(v string) *SmsConfigurationType {
	s.SnsCallerArn = &v
	return s
}

// SetSnsRegion sets the SnsRegion field's value.
func (s *SmsConfigurationType) SetSnsRegion(v string) *SmsConfigurationType {
	s.SnsRegion = &v
	return s
}

// The SMS text message multi-factor authentication (MFA) configuration type.
type SmsMfaConfigType struct {
	_ struct{} `type:"structure"`

	// The SMS authentication message that will be sent to users with the code they
	// must sign in. The message must contain the ‘{####}’ placeholder, which
	// is replaced with the code. If the message isn't included, and default message
	// will be used.
	SmsAuthenticationMessage *string `min:"6" type:"string"`

	// The SMS configuration with the settings that your Amazon Cognito user pool
	// must use to send an SMS message from your Amazon Web Services account through
	// Amazon Simple Notification Service. To request Amazon SNS in the Amazon Web
	// Services Region that you want, the Amazon Cognito user pool uses an Identity
	// and Access Management (IAM) role that you provide for your Amazon Web Services
	// account.
	SmsConfiguration *SmsConfigurationType `type:"structure"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s SmsMfaConfigType) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s SmsMfaConfigType) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *SmsMfaConfigType) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "SmsMfaConfigType"}
	if s.SmsAuthenticationMessage != nil && len(*s.SmsAuthenticationMessage) < 6 {
		invalidParams.Add(request.NewErrParamMinLen("SmsAuthenticationMessage", 6))
	}
	if s.SmsConfiguration != nil {
		if err := s.SmsConfiguration.Validate(); err != nil {
			invalidParams.AddNested("SmsConfiguration", err.(request.ErrInvalidParams))
		}
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetSmsAuthenticationMessage sets the SmsAuthenticationMessage field's value.
func (s *SmsMfaConfigType) SetSmsAuthenticationMessage(v string) *SmsMfaConfigType {
	s.SmsAuthenticationMessage = &v
	return s
}

// SetSmsConfiguration sets the SmsConfiguration field's value.
func (s *SmsMfaConfigType) SetSmsConfiguration(v *SmsConfigurationType) *SmsMfaConfigType {
	s.SmsConfiguration = v
	return s
}

// This exception is thrown when the software token time-based one-time password
// (TOTP) multi-factor authentication (MFA) isn't activated for the user pool.
type SoftwareTokenMFANotFoundException struct {
	_            struct{}                  `type:"structure"`
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	Message_ *string `locationName:"message" type:"string"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s SoftwareTokenMFANotFoundException) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s SoftwareTokenMFANotFoundException) GoString() string {
	return s.String()
}

func newErrorSoftwareTokenMFANotFoundException(v protocol.ResponseMetadata) error {
	return &SoftwareTokenMFANotFoundException{
		RespMetadata: v,
	}
}

// Code returns the exception type name.
func (s *SoftwareTokenMFANotFoundException) Code() string {
	return "SoftwareTokenMFANotFoundException"
}

// Message returns the exception's message.
func (s *SoftwareTokenMFANotFoundException) Message() string {
	if s.Message_ != nil {
		return *s.Message_
	}
	return ""
}

// OrigErr always returns nil, satisfies awserr.Error interface.
func (s *SoftwareTokenMFANotFoundException) OrigErr() error {
	return nil
}

func (s *SoftwareTokenMFANotFoundException) Error() string {
	return fmt.Sprintf("%s: %s", s.Code(), s.Message())
}

// Status code returns the HTTP status code for the request's response error.
func (s *SoftwareTokenMFANotFoundException) StatusCode() int {
	return s.RespMetadata.StatusCode
}

// RequestID returns the service's response RequestID for request.
func (s *SoftwareTokenMFANotFoundException) RequestID() string {
	return s.RespMetadata.RequestID
}

// The type used for enabling software token MFA at the user pool level.
type SoftwareTokenMfaConfigType struct {
	_ struct{} `type:"structure"`

	// Specifies whether software token MFA is activated.
	Enabled *bool `type:"boolean"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s SoftwareTokenMfaConfigType) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s SoftwareTokenMfaConfigType) GoString() string {
	return s.String()
}

// SetEnabled sets the Enabled field's value.
func (s *SoftwareTokenMfaConfigType) SetEnabled(v bool) *SoftwareTokenMfaConfigType {
	s.Enabled = &v
	return s
}

// The type used for enabling software token MFA at the user level. If an MFA
// type is activated for a user, the user will be prompted for MFA during all
// sign-in attempts, unless device tracking is turned on and the device has
// been trusted. If you want MFA to be applied selectively based on the assessed
// risk level of sign-in attempts, deactivate MFA for users and turn on Adaptive
// Authentication for the user pool.
type SoftwareTokenMfaSettingsType struct {
	_ struct{} `type:"structure"`

	// Specifies whether software token MFA is activated. If an MFA type is activated
	// for a user, the user will be prompted for MFA during all sign-in attempts,
	// unless device tracking is turned on and the device has been trusted.
	Enabled *bool `type:"boolean"`

	// Specifies whether software token MFA is the preferred MFA method.
	PreferredMfa *bool `type:"boolean"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s SoftwareTokenMfaSettingsType) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s SoftwareTokenMfaSettingsType) GoString() string {
	return s.String()
}

// SetEnabled sets the Enabled field's value.
func (s *SoftwareTokenMfaSettingsType) SetEnabled(v bool) *SoftwareTokenMfaSettingsType {
	s.Enabled = &v
	return s
}

// SetPreferredMfa sets the PreferredMfa field's value.
func (s *SoftwareTokenMfaSettingsType) SetPreferredMfa(v bool) *SoftwareTokenMfaSettingsType {
	s.PreferredMfa = &v
	return s
}

// Represents the request to start the user import job.
type StartUserImportJobInput struct {
	_ struct{} `type:"structure"`

	// The job ID for the user import job.
	//
	// JobId is a required field
	JobId *string `min:"1" type:"string" required:"true"`

	// The user pool ID for the user pool that the users are being imported into.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s StartUserImportJobInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s StartUserImportJobInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *StartUserImportJobInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "StartUserImportJobInput"}
	if s.JobId == nil {
		invalidParams.Add(request.NewErrParamRequired("JobId"))
	}
	if s.JobId != nil && len(*s.JobId) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("JobId", 1))
	}
	if s.UserPoolId == nil {
		invalidParams.Add(request.NewErrParamRequired("UserPoolId"))
	}
	if s.UserPoolId != nil && len(*s.UserPoolId) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("UserPoolId", 1))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetJobId sets the JobId field's value.
func (s *StartUserImportJobInput) SetJobId(v string) *StartUserImportJobInput {
	s.JobId = &v
	return s
}

// SetUserPoolId sets the UserPoolId field's value.
func (s *StartUserImportJobInput) SetUserPoolId(v string) *StartUserImportJobInput {
	s.UserPoolId = &v
	return s
}

// Represents the response from the server to the request to start the user
// import job.
type StartUserImportJobOutput struct {
	_ struct{} `type:"structure"`

	// The job object that represents the user import job.
	UserImportJob *UserImportJobType `type:"structure"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s StartUserImportJobOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s StartUserImportJobOutput) GoString() string {
	return s.String()
}

// SetUserImportJob sets the UserImportJob field's value.
func (s *StartUserImportJobOutput) SetUserImportJob(v *UserImportJobType) *StartUserImportJobOutput {
	s.UserImportJob = v
	return s
}

// Represents the request to stop the user import job.
type StopUserImportJobInput struct {
	_ struct{} `type:"structure"`

	// The job ID for the user import job.
	//
	// JobId is a required field
	JobId *string `min:"1" type:"string" required:"true"`

	// The user pool ID for the user pool that the users are being imported into.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s StopUserImportJobInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s StopUserImportJobInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *StopUserImportJobInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "StopUserImportJobInput"}
	if s.JobId == nil {
		invalidParams.Add(request.NewErrParamRequired("JobId"))
	}
	if s.JobId != nil && len(*s.JobId) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("JobId", 1))
	}
	if s.UserPoolId == nil {
		invalidParams.Add(request.NewErrParamRequired("UserPoolId"))
	}
	if s.UserPoolId != nil && len(*s.UserPoolId) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("UserPoolId", 1))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetJobId sets the JobId field's value.
func (s *StopUserImportJobInput) SetJobId(v string) *StopUserImportJobInput {
	s.JobId = &v
	return s
}

// SetUserPoolId sets the UserPoolId field's value.
func (s *StopUserImportJobInput) SetUserPoolId(v string) *StopUserImportJobInput {
	s.UserPoolId = &v
	return s
}

// Represents the response from the server to the request to stop the user import
// job.
type StopUserImportJobOutput struct {
	_ struct{} `type:"structure"`

	// The job object that represents the user import job.
	UserImportJob *UserImportJobType `type:"structure"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s StopUserImportJobOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s StopUserImportJobOutput) GoString() string {
	return s.String()
}

// SetUserImportJob sets the UserImportJob field's value.
func (s *StopUserImportJobOutput) SetUserImportJob(v *UserImportJobType) *StopUserImportJobOutput {
	s.UserImportJob = v
	return s
}

// The constraints associated with a string attribute.
type StringAttributeConstraintsType struct {
	_ struct{} `type:"structure"`

	// The maximum length.
	MaxLength *string `type:"string"`

	// The minimum length.
	MinLength *string `type:"string"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s StringAttributeConstraintsType) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s StringAttributeConstraintsType) GoString() string {
	return s.String()
}

// SetMaxLength sets the MaxLength field's value.
func (s *StringAttributeConstraintsType) SetMaxLength(v string) *StringAttributeConstraintsType {
	s.MaxLength = &v
	return s
}

// SetMinLength sets the MinLength field's value.
func (s *StringAttributeConstraintsType) SetMinLength(v string) *StringAttributeConstraintsType {
	s.MinLength = &v
	return s
}

type TagResourceInput struct {
	_ struct{} `type:"structure"`

	// The Amazon Resource Name (ARN) of the user pool to assign the tags to.
	//
	// ResourceArn is a required field
	ResourceArn *string `min:"20" type:"string" required:"true"`

	// The tags to assign to the user pool.
	//
	// Tags is a required field
	Tags map[string]*string `type:"map" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s TagResourceInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s TagResourceInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *TagResourceInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "TagResourceInput"}
	if s.ResourceArn == nil {
		invalidParams.Add(request.NewErrParamRequired("ResourceArn"))
	}
	if s.ResourceArn != nil && len(*s.ResourceArn) < 20 {
		invalidParams.Add(request.NewErrParamMinLen("ResourceArn", 20))
	}
	if s.Tags == nil {
		invalidParams.Add(request.NewErrParamRequired("Tags"))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetResourceArn sets the ResourceArn field's value.
func (s *TagResourceInput) SetResourceArn(v string) *TagResourceInput {
	s.ResourceArn = &v
	return s
}

// SetTags sets the Tags field's value.
func (s *TagResourceInput) SetTags(v map[string]*string) *TagResourceInput {
	s.Tags = v
	return s
}

type TagResourceOutput struct {
	_ struct{} `type:"structure"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s TagResourceOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s TagResourceOutput) GoString() string {
	return s.String()
}

// The data type TokenValidityUnits specifies the time units you use when you
// set the duration of ID, access, and refresh tokens.
type TokenValidityUnitsType struct {
	_ struct{} `type:"structure"`

	// A time unit of seconds, minutes, hours, or days for the value that you set
	// in the AccessTokenValidity parameter. The default AccessTokenValidity time
	// unit is hours. AccessTokenValidity duration can range from five minutes to
	// one day.
	AccessToken *string `type:"string" enum:"TimeUnitsType"`

	// A time unit of seconds, minutes, hours, or days for the value that you set
	// in the IdTokenValidity parameter. The default IdTokenValidity time unit is
	// hours. IdTokenValidity duration can range from five minutes to one day.
	IdToken *string `type:"string" enum:"TimeUnitsType"`

	// A time unit of seconds, minutes, hours, or days for the value that you set
	// in the RefreshTokenValidity parameter. The default RefreshTokenValidity time
	// unit is days. RefreshTokenValidity duration can range from 60 minutes to
	// 10 years.
	RefreshToken *string `type:"string" enum:"TimeUnitsType"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s TokenValidityUnitsType) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s TokenValidityUnitsType) GoString() string {
	return s.String()
}

// SetAccessToken sets the AccessToken field's value.
func (s *TokenValidityUnitsType) SetAccessToken(v string) *TokenValidityUnitsType {
	s.AccessToken = &v
	return s
}

// SetIdToken sets the IdToken field's value.
func (s *TokenValidityUnitsType) SetIdToken(v string) *TokenValidityUnitsType {
	s.IdToken = &v
	return s
}

// SetRefreshToken sets the RefreshToken field's value.
func (s *TokenValidityUnitsType) SetRefreshToken(v string) *TokenValidityUnitsType {
	s.RefreshToken = &v
	return s
}

// This exception is thrown when the user has made too many failed attempts
// for a given action, such as sign-in.
type TooManyFailedAttemptsException struct {
	_            struct{}                  `type:"structure"`
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	// The message returned when Amazon Cognito returns a TooManyFailedAttempts
	// exception.
	Message_ *string `locationName:"message" type:"string"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s TooManyFailedAttemptsException) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s TooManyFailedAttemptsException) GoString() string {
	return s.String()
}

func newErrorTooManyFailedAttemptsException(v protocol.ResponseMetadata) error {
	return &TooManyFailedAttemptsException{
		RespMetadata: v,
	}
}

// Code returns the exception type name.
func (s *TooManyFailedAttemptsException) Code() string {
	return "TooManyFailedAttemptsException"
}

// Message returns the exception's message.
func (s *TooManyFailedAttemptsException) Message() string {
	if s.Message_ != nil {
		return *s.Message_
	}
	return ""
}

// OrigErr always returns nil, satisfies awserr.Error interface.
func (s *TooManyFailedAttemptsException) OrigErr() error {
	return nil
}

func (s *TooManyFailedAttemptsException) Error() string {
	return fmt.Sprintf("%s: %s", s.Code(), s.Message())
}

// Status code returns the HTTP status code for the request's response error.
func (s *TooManyFailedAttemptsException) StatusCode() int {
	return s.RespMetadata.StatusCode
}

// RequestID returns the service's response RequestID for request.
func (s *TooManyFailedAttemptsException) RequestID() string {
	return s.RespMetadata.RequestID
}

// This exception is thrown when the user has made too many requests for a given
// operation.
type TooManyRequestsException struct {
	_            struct{}                  `type:"structure"`
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	// The message returned when the Amazon Cognito service returns a too many requests
	// exception.
	Message_ *string `locationName:"message" type:"string"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s TooManyRequestsException) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s TooManyRequestsException) GoString() string {
	return s.String()
}

func newErrorTooManyRequestsException(v protocol.ResponseMetadata) error {
	return &TooManyRequestsException{
		RespMetadata: v,
	}
}

// Code returns the exception type name.
func (s *TooManyRequestsException) Code() string {
	return "TooManyRequestsException"
}

// Message returns the exception's message.
func (s *TooManyRequestsException) Message() string {
	if s.Message_ != nil {
		return *s.Message_
	}
	return ""
}

// OrigErr always returns nil, satisfies awserr.Error interface.
func (s *TooManyRequestsException) OrigErr() error {
	return nil
}

func (s *TooManyRequestsException) Error() string {
	return fmt.Sprintf("%s: %s", s.Code(), s.Message())
}

// Status code returns the HTTP status code for the request's response error.
func (s *TooManyRequestsException) StatusCode() int {
	return s.RespMetadata.StatusCode
}

// RequestID returns the service's response RequestID for request.
func (s *TooManyRequestsException) RequestID() string {
	return s.RespMetadata.RequestID
}

// A container for the UI customization information for a user pool's built-in
// app UI.
type UICustomizationType struct {
	_ struct{} `type:"structure"`

	// The CSS values in the UI customization.
	CSS *string `type:"string"`

	// The CSS version number.
	CSSVersion *string `type:"string"`

	// The client ID for the client app.
	//
	// ClientId is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by UICustomizationType's
	// String and GoString methods.
	ClientId *string `min:"1" type:"string" sensitive:"true"`

	// The date and time, in ISO 8601 (https://www.iso.org/iso-8601-date-and-time-format.html)
	// format, when the item was created.
	CreationDate *time.Time `type:"timestamp"`

	// The logo image for the UI customization.
	ImageUrl *string `type:"string"`

	// The date and time, in ISO 8601 (https://www.iso.org/iso-8601-date-and-time-format.html)
	// format, when the item was modified.
	LastModifiedDate *time.Time `type:"timestamp"`

	// The user pool ID for the user pool.
	UserPoolId *string `min:"1" type:"string"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UICustomizationType) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UICustomizationType) GoString() string {
	return s.String()
}

// SetCSS sets the CSS field's value.
func (s *UICustomizationType) SetCSS(v string) *UICustomizationType {
	s.CSS = &v
	return s
}

// SetCSSVersion sets the CSSVersion field's value.
func (s *UICustomizationType) SetCSSVersion(v string) *UICustomizationType {
	s.CSSVersion = &v
	return s
}

// SetClientId sets the ClientId field's value.
func (s *UICustomizationType) SetClientId(v string) *UICustomizationType {
	s.ClientId = &v
	return s
}

// SetCreationDate sets the CreationDate field's value.
func (s *UICustomizationType) SetCreationDate(v time.Time) *UICustomizationType {
	s.CreationDate = &v
	return s
}

// SetImageUrl sets the ImageUrl field's value.
func (s *UICustomizationType) SetImageUrl(v string) *UICustomizationType {
	s.ImageUrl = &v
	return s
}

// SetLastModifiedDate sets the LastModifiedDate field's value.
func (s *UICustomizationType) SetLastModifiedDate(v time.Time) *UICustomizationType {
	s.LastModifiedDate = &v
	return s
}

// SetUserPoolId sets the UserPoolId field's value.
func (s *UICustomizationType) SetUserPoolId(v string) *UICustomizationType {
	s.UserPoolId = &v
	return s
}

// Exception that is thrown when the request isn't authorized. This can happen
// due to an invalid access token in the request.
type UnauthorizedException struct {
	_            struct{}                  `type:"structure"`
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	Message_ *string `locationName:"message" type:"string"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UnauthorizedException) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UnauthorizedException) GoString() string {
	return s.String()
}

func newErrorUnauthorizedException(v protocol.ResponseMetadata) error {
	return &UnauthorizedException{
		RespMetadata: v,
	}
}

// Code returns the exception type name.
func (s *UnauthorizedException) Code() string {
	return "UnauthorizedException"
}

// Message returns the exception's message.
func (s *UnauthorizedException) Message() string {
	if s.Message_ != nil {
		return *s.Message_
	}
	return ""
}

// OrigErr always returns nil, satisfies awserr.Error interface.
func (s *UnauthorizedException) OrigErr() error {
	return nil
}

func (s *UnauthorizedException) Error() string {
	return fmt.Sprintf("%s: %s", s.Code(), s.Message())
}

// Status code returns the HTTP status code for the request's response error.
func (s *UnauthorizedException) StatusCode() int {
	return s.RespMetadata.StatusCode
}

// RequestID returns the service's response RequestID for request.
func (s *UnauthorizedException) RequestID() string {
	return s.RespMetadata.RequestID
}

// This exception is thrown when Amazon Cognito encounters an unexpected exception
// with Lambda.
type UnexpectedLambdaException struct {
	_            struct{}                  `type:"structure"`
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	// The message returned when Amazon Cognito returns an unexpected Lambda exception.
	Message_ *string `locationName:"message" type:"string"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UnexpectedLambdaException) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UnexpectedLambdaException) GoString() string {
	return s.String()
}

func newErrorUnexpectedLambdaException(v protocol.ResponseMetadata) error {
	return &UnexpectedLambdaException{
		RespMetadata: v,
	}
}

// Code returns the exception type name.
func (s *UnexpectedLambdaException) Code() string {
	return "UnexpectedLambdaException"
}

// Message returns the exception's message.
func (s *UnexpectedLambdaException) Message() string {
	if s.Message_ != nil {
		return *s.Message_
	}
	return ""
}

// OrigErr always returns nil, satisfies awserr.Error interface.
func (s *UnexpectedLambdaException) OrigErr() error {
	return nil
}

func (s *UnexpectedLambdaException) Error() string {
	return fmt.Sprintf("%s: %s", s.Code(), s.Message())
}

// Status code returns the HTTP status code for the request's response error.
func (s *UnexpectedLambdaException) StatusCode() int {
	return s.RespMetadata.StatusCode
}

// RequestID returns the service's response RequestID for request.
func (s *UnexpectedLambdaException) RequestID() string {
	return s.RespMetadata.RequestID
}

// This exception is thrown when the specified identifier isn't supported.
type UnsupportedIdentityProviderException struct {
	_            struct{}                  `type:"structure"`
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	Message_ *string `locationName:"message" type:"string"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UnsupportedIdentityProviderException) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UnsupportedIdentityProviderException) GoString() string {
	return s.String()
}

func newErrorUnsupportedIdentityProviderException(v protocol.ResponseMetadata) error {
	return &UnsupportedIdentityProviderException{
		RespMetadata: v,
	}
}

// Code returns the exception type name.
func (s *UnsupportedIdentityProviderException) Code() string {
	return "UnsupportedIdentityProviderException"
}

// Message returns the exception's message.
func (s *UnsupportedIdentityProviderException) Message() string {
	if s.Message_ != nil {
		return *s.Message_
	}
	return ""
}

// OrigErr always returns nil, satisfies awserr.Error interface.
func (s *UnsupportedIdentityProviderException) OrigErr() error {
	return nil
}

func (s *UnsupportedIdentityProviderException) Error() string {
	return fmt.Sprintf("%s: %s", s.Code(), s.Message())
}

// Status code returns the HTTP status code for the request's response error.
func (s *UnsupportedIdentityProviderException) StatusCode() int {
	return s.RespMetadata.StatusCode
}

// RequestID returns the service's response RequestID for request.
func (s *UnsupportedIdentityProviderException) RequestID() string {
	return s.RespMetadata.RequestID
}

// Exception that is thrown when you attempt to perform an operation that isn't
// enabled for the user pool client.
type UnsupportedOperationException struct {
	_            struct{}                  `type:"structure"`
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	Message_ *string `locationName:"message" type:"string"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UnsupportedOperationException) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UnsupportedOperationException) GoString() string {
	return s.String()
}

func newErrorUnsupportedOperationException(v protocol.ResponseMetadata) error {
	return &UnsupportedOperationException{
		RespMetadata: v,
	}
}

// Code returns the exception type name.
func (s *UnsupportedOperationException) Code() string {
	return "UnsupportedOperationException"
}

// Message returns the exception's message.
func (s *UnsupportedOperationException) Message() string {
	if s.Message_ != nil {
		return *s.Message_
	}
	return ""
}

// OrigErr always returns nil, satisfies awserr.Error interface.
func (s *UnsupportedOperationException) OrigErr() error {
	return nil
}

func (s *UnsupportedOperationException) Error() string {
	return fmt.Sprintf("%s: %s", s.Code(), s.Message())
}

// Status code returns the HTTP status code for the request's response error.
func (s *UnsupportedOperationException) StatusCode() int {
	return s.RespMetadata.StatusCode
}

// RequestID returns the service's response RequestID for request.
func (s *UnsupportedOperationException) RequestID() string {
	return s.RespMetadata.RequestID
}

// Exception that is thrown when an unsupported token is passed to an operation.
type UnsupportedTokenTypeException struct {
	_            struct{}                  `type:"structure"`
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	Message_ *string `locationName:"message" type:"string"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UnsupportedTokenTypeException) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UnsupportedTokenTypeException) GoString() string {
	return s.String()
}

func newErrorUnsupportedTokenTypeException(v protocol.ResponseMetadata) error {
	return &UnsupportedTokenTypeException{
		RespMetadata: v,
	}
}

// Code returns the exception type name.
func (s *UnsupportedTokenTypeException) Code() string {
	return "UnsupportedTokenTypeException"
}

// Message returns the exception's message.
func (s *UnsupportedTokenTypeException) Message() string {
	if s.Message_ != nil {
		return *s.Message_
	}
	return ""
}

// OrigErr always returns nil, satisfies awserr.Error interface.
func (s *UnsupportedTokenTypeException) OrigErr() error {
	return nil
}

func (s *UnsupportedTokenTypeException) Error() string {
	return fmt.Sprintf("%s: %s", s.Code(), s.Message())
}

// Status code returns the HTTP status code for the request's response error.
func (s *UnsupportedTokenTypeException) StatusCode() int {
	return s.RespMetadata.StatusCode
}

// RequestID returns the service's response RequestID for request.
func (s *UnsupportedTokenTypeException) RequestID() string {
	return s.RespMetadata.RequestID
}

// The request failed because the user is in an unsupported state.
type UnsupportedUserStateException struct {
	_            struct{}                  `type:"structure"`
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	// The message returned when the user is in an unsupported state.
	Message_ *string `locationName:"message" type:"string"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UnsupportedUserStateException) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UnsupportedUserStateException) GoString() string {
	return s.String()
}

func newErrorUnsupportedUserStateException(v protocol.ResponseMetadata) error {
	return &UnsupportedUserStateException{
		RespMetadata: v,
	}
}

// Code returns the exception type name.
func (s *UnsupportedUserStateException) Code() string {
	return "UnsupportedUserStateException"
}

// Message returns the exception's message.
func (s *UnsupportedUserStateException) Message() string {
	if s.Message_ != nil {
		return *s.Message_
	}
	return ""
}

// OrigErr always returns nil, satisfies awserr.Error interface.
func (s *UnsupportedUserStateException) OrigErr() error {
	return nil
}

func (s *UnsupportedUserStateException) Error() string {
	return fmt.Sprintf("%s: %s", s.Code(), s.Message())
}

// Status code returns the HTTP status code for the request's response error.
func (s *UnsupportedUserStateException) StatusCode() int {
	return s.RespMetadata.StatusCode
}

// RequestID returns the service's response RequestID for request.
func (s *UnsupportedUserStateException) RequestID() string {
	return s.RespMetadata.RequestID
}

type UntagResourceInput struct {
	_ struct{} `type:"structure"`

	// The Amazon Resource Name (ARN) of the user pool that the tags are assigned
	// to.
	//
	// ResourceArn is a required field
	ResourceArn *string `min:"20" type:"string" required:"true"`

	// The keys of the tags to remove from the user pool.
	//
	// TagKeys is a required field
	TagKeys []*string `type:"list" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UntagResourceInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UntagResourceInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *UntagResourceInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "UntagResourceInput"}
	if s.ResourceArn == nil {
		invalidParams.Add(request.NewErrParamRequired("ResourceArn"))
	}
	if s.ResourceArn != nil && len(*s.ResourceArn) < 20 {
		invalidParams.Add(request.NewErrParamMinLen("ResourceArn", 20))
	}
	if s.TagKeys == nil {
		invalidParams.Add(request.NewErrParamRequired("TagKeys"))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetResourceArn sets the ResourceArn field's value.
func (s *UntagResourceInput) SetResourceArn(v string) *UntagResourceInput {
	s.ResourceArn = &v
	return s
}

// SetTagKeys sets the TagKeys field's value.
func (s *UntagResourceInput) SetTagKeys(v []*string) *UntagResourceInput {
	s.TagKeys = v
	return s
}

type UntagResourceOutput struct {
	_ struct{} `type:"structure"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UntagResourceOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UntagResourceOutput) GoString() string {
	return s.String()
}

type UpdateAuthEventFeedbackInput struct {
	_ struct{} `type:"structure"`

	// The event ID.
	//
	// EventId is a required field
	EventId *string `min:"1" type:"string" required:"true"`

	// The feedback token.
	//
	// FeedbackToken is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by UpdateAuthEventFeedbackInput's
	// String and GoString methods.
	//
	// FeedbackToken is a required field
	FeedbackToken *string `type:"string" required:"true" sensitive:"true"`

	// The authentication event feedback value. When you provide a FeedbackValue
	// value of valid, you tell Amazon Cognito that you trust a user session where
	// Amazon Cognito has evaluated some level of risk. When you provide a FeedbackValue
	// value of invalid, you tell Amazon Cognito that you don't trust a user session,
	// or you don't believe that Amazon Cognito evaluated a high-enough risk level.
	//
	// FeedbackValue is a required field
	FeedbackValue *string `type:"string" required:"true" enum:"FeedbackValueType"`

	// The user pool ID.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`

	// The username of the user that you want to query or modify. The value of this
	// parameter is typically your user's username, but it can be any of their alias
	// attributes. If username isn't an alias attribute in your user pool, you can
	// also use their sub in this request.
	//
	// Username is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by UpdateAuthEventFeedbackInput's
	// String and GoString methods.
	//
	// Username is a required field
	Username *string `min:"1" type:"string" required:"true" sensitive:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UpdateAuthEventFeedbackInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UpdateAuthEventFeedbackInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *UpdateAuthEventFeedbackInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "UpdateAuthEventFeedbackInput"}
	if s.EventId == nil {
		invalidParams.Add(request.NewErrParamRequired("EventId"))
	}
	if s.EventId != nil && len(*s.EventId) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("EventId", 1))
	}
	if s.FeedbackToken == nil {
		invalidParams.Add(request.NewErrParamRequired("FeedbackToken"))
	}
	if s.FeedbackValue == nil {
		invalidParams.Add(request.NewErrParamRequired("FeedbackValue"))
	}
	if s.UserPoolId == nil {
		invalidParams.Add(request.NewErrParamRequired("UserPoolId"))
	}
	if s.UserPoolId != nil && len(*s.UserPoolId) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("UserPoolId", 1))
	}
	if s.Username == nil {
		invalidParams.Add(request.NewErrParamRequired("Username"))
	}
	if s.Username != nil && len(*s.Username) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("Username", 1))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetEventId sets the EventId field's value.
func (s *UpdateAuthEventFeedbackInput) SetEventId(v string) *UpdateAuthEventFeedbackInput {
	s.EventId = &v
	return s
}

// SetFeedbackToken sets the FeedbackToken field's value.
func (s *UpdateAuthEventFeedbackInput) SetFeedbackToken(v string) *UpdateAuthEventFeedbackInput {
	s.FeedbackToken = &v
	return s
}

// SetFeedbackValue sets the FeedbackValue field's value.
func (s *UpdateAuthEventFeedbackInput) SetFeedbackValue(v string) *UpdateAuthEventFeedbackInput {
	s.FeedbackValue = &v
	return s
}

// SetUserPoolId sets the UserPoolId field's value.
func (s *UpdateAuthEventFeedbackInput) SetUserPoolId(v string) *UpdateAuthEventFeedbackInput {
	s.UserPoolId = &v
	return s
}

// SetUsername sets the Username field's value.
func (s *UpdateAuthEventFeedbackInput) SetUsername(v string) *UpdateAuthEventFeedbackInput {
	s.Username = &v
	return s
}

type UpdateAuthEventFeedbackOutput struct {
	_ struct{} `type:"structure"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UpdateAuthEventFeedbackOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UpdateAuthEventFeedbackOutput) GoString() string {
	return s.String()
}

// Represents the request to update the device status.
type UpdateDeviceStatusInput struct {
	_ struct{} `type:"structure"`

	// A valid access token that Amazon Cognito issued to the user whose device
	// status you want to update.
	//
	// AccessToken is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by UpdateDeviceStatusInput's
	// String and GoString methods.
	//
	// AccessToken is a required field
	AccessToken *string `type:"string" required:"true" sensitive:"true"`

	// The device key.
	//
	// DeviceKey is a required field
	DeviceKey *string `min:"1" type:"string" required:"true"`

	// The status of whether a device is remembered.
	DeviceRememberedStatus *string `type:"string" enum:"DeviceRememberedStatusType"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UpdateDeviceStatusInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UpdateDeviceStatusInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *UpdateDeviceStatusInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "UpdateDeviceStatusInput"}
	if s.AccessToken == nil {
		invalidParams.Add(request.NewErrParamRequired("AccessToken"))
	}
	if s.DeviceKey == nil {
		invalidParams.Add(request.NewErrParamRequired("DeviceKey"))
	}
	if s.DeviceKey != nil && len(*s.DeviceKey) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("DeviceKey", 1))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetAccessToken sets the AccessToken field's value.
func (s *UpdateDeviceStatusInput) SetAccessToken(v string) *UpdateDeviceStatusInput {
	s.AccessToken = &v
	return s
}

// SetDeviceKey sets the DeviceKey field's value.
func (s *UpdateDeviceStatusInput) SetDeviceKey(v string) *UpdateDeviceStatusInput {
	s.DeviceKey = &v
	return s
}

// SetDeviceRememberedStatus sets the DeviceRememberedStatus field's value.
func (s *UpdateDeviceStatusInput) SetDeviceRememberedStatus(v string) *UpdateDeviceStatusInput {
	s.DeviceRememberedStatus = &v
	return s
}

// The response to the request to update the device status.
type UpdateDeviceStatusOutput struct {
	_ struct{} `type:"structure"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UpdateDeviceStatusOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UpdateDeviceStatusOutput) GoString() string {
	return s.String()
}

type UpdateGroupInput struct {
	_ struct{} `type:"structure"`

	// A string containing the new description of the group.
	Description *string `type:"string"`

	// The name of the group.
	//
	// GroupName is a required field
	GroupName *string `min:"1" type:"string" required:"true"`

	// The new precedence value for the group. For more information about this parameter,
	// see CreateGroup (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_CreateGroup.html).
	Precedence *int64 `type:"integer"`

	// The new role Amazon Resource Name (ARN) for the group. This is used for setting
	// the cognito:roles and cognito:preferred_role claims in the token.
	RoleArn *string `min:"20" type:"string"`

	// The user pool ID for the user pool.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UpdateGroupInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UpdateGroupInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *UpdateGroupInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "UpdateGroupInput"}
	if s.GroupName == nil {
		invalidParams.Add(request.NewErrParamRequired("GroupName"))
	}
	if s.GroupName != nil && len(*s.GroupName) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("GroupName", 1))
	}
	if s.RoleArn != nil && len(*s.RoleArn) < 20 {
		invalidParams.Add(request.NewErrParamMinLen("RoleArn", 20))
	}
	if s.UserPoolId == nil {
		invalidParams.Add(request.NewErrParamRequired("UserPoolId"))
	}
	if s.UserPoolId != nil && len(*s.UserPoolId) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("UserPoolId", 1))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetDescription sets the Description field's value.
func (s *UpdateGroupInput) SetDescription(v string) *UpdateGroupInput {
	s.Description = &v
	return s
}

// SetGroupName sets the GroupName field's value.
func (s *UpdateGroupInput) SetGroupName(v string) *UpdateGroupInput {
	s.GroupName = &v
	return s
}

// SetPrecedence sets the Precedence field's value.
func (s *UpdateGroupInput) SetPrecedence(v int64) *UpdateGroupInput {
	s.Precedence = &v
	return s
}

// SetRoleArn sets the RoleArn field's value.
func (s *UpdateGroupInput) SetRoleArn(v string) *UpdateGroupInput {
	s.RoleArn = &v
	return s
}

// SetUserPoolId sets the UserPoolId field's value.
func (s *UpdateGroupInput) SetUserPoolId(v string) *UpdateGroupInput {
	s.UserPoolId = &v
	return s
}

type UpdateGroupOutput struct {
	_ struct{} `type:"structure"`

	// The group object for the group.
	Group *GroupType `type:"structure"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UpdateGroupOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UpdateGroupOutput) GoString() string {
	return s.String()
}

// SetGroup sets the Group field's value.
func (s *UpdateGroupOutput) SetGroup(v *GroupType) *UpdateGroupOutput {
	s.Group = v
	return s
}

type UpdateIdentityProviderInput struct {
	_ struct{} `type:"structure"`

	// The IdP attribute mapping to be changed.
	AttributeMapping map[string]*string `type:"map"`

	// A list of IdP identifiers.
	IdpIdentifiers []*string `type:"list"`

	// The IdP details to be updated, such as MetadataURL and MetadataFile.
	ProviderDetails map[string]*string `type:"map"`

	// The IdP name.
	//
	// ProviderName is a required field
	ProviderName *string `min:"1" type:"string" required:"true"`

	// The user pool ID.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UpdateIdentityProviderInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UpdateIdentityProviderInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *UpdateIdentityProviderInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "UpdateIdentityProviderInput"}
	if s.ProviderName == nil {
		invalidParams.Add(request.NewErrParamRequired("ProviderName"))
	}
	if s.ProviderName != nil && len(*s.ProviderName) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("ProviderName", 1))
	}
	if s.UserPoolId == nil {
		invalidParams.Add(request.NewErrParamRequired("UserPoolId"))
	}
	if s.UserPoolId != nil && len(*s.UserPoolId) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("UserPoolId", 1))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetAttributeMapping sets the AttributeMapping field's value.
func (s *UpdateIdentityProviderInput) SetAttributeMapping(v map[string]*string) *UpdateIdentityProviderInput {
	s.AttributeMapping = v
	return s
}

// SetIdpIdentifiers sets the IdpIdentifiers field's value.
func (s *UpdateIdentityProviderInput) SetIdpIdentifiers(v []*string) *UpdateIdentityProviderInput {
	s.IdpIdentifiers = v
	return s
}

// SetProviderDetails sets the ProviderDetails field's value.
func (s *UpdateIdentityProviderInput) SetProviderDetails(v map[string]*string) *UpdateIdentityProviderInput {
	s.ProviderDetails = v
	return s
}

// SetProviderName sets the ProviderName field's value.
func (s *UpdateIdentityProviderInput) SetProviderName(v string) *UpdateIdentityProviderInput {
	s.ProviderName = &v
	return s
}

// SetUserPoolId sets the UserPoolId field's value.
func (s *UpdateIdentityProviderInput) SetUserPoolId(v string) *UpdateIdentityProviderInput {
	s.UserPoolId = &v
	return s
}

type UpdateIdentityProviderOutput struct {
	_ struct{} `type:"structure"`

	// The identity provider details.
	//
	// IdentityProvider is a required field
	IdentityProvider *IdentityProviderType `type:"structure" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UpdateIdentityProviderOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UpdateIdentityProviderOutput) GoString() string {
	return s.String()
}

// SetIdentityProvider sets the IdentityProvider field's value.
func (s *UpdateIdentityProviderOutput) SetIdentityProvider(v *IdentityProviderType) *UpdateIdentityProviderOutput {
	s.IdentityProvider = v
	return s
}

type UpdateResourceServerInput struct {
	_ struct{} `type:"structure"`

	// The identifier for the resource server.
	//
	// Identifier is a required field
	Identifier *string `min:"1" type:"string" required:"true"`

	// The name of the resource server.
	//
	// Name is a required field
	Name *string `min:"1" type:"string" required:"true"`

	// The scope values to be set for the resource server.
	Scopes []*ResourceServerScopeType `type:"list"`

	// The user pool ID for the user pool.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UpdateResourceServerInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UpdateResourceServerInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *UpdateResourceServerInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "UpdateResourceServerInput"}
	if s.Identifier == nil {
		invalidParams.Add(request.NewErrParamRequired("Identifier"))
	}
	if s.Identifier != nil && len(*s.Identifier) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("Identifier", 1))
	}
	if s.Name == nil {
		invalidParams.Add(request.NewErrParamRequired("Name"))
	}
	if s.Name != nil && len(*s.Name) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("Name", 1))
	}
	if s.UserPoolId == nil {
		invalidParams.Add(request.NewErrParamRequired("UserPoolId"))
	}
	if s.UserPoolId != nil && len(*s.UserPoolId) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("UserPoolId", 1))
	}
	if s.Scopes != nil {
		for i, v := range s.Scopes {
			if v == nil {
				continue
			}
			if err := v.Validate(); err != nil {
				invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Scopes", i), err.(request.ErrInvalidParams))
			}
		}
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetIdentifier sets the Identifier field's value.
func (s *UpdateResourceServerInput) SetIdentifier(v string) *UpdateResourceServerInput {
	s.Identifier = &v
	return s
}

// SetName sets the Name field's value.
func (s *UpdateResourceServerInput) SetName(v string) *UpdateResourceServerInput {
	s.Name = &v
	return s
}

// SetScopes sets the Scopes field's value.
func (s *UpdateResourceServerInput) SetScopes(v []*ResourceServerScopeType) *UpdateResourceServerInput {
	s.Scopes = v
	return s
}

// SetUserPoolId sets the UserPoolId field's value.
func (s *UpdateResourceServerInput) SetUserPoolId(v string) *UpdateResourceServerInput {
	s.UserPoolId = &v
	return s
}

type UpdateResourceServerOutput struct {
	_ struct{} `type:"structure"`

	// The resource server.
	//
	// ResourceServer is a required field
	ResourceServer *ResourceServerType `type:"structure" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UpdateResourceServerOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UpdateResourceServerOutput) GoString() string {
	return s.String()
}

// SetResourceServer sets the ResourceServer field's value.
func (s *UpdateResourceServerOutput) SetResourceServer(v *ResourceServerType) *UpdateResourceServerOutput {
	s.ResourceServer = v
	return s
}

// Represents the request to update user attributes.
type UpdateUserAttributesInput struct {
	_ struct{} `type:"structure"`

	// A valid access token that Amazon Cognito issued to the user whose user attributes
	// you want to update.
	//
	// AccessToken is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by UpdateUserAttributesInput's
	// String and GoString methods.
	//
	// AccessToken is a required field
	AccessToken *string `type:"string" required:"true" sensitive:"true"`

	// A map of custom key-value pairs that you can provide as input for any custom
	// workflows that this action initiates.
	//
	// You create custom workflows by assigning Lambda functions to user pool triggers.
	// When you use the UpdateUserAttributes API action, Amazon Cognito invokes
	// the function that is assigned to the custom message trigger. When Amazon
	// Cognito invokes this function, it passes a JSON payload, which the function
	// receives as input. This payload contains a clientMetadata attribute, which
	// provides the data that you assigned to the ClientMetadata parameter in your
	// UpdateUserAttributes request. In your function code in Lambda, you can process
	// the clientMetadata value to enhance your workflow for your specific needs.
	//
	// For more information, see Customizing user pool Workflows with Lambda Triggers
	// (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools-working-with-aws-lambda-triggers.html)
	// in the Amazon Cognito Developer Guide.
	//
	// When you use the ClientMetadata parameter, remember that Amazon Cognito won't
	// do the following:
	//
	//    * Store the ClientMetadata value. This data is available only to Lambda
	//    triggers that are assigned to a user pool to support custom workflows.
	//    If your user pool configuration doesn't include triggers, the ClientMetadata
	//    parameter serves no purpose.
	//
	//    * Validate the ClientMetadata value.
	//
	//    * Encrypt the ClientMetadata value. Don't use Amazon Cognito to provide
	//    sensitive information.
	ClientMetadata map[string]*string `type:"map"`

	// An array of name-value pairs representing user attributes.
	//
	// For custom attributes, you must prepend the custom: prefix to the attribute
	// name.
	//
	// If you have set an attribute to require verification before Amazon Cognito
	// updates its value, this request doesn’t immediately update the value of
	// that attribute. After your user receives and responds to a verification message
	// to verify the new value, Amazon Cognito updates the attribute value. Your
	// user can sign in and receive messages with the original attribute value until
	// they verify the new value.
	//
	// UserAttributes is a required field
	UserAttributes []*AttributeType `type:"list" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UpdateUserAttributesInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UpdateUserAttributesInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *UpdateUserAttributesInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "UpdateUserAttributesInput"}
	if s.AccessToken == nil {
		invalidParams.Add(request.NewErrParamRequired("AccessToken"))
	}
	if s.UserAttributes == nil {
		invalidParams.Add(request.NewErrParamRequired("UserAttributes"))
	}
	if s.UserAttributes != nil {
		for i, v := range s.UserAttributes {
			if v == nil {
				continue
			}
			if err := v.Validate(); err != nil {
				invalidParams.AddNested(fmt.Sprintf("%s[%v]", "UserAttributes", i), err.(request.ErrInvalidParams))
			}
		}
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetAccessToken sets the AccessToken field's value.
func (s *UpdateUserAttributesInput) SetAccessToken(v string) *UpdateUserAttributesInput {
	s.AccessToken = &v
	return s
}

// SetClientMetadata sets the ClientMetadata field's value.
func (s *UpdateUserAttributesInput) SetClientMetadata(v map[string]*string) *UpdateUserAttributesInput {
	s.ClientMetadata = v
	return s
}

// SetUserAttributes sets the UserAttributes field's value.
func (s *UpdateUserAttributesInput) SetUserAttributes(v []*AttributeType) *UpdateUserAttributesInput {
	s.UserAttributes = v
	return s
}

// Represents the response from the server for the request to update user attributes.
type UpdateUserAttributesOutput struct {
	_ struct{} `type:"structure"`

	// The code delivery details list from the server for the request to update
	// user attributes.
	CodeDeliveryDetailsList []*CodeDeliveryDetailsType `type:"list"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UpdateUserAttributesOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UpdateUserAttributesOutput) GoString() string {
	return s.String()
}

// SetCodeDeliveryDetailsList sets the CodeDeliveryDetailsList field's value.
func (s *UpdateUserAttributesOutput) SetCodeDeliveryDetailsList(v []*CodeDeliveryDetailsType) *UpdateUserAttributesOutput {
	s.CodeDeliveryDetailsList = v
	return s
}

// Represents the request to update the user pool client.
type UpdateUserPoolClientInput struct {
	_ struct{} `type:"structure"`

	// The access token time limit. After this limit expires, your user can't use
	// their access token. To specify the time unit for AccessTokenValidity as seconds,
	// minutes, hours, or days, set a TokenValidityUnits value in your API request.
	//
	// For example, when you set AccessTokenValidity to 10 and TokenValidityUnits
	// to hours, your user can authorize access with their access token for 10 hours.
	//
	// The default time unit for AccessTokenValidity in an API request is hours.
	// Valid range is displayed below in seconds.
	//
	// If you don't specify otherwise in the configuration of your app client, your
	// access tokens are valid for one hour.
	AccessTokenValidity *int64 `min:"1" type:"integer"`

	// The allowed OAuth flows.
	//
	// code
	//
	// Use a code grant flow, which provides an authorization code as the response.
	// This code can be exchanged for access tokens with the /oauth2/token endpoint.
	//
	// implicit
	//
	// Issue the access token (and, optionally, ID token, based on scopes) directly
	// to your user.
	//
	// client_credentials
	//
	// Issue the access token from the /oauth2/token endpoint directly to a non-person
	// user using a combination of the client ID and client secret.
	AllowedOAuthFlows []*string `type:"list" enum:"OAuthFlowType"`

	// Set to true to use OAuth 2.0 features in your user pool app client.
	//
	// AllowedOAuthFlowsUserPoolClient must be true before you can configure the
	// following features in your app client.
	//
	//    * CallBackURLs: Callback URLs.
	//
	//    * LogoutURLs: Sign-out redirect URLs.
	//
	//    * AllowedOAuthScopes: OAuth 2.0 scopes.
	//
	//    * AllowedOAuthFlows: Support for authorization code, implicit, and client
	//    credentials OAuth 2.0 grants.
	//
	// To use OAuth 2.0 features, configure one of these features in the Amazon
	// Cognito console or set AllowedOAuthFlowsUserPoolClient to true in a CreateUserPoolClient
	// or UpdateUserPoolClient API request. If you don't set a value for AllowedOAuthFlowsUserPoolClient
	// in a request with the CLI or SDKs, it defaults to false.
	AllowedOAuthFlowsUserPoolClient *bool `type:"boolean"`

	// The allowed OAuth scopes. Possible values provided by OAuth are phone, email,
	// openid, and profile. Possible values provided by Amazon Web Services are
	// aws.cognito.signin.user.admin. Custom scopes created in Resource Servers
	// are also supported.
	AllowedOAuthScopes []*string `type:"list"`

	// The Amazon Pinpoint analytics configuration necessary to collect metrics
	// for this user pool.
	//
	// In Amazon Web Services Regions where Amazon Pinpoint isn't available, user
	// pools only support sending events to Amazon Pinpoint projects in us-east-1.
	// In Regions where Amazon Pinpoint is available, user pools support sending
	// events to Amazon Pinpoint projects within that same Region.
	AnalyticsConfiguration *AnalyticsConfigurationType `type:"structure"`

	// Amazon Cognito creates a session token for each API request in an authentication
	// flow. AuthSessionValidity is the duration, in minutes, of that session token.
	// Your user pool native user must respond to each authentication challenge
	// before the session expires.
	AuthSessionValidity *int64 `min:"3" type:"integer"`

	// A list of allowed redirect (callback) URLs for the IdPs.
	//
	// A redirect URI must:
	//
	//    * Be an absolute URI.
	//
	//    * Be registered with the authorization server.
	//
	//    * Not include a fragment component.
	//
	// See OAuth 2.0 - Redirection Endpoint (https://tools.ietf.org/html/rfc6749#section-3.1.2).
	//
	// Amazon Cognito requires HTTPS over HTTP except for http://localhost for testing
	// purposes only.
	//
	// App callback URLs such as myapp://example are also supported.
	CallbackURLs []*string `type:"list"`

	// The ID of the client associated with the user pool.
	//
	// ClientId is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by UpdateUserPoolClientInput's
	// String and GoString methods.
	//
	// ClientId is a required field
	ClientId *string `min:"1" type:"string" required:"true" sensitive:"true"`

	// The client name from the update user pool client request.
	ClientName *string `min:"1" type:"string"`

	// The default redirect URI. Must be in the CallbackURLs list.
	//
	// A redirect URI must:
	//
	//    * Be an absolute URI.
	//
	//    * Be registered with the authorization server.
	//
	//    * Not include a fragment component.
	//
	// See OAuth 2.0 - Redirection Endpoint (https://tools.ietf.org/html/rfc6749#section-3.1.2).
	//
	// Amazon Cognito requires HTTPS over HTTP except for http://localhost for testing
	// purposes only.
	//
	// App callback URLs such as myapp://example are also supported.
	DefaultRedirectURI *string `min:"1" type:"string"`

	// Activates the propagation of additional user context data. For more information
	// about propagation of user context data, see Adding advanced security to a
	// user pool (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-advanced-security.html).
	// If you don’t include this parameter, you can't send device fingerprint
	// information, including source IP address, to Amazon Cognito advanced security.
	// You can only activate EnablePropagateAdditionalUserContextData in an app
	// client that has a client secret.
	EnablePropagateAdditionalUserContextData *bool `type:"boolean"`

	// Activates or deactivates token revocation. For more information about revoking
	// tokens, see RevokeToken (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_RevokeToken.html).
	EnableTokenRevocation *bool `type:"boolean"`

	// The authentication flows that you want your user pool client to support.
	// For each app client in your user pool, you can sign in your users with any
	// combination of one or more flows, including with a user name and Secure Remote
	// Password (SRP), a user name and password, or a custom authentication process
	// that you define with Lambda functions.
	//
	// If you don't specify a value for ExplicitAuthFlows, your user client supports
	// ALLOW_REFRESH_TOKEN_AUTH, ALLOW_USER_SRP_AUTH, and ALLOW_CUSTOM_AUTH.
	//
	// Valid values include:
	//
	//    * ALLOW_ADMIN_USER_PASSWORD_AUTH: Enable admin based user password authentication
	//    flow ADMIN_USER_PASSWORD_AUTH. This setting replaces the ADMIN_NO_SRP_AUTH
	//    setting. With this authentication flow, your app passes a user name and
	//    password to Amazon Cognito in the request, instead of using the Secure
	//    Remote Password (SRP) protocol to securely transmit the password.
	//
	//    * ALLOW_CUSTOM_AUTH: Enable Lambda trigger based authentication.
	//
	//    * ALLOW_USER_PASSWORD_AUTH: Enable user password-based authentication.
	//    In this flow, Amazon Cognito receives the password in the request instead
	//    of using the SRP protocol to verify passwords.
	//
	//    * ALLOW_USER_SRP_AUTH: Enable SRP-based authentication.
	//
	//    * ALLOW_REFRESH_TOKEN_AUTH: Enable authflow to refresh tokens.
	//
	// In some environments, you will see the values ADMIN_NO_SRP_AUTH, CUSTOM_AUTH_FLOW_ONLY,
	// or USER_PASSWORD_AUTH. You can't assign these legacy ExplicitAuthFlows values
	// to user pool clients at the same time as values that begin with ALLOW_, like
	// ALLOW_USER_SRP_AUTH.
	ExplicitAuthFlows []*string `type:"list" enum:"ExplicitAuthFlowsType"`

	// The ID token time limit. After this limit expires, your user can't use their
	// ID token. To specify the time unit for IdTokenValidity as seconds, minutes,
	// hours, or days, set a TokenValidityUnits value in your API request.
	//
	// For example, when you set IdTokenValidity as 10 and TokenValidityUnits as
	// hours, your user can authenticate their session with their ID token for 10
	// hours.
	//
	// The default time unit for IdTokenValidity in an API request is hours. Valid
	// range is displayed below in seconds.
	//
	// If you don't specify otherwise in the configuration of your app client, your
	// ID tokens are valid for one hour.
	IdTokenValidity *int64 `min:"1" type:"integer"`

	// A list of allowed logout URLs for the IdPs.
	LogoutURLs []*string `type:"list"`

	// Errors and responses that you want Amazon Cognito APIs to return during authentication,
	// account confirmation, and password recovery when the user doesn't exist in
	// the user pool. When set to ENABLED and the user doesn't exist, authentication
	// returns an error indicating either the username or password was incorrect.
	// Account confirmation and password recovery return a response indicating a
	// code was sent to a simulated destination. When set to LEGACY, those APIs
	// return a UserNotFoundException exception if the user doesn't exist in the
	// user pool.
	//
	// Valid values include:
	//
	//    * ENABLED - This prevents user existence-related errors.
	//
	//    * LEGACY - This represents the early behavior of Amazon Cognito where
	//    user existence related errors aren't prevented.
	PreventUserExistenceErrors *string `type:"string" enum:"PreventUserExistenceErrorTypes"`

	// The list of user attributes that you want your app client to have read-only
	// access to. After your user authenticates in your app, their access token
	// authorizes them to read their own attribute value for any attribute in this
	// list. An example of this kind of activity is when your user selects a link
	// to view their profile information. Your app makes a GetUser (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_GetUser.html)
	// API request to retrieve and display your user's profile data.
	//
	// When you don't specify the ReadAttributes for your app client, your app can
	// read the values of email_verified, phone_number_verified, and the Standard
	// attributes of your user pool. When your user pool has read access to these
	// default attributes, ReadAttributes doesn't return any information. Amazon
	// Cognito only populates ReadAttributes in the API response if you have specified
	// your own custom set of read attributes.
	ReadAttributes []*string `type:"list"`

	// The refresh token time limit. After this limit expires, your user can't use
	// their refresh token. To specify the time unit for RefreshTokenValidity as
	// seconds, minutes, hours, or days, set a TokenValidityUnits value in your
	// API request.
	//
	// For example, when you set RefreshTokenValidity as 10 and TokenValidityUnits
	// as days, your user can refresh their session and retrieve new access and
	// ID tokens for 10 days.
	//
	// The default time unit for RefreshTokenValidity in an API request is days.
	// You can't set RefreshTokenValidity to 0. If you do, Amazon Cognito overrides
	// the value with the default value of 30 days. Valid range is displayed below
	// in seconds.
	//
	// If you don't specify otherwise in the configuration of your app client, your
	// refresh tokens are valid for 30 days.
	RefreshTokenValidity *int64 `type:"integer"`

	// A list of provider names for the IdPs that this client supports. The following
	// are supported: COGNITO, Facebook, Google, SignInWithApple, LoginWithAmazon,
	// and the names of your own SAML and OIDC providers.
	SupportedIdentityProviders []*string `type:"list"`

	// The time units you use when you set the duration of ID, access, and refresh
	// tokens. The default unit for RefreshToken is days, and the default for ID
	// and access tokens is hours.
	TokenValidityUnits *TokenValidityUnitsType `type:"structure"`

	// The user pool ID for the user pool where you want to update the user pool
	// client.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`

	// The list of user attributes that you want your app client to have write access
	// to. After your user authenticates in your app, their access token authorizes
	// them to set or modify their own attribute value for any attribute in this
	// list. An example of this kind of activity is when you present your user with
	// a form to update their profile information and they change their last name.
	// Your app then makes an UpdateUserAttributes (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UpdateUserAttributes.html)
	// API request and sets family_name to the new value.
	//
	// When you don't specify the WriteAttributes for your app client, your app
	// can write the values of the Standard attributes of your user pool. When your
	// user pool has write access to these default attributes, WriteAttributes doesn't
	// return any information. Amazon Cognito only populates WriteAttributes in
	// the API response if you have specified your own custom set of write attributes.
	//
	// If your app client allows users to sign in through an IdP, this array must
	// include all attributes that you have mapped to IdP attributes. Amazon Cognito
	// updates mapped attributes when users sign in to your application through
	// an IdP. If your app client does not have write access to a mapped attribute,
	// Amazon Cognito throws an error when it tries to update the attribute. For
	// more information, see Specifying IdP Attribute Mappings for Your user pool
	// (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-specifying-attribute-mapping.html).
	WriteAttributes []*string `type:"list"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UpdateUserPoolClientInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UpdateUserPoolClientInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *UpdateUserPoolClientInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "UpdateUserPoolClientInput"}
	if s.AccessTokenValidity != nil && *s.AccessTokenValidity < 1 {
		invalidParams.Add(request.NewErrParamMinValue("AccessTokenValidity", 1))
	}
	if s.AuthSessionValidity != nil && *s.AuthSessionValidity < 3 {
		invalidParams.Add(request.NewErrParamMinValue("AuthSessionValidity", 3))
	}
	if s.ClientId == nil {
		invalidParams.Add(request.NewErrParamRequired("ClientId"))
	}
	if s.ClientId != nil && len(*s.ClientId) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("ClientId", 1))
	}
	if s.ClientName != nil && len(*s.ClientName) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("ClientName", 1))
	}
	if s.DefaultRedirectURI != nil && len(*s.DefaultRedirectURI) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("DefaultRedirectURI", 1))
	}
	if s.IdTokenValidity != nil && *s.IdTokenValidity < 1 {
		invalidParams.Add(request.NewErrParamMinValue("IdTokenValidity", 1))
	}
	if s.UserPoolId == nil {
		invalidParams.Add(request.NewErrParamRequired("UserPoolId"))
	}
	if s.UserPoolId != nil && len(*s.UserPoolId) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("UserPoolId", 1))
	}
	if s.AnalyticsConfiguration != nil {
		if err := s.AnalyticsConfiguration.Validate(); err != nil {
			invalidParams.AddNested("AnalyticsConfiguration", err.(request.ErrInvalidParams))
		}
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetAccessTokenValidity sets the AccessTokenValidity field's value.
func (s *UpdateUserPoolClientInput) SetAccessTokenValidity(v int64) *UpdateUserPoolClientInput {
	s.AccessTokenValidity = &v
	return s
}

// SetAllowedOAuthFlows sets the AllowedOAuthFlows field's value.
func (s *UpdateUserPoolClientInput) SetAllowedOAuthFlows(v []*string) *UpdateUserPoolClientInput {
	s.AllowedOAuthFlows = v
	return s
}

// SetAllowedOAuthFlowsUserPoolClient sets the AllowedOAuthFlowsUserPoolClient field's value.
func (s *UpdateUserPoolClientInput) SetAllowedOAuthFlowsUserPoolClient(v bool) *UpdateUserPoolClientInput {
	s.AllowedOAuthFlowsUserPoolClient = &v
	return s
}

// SetAllowedOAuthScopes sets the AllowedOAuthScopes field's value.
func (s *UpdateUserPoolClientInput) SetAllowedOAuthScopes(v []*string) *UpdateUserPoolClientInput {
	s.AllowedOAuthScopes = v
	return s
}

// SetAnalyticsConfiguration sets the AnalyticsConfiguration field's value.
func (s *UpdateUserPoolClientInput) SetAnalyticsConfiguration(v *AnalyticsConfigurationType) *UpdateUserPoolClientInput {
	s.AnalyticsConfiguration = v
	return s
}

// SetAuthSessionValidity sets the AuthSessionValidity field's value.
func (s *UpdateUserPoolClientInput) SetAuthSessionValidity(v int64) *UpdateUserPoolClientInput {
	s.AuthSessionValidity = &v
	return s
}

// SetCallbackURLs sets the CallbackURLs field's value.
func (s *UpdateUserPoolClientInput) SetCallbackURLs(v []*string) *UpdateUserPoolClientInput {
	s.CallbackURLs = v
	return s
}

// SetClientId sets the ClientId field's value.
func (s *UpdateUserPoolClientInput) SetClientId(v string) *UpdateUserPoolClientInput {
	s.ClientId = &v
	return s
}

// SetClientName sets the ClientName field's value.
func (s *UpdateUserPoolClientInput) SetClientName(v string) *UpdateUserPoolClientInput {
	s.ClientName = &v
	return s
}

// SetDefaultRedirectURI sets the DefaultRedirectURI field's value.
func (s *UpdateUserPoolClientInput) SetDefaultRedirectURI(v string) *UpdateUserPoolClientInput {
	s.DefaultRedirectURI = &v
	return s
}

// SetEnablePropagateAdditionalUserContextData sets the EnablePropagateAdditionalUserContextData field's value.
func (s *UpdateUserPoolClientInput) SetEnablePropagateAdditionalUserContextData(v bool) *UpdateUserPoolClientInput {
	s.EnablePropagateAdditionalUserContextData = &v
	return s
}

// SetEnableTokenRevocation sets the EnableTokenRevocation field's value.
func (s *UpdateUserPoolClientInput) SetEnableTokenRevocation(v bool) *UpdateUserPoolClientInput {
	s.EnableTokenRevocation = &v
	return s
}

// SetExplicitAuthFlows sets the ExplicitAuthFlows field's value.
func (s *UpdateUserPoolClientInput) SetExplicitAuthFlows(v []*string) *UpdateUserPoolClientInput {
	s.ExplicitAuthFlows = v
	return s
}

// SetIdTokenValidity sets the IdTokenValidity field's value.
func (s *UpdateUserPoolClientInput) SetIdTokenValidity(v int64) *UpdateUserPoolClientInput {
	s.IdTokenValidity = &v
	return s
}

// SetLogoutURLs sets the LogoutURLs field's value.
func (s *UpdateUserPoolClientInput) SetLogoutURLs(v []*string) *UpdateUserPoolClientInput {
	s.LogoutURLs = v
	return s
}

// SetPreventUserExistenceErrors sets the PreventUserExistenceErrors field's value.
func (s *UpdateUserPoolClientInput) SetPreventUserExistenceErrors(v string) *UpdateUserPoolClientInput {
	s.PreventUserExistenceErrors = &v
	return s
}

// SetReadAttributes sets the ReadAttributes field's value.
func (s *UpdateUserPoolClientInput) SetReadAttributes(v []*string) *UpdateUserPoolClientInput {
	s.ReadAttributes = v
	return s
}

// SetRefreshTokenValidity sets the RefreshTokenValidity field's value.
func (s *UpdateUserPoolClientInput) SetRefreshTokenValidity(v int64) *UpdateUserPoolClientInput {
	s.RefreshTokenValidity = &v
	return s
}

// SetSupportedIdentityProviders sets the SupportedIdentityProviders field's value.
func (s *UpdateUserPoolClientInput) SetSupportedIdentityProviders(v []*string) *UpdateUserPoolClientInput {
	s.SupportedIdentityProviders = v
	return s
}

// SetTokenValidityUnits sets the TokenValidityUnits field's value.
func (s *UpdateUserPoolClientInput) SetTokenValidityUnits(v *TokenValidityUnitsType) *UpdateUserPoolClientInput {
	s.TokenValidityUnits = v
	return s
}

// SetUserPoolId sets the UserPoolId field's value.
func (s *UpdateUserPoolClientInput) SetUserPoolId(v string) *UpdateUserPoolClientInput {
	s.UserPoolId = &v
	return s
}

// SetWriteAttributes sets the WriteAttributes field's value.
func (s *UpdateUserPoolClientInput) SetWriteAttributes(v []*string) *UpdateUserPoolClientInput {
	s.WriteAttributes = v
	return s
}

// Represents the response from the server to the request to update the user
// pool client.
type UpdateUserPoolClientOutput struct {
	_ struct{} `type:"structure"`

	// The user pool client value from the response from the server when you request
	// to update the user pool client.
	UserPoolClient *UserPoolClientType `type:"structure"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UpdateUserPoolClientOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UpdateUserPoolClientOutput) GoString() string {
	return s.String()
}

// SetUserPoolClient sets the UserPoolClient field's value.
func (s *UpdateUserPoolClientOutput) SetUserPoolClient(v *UserPoolClientType) *UpdateUserPoolClientOutput {
	s.UserPoolClient = v
	return s
}

// The UpdateUserPoolDomain request input.
type UpdateUserPoolDomainInput struct {
	_ struct{} `type:"structure"`

	// The configuration for a custom domain that hosts the sign-up and sign-in
	// pages for your application. Use this object to specify an SSL certificate
	// that is managed by ACM.
	//
	// CustomDomainConfig is a required field
	CustomDomainConfig *CustomDomainConfigType `type:"structure" required:"true"`

	// The domain name for the custom domain that hosts the sign-up and sign-in
	// pages for your application. One example might be auth.example.com.
	//
	// This string can include only lowercase letters, numbers, and hyphens. Don't
	// use a hyphen for the first or last character. Use periods to separate subdomain
	// names.
	//
	// Domain is a required field
	Domain *string `min:"1" type:"string" required:"true"`

	// The ID of the user pool that is associated with the custom domain whose certificate
	// you're updating.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UpdateUserPoolDomainInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UpdateUserPoolDomainInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *UpdateUserPoolDomainInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "UpdateUserPoolDomainInput"}
	if s.CustomDomainConfig == nil {
		invalidParams.Add(request.NewErrParamRequired("CustomDomainConfig"))
	}
	if s.Domain == nil {
		invalidParams.Add(request.NewErrParamRequired("Domain"))
	}
	if s.Domain != nil && len(*s.Domain) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("Domain", 1))
	}
	if s.UserPoolId == nil {
		invalidParams.Add(request.NewErrParamRequired("UserPoolId"))
	}
	if s.UserPoolId != nil && len(*s.UserPoolId) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("UserPoolId", 1))
	}
	if s.CustomDomainConfig != nil {
		if err := s.CustomDomainConfig.Validate(); err != nil {
			invalidParams.AddNested("CustomDomainConfig", err.(request.ErrInvalidParams))
		}
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetCustomDomainConfig sets the CustomDomainConfig field's value.
func (s *UpdateUserPoolDomainInput) SetCustomDomainConfig(v *CustomDomainConfigType) *UpdateUserPoolDomainInput {
	s.CustomDomainConfig = v
	return s
}

// SetDomain sets the Domain field's value.
func (s *UpdateUserPoolDomainInput) SetDomain(v string) *UpdateUserPoolDomainInput {
	s.Domain = &v
	return s
}

// SetUserPoolId sets the UserPoolId field's value.
func (s *UpdateUserPoolDomainInput) SetUserPoolId(v string) *UpdateUserPoolDomainInput {
	s.UserPoolId = &v
	return s
}

// The UpdateUserPoolDomain response output.
type UpdateUserPoolDomainOutput struct {
	_ struct{} `type:"structure"`

	// The Amazon CloudFront endpoint that Amazon Cognito set up when you added
	// the custom domain to your user pool.
	CloudFrontDomain *string `min:"1" type:"string"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UpdateUserPoolDomainOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UpdateUserPoolDomainOutput) GoString() string {
	return s.String()
}

// SetCloudFrontDomain sets the CloudFrontDomain field's value.
func (s *UpdateUserPoolDomainOutput) SetCloudFrontDomain(v string) *UpdateUserPoolDomainOutput {
	s.CloudFrontDomain = &v
	return s
}

// Represents the request to update the user pool.
type UpdateUserPoolInput struct {
	_ struct{} `type:"structure"`

	// The available verified method a user can use to recover their password when
	// they call ForgotPassword. You can use this setting to define a preferred
	// method when a user has more than one method available. With this setting,
	// SMS doesn't qualify for a valid password recovery mechanism if the user also
	// has SMS multi-factor authentication (MFA) activated. In the absence of this
	// setting, Amazon Cognito uses the legacy behavior to determine the recovery
	// method where SMS is preferred through email.
	AccountRecoverySetting *AccountRecoverySettingType `type:"structure"`

	// The configuration for AdminCreateUser requests.
	AdminCreateUserConfig *AdminCreateUserConfigType `type:"structure"`

	// The attributes that are automatically verified when Amazon Cognito requests
	// to update user pools.
	AutoVerifiedAttributes []*string `type:"list" enum:"VerifiedAttributeType"`

	// When active, DeletionProtection prevents accidental deletion of your user
	// pool. Before you can delete a user pool that you have protected against deletion,
	// you must deactivate this feature.
	//
	// When you try to delete a protected user pool in a DeleteUserPool API request,
	// Amazon Cognito returns an InvalidParameterException error. To delete a protected
	// user pool, send a new DeleteUserPool request after you deactivate deletion
	// protection in an UpdateUserPool API request.
	DeletionProtection *string `type:"string" enum:"DeletionProtectionType"`

	// The device-remembering configuration for a user pool. A null value indicates
	// that you have deactivated device remembering in your user pool.
	//
	// When you provide a value for any DeviceConfiguration field, you activate
	// the Amazon Cognito device-remembering feature.
	DeviceConfiguration *DeviceConfigurationType `type:"structure"`

	// The email configuration of your user pool. The email configuration type sets
	// your preferred sending method, Amazon Web Services Region, and sender for
	// email invitation and verification messages from your user pool.
	EmailConfiguration *EmailConfigurationType `type:"structure"`

	// This parameter is no longer used. See VerificationMessageTemplateType (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_VerificationMessageTemplateType.html).
	EmailVerificationMessage *string `min:"6" type:"string"`

	// This parameter is no longer used. See VerificationMessageTemplateType (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_VerificationMessageTemplateType.html).
	EmailVerificationSubject *string `min:"1" type:"string"`

	// The Lambda configuration information from the request to update the user
	// pool.
	LambdaConfig *LambdaConfigType `type:"structure"`

	// Possible values include:
	//
	//    * OFF - MFA tokens aren't required and can't be specified during user
	//    registration.
	//
	//    * ON - MFA tokens are required for all user registrations. You can only
	//    specify ON when you're initially creating a user pool. You can use the
	//    SetUserPoolMfaConfig (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_SetUserPoolMfaConfig.html)
	//    API operation to turn MFA "ON" for existing user pools.
	//
	//    * OPTIONAL - Users have the option when registering to create an MFA token.
	MfaConfiguration *string `type:"string" enum:"UserPoolMfaType"`

	// A container with the policies you want to update in a user pool.
	Policies *UserPoolPolicyType `type:"structure"`

	// The contents of the SMS authentication message.
	SmsAuthenticationMessage *string `min:"6" type:"string"`

	// The SMS configuration with the settings that your Amazon Cognito user pool
	// must use to send an SMS message from your Amazon Web Services account through
	// Amazon Simple Notification Service. To send SMS messages with Amazon SNS
	// in the Amazon Web Services Region that you want, the Amazon Cognito user
	// pool uses an Identity and Access Management (IAM) role in your Amazon Web
	// Services account.
	SmsConfiguration *SmsConfigurationType `type:"structure"`

	// This parameter is no longer used. See VerificationMessageTemplateType (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_VerificationMessageTemplateType.html).
	SmsVerificationMessage *string `min:"6" type:"string"`

	// The settings for updates to user attributes. These settings include the property
	// AttributesRequireVerificationBeforeUpdate, a user-pool setting that tells
	// Amazon Cognito how to handle changes to the value of your users' email address
	// and phone number attributes. For more information, see Verifying updates
	// to email addresses and phone numbers (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-email-phone-verification.html#user-pool-settings-verifications-verify-attribute-updates).
	UserAttributeUpdateSettings *UserAttributeUpdateSettingsType `type:"structure"`

	// User pool add-ons. Contains settings for activation of advanced security
	// features. To log user security information but take no action, set to AUDIT.
	// To configure automatic security responses to risky traffic to your user pool,
	// set to ENFORCED.
	//
	// For more information, see Adding advanced security to a user pool (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-advanced-security.html).
	UserPoolAddOns *UserPoolAddOnsType `type:"structure"`

	// The user pool ID for the user pool you want to update.
	//
	// UserPoolId is a required field
	UserPoolId *string `min:"1" type:"string" required:"true"`

	// The tag keys and values to assign to the user pool. A tag is a label that
	// you can use to categorize and manage user pools in different ways, such as
	// by purpose, owner, environment, or other criteria.
	UserPoolTags map[string]*string `type:"map"`

	// The template for verification messages.
	VerificationMessageTemplate *VerificationMessageTemplateType `type:"structure"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UpdateUserPoolInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UpdateUserPoolInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *UpdateUserPoolInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "UpdateUserPoolInput"}
	if s.EmailVerificationMessage != nil && len(*s.EmailVerificationMessage) < 6 {
		invalidParams.Add(request.NewErrParamMinLen("EmailVerificationMessage", 6))
	}
	if s.EmailVerificationSubject != nil && len(*s.EmailVerificationSubject) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("EmailVerificationSubject", 1))
	}
	if s.SmsAuthenticationMessage != nil && len(*s.SmsAuthenticationMessage) < 6 {
		invalidParams.Add(request.NewErrParamMinLen("SmsAuthenticationMessage", 6))
	}
	if s.SmsVerificationMessage != nil && len(*s.SmsVerificationMessage) < 6 {
		invalidParams.Add(request.NewErrParamMinLen("SmsVerificationMessage", 6))
	}
	if s.UserPoolId == nil {
		invalidParams.Add(request.NewErrParamRequired("UserPoolId"))
	}
	if s.UserPoolId != nil && len(*s.UserPoolId) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("UserPoolId", 1))
	}
	if s.AccountRecoverySetting != nil {
		if err := s.AccountRecoverySetting.Validate(); err != nil {
			invalidParams.AddNested("AccountRecoverySetting", err.(request.ErrInvalidParams))
		}
	}
	if s.AdminCreateUserConfig != nil {
		if err := s.AdminCreateUserConfig.Validate(); err != nil {
			invalidParams.AddNested("AdminCreateUserConfig", err.(request.ErrInvalidParams))
		}
	}
	if s.EmailConfiguration != nil {
		if err := s.EmailConfiguration.Validate(); err != nil {
			invalidParams.AddNested("EmailConfiguration", err.(request.ErrInvalidParams))
		}
	}
	if s.LambdaConfig != nil {
		if err := s.LambdaConfig.Validate(); err != nil {
			invalidParams.AddNested("LambdaConfig", err.(request.ErrInvalidParams))
		}
	}
	if s.Policies != nil {
		if err := s.Policies.Validate(); err != nil {
			invalidParams.AddNested("Policies", err.(request.ErrInvalidParams))
		}
	}
	if s.SmsConfiguration != nil {
		if err := s.SmsConfiguration.Validate(); err != nil {
			invalidParams.AddNested("SmsConfiguration", err.(request.ErrInvalidParams))
		}
	}
	if s.UserPoolAddOns != nil {
		if err := s.UserPoolAddOns.Validate(); err != nil {
			invalidParams.AddNested("UserPoolAddOns", err.(request.ErrInvalidParams))
		}
	}
	if s.VerificationMessageTemplate != nil {
		if err := s.VerificationMessageTemplate.Validate(); err != nil {
			invalidParams.AddNested("VerificationMessageTemplate", err.(request.ErrInvalidParams))
		}
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetAccountRecoverySetting sets the AccountRecoverySetting field's value.
func (s *UpdateUserPoolInput) SetAccountRecoverySetting(v *AccountRecoverySettingType) *UpdateUserPoolInput {
	s.AccountRecoverySetting = v
	return s
}

// SetAdminCreateUserConfig sets the AdminCreateUserConfig field's value.
func (s *UpdateUserPoolInput) SetAdminCreateUserConfig(v *AdminCreateUserConfigType) *UpdateUserPoolInput {
	s.AdminCreateUserConfig = v
	return s
}

// SetAutoVerifiedAttributes sets the AutoVerifiedAttributes field's value.
func (s *UpdateUserPoolInput) SetAutoVerifiedAttributes(v []*string) *UpdateUserPoolInput {
	s.AutoVerifiedAttributes = v
	return s
}

// SetDeletionProtection sets the DeletionProtection field's value.
func (s *UpdateUserPoolInput) SetDeletionProtection(v string) *UpdateUserPoolInput {
	s.DeletionProtection = &v
	return s
}

// SetDeviceConfiguration sets the DeviceConfiguration field's value.
func (s *UpdateUserPoolInput) SetDeviceConfiguration(v *DeviceConfigurationType) *UpdateUserPoolInput {
	s.DeviceConfiguration = v
	return s
}

// SetEmailConfiguration sets the EmailConfiguration field's value.
func (s *UpdateUserPoolInput) SetEmailConfiguration(v *EmailConfigurationType) *UpdateUserPoolInput {
	s.EmailConfiguration = v
	return s
}

// SetEmailVerificationMessage sets the EmailVerificationMessage field's value.
func (s *UpdateUserPoolInput) SetEmailVerificationMessage(v string) *UpdateUserPoolInput {
	s.EmailVerificationMessage = &v
	return s
}

// SetEmailVerificationSubject sets the EmailVerificationSubject field's value.
func (s *UpdateUserPoolInput) SetEmailVerificationSubject(v string) *UpdateUserPoolInput {
	s.EmailVerificationSubject = &v
	return s
}

// SetLambdaConfig sets the LambdaConfig field's value.
func (s *UpdateUserPoolInput) SetLambdaConfig(v *LambdaConfigType) *UpdateUserPoolInput {
	s.LambdaConfig = v
	return s
}

// SetMfaConfiguration sets the MfaConfiguration field's value.
func (s *UpdateUserPoolInput) SetMfaConfiguration(v string) *UpdateUserPoolInput {
	s.MfaConfiguration = &v
	return s
}

// SetPolicies sets the Policies field's value.
func (s *UpdateUserPoolInput) SetPolicies(v *UserPoolPolicyType) *UpdateUserPoolInput {
	s.Policies = v
	return s
}

// SetSmsAuthenticationMessage sets the SmsAuthenticationMessage field's value.
func (s *UpdateUserPoolInput) SetSmsAuthenticationMessage(v string) *UpdateUserPoolInput {
	s.SmsAuthenticationMessage = &v
	return s
}

// SetSmsConfiguration sets the SmsConfiguration field's value.
func (s *UpdateUserPoolInput) SetSmsConfiguration(v *SmsConfigurationType) *UpdateUserPoolInput {
	s.SmsConfiguration = v
	return s
}

// SetSmsVerificationMessage sets the SmsVerificationMessage field's value.
func (s *UpdateUserPoolInput) SetSmsVerificationMessage(v string) *UpdateUserPoolInput {
	s.SmsVerificationMessage = &v
	return s
}

// SetUserAttributeUpdateSettings sets the UserAttributeUpdateSettings field's value.
func (s *UpdateUserPoolInput) SetUserAttributeUpdateSettings(v *UserAttributeUpdateSettingsType) *UpdateUserPoolInput {
	s.UserAttributeUpdateSettings = v
	return s
}

// SetUserPoolAddOns sets the UserPoolAddOns field's value.
func (s *UpdateUserPoolInput) SetUserPoolAddOns(v *UserPoolAddOnsType) *UpdateUserPoolInput {
	s.UserPoolAddOns = v
	return s
}

// SetUserPoolId sets the UserPoolId field's value.
func (s *UpdateUserPoolInput) SetUserPoolId(v string) *UpdateUserPoolInput {
	s.UserPoolId = &v
	return s
}

// SetUserPoolTags sets the UserPoolTags field's value.
func (s *UpdateUserPoolInput) SetUserPoolTags(v map[string]*string) *UpdateUserPoolInput {
	s.UserPoolTags = v
	return s
}

// SetVerificationMessageTemplate sets the VerificationMessageTemplate field's value.
func (s *UpdateUserPoolInput) SetVerificationMessageTemplate(v *VerificationMessageTemplateType) *UpdateUserPoolInput {
	s.VerificationMessageTemplate = v
	return s
}

// Represents the response from the server when you make a request to update
// the user pool.
type UpdateUserPoolOutput struct {
	_ struct{} `type:"structure"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UpdateUserPoolOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UpdateUserPoolOutput) GoString() string {
	return s.String()
}

// The settings for updates to user attributes. These settings include the property
// AttributesRequireVerificationBeforeUpdate, a user-pool setting that tells
// Amazon Cognito how to handle changes to the value of your users' email address
// and phone number attributes. For more information, see Verifying updates
// to email addresses and phone numbers (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-email-phone-verification.html#user-pool-settings-verifications-verify-attribute-updates).
type UserAttributeUpdateSettingsType struct {
	_ struct{} `type:"structure"`

	// Requires that your user verifies their email address, phone number, or both
	// before Amazon Cognito updates the value of that attribute. When you update
	// a user attribute that has this option activated, Amazon Cognito sends a verification
	// message to the new phone number or email address. Amazon Cognito doesn’t
	// change the value of the attribute until your user responds to the verification
	// message and confirms the new value.
	//
	// You can verify an updated email address or phone number with a VerifyUserAttribute
	// (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_VerifyUserAttribute.html)
	// API request. You can also call the AdminUpdateUserAttributes (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminUpdateUserAttributes.html)
	// API and set email_verified or phone_number_verified to true.
	//
	// When AttributesRequireVerificationBeforeUpdate is false, your user pool doesn't
	// require that your users verify attribute changes before Amazon Cognito updates
	// them. In a user pool where AttributesRequireVerificationBeforeUpdate is false,
	// API operations that change attribute values can immediately update a user’s
	// email or phone_number attribute.
	AttributesRequireVerificationBeforeUpdate []*string `type:"list" enum:"VerifiedAttributeType"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UserAttributeUpdateSettingsType) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UserAttributeUpdateSettingsType) GoString() string {
	return s.String()
}

// SetAttributesRequireVerificationBeforeUpdate sets the AttributesRequireVerificationBeforeUpdate field's value.
func (s *UserAttributeUpdateSettingsType) SetAttributesRequireVerificationBeforeUpdate(v []*string) *UserAttributeUpdateSettingsType {
	s.AttributesRequireVerificationBeforeUpdate = v
	return s
}

// Contextual data, such as the user's device fingerprint, IP address, or location,
// used for evaluating the risk of an unexpected event by Amazon Cognito advanced
// security.
type UserContextDataType struct {
	_ struct{} `type:"structure" sensitive:"true"`

	// Encoded device-fingerprint details that your app collected with the Amazon
	// Cognito context data collection library. For more information, see Adding
	// user device and session data to API requests (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-adaptive-authentication.html#user-pool-settings-adaptive-authentication-device-fingerprint).
	EncodedData *string `type:"string"`

	// The source IP address of your user's device.
	IpAddress *string `type:"string"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UserContextDataType) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UserContextDataType) GoString() string {
	return s.String()
}

// SetEncodedData sets the EncodedData field's value.
func (s *UserContextDataType) SetEncodedData(v string) *UserContextDataType {
	s.EncodedData = &v
	return s
}

// SetIpAddress sets the IpAddress field's value.
func (s *UserContextDataType) SetIpAddress(v string) *UserContextDataType {
	s.IpAddress = &v
	return s
}

// This exception is thrown when you're trying to modify a user pool while a
// user import job is in progress for that pool.
type UserImportInProgressException struct {
	_            struct{}                  `type:"structure"`
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	// The message returned when the user pool has an import job running.
	Message_ *string `locationName:"message" type:"string"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UserImportInProgressException) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UserImportInProgressException) GoString() string {
	return s.String()
}

func newErrorUserImportInProgressException(v protocol.ResponseMetadata) error {
	return &UserImportInProgressException{
		RespMetadata: v,
	}
}

// Code returns the exception type name.
func (s *UserImportInProgressException) Code() string {
	return "UserImportInProgressException"
}

// Message returns the exception's message.
func (s *UserImportInProgressException) Message() string {
	if s.Message_ != nil {
		return *s.Message_
	}
	return ""
}

// OrigErr always returns nil, satisfies awserr.Error interface.
func (s *UserImportInProgressException) OrigErr() error {
	return nil
}

func (s *UserImportInProgressException) Error() string {
	return fmt.Sprintf("%s: %s", s.Code(), s.Message())
}

// Status code returns the HTTP status code for the request's response error.
func (s *UserImportInProgressException) StatusCode() int {
	return s.RespMetadata.StatusCode
}

// RequestID returns the service's response RequestID for request.
func (s *UserImportInProgressException) RequestID() string {
	return s.RespMetadata.RequestID
}

// The user import job type.
type UserImportJobType struct {
	_ struct{} `type:"structure"`

	// The role Amazon Resource Name (ARN) for the Amazon CloudWatch Logging role
	// for the user import job. For more information, see "Creating the CloudWatch
	// Logs IAM Role" in the Amazon Cognito Developer Guide.
	CloudWatchLogsRoleArn *string `min:"20" type:"string"`

	// The date when the user import job was completed.
	CompletionDate *time.Time `type:"timestamp"`

	// The message returned when the user import job is completed.
	CompletionMessage *string `min:"1" type:"string"`

	// The date and time, in ISO 8601 (https://www.iso.org/iso-8601-date-and-time-format.html)
	// format, when the item was created.
	CreationDate *time.Time `type:"timestamp"`

	// The number of users that couldn't be imported.
	FailedUsers *int64 `type:"long"`

	// The number of users that were successfully imported.
	ImportedUsers *int64 `type:"long"`

	// The job ID for the user import job.
	JobId *string `min:"1" type:"string"`

	// The job name for the user import job.
	JobName *string `min:"1" type:"string"`

	// The pre-signed URL to be used to upload the .csv file.
	PreSignedUrl *string `type:"string"`

	// The number of users that were skipped.
	SkippedUsers *int64 `type:"long"`

	// The date when the user import job was started.
	StartDate *time.Time `type:"timestamp"`

	// The status of the user import job. One of the following:
	//
	//    * Created - The job was created but not started.
	//
	//    * Pending - A transition state. You have started the job, but it has not
	//    begun importing users yet.
	//
	//    * InProgress - The job has started, and users are being imported.
	//
	//    * Stopping - You have stopped the job, but the job has not stopped importing
	//    users yet.
	//
	//    * Stopped - You have stopped the job, and the job has stopped importing
	//    users.
	//
	//    * Succeeded - The job has completed successfully.
	//
	//    * Failed - The job has stopped due to an error.
	//
	//    * Expired - You created a job, but did not start the job within 24-48
	//    hours. All data associated with the job was deleted, and the job can't
	//    be started.
	Status *string `type:"string" enum:"UserImportJobStatusType"`

	// The user pool ID for the user pool that the users are being imported into.
	UserPoolId *string `min:"1" type:"string"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UserImportJobType) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UserImportJobType) GoString() string {
	return s.String()
}

// SetCloudWatchLogsRoleArn sets the CloudWatchLogsRoleArn field's value.
func (s *UserImportJobType) SetCloudWatchLogsRoleArn(v string) *UserImportJobType {
	s.CloudWatchLogsRoleArn = &v
	return s
}

// SetCompletionDate sets the CompletionDate field's value.
func (s *UserImportJobType) SetCompletionDate(v time.Time) *UserImportJobType {
	s.CompletionDate = &v
	return s
}

// SetCompletionMessage sets the CompletionMessage field's value.
func (s *UserImportJobType) SetCompletionMessage(v string) *UserImportJobType {
	s.CompletionMessage = &v
	return s
}

// SetCreationDate sets the CreationDate field's value.
func (s *UserImportJobType) SetCreationDate(v time.Time) *UserImportJobType {
	s.CreationDate = &v
	return s
}

// SetFailedUsers sets the FailedUsers field's value.
func (s *UserImportJobType) SetFailedUsers(v int64) *UserImportJobType {
	s.FailedUsers = &v
	return s
}

// SetImportedUsers sets the ImportedUsers field's value.
func (s *UserImportJobType) SetImportedUsers(v int64) *UserImportJobType {
	s.ImportedUsers = &v
	return s
}

// SetJobId sets the JobId field's value.
func (s *UserImportJobType) SetJobId(v string) *UserImportJobType {
	s.JobId = &v
	return s
}

// SetJobName sets the JobName field's value.
func (s *UserImportJobType) SetJobName(v string) *UserImportJobType {
	s.JobName = &v
	return s
}

// SetPreSignedUrl sets the PreSignedUrl field's value.
func (s *UserImportJobType) SetPreSignedUrl(v string) *UserImportJobType {
	s.PreSignedUrl = &v
	return s
}

// SetSkippedUsers sets the SkippedUsers field's value.
func (s *UserImportJobType) SetSkippedUsers(v int64) *UserImportJobType {
	s.SkippedUsers = &v
	return s
}

// SetStartDate sets the StartDate field's value.
func (s *UserImportJobType) SetStartDate(v time.Time) *UserImportJobType {
	s.StartDate = &v
	return s
}

// SetStatus sets the Status field's value.
func (s *UserImportJobType) SetStatus(v string) *UserImportJobType {
	s.Status = &v
	return s
}

// SetUserPoolId sets the UserPoolId field's value.
func (s *UserImportJobType) SetUserPoolId(v string) *UserImportJobType {
	s.UserPoolId = &v
	return s
}

// This exception is thrown when the Amazon Cognito service encounters a user
// validation exception with the Lambda service.
type UserLambdaValidationException struct {
	_            struct{}                  `type:"structure"`
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	// The message returned when the Amazon Cognito service returns a user validation
	// exception with the Lambda service.
	Message_ *string `locationName:"message" type:"string"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UserLambdaValidationException) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UserLambdaValidationException) GoString() string {
	return s.String()
}

func newErrorUserLambdaValidationException(v protocol.ResponseMetadata) error {
	return &UserLambdaValidationException{
		RespMetadata: v,
	}
}

// Code returns the exception type name.
func (s *UserLambdaValidationException) Code() string {
	return "UserLambdaValidationException"
}

// Message returns the exception's message.
func (s *UserLambdaValidationException) Message() string {
	if s.Message_ != nil {
		return *s.Message_
	}
	return ""
}

// OrigErr always returns nil, satisfies awserr.Error interface.
func (s *UserLambdaValidationException) OrigErr() error {
	return nil
}

func (s *UserLambdaValidationException) Error() string {
	return fmt.Sprintf("%s: %s", s.Code(), s.Message())
}

// Status code returns the HTTP status code for the request's response error.
func (s *UserLambdaValidationException) StatusCode() int {
	return s.RespMetadata.StatusCode
}

// RequestID returns the service's response RequestID for request.
func (s *UserLambdaValidationException) RequestID() string {
	return s.RespMetadata.RequestID
}

// This exception is thrown when a user isn't confirmed successfully.
type UserNotConfirmedException struct {
	_            struct{}                  `type:"structure"`
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	// The message returned when a user isn't confirmed successfully.
	Message_ *string `locationName:"message" type:"string"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UserNotConfirmedException) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UserNotConfirmedException) GoString() string {
	return s.String()
}

func newErrorUserNotConfirmedException(v protocol.ResponseMetadata) error {
	return &UserNotConfirmedException{
		RespMetadata: v,
	}
}

// Code returns the exception type name.
func (s *UserNotConfirmedException) Code() string {
	return "UserNotConfirmedException"
}

// Message returns the exception's message.
func (s *UserNotConfirmedException) Message() string {
	if s.Message_ != nil {
		return *s.Message_
	}
	return ""
}

// OrigErr always returns nil, satisfies awserr.Error interface.
func (s *UserNotConfirmedException) OrigErr() error {
	return nil
}

func (s *UserNotConfirmedException) Error() string {
	return fmt.Sprintf("%s: %s", s.Code(), s.Message())
}

// Status code returns the HTTP status code for the request's response error.
func (s *UserNotConfirmedException) StatusCode() int {
	return s.RespMetadata.StatusCode
}

// RequestID returns the service's response RequestID for request.
func (s *UserNotConfirmedException) RequestID() string {
	return s.RespMetadata.RequestID
}

// This exception is thrown when a user isn't found.
type UserNotFoundException struct {
	_            struct{}                  `type:"structure"`
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	// The message returned when a user isn't found.
	Message_ *string `locationName:"message" type:"string"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UserNotFoundException) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UserNotFoundException) GoString() string {
	return s.String()
}

func newErrorUserNotFoundException(v protocol.ResponseMetadata) error {
	return &UserNotFoundException{
		RespMetadata: v,
	}
}

// Code returns the exception type name.
func (s *UserNotFoundException) Code() string {
	return "UserNotFoundException"
}

// Message returns the exception's message.
func (s *UserNotFoundException) Message() string {
	if s.Message_ != nil {
		return *s.Message_
	}
	return ""
}

// OrigErr always returns nil, satisfies awserr.Error interface.
func (s *UserNotFoundException) OrigErr() error {
	return nil
}

func (s *UserNotFoundException) Error() string {
	return fmt.Sprintf("%s: %s", s.Code(), s.Message())
}

// Status code returns the HTTP status code for the request's response error.
func (s *UserNotFoundException) StatusCode() int {
	return s.RespMetadata.StatusCode
}

// RequestID returns the service's response RequestID for request.
func (s *UserNotFoundException) RequestID() string {
	return s.RespMetadata.RequestID
}

// This exception is thrown when user pool add-ons aren't enabled.
type UserPoolAddOnNotEnabledException struct {
	_            struct{}                  `type:"structure"`
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	Message_ *string `locationName:"message" type:"string"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UserPoolAddOnNotEnabledException) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UserPoolAddOnNotEnabledException) GoString() string {
	return s.String()
}

func newErrorUserPoolAddOnNotEnabledException(v protocol.ResponseMetadata) error {
	return &UserPoolAddOnNotEnabledException{
		RespMetadata: v,
	}
}

// Code returns the exception type name.
func (s *UserPoolAddOnNotEnabledException) Code() string {
	return "UserPoolAddOnNotEnabledException"
}

// Message returns the exception's message.
func (s *UserPoolAddOnNotEnabledException) Message() string {
	if s.Message_ != nil {
		return *s.Message_
	}
	return ""
}

// OrigErr always returns nil, satisfies awserr.Error interface.
func (s *UserPoolAddOnNotEnabledException) OrigErr() error {
	return nil
}

func (s *UserPoolAddOnNotEnabledException) Error() string {
	return fmt.Sprintf("%s: %s", s.Code(), s.Message())
}

// Status code returns the HTTP status code for the request's response error.
func (s *UserPoolAddOnNotEnabledException) StatusCode() int {
	return s.RespMetadata.StatusCode
}

// RequestID returns the service's response RequestID for request.
func (s *UserPoolAddOnNotEnabledException) RequestID() string {
	return s.RespMetadata.RequestID
}

// User pool add-ons. Contains settings for activation of advanced security
// features. To log user security information but take no action, set to AUDIT.
// To configure automatic security responses to risky traffic to your user pool,
// set to ENFORCED.
//
// For more information, see Adding advanced security to a user pool (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-advanced-security.html).
type UserPoolAddOnsType struct {
	_ struct{} `type:"structure"`

	// The operating mode of advanced security features in your user pool.
	//
	// AdvancedSecurityMode is a required field
	AdvancedSecurityMode *string `type:"string" required:"true" enum:"AdvancedSecurityModeType"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UserPoolAddOnsType) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UserPoolAddOnsType) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *UserPoolAddOnsType) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "UserPoolAddOnsType"}
	if s.AdvancedSecurityMode == nil {
		invalidParams.Add(request.NewErrParamRequired("AdvancedSecurityMode"))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetAdvancedSecurityMode sets the AdvancedSecurityMode field's value.
func (s *UserPoolAddOnsType) SetAdvancedSecurityMode(v string) *UserPoolAddOnsType {
	s.AdvancedSecurityMode = &v
	return s
}

// The description of the user pool client.
type UserPoolClientDescription struct {
	_ struct{} `type:"structure"`

	// The ID of the client associated with the user pool.
	//
	// ClientId is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by UserPoolClientDescription's
	// String and GoString methods.
	ClientId *string `min:"1" type:"string" sensitive:"true"`

	// The client name from the user pool client description.
	ClientName *string `min:"1" type:"string"`

	// The user pool ID for the user pool where you want to describe the user pool
	// client.
	UserPoolId *string `min:"1" type:"string"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UserPoolClientDescription) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UserPoolClientDescription) GoString() string {
	return s.String()
}

// SetClientId sets the ClientId field's value.
func (s *UserPoolClientDescription) SetClientId(v string) *UserPoolClientDescription {
	s.ClientId = &v
	return s
}

// SetClientName sets the ClientName field's value.
func (s *UserPoolClientDescription) SetClientName(v string) *UserPoolClientDescription {
	s.ClientName = &v
	return s
}

// SetUserPoolId sets the UserPoolId field's value.
func (s *UserPoolClientDescription) SetUserPoolId(v string) *UserPoolClientDescription {
	s.UserPoolId = &v
	return s
}

// Contains information about a user pool client.
type UserPoolClientType struct {
	_ struct{} `type:"structure"`

	// The access token time limit. After this limit expires, your user can't use
	// their access token. To specify the time unit for AccessTokenValidity as seconds,
	// minutes, hours, or days, set a TokenValidityUnits value in your API request.
	//
	// For example, when you set AccessTokenValidity to 10 and TokenValidityUnits
	// to hours, your user can authorize access with their access token for 10 hours.
	//
	// The default time unit for AccessTokenValidity in an API request is hours.
	// Valid range is displayed below in seconds.
	//
	// If you don't specify otherwise in the configuration of your app client, your
	// access tokens are valid for one hour.
	AccessTokenValidity *int64 `min:"1" type:"integer"`

	// The allowed OAuth flows.
	//
	// code
	//
	// Use a code grant flow, which provides an authorization code as the response.
	// This code can be exchanged for access tokens with the /oauth2/token endpoint.
	//
	// implicit
	//
	// Issue the access token (and, optionally, ID token, based on scopes) directly
	// to your user.
	//
	// client_credentials
	//
	// Issue the access token from the /oauth2/token endpoint directly to a non-person
	// user using a combination of the client ID and client secret.
	AllowedOAuthFlows []*string `type:"list" enum:"OAuthFlowType"`

	// Set to true to use OAuth 2.0 features in your user pool app client.
	//
	// AllowedOAuthFlowsUserPoolClient must be true before you can configure the
	// following features in your app client.
	//
	//    * CallBackURLs: Callback URLs.
	//
	//    * LogoutURLs: Sign-out redirect URLs.
	//
	//    * AllowedOAuthScopes: OAuth 2.0 scopes.
	//
	//    * AllowedOAuthFlows: Support for authorization code, implicit, and client
	//    credentials OAuth 2.0 grants.
	//
	// To use OAuth 2.0 features, configure one of these features in the Amazon
	// Cognito console or set AllowedOAuthFlowsUserPoolClient to true in a CreateUserPoolClient
	// or UpdateUserPoolClient API request. If you don't set a value for AllowedOAuthFlowsUserPoolClient
	// in a request with the CLI or SDKs, it defaults to false.
	AllowedOAuthFlowsUserPoolClient *bool `type:"boolean"`

	// The OAuth scopes that your app client supports. Possible values that OAuth
	// provides are phone, email, openid, and profile. Possible values that Amazon
	// Web Services provides are aws.cognito.signin.user.admin. Amazon Cognito also
	// supports custom scopes that you create in Resource Servers.
	AllowedOAuthScopes []*string `type:"list"`

	// The Amazon Pinpoint analytics configuration for the user pool client.
	//
	// Amazon Cognito user pools only support sending events to Amazon Pinpoint
	// projects in the US East (N. Virginia) us-east-1 Region, regardless of the
	// Region where the user pool resides.
	AnalyticsConfiguration *AnalyticsConfigurationType `type:"structure"`

	// Amazon Cognito creates a session token for each API request in an authentication
	// flow. AuthSessionValidity is the duration, in minutes, of that session token.
	// Your user pool native user must respond to each authentication challenge
	// before the session expires.
	AuthSessionValidity *int64 `min:"3" type:"integer"`

	// A list of allowed redirect (callback) URLs for the IdPs.
	//
	// A redirect URI must:
	//
	//    * Be an absolute URI.
	//
	//    * Be registered with the authorization server.
	//
	//    * Not include a fragment component.
	//
	// See OAuth 2.0 - Redirection Endpoint (https://tools.ietf.org/html/rfc6749#section-3.1.2).
	//
	// Amazon Cognito requires HTTPS over HTTP except for http://localhost for testing
	// purposes only.
	//
	// App callback URLs such as myapp://example are also supported.
	CallbackURLs []*string `type:"list"`

	// The ID of the client associated with the user pool.
	//
	// ClientId is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by UserPoolClientType's
	// String and GoString methods.
	ClientId *string `min:"1" type:"string" sensitive:"true"`

	// The client name from the user pool request of the client type.
	ClientName *string `min:"1" type:"string"`

	// The client secret from the user pool request of the client type.
	//
	// ClientSecret is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by UserPoolClientType's
	// String and GoString methods.
	ClientSecret *string `min:"1" type:"string" sensitive:"true"`

	// The date and time, in ISO 8601 (https://www.iso.org/iso-8601-date-and-time-format.html)
	// format, when the item was created.
	CreationDate *time.Time `type:"timestamp"`

	// The default redirect URI. Must be in the CallbackURLs list.
	//
	// A redirect URI must:
	//
	//    * Be an absolute URI.
	//
	//    * Be registered with the authorization server.
	//
	//    * Not include a fragment component.
	//
	// See OAuth 2.0 - Redirection Endpoint (https://tools.ietf.org/html/rfc6749#section-3.1.2).
	//
	// Amazon Cognito requires HTTPS over HTTP except for http://localhost for testing
	// purposes only.
	//
	// App callback URLs such as myapp://example are also supported.
	DefaultRedirectURI *string `min:"1" type:"string"`

	// When EnablePropagateAdditionalUserContextData is true, Amazon Cognito accepts
	// an IpAddress value that you send in the UserContextData parameter. The UserContextData
	// parameter sends information to Amazon Cognito advanced security for risk
	// analysis. You can send UserContextData when you sign in Amazon Cognito native
	// users with the InitiateAuth and RespondToAuthChallenge API operations.
	//
	// When EnablePropagateAdditionalUserContextData is false, you can't send your
	// user's source IP address to Amazon Cognito advanced security with unauthenticated
	// API operations. EnablePropagateAdditionalUserContextData doesn't affect whether
	// you can send a source IP address in a ContextData parameter with the authenticated
	// API operations AdminInitiateAuth and AdminRespondToAuthChallenge.
	//
	// You can only activate EnablePropagateAdditionalUserContextData in an app
	// client that has a client secret. For more information about propagation of
	// user context data, see Adding user device and session data to API requests
	// (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-adaptive-authentication.html#user-pool-settings-adaptive-authentication-device-fingerprint).
	EnablePropagateAdditionalUserContextData *bool `type:"boolean"`

	// Indicates whether token revocation is activated for the user pool client.
	// When you create a new user pool client, token revocation is activated by
	// default. For more information about revoking tokens, see RevokeToken (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_RevokeToken.html).
	EnableTokenRevocation *bool `type:"boolean"`

	// The authentication flows that you want your user pool client to support.
	// For each app client in your user pool, you can sign in your users with any
	// combination of one or more flows, including with a user name and Secure Remote
	// Password (SRP), a user name and password, or a custom authentication process
	// that you define with Lambda functions.
	//
	// If you don't specify a value for ExplicitAuthFlows, your user client supports
	// ALLOW_REFRESH_TOKEN_AUTH, ALLOW_USER_SRP_AUTH, and ALLOW_CUSTOM_AUTH.
	//
	// Valid values include:
	//
	//    * ALLOW_ADMIN_USER_PASSWORD_AUTH: Enable admin based user password authentication
	//    flow ADMIN_USER_PASSWORD_AUTH. This setting replaces the ADMIN_NO_SRP_AUTH
	//    setting. With this authentication flow, your app passes a user name and
	//    password to Amazon Cognito in the request, instead of using the Secure
	//    Remote Password (SRP) protocol to securely transmit the password.
	//
	//    * ALLOW_CUSTOM_AUTH: Enable Lambda trigger based authentication.
	//
	//    * ALLOW_USER_PASSWORD_AUTH: Enable user password-based authentication.
	//    In this flow, Amazon Cognito receives the password in the request instead
	//    of using the SRP protocol to verify passwords.
	//
	//    * ALLOW_USER_SRP_AUTH: Enable SRP-based authentication.
	//
	//    * ALLOW_REFRESH_TOKEN_AUTH: Enable authflow to refresh tokens.
	//
	// In some environments, you will see the values ADMIN_NO_SRP_AUTH, CUSTOM_AUTH_FLOW_ONLY,
	// or USER_PASSWORD_AUTH. You can't assign these legacy ExplicitAuthFlows values
	// to user pool clients at the same time as values that begin with ALLOW_, like
	// ALLOW_USER_SRP_AUTH.
	ExplicitAuthFlows []*string `type:"list" enum:"ExplicitAuthFlowsType"`

	// The ID token time limit. After this limit expires, your user can't use their
	// ID token. To specify the time unit for IdTokenValidity as seconds, minutes,
	// hours, or days, set a TokenValidityUnits value in your API request.
	//
	// For example, when you set IdTokenValidity as 10 and TokenValidityUnits as
	// hours, your user can authenticate their session with their ID token for 10
	// hours.
	//
	// The default time unit for IdTokenValidity in an API request is hours. Valid
	// range is displayed below in seconds.
	//
	// If you don't specify otherwise in the configuration of your app client, your
	// ID tokens are valid for one hour.
	IdTokenValidity *int64 `min:"1" type:"integer"`

	// The date and time, in ISO 8601 (https://www.iso.org/iso-8601-date-and-time-format.html)
	// format, when the item was modified.
	LastModifiedDate *time.Time `type:"timestamp"`

	// A list of allowed logout URLs for the IdPs.
	LogoutURLs []*string `type:"list"`

	// Errors and responses that you want Amazon Cognito APIs to return during authentication,
	// account confirmation, and password recovery when the user doesn't exist in
	// the user pool. When set to ENABLED and the user doesn't exist, authentication
	// returns an error indicating either the username or password was incorrect.
	// Account confirmation and password recovery return a response indicating a
	// code was sent to a simulated destination. When set to LEGACY, those APIs
	// return a UserNotFoundException exception if the user doesn't exist in the
	// user pool.
	//
	// Valid values include:
	//
	//    * ENABLED - This prevents user existence-related errors.
	//
	//    * LEGACY - This represents the old behavior of Amazon Cognito where user
	//    existence related errors aren't prevented.
	PreventUserExistenceErrors *string `type:"string" enum:"PreventUserExistenceErrorTypes"`

	// The list of user attributes that you want your app client to have read-only
	// access to. After your user authenticates in your app, their access token
	// authorizes them to read their own attribute value for any attribute in this
	// list. An example of this kind of activity is when your user selects a link
	// to view their profile information. Your app makes a GetUser (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_GetUser.html)
	// API request to retrieve and display your user's profile data.
	//
	// When you don't specify the ReadAttributes for your app client, your app can
	// read the values of email_verified, phone_number_verified, and the Standard
	// attributes of your user pool. When your user pool has read access to these
	// default attributes, ReadAttributes doesn't return any information. Amazon
	// Cognito only populates ReadAttributes in the API response if you have specified
	// your own custom set of read attributes.
	ReadAttributes []*string `type:"list"`

	// The refresh token time limit. After this limit expires, your user can't use
	// their refresh token. To specify the time unit for RefreshTokenValidity as
	// seconds, minutes, hours, or days, set a TokenValidityUnits value in your
	// API request.
	//
	// For example, when you set RefreshTokenValidity as 10 and TokenValidityUnits
	// as days, your user can refresh their session and retrieve new access and
	// ID tokens for 10 days.
	//
	// The default time unit for RefreshTokenValidity in an API request is days.
	// You can't set RefreshTokenValidity to 0. If you do, Amazon Cognito overrides
	// the value with the default value of 30 days. Valid range is displayed below
	// in seconds.
	//
	// If you don't specify otherwise in the configuration of your app client, your
	// refresh tokens are valid for 30 days.
	RefreshTokenValidity *int64 `type:"integer"`

	// A list of provider names for the IdPs that this client supports. The following
	// are supported: COGNITO, Facebook, Google, SignInWithApple, LoginWithAmazon,
	// and the names of your own SAML and OIDC providers.
	SupportedIdentityProviders []*string `type:"list"`

	// The time units used to specify the token validity times of each token type:
	// ID, access, and refresh.
	TokenValidityUnits *TokenValidityUnitsType `type:"structure"`

	// The user pool ID for the user pool client.
	UserPoolId *string `min:"1" type:"string"`

	// The list of user attributes that you want your app client to have write access
	// to. After your user authenticates in your app, their access token authorizes
	// them to set or modify their own attribute value for any attribute in this
	// list. An example of this kind of activity is when you present your user with
	// a form to update their profile information and they change their last name.
	// Your app then makes an UpdateUserAttributes (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UpdateUserAttributes.html)
	// API request and sets family_name to the new value.
	//
	// When you don't specify the WriteAttributes for your app client, your app
	// can write the values of the Standard attributes of your user pool. When your
	// user pool has write access to these default attributes, WriteAttributes doesn't
	// return any information. Amazon Cognito only populates WriteAttributes in
	// the API response if you have specified your own custom set of write attributes.
	//
	// If your app client allows users to sign in through an IdP, this array must
	// include all attributes that you have mapped to IdP attributes. Amazon Cognito
	// updates mapped attributes when users sign in to your application through
	// an IdP. If your app client does not have write access to a mapped attribute,
	// Amazon Cognito throws an error when it tries to update the attribute. For
	// more information, see Specifying IdP Attribute Mappings for Your user pool
	// (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-specifying-attribute-mapping.html).
	WriteAttributes []*string `type:"list"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UserPoolClientType) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UserPoolClientType) GoString() string {
	return s.String()
}

// SetAccessTokenValidity sets the AccessTokenValidity field's value.
func (s *UserPoolClientType) SetAccessTokenValidity(v int64) *UserPoolClientType {
	s.AccessTokenValidity = &v
	return s
}

// SetAllowedOAuthFlows sets the AllowedOAuthFlows field's value.
func (s *UserPoolClientType) SetAllowedOAuthFlows(v []*string) *UserPoolClientType {
	s.AllowedOAuthFlows = v
	return s
}

// SetAllowedOAuthFlowsUserPoolClient sets the AllowedOAuthFlowsUserPoolClient field's value.
func (s *UserPoolClientType) SetAllowedOAuthFlowsUserPoolClient(v bool) *UserPoolClientType {
	s.AllowedOAuthFlowsUserPoolClient = &v
	return s
}

// SetAllowedOAuthScopes sets the AllowedOAuthScopes field's value.
func (s *UserPoolClientType) SetAllowedOAuthScopes(v []*string) *UserPoolClientType {
	s.AllowedOAuthScopes = v
	return s
}

// SetAnalyticsConfiguration sets the AnalyticsConfiguration field's value.
func (s *UserPoolClientType) SetAnalyticsConfiguration(v *AnalyticsConfigurationType) *UserPoolClientType {
	s.AnalyticsConfiguration = v
	return s
}

// SetAuthSessionValidity sets the AuthSessionValidity field's value.
func (s *UserPoolClientType) SetAuthSessionValidity(v int64) *UserPoolClientType {
	s.AuthSessionValidity = &v
	return s
}

// SetCallbackURLs sets the CallbackURLs field's value.
func (s *UserPoolClientType) SetCallbackURLs(v []*string) *UserPoolClientType {
	s.CallbackURLs = v
	return s
}

// SetClientId sets the ClientId field's value.
func (s *UserPoolClientType) SetClientId(v string) *UserPoolClientType {
	s.ClientId = &v
	return s
}

// SetClientName sets the ClientName field's value.
func (s *UserPoolClientType) SetClientName(v string) *UserPoolClientType {
	s.ClientName = &v
	return s
}

// SetClientSecret sets the ClientSecret field's value.
func (s *UserPoolClientType) SetClientSecret(v string) *UserPoolClientType {
	s.ClientSecret = &v
	return s
}

// SetCreationDate sets the CreationDate field's value.
func (s *UserPoolClientType) SetCreationDate(v time.Time) *UserPoolClientType {
	s.CreationDate = &v
	return s
}

// SetDefaultRedirectURI sets the DefaultRedirectURI field's value.
func (s *UserPoolClientType) SetDefaultRedirectURI(v string) *UserPoolClientType {
	s.DefaultRedirectURI = &v
	return s
}

// SetEnablePropagateAdditionalUserContextData sets the EnablePropagateAdditionalUserContextData field's value.
func (s *UserPoolClientType) SetEnablePropagateAdditionalUserContextData(v bool) *UserPoolClientType {
	s.EnablePropagateAdditionalUserContextData = &v
	return s
}

// SetEnableTokenRevocation sets the EnableTokenRevocation field's value.
func (s *UserPoolClientType) SetEnableTokenRevocation(v bool) *UserPoolClientType {
	s.EnableTokenRevocation = &v
	return s
}

// SetExplicitAuthFlows sets the ExplicitAuthFlows field's value.
func (s *UserPoolClientType) SetExplicitAuthFlows(v []*string) *UserPoolClientType {
	s.ExplicitAuthFlows = v
	return s
}

// SetIdTokenValidity sets the IdTokenValidity field's value.
func (s *UserPoolClientType) SetIdTokenValidity(v int64) *UserPoolClientType {
	s.IdTokenValidity = &v
	return s
}

// SetLastModifiedDate sets the LastModifiedDate field's value.
func (s *UserPoolClientType) SetLastModifiedDate(v time.Time) *UserPoolClientType {
	s.LastModifiedDate = &v
	return s
}

// SetLogoutURLs sets the LogoutURLs field's value.
func (s *UserPoolClientType) SetLogoutURLs(v []*string) *UserPoolClientType {
	s.LogoutURLs = v
	return s
}

// SetPreventUserExistenceErrors sets the PreventUserExistenceErrors field's value.
func (s *UserPoolClientType) SetPreventUserExistenceErrors(v string) *UserPoolClientType {
	s.PreventUserExistenceErrors = &v
	return s
}

// SetReadAttributes sets the ReadAttributes field's value.
func (s *UserPoolClientType) SetReadAttributes(v []*string) *UserPoolClientType {
	s.ReadAttributes = v
	return s
}

// SetRefreshTokenValidity sets the RefreshTokenValidity field's value.
func (s *UserPoolClientType) SetRefreshTokenValidity(v int64) *UserPoolClientType {
	s.RefreshTokenValidity = &v
	return s
}

// SetSupportedIdentityProviders sets the SupportedIdentityProviders field's value.
func (s *UserPoolClientType) SetSupportedIdentityProviders(v []*string) *UserPoolClientType {
	s.SupportedIdentityProviders = v
	return s
}

// SetTokenValidityUnits sets the TokenValidityUnits field's value.
func (s *UserPoolClientType) SetTokenValidityUnits(v *TokenValidityUnitsType) *UserPoolClientType {
	s.TokenValidityUnits = v
	return s
}

// SetUserPoolId sets the UserPoolId field's value.
func (s *UserPoolClientType) SetUserPoolId(v string) *UserPoolClientType {
	s.UserPoolId = &v
	return s
}

// SetWriteAttributes sets the WriteAttributes field's value.
func (s *UserPoolClientType) SetWriteAttributes(v []*string) *UserPoolClientType {
	s.WriteAttributes = v
	return s
}

// A user pool description.
type UserPoolDescriptionType struct {
	_ struct{} `type:"structure"`

	// The date and time, in ISO 8601 (https://www.iso.org/iso-8601-date-and-time-format.html)
	// format, when the item was created.
	CreationDate *time.Time `type:"timestamp"`

	// The ID in a user pool description.
	Id *string `min:"1" type:"string"`

	// The Lambda configuration information in a user pool description.
	LambdaConfig *LambdaConfigType `type:"structure"`

	// The date and time, in ISO 8601 (https://www.iso.org/iso-8601-date-and-time-format.html)
	// format, when the item was modified.
	LastModifiedDate *time.Time `type:"timestamp"`

	// The name in a user pool description.
	Name *string `min:"1" type:"string"`

	// The user pool status in a user pool description.
	//
	// Deprecated: This property is no longer available.
	Status *string `deprecated:"true" type:"string" enum:"StatusType"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UserPoolDescriptionType) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UserPoolDescriptionType) GoString() string {
	return s.String()
}

// SetCreationDate sets the CreationDate field's value.
func (s *UserPoolDescriptionType) SetCreationDate(v time.Time) *UserPoolDescriptionType {
	s.CreationDate = &v
	return s
}

// SetId sets the Id field's value.
func (s *UserPoolDescriptionType) SetId(v string) *UserPoolDescriptionType {
	s.Id = &v
	return s
}

// SetLambdaConfig sets the LambdaConfig field's value.
func (s *UserPoolDescriptionType) SetLambdaConfig(v *LambdaConfigType) *UserPoolDescriptionType {
	s.LambdaConfig = v
	return s
}

// SetLastModifiedDate sets the LastModifiedDate field's value.
func (s *UserPoolDescriptionType) SetLastModifiedDate(v time.Time) *UserPoolDescriptionType {
	s.LastModifiedDate = &v
	return s
}

// SetName sets the Name field's value.
func (s *UserPoolDescriptionType) SetName(v string) *UserPoolDescriptionType {
	s.Name = &v
	return s
}

// SetStatus sets the Status field's value.
func (s *UserPoolDescriptionType) SetStatus(v string) *UserPoolDescriptionType {
	s.Status = &v
	return s
}

// The policy associated with a user pool.
type UserPoolPolicyType struct {
	_ struct{} `type:"structure"`

	// The password policy.
	PasswordPolicy *PasswordPolicyType `type:"structure"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UserPoolPolicyType) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UserPoolPolicyType) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *UserPoolPolicyType) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "UserPoolPolicyType"}
	if s.PasswordPolicy != nil {
		if err := s.PasswordPolicy.Validate(); err != nil {
			invalidParams.AddNested("PasswordPolicy", err.(request.ErrInvalidParams))
		}
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetPasswordPolicy sets the PasswordPolicy field's value.
func (s *UserPoolPolicyType) SetPasswordPolicy(v *PasswordPolicyType) *UserPoolPolicyType {
	s.PasswordPolicy = v
	return s
}

// This exception is thrown when a user pool tag can't be set or updated.
type UserPoolTaggingException struct {
	_            struct{}                  `type:"structure"`
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	Message_ *string `locationName:"message" type:"string"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UserPoolTaggingException) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UserPoolTaggingException) GoString() string {
	return s.String()
}

func newErrorUserPoolTaggingException(v protocol.ResponseMetadata) error {
	return &UserPoolTaggingException{
		RespMetadata: v,
	}
}

// Code returns the exception type name.
func (s *UserPoolTaggingException) Code() string {
	return "UserPoolTaggingException"
}

// Message returns the exception's message.
func (s *UserPoolTaggingException) Message() string {
	if s.Message_ != nil {
		return *s.Message_
	}
	return ""
}

// OrigErr always returns nil, satisfies awserr.Error interface.
func (s *UserPoolTaggingException) OrigErr() error {
	return nil
}

func (s *UserPoolTaggingException) Error() string {
	return fmt.Sprintf("%s: %s", s.Code(), s.Message())
}

// Status code returns the HTTP status code for the request's response error.
func (s *UserPoolTaggingException) StatusCode() int {
	return s.RespMetadata.StatusCode
}

// RequestID returns the service's response RequestID for request.
func (s *UserPoolTaggingException) RequestID() string {
	return s.RespMetadata.RequestID
}

// A container for information about the user pool.
type UserPoolType struct {
	_ struct{} `type:"structure"`

	// The available verified method a user can use to recover their password when
	// they call ForgotPassword. You can use this setting to define a preferred
	// method when a user has more than one method available. With this setting,
	// SMS doesn't qualify for a valid password recovery mechanism if the user also
	// has SMS multi-factor authentication (MFA) activated. In the absence of this
	// setting, Amazon Cognito uses the legacy behavior to determine the recovery
	// method where SMS is preferred through email.
	AccountRecoverySetting *AccountRecoverySettingType `type:"structure"`

	// The configuration for AdminCreateUser requests.
	AdminCreateUserConfig *AdminCreateUserConfigType `type:"structure"`

	// The attributes that are aliased in a user pool.
	AliasAttributes []*string `type:"list" enum:"AliasAttributeType"`

	// The Amazon Resource Name (ARN) for the user pool.
	Arn *string `min:"20" type:"string"`

	// The attributes that are auto-verified in a user pool.
	AutoVerifiedAttributes []*string `type:"list" enum:"VerifiedAttributeType"`

	// The date and time, in ISO 8601 (https://www.iso.org/iso-8601-date-and-time-format.html)
	// format, when the item was created.
	CreationDate *time.Time `type:"timestamp"`

	// A custom domain name that you provide to Amazon Cognito. This parameter applies
	// only if you use a custom domain to host the sign-up and sign-in pages for
	// your application. An example of a custom domain name might be auth.example.com.
	//
	// For more information about adding a custom domain to your user pool, see
	// Using Your Own Domain for the Hosted UI (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-add-custom-domain.html).
	CustomDomain *string `min:"1" type:"string"`

	// When active, DeletionProtection prevents accidental deletion of your user
	// pool. Before you can delete a user pool that you have protected against deletion,
	// you must deactivate this feature.
	//
	// When you try to delete a protected user pool in a DeleteUserPool API request,
	// Amazon Cognito returns an InvalidParameterException error. To delete a protected
	// user pool, send a new DeleteUserPool request after you deactivate deletion
	// protection in an UpdateUserPool API request.
	DeletionProtection *string `type:"string" enum:"DeletionProtectionType"`

	// The device-remembering configuration for a user pool. A null value indicates
	// that you have deactivated device remembering in your user pool.
	//
	// When you provide a value for any DeviceConfiguration field, you activate
	// the Amazon Cognito device-remembering feature.
	DeviceConfiguration *DeviceConfigurationType `type:"structure"`

	// The domain prefix, if the user pool has a domain associated with it.
	Domain *string `min:"1" type:"string"`

	// The email configuration of your user pool. The email configuration type sets
	// your preferred sending method, Amazon Web Services Region, and sender for
	// messages from your user pool.
	EmailConfiguration *EmailConfigurationType `type:"structure"`

	// Deprecated. Review error codes from API requests with EventSource:cognito-idp.amazonaws.com
	// in CloudTrail for information about problems with user pool email configuration.
	EmailConfigurationFailure *string `type:"string"`

	// This parameter is no longer used. See VerificationMessageTemplateType (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_VerificationMessageTemplateType.html).
	EmailVerificationMessage *string `min:"6" type:"string"`

	// This parameter is no longer used. See VerificationMessageTemplateType (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_VerificationMessageTemplateType.html).
	EmailVerificationSubject *string `min:"1" type:"string"`

	// A number estimating the size of the user pool.
	EstimatedNumberOfUsers *int64 `type:"integer"`

	// The ID of the user pool.
	Id *string `min:"1" type:"string"`

	// The Lambda triggers associated with the user pool.
	LambdaConfig *LambdaConfigType `type:"structure"`

	// The date and time, in ISO 8601 (https://www.iso.org/iso-8601-date-and-time-format.html)
	// format, when the item was modified.
	LastModifiedDate *time.Time `type:"timestamp"`

	// Can be one of the following values:
	//
	//    * OFF - MFA tokens aren't required and can't be specified during user
	//    registration.
	//
	//    * ON - MFA tokens are required for all user registrations. You can only
	//    specify required when you're initially creating a user pool.
	//
	//    * OPTIONAL - Users have the option when registering to create an MFA token.
	MfaConfiguration *string `type:"string" enum:"UserPoolMfaType"`

	// The name of the user pool.
	Name *string `min:"1" type:"string"`

	// The policies associated with the user pool.
	Policies *UserPoolPolicyType `type:"structure"`

	// A list of the user attributes and their properties in your user pool. The
	// attribute schema contains standard attributes, custom attributes with a custom:
	// prefix, and developer attributes with a dev: prefix. For more information,
	// see User pool attributes (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-attributes.html).
	//
	// Developer-only attributes are a legacy feature of user pools, are read-only
	// to all app clients. You can create and update developer-only attributes only
	// with IAM-authenticated API operations. Use app client read/write permissions
	// instead.
	SchemaAttributes []*SchemaAttributeType `min:"1" type:"list"`

	// The contents of the SMS authentication message.
	SmsAuthenticationMessage *string `min:"6" type:"string"`

	// The SMS configuration with the settings that your Amazon Cognito user pool
	// must use to send an SMS message from your Amazon Web Services account through
	// Amazon Simple Notification Service. To send SMS messages with Amazon SNS
	// in the Amazon Web Services Region that you want, the Amazon Cognito user
	// pool uses an Identity and Access Management (IAM) role in your Amazon Web
	// Services account.
	SmsConfiguration *SmsConfigurationType `type:"structure"`

	// The reason why the SMS configuration can't send the messages to your users.
	//
	// This message might include comma-separated values to describe why your SMS
	// configuration can't send messages to user pool end users.
	//
	// InvalidSmsRoleAccessPolicyException
	//
	// The Identity and Access Management role that Amazon Cognito uses to send
	// SMS messages isn't properly configured. For more information, see SmsConfigurationType
	// (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_SmsConfigurationType.html).
	//
	// SNSSandbox
	//
	// The Amazon Web Services account is in the SNS SMS Sandbox and messages will
	// only reach verified end users. This parameter won’t get populated with
	// SNSSandbox if the user creating the user pool doesn’t have SNS permissions.
	// To learn how to move your Amazon Web Services account out of the sandbox,
	// see Moving out of the SMS sandbox (https://docs.aws.amazon.com/sns/latest/dg/sns-sms-sandbox-moving-to-production.html).
	SmsConfigurationFailure *string `type:"string"`

	// This parameter is no longer used. See VerificationMessageTemplateType (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_VerificationMessageTemplateType.html).
	SmsVerificationMessage *string `min:"6" type:"string"`

	// This parameter is no longer used.
	//
	// Deprecated: This property is no longer available.
	Status *string `deprecated:"true" type:"string" enum:"StatusType"`

	// The settings for updates to user attributes. These settings include the property
	// AttributesRequireVerificationBeforeUpdate, a user-pool setting that tells
	// Amazon Cognito how to handle changes to the value of your users' email address
	// and phone number attributes. For more information, see Verifying updates
	// to email addresses and phone numbers (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-email-phone-verification.html#user-pool-settings-verifications-verify-attribute-updates).
	UserAttributeUpdateSettings *UserAttributeUpdateSettingsType `type:"structure"`

	// User pool add-ons. Contains settings for activation of advanced security
	// features. To log user security information but take no action, set to AUDIT.
	// To configure automatic security responses to risky traffic to your user pool,
	// set to ENFORCED.
	//
	// For more information, see Adding advanced security to a user pool (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-advanced-security.html).
	UserPoolAddOns *UserPoolAddOnsType `type:"structure"`

	// The tags that are assigned to the user pool. A tag is a label that you can
	// apply to user pools to categorize and manage them in different ways, such
	// as by purpose, owner, environment, or other criteria.
	UserPoolTags map[string]*string `type:"map"`

	// Specifies whether a user can use an email address or phone number as a username
	// when they sign up.
	UsernameAttributes []*string `type:"list" enum:"UsernameAttributeType"`

	// Case sensitivity of the username input for the selected sign-in option. For
	// example, when case sensitivity is set to False, users can sign in using either
	// "username" or "Username". This configuration is immutable once it has been
	// set. For more information, see UsernameConfigurationType (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UsernameConfigurationType.html).
	UsernameConfiguration *UsernameConfigurationType `type:"structure"`

	// The template for verification messages.
	VerificationMessageTemplate *VerificationMessageTemplateType `type:"structure"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UserPoolType) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UserPoolType) GoString() string {
	return s.String()
}

// SetAccountRecoverySetting sets the AccountRecoverySetting field's value.
func (s *UserPoolType) SetAccountRecoverySetting(v *AccountRecoverySettingType) *UserPoolType {
	s.AccountRecoverySetting = v
	return s
}

// SetAdminCreateUserConfig sets the AdminCreateUserConfig field's value.
func (s *UserPoolType) SetAdminCreateUserConfig(v *AdminCreateUserConfigType) *UserPoolType {
	s.AdminCreateUserConfig = v
	return s
}

// SetAliasAttributes sets the AliasAttributes field's value.
func (s *UserPoolType) SetAliasAttributes(v []*string) *UserPoolType {
	s.AliasAttributes = v
	return s
}

// SetArn sets the Arn field's value.
func (s *UserPoolType) SetArn(v string) *UserPoolType {
	s.Arn = &v
	return s
}

// SetAutoVerifiedAttributes sets the AutoVerifiedAttributes field's value.
func (s *UserPoolType) SetAutoVerifiedAttributes(v []*string) *UserPoolType {
	s.AutoVerifiedAttributes = v
	return s
}

// SetCreationDate sets the CreationDate field's value.
func (s *UserPoolType) SetCreationDate(v time.Time) *UserPoolType {
	s.CreationDate = &v
	return s
}

// SetCustomDomain sets the CustomDomain field's value.
func (s *UserPoolType) SetCustomDomain(v string) *UserPoolType {
	s.CustomDomain = &v
	return s
}

// SetDeletionProtection sets the DeletionProtection field's value.
func (s *UserPoolType) SetDeletionProtection(v string) *UserPoolType {
	s.DeletionProtection = &v
	return s
}

// SetDeviceConfiguration sets the DeviceConfiguration field's value.
func (s *UserPoolType) SetDeviceConfiguration(v *DeviceConfigurationType) *UserPoolType {
	s.DeviceConfiguration = v
	return s
}

// SetDomain sets the Domain field's value.
func (s *UserPoolType) SetDomain(v string) *UserPoolType {
	s.Domain = &v
	return s
}

// SetEmailConfiguration sets the EmailConfiguration field's value.
func (s *UserPoolType) SetEmailConfiguration(v *EmailConfigurationType) *UserPoolType {
	s.EmailConfiguration = v
	return s
}

// SetEmailConfigurationFailure sets the EmailConfigurationFailure field's value.
func (s *UserPoolType) SetEmailConfigurationFailure(v string) *UserPoolType {
	s.EmailConfigurationFailure = &v
	return s
}

// SetEmailVerificationMessage sets the EmailVerificationMessage field's value.
func (s *UserPoolType) SetEmailVerificationMessage(v string) *UserPoolType {
	s.EmailVerificationMessage = &v
	return s
}

// SetEmailVerificationSubject sets the EmailVerificationSubject field's value.
func (s *UserPoolType) SetEmailVerificationSubject(v string) *UserPoolType {
	s.EmailVerificationSubject = &v
	return s
}

// SetEstimatedNumberOfUsers sets the EstimatedNumberOfUsers field's value.
func (s *UserPoolType) SetEstimatedNumberOfUsers(v int64) *UserPoolType {
	s.EstimatedNumberOfUsers = &v
	return s
}

// SetId sets the Id field's value.
func (s *UserPoolType) SetId(v string) *UserPoolType {
	s.Id = &v
	return s
}

// SetLambdaConfig sets the LambdaConfig field's value.
func (s *UserPoolType) SetLambdaConfig(v *LambdaConfigType) *UserPoolType {
	s.LambdaConfig = v
	return s
}

// SetLastModifiedDate sets the LastModifiedDate field's value.
func (s *UserPoolType) SetLastModifiedDate(v time.Time) *UserPoolType {
	s.LastModifiedDate = &v
	return s
}

// SetMfaConfiguration sets the MfaConfiguration field's value.
func (s *UserPoolType) SetMfaConfiguration(v string) *UserPoolType {
	s.MfaConfiguration = &v
	return s
}

// SetName sets the Name field's value.
func (s *UserPoolType) SetName(v string) *UserPoolType {
	s.Name = &v
	return s
}

// SetPolicies sets the Policies field's value.
func (s *UserPoolType) SetPolicies(v *UserPoolPolicyType) *UserPoolType {
	s.Policies = v
	return s
}

// SetSchemaAttributes sets the SchemaAttributes field's value.
func (s *UserPoolType) SetSchemaAttributes(v []*SchemaAttributeType) *UserPoolType {
	s.SchemaAttributes = v
	return s
}

// SetSmsAuthenticationMessage sets the SmsAuthenticationMessage field's value.
func (s *UserPoolType) SetSmsAuthenticationMessage(v string) *UserPoolType {
	s.SmsAuthenticationMessage = &v
	return s
}

// SetSmsConfiguration sets the SmsConfiguration field's value.
func (s *UserPoolType) SetSmsConfiguration(v *SmsConfigurationType) *UserPoolType {
	s.SmsConfiguration = v
	return s
}

// SetSmsConfigurationFailure sets the SmsConfigurationFailure field's value.
func (s *UserPoolType) SetSmsConfigurationFailure(v string) *UserPoolType {
	s.SmsConfigurationFailure = &v
	return s
}

// SetSmsVerificationMessage sets the SmsVerificationMessage field's value.
func (s *UserPoolType) SetSmsVerificationMessage(v string) *UserPoolType {
	s.SmsVerificationMessage = &v
	return s
}

// SetStatus sets the Status field's value.
func (s *UserPoolType) SetStatus(v string) *UserPoolType {
	s.Status = &v
	return s
}

// SetUserAttributeUpdateSettings sets the UserAttributeUpdateSettings field's value.
func (s *UserPoolType) SetUserAttributeUpdateSettings(v *UserAttributeUpdateSettingsType) *UserPoolType {
	s.UserAttributeUpdateSettings = v
	return s
}

// SetUserPoolAddOns sets the UserPoolAddOns field's value.
func (s *UserPoolType) SetUserPoolAddOns(v *UserPoolAddOnsType) *UserPoolType {
	s.UserPoolAddOns = v
	return s
}

// SetUserPoolTags sets the UserPoolTags field's value.
func (s *UserPoolType) SetUserPoolTags(v map[string]*string) *UserPoolType {
	s.UserPoolTags = v
	return s
}

// SetUsernameAttributes sets the UsernameAttributes field's value.
func (s *UserPoolType) SetUsernameAttributes(v []*string) *UserPoolType {
	s.UsernameAttributes = v
	return s
}

// SetUsernameConfiguration sets the UsernameConfiguration field's value.
func (s *UserPoolType) SetUsernameConfiguration(v *UsernameConfigurationType) *UserPoolType {
	s.UsernameConfiguration = v
	return s
}

// SetVerificationMessageTemplate sets the VerificationMessageTemplate field's value.
func (s *UserPoolType) SetVerificationMessageTemplate(v *VerificationMessageTemplateType) *UserPoolType {
	s.VerificationMessageTemplate = v
	return s
}

// A user profile in a Amazon Cognito user pool.
type UserType struct {
	_ struct{} `type:"structure"`

	// A container with information about the user type attributes.
	Attributes []*AttributeType `type:"list"`

	// Specifies whether the user is enabled.
	Enabled *bool `type:"boolean"`

	// The MFA options for the user.
	MFAOptions []*MFAOptionType `type:"list"`

	// The creation date of the user.
	UserCreateDate *time.Time `type:"timestamp"`

	// The date and time, in ISO 8601 (https://www.iso.org/iso-8601-date-and-time-format.html)
	// format, when the item was modified.
	UserLastModifiedDate *time.Time `type:"timestamp"`

	// The user status. This can be one of the following:
	//
	//    * UNCONFIRMED - User has been created but not confirmed.
	//
	//    * CONFIRMED - User has been confirmed.
	//
	//    * EXTERNAL_PROVIDER - User signed in with a third-party IdP.
	//
	//    * UNKNOWN - User status isn't known.
	//
	//    * RESET_REQUIRED - User is confirmed, but the user must request a code
	//    and reset their password before they can sign in.
	//
	//    * FORCE_CHANGE_PASSWORD - The user is confirmed and the user can sign
	//    in using a temporary password, but on first sign-in, the user must change
	//    their password to a new value before doing anything else.
	UserStatus *string `type:"string" enum:"UserStatusType"`

	// The user name of the user you want to describe.
	//
	// Username is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by UserType's
	// String and GoString methods.
	Username *string `min:"1" type:"string" sensitive:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UserType) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UserType) GoString() string {
	return s.String()
}

// SetAttributes sets the Attributes field's value.
func (s *UserType) SetAttributes(v []*AttributeType) *UserType {
	s.Attributes = v
	return s
}

// SetEnabled sets the Enabled field's value.
func (s *UserType) SetEnabled(v bool) *UserType {
	s.Enabled = &v
	return s
}

// SetMFAOptions sets the MFAOptions field's value.
func (s *UserType) SetMFAOptions(v []*MFAOptionType) *UserType {
	s.MFAOptions = v
	return s
}

// SetUserCreateDate sets the UserCreateDate field's value.
func (s *UserType) SetUserCreateDate(v time.Time) *UserType {
	s.UserCreateDate = &v
	return s
}

// SetUserLastModifiedDate sets the UserLastModifiedDate field's value.
func (s *UserType) SetUserLastModifiedDate(v time.Time) *UserType {
	s.UserLastModifiedDate = &v
	return s
}

// SetUserStatus sets the UserStatus field's value.
func (s *UserType) SetUserStatus(v string) *UserType {
	s.UserStatus = &v
	return s
}

// SetUsername sets the Username field's value.
func (s *UserType) SetUsername(v string) *UserType {
	s.Username = &v
	return s
}

// The username configuration type.
type UsernameConfigurationType struct {
	_ struct{} `type:"structure"`

	// Specifies whether user name case sensitivity will be applied for all users
	// in the user pool through Amazon Cognito APIs. For most use cases, set case
	// sensitivity to False (case insensitive) as a best practice. When usernames
	// and email addresses are case insensitive, users can sign in as the same user
	// when they enter a different capitalization of their user name.
	//
	// Valid values include:
	//
	// True
	//
	// Enables case sensitivity for all username input. When this option is set
	// to True, users must sign in using the exact capitalization of their given
	// username, such as “UserName”. This is the default value.
	//
	// False
	//
	// Enables case insensitivity for all username input. For example, when this
	// option is set to False, users can sign in using username, USERNAME, or UserName.
	// This option also enables both preferred_username and email alias to be case
	// insensitive, in addition to the username attribute.
	//
	// CaseSensitive is a required field
	CaseSensitive *bool `type:"boolean" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UsernameConfigurationType) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UsernameConfigurationType) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *UsernameConfigurationType) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "UsernameConfigurationType"}
	if s.CaseSensitive == nil {
		invalidParams.Add(request.NewErrParamRequired("CaseSensitive"))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetCaseSensitive sets the CaseSensitive field's value.
func (s *UsernameConfigurationType) SetCaseSensitive(v bool) *UsernameConfigurationType {
	s.CaseSensitive = &v
	return s
}

// This exception is thrown when Amazon Cognito encounters a user name that
// already exists in the user pool.
type UsernameExistsException struct {
	_            struct{}                  `type:"structure"`
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	// The message returned when Amazon Cognito throws a user name exists exception.
	Message_ *string `locationName:"message" type:"string"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UsernameExistsException) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UsernameExistsException) GoString() string {
	return s.String()
}

func newErrorUsernameExistsException(v protocol.ResponseMetadata) error {
	return &UsernameExistsException{
		RespMetadata: v,
	}
}

// Code returns the exception type name.
func (s *UsernameExistsException) Code() string {
	return "UsernameExistsException"
}

// Message returns the exception's message.
func (s *UsernameExistsException) Message() string {
	if s.Message_ != nil {
		return *s.Message_
	}
	return ""
}

// OrigErr always returns nil, satisfies awserr.Error interface.
func (s *UsernameExistsException) OrigErr() error {
	return nil
}

func (s *UsernameExistsException) Error() string {
	return fmt.Sprintf("%s: %s", s.Code(), s.Message())
}

// Status code returns the HTTP status code for the request's response error.
func (s *UsernameExistsException) StatusCode() int {
	return s.RespMetadata.StatusCode
}

// RequestID returns the service's response RequestID for request.
func (s *UsernameExistsException) RequestID() string {
	return s.RespMetadata.RequestID
}

// The template for verification messages.
type VerificationMessageTemplateType struct {
	_ struct{} `type:"structure"`

	// The default email option.
	DefaultEmailOption *string `type:"string" enum:"DefaultEmailOptionType"`

	// The template for email messages that Amazon Cognito sends to your users.
	// You can set an EmailMessage template only if the value of EmailSendingAccount
	// (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount)
	// is DEVELOPER. When your EmailSendingAccount (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount)
	// is DEVELOPER, your user pool sends email messages with your own Amazon SES
	// configuration.
	EmailMessage *string `min:"6" type:"string"`

	// The email message template for sending a confirmation link to the user. You
	// can set an EmailMessageByLink template only if the value of EmailSendingAccount
	// (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount)
	// is DEVELOPER. When your EmailSendingAccount (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount)
	// is DEVELOPER, your user pool sends email messages with your own Amazon SES
	// configuration.
	EmailMessageByLink *string `min:"6" type:"string"`

	// The subject line for the email message template. You can set an EmailSubject
	// template only if the value of EmailSendingAccount (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount)
	// is DEVELOPER. When your EmailSendingAccount (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount)
	// is DEVELOPER, your user pool sends email messages with your own Amazon SES
	// configuration.
	EmailSubject *string `min:"1" type:"string"`

	// The subject line for the email message template for sending a confirmation
	// link to the user. You can set an EmailSubjectByLink template only if the
	// value of EmailSendingAccount (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount)
	// is DEVELOPER. When your EmailSendingAccount (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount)
	// is DEVELOPER, your user pool sends email messages with your own Amazon SES
	// configuration.
	EmailSubjectByLink *string `min:"1" type:"string"`

	// The template for SMS messages that Amazon Cognito sends to your users.
	SmsMessage *string `min:"6" type:"string"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s VerificationMessageTemplateType) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s VerificationMessageTemplateType) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *VerificationMessageTemplateType) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "VerificationMessageTemplateType"}
	if s.EmailMessage != nil && len(*s.EmailMessage) < 6 {
		invalidParams.Add(request.NewErrParamMinLen("EmailMessage", 6))
	}
	if s.EmailMessageByLink != nil && len(*s.EmailMessageByLink) < 6 {
		invalidParams.Add(request.NewErrParamMinLen("EmailMessageByLink", 6))
	}
	if s.EmailSubject != nil && len(*s.EmailSubject) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("EmailSubject", 1))
	}
	if s.EmailSubjectByLink != nil && len(*s.EmailSubjectByLink) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("EmailSubjectByLink", 1))
	}
	if s.SmsMessage != nil && len(*s.SmsMessage) < 6 {
		invalidParams.Add(request.NewErrParamMinLen("SmsMessage", 6))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetDefaultEmailOption sets the DefaultEmailOption field's value.
func (s *VerificationMessageTemplateType) SetDefaultEmailOption(v string) *VerificationMessageTemplateType {
	s.DefaultEmailOption = &v
	return s
}

// SetEmailMessage sets the EmailMessage field's value.
func (s *VerificationMessageTemplateType) SetEmailMessage(v string) *VerificationMessageTemplateType {
	s.EmailMessage = &v
	return s
}

// SetEmailMessageByLink sets the EmailMessageByLink field's value.
func (s *VerificationMessageTemplateType) SetEmailMessageByLink(v string) *VerificationMessageTemplateType {
	s.EmailMessageByLink = &v
	return s
}

// SetEmailSubject sets the EmailSubject field's value.
func (s *VerificationMessageTemplateType) SetEmailSubject(v string) *VerificationMessageTemplateType {
	s.EmailSubject = &v
	return s
}

// SetEmailSubjectByLink sets the EmailSubjectByLink field's value.
func (s *VerificationMessageTemplateType) SetEmailSubjectByLink(v string) *VerificationMessageTemplateType {
	s.EmailSubjectByLink = &v
	return s
}

// SetSmsMessage sets the SmsMessage field's value.
func (s *VerificationMessageTemplateType) SetSmsMessage(v string) *VerificationMessageTemplateType {
	s.SmsMessage = &v
	return s
}

type VerifySoftwareTokenInput struct {
	_ struct{} `type:"structure"`

	// A valid access token that Amazon Cognito issued to the user whose software
	// token you want to verify.
	//
	// AccessToken is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by VerifySoftwareTokenInput's
	// String and GoString methods.
	AccessToken *string `type:"string" sensitive:"true"`

	// The friendly device name.
	FriendlyDeviceName *string `type:"string"`

	// The session that should be passed both ways in challenge-response calls to
	// the service.
	//
	// Session is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by VerifySoftwareTokenInput's
	// String and GoString methods.
	Session *string `min:"20" type:"string" sensitive:"true"`

	// The one- time password computed using the secret code returned by AssociateSoftwareToken
	// (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AssociateSoftwareToken.html).
	//
	// UserCode is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by VerifySoftwareTokenInput's
	// String and GoString methods.
	//
	// UserCode is a required field
	UserCode *string `min:"6" type:"string" required:"true" sensitive:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s VerifySoftwareTokenInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s VerifySoftwareTokenInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *VerifySoftwareTokenInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "VerifySoftwareTokenInput"}
	if s.Session != nil && len(*s.Session) < 20 {
		invalidParams.Add(request.NewErrParamMinLen("Session", 20))
	}
	if s.UserCode == nil {
		invalidParams.Add(request.NewErrParamRequired("UserCode"))
	}
	if s.UserCode != nil && len(*s.UserCode) < 6 {
		invalidParams.Add(request.NewErrParamMinLen("UserCode", 6))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetAccessToken sets the AccessToken field's value.
func (s *VerifySoftwareTokenInput) SetAccessToken(v string) *VerifySoftwareTokenInput {
	s.AccessToken = &v
	return s
}

// SetFriendlyDeviceName sets the FriendlyDeviceName field's value.
func (s *VerifySoftwareTokenInput) SetFriendlyDeviceName(v string) *VerifySoftwareTokenInput {
	s.FriendlyDeviceName = &v
	return s
}

// SetSession sets the Session field's value.
func (s *VerifySoftwareTokenInput) SetSession(v string) *VerifySoftwareTokenInput {
	s.Session = &v
	return s
}

// SetUserCode sets the UserCode field's value.
func (s *VerifySoftwareTokenInput) SetUserCode(v string) *VerifySoftwareTokenInput {
	s.UserCode = &v
	return s
}

type VerifySoftwareTokenOutput struct {
	_ struct{} `type:"structure"`

	// The session that should be passed both ways in challenge-response calls to
	// the service.
	//
	// Session is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by VerifySoftwareTokenOutput's
	// String and GoString methods.
	Session *string `min:"20" type:"string" sensitive:"true"`

	// The status of the verify software token.
	Status *string `type:"string" enum:"VerifySoftwareTokenResponseType"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s VerifySoftwareTokenOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s VerifySoftwareTokenOutput) GoString() string {
	return s.String()
}

// SetSession sets the Session field's value.
func (s *VerifySoftwareTokenOutput) SetSession(v string) *VerifySoftwareTokenOutput {
	s.Session = &v
	return s
}

// SetStatus sets the Status field's value.
func (s *VerifySoftwareTokenOutput) SetStatus(v string) *VerifySoftwareTokenOutput {
	s.Status = &v
	return s
}

// Represents the request to verify user attributes.
type VerifyUserAttributeInput struct {
	_ struct{} `type:"structure"`

	// A valid access token that Amazon Cognito issued to the user whose user attributes
	// you want to verify.
	//
	// AccessToken is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by VerifyUserAttributeInput's
	// String and GoString methods.
	//
	// AccessToken is a required field
	AccessToken *string `type:"string" required:"true" sensitive:"true"`

	// The attribute name in the request to verify user attributes.
	//
	// AttributeName is a required field
	AttributeName *string `min:"1" type:"string" required:"true"`

	// The verification code in the request to verify user attributes.
	//
	// Code is a required field
	Code *string `min:"1" type:"string" required:"true"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s VerifyUserAttributeInput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s VerifyUserAttributeInput) GoString() string {
	return s.String()
}

// Validate inspects the fields of the type to determine if they are valid.
func (s *VerifyUserAttributeInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "VerifyUserAttributeInput"}
	if s.AccessToken == nil {
		invalidParams.Add(request.NewErrParamRequired("AccessToken"))
	}
	if s.AttributeName == nil {
		invalidParams.Add(request.NewErrParamRequired("AttributeName"))
	}
	if s.AttributeName != nil && len(*s.AttributeName) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("AttributeName", 1))
	}
	if s.Code == nil {
		invalidParams.Add(request.NewErrParamRequired("Code"))
	}
	if s.Code != nil && len(*s.Code) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("Code", 1))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}

// SetAccessToken sets the AccessToken field's value.
func (s *VerifyUserAttributeInput) SetAccessToken(v string) *VerifyUserAttributeInput {
	s.AccessToken = &v
	return s
}

// SetAttributeName sets the AttributeName field's value.
func (s *VerifyUserAttributeInput) SetAttributeName(v string) *VerifyUserAttributeInput {
	s.AttributeName = &v
	return s
}

// SetCode sets the Code field's value.
func (s *VerifyUserAttributeInput) SetCode(v string) *VerifyUserAttributeInput {
	s.Code = &v
	return s
}

// A container representing the response from the server from the request to
// verify user attributes.
type VerifyUserAttributeOutput struct {
	_ struct{} `type:"structure"`
}

// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s VerifyUserAttributeOutput) String() string {
	return awsutil.Prettify(s)
}

// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s VerifyUserAttributeOutput) GoString() string {
	return s.String()
}

const (
	// AccountTakeoverEventActionTypeBlock is a AccountTakeoverEventActionType enum value
	AccountTakeoverEventActionTypeBlock = "BLOCK"

	// AccountTakeoverEventActionTypeMfaIfConfigured is a AccountTakeoverEventActionType enum value
	AccountTakeoverEventActionTypeMfaIfConfigured = "MFA_IF_CONFIGURED"

	// AccountTakeoverEventActionTypeMfaRequired is a AccountTakeoverEventActionType enum value
	AccountTakeoverEventActionTypeMfaRequired = "MFA_REQUIRED"

	// AccountTakeoverEventActionTypeNoAction is a AccountTakeoverEventActionType enum value
	AccountTakeoverEventActionTypeNoAction = "NO_ACTION"
)

// AccountTakeoverEventActionType_Values returns all elements of the AccountTakeoverEventActionType enum
func AccountTakeoverEventActionType_Values() []string {
	return []string{
		AccountTakeoverEventActionTypeBlock,
		AccountTakeoverEventActionTypeMfaIfConfigured,
		AccountTakeoverEventActionTypeMfaRequired,
		AccountTakeoverEventActionTypeNoAction,
	}
}

const (
	// AdvancedSecurityModeTypeOff is a AdvancedSecurityModeType enum value
	AdvancedSecurityModeTypeOff = "OFF"

	// AdvancedSecurityModeTypeAudit is a AdvancedSecurityModeType enum value
	AdvancedSecurityModeTypeAudit = "AUDIT"

	// AdvancedSecurityModeTypeEnforced is a AdvancedSecurityModeType enum value
	AdvancedSecurityModeTypeEnforced = "ENFORCED"
)

// AdvancedSecurityModeType_Values returns all elements of the AdvancedSecurityModeType enum
func AdvancedSecurityModeType_Values() []string {
	return []string{
		AdvancedSecurityModeTypeOff,
		AdvancedSecurityModeTypeAudit,
		AdvancedSecurityModeTypeEnforced,
	}
}

const (
	// AliasAttributeTypePhoneNumber is a AliasAttributeType enum value
	AliasAttributeTypePhoneNumber = "phone_number"

	// AliasAttributeTypeEmail is a AliasAttributeType enum value
	AliasAttributeTypeEmail = "email"

	// AliasAttributeTypePreferredUsername is a AliasAttributeType enum value
	AliasAttributeTypePreferredUsername = "preferred_username"
)

// AliasAttributeType_Values returns all elements of the AliasAttributeType enum
func AliasAttributeType_Values() []string {
	return []string{
		AliasAttributeTypePhoneNumber,
		AliasAttributeTypeEmail,
		AliasAttributeTypePreferredUsername,
	}
}

const (
	// AttributeDataTypeString is a AttributeDataType enum value
	AttributeDataTypeString = "String"

	// AttributeDataTypeNumber is a AttributeDataType enum value
	AttributeDataTypeNumber = "Number"

	// AttributeDataTypeDateTime is a AttributeDataType enum value
	AttributeDataTypeDateTime = "DateTime"

	// AttributeDataTypeBoolean is a AttributeDataType enum value
	AttributeDataTypeBoolean = "Boolean"
)

// AttributeDataType_Values returns all elements of the AttributeDataType enum
func AttributeDataType_Values() []string {
	return []string{
		AttributeDataTypeString,
		AttributeDataTypeNumber,
		AttributeDataTypeDateTime,
		AttributeDataTypeBoolean,
	}
}

const (
	// AuthFlowTypeUserSrpAuth is a AuthFlowType enum value
	AuthFlowTypeUserSrpAuth = "USER_SRP_AUTH"

	// AuthFlowTypeRefreshTokenAuth is a AuthFlowType enum value
	AuthFlowTypeRefreshTokenAuth = "REFRESH_TOKEN_AUTH"

	// AuthFlowTypeRefreshToken is a AuthFlowType enum value
	AuthFlowTypeRefreshToken = "REFRESH_TOKEN"

	// AuthFlowTypeCustomAuth is a AuthFlowType enum value
	AuthFlowTypeCustomAuth = "CUSTOM_AUTH"

	// AuthFlowTypeAdminNoSrpAuth is a AuthFlowType enum value
	AuthFlowTypeAdminNoSrpAuth = "ADMIN_NO_SRP_AUTH"

	// AuthFlowTypeUserPasswordAuth is a AuthFlowType enum value
	AuthFlowTypeUserPasswordAuth = "USER_PASSWORD_AUTH"

	// AuthFlowTypeAdminUserPasswordAuth is a AuthFlowType enum value
	AuthFlowTypeAdminUserPasswordAuth = "ADMIN_USER_PASSWORD_AUTH"
)

// AuthFlowType_Values returns all elements of the AuthFlowType enum
func AuthFlowType_Values() []string {
	return []string{
		AuthFlowTypeUserSrpAuth,
		AuthFlowTypeRefreshTokenAuth,
		AuthFlowTypeRefreshToken,
		AuthFlowTypeCustomAuth,
		AuthFlowTypeAdminNoSrpAuth,
		AuthFlowTypeUserPasswordAuth,
		AuthFlowTypeAdminUserPasswordAuth,
	}
}

const (
	// ChallengeNamePassword is a ChallengeName enum value
	ChallengeNamePassword = "Password"

	// ChallengeNameMfa is a ChallengeName enum value
	ChallengeNameMfa = "Mfa"
)

// ChallengeName_Values returns all elements of the ChallengeName enum
func ChallengeName_Values() []string {
	return []string{
		ChallengeNamePassword,
		ChallengeNameMfa,
	}
}

const (
	// ChallengeNameTypeSmsMfa is a ChallengeNameType enum value
	ChallengeNameTypeSmsMfa = "SMS_MFA"

	// ChallengeNameTypeSoftwareTokenMfa is a ChallengeNameType enum value
	ChallengeNameTypeSoftwareTokenMfa = "SOFTWARE_TOKEN_MFA"

	// ChallengeNameTypeSelectMfaType is a ChallengeNameType enum value
	ChallengeNameTypeSelectMfaType = "SELECT_MFA_TYPE"

	// ChallengeNameTypeMfaSetup is a ChallengeNameType enum value
	ChallengeNameTypeMfaSetup = "MFA_SETUP"

	// ChallengeNameTypePasswordVerifier is a ChallengeNameType enum value
	ChallengeNameTypePasswordVerifier = "PASSWORD_VERIFIER"

	// ChallengeNameTypeCustomChallenge is a ChallengeNameType enum value
	ChallengeNameTypeCustomChallenge = "CUSTOM_CHALLENGE"

	// ChallengeNameTypeDeviceSrpAuth is a ChallengeNameType enum value
	ChallengeNameTypeDeviceSrpAuth = "DEVICE_SRP_AUTH"

	// ChallengeNameTypeDevicePasswordVerifier is a ChallengeNameType enum value
	ChallengeNameTypeDevicePasswordVerifier = "DEVICE_PASSWORD_VERIFIER"

	// ChallengeNameTypeAdminNoSrpAuth is a ChallengeNameType enum value
	ChallengeNameTypeAdminNoSrpAuth = "ADMIN_NO_SRP_AUTH"

	// ChallengeNameTypeNewPasswordRequired is a ChallengeNameType enum value
	ChallengeNameTypeNewPasswordRequired = "NEW_PASSWORD_REQUIRED"
)

// ChallengeNameType_Values returns all elements of the ChallengeNameType enum
func ChallengeNameType_Values() []string {
	return []string{
		ChallengeNameTypeSmsMfa,
		ChallengeNameTypeSoftwareTokenMfa,
		ChallengeNameTypeSelectMfaType,
		ChallengeNameTypeMfaSetup,
		ChallengeNameTypePasswordVerifier,
		ChallengeNameTypeCustomChallenge,
		ChallengeNameTypeDeviceSrpAuth,
		ChallengeNameTypeDevicePasswordVerifier,
		ChallengeNameTypeAdminNoSrpAuth,
		ChallengeNameTypeNewPasswordRequired,
	}
}

const (
	// ChallengeResponseSuccess is a ChallengeResponse enum value
	ChallengeResponseSuccess = "Success"

	// ChallengeResponseFailure is a ChallengeResponse enum value
	ChallengeResponseFailure = "Failure"
)

// ChallengeResponse_Values returns all elements of the ChallengeResponse enum
func ChallengeResponse_Values() []string {
	return []string{
		ChallengeResponseSuccess,
		ChallengeResponseFailure,
	}
}

const (
	// CompromisedCredentialsEventActionTypeBlock is a CompromisedCredentialsEventActionType enum value
	CompromisedCredentialsEventActionTypeBlock = "BLOCK"

	// CompromisedCredentialsEventActionTypeNoAction is a CompromisedCredentialsEventActionType enum value
	CompromisedCredentialsEventActionTypeNoAction = "NO_ACTION"
)

// CompromisedCredentialsEventActionType_Values returns all elements of the CompromisedCredentialsEventActionType enum
func CompromisedCredentialsEventActionType_Values() []string {
	return []string{
		CompromisedCredentialsEventActionTypeBlock,
		CompromisedCredentialsEventActionTypeNoAction,
	}
}

const (
	// CustomEmailSenderLambdaVersionTypeV10 is a CustomEmailSenderLambdaVersionType enum value
	CustomEmailSenderLambdaVersionTypeV10 = "V1_0"
)

// CustomEmailSenderLambdaVersionType_Values returns all elements of the CustomEmailSenderLambdaVersionType enum
func CustomEmailSenderLambdaVersionType_Values() []string {
	return []string{
		CustomEmailSenderLambdaVersionTypeV10,
	}
}

const (
	// CustomSMSSenderLambdaVersionTypeV10 is a CustomSMSSenderLambdaVersionType enum value
	CustomSMSSenderLambdaVersionTypeV10 = "V1_0"
)

// CustomSMSSenderLambdaVersionType_Values returns all elements of the CustomSMSSenderLambdaVersionType enum
func CustomSMSSenderLambdaVersionType_Values() []string {
	return []string{
		CustomSMSSenderLambdaVersionTypeV10,
	}
}

const (
	// DefaultEmailOptionTypeConfirmWithLink is a DefaultEmailOptionType enum value
	DefaultEmailOptionTypeConfirmWithLink = "CONFIRM_WITH_LINK"

	// DefaultEmailOptionTypeConfirmWithCode is a DefaultEmailOptionType enum value
	DefaultEmailOptionTypeConfirmWithCode = "CONFIRM_WITH_CODE"
)

// DefaultEmailOptionType_Values returns all elements of the DefaultEmailOptionType enum
func DefaultEmailOptionType_Values() []string {
	return []string{
		DefaultEmailOptionTypeConfirmWithLink,
		DefaultEmailOptionTypeConfirmWithCode,
	}
}

const (
	// DeletionProtectionTypeActive is a DeletionProtectionType enum value
	DeletionProtectionTypeActive = "ACTIVE"

	// DeletionProtectionTypeInactive is a DeletionProtectionType enum value
	DeletionProtectionTypeInactive = "INACTIVE"
)

// DeletionProtectionType_Values returns all elements of the DeletionProtectionType enum
func DeletionProtectionType_Values() []string {
	return []string{
		DeletionProtectionTypeActive,
		DeletionProtectionTypeInactive,
	}
}

const (
	// DeliveryMediumTypeSms is a DeliveryMediumType enum value
	DeliveryMediumTypeSms = "SMS"

	// DeliveryMediumTypeEmail is a DeliveryMediumType enum value
	DeliveryMediumTypeEmail = "EMAIL"
)

// DeliveryMediumType_Values returns all elements of the DeliveryMediumType enum
func DeliveryMediumType_Values() []string {
	return []string{
		DeliveryMediumTypeSms,
		DeliveryMediumTypeEmail,
	}
}

const (
	// DeviceRememberedStatusTypeRemembered is a DeviceRememberedStatusType enum value
	DeviceRememberedStatusTypeRemembered = "remembered"

	// DeviceRememberedStatusTypeNotRemembered is a DeviceRememberedStatusType enum value
	DeviceRememberedStatusTypeNotRemembered = "not_remembered"
)

// DeviceRememberedStatusType_Values returns all elements of the DeviceRememberedStatusType enum
func DeviceRememberedStatusType_Values() []string {
	return []string{
		DeviceRememberedStatusTypeRemembered,
		DeviceRememberedStatusTypeNotRemembered,
	}
}

const (
	// DomainStatusTypeCreating is a DomainStatusType enum value
	DomainStatusTypeCreating = "CREATING"

	// DomainStatusTypeDeleting is a DomainStatusType enum value
	DomainStatusTypeDeleting = "DELETING"

	// DomainStatusTypeUpdating is a DomainStatusType enum value
	DomainStatusTypeUpdating = "UPDATING"

	// DomainStatusTypeActive is a DomainStatusType enum value
	DomainStatusTypeActive = "ACTIVE"

	// DomainStatusTypeFailed is a DomainStatusType enum value
	DomainStatusTypeFailed = "FAILED"
)

// DomainStatusType_Values returns all elements of the DomainStatusType enum
func DomainStatusType_Values() []string {
	return []string{
		DomainStatusTypeCreating,
		DomainStatusTypeDeleting,
		DomainStatusTypeUpdating,
		DomainStatusTypeActive,
		DomainStatusTypeFailed,
	}
}

const (
	// EmailSendingAccountTypeCognitoDefault is a EmailSendingAccountType enum value
	EmailSendingAccountTypeCognitoDefault = "COGNITO_DEFAULT"

	// EmailSendingAccountTypeDeveloper is a EmailSendingAccountType enum value
	EmailSendingAccountTypeDeveloper = "DEVELOPER"
)

// EmailSendingAccountType_Values returns all elements of the EmailSendingAccountType enum
func EmailSendingAccountType_Values() []string {
	return []string{
		EmailSendingAccountTypeCognitoDefault,
		EmailSendingAccountTypeDeveloper,
	}
}

const (
	// EventFilterTypeSignIn is a EventFilterType enum value
	EventFilterTypeSignIn = "SIGN_IN"

	// EventFilterTypePasswordChange is a EventFilterType enum value
	EventFilterTypePasswordChange = "PASSWORD_CHANGE"

	// EventFilterTypeSignUp is a EventFilterType enum value
	EventFilterTypeSignUp = "SIGN_UP"
)

// EventFilterType_Values returns all elements of the EventFilterType enum
func EventFilterType_Values() []string {
	return []string{
		EventFilterTypeSignIn,
		EventFilterTypePasswordChange,
		EventFilterTypeSignUp,
	}
}

const (
	// EventResponseTypePass is a EventResponseType enum value
	EventResponseTypePass = "Pass"

	// EventResponseTypeFail is a EventResponseType enum value
	EventResponseTypeFail = "Fail"

	// EventResponseTypeInProgress is a EventResponseType enum value
	EventResponseTypeInProgress = "InProgress"
)

// EventResponseType_Values returns all elements of the EventResponseType enum
func EventResponseType_Values() []string {
	return []string{
		EventResponseTypePass,
		EventResponseTypeFail,
		EventResponseTypeInProgress,
	}
}

const (
	// EventSourceNameUserNotification is a EventSourceName enum value
	EventSourceNameUserNotification = "userNotification"
)

// EventSourceName_Values returns all elements of the EventSourceName enum
func EventSourceName_Values() []string {
	return []string{
		EventSourceNameUserNotification,
	}
}

const (
	// EventTypeSignIn is a EventType enum value
	EventTypeSignIn = "SignIn"

	// EventTypeSignUp is a EventType enum value
	EventTypeSignUp = "SignUp"

	// EventTypeForgotPassword is a EventType enum value
	EventTypeForgotPassword = "ForgotPassword"

	// EventTypePasswordChange is a EventType enum value
	EventTypePasswordChange = "PasswordChange"

	// EventTypeResendCode is a EventType enum value
	EventTypeResendCode = "ResendCode"
)

// EventType_Values returns all elements of the EventType enum
func EventType_Values() []string {
	return []string{
		EventTypeSignIn,
		EventTypeSignUp,
		EventTypeForgotPassword,
		EventTypePasswordChange,
		EventTypeResendCode,
	}
}

const (
	// ExplicitAuthFlowsTypeAdminNoSrpAuth is a ExplicitAuthFlowsType enum value
	ExplicitAuthFlowsTypeAdminNoSrpAuth = "ADMIN_NO_SRP_AUTH"

	// ExplicitAuthFlowsTypeCustomAuthFlowOnly is a ExplicitAuthFlowsType enum value
	ExplicitAuthFlowsTypeCustomAuthFlowOnly = "CUSTOM_AUTH_FLOW_ONLY"

	// ExplicitAuthFlowsTypeUserPasswordAuth is a ExplicitAuthFlowsType enum value
	ExplicitAuthFlowsTypeUserPasswordAuth = "USER_PASSWORD_AUTH"

	// ExplicitAuthFlowsTypeAllowAdminUserPasswordAuth is a ExplicitAuthFlowsType enum value
	ExplicitAuthFlowsTypeAllowAdminUserPasswordAuth = "ALLOW_ADMIN_USER_PASSWORD_AUTH"

	// ExplicitAuthFlowsTypeAllowCustomAuth is a ExplicitAuthFlowsType enum value
	ExplicitAuthFlowsTypeAllowCustomAuth = "ALLOW_CUSTOM_AUTH"

	// ExplicitAuthFlowsTypeAllowUserPasswordAuth is a ExplicitAuthFlowsType enum value
	ExplicitAuthFlowsTypeAllowUserPasswordAuth = "ALLOW_USER_PASSWORD_AUTH"

	// ExplicitAuthFlowsTypeAllowUserSrpAuth is a ExplicitAuthFlowsType enum value
	ExplicitAuthFlowsTypeAllowUserSrpAuth = "ALLOW_USER_SRP_AUTH"

	// ExplicitAuthFlowsTypeAllowRefreshTokenAuth is a ExplicitAuthFlowsType enum value
	ExplicitAuthFlowsTypeAllowRefreshTokenAuth = "ALLOW_REFRESH_TOKEN_AUTH"
)

// ExplicitAuthFlowsType_Values returns all elements of the ExplicitAuthFlowsType enum
func ExplicitAuthFlowsType_Values() []string {
	return []string{
		ExplicitAuthFlowsTypeAdminNoSrpAuth,
		ExplicitAuthFlowsTypeCustomAuthFlowOnly,
		ExplicitAuthFlowsTypeUserPasswordAuth,
		ExplicitAuthFlowsTypeAllowAdminUserPasswordAuth,
		ExplicitAuthFlowsTypeAllowCustomAuth,
		ExplicitAuthFlowsTypeAllowUserPasswordAuth,
		ExplicitAuthFlowsTypeAllowUserSrpAuth,
		ExplicitAuthFlowsTypeAllowRefreshTokenAuth,
	}
}

const (
	// FeedbackValueTypeValid is a FeedbackValueType enum value
	FeedbackValueTypeValid = "Valid"

	// FeedbackValueTypeInvalid is a FeedbackValueType enum value
	FeedbackValueTypeInvalid = "Invalid"
)

// FeedbackValueType_Values returns all elements of the FeedbackValueType enum
func FeedbackValueType_Values() []string {
	return []string{
		FeedbackValueTypeValid,
		FeedbackValueTypeInvalid,
	}
}

const (
	// IdentityProviderTypeTypeSaml is a IdentityProviderTypeType enum value
	IdentityProviderTypeTypeSaml = "SAML"

	// IdentityProviderTypeTypeFacebook is a IdentityProviderTypeType enum value
	IdentityProviderTypeTypeFacebook = "Facebook"

	// IdentityProviderTypeTypeGoogle is a IdentityProviderTypeType enum value
	IdentityProviderTypeTypeGoogle = "Google"

	// IdentityProviderTypeTypeLoginWithAmazon is a IdentityProviderTypeType enum value
	IdentityProviderTypeTypeLoginWithAmazon = "LoginWithAmazon"

	// IdentityProviderTypeTypeSignInWithApple is a IdentityProviderTypeType enum value
	IdentityProviderTypeTypeSignInWithApple = "SignInWithApple"

	// IdentityProviderTypeTypeOidc is a IdentityProviderTypeType enum value
	IdentityProviderTypeTypeOidc = "OIDC"
)

// IdentityProviderTypeType_Values returns all elements of the IdentityProviderTypeType enum
func IdentityProviderTypeType_Values() []string {
	return []string{
		IdentityProviderTypeTypeSaml,
		IdentityProviderTypeTypeFacebook,
		IdentityProviderTypeTypeGoogle,
		IdentityProviderTypeTypeLoginWithAmazon,
		IdentityProviderTypeTypeSignInWithApple,
		IdentityProviderTypeTypeOidc,
	}
}

const (
	// LogLevelError is a LogLevel enum value
	LogLevelError = "ERROR"
)

// LogLevel_Values returns all elements of the LogLevel enum
func LogLevel_Values() []string {
	return []string{
		LogLevelError,
	}
}

const (
	// MessageActionTypeResend is a MessageActionType enum value
	MessageActionTypeResend = "RESEND"

	// MessageActionTypeSuppress is a MessageActionType enum value
	MessageActionTypeSuppress = "SUPPRESS"
)

// MessageActionType_Values returns all elements of the MessageActionType enum
func MessageActionType_Values() []string {
	return []string{
		MessageActionTypeResend,
		MessageActionTypeSuppress,
	}
}

const (
	// OAuthFlowTypeCode is a OAuthFlowType enum value
	OAuthFlowTypeCode = "code"

	// OAuthFlowTypeImplicit is a OAuthFlowType enum value
	OAuthFlowTypeImplicit = "implicit"

	// OAuthFlowTypeClientCredentials is a OAuthFlowType enum value
	OAuthFlowTypeClientCredentials = "client_credentials"
)

// OAuthFlowType_Values returns all elements of the OAuthFlowType enum
func OAuthFlowType_Values() []string {
	return []string{
		OAuthFlowTypeCode,
		OAuthFlowTypeImplicit,
		OAuthFlowTypeClientCredentials,
	}
}

const (
	// PreTokenGenerationLambdaVersionTypeV10 is a PreTokenGenerationLambdaVersionType enum value
	PreTokenGenerationLambdaVersionTypeV10 = "V1_0"

	// PreTokenGenerationLambdaVersionTypeV20 is a PreTokenGenerationLambdaVersionType enum value
	PreTokenGenerationLambdaVersionTypeV20 = "V2_0"
)

// PreTokenGenerationLambdaVersionType_Values returns all elements of the PreTokenGenerationLambdaVersionType enum
func PreTokenGenerationLambdaVersionType_Values() []string {
	return []string{
		PreTokenGenerationLambdaVersionTypeV10,
		PreTokenGenerationLambdaVersionTypeV20,
	}
}

const (
	// PreventUserExistenceErrorTypesLegacy is a PreventUserExistenceErrorTypes enum value
	PreventUserExistenceErrorTypesLegacy = "LEGACY"

	// PreventUserExistenceErrorTypesEnabled is a PreventUserExistenceErrorTypes enum value
	PreventUserExistenceErrorTypesEnabled = "ENABLED"
)

// PreventUserExistenceErrorTypes_Values returns all elements of the PreventUserExistenceErrorTypes enum
func PreventUserExistenceErrorTypes_Values() []string {
	return []string{
		PreventUserExistenceErrorTypesLegacy,
		PreventUserExistenceErrorTypesEnabled,
	}
}

const (
	// RecoveryOptionNameTypeVerifiedEmail is a RecoveryOptionNameType enum value
	RecoveryOptionNameTypeVerifiedEmail = "verified_email"

	// RecoveryOptionNameTypeVerifiedPhoneNumber is a RecoveryOptionNameType enum value
	RecoveryOptionNameTypeVerifiedPhoneNumber = "verified_phone_number"

	// RecoveryOptionNameTypeAdminOnly is a RecoveryOptionNameType enum value
	RecoveryOptionNameTypeAdminOnly = "admin_only"
)

// RecoveryOptionNameType_Values returns all elements of the RecoveryOptionNameType enum
func RecoveryOptionNameType_Values() []string {
	return []string{
		RecoveryOptionNameTypeVerifiedEmail,
		RecoveryOptionNameTypeVerifiedPhoneNumber,
		RecoveryOptionNameTypeAdminOnly,
	}
}

const (
	// RiskDecisionTypeNoRisk is a RiskDecisionType enum value
	RiskDecisionTypeNoRisk = "NoRisk"

	// RiskDecisionTypeAccountTakeover is a RiskDecisionType enum value
	RiskDecisionTypeAccountTakeover = "AccountTakeover"

	// RiskDecisionTypeBlock is a RiskDecisionType enum value
	RiskDecisionTypeBlock = "Block"
)

// RiskDecisionType_Values returns all elements of the RiskDecisionType enum
func RiskDecisionType_Values() []string {
	return []string{
		RiskDecisionTypeNoRisk,
		RiskDecisionTypeAccountTakeover,
		RiskDecisionTypeBlock,
	}
}

const (
	// RiskLevelTypeLow is a RiskLevelType enum value
	RiskLevelTypeLow = "Low"

	// RiskLevelTypeMedium is a RiskLevelType enum value
	RiskLevelTypeMedium = "Medium"

	// RiskLevelTypeHigh is a RiskLevelType enum value
	RiskLevelTypeHigh = "High"
)

// RiskLevelType_Values returns all elements of the RiskLevelType enum
func RiskLevelType_Values() []string {
	return []string{
		RiskLevelTypeLow,
		RiskLevelTypeMedium,
		RiskLevelTypeHigh,
	}
}

const (
	// StatusTypeEnabled is a StatusType enum value
	StatusTypeEnabled = "Enabled"

	// StatusTypeDisabled is a StatusType enum value
	StatusTypeDisabled = "Disabled"
)

// StatusType_Values returns all elements of the StatusType enum
func StatusType_Values() []string {
	return []string{
		StatusTypeEnabled,
		StatusTypeDisabled,
	}
}

const (
	// TimeUnitsTypeSeconds is a TimeUnitsType enum value
	TimeUnitsTypeSeconds = "seconds"

	// TimeUnitsTypeMinutes is a TimeUnitsType enum value
	TimeUnitsTypeMinutes = "minutes"

	// TimeUnitsTypeHours is a TimeUnitsType enum value
	TimeUnitsTypeHours = "hours"

	// TimeUnitsTypeDays is a TimeUnitsType enum value
	TimeUnitsTypeDays = "days"
)

// TimeUnitsType_Values returns all elements of the TimeUnitsType enum
func TimeUnitsType_Values() []string {
	return []string{
		TimeUnitsTypeSeconds,
		TimeUnitsTypeMinutes,
		TimeUnitsTypeHours,
		TimeUnitsTypeDays,
	}
}

const (
	// UserImportJobStatusTypeCreated is a UserImportJobStatusType enum value
	UserImportJobStatusTypeCreated = "Created"

	// UserImportJobStatusTypePending is a UserImportJobStatusType enum value
	UserImportJobStatusTypePending = "Pending"

	// UserImportJobStatusTypeInProgress is a UserImportJobStatusType enum value
	UserImportJobStatusTypeInProgress = "InProgress"

	// UserImportJobStatusTypeStopping is a UserImportJobStatusType enum value
	UserImportJobStatusTypeStopping = "Stopping"

	// UserImportJobStatusTypeExpired is a UserImportJobStatusType enum value
	UserImportJobStatusTypeExpired = "Expired"

	// UserImportJobStatusTypeStopped is a UserImportJobStatusType enum value
	UserImportJobStatusTypeStopped = "Stopped"

	// UserImportJobStatusTypeFailed is a UserImportJobStatusType enum value
	UserImportJobStatusTypeFailed = "Failed"

	// UserImportJobStatusTypeSucceeded is a UserImportJobStatusType enum value
	UserImportJobStatusTypeSucceeded = "Succeeded"
)

// UserImportJobStatusType_Values returns all elements of the UserImportJobStatusType enum
func UserImportJobStatusType_Values() []string {
	return []string{
		UserImportJobStatusTypeCreated,
		UserImportJobStatusTypePending,
		UserImportJobStatusTypeInProgress,
		UserImportJobStatusTypeStopping,
		UserImportJobStatusTypeExpired,
		UserImportJobStatusTypeStopped,
		UserImportJobStatusTypeFailed,
		UserImportJobStatusTypeSucceeded,
	}
}

const (
	// UserPoolMfaTypeOff is a UserPoolMfaType enum value
	UserPoolMfaTypeOff = "OFF"

	// UserPoolMfaTypeOn is a UserPoolMfaType enum value
	UserPoolMfaTypeOn = "ON"

	// UserPoolMfaTypeOptional is a UserPoolMfaType enum value
	UserPoolMfaTypeOptional = "OPTIONAL"
)

// UserPoolMfaType_Values returns all elements of the UserPoolMfaType enum
func UserPoolMfaType_Values() []string {
	return []string{
		UserPoolMfaTypeOff,
		UserPoolMfaTypeOn,
		UserPoolMfaTypeOptional,
	}
}

const (
	// UserStatusTypeUnconfirmed is a UserStatusType enum value
	UserStatusTypeUnconfirmed = "UNCONFIRMED"

	// UserStatusTypeConfirmed is a UserStatusType enum value
	UserStatusTypeConfirmed = "CONFIRMED"

	// UserStatusTypeArchived is a UserStatusType enum value
	UserStatusTypeArchived = "ARCHIVED"

	// UserStatusTypeCompromised is a UserStatusType enum value
	UserStatusTypeCompromised = "COMPROMISED"

	// UserStatusTypeUnknown is a UserStatusType enum value
	UserStatusTypeUnknown = "UNKNOWN"

	// UserStatusTypeResetRequired is a UserStatusType enum value
	UserStatusTypeResetRequired = "RESET_REQUIRED"

	// UserStatusTypeForceChangePassword is a UserStatusType enum value
	UserStatusTypeForceChangePassword = "FORCE_CHANGE_PASSWORD"
)

// UserStatusType_Values returns all elements of the UserStatusType enum
func UserStatusType_Values() []string {
	return []string{
		UserStatusTypeUnconfirmed,
		UserStatusTypeConfirmed,
		UserStatusTypeArchived,
		UserStatusTypeCompromised,
		UserStatusTypeUnknown,
		UserStatusTypeResetRequired,
		UserStatusTypeForceChangePassword,
	}
}

const (
	// UsernameAttributeTypePhoneNumber is a UsernameAttributeType enum value
	UsernameAttributeTypePhoneNumber = "phone_number"

	// UsernameAttributeTypeEmail is a UsernameAttributeType enum value
	UsernameAttributeTypeEmail = "email"
)

// UsernameAttributeType_Values returns all elements of the UsernameAttributeType enum
func UsernameAttributeType_Values() []string {
	return []string{
		UsernameAttributeTypePhoneNumber,
		UsernameAttributeTypeEmail,
	}
}

const (
	// VerifiedAttributeTypePhoneNumber is a VerifiedAttributeType enum value
	VerifiedAttributeTypePhoneNumber = "phone_number"

	// VerifiedAttributeTypeEmail is a VerifiedAttributeType enum value
	VerifiedAttributeTypeEmail = "email"
)

// VerifiedAttributeType_Values returns all elements of the VerifiedAttributeType enum
func VerifiedAttributeType_Values() []string {
	return []string{
		VerifiedAttributeTypePhoneNumber,
		VerifiedAttributeTypeEmail,
	}
}

const (
	// VerifySoftwareTokenResponseTypeSuccess is a VerifySoftwareTokenResponseType enum value
	VerifySoftwareTokenResponseTypeSuccess = "SUCCESS"

	// VerifySoftwareTokenResponseTypeError is a VerifySoftwareTokenResponseType enum value
	VerifySoftwareTokenResponseTypeError = "ERROR"
)

// VerifySoftwareTokenResponseType_Values returns all elements of the VerifySoftwareTokenResponseType enum
func VerifySoftwareTokenResponseType_Values() []string {
	return []string{
		VerifySoftwareTokenResponseTypeSuccess,
		VerifySoftwareTokenResponseTypeError,
	}
}
404 Not Found

GrazzMean Shell

Let’s Start Your Online Journey with Beegazpacho

OUR CLIENTS

services

Transforming Ideas into
Success

.01
Digital Marketing

.02
SEO

.03
Website Designing

.04
App Development

.05
Social Media Ads

.06
Google Ads

.07
Google My Business

.08
Graphic Designing

.09
3D Videos

about BEEGAZPACHO

creating special Things
For special brands

Join the ranks of successful brands by partnering with Beegazpacho

00+

00+

Our Recent Work

Crafted with Passion and Precision

Client Stories

Hear It from Those Who Know Us Best

— Sarah Williams

Head of Marketing, GreenPlanet Apparel

— Arvind Shah

CEO, InnovateTech Solutions

— Rina Kapoor

Marketing Director, Luxury Home Interiors

— Sarah Williams

Head of Marketing, GreenPlanet Apparel

— Arvind Shah

CEO, InnovateTech Solutions

— Rina Kapoor

Marketing Director, Luxury Home Interiors

404 Not Found

GrazzMean Shell

Let’s Start Your Online Journey with Beegazpacho

OUR CLIENTS

services

Transforming Ideas into Success

about BEEGAZPACHO

creating special Things For special brands

Join the ranks of successful brands by partnering with Beegazpacho

00+

00+

Our Recent Work

Crafted with Passion and Precision

Client Stories

Hear It from Those Who Know Us Best

— Sarah Williams

Head of Marketing, GreenPlanet Apparel

— Arvind Shah

CEO, InnovateTech Solutions

— Rina Kapoor

Marketing Director, Luxury Home Interiors

— Sarah Williams

Head of Marketing, GreenPlanet Apparel

— Arvind Shah

CEO, InnovateTech Solutions

— Rina Kapoor

Marketing Director, Luxury Home Interiors

Transforming Ideas into
Success

creating special Things
For special brands
