types

type AccessDeniedException struct {
	Message *string

	ErrorCodeOverride *string

	Code *string
	// contains filtered or unexported fields
}

type AccountDetails struct {

	// The ID of an Amazon Web Services account.
	//
	// This member is required.
	AccountId *string

	// The email of an Amazon Web Services account.
	Email *string
	// contains filtered or unexported fields
}

type Action struct {

	// The type of action that was detected. The possible action types are:
	//   - NETWORK_CONNECTION
	//   - AWS_API_CALL
	//   - DNS_REQUEST
	//   - PORT_PROBE
	ActionType *string

	// Included if ActionType is AWS_API_CALL . Provides details about the API call
	// that was detected.
	AwsApiCallAction *AwsApiCallAction

	// Included if ActionType is DNS_REQUEST . Provides details about the DNS request
	// that was detected.
	DnsRequestAction *DnsRequestAction

	// Included if ActionType is NETWORK_CONNECTION . Provides details about the
	// network connection that was detected.
	NetworkConnectionAction *NetworkConnectionAction

	// Included if ActionType is PORT_PROBE . Provides details about the port probe
	// that was detected.
	PortProbeAction *PortProbeAction
	// contains filtered or unexported fields
}

type ActionLocalIpDetails struct {

	// The IP address.
	IpAddressV4 *string
	// contains filtered or unexported fields
}

type ActionLocalPortDetails struct {

	// The number of the port.
	Port *int32

	// The port name of the local connection.
	PortName *string
	// contains filtered or unexported fields
}

type ActionRemoteIpDetails struct {

	// The city where the remote IP address is located.
	City *City

	// The country where the remote IP address is located.
	Country *Country

	// The coordinates of the location of the remote IP address.
	GeoLocation *GeoLocation

	// The IP address.
	IpAddressV4 *string

	// The internet service provider (ISP) organization associated with the remote IP
	// address.
	Organization *IpOrganizationDetails
	// contains filtered or unexported fields
}

type ActionRemotePortDetails struct {

	// The number of the port.
	Port *int32

	// The port name of the remote connection.
	PortName *string
	// contains filtered or unexported fields
}

type ActionTarget struct {

	// The ARN for the target action.
	//
	// This member is required.
	ActionTargetArn *string

	// The description of the target action.
	//
	// This member is required.
	Description *string

	// The name of the action target.
	//
	// This member is required.
	Name *string
	// contains filtered or unexported fields
}

type Adjustment struct {

	// The metric to adjust.
	Metric *string

	// The reason for the adjustment.
	Reason *string
	// contains filtered or unexported fields
}

type AdminAccount struct {

	// The Amazon Web Services account identifier of the Security Hub administrator
	// account.
	AccountId *string

	// The current status of the Security Hub administrator account. Indicates whether
	// the account is currently enabled as a Security Hub administrator.
	Status AdminStatus
	// contains filtered or unexported fields
}

type AdminStatus string

type AssociatedStandard struct {

	// The unique identifier of a standard in which a control is enabled. This field
	// consists of the resource portion of the Amazon Resource Name (ARN) returned for
	// a standard in the DescribeStandards (https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_DescribeStandards.html)
	// API response.
	StandardsId *string
	// contains filtered or unexported fields
}

type AssociationFilters struct {

	// The current status of the association between a target and a configuration
	// policy.
	AssociationStatus ConfigurationPolicyAssociationStatus

	// Indicates whether the association between a target and a configuration was
	// directly applied by the Security Hub delegated administrator or inherited from a
	// parent.
	AssociationType AssociationType

	// The ARN or UUID of the configuration policy.
	ConfigurationPolicyId *string
	// contains filtered or unexported fields
}

type AssociationSetDetails struct {

	// The state of the association between a route table and a subnet or gateway.
	AssociationState *AssociationStateDetails

	// The ID of the internet gateway or virtual private gateway.
	GatewayId *string

	// Indicates whether this is the main route table.
	Main *bool

	// The ID of the association.
	RouteTableAssociationId *string

	// The ID of the route table.
	RouteTableId *string

	// The ID of the subnet. A subnet ID is not returned for an implicit association.
	SubnetId *string
	// contains filtered or unexported fields
}

type AssociationStateDetails struct {

	// The state of the association.
	State *string

	// The status message, if applicable.
	StatusMessage *string
	// contains filtered or unexported fields
}

type AssociationStatus string

type AssociationType string

type AutoEnableStandards string

type AutomationRulesAction struct {

	// Specifies that the automation rule action is an update to a finding field.
	FindingFieldsUpdate *AutomationRulesFindingFieldsUpdate

	// Specifies that the rule action should update the Types finding field. The Types
	// finding field classifies findings in the format of
	// namespace/category/classifier. For more information, see Types taxonomy for ASFF (https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-findings-format-type-taxonomy.html)
	// in the Security Hub User Guide.
	Type AutomationRulesActionType
	// contains filtered or unexported fields
}

type AutomationRulesActionType string

type AutomationRulesConfig struct {

	// One or more actions to update finding fields if a finding matches the defined
	// criteria of the rule.
	Actions []AutomationRulesAction

	// A timestamp that indicates when the rule was created. This field accepts only
	// the specified formats. Timestamps can end with Z or ("+" / "-") time-hour [":"
	// time-minute] . The time-secfrac after seconds is limited to a maximum of 9
	// digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with
	// examples:
	//   - YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z )
	//   - YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z
	//   )
	//   - YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59 )
	//   - YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759 )
	//   - YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example,
	//   2024-01-04T15:25:10.123456789+17:59 )
	CreatedAt *time.Time

	// The principal that created a rule.
	CreatedBy *string

	// A set of Amazon Web Services Security Finding Format (https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-findings-format.html)
	// finding field attributes and corresponding expected values that Security Hub
	// uses to filter findings. If a rule is enabled and a finding matches the
	// conditions specified in this parameter, Security Hub applies the rule action to
	// the finding.
	Criteria *AutomationRulesFindingFilters

	// A description of the rule.
	Description *string

	// Specifies whether a rule is the last to be applied with respect to a finding
	// that matches the rule criteria. This is useful when a finding matches the
	// criteria for multiple rules, and each rule has different actions. If a rule is
	// terminal, Security Hub applies the rule action to a finding that matches the
	// rule criteria and doesn't evaluate other rules for the finding. By default, a
	// rule isn't terminal.
	IsTerminal *bool

	// The Amazon Resource Name (ARN) of a rule.
	RuleArn *string

	// The name of the rule.
	RuleName *string

	// An integer ranging from 1 to 1000 that represents the order in which the rule
	// action is applied to findings. Security Hub applies rules with lower values for
	// this parameter first.
	RuleOrder *int32

	// Whether the rule is active after it is created. If this parameter is equal to
	// ENABLED , Security Hub starts applying the rule to findings and finding updates
	// after the rule is created.
	RuleStatus RuleStatus

	// A timestamp that indicates when the rule was most recently updated. This field
	// accepts only the specified formats. Timestamps can end with Z or ("+" / "-")
	// time-hour [":" time-minute] . The time-secfrac after seconds is limited to a
	// maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp
	// formats with examples:
	//   - YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z )
	//   - YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z
	//   )
	//   - YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59 )
	//   - YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759 )
	//   - YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example,
	//   2024-01-04T15:25:10.123456789+17:59 )
	UpdatedAt *time.Time
	// contains filtered or unexported fields
}

type AutomationRulesFindingFieldsUpdate struct {

	// The rule action updates the Confidence field of a finding.
	Confidence *int32

	// The rule action updates the Criticality field of a finding.
	Criticality *int32

	// The updated note.
	Note *NoteUpdate

	// The rule action updates the RelatedFindings field of a finding.
	RelatedFindings []RelatedFinding

	// Updates to the severity information for a finding.
	Severity *SeverityUpdate

	// The rule action updates the Types field of a finding.
	Types []string

	// The rule action updates the UserDefinedFields field of a finding.
	UserDefinedFields map[string]string

	// The rule action updates the VerificationState field of a finding.
	VerificationState VerificationState

	// Used to update information about the investigation into the finding.
	Workflow *WorkflowUpdate
	// contains filtered or unexported fields
}

type AutomationRulesFindingFilters struct {

	// The Amazon Web Services account ID in which a finding was generated. Array
	// Members: Minimum number of 1 item. Maximum number of 100 items.
	AwsAccountId []StringFilter

	// The name of the Amazon Web Services account in which a finding was generated.
	// Array Members: Minimum number of 1 item. Maximum number of 20 items.
	AwsAccountName []StringFilter

	// The name of the company for the product that generated the finding. For
	// control-based findings, the company is Amazon Web Services. Array Members:
	// Minimum number of 1 item. Maximum number of 20 items.
	CompanyName []StringFilter

	// The unique identifier of a standard in which a control is enabled. This field
	// consists of the resource portion of the Amazon Resource Name (ARN) returned for
	// a standard in the DescribeStandards (https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_DescribeStandards.html)
	// API response. Array Members: Minimum number of 1 item. Maximum number of 20
	// items.
	ComplianceAssociatedStandardsId []StringFilter

	// The security control ID for which a finding was generated. Security control IDs
	// are the same across standards. Array Members: Minimum number of 1 item. Maximum
	// number of 20 items.
	ComplianceSecurityControlId []StringFilter

	// The result of a security check. This field is only used for findings generated
	// from controls. Array Members: Minimum number of 1 item. Maximum number of 20
	// items.
	ComplianceStatus []StringFilter

	// The likelihood that a finding accurately identifies the behavior or issue that
	// it was intended to identify. Confidence is scored on a 0–100 basis using a
	// ratio scale. A value of 0 means 0 percent confidence, and a value of 100 means
	// 100 percent confidence. For example, a data exfiltration detection based on a
	// statistical deviation of network traffic has low confidence because an actual
	// exfiltration hasn't been verified. For more information, see Confidence (https://docs.aws.amazon.com/securityhub/latest/userguide/asff-top-level-attributes.html#asff-confidence)
	// in the Security Hub User Guide. Array Members: Minimum number of 1 item. Maximum
	// number of 20 items.
	Confidence []NumberFilter

	// A timestamp that indicates when this finding record was created. This field
	// accepts only the specified formats. Timestamps can end with Z or ("+" / "-")
	// time-hour [":" time-minute] . The time-secfrac after seconds is limited to a
	// maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp
	// formats with examples:
	//   - YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z )
	//   - YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z
	//   )
	//   - YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59 )
	//   - YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759 )
	//   - YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example,
	//   2024-01-04T15:25:10.123456789+17:59 )
	// Array Members: Minimum number of 1 item. Maximum number of 20 items.
	CreatedAt []DateFilter

	// The level of importance that is assigned to the resources that are associated
	// with a finding. Criticality is scored on a 0–100 basis, using a ratio scale
	// that supports only full integers. A score of 0 means that the underlying
	// resources have no criticality, and a score of 100 is reserved for the most
	// critical resources. For more information, see Criticality (https://docs.aws.amazon.com/securityhub/latest/userguide/asff-top-level-attributes.html#asff-criticality)
	// in the Security Hub User Guide. Array Members: Minimum number of 1 item. Maximum
	// number of 20 items.
	Criticality []NumberFilter

	// A finding's description. Array Members: Minimum number of 1 item. Maximum
	// number of 20 items.
	Description []StringFilter

	// A timestamp that indicates when the potential security issue captured by a
	// finding was first observed by the security findings product. This field accepts
	// only the specified formats. Timestamps can end with Z or ("+" / "-") time-hour
	// [":" time-minute] . The time-secfrac after seconds is limited to a maximum of 9
	// digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with
	// examples:
	//   - YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z )
	//   - YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z
	//   )
	//   - YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59 )
	//   - YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759 )
	//   - YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example,
	//   2024-01-04T15:25:10.123456789+17:59 )
	// Array Members: Minimum number of 1 item. Maximum number of 20 items.
	FirstObservedAt []DateFilter

	// The identifier for the solution-specific component that generated a finding.
	// Array Members: Minimum number of 1 item. Maximum number of 100 items.
	GeneratorId []StringFilter

	// The product-specific identifier for a finding. Array Members: Minimum number of
	// 1 item. Maximum number of 20 items.
	Id []StringFilter

	// A timestamp that indicates when the potential security issue captured by a
	// finding was most recently observed by the security findings product. This field
	// accepts only the specified formats. Timestamps can end with Z or ("+" / "-")
	// time-hour [":" time-minute] . The time-secfrac after seconds is limited to a
	// maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp
	// formats with examples:
	//   - YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z )
	//   - YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z
	//   )
	//   - YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59 )
	//   - YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759 )
	//   - YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example,
	//   2024-01-04T15:25:10.123456789+17:59 )
	// Array Members: Minimum number of 1 item. Maximum number of 20 items.
	LastObservedAt []DateFilter

	// The text of a user-defined note that's added to a finding. Array Members:
	// Minimum number of 1 item. Maximum number of 20 items.
	NoteText []StringFilter

	// The timestamp of when the note was updated. This field accepts only the
	// specified formats. Timestamps can end with Z or ("+" / "-") time-hour [":"
	// time-minute] . The time-secfrac after seconds is limited to a maximum of 9
	// digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with
	// examples:
	//   - YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z )
	//   - YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z
	//   )
	//   - YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59 )
	//   - YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759 )
	//   - YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example,
	//   2024-01-04T15:25:10.123456789+17:59 )
	// Array Members: Minimum number of 1 item. Maximum number of 20 items.
	NoteUpdatedAt []DateFilter

	// The principal that created a note. Array Members: Minimum number of 1 item.
	// Maximum number of 20 items.
	NoteUpdatedBy []StringFilter

	// The Amazon Resource Name (ARN) for a third-party product that generated a
	// finding in Security Hub. Array Members: Minimum number of 1 item. Maximum number
	// of 20 items.
	ProductArn []StringFilter

	// Provides the name of the product that generated the finding. For control-based
	// findings, the product name is Security Hub. Array Members: Minimum number of 1
	// item. Maximum number of 20 items.
	ProductName []StringFilter

	// Provides the current state of a finding. Array Members: Minimum number of 1
	// item. Maximum number of 20 items.
	RecordState []StringFilter

	// The product-generated identifier for a related finding. Array Members: Minimum
	// number of 1 item. Maximum number of 20 items.
	RelatedFindingsId []StringFilter

	// The ARN for the product that generated a related finding. Array Members:
	// Minimum number of 1 item. Maximum number of 20 items.
	RelatedFindingsProductArn []StringFilter

	// The Amazon Resource Name (ARN) of the application that is related to a finding.
	// Array Members: Minimum number of 1 item. Maximum number of 20 items.
	ResourceApplicationArn []StringFilter

	// The name of the application that is related to a finding. Array Members:
	// Minimum number of 1 item. Maximum number of 20 items.
	ResourceApplicationName []StringFilter

	// Custom fields and values about the resource that a finding pertains to. Array
	// Members: Minimum number of 1 item. Maximum number of 20 items.
	ResourceDetailsOther []MapFilter

	// The identifier for the given resource type. For Amazon Web Services resources
	// that are identified by Amazon Resource Names (ARNs), this is the ARN. For Amazon
	// Web Services resources that lack ARNs, this is the identifier as defined by the
	// Amazon Web Service that created the resource. For non-Amazon Web Services
	// resources, this is a unique identifier that is associated with the resource.
	// Array Members: Minimum number of 1 item. Maximum number of 100 items.
	ResourceId []StringFilter

	// The partition in which the resource that the finding pertains to is located. A
	// partition is a group of Amazon Web Services Regions. Each Amazon Web Services
	// account is scoped to one partition. Array Members: Minimum number of 1 item.
	// Maximum number of 20 items.
	ResourcePartition []StringFilter

	// The Amazon Web Services Region where the resource that a finding pertains to is
	// located. Array Members: Minimum number of 1 item. Maximum number of 20 items.
	ResourceRegion []StringFilter

	// A list of Amazon Web Services tags associated with a resource at the time the
	// finding was processed. Array Members: Minimum number of 1 item. Maximum number
	// of 20 items.
	ResourceTags []MapFilter

	// The type of resource that the finding pertains to. Array Members: Minimum
	// number of 1 item. Maximum number of 20 items.
	ResourceType []StringFilter

	// The severity value of the finding. Array Members: Minimum number of 1 item.
	// Maximum number of 20 items.
	SeverityLabel []StringFilter

	// Provides a URL that links to a page about the current finding in the finding
	// product. Array Members: Minimum number of 1 item. Maximum number of 20 items.
	SourceUrl []StringFilter

	// A finding's title. Array Members: Minimum number of 1 item. Maximum number of
	// 100 items.
	Title []StringFilter

	// One or more finding types in the format of namespace/category/classifier that
	// classify a finding. For a list of namespaces, classifiers, and categories, see
	// Types taxonomy for ASFF (https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-findings-format-type-taxonomy.html)
	// in the Security Hub User Guide. Array Members: Minimum number of 1 item. Maximum
	// number of 20 items.
	Type []StringFilter

	// A timestamp that indicates when the finding record was most recently updated.
	// This field accepts only the specified formats. Timestamps can end with Z or
	// ("+" / "-") time-hour [":" time-minute] . The time-secfrac after seconds is
	// limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are
	// valid timestamp formats with examples:
	//   - YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z )
	//   - YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z
	//   )
	//   - YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59 )
	//   - YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759 )
	//   - YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example,
	//   2024-01-04T15:25:10.123456789+17:59 )
	// Array Members: Minimum number of 1 item. Maximum number of 20 items.
	UpdatedAt []DateFilter

	// A list of user-defined name and value string pairs added to a finding. Array
	// Members: Minimum number of 1 item. Maximum number of 20 items.
	UserDefinedFields []MapFilter

	// Provides the veracity of a finding. Array Members: Minimum number of 1 item.
	// Maximum number of 20 items.
	VerificationState []StringFilter

	// Provides information about the status of the investigation into a finding.
	// Array Members: Minimum number of 1 item. Maximum number of 20 items.
	WorkflowStatus []StringFilter
	// contains filtered or unexported fields
}

type AutomationRulesMetadata struct {

	// A timestamp that indicates when the rule was created. This field accepts only
	// the specified formats. Timestamps can end with Z or ("+" / "-") time-hour [":"
	// time-minute] . The time-secfrac after seconds is limited to a maximum of 9
	// digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with
	// examples:
	//   - YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z )
	//   - YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z
	//   )
	//   - YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59 )
	//   - YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759 )
	//   - YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example,
	//   2024-01-04T15:25:10.123456789+17:59 )
	CreatedAt *time.Time

	// The principal that created a rule.
	CreatedBy *string

	// A description of the rule.
	Description *string

	// Specifies whether a rule is the last to be applied with respect to a finding
	// that matches the rule criteria. This is useful when a finding matches the
	// criteria for multiple rules, and each rule has different actions. If a rule is
	// terminal, Security Hub applies the rule action to a finding that matches the
	// rule criteria and doesn't evaluate other rules for the finding. By default, a
	// rule isn't terminal.
	IsTerminal *bool

	// The Amazon Resource Name (ARN) for the rule.
	RuleArn *string

	// The name of the rule.
	RuleName *string

	// An integer ranging from 1 to 1000 that represents the order in which the rule
	// action is applied to findings. Security Hub applies rules with lower values for
	// this parameter first.
	RuleOrder *int32

	// Whether the rule is active after it is created. If this parameter is equal to
	// ENABLED , Security Hub starts applying the rule to findings and finding updates
	// after the rule is created. To change the value of this parameter after creating
	// a rule, use BatchUpdateAutomationRules (https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_BatchUpdateAutomationRules.html)
	// .
	RuleStatus RuleStatus

	// A timestamp that indicates when the rule was most recently updated. This field
	// accepts only the specified formats. Timestamps can end with Z or ("+" / "-")
	// time-hour [":" time-minute] . The time-secfrac after seconds is limited to a
	// maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp
	// formats with examples:
	//   - YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z )
	//   - YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z
	//   )
	//   - YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59 )
	//   - YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759 )
	//   - YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example,
	//   2024-01-04T15:25:10.123456789+17:59 )
	UpdatedAt *time.Time
	// contains filtered or unexported fields
}

type AvailabilityZone struct {

	// The ID of the subnet. You can specify one subnet per Availability Zone.
	SubnetId *string

	// The name of the Availability Zone.
	ZoneName *string
	// contains filtered or unexported fields
}

type AwsAmazonMqBrokerDetails struct {

	// The authentication strategy used to secure the broker. The default is SIMPLE .
	AuthenticationStrategy *string

	// Whether automatically upgrade new minor versions for brokers, as new versions
	// are released and supported by Amazon MQ. Automatic upgrades occur during the
	// scheduled maintenance window of the broker or after a manual broker reboot.
	AutoMinorVersionUpgrade *bool

	// The Amazon Resource Name (ARN) of the broker.
	BrokerArn *string

	// The unique ID that Amazon MQ generates for the broker.
	BrokerId *string

	// The broker's name.
	BrokerName *string

	// The broker's deployment mode.
	DeploymentMode *string

	// Encryption options for the broker. Doesn’t apply to RabbitMQ brokers.
	EncryptionOptions *AwsAmazonMqBrokerEncryptionOptionsDetails

	// The type of broker engine.
	EngineType *string

	// The version of the broker engine.
	EngineVersion *string

	// The broker's instance type.
	HostInstanceType *string

	// The metadata of the Lightweight Directory Access Protocol (LDAP) server used to
	// authenticate and authorize connections to the broker. This is an optional
	// failover server.
	LdapServerMetadata *AwsAmazonMqBrokerLdapServerMetadataDetails

	// Turns on Amazon CloudWatch logging for brokers.
	Logs *AwsAmazonMqBrokerLogsDetails

	// The scheduled time period (UTC) during which Amazon MQ begins to apply pending
	// updates or patches to the broker.
	MaintenanceWindowStartTime *AwsAmazonMqBrokerMaintenanceWindowStartTimeDetails

	// Permits connections from applications outside of the VPC that hosts the
	// broker's subnets.
	PubliclyAccessible *bool

	// The list of rules (one minimum, 125 maximum) that authorize connections to
	// brokers.
	SecurityGroups []string

	// The broker's storage type.
	StorageType *string

	// The list of groups that define which subnets and IP ranges the broker can use
	// from different Availability Zones.
	SubnetIds []string

	// The list of all broker usernames for the specified broker. Doesn't apply to
	// RabbitMQ brokers.
	Users []AwsAmazonMqBrokerUsersDetails
	// contains filtered or unexported fields
}

type AwsAmazonMqBrokerEncryptionOptionsDetails struct {

	// The KMS key that’s used to encrypt your data at rest. If not provided, Amazon
	// MQ will use a default KMS key to encrypt your data.
	KmsKeyId *string

	// Specifies that an KMS key should be used for at-rest encryption. Set to true by
	// default if no value is provided (for example, for RabbitMQ brokers).
	UseAwsOwnedKey *bool
	// contains filtered or unexported fields
}

type AwsAmazonMqBrokerLdapServerMetadataDetails struct {

	// Specifies the location of the LDAP server, such as Amazon Web Services
	// Directory Service for Microsoft Active Directory.
	Hosts []string

	// The distinguished name of the node in the directory information tree (DIT) to
	// search for roles or groups.
	RoleBase *string

	// The group name attribute in a role entry whose value is the name of that role.
	RoleName *string

	// The LDAP search filter used to find roles within the roleBase .
	RoleSearchMatching *string

	// The directory search scope for the role. If set to true , the scope is to search
	// the entire subtree.
	RoleSearchSubtree *bool

	// A username for the service account, which is an account in your LDAP server
	// that has access to initiate a connection.
	ServiceAccountUsername *string

	// Selects a particular subtree of the directory information tree (DIT) to search
	// for user entries.
	UserBase *string

	// The name of the LDAP attribute in the user's directory entry for the user's
	// group membership.
	UserRoleName *string

	// The LDAP search filter used to find users within the userBase .
	UserSearchMatching *string

	// The directory search scope for the user. If set to true, the scope is to search
	// the entire subtree.
	UserSearchSubtree *bool
	// contains filtered or unexported fields
}

type AwsAmazonMqBrokerLogsDetails struct {

	// Activates audit logging. Every user management action made using JMX or the
	// ActiveMQ Web Console is logged. Doesn't apply to RabbitMQ brokers.
	Audit *bool

	// The location of the CloudWatch Logs log group where audit logs are sent.
	AuditLogGroup *string

	// Activates general logging.
	General *bool

	// The location of the CloudWatch Logs log group where general logs are sent.
	GeneralLogGroup *string

	// The list of information about logs that are to be turned on for the specified
	// broker.
	Pending *AwsAmazonMqBrokerLogsPendingDetails
	// contains filtered or unexported fields
}

type AwsAmazonMqBrokerLogsPendingDetails struct {

	// Activates audit logging. Every user management action made using JMX or the
	// ActiveMQ Web Console is logged. Doesn't apply to RabbitMQ brokers.
	Audit *bool

	// Activates general logging.
	General *bool
	// contains filtered or unexported fields
}

type AwsAmazonMqBrokerMaintenanceWindowStartTimeDetails struct {

	// The day of the week on which the maintenance window falls.
	DayOfWeek *string

	// The time, in 24-hour format, on which the maintenance window falls.
	TimeOfDay *string

	// The time zone in either the Country/City format or the UTC offset format. UTC
	// is the default format.
	TimeZone *string
	// contains filtered or unexported fields
}

type AwsAmazonMqBrokerUsersDetails struct {

	// The type of change pending for the broker user.
	PendingChange *string

	// The username of the broker user.
	Username *string
	// contains filtered or unexported fields
}

type AwsApiCallAction struct {

	// Identifies the resources that were affected by the API call.
	AffectedResources map[string]string

	// The name of the API method that was issued.
	Api *string

	// Indicates whether the API call originated from a remote IP address ( remoteip )
	// or from a DNS domain ( domain ).
	CallerType *string

	// Provided if CallerType is domain . Provides information about the DNS domain
	// that the API call originated from.
	DomainDetails *AwsApiCallActionDomainDetails

	// A timestamp that indicates when the API call was first observed. This field
	// accepts only the specified formats. Timestamps can end with Z or ("+" / "-")
	// time-hour [":" time-minute] . The time-secfrac after seconds is limited to a
	// maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp
	// formats with examples:
	//   - YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z )
	//   - YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z
	//   )
	//   - YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59 )
	//   - YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759 )
	//   - YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example,
	//   2024-01-04T15:25:10.123456789+17:59 )
	FirstSeen *string

	// A timestamp that indicates when the API call was most recently observed. This
	// field accepts only the specified formats. Timestamps can end with Z or ("+" /
	// "-") time-hour [":" time-minute] . The time-secfrac after seconds is limited to
	// a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid
	// timestamp formats with examples:
	//   - YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z )
	//   - YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z
	//   )
	//   - YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59 )
	//   - YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759 )
	//   - YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example,
	//   2024-01-04T15:25:10.123456789+17:59 )
	LastSeen *string

	// Provided if CallerType is remoteIp . Provides information about the remote IP
	// address that the API call originated from.
	RemoteIpDetails *ActionRemoteIpDetails

	// The name of the Amazon Web Services service that the API method belongs to.
	ServiceName *string
	// contains filtered or unexported fields
}

type AwsApiCallActionDomainDetails struct {

	// The name of the DNS domain that issued the API call.
	Domain *string
	// contains filtered or unexported fields
}

type AwsApiGatewayAccessLogSettings struct {

	// The ARN of the CloudWatch Logs log group that receives the access logs.
	DestinationArn *string

	// A single-line format of the access logs of data, as specified by selected
	// $context variables. The format must include at least $context.requestId .
	Format *string
	// contains filtered or unexported fields
}

type AwsApiGatewayCanarySettings struct {

	// The deployment identifier for the canary deployment.
	DeploymentId *string

	// The percentage of traffic that is diverted to a canary deployment.
	PercentTraffic *float64

	// Stage variables that are overridden in the canary release deployment. The
	// variables include new stage variables that are introduced in the canary. Each
	// variable is represented as a string-to-string map between the stage variable
	// name and the variable value.
	StageVariableOverrides map[string]string

	// Indicates whether the canary deployment uses the stage cache.
	UseStageCache *bool
	// contains filtered or unexported fields
}

type AwsApiGatewayEndpointConfiguration struct {

	// A list of endpoint types for the REST API. For an edge-optimized API, the
	// endpoint type is EDGE . For a Regional API, the endpoint type is REGIONAL . For
	// a private API, the endpoint type is PRIVATE .
	Types []string
	// contains filtered or unexported fields
}

type AwsApiGatewayMethodSettings struct {

	// Indicates whether the cached responses are encrypted.
	CacheDataEncrypted *bool

	// Specifies the time to live (TTL), in seconds, for cached responses. The higher
	// the TTL, the longer the response is cached.
	CacheTtlInSeconds *int32

	// Indicates whether responses are cached and returned for requests. For responses
	// to be cached, a cache cluster must be enabled on the stage.
	CachingEnabled *bool

	// Indicates whether data trace logging is enabled for the method. Data trace
	// logging affects the log entries that are pushed to CloudWatch Logs.
	DataTraceEnabled *bool

	// The HTTP method. You can use an asterisk (*) as a wildcard to apply method
	// settings to multiple methods.
	HttpMethod *string

	// The logging level for this method. The logging level affects the log entries
	// that are pushed to CloudWatch Logs. If the logging level is ERROR , then the
	// logs only include error-level entries. If the logging level is INFO , then the
	// logs include both ERROR events and extra informational events. Valid values: OFF
	// | ERROR | INFO
	LoggingLevel *string

	// Indicates whether CloudWatch metrics are enabled for the method.
	MetricsEnabled *bool

	// Indicates whether authorization is required for a cache invalidation request.
	RequireAuthorizationForCacheControl *bool

	// The resource path for this method. Forward slashes (/) are encoded as ~1 . The
	// initial slash must include a forward slash. For example, the path value
	// /resource/subresource must be encoded as /~1resource~1subresource . To specify
	// the root path, use only a slash (/). You can use an asterisk (*) as a wildcard
	// to apply method settings to multiple methods.
	ResourcePath *string

	// The throttling burst limit for the method.
	ThrottlingBurstLimit *int32

	// The throttling rate limit for the method.
	ThrottlingRateLimit *float64

	// Indicates how to handle unauthorized requests for cache invalidation. Valid
	// values: FAIL_WITH_403 | SUCCEED_WITH_RESPONSE_HEADER |
	// SUCCEED_WITHOUT_RESPONSE_HEADER
	UnauthorizedCacheControlHeaderStrategy *string
	// contains filtered or unexported fields
}

type AwsApiGatewayRestApiDetails struct {

	// The source of the API key for metering requests according to a usage plan.
	// HEADER indicates whether to read the API key from the X-API-Key header of a
	// request. AUTHORIZER indicates whether to read the API key from the
	// UsageIdentifierKey from a custom authorizer.
	ApiKeySource *string

	// The list of binary media types supported by the REST API.
	BinaryMediaTypes []string

	// Indicates when the API was created. This field accepts only the specified
	// formats. Timestamps can end with Z or ("+" / "-") time-hour [":" time-minute] .
	// The time-secfrac after seconds is limited to a maximum of 9 digits. The offset
	// is bounded by +/-18:00. Here are valid timestamp formats with examples:
	//   - YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z )
	//   - YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z
	//   )
	//   - YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59 )
	//   - YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759 )
	//   - YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example,
	//   2024-01-04T15:25:10.123456789+17:59 )
	CreatedDate *string

	// A description of the REST API.
	Description *string

	// The endpoint configuration of the REST API.
	EndpointConfiguration *AwsApiGatewayEndpointConfiguration

	// The identifier of the REST API.
	Id *string

	// The minimum size in bytes of a payload before compression is enabled. If null ,
	// then compression is disabled. If 0, then all payloads are compressed.
	MinimumCompressionSize *int32

	// The name of the REST API.
	Name *string

	// The version identifier for the REST API.
	Version *string
	// contains filtered or unexported fields
}

type AwsApiGatewayStageDetails struct {

	// Settings for logging access for the stage.
	AccessLogSettings *AwsApiGatewayAccessLogSettings

	// Indicates whether a cache cluster is enabled for the stage.
	CacheClusterEnabled *bool

	// If a cache cluster is enabled, the size of the cache cluster.
	CacheClusterSize *string

	// If a cache cluster is enabled, the status of the cache cluster.
	CacheClusterStatus *string

	// Information about settings for canary deployment in the stage.
	CanarySettings *AwsApiGatewayCanarySettings

	// The identifier of the client certificate for the stage.
	ClientCertificateId *string

	// Indicates when the stage was created. This field accepts only the specified
	// formats. Timestamps can end with Z or ("+" / "-") time-hour [":" time-minute] .
	// The time-secfrac after seconds is limited to a maximum of 9 digits. The offset
	// is bounded by +/-18:00. Here are valid timestamp formats with examples:
	//   - YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z )
	//   - YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z
	//   )
	//   - YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59 )
	//   - YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759 )
	//   - YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example,
	//   2024-01-04T15:25:10.123456789+17:59 )
	CreatedDate *string

	// The identifier of the deployment that the stage points to.
	DeploymentId *string

	// A description of the stage.
	Description *string

	// The version of the API documentation that is associated with the stage.
	DocumentationVersion *string

	// Indicates when the stage was most recently updated. This field accepts only the
	// specified formats. Timestamps can end with Z or ("+" / "-") time-hour [":"
	// time-minute] . The time-secfrac after seconds is limited to a maximum of 9
	// digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with
	// examples:
	//   - YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z )
	//   - YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z
	//   )
	//   - YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59 )
	//   - YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759 )
	//   - YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example,
	//   2024-01-04T15:25:10.123456789+17:59 )
	LastUpdatedDate *string

	// Defines the method settings for the stage.
	MethodSettings []AwsApiGatewayMethodSettings

	// The name of the stage.
	StageName *string

	// Indicates whether active tracing with X-Ray is enabled for the stage.
	TracingEnabled *bool

	// A map that defines the stage variables for the stage. Variable names can have
	// alphanumeric and underscore characters. Variable values can contain the
	// following characters:
	//   - Uppercase and lowercase letters
	//   - Numbers
	//   - Special characters -._~:/?#&=,
	Variables map[string]string

	// The ARN of the web ACL associated with the stage.
	WebAclArn *string
	// contains filtered or unexported fields
}

type AwsApiGatewayV2ApiDetails struct {

	// The URI of the API. Uses the format  .execute-api..amazonaws.com The stage name
	// is typically appended to the URI to form a complete path to a deployed API
	// stage.
	ApiEndpoint *string

	// The identifier of the API.
	ApiId *string

	// An API key selection expression. Supported only for WebSocket APIs.
	ApiKeySelectionExpression *string

	// A cross-origin resource sharing (CORS) configuration. Supported only for HTTP
	// APIs.
	CorsConfiguration *AwsCorsConfiguration

	// Indicates when the API was created. This field accepts only the specified
	// formats. Timestamps can end with Z or ("+" / "-") time-hour [":" time-minute] .
	// The time-secfrac after seconds is limited to a maximum of 9 digits. The offset
	// is bounded by +/-18:00. Here are valid timestamp formats with examples:
	//   - YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z )
	//   - YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z
	//   )
	//   - YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59 )
	//   - YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759 )
	//   - YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example,
	//   2024-01-04T15:25:10.123456789+17:59 )
	CreatedDate *string

	// A description of the API.
	Description *string

	// The name of the API.
	Name *string

	// The API protocol for the API. Valid values: WEBSOCKET | HTTP
	ProtocolType *string

	// The route selection expression for the API. For HTTP APIs, must be
	// ${request.method} ${request.path} . This is the default value for HTTP APIs. For
	// WebSocket APIs, there is no default value.
	RouteSelectionExpression *string

	// The version identifier for the API.
	Version *string
	// contains filtered or unexported fields
}

type AwsApiGatewayV2RouteSettings struct {

	// Indicates whether data trace logging is enabled. Data trace logging affects the
	// log entries that are pushed to CloudWatch Logs. Supported only for WebSocket
	// APIs.
	DataTraceEnabled *bool

	// Indicates whether detailed metrics are enabled.
	DetailedMetricsEnabled *bool

	// The logging level. The logging level affects the log entries that are pushed to
	// CloudWatch Logs. Supported only for WebSocket APIs. If the logging level is
	// ERROR , then the logs only include error-level entries. If the logging level is
	// INFO , then the logs include both ERROR events and extra informational events.
	// Valid values: OFF | ERROR | INFO
	LoggingLevel *string

	// The throttling burst limit.
	ThrottlingBurstLimit *int32

	// The throttling rate limit.
	ThrottlingRateLimit *float64
	// contains filtered or unexported fields
}

type AwsApiGatewayV2StageDetails struct {

	// Information about settings for logging access for the stage.
	AccessLogSettings *AwsApiGatewayAccessLogSettings

	// Indicates whether the stage is managed by API Gateway.
	ApiGatewayManaged *bool

	// Indicates whether updates to an API automatically trigger a new deployment.
	AutoDeploy *bool

	// The identifier of a client certificate for a stage. Supported only for
	// WebSocket API calls.
	ClientCertificateId *string

	// Indicates when the stage was created. This field accepts only the specified
	// formats. Timestamps can end with Z or ("+" / "-") time-hour [":" time-minute] .
	// The time-secfrac after seconds is limited to a maximum of 9 digits. The offset
	// is bounded by +/-18:00. Here are valid timestamp formats with examples:
	//   - YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z )
	//   - YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z
	//   )
	//   - YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59 )
	//   - YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759 )
	//   - YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example,
	//   2024-01-04T15:25:10.123456789+17:59 )
	CreatedDate *string

	// Default route settings for the stage.
	DefaultRouteSettings *AwsApiGatewayV2RouteSettings

	// The identifier of the deployment that the stage is associated with.
	DeploymentId *string

	// The description of the stage.
	Description *string

	// The status of the last deployment of a stage. Supported only if the stage has
	// automatic deployment enabled.
	LastDeploymentStatusMessage *string

	// Indicates when the stage was most recently updated. This field accepts only the
	// specified formats. Timestamps can end with Z or ("+" / "-") time-hour [":"
	// time-minute] . The time-secfrac after seconds is limited to a maximum of 9
	// digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with
	// examples:
	//   - YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z )
	//   - YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z
	//   )
	//   - YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59 )
	//   - YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759 )
	//   - YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example,
	//   2024-01-04T15:25:10.123456789+17:59 )
	LastUpdatedDate *string

	// The route settings for the stage.
	RouteSettings *AwsApiGatewayV2RouteSettings

	// The name of the stage.
	StageName *string

	// A map that defines the stage variables for the stage. Variable names can have
	// alphanumeric and underscore characters. Variable values can contain the
	// following characters:
	//   - Uppercase and lowercase letters
	//   - Numbers
	//   - Special characters -._~:/?#&=,
	StageVariables map[string]string
	// contains filtered or unexported fields
}

type AwsAppSyncGraphQlApiAdditionalAuthenticationProvidersDetails struct {

	// The type of security configuration for your GraphQL API: API key, Identity and
	// Access Management (IAM), OpenID Connect (OIDC), Amazon Cognito user pools, or
	// Lambda.
	AuthenticationType *string

	// The configuration for Lambda function authorization.
	LambdaAuthorizerConfig *AwsAppSyncGraphQlApiLambdaAuthorizerConfigDetails

	// The OpenID Connect configuration.
	OpenIdConnectConfig *AwsAppSyncGraphQlApiOpenIdConnectConfigDetails

	// The Amazon Cognito user pools configuration.
	UserPoolConfig *AwsAppSyncGraphQlApiUserPoolConfigDetails
	// contains filtered or unexported fields
}

type AwsAppSyncGraphQlApiDetails struct {

	// A list of additional authentication providers for the GraphQL API.
	AdditionalAuthenticationProviders []AwsAppSyncGraphQlApiAdditionalAuthenticationProvidersDetails

	// The unique identifier for the API.
	ApiId *string

	// The Amazon Resource Name (ARN) of the API.
	Arn *string

	// The type of security configuration for your GraphQL API: API key, Identity and
	// Access Management (IAM), OpenID Connect (OIDC), Amazon Cognito user pools, or
	// Lambda.
	AuthenticationType *string

	// The unique identifier for the API.
	Id *string

	// Specifies the configuration for Lambda function authorization.
	LambdaAuthorizerConfig *AwsAppSyncGraphQlApiLambdaAuthorizerConfigDetails

	// The Amazon CloudWatch Logs configuration.
	LogConfig *AwsAppSyncGraphQlApiLogConfigDetails

	// The API name.
	Name *string

	// Specifies the authorization configuration for using an OpenID Connect compliant
	// service with an AppSync GraphQL API endpoint.
	OpenIdConnectConfig *AwsAppSyncGraphQlApiOpenIdConnectConfigDetails

	// The Amazon Cognito user pools configuration.
	UserPoolConfig *AwsAppSyncGraphQlApiUserPoolConfigDetails

	// The Amazon Resource Name (ARN) of the WAF web access control list (web ACL)
	// associated with this GraphQL API, if one exists.
	WafWebAclArn *string

	// Indicates whether to use X-Ray tracing for the GraphQL API.
	XrayEnabled *bool
	// contains filtered or unexported fields
}

type AwsAppSyncGraphQlApiLambdaAuthorizerConfigDetails struct {

	// The number of seconds a response should be cached for. The default is 5 minutes
	// (300 seconds).
	AuthorizerResultTtlInSeconds *int32

	// The Amazon Resource Name (ARN) of the Lambda function to be called for
	// authorization. This can be a standard Lambda ARN, a version ARN (.../v3), or an
	// alias ARN.
	AuthorizerUri *string

	// A regular expression for validation of tokens before the Lambda function is
	// called.
	IdentityValidationExpression *string
	// contains filtered or unexported fields
}

type AwsAppSyncGraphQlApiLogConfigDetails struct {

	// The Amazon Resource Name (ARN) of the service role that AppSync assumes to
	// publish to CloudWatch Logs in your account.
	CloudWatchLogsRoleArn *string

	// Set to TRUE to exclude sections that contain information such as headers,
	// context, and evaluated mapping templates, regardless of logging level.
	ExcludeVerboseContent *bool

	// The field logging level.
	FieldLogLevel *string
	// contains filtered or unexported fields
}

type AwsAppSyncGraphQlApiOpenIdConnectConfigDetails struct {

	// The number of milliseconds that a token is valid after being authenticated.
	AuthTtL *int64

	// The client identifier of the relying party at the OpenID identity provider.
	// This identifier is typically obtained when the relying party is registered with
	// the OpenID identity provider. You can specify a regular expression so that
	// AppSync can validate against multiple client identifiers at a time.
	ClientId *string

	// The number of milliseconds that a token is valid after it's issued to a user.
	IatTtL *int64

	// The issuer for the OIDC configuration. The issuer returned by discovery must
	// exactly match the value of iss in the ID token.
	Issuer *string
	// contains filtered or unexported fields
}

type AwsAppSyncGraphQlApiUserPoolConfigDetails struct {

	// A regular expression for validating the incoming Amazon Cognito user pools app
	// client ID. If this value isn't set, no filtering is applied.
	AppIdClientRegex *string

	// The Amazon Web Services Region in which the user pool was created.
	AwsRegion *string

	// The action that you want your GraphQL API to take when a request that uses
	// Amazon Cognito user pools authentication doesn't match the Amazon Cognito user
	// pools configuration.
	DefaultAction *string

	// The user pool ID.
	UserPoolId *string
	// contains filtered or unexported fields
}

type AwsAthenaWorkGroupConfigurationDetails struct {

	// The location in Amazon S3 where query and calculation results are stored and
	// the encryption option, if any, used for query and calculation results. These are
	// known as client-side settings. If workgroup settings override client-side
	// settings, then the query uses the workgroup settings.
	ResultConfiguration *AwsAthenaWorkGroupConfigurationResultConfigurationDetails
	// contains filtered or unexported fields
}

type AwsAthenaWorkGroupConfigurationResultConfigurationDetails struct {

	// Specifies the method used to encrypt the user’s data stores in the Athena
	// workgroup.
	EncryptionConfiguration *AwsAthenaWorkGroupConfigurationResultConfigurationEncryptionConfigurationDetails
	// contains filtered or unexported fields
}

type AwsAthenaWorkGroupConfigurationResultConfigurationEncryptionConfigurationDetails struct {

	// Indicates whether Amazon Simple Storage Service (Amazon S3) server-side
	// encryption with Amazon S3 managed keys (SSE_S3), server-side encryption with KMS
	// keys (SSE_KMS), or client-side encryption with KMS customer managed keys
	// (CSE_KMS) is used.
	EncryptionOption *string

	// For SSE_KMS and CSE_KMS , this is the KMS key Amazon Resource Name (ARN) or ID.
	KmsKey *string
	// contains filtered or unexported fields
}

type AwsAthenaWorkGroupDetails struct {

	// The configuration of the workgroup, which includes the location in Amazon
	// Simple Storage Service (Amazon S3) where query results are stored, the
	// encryption option, if any, used for query results, whether Amazon CloudWatch
	// metrics are enabled for the workgroup, and the limit for the amount of bytes
	// scanned (cutoff) per query, if it is specified.
	Configuration *AwsAthenaWorkGroupConfigurationDetails

	// The workgroup description.
	Description *string

	// The workgroup name.
	Name *string

	// Whether the workgroup is enabled or disabled.
	State *string
	// contains filtered or unexported fields
}

type AwsAutoScalingAutoScalingGroupAvailabilityZonesListDetails struct {

	// The name of the Availability Zone.
	Value *string
	// contains filtered or unexported fields
}

type AwsAutoScalingAutoScalingGroupDetails struct {

	// The list of Availability Zones for the automatic scaling group.
	AvailabilityZones []AwsAutoScalingAutoScalingGroupAvailabilityZonesListDetails

	// Indicates whether capacity rebalancing is enabled.
	CapacityRebalance *bool

	// Indicates when the auto scaling group was created. This field accepts only the
	// specified formats. Timestamps can end with Z or ("+" / "-") time-hour [":"
	// time-minute] . The time-secfrac after seconds is limited to a maximum of 9
	// digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with
	// examples:
	//   - YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z )
	//   - YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z
	//   )
	//   - YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59 )
	//   - YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759 )
	//   - YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example,
	//   2024-01-04T15:25:10.123456789+17:59 )
	CreatedTime *string

	// The amount of time, in seconds, that Amazon EC2 Auto Scaling waits before it
	// checks the health status of an EC2 instance that has come into service.
	HealthCheckGracePeriod *int32

	// The service to use for the health checks. Valid values are EC2 or ELB .
	HealthCheckType *string

	// The name of the launch configuration.
	LaunchConfigurationName *string

	// The launch template to use.
	LaunchTemplate *AwsAutoScalingAutoScalingGroupLaunchTemplateLaunchTemplateSpecification

	// The list of load balancers associated with the group.
	LoadBalancerNames []string

	// The mixed instances policy for the automatic scaling group.
	MixedInstancesPolicy *AwsAutoScalingAutoScalingGroupMixedInstancesPolicyDetails
	// contains filtered or unexported fields
}

type AwsAutoScalingAutoScalingGroupLaunchTemplateLaunchTemplateSpecification struct {

	// The identifier of the launch template. You must specify either LaunchTemplateId
	// or LaunchTemplateName .
	LaunchTemplateId *string

	// The name of the launch template. You must specify either LaunchTemplateId or
	// LaunchTemplateName .
	LaunchTemplateName *string

	// Identifies the version of the launch template. You can specify a version
	// identifier, or use the values $Latest or $Default .
	Version *string
	// contains filtered or unexported fields
}

type AwsAutoScalingAutoScalingGroupMixedInstancesPolicyDetails struct {

	// The instances distribution. The instances distribution specifies the
	// distribution of On-Demand Instances and Spot Instances, the maximum price to pay
	// for Spot Instances, and how the Auto Scaling group allocates instance types to
	// fulfill On-Demand and Spot capacity.
	InstancesDistribution *AwsAutoScalingAutoScalingGroupMixedInstancesPolicyInstancesDistributionDetails

	// The launch template to use and the instance types (overrides) to use to
	// provision EC2 instances to fulfill On-Demand and Spot capacities.
	LaunchTemplate *AwsAutoScalingAutoScalingGroupMixedInstancesPolicyLaunchTemplateDetails
	// contains filtered or unexported fields
}

type AwsAutoScalingAutoScalingGroupMixedInstancesPolicyInstancesDistributionDetails struct {

	// How to allocate instance types to fulfill On-Demand capacity. The valid value
	// is prioritized .
	OnDemandAllocationStrategy *string

	// The minimum amount of the Auto Scaling group's capacity that must be fulfilled
	// by On-Demand Instances.
	OnDemandBaseCapacity *int32

	// The percentage of On-Demand Instances and Spot Instances for additional
	// capacity beyond OnDemandBaseCapacity .
	OnDemandPercentageAboveBaseCapacity *int32

	// How to allocate instances across Spot Instance pools. Valid values are as
	// follows:
	//   - lowest-price
	//   - capacity-optimized
	//   - capacity-optimized-prioritized
	SpotAllocationStrategy *string

	// The number of Spot Instance pools across which to allocate your Spot Instances.
	SpotInstancePools *int32

	// The maximum price per unit hour that you are willing to pay for a Spot Instance.
	SpotMaxPrice *string
	// contains filtered or unexported fields
}

type AwsAutoScalingAutoScalingGroupMixedInstancesPolicyLaunchTemplateDetails struct {

	// The launch template to use for a mixed instances policy.
	LaunchTemplateSpecification *AwsAutoScalingAutoScalingGroupMixedInstancesPolicyLaunchTemplateLaunchTemplateSpecification

	// Property values to use to override the values in the launch template.
	Overrides []AwsAutoScalingAutoScalingGroupMixedInstancesPolicyLaunchTemplateOverridesListDetails
	// contains filtered or unexported fields
}

type AwsAutoScalingAutoScalingGroupMixedInstancesPolicyLaunchTemplateLaunchTemplateSpecification struct {

	// The identifier of the launch template. You must specify either LaunchTemplateId
	// or LaunchTemplateName .
	LaunchTemplateId *string

	// The name of the launch template. You must specify either LaunchTemplateId or
	// LaunchTemplateName .
	LaunchTemplateName *string

	// Identifies the version of the launch template. You can specify a version
	// identifier, or use the values $Latest or $Default .
	Version *string
	// contains filtered or unexported fields
}

type AwsAutoScalingAutoScalingGroupMixedInstancesPolicyLaunchTemplateOverridesListDetails struct {

	// The instance type. For example, m3.xlarge .
	InstanceType *string

	// The number of capacity units provided by the specified instance type in terms
	// of virtual CPUs, memory, storage, throughput, or other relative performance
	// characteristic.
	WeightedCapacity *string
	// contains filtered or unexported fields
}

type AwsAutoScalingLaunchConfigurationBlockDeviceMappingsDetails struct {

	// The device name that is exposed to the EC2 instance. For example, /dev/sdh or
	// xvdh .
	DeviceName *string

	// Parameters that are used to automatically set up Amazon EBS volumes when an
	// instance is launched.
	Ebs *AwsAutoScalingLaunchConfigurationBlockDeviceMappingsEbsDetails

	// Whether to suppress the device that is included in the block device mapping of
	// the Amazon Machine Image (AMI). If NoDevice is true , then you cannot specify
	// Ebs .>
	NoDevice *bool

	// The name of the virtual device (for example, ephemeral0 ). You can provide
	// either VirtualName or Ebs , but not both.
	VirtualName *string
	// contains filtered or unexported fields
}

type AwsAutoScalingLaunchConfigurationBlockDeviceMappingsEbsDetails struct {

	// Whether to delete the volume when the instance is terminated.
	DeleteOnTermination *bool

	// Whether to encrypt the volume.
	Encrypted *bool

	// The number of input/output (I/O) operations per second (IOPS) to provision for
	// the volume. Only supported for gp3 or io1 volumes. Required for io1 volumes.
	// Not used with standard , gp2 , st1 , or sc1 volumes.
	Iops *int32

	// The snapshot ID of the volume to use. You must specify either VolumeSize or
	// SnapshotId .
	SnapshotId *string

	// The volume size, in GiBs. The following are the supported volumes sizes for
	// each volume type:
	//   - gp2 and gp3: 1-16,384
	//   - io1: 4-16,384
	//   - st1 and sc1: 125-16,384
	//   - standard: 1-1,024
	// You must specify either SnapshotId or VolumeSize . If you specify both
	// SnapshotId and VolumeSize , the volume size must be equal or greater than the
	// size of the snapshot.
	VolumeSize *int32

	// The volume type. Valid values are as follows:
	//   - gp2
	//   - gp3
	//   - io1
	//   - sc1
	//   - st1
	//   - standard
	VolumeType *string
	// contains filtered or unexported fields
}

type AwsAutoScalingLaunchConfigurationDetails struct {

	// For Auto Scaling groups that run in a VPC, specifies whether to assign a public
	// IP address to the group's instances.
	AssociatePublicIpAddress *bool

	// Specifies the block devices for the instance.
	BlockDeviceMappings []AwsAutoScalingLaunchConfigurationBlockDeviceMappingsDetails

	// The identifier of a ClassicLink-enabled VPC that EC2-Classic instances are
	// linked to.
	ClassicLinkVpcId *string

	// The identifiers of one or more security groups for the VPC that is specified in
	// ClassicLinkVPCId .
	ClassicLinkVpcSecurityGroups []string

	// The creation date and time for the launch configuration. This field accepts
	// only the specified formats. Timestamps can end with Z or ("+" / "-") time-hour
	// [":" time-minute] . The time-secfrac after seconds is limited to a maximum of 9
	// digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with
	// examples:
	//   - YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z )
	//   - YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z
	//   )
	//   - YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59 )
	//   - YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759 )
	//   - YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example,
	//   2024-01-04T15:25:10.123456789+17:59 )
	CreatedTime *string

	// Whether the launch configuration is optimized for Amazon EBS I/O.
	EbsOptimized *bool

	// The name or the ARN of the instance profile associated with the IAM role for
	// the instance. The instance profile contains the IAM role.
	IamInstanceProfile *string

	// The identifier of the Amazon Machine Image (AMI) that is used to launch EC2
	// instances.
	ImageId *string

	// Indicates the type of monitoring for instances in the group.
	InstanceMonitoring *AwsAutoScalingLaunchConfigurationInstanceMonitoringDetails

	// The instance type for the instances.
	InstanceType *string

	// The identifier of the kernel associated with the AMI.
	KernelId *string

	// The name of the key pair.
	KeyName *string

	// The name of the launch configuration.
	LaunchConfigurationName *string

	// The metadata options for the instances.
	MetadataOptions *AwsAutoScalingLaunchConfigurationMetadataOptions

	// The tenancy of the instance. An instance with dedicated tenancy runs on
	// isolated, single-tenant hardware and can only be launched into a VPC.
	PlacementTenancy *string

	// The identifier of the RAM disk associated with the AMI.
	RamdiskId *string

	// The security groups to assign to the instances in the Auto Scaling group.
	SecurityGroups []string

	// The maximum hourly price to be paid for any Spot Instance that is launched to
	// fulfill the request.
	SpotPrice *string

	// The user data to make available to the launched EC2 instances. Must be
	// base64-encoded text.
	UserData *string
	// contains filtered or unexported fields
}

type AwsAutoScalingLaunchConfigurationInstanceMonitoringDetails struct {

	// If set to true , then instances in the group launch with detailed monitoring. If
	// set to false , then instances in the group launch with basic monitoring.
	Enabled *bool
	// contains filtered or unexported fields
}

type AwsAutoScalingLaunchConfigurationMetadataOptions struct {

	// Enables or disables the HTTP metadata endpoint on your instances. By default,
	// the metadata endpoint is enabled.
	HttpEndpoint *string

	// The HTTP PUT response hop limit for instance metadata requests. The larger the
	// number, the further instance metadata requests can travel.
	HttpPutResponseHopLimit *int32

	// Indicates whether token usage is required or optional for metadata requests. By
	// default, token usage is optional .
	HttpTokens *string
	// contains filtered or unexported fields
}

type AwsBackupBackupPlanAdvancedBackupSettingsDetails struct {

	// Specifies the backup option for a selected resource. This option is only
	// available for Windows Volume Shadow Copy Service (VSS) backup jobs. Valid values
	// are as follows:
	//   - Set to WindowsVSS: enabled to enable the WindowsVSS backup option and create
	//   a Windows VSS backup.
	//   - Set to WindowsVSS: disabled to create a regular backup. The WindowsVSS
	//   option is not enabled by default.
	BackupOptions map[string]string

	// The name of a resource type. The only supported resource type is Amazon EC2
	// instances with Windows VSS. The only valid value is EC2 .
	ResourceType *string
	// contains filtered or unexported fields
}

type AwsBackupBackupPlanBackupPlanDetails struct {

	// A list of backup options for each resource type.
	AdvancedBackupSettings []AwsBackupBackupPlanAdvancedBackupSettingsDetails

	// The display name of a backup plan.
	BackupPlanName *string

	// An array of BackupRule objects, each of which specifies a scheduled task that
	// is used to back up a selection of resources.
	BackupPlanRule []AwsBackupBackupPlanRuleDetails
	// contains filtered or unexported fields
}

type AwsBackupBackupPlanDetails struct {

	// Uniquely identifies the backup plan to be associated with the selection of
	// resources.
	BackupPlan *AwsBackupBackupPlanBackupPlanDetails

	// An Amazon Resource Name (ARN) that uniquely identifies the backup plan.
	BackupPlanArn *string

	// A unique ID for the backup plan.
	BackupPlanId *string

	// Unique, randomly generated, Unicode, UTF-8 encoded strings. Version IDs cannot
	// be edited.
	VersionId *string
	// contains filtered or unexported fields
}

type AwsBackupBackupPlanLifecycleDetails struct {

	// Specifies the number of days after creation that a recovery point is deleted.
	// Must be greater than 90 days plus MoveToColdStorageAfterDays .
	DeleteAfterDays *int64

	// Specifies the number of days after creation that a recovery point is moved to
	// cold storage.
	MoveToColdStorageAfterDays *int64
	// contains filtered or unexported fields
}

type AwsBackupBackupPlanRuleCopyActionsDetails struct {

	// An Amazon Resource Name (ARN) that uniquely identifies the destination backup
	// vault for the copied backup.
	DestinationBackupVaultArn *string

	// Defines when a protected resource is transitioned to cold storage and when it
	// expires. Backup transitions and expires backups automatically according to the
	// lifecycle that you define. If you do not specify a lifecycle, Backup applies the
	// lifecycle policy of the source backup to the destination backup. Backups
	// transitioned to cold storage must be stored in cold storage for a minimum of 90
	// days.
	Lifecycle *AwsBackupBackupPlanLifecycleDetails
	// contains filtered or unexported fields
}

type AwsBackupBackupPlanRuleDetails struct {

	// A value in minutes after a backup job is successfully started before it must be
	// completed, or it is canceled by Backup.
	CompletionWindowMinutes *int64

	// An array of CopyAction objects, each of which contains details of the copy
	// operation.
	CopyActions []AwsBackupBackupPlanRuleCopyActionsDetails

	// Specifies whether Backup creates continuous backups capable of point-in-time
	// restore (PITR).
	EnableContinuousBackup *bool

	// Defines when a protected resource is transitioned to cold storage and when it
	// expires. Backup transitions and expires backups automatically according to the
	// lifecycle that you define. If you do not specify a lifecycle, Backup applies the
	// lifecycle policy of the source backup to the destination backup. Backups
	// transitioned to cold storage must be stored in cold storage for a minimum of 90
	// days.
	Lifecycle *AwsBackupBackupPlanLifecycleDetails

	// Uniquely identifies a rule that is used to schedule the backup of a selection
	// of resources.
	RuleId *string

	// A display name for a backup rule. Must contain 1 to 50 alphanumeric or '-_.'
	// characters.
	RuleName *string

	// A cron expression in UTC specifying when Backup initiates a backup job.
	ScheduleExpression *string

	// A value in minutes after a backup is scheduled before a job will be canceled if
	// it doesn't start successfully.
	StartWindowMinutes *int64

	// The name of a logical container where backups are stored. Backup vaults are
	// identified by names that are unique to the Amazon Web Services account used to
	// create them and the Amazon Web Services Region where they are created. They
	// consist of letters, numbers, and hyphens.
	TargetBackupVault *string
	// contains filtered or unexported fields
}

type AwsBackupBackupVaultDetails struct {

	// A resource-based policy that is used to manage access permissions on the target
	// backup vault.
	AccessPolicy *string

	// An Amazon Resource Name (ARN) that uniquely identifies a backup vault.
	BackupVaultArn *string

	// The name of a logical container where backups are stored. Backup vaults are
	// identified by names that are unique to the Amazon Web Services account used to
	// create them and the Amazon Web Services Region where they are created. They
	// consist of lowercase letters, numbers, and hyphens.
	BackupVaultName *string

	// The unique ARN associated with the server-side encryption key. You can specify
	// a key to encrypt your backups from services that support full Backup management.
	// If you do not specify a key, Backup creates an KMS key for you by default.
	EncryptionKeyArn *string

	// The Amazon SNS event notifications for the specified backup vault.
	Notifications *AwsBackupBackupVaultNotificationsDetails
	// contains filtered or unexported fields
}

type AwsBackupBackupVaultNotificationsDetails struct {

	// An array of events that indicate the status of jobs to back up resources to the
	// backup vault. The following events are supported:
	//   - BACKUP_JOB_STARTED | BACKUP_JOB_COMPLETED
	//   - COPY_JOB_STARTED | COPY_JOB_SUCCESSFUL | COPY_JOB_FAILED
	//   - RESTORE_JOB_STARTED | RESTORE_JOB_COMPLETED | RECOVERY_POINT_MODIFIED
	//   - S3_BACKUP_OBJECT_FAILED | S3_RESTORE_OBJECT_FAILED
	BackupVaultEvents []string

	// The Amazon Resource Name (ARN) that uniquely identifies the Amazon SNS topic
	// for a backup vault's events.
	SnsTopicArn *string
	// contains filtered or unexported fields
}

type AwsBackupRecoveryPointCalculatedLifecycleDetails struct {

	// Specifies the number of days after creation that a recovery point is deleted.
	// Must be greater than 90 days plus MoveToColdStorageAfterDays .
	DeleteAt *string

	// Specifies the number of days after creation that a recovery point is moved to
	// cold storage.
	MoveToColdStorageAt *string
	// contains filtered or unexported fields
}

type AwsBackupRecoveryPointCreatedByDetails struct {

	// An Amazon Resource Name (ARN) that uniquely identifies a backup plan.
	BackupPlanArn *string

	// Uniquely identifies a backup plan.
	BackupPlanId *string

	// Unique, randomly generated, Unicode, UTF-8 encoded strings that are at most
	// 1,024 bytes long. Version IDs cannot be edited.
	BackupPlanVersion *string

	// Uniquely identifies a rule used to schedule the backup of a selection of
	// resources.
	BackupRuleId *string
	// contains filtered or unexported fields
}

type AwsBackupRecoveryPointDetails struct {

	// The size, in bytes, of a backup.
	BackupSizeInBytes *int64

	// An Amazon Resource Name (ARN) that uniquely identifies a backup vault.
	BackupVaultArn *string

	// The name of a logical container where backups are stored. Backup vaults are
	// identified by names that are unique to the Amazon Web Services account used to
	// create them and the Amazon Web Services Region where they are created. They
	// consist of lowercase letters, numbers, and hyphens.
	BackupVaultName *string

	// A CalculatedLifecycle object containing DeleteAt and MoveToColdStorageAt
	// timestamps.
	CalculatedLifecycle *AwsBackupRecoveryPointCalculatedLifecycleDetails

	// The date and time that a job to create a recovery point is completed, in Unix
	// format and UTC. The value of CompletionDate is accurate to milliseconds. For
	// example, the value 1516925490.087 represents Friday, January 26, 2018
	// 12:11:30.087 AM.
	CompletionDate *string

	// Contains identifying information about the creation of a recovery point,
	// including the BackupPlanArn , BackupPlanId , BackupPlanVersion , and
	// BackupRuleId of the backup plan that is used to create it.
	CreatedBy *AwsBackupRecoveryPointCreatedByDetails

	// The date and time a recovery point is created, in Unix format and UTC. The
	// value of CreationDate is accurate to milliseconds. For example, the value
	// 1516925490.087 represents Friday, January 26, 2018 12:11:30.087 AM.
	CreationDate *string

	// The ARN for the server-side encryption key that is used to protect your backups.
	EncryptionKeyArn *string

	// Specifies the IAM role ARN used to create the target recovery point
	IamRoleArn *string

	// A Boolean value that is returned as TRUE if the specified recovery point is
	// encrypted, or FALSE if the recovery point is not encrypted.
	IsEncrypted *bool

	// The date and time that a recovery point was last restored, in Unix format and
	// UTC. The value of LastRestoreTime is accurate to milliseconds. For example, the
	// value 1516925490.087 represents Friday, January 26, 2018 12:11:30.087 AM.
	LastRestoreTime *string

	// The lifecycle defines when a protected resource is transitioned to cold storage
	// and when it expires. Backup transitions and expires backups automatically
	// according to the lifecycle that you define
	Lifecycle *AwsBackupRecoveryPointLifecycleDetails

	// An ARN that uniquely identifies a recovery point.
	RecoveryPointArn *string

	// An ARN that uniquely identifies a resource. The format of the ARN depends on
	// the resource type.
	ResourceArn *string

	// The type of Amazon Web Services resource saved as a recovery point, such as an
	// Amazon EBS volume or an Amazon RDS database.
	ResourceType *string

	// The ARN for the backup vault where the recovery point was originally copied
	// from. If the recovery point is restored to the same account, this value will be
	// null.
	SourceBackupVaultArn *string

	// A status code specifying the state of the recovery point. Valid values are as
	// follows:
	//   - COMPLETED
	//   - DELETING
	//   - EXPIRED
	//   - PARTIAL
	Status *string

	// A message explaining the reason of the recovery point deletion failure.
	StatusMessage *string

	// Specifies the storage class of the recovery point. Valid values are as follows:
	//   - COLD
	//   - DELETED
	//   - WARM
	StorageClass *string
	// contains filtered or unexported fields
}

type AwsBackupRecoveryPointLifecycleDetails struct {

	// Specifies the number of days after creation that a recovery point is deleted.
	// Must be greater than 90 days plus MoveToColdStorageAfterDays .
	DeleteAfterDays *int64

	// Specifies the number of days after creation that a recovery point is moved to
	// cold storage.
	MoveToColdStorageAfterDays *int64
	// contains filtered or unexported fields
}

type AwsCertificateManagerCertificateDetails struct {

	// The ARN of the private certificate authority (CA) that will be used to issue
	// the certificate.
	CertificateAuthorityArn *string

	// Indicates when the certificate was requested. This field accepts only the
	// specified formats. Timestamps can end with Z or ("+" / "-") time-hour [":"
	// time-minute] . The time-secfrac after seconds is limited to a maximum of 9
	// digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with
	// examples:
	//   - YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z )
	//   - YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z
	//   )
	//   - YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59 )
	//   - YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759 )
	//   - YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example,
	//   2024-01-04T15:25:10.123456789+17:59 )
	CreatedAt *string

	// The fully qualified domain name (FQDN), such as www.example.com, that is
	// secured by the certificate.
	DomainName *string

	// Contains information about the initial validation of each domain name that
	// occurs as a result of the RequestCertificate request. Only provided if the
	// certificate type is AMAZON_ISSUED .
	DomainValidationOptions []AwsCertificateManagerCertificateDomainValidationOption

	// Contains a list of Extended Key Usage X.509 v3 extension objects. Each object
	// specifies a purpose for which the certificate public key can be used and
	// consists of a name and an object identifier (OID).
	ExtendedKeyUsages []AwsCertificateManagerCertificateExtendedKeyUsage

	// For a failed certificate request, the reason for the failure. Valid values:
	// NO_AVAILABLE_CONTACTS | ADDITIONAL_VERIFICATION_REQUIRED | DOMAIN_NOT_ALLOWED |
	// INVALID_PUBLIC_DOMAIN | DOMAIN_VALIDATION_DENIED | CAA_ERROR |
	// PCA_LIMIT_EXCEEDED | PCA_INVALID_ARN | PCA_INVALID_STATE | PCA_REQUEST_FAILED |
	// PCA_NAME_CONSTRAINTS_VALIDATION | PCA_RESOURCE_NOT_FOUND | PCA_INVALID_ARGS |
	// PCA_INVALID_DURATION | PCA_ACCESS_DENIED | SLR_NOT_FOUND | OTHER
	FailureReason *string

	// Indicates when the certificate was imported. Provided if the certificate type
	// is IMPORTED . This field accepts only the specified formats. Timestamps can end
	// with Z or ("+" / "-") time-hour [":" time-minute] . The time-secfrac after
	// seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00.
	// Here are valid timestamp formats with examples:
	//   - YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z )
	//   - YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z
	//   )
	//   - YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59 )
	//   - YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759 )
	//   - YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example,
	//   2024-01-04T15:25:10.123456789+17:59 )
	ImportedAt *string

	// The list of ARNs for the Amazon Web Services resources that use the certificate.
	InUseBy []string

	// Indicates when the certificate was issued. Provided if the certificate type is
	// AMAZON_ISSUED . This field accepts only the specified formats. Timestamps can
	// end with Z or ("+" / "-") time-hour [":" time-minute] . The time-secfrac after
	// seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00.
	// Here are valid timestamp formats with examples:
	//   - YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z )
	//   - YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z
	//   )
	//   - YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59 )
	//   - YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759 )
	//   - YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example,
	//   2024-01-04T15:25:10.123456789+17:59 )
	IssuedAt *string

	// The name of the certificate authority that issued and signed the certificate.
	Issuer *string

	// The algorithm that was used to generate the public-private key pair. Valid
	// values: RSA_2048 | RSA_1024 | RSA_4096 | EC_prime256v1 | EC_secp384r1 |
	// EC_secp521r1
	KeyAlgorithm *string

	// A list of key usage X.509 v3 extension objects.
	KeyUsages []AwsCertificateManagerCertificateKeyUsage

	// The time after which the certificate becomes invalid. This field accepts only
	// the specified formats. Timestamps can end with Z or ("+" / "-") time-hour [":"
	// time-minute] . The time-secfrac after seconds is limited to a maximum of 9
	// digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with
	// examples:
	//   - YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z )
	//   - YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z
	//   )
	//   - YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59 )
	//   - YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759 )
	//   - YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example,
	//   2024-01-04T15:25:10.123456789+17:59 )
	NotAfter *string

	// The time before which the certificate is not valid. This field accepts only the
	// specified formats. Timestamps can end with Z or ("+" / "-") time-hour [":"
	// time-minute] . The time-secfrac after seconds is limited to a maximum of 9
	// digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with
	// examples:
	//   - YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z )
	//   - YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z
	//   )
	//   - YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59 )
	//   - YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759 )
	//   - YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example,
	//   2024-01-04T15:25:10.123456789+17:59 )
	NotBefore *string

	// Provides a value that specifies whether to add the certificate to a
	// transparency log.
	Options *AwsCertificateManagerCertificateOptions

	// Whether the certificate is eligible for renewal. Valid values: ELIGIBLE |
	// INELIGIBLE
	RenewalEligibility *string

	// Information about the status of the Certificate Manager managed renewal for the
	// certificate. Provided only when the certificate type is AMAZON_ISSUED .
	RenewalSummary *AwsCertificateManagerCertificateRenewalSummary

	// The serial number of the certificate.
	Serial *string

	// The algorithm that was used to sign the certificate.
	SignatureAlgorithm *string

	// The status of the certificate. Valid values: PENDING_VALIDATION | ISSUED |
	// INACTIVE | EXPIRED | VALIDATION_TIMED_OUT | REVOKED | FAILED
	Status *string

	// The name of the entity that is associated with the public key contained in the
	// certificate.
	Subject *string

	// One or more domain names (subject alternative names) included in the
	// certificate. This list contains the domain names that are bound to the public
	// key that is contained in the certificate. The subject alternative names include
	// the canonical domain name (CN) of the certificate and additional domain names
	// that can be used to connect to the website.
	SubjectAlternativeNames []string

	// The source of the certificate. For certificates that Certificate Manager
	// provides, Type is AMAZON_ISSUED . For certificates that are imported with
	// ImportCertificate , Type is IMPORTED . Valid values: IMPORTED | AMAZON_ISSUED |
	// PRIVATE
	Type *string
	// contains filtered or unexported fields
}

type AwsCertificateManagerCertificateDomainValidationOption struct {

	// A fully qualified domain name (FQDN) in the certificate.
	DomainName *string

	// The CNAME record that is added to the DNS database for domain validation.
	ResourceRecord *AwsCertificateManagerCertificateResourceRecord

	// The domain name that Certificate Manager uses to send domain validation emails.
	ValidationDomain *string

	// A list of email addresses that Certificate Manager uses to send domain
	// validation emails.
	ValidationEmails []string

	// The method used to validate the domain name.
	ValidationMethod *string

	// The validation status of the domain name.
	ValidationStatus *string
	// contains filtered or unexported fields
}

type AwsCertificateManagerCertificateExtendedKeyUsage struct {

	// The name of an extension value. Indicates the purpose for which the certificate
	// public key can be used.
	Name *string

	// An object identifier (OID) for the extension value. The format is numbers
	// separated by periods.
	OId *string
	// contains filtered or unexported fields
}

type AwsCertificateManagerCertificateKeyUsage struct {

	// The key usage extension name.
	Name *string
	// contains filtered or unexported fields
}

type AwsCertificateManagerCertificateOptions struct {

	// Whether to add the certificate to a transparency log. Valid values: DISABLED |
	// ENABLED
	CertificateTransparencyLoggingPreference *string
	// contains filtered or unexported fields
}

type AwsCertificateManagerCertificateRenewalSummary struct {

	// Information about the validation of each domain name in the certificate, as it
	// pertains to Certificate Manager managed renewal. Provided only when the
	// certificate type is AMAZON_ISSUED .
	DomainValidationOptions []AwsCertificateManagerCertificateDomainValidationOption

	// The status of the Certificate Manager managed renewal of the certificate. Valid
	// values: PENDING_AUTO_RENEWAL | PENDING_VALIDATION | SUCCESS | FAILED
	RenewalStatus *string

	// The reason that a renewal request was unsuccessful. This attribute is used only
	// when RenewalStatus is FAILED . Valid values: NO_AVAILABLE_CONTACTS |
	// ADDITIONAL_VERIFICATION_REQUIRED | DOMAIN_NOT_ALLOWED | INVALID_PUBLIC_DOMAIN |
	// DOMAIN_VALIDATION_DENIED | CAA_ERROR | PCA_LIMIT_EXCEEDED | PCA_INVALID_ARN |
	// PCA_INVALID_STATE | PCA_REQUEST_FAILED | PCA_NAME_CONSTRAINTS_VALIDATION |
	// PCA_RESOURCE_NOT_FOUND | PCA_INVALID_ARGS | PCA_INVALID_DURATION |
	// PCA_ACCESS_DENIED | SLR_NOT_FOUND | OTHER
	RenewalStatusReason *string

	// Indicates when the renewal summary was last updated. This field accepts only
	// the specified formats. Timestamps can end with Z or ("+" / "-") time-hour [":"
	// time-minute] . The time-secfrac after seconds is limited to a maximum of 9
	// digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with
	// examples:
	//   - YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z )
	//   - YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z
	//   )
	//   - YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59 )
	//   - YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759 )
	//   - YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example,
	//   2024-01-04T15:25:10.123456789+17:59 )
	UpdatedAt *string
	// contains filtered or unexported fields
}

type AwsCertificateManagerCertificateResourceRecord struct {

	// The name of the resource.
	Name *string

	// The type of resource.
	Type *string

	// The value of the resource.
	Value *string
	// contains filtered or unexported fields
}

type AwsCloudFormationStackDetails struct {

	// The capabilities allowed in the stack.
	Capabilities []string

	// The time at which the stack was created.
	CreationTime *string

	// A user-defined description associated with the stack.
	Description *string

	// Boolean to enable or disable rollback on stack creation failures.
	DisableRollback *bool

	// Information about whether a stack's actual configuration differs, or has
	// drifted, from its expected configuration, as defined in the stack template and
	// any values specified as template parameters.
	DriftInformation *AwsCloudFormationStackDriftInformationDetails

	// Whether termination protection is enabled for the stack.
	EnableTerminationProtection *bool

	// The time the nested stack was last updated. This field will only be returned if
	// the stack has been updated at least once.
	LastUpdatedTime *string

	// The Amazon Resource Names (ARNs) of the Amazon SNS topic to which stack-related
	// events are published.
	NotificationArns []string

	// A list of output structures.
	Outputs []AwsCloudFormationStackOutputsDetails

	// The ARN of an IAM role that's associated with the stack.
	RoleArn *string

	// Unique identifier of the stack.
	StackId *string

	// The name associated with the stack.
	StackName *string

	// Current status of the stack.
	StackStatus *string

	// Success or failure message associated with the stack status.
	StackStatusReason *string

	// The length of time, in minutes, that CloudFormation waits for the nested stack
	// to reach the CREATE_COMPLETE state.
	TimeoutInMinutes *int32
	// contains filtered or unexported fields
}

type AwsCloudFormationStackDriftInformationDetails struct {

	// Status of the stack's actual configuration compared to its expected template
	// configuration.
	StackDriftStatus *string
	// contains filtered or unexported fields
}

type AwsCloudFormationStackOutputsDetails struct {

	// A user-defined description associated with the output.
	Description *string

	// The key associated with the output.
	OutputKey *string

	// The value associated with the output.
	OutputValue *string
	// contains filtered or unexported fields
}

type AwsCloudFrontDistributionCacheBehavior struct {

	// The protocol that viewers can use to access the files in an origin. You can
	// specify the following options:
	//   - allow-all - Viewers can use HTTP or HTTPS.
	//   - redirect-to-https - CloudFront responds to HTTP requests with an HTTP status
	//   code of 301 (Moved Permanently) and the HTTPS URL. The viewer then uses the new
	//   URL to resubmit.
	//   - https-only - CloudFront responds to HTTP request with an HTTP status code of
	//   403 (Forbidden).
	ViewerProtocolPolicy *string
	// contains filtered or unexported fields
}

type AwsCloudFrontDistributionCacheBehaviors struct {

	// The cache behaviors for the distribution.
	Items []AwsCloudFrontDistributionCacheBehavior
	// contains filtered or unexported fields
}

type AwsCloudFrontDistributionDefaultCacheBehavior struct {

	// The protocol that viewers can use to access the files in an origin. You can
	// specify the following options:
	//   - allow-all - Viewers can use HTTP or HTTPS.
	//   - redirect-to-https - CloudFront responds to HTTP requests with an HTTP status
	//   code of 301 (Moved Permanently) and the HTTPS URL. The viewer then uses the new
	//   URL to resubmit.
	//   - https-only - CloudFront responds to HTTP request with an HTTP status code of
	//   403 (Forbidden).
	ViewerProtocolPolicy *string
	// contains filtered or unexported fields
}

type AwsCloudFrontDistributionDetails struct {

	// Provides information about the cache configuration for the distribution.
	CacheBehaviors *AwsCloudFrontDistributionCacheBehaviors

	// The default cache behavior for the configuration.
	DefaultCacheBehavior *AwsCloudFrontDistributionDefaultCacheBehavior

	// The object that CloudFront sends in response to requests from the origin (for
	// example, index.html) when a viewer requests the root URL for the distribution
	// (http://www.example.com) instead of an object in your distribution
	// (http://www.example.com/product-description.html).
	DefaultRootObject *string

	// The domain name corresponding to the distribution.
	DomainName *string

	// The entity tag is a hash of the object.
	ETag *string

	// Indicates when that the distribution was last modified. This field accepts only
	// the specified formats. Timestamps can end with Z or ("+" / "-") time-hour [":"
	// time-minute] . The time-secfrac after seconds is limited to a maximum of 9
	// digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with
	// examples:
	//   - YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z )
	//   - YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z
	//   )
	//   - YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59 )
	//   - YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759 )
	//   - YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example,
	//   2024-01-04T15:25:10.123456789+17:59 )
	LastModifiedTime *string

	// A complex type that controls whether access logs are written for the
	// distribution.
	Logging *AwsCloudFrontDistributionLogging

	// Provides information about the origin groups in the distribution.
	OriginGroups *AwsCloudFrontDistributionOriginGroups

	// A complex type that contains information about origins for this distribution.
	Origins *AwsCloudFrontDistributionOrigins

	// Indicates the current status of the distribution.
	Status *string

	// Provides information about the TLS/SSL configuration that the distribution uses
	// to communicate with viewers.
	ViewerCertificate *AwsCloudFrontDistributionViewerCertificate

	// A unique identifier that specifies the WAF web ACL, if any, to associate with
	// this distribution.
	WebAclId *string
	// contains filtered or unexported fields
}

type AwsCloudFrontDistributionLogging struct {

	// The S3 bucket to store the access logs in.
	Bucket *string

	// With this field, you can enable or disable the selected distribution.
	Enabled *bool

	// Specifies whether you want CloudFront to include cookies in access logs.
	IncludeCookies *bool

	// An optional string that you want CloudFront to use as a prefix to the access
	// log filenames for this distribution.
	Prefix *string
	// contains filtered or unexported fields
}

type AwsCloudFrontDistributionOriginCustomOriginConfig struct {

	// The HTTP port that CloudFront uses to connect to the origin.
	HttpPort *int32

	// The HTTPS port that CloudFront uses to connect to the origin.
	HttpsPort *int32

	// Specifies how long, in seconds, CloudFront persists its connection to the
	// origin.
	OriginKeepaliveTimeout *int32

	// Specifies the protocol (HTTP or HTTPS) that CloudFront uses to connect to the
	// origin.
	OriginProtocolPolicy *string

	// Specifies how long, in seconds, CloudFront waits for a response from the origin.
	OriginReadTimeout *int32

	// Specifies the minimum SSL/TLS protocol that CloudFront uses when connecting to
	// your origin over HTTPS.
	OriginSslProtocols *AwsCloudFrontDistributionOriginSslProtocols
	// contains filtered or unexported fields
}

type AwsCloudFrontDistributionOriginGroup struct {

	// Provides the criteria for an origin group to fail over.
	FailoverCriteria *AwsCloudFrontDistributionOriginGroupFailover
	// contains filtered or unexported fields
}

type AwsCloudFrontDistributionOriginGroupFailover struct {

	// Information about the status codes that cause an origin group to fail over.
	StatusCodes *AwsCloudFrontDistributionOriginGroupFailoverStatusCodes
	// contains filtered or unexported fields
}

type AwsCloudFrontDistributionOriginGroupFailoverStatusCodes struct {

	// The list of status code values that can cause a failover to the next origin.
	Items []int32

	// The number of status codes that can cause a failover.
	Quantity *int32
	// contains filtered or unexported fields
}

type AwsCloudFrontDistributionOriginGroups struct {

	// The list of origin groups.
	Items []AwsCloudFrontDistributionOriginGroup
	// contains filtered or unexported fields
}

type AwsCloudFrontDistributionOriginItem struct {

	// An origin that is not an Amazon S3 bucket, with one exception. If the Amazon S3
	// bucket is configured with static website hosting, use this attribute. If the
	// Amazon S3 bucket is not configured with static website hosting, use the
	// S3OriginConfig type instead.
	CustomOriginConfig *AwsCloudFrontDistributionOriginCustomOriginConfig

	// Amazon S3 origins: The DNS name of the S3 bucket from which you want CloudFront
	// to get objects for this origin.
	DomainName *string

	// A unique identifier for the origin or origin group.
	Id *string

	// An optional element that causes CloudFront to request your content from a
	// directory in your Amazon S3 bucket or your custom origin.
	OriginPath *string

	// An origin that is an S3 bucket that is not configured with static website
	// hosting.
	S3OriginConfig *AwsCloudFrontDistributionOriginS3OriginConfig
	// contains filtered or unexported fields
}

type AwsCloudFrontDistributionOriginS3OriginConfig struct {

	// The CloudFront origin access identity to associate with the origin.
	OriginAccessIdentity *string
	// contains filtered or unexported fields
}

type AwsCloudFrontDistributionOriginSslProtocols struct {

	// A list that contains allowed SSL/TLS protocols for this distribution.
	Items []string

	// The number of SSL/TLS protocols that you want to allow CloudFront to use when
	// establishing an HTTPS connection with this origin.
	Quantity *int32
	// contains filtered or unexported fields
}

type AwsCloudFrontDistributionOrigins struct {

	// A complex type that contains origins or origin groups for this distribution.
	Items []AwsCloudFrontDistributionOriginItem
	// contains filtered or unexported fields
}

type AwsCloudFrontDistributionViewerCertificate struct {

	// The ARN of the ACM certificate. Used if the certificate is stored in ACM. If
	// you provide an ACM certificate ARN, you must also provide
	// MinimumCertificateVersion and SslSupportMethod .
	AcmCertificateArn *string

	// The identifier of the certificate. Note that in CloudFront, this attribute is
	// deprecated.
	Certificate *string

	// The source of the certificate identified by Certificate . Note that in
	// CloudFront, this attribute is deprecated.
	CertificateSource *string

	// Whether the distribution uses the CloudFront domain name. If set to false , then
	// you provide either AcmCertificateArn or IamCertificateId .
	CloudFrontDefaultCertificate *bool

	// The identifier of the IAM certificate. Used if the certificate is stored in
	// IAM. If you provide IamCertificateId , then you also must provide
	// MinimumProtocolVersion and SslSupportMethod .
	IamCertificateId *string

	// The security policy that CloudFront uses for HTTPS connections with viewers. If
	// SslSupportMethod is sni-only , then MinimumProtocolVersion must be TLSv1 or
	// higher.
	MinimumProtocolVersion *string

	// The viewers that the distribution accepts HTTPS connections from.
	SslSupportMethod *string
	// contains filtered or unexported fields
}

type AwsCloudTrailTrailDetails struct {

	// The ARN of the log group that CloudTrail logs are delivered to.
	CloudWatchLogsLogGroupArn *string

	// The ARN of the role that the CloudWatch Events endpoint assumes when it writes
	// to the log group.
	CloudWatchLogsRoleArn *string

	// Indicates whether the trail has custom event selectors.
	HasCustomEventSelectors *bool

	// The Region where the trail was created.
	HomeRegion *string

	// Indicates whether the trail publishes events from global services such as IAM
	// to the log files.
	IncludeGlobalServiceEvents *bool

	// Indicates whether the trail applies only to the current Region or to all
	// Regions.
	IsMultiRegionTrail *bool

	// Whether the trail is created for all accounts in an organization in
	// Organizations, or only for the current Amazon Web Services account.
	IsOrganizationTrail *bool

	// The KMS key ID to use to encrypt the logs.
	KmsKeyId *string

	// Indicates whether CloudTrail log file validation is enabled.
	LogFileValidationEnabled *bool

	// The name of the trail.
	Name *string

	// The name of the S3 bucket where the log files are published.
	S3BucketName *string

	// The S3 key prefix. The key prefix is added after the name of the S3 bucket
	// where the log files are published.
	S3KeyPrefix *string

	// The ARN of the SNS topic that is used for notifications of log file delivery.
	SnsTopicArn *string

	// The name of the SNS topic that is used for notifications of log file delivery.
	SnsTopicName *string

	// The ARN of the trail.
	TrailArn *string
	// contains filtered or unexported fields
}

type AwsCloudWatchAlarmDetails struct {

	// Indicates whether actions should be executed during any changes to the alarm
	// state.
	ActionsEnabled *bool

	// The list of actions, specified as Amazon Resource Names (ARNs) to execute when
	// this alarm transitions into an ALARM state from any other state.
	AlarmActions []string

	// The ARN of the alarm.
	AlarmArn *string

	// The time stamp of the last update to the alarm configuration.
	AlarmConfigurationUpdatedTimestamp *string

	// The description of the alarm.
	AlarmDescription *string

	// The name of the alarm. If you don't specify a name, CloudFront generates a
	// unique physical ID and uses that ID for the alarm name.
	AlarmName *string

	// The arithmetic operation to use when comparing the specified statistic and
	// threshold. The specified statistic value is used as the first operand.
	ComparisonOperator *string

	// The number of datapoints that must be breaching to trigger the alarm.
	DatapointsToAlarm *int32

	// The dimensions for the metric associated with the alarm.
	Dimensions []AwsCloudWatchAlarmDimensionsDetails

	// Used only for alarms based on percentiles. If ignore , the alarm state does not
	// change during periods with too few data points to be statistically significant.
	// If evaluate or this parameter is not used, the alarm is always evaluated and
	// possibly changes state no matter how many data points are available.
	EvaluateLowSampleCountPercentile *string

	// The number of periods over which data is compared to the specified threshold.
	EvaluationPeriods *int32

	// The percentile statistic for the metric associated with the alarm.
	ExtendedStatistic *string

	// The actions to execute when this alarm transitions to the INSUFFICIENT_DATA
	// state from any other state. Each action is specified as an ARN.
	InsufficientDataActions []string

	// The name of the metric associated with the alarm. This is required for an alarm
	// based on a metric. For an alarm based on a math expression, you use Metrics
	// instead and you can't specify MetricName .
	MetricName *string

	// The namespace of the metric associated with the alarm. This is required for an
	// alarm based on a metric. For an alarm based on a math expression, you can't
	// specify Namespace and you use Metrics instead.
	Namespace *string

	// The actions to execute when this alarm transitions to the OK state from any
	// other state. Each action is specified as an ARN.
	OkActions []string

	// The period, in seconds, over which the statistic is applied. This is required
	// for an alarm based on a metric.
	Period *int32

	// The statistic for the metric associated with the alarm, other than percentile.
	// For percentile statistics, use ExtendedStatistic . For an alarm based on a
	// metric, you must specify either Statistic or ExtendedStatistic but not both.
	// For an alarm based on a math expression, you can't specify Statistic . Instead,
	// you use Metrics .
	Statistic *string

	// The value to compare with the specified statistic.
	Threshold *float64

	// n an alarm based on an anomaly detection model, this is the ID of the
	// ANOMALY_DETECTION_BAND function used as the threshold for the alarm.
	ThresholdMetricId *string

	// Sets how this alarm is to handle missing data points.
	TreatMissingData *string

	// The unit of the metric associated with the alarm.
	Unit *string
	// contains filtered or unexported fields
}

type AwsCloudWatchAlarmDimensionsDetails struct {

	// The name of a dimension.
	Name *string

	// The value of a dimension.
	Value *string
	// contains filtered or unexported fields
}

type AwsCodeBuildProjectArtifactsDetails struct {

	// An identifier for the artifact definition.
	ArtifactIdentifier *string

	// Indicates whether to disable encryption on the artifact. Only valid when Type
	// is S3 .
	EncryptionDisabled *bool

	// Only used when Type is S3 . The name of the S3 bucket where the artifact is
	// located.
	Location *string

	// Only used when Type is S3. The name of the artifact. Used with NamepaceType and
	// Path to determine the pattern for storing the artifact.
	Name *string

	// Only used when Type is S3 . The value to use for the namespace. Used with Name
	// and Path to determine the pattern for storing the artifact.
	NamespaceType *string

	// Whether the name specified in the buildspec file overrides the artifact name.
	OverrideArtifactName *bool

	// Only used when Type is S3 . The type of output artifact to create.
	Packaging *string

	// Only used when Type is S3 . The path to the artifact. Used with Name and
	// NamespaceType to determine the pattern for storing the artifact.
	Path *string

	// The type of build artifact.
	Type *string
	// contains filtered or unexported fields
}

type AwsCodeBuildProjectDetails struct {

	// Information about the build artifacts for the CodeBuild project.
	Artifacts []AwsCodeBuildProjectArtifactsDetails

	// The KMS key used to encrypt the build output artifacts. You can specify either
	// the ARN of the KMS key or, if available, the KMS key alias (using the format
	// alias/alias-name).
	EncryptionKey *string

	// Information about the build environment for this build project.
	Environment *AwsCodeBuildProjectEnvironment

	// Information about logs for the build project.
	LogsConfig *AwsCodeBuildProjectLogsConfigDetails

	// The name of the build project.
	Name *string

	// Information about the secondary artifacts for the CodeBuild project.
	SecondaryArtifacts []AwsCodeBuildProjectArtifactsDetails

	// The ARN of the IAM role that enables CodeBuild to interact with dependent
	// Amazon Web Services services on behalf of the Amazon Web Services account.
	ServiceRole *string

	// Information about the build input source code for this build project.
	Source *AwsCodeBuildProjectSource

	// Information about the VPC configuration that CodeBuild accesses.
	VpcConfig *AwsCodeBuildProjectVpcConfig
	// contains filtered or unexported fields
}

type AwsCodeBuildProjectEnvironment struct {

	// The certificate to use with this build project.
	Certificate *string

	// A set of environment variables to make available to builds for the build
	// project.
	EnvironmentVariables []AwsCodeBuildProjectEnvironmentEnvironmentVariablesDetails

	// The type of credentials CodeBuild uses to pull images in your build. Valid
	// values:
	//   - CODEBUILD specifies that CodeBuild uses its own credentials. This requires
	//   that you modify your ECR repository policy to trust the CodeBuild service
	//   principal.
	//   - SERVICE_ROLE specifies that CodeBuild uses your build project's service
	//   role.
	// When you use a cross-account or private registry image, you must use
	// SERVICE_ROLE credentials. When you use an CodeBuild curated image, you must use
	// CODEBUILD credentials.
	ImagePullCredentialsType *string

	// Whether to allow the Docker daemon to run inside a Docker container. Set to true
	// if the build project is used to build Docker images.
	PrivilegedMode *bool

	// The credentials for access to a private registry.
	RegistryCredential *AwsCodeBuildProjectEnvironmentRegistryCredential

	// The type of build environment to use for related builds. The environment type
	// ARM_CONTAINER is available only in Regions US East (N. Virginia), US East
	// (Ohio), US West (Oregon), Europe (Ireland), Asia Pacific (Mumbai), Asia Pacific
	// (Tokyo), Asia Pacific (Sydney), and Europe (Frankfurt). The environment type
	// LINUX_CONTAINER with compute type build.general1.2xlarge is available only in
	// Regions US East (N. Virginia), US East (N. Virginia), US West (Oregon), Canada
	// (Central), Europe (Ireland), Europe (London), Europe (Frankfurt), Asia Pacific
	// (Tokyo), Asia Pacific (Seoul), Asia Pacific (Singapore), Asia Pacific (Sydney),
	// China (Beijing), and China (Ningxia). The environment type LINUX_GPU_CONTAINER
	// is available only in Regions US East (N. Virginia), US East (N. Virginia), US
	// West (Oregon), Canada (Central), Europe (Ireland), Europe (London), Europe
	// (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Seoul), Asia Pacific
	// (Singapore), Asia Pacific (Sydney), China (Beijing), and China (Ningxia). Valid
	// values: WINDOWS_CONTAINER | LINUX_CONTAINER | LINUX_GPU_CONTAINER |
	// ARM_CONTAINER
	Type *string
	// contains filtered or unexported fields
}

type AwsCodeBuildProjectEnvironmentEnvironmentVariablesDetails struct {

	// The name of the environment variable.
	Name *string

	// The type of environment variable.
	Type *string

	// The value of the environment variable.
	Value *string
	// contains filtered or unexported fields
}

type AwsCodeBuildProjectEnvironmentRegistryCredential struct {

	// The ARN or name of credentials created using Secrets Manager. The credential
	// can use the name of the credentials only if they exist in your current Amazon
	// Web Services Region.
	Credential *string

	// The service that created the credentials to access a private Docker registry.
	// The valid value, SECRETS_MANAGER , is for Secrets Manager.
	CredentialProvider *string
	// contains filtered or unexported fields
}

type AwsCodeBuildProjectLogsConfigCloudWatchLogsDetails struct {

	// The group name of the logs in CloudWatch Logs.
	GroupName *string

	// The current status of the logs in CloudWatch Logs for a build project.
	Status *string

	// The prefix of the stream name of the CloudWatch Logs.
	StreamName *string
	// contains filtered or unexported fields
}

type AwsCodeBuildProjectLogsConfigDetails struct {

	// Information about CloudWatch Logs for the build project.
	CloudWatchLogs *AwsCodeBuildProjectLogsConfigCloudWatchLogsDetails

	// Information about logs built to an S3 bucket for a build project.
	S3Logs *AwsCodeBuildProjectLogsConfigS3LogsDetails
	// contains filtered or unexported fields
}

type AwsCodeBuildProjectLogsConfigS3LogsDetails struct {

	// Whether to disable encryption of the S3 build log output.
	EncryptionDisabled *bool

	// The ARN of the S3 bucket and the path prefix for S3 logs.
	Location *string

	// The current status of the S3 build logs.
	Status *string
	// contains filtered or unexported fields
}

type AwsCodeBuildProjectSource struct {

	// Information about the Git clone depth for the build project.
	GitCloneDepth *int32

	// Whether to ignore SSL warnings while connecting to the project source code.
	InsecureSsl *bool

	// Information about the location of the source code to be built. Valid values
	// include:
	//   - For source code settings that are specified in the source action of a
	//   pipeline in CodePipeline, location should not be specified. If it is specified,
	//   CodePipeline ignores it. This is because CodePipeline uses the settings in a
	//   pipeline's source action instead of this value.
	//   - For source code in an CodeCommit repository, the HTTPS clone URL to the
	//   repository that contains the source code and the build spec file (for example,
	//   https://git-codecommit.region-ID.amazonaws.com/v1/repos/repo-name ).
	//   - For source code in an S3 input bucket, one of the following.
	//   - The path to the ZIP file that contains the source code (for example,
	//   bucket-name/path/to/object-name.zip ).
	//   - The path to the folder that contains the source code (for example,
	//   bucket-name/path/to/source-code/folder/ ).
	//   - For source code in a GitHub repository, the HTTPS clone URL to the
	//   repository that contains the source and the build spec file.
	//   - For source code in a Bitbucket repository, the HTTPS clone URL to the
	//   repository that contains the source and the build spec file.
	Location *string

	// The type of repository that contains the source code to be built. Valid values
	// are:
	//   - BITBUCKET - The source code is in a Bitbucket repository.
	//   - CODECOMMIT - The source code is in an CodeCommit repository.
	//   - CODEPIPELINE - The source code settings are specified in the source action
	//   of a pipeline in CodePipeline.
	//   - GITHUB - The source code is in a GitHub repository.
	//   - GITHUB_ENTERPRISE - The source code is in a GitHub Enterprise repository.
	//   - NO_SOURCE - The project does not have input source code.
	//   - S3 - The source code is in an S3 input bucket.
	Type *string
	// contains filtered or unexported fields
}

type AwsCodeBuildProjectVpcConfig struct {

	// A list of one or more security group IDs in your VPC.
	SecurityGroupIds []string

	// A list of one or more subnet IDs in your VPC.
	Subnets []string

	// The ID of the VPC.
	VpcId *string
	// contains filtered or unexported fields
}

type AwsCorsConfiguration struct {

	// Indicates whether the CORS request includes credentials.
	AllowCredentials *bool

	// The allowed headers for CORS requests.
	AllowHeaders []string

	// The allowed methods for CORS requests.
	AllowMethods []string

	// The allowed origins for CORS requests.
	AllowOrigins []string

	// The exposed headers for CORS requests.
	ExposeHeaders []string

	// The number of seconds for which the browser caches preflight request results.
	MaxAge *int32
	// contains filtered or unexported fields
}

type AwsDmsEndpointDetails struct {

	// The Amazon Resource Name (ARN) for the SSL certificate that encrypts
	// connections between the DMS endpoint and the replication instance.
	CertificateArn *string

	// The name of the endpoint database.
	DatabaseName *string

	// The Amazon Resource Name (ARN) of the endpoint.
	EndpointArn *string

	// The database endpoint identifier.
	EndpointIdentifier *string

	// The type of endpoint. Valid values are source and target.
	EndpointType *string

	// The type of engine for the endpoint, depending on the EndpointType value.
	EngineName *string

	// A value that can be used for cross-account validation.
	ExternalId *string

	// Additional attributes associated with the connection.
	ExtraConnectionAttributes *string

	// An DMS key identifier that is used to encrypt the connection parameters for the
	// endpoint. If you don't specify a value for the KmsKeyId parameter, then DMS
	// uses your default encryption key. KMS creates the default encryption key for
	// your Amazon Web Services account. Your Amazon Web Services account has a
	// different default encryption key for each Amazon Web Services Region.
	KmsKeyId *string

	// The port used to access the endpoint.
	Port *int32

	// The name of the server where the endpoint database resides.
	ServerName *string

	// The SSL mode used to connect to the endpoint. The default is none.
	SslMode *string

	// The user name to be used to log in to the endpoint database.
	Username *string
	// contains filtered or unexported fields
}

type AwsDmsReplicationInstanceDetails struct {

	// The amount of storage (in gigabytes) that is allocated for the replication
	// instance.
	AllocatedStorage *int32

	// Indicates whether minor engine upgrades are applied automatically to the
	// replication instance during the maintenance window.
	AutoMinorVersionUpgrade *bool

	// The Availability Zone that the replication instance is created in. The default
	// value is a random, system-chosen Availability Zone in the endpoint's Amazon Web
	// Services Region, such as us-east-1d .
	AvailabilityZone *string

	// The engine version number of the replication instance. If an engine version
	// number is not specified when a replication instance is created, the default is
	// the latest engine version available.
	EngineVersion *string

	// An KMS key identifier that is used to encrypt the data on the replication
	// instance. If you don't specify a value for the KmsKeyId parameter, DMS uses
	// your default encryption key. KMS creates the default encryption key for your
	// Amazon Web Services account. Your Amazon Web Services account has a different
	// default encryption key for each Amazon Web Services Region.
	KmsKeyId *string

	// Specifies whether the replication instance is deployed across multiple
	// Availability Zones (AZs). You can't set the AvailabilityZone parameter if the
	// MultiAZ parameter is set to true .
	MultiAZ *bool

	// The maintenance window times for the replication instance. Upgrades to the
	// replication instance are performed during this time.
	PreferredMaintenanceWindow *string

	// Specifies the accessibility options for the replication instance. A value of
	// true represents an instance with a public IP address. A value of false
	// represents an instance with a private IP address. The default value is true .
	PubliclyAccessible *bool

	// The compute and memory capacity of the replication instance as defined for the
	// specified replication instance class.
	ReplicationInstanceClass *string

	// The replication instance identifier.
	ReplicationInstanceIdentifier *string

	// The subnet group for the replication instance.
	ReplicationSubnetGroup *AwsDmsReplicationInstanceReplicationSubnetGroupDetails

	// The virtual private cloud (VPC) security group for the replication instance.
	VpcSecurityGroups []AwsDmsReplicationInstanceVpcSecurityGroupsDetails
	// contains filtered or unexported fields
}

type AwsDmsReplicationInstanceReplicationSubnetGroupDetails struct {

	// The identifier of the replication subnet group.
	ReplicationSubnetGroupIdentifier *string
	// contains filtered or unexported fields
}

type AwsDmsReplicationInstanceVpcSecurityGroupsDetails struct {

	// The identifier of the VPC security group that’s associated with the replication
	// instance.
	VpcSecurityGroupId *string
	// contains filtered or unexported fields
}

type AwsDmsReplicationTaskDetails struct {

	// Indicates when you want a change data capture (CDC) operation to start.
	// CCdcStartPosition or CCdcStartTime specifies when you want a CDC operation to
	// start. Only a value for one of these fields is included.
	CdcStartPosition *string

	// Indicates the start time for a CDC operation. CdcStartPosition or CCdcStartTime
	// specifies when you want a CDC operation to start. Only a value for one of these
	// fields is included.
	CdcStartTime *string

	// Indicates when you want a CDC operation to stop. The value can be either server
	// time or commit time.
	CdcStopPosition *string

	// The identifier of the replication task.
	Id *string

	// The migration type.
	MigrationType *string

	// The Amazon Resource Name (ARN) of a replication instance.
	ReplicationInstanceArn *string

	// The user-defined replication task identifier or name.
	ReplicationTaskIdentifier *string

	// The settings for the replication task.
	ReplicationTaskSettings *string

	// A display name for the resource identifier at the end of the EndpointArn
	// response parameter. If you don't specify a ResourceIdentifier value, DMS
	// generates a default identifier value for the end of EndpointArn .
	ResourceIdentifier *string

	// The ARN of the source endpoint.
	SourceEndpointArn *string

	// The table mappings for the replication task, in JSON format.
	TableMappings *string

	// The ARN of the target endpoint.
	TargetEndpointArn *string

	// Supplemental information that the task requires to migrate the data for certain
	// source and target endpoints.
	TaskData *string
	// contains filtered or unexported fields
}

type AwsDynamoDbTableAttributeDefinition struct {

	// The name of the attribute.
	AttributeName *string

	// The type of the attribute.
	AttributeType *string
	// contains filtered or unexported fields
}

type AwsDynamoDbTableBillingModeSummary struct {

	// The method used to charge for read and write throughput and to manage capacity.
	BillingMode *string

	// If the billing mode is PAY_PER_REQUEST , indicates when the billing mode was set
	// to that value. This field accepts only the specified formats. Timestamps can end
	// with Z or ("+" / "-") time-hour [":" time-minute] . The time-secfrac after
	// seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00.
	// Here are valid timestamp formats with examples:
	//   - YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z )
	//   - YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z
	//   )
	//   - YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59 )
	//   - YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759 )
	//   - YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example,
	//   2024-01-04T15:25:10.123456789+17:59 )
	LastUpdateToPayPerRequestDateTime *string
	// contains filtered or unexported fields
}

type AwsDynamoDbTableDetails struct {

	// A list of attribute definitions for the table.
	AttributeDefinitions []AwsDynamoDbTableAttributeDefinition

	// Information about the billing for read/write capacity on the table.
	BillingModeSummary *AwsDynamoDbTableBillingModeSummary

	// Indicates when the table was created. This field accepts only the specified
	// formats. Timestamps can end with Z or ("+" / "-") time-hour [":" time-minute] .
	// The time-secfrac after seconds is limited to a maximum of 9 digits. The offset
	// is bounded by +/-18:00. Here are valid timestamp formats with examples:
	//   - YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z )
	//   - YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z
	//   )
	//   - YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59 )
	//   - YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759 )
	//   - YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example,
	//   2024-01-04T15:25:10.123456789+17:59 )
	CreationDateTime *string

	// Indicates whether deletion protection is to be enabled (true) or disabled
	// (false) on the table.
	DeletionProtectionEnabled *bool

	// List of global secondary indexes for the table.
	GlobalSecondaryIndexes []AwsDynamoDbTableGlobalSecondaryIndex

	// The version of global tables being used.
	GlobalTableVersion *string

	// The number of items in the table.
	ItemCount *int32

	// The primary key structure for the table.
	KeySchema []AwsDynamoDbTableKeySchema

	// The ARN of the latest stream for the table.
	LatestStreamArn *string

	// The label of the latest stream. The label is not a unique identifier.
	LatestStreamLabel *string

	// The list of local secondary indexes for the table.
	LocalSecondaryIndexes []AwsDynamoDbTableLocalSecondaryIndex

	// Information about the provisioned throughput for the table.
	ProvisionedThroughput *AwsDynamoDbTableProvisionedThroughput

	// The list of replicas of this table.
	Replicas []AwsDynamoDbTableReplica

	// Information about the restore for the table.
	RestoreSummary *AwsDynamoDbTableRestoreSummary

	// Information about the server-side encryption for the table.
	SseDescription *AwsDynamoDbTableSseDescription

	// The current DynamoDB Streams configuration for the table.
	StreamSpecification *AwsDynamoDbTableStreamSpecification

	// The identifier of the table.
	TableId *string

	// The name of the table.
	TableName *string

	// The total size of the table in bytes.
	TableSizeBytes *int64

	// The current status of the table. Valid values are as follows:
	//   - ACTIVE
	//   - ARCHIVED
	//   - ARCHIVING
	//   - CREATING
	//   - DELETING
	//   - INACCESSIBLE_ENCRYPTION_CREDENTIALS
	//   - UPDATING
	TableStatus *string
	// contains filtered or unexported fields
}

type AwsDynamoDbTableGlobalSecondaryIndex struct {

	// Whether the index is currently backfilling.
	Backfilling *bool

	// The ARN of the index.
	IndexArn *string

	// The name of the index.
	IndexName *string

	// The total size in bytes of the index.
	IndexSizeBytes *int64

	// The current status of the index.
	//   - ACTIVE
	//   - CREATING
	//   - DELETING
	//   - UPDATING
	IndexStatus *string

	// The number of items in the index.
	ItemCount *int32

	// The key schema for the index.
	KeySchema []AwsDynamoDbTableKeySchema

	// Attributes that are copied from the table into an index.
	Projection *AwsDynamoDbTableProjection

	// Information about the provisioned throughput settings for the indexes.
	ProvisionedThroughput *AwsDynamoDbTableProvisionedThroughput
	// contains filtered or unexported fields
}

type AwsDynamoDbTableKeySchema struct {

	// The name of the key schema attribute.
	AttributeName *string

	// The type of key used for the key schema attribute. Valid values are HASH or
	// RANGE .
	KeyType *string
	// contains filtered or unexported fields
}

type AwsDynamoDbTableLocalSecondaryIndex struct {

	// The ARN of the index.
	IndexArn *string

	// The name of the index.
	IndexName *string

	// The complete key schema for the index.
	KeySchema []AwsDynamoDbTableKeySchema

	// Attributes that are copied from the table into the index. These are in addition
	// to the primary key attributes and index key attributes, which are automatically
	// projected.
	Projection *AwsDynamoDbTableProjection
	// contains filtered or unexported fields
}

type AwsDynamoDbTableProjection struct {

	// The nonkey attributes that are projected into the index. For each attribute,
	// provide the attribute name.
	NonKeyAttributes []string

	// The types of attributes that are projected into the index. Valid values are as
	// follows:
	//   - ALL
	//   - INCLUDE
	//   - KEYS_ONLY
	ProjectionType *string
	// contains filtered or unexported fields
}

type AwsDynamoDbTableProvisionedThroughput struct {

	// Indicates when the provisioned throughput was last decreased. This field
	// accepts only the specified formats. Timestamps can end with Z or ("+" / "-")
	// time-hour [":" time-minute] . The time-secfrac after seconds is limited to a
	// maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp
	// formats with examples:
	//   - YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z )
	//   - YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z
	//   )
	//   - YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59 )
	//   - YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759 )
	//   - YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example,
	//   2024-01-04T15:25:10.123456789+17:59 )
	LastDecreaseDateTime *string

	// Indicates when the provisioned throughput was last increased. This field
	// accepts only the specified formats. Timestamps can end with Z or ("+" / "-")
	// time-hour [":" time-minute] . The time-secfrac after seconds is limited to a
	// maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp
	// formats with examples:
	//   - YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z )
	//   - YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z
	//   )
	//   - YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59 )
	//   - YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759 )
	//   - YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example,
	//   2024-01-04T15:25:10.123456789+17:59 )
	LastIncreaseDateTime *string

	// The number of times during the current UTC calendar day that the provisioned
	// throughput was decreased.
	NumberOfDecreasesToday *int32

	// The maximum number of strongly consistent reads consumed per second before
	// DynamoDB returns a ThrottlingException .
	ReadCapacityUnits *int32

	// The maximum number of writes consumed per second before DynamoDB returns a
	// ThrottlingException .
	WriteCapacityUnits *int32
	// contains filtered or unexported fields
}

type AwsDynamoDbTableProvisionedThroughputOverride struct {

	// The read capacity units for the replica.
	ReadCapacityUnits *int32
	// contains filtered or unexported fields
}

type AwsDynamoDbTableReplica struct {

	// List of global secondary indexes for the replica.
	GlobalSecondaryIndexes []AwsDynamoDbTableReplicaGlobalSecondaryIndex

	// The identifier of the KMS key that will be used for KMS encryption for the
	// replica.
	KmsMasterKeyId *string

	// Replica-specific configuration for the provisioned throughput.
	ProvisionedThroughputOverride *AwsDynamoDbTableProvisionedThroughputOverride

	// The name of the Region where the replica is located.
	RegionName *string

	// The current status of the replica. Valid values are as follows:
	//   - ACTIVE
	//   - CREATING
	//   - CREATION_FAILED
	//   - DELETING
	//   - UPDATING
	ReplicaStatus *string

	// Detailed information about the replica status.
	ReplicaStatusDescription *string
	// contains filtered or unexported fields
}

type AwsDynamoDbTableReplicaGlobalSecondaryIndex struct {

	// The name of the index.
	IndexName *string

	// Replica-specific configuration for the provisioned throughput for the index.
	ProvisionedThroughputOverride *AwsDynamoDbTableProvisionedThroughputOverride
	// contains filtered or unexported fields
}

type AwsDynamoDbTableRestoreSummary struct {

	// Indicates the point in time that the table was restored to. This field accepts
	// only the specified formats. Timestamps can end with Z or ("+" / "-") time-hour
	// [":" time-minute] . The time-secfrac after seconds is limited to a maximum of 9
	// digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with
	// examples:
	//   - YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z )
	//   - YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z
	//   )
	//   - YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59 )
	//   - YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759 )
	//   - YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example,
	//   2024-01-04T15:25:10.123456789+17:59 )
	RestoreDateTime *string

	// Whether a restore is currently in progress.
	RestoreInProgress *bool

	// The ARN of the source backup from which the table was restored.
	SourceBackupArn *string

	// The ARN of the source table for the backup.
	SourceTableArn *string
	// contains filtered or unexported fields
}

type AwsDynamoDbTableSseDescription struct {

	// If the key is inaccessible, the date and time when DynamoDB detected that the
	// key was inaccessible. This field accepts only the specified formats. Timestamps
	// can end with Z or ("+" / "-") time-hour [":" time-minute] . The time-secfrac
	// after seconds is limited to a maximum of 9 digits. The offset is bounded by
	// +/-18:00. Here are valid timestamp formats with examples:
	//   - YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z )
	//   - YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z
	//   )
	//   - YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59 )
	//   - YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759 )
	//   - YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example,
	//   2024-01-04T15:25:10.123456789+17:59 )
	InaccessibleEncryptionDateTime *string

	// The ARN of the KMS key that is used for the KMS encryption.
	KmsMasterKeyArn *string

	// The type of server-side encryption.
	SseType *string

	// The status of the server-side encryption.
	Status *string
	// contains filtered or unexported fields
}

type AwsDynamoDbTableStreamSpecification struct {

	// Indicates whether DynamoDB Streams is enabled on the table.
	StreamEnabled *bool

	// Determines the information that is written to the table.
	StreamViewType *string
	// contains filtered or unexported fields
}

type AwsEc2ClientVpnEndpointAuthenticationOptionsActiveDirectoryDetails struct {

	// The ID of the Active Directory used for authentication.
	DirectoryId *string
	// contains filtered or unexported fields
}

type AwsEc2ClientVpnEndpointAuthenticationOptionsDetails struct {

	// Information about the Active Directory, if applicable. With Active Directory
	// authentication, clients are authenticated against existing Active Directory
	// groups.
	ActiveDirectory *AwsEc2ClientVpnEndpointAuthenticationOptionsActiveDirectoryDetails

	// Information about the IAM SAML identity provider, if applicable.
	FederatedAuthentication *AwsEc2ClientVpnEndpointAuthenticationOptionsFederatedAuthenticationDetails

	// Information about the authentication certificates, if applicable.
	MutualAuthentication *AwsEc2ClientVpnEndpointAuthenticationOptionsMutualAuthenticationDetails

	// The authentication type used.
	Type *string
	// contains filtered or unexported fields
}

type AwsEc2ClientVpnEndpointAuthenticationOptionsFederatedAuthenticationDetails struct {

	// The Amazon Resource Name (ARN) of the IAM SAML identity provider.
	SamlProviderArn *string

	// The Amazon Resource Name (ARN) of the IAM SAML identity provider for the
	// self-service portal.
	SelfServiceSamlProviderArn *string
	// contains filtered or unexported fields
}

type AwsEc2ClientVpnEndpointAuthenticationOptionsMutualAuthenticationDetails struct {

	// The Amazon Resource Name (ARN) of the client certificate.
	ClientRootCertificateChain *string
	// contains filtered or unexported fields
}

type AwsEc2ClientVpnEndpointClientConnectOptionsDetails struct {

	// Indicates whether client connect options are enabled.
	Enabled *bool

	// The Amazon Resource Name (ARN) of the Lambda function used for connection
	// authorization.
	LambdaFunctionArn *string

	// The status of any updates to the client connect options.
	Status *AwsEc2ClientVpnEndpointClientConnectOptionsStatusDetails
	// contains filtered or unexported fields
}

type AwsEc2ClientVpnEndpointClientConnectOptionsStatusDetails struct {

	// The status code.
	Code *string

	// The status message.
	Message *string
	// contains filtered or unexported fields
}

type AwsEc2ClientVpnEndpointClientLoginBannerOptionsDetails struct {

	// Customizable text that will be displayed in a banner on Amazon Web Services
	// provided clients when a VPN session is established.
	BannerText *string

	// Current state of text banner feature.
	Enabled *bool
	// contains filtered or unexported fields
}

type AwsEc2ClientVpnEndpointConnectionLogOptionsDetails struct {

	// The name of the Amazon CloudWatch Logs log group to which connection logging
	// data is published.
	CloudwatchLogGroup *string

	// The name of the Amazon CloudWatch Logs log stream to which connection logging
	// data is published.
	CloudwatchLogStream *string

	// Indicates whether client connection logging is enabled for the Client VPN
	// endpoint.
	Enabled *bool
	// contains filtered or unexported fields
}

type AwsEc2ClientVpnEndpointDetails struct {

	// Information about the authentication method used by the Client VPN endpoint.
	AuthenticationOptions []AwsEc2ClientVpnEndpointAuthenticationOptionsDetails

	// The IPv4 address range, in CIDR notation, from which client IP addresses are
	// assigned.
	ClientCidrBlock *string

	// The options for managing connection authorization for new client connections.
	ClientConnectOptions *AwsEc2ClientVpnEndpointClientConnectOptionsDetails

	// Options for enabling a customizable text banner that will be displayed on
	// Amazon Web Services provided clients when a VPN session is established.
	ClientLoginBannerOptions *AwsEc2ClientVpnEndpointClientLoginBannerOptionsDetails

	// The ID of the Client VPN endpoint.
	ClientVpnEndpointId *string

	// Information about the client connection logging options for the Client VPN
	// endpoint.
	ConnectionLogOptions *AwsEc2ClientVpnEndpointConnectionLogOptionsDetails

	// A brief description of the endpoint.
	Description *string

	// Information about the DNS servers to be used for DNS resolution.
	DnsServer []string

	// The IDs of the security groups for the target network.
	SecurityGroupIdSet []string

	// The URL of the self-service portal.
	SelfServicePortalUrl *string

	// The Amazon Resource Name (ARN) of the server certificate.
	ServerCertificateArn *string

	// The maximum VPN session duration time in hours.
	SessionTimeoutHours *int32

	// Indicates whether split-tunnel is enabled in the Client VPN endpoint.
	SplitTunnel *bool

	// The transport protocol used by the Client VPN endpoint.
	TransportProtocol *string

	// The ID of the VPC.
	VpcId *string

	// The port number for the Client VPN endpoint.
	VpnPort *int32
	// contains filtered or unexported fields
}

type AwsEc2EipDetails struct {

	// The identifier that Amazon Web Services assigns to represent the allocation of
	// the Elastic IP address for use with Amazon VPC.
	AllocationId *string

	// The identifier that represents the association of the Elastic IP address with
	// an EC2 instance.
	AssociationId *string

	// The domain in which to allocate the address. If the address is for use with EC2
	// instances in a VPC, then Domain is vpc . Otherwise, Domain is standard .
	Domain *string

	// The identifier of the EC2 instance.
	InstanceId *string

	// The name of the location from which the Elastic IP address is advertised.
	NetworkBorderGroup *string

	// The identifier of the network interface.
	NetworkInterfaceId *string

	// The Amazon Web Services account ID of the owner of the network interface.
	NetworkInterfaceOwnerId *string

	// The private IP address that is associated with the Elastic IP address.
	PrivateIpAddress *string

	// A public IP address that is associated with the EC2 instance.
	PublicIp *string

	// The identifier of an IP address pool. This parameter allows Amazon EC2 to
	// select an IP address from the address pool.
	PublicIpv4Pool *string
	// contains filtered or unexported fields
}

type AwsEc2InstanceDetails struct {

	// The IAM profile ARN of the instance.
	IamInstanceProfileArn *string

	// The Amazon Machine Image (AMI) ID of the instance.
	ImageId *string

	// The IPv4 addresses associated with the instance.
	IpV4Addresses []string

	// The IPv6 addresses associated with the instance.
	IpV6Addresses []string

	// The key name associated with the instance.
	KeyName *string

	// Indicates when the instance was launched. This field accepts only the specified
	// formats. Timestamps can end with Z or ("+" / "-") time-hour [":" time-minute] .
	// The time-secfrac after seconds is limited to a maximum of 9 digits. The offset
	// is bounded by +/-18:00. Here are valid timestamp formats with examples:
	//   - YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z )
	//   - YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z
	//   )
	//   - YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59 )
	//   - YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759 )
	//   - YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example,
	//   2024-01-04T15:25:10.123456789+17:59 )
	LaunchedAt *string

	// Details about the metadata options for the Amazon EC2 instance.
	MetadataOptions *AwsEc2InstanceMetadataOptions

	// Describes the type of monitoring that’s turned on for an instance.
	Monitoring *AwsEc2InstanceMonitoringDetails

	// The identifiers of the network interfaces for the EC2 instance. The details for
	// each network interface are in a corresponding AwsEc2NetworkInterfacesDetails
	// object.
	NetworkInterfaces []AwsEc2InstanceNetworkInterfacesDetails

	// The identifier of the subnet that the instance was launched in.
	SubnetId *string

	// The instance type of the instance.
	Type *string

	// The virtualization type of the Amazon Machine Image (AMI) required to launch
	// the instance.
	VirtualizationType *string

	// The identifier of the VPC that the instance was launched in.
	VpcId *string
	// contains filtered or unexported fields
}

type AwsEc2InstanceMetadataOptions struct {

	// Enables or disables the HTTP metadata endpoint on the instance.
	HttpEndpoint *string

	// Enables or disables the IPv6 endpoint for the instance metadata service.
	HttpProtocolIpv6 *string

	// The desired HTTP PUT response hop limit for instance metadata requests. The
	// larger the number, the further instance metadata requests can travel.
	HttpPutResponseHopLimit *int32

	// The state of token usage for your instance metadata requests.
	HttpTokens *string

	// Specifies whether to allow access to instance tags from the instance metadata.
	InstanceMetadataTags *string
	// contains filtered or unexported fields
}

type AwsEc2InstanceMonitoringDetails struct {

	// Indicates whether detailed monitoring is turned on. Otherwise, basic monitoring
	// is turned on.
	State *string
	// contains filtered or unexported fields
}

type AwsEc2InstanceNetworkInterfacesDetails struct {

	// The identifier of the network interface. The details are in a corresponding
	// AwsEc2NetworkInterfacesDetails object.
	NetworkInterfaceId *string
	// contains filtered or unexported fields
}

type AwsEc2LaunchTemplateDataBlockDeviceMappingSetDetails struct {

	// The device name.
	DeviceName *string

	// Parameters used to automatically set up Amazon EBS volumes when the instance is
	// launched.
	Ebs *AwsEc2LaunchTemplateDataBlockDeviceMappingSetEbsDetails

	// Omits the device from the block device mapping when an empty string is
	// specified.
	NoDevice *string

	// The virtual device name (ephemeralN). Instance store volumes are numbered
	// starting from 0. An instance type with 2 available instance store volumes can
	// specify mappings for ephemeral0 and ephemeral1 . The number of available
	// instance store volumes depends on the instance type.
	VirtualName *string
	// contains filtered or unexported fields
}

type AwsEc2LaunchTemplateDataBlockDeviceMappingSetEbsDetails struct {

	// Indicates whether the EBS volume is deleted on instance termination.
	DeleteOnTermination *bool

	// Indicates whether the EBS volume is encrypted. Encrypted volumes can only be
	// attached to instances that support Amazon EBS encryption. If you're creating a
	// volume from a snapshot, you can't specify an encryption value.
	Encrypted *bool

	// The number of I/O operations per second (IOPS).
	Iops *int32

	// The Amazon Resource Name (ARN) of the symmetric Key Management Service (KMS)
	// customer managed key used for encryption.
	KmsKeyId *string

	// The ID of the EBS snapshot.
	SnapshotId *string

	// The throughput to provision for a gp3 volume, with a maximum of 1,000 MiB/s.
	Throughput *int32

	// The size of the volume, in GiBs. You must specify either a snapshot ID or a
	// volume size.
	VolumeSize *int32

	// The volume type.
	VolumeType *string
	// contains filtered or unexported fields
}

type AwsEc2LaunchTemplateDataCapacityReservationSpecificationCapacityReservationTargetDetails struct {

	// The ID of the Capacity Reservation in which to run the instance.
	CapacityReservationId *string

	// The Amazon Resource Name (ARN) of the Capacity Reservation resource group in
	// which to run the instance.
	CapacityReservationResourceGroupArn *string
	// contains filtered or unexported fields
}

type AwsEc2LaunchTemplateDataCapacityReservationSpecificationDetails struct {

	// Indicates the instance's Capacity Reservation preferences. If equal to open ,
	// the instance can run in any open Capacity Reservation that has matching
	// attributes (instance type, platform, Availability Zone). If equal to none , the
	// instance avoids running in a Capacity Reservation even if one is available. The
	// instance runs in On-Demand capacity.
	CapacityReservationPreference *string

	// Specifies a target Capacity Reservation.
	CapacityReservationTarget *AwsEc2LaunchTemplateDataCapacityReservationSpecificationCapacityReservationTargetDetails
	// contains filtered or unexported fields
}

type AwsEc2LaunchTemplateDataCpuOptionsDetails struct {

	// The number of CPU cores for the instance.
	CoreCount *int32

	// The number of threads per CPU core. A value of 1 disables multithreading for
	// the instance, The default value is 2 .
	ThreadsPerCore *int32
	// contains filtered or unexported fields
}

type AwsEc2LaunchTemplateDataCreditSpecificationDetails struct {

	// The credit option for CPU usage of a T instance.
	CpuCredits *string
	// contains filtered or unexported fields
}

type AwsEc2LaunchTemplateDataDetails struct {

	// Information about a block device mapping for an Amazon EC2 launch template.
	BlockDeviceMappingSet []AwsEc2LaunchTemplateDataBlockDeviceMappingSetDetails

	// Specifies an instance's Capacity Reservation targeting option. You can specify
	// only one option at a time.
	CapacityReservationSpecification *AwsEc2LaunchTemplateDataCapacityReservationSpecificationDetails

	// Specifies the CPU options for an instance. For more information, see Optimize
	// CPU options (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-optimize-cpu.html)
	// in the Amazon Elastic Compute Cloud User Guide.
	CpuOptions *AwsEc2LaunchTemplateDataCpuOptionsDetails

	// Specifies the credit option for CPU usage of a T2, T3, or T3a instance.
	CreditSpecification *AwsEc2LaunchTemplateDataCreditSpecificationDetails

	// Indicates whether to enable the instance for stop protection. For more
	// information, see Enable stop protection (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Stop_Start.html#Using_StopProtection)
	// in the Amazon EC2 User Guide.
	DisableApiStop *bool

	// If you set this parameter to true , you can't terminate the instance using the
	// Amazon EC2 console, CLI, or API. If set to true , you can.
	DisableApiTermination *bool

	// Indicates whether the instance is optimized for Amazon EBS I/O.
	EbsOptimized *bool

	// Provides details about Elastic Graphics accelerators to associate with the
	// instance.
	ElasticGpuSpecificationSet []AwsEc2LaunchTemplateDataElasticGpuSpecificationSetDetails

	// The Amazon Elastic Inference accelerator for the instance.
	ElasticInferenceAcceleratorSet []AwsEc2LaunchTemplateDataElasticInferenceAcceleratorSetDetails

	// Indicates whether the Amazon EC2 instance is enabled for Amazon Web Services
	// Nitro Enclaves.
	EnclaveOptions *AwsEc2LaunchTemplateDataEnclaveOptionsDetails

	// Specifies whether your Amazon EC2 instance is configured for hibernation.
	HibernationOptions *AwsEc2LaunchTemplateDataHibernationOptionsDetails

	// The name or Amazon Resource Name (ARN) of an IAM instance profile.
	IamInstanceProfile *AwsEc2LaunchTemplateDataIamInstanceProfileDetails

	// The ID of the Amazon Machine Image (AMI).
	ImageId *string

	// Provides the options for specifying the instance initiated shutdown behavior.
	InstanceInitiatedShutdownBehavior *string

	// Specifies the market (purchasing) option for an instance.
	InstanceMarketOptions *AwsEc2LaunchTemplateDataInstanceMarketOptionsDetails

	// The attributes for the instance types. When you specify instance attributes,
	// Amazon EC2 will identify instance types with these attributes. If you specify
	// InstanceRequirements , you can't specify InstanceType .
	InstanceRequirements *AwsEc2LaunchTemplateDataInstanceRequirementsDetails

	// The instance type. For more information, see Instance types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html)
	// in the Amazon EC2 User Guide. If you specify InstanceType , you can't specify
	// InstanceRequirements .
	InstanceType *string

	// The ID of the kernel.
	KernelId *string

	// The name of the key pair that allows users to connect to the instance.
	KeyName *string

	// Specifies a license configuration for an instance.
	LicenseSet []AwsEc2LaunchTemplateDataLicenseSetDetails

	// The maintenance options of your instance.
	MaintenanceOptions *AwsEc2LaunchTemplateDataMaintenanceOptionsDetails

	// The metadata options for the instance. For more information, see Instance
	// metadata and user data (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html)
	// in the Amazon EC2 User Guide.
	MetadataOptions *AwsEc2LaunchTemplateDataMetadataOptionsDetails

	// The monitoring for the instance.
	Monitoring *AwsEc2LaunchTemplateDataMonitoringDetails

	// Specifies the parameters for a network interface that is attached to the
	// instance.
	NetworkInterfaceSet []AwsEc2LaunchTemplateDataNetworkInterfaceSetDetails

	// Specifies the placement of an instance.
	Placement *AwsEc2LaunchTemplateDataPlacementDetails

	// The options for the instance hostname.
	PrivateDnsNameOptions *AwsEc2LaunchTemplateDataPrivateDnsNameOptionsDetails

	// The ID of the RAM disk.
	RamDiskId *string

	// One or more security group IDs.
	SecurityGroupIdSet []string

	// One or more security group names. For a nondefault VPC, you must use security
	// group IDs instead. You cannot specify both a security group ID and security name
	// in the same request.
	SecurityGroupSet []string

	// The user data to make available to the instance.
	UserData *string
	// contains filtered or unexported fields
}

type AwsEc2LaunchTemplateDataElasticGpuSpecificationSetDetails struct {

	// The type of Elastic Graphics accelerator.
	Type *string
	// contains filtered or unexported fields
}

type AwsEc2LaunchTemplateDataElasticInferenceAcceleratorSetDetails struct {

	// The number of Elastic Inference accelerators to attach to the instance.
	Count *int32

	// The type of Elastic Inference accelerator.
	Type *string
	// contains filtered or unexported fields
}

type AwsEc2LaunchTemplateDataEnclaveOptionsDetails struct {

	// If this parameter is set to true , the instance is enabled for Amazon Web
	// Services Nitro Enclaves.
	Enabled *bool
	// contains filtered or unexported fields
}

type AwsEc2LaunchTemplateDataHibernationOptionsDetails struct {

	// If you set this parameter to true , the instance is enabled for hibernation.
	Configured *bool
	// contains filtered or unexported fields
}

type AwsEc2LaunchTemplateDataIamInstanceProfileDetails struct {

	// The Amazon Resource Name (ARN) of the instance profile.
	Arn *string

	// The name of the instance profile.
	Name *string
	// contains filtered or unexported fields
}

type AwsEc2LaunchTemplateDataInstanceMarketOptionsDetails struct {

	// The market type.
	MarketType *string

	// The options for Spot Instances.
	SpotOptions *AwsEc2LaunchTemplateDataInstanceMarketOptionsSpotOptionsDetails
	// contains filtered or unexported fields
}

type AwsEc2LaunchTemplateDataInstanceMarketOptionsSpotOptionsDetails struct {

	// Deprecated.
	BlockDurationMinutes *int32

	// The behavior when a Spot Instance is interrupted.
	InstanceInterruptionBehavior *string

	// The maximum hourly price you're willing to pay for the Spot Instances.
	MaxPrice *string

	// The Spot Instance request type.
	SpotInstanceType *string

	// The end date of the request, in UTC format (YYYY-MM-DDTHH:MM:SSZ), for
	// persistent requests.
	ValidUntil *string
	// contains filtered or unexported fields
}

type AwsEc2LaunchTemplateDataInstanceRequirementsAcceleratorCountDetails struct {

	// The maximum number of accelerators. If this parameter isn't specified, there's
	// no maximum limit. To exclude accelerator-enabled instance types, set Max to 0 .
	Max *int32

	// The minimum number of accelerators. If this parameter isn't specified, there's
	// no minimum limit.
	Min *int32
	// contains filtered or unexported fields
}

type AwsEc2LaunchTemplateDataInstanceRequirementsAcceleratorTotalMemoryMiBDetails struct {

	// The maximum amount of memory, in MiB. If this parameter isn't specified,
	// there's no maximum limit.
	Max *int32

	// The minimum amount of memory, in MiB. If 0 is specified, there's no maximum
	// limit.
	Min *int32
	// contains filtered or unexported fields
}

type AwsEc2LaunchTemplateDataInstanceRequirementsBaselineEbsBandwidthMbpsDetails struct {

	// The maximum baseline bandwidth, in Mbps. If this parameter is omitted, there's
	// no maximum limit.
	Max *int32

	// The minimum baseline bandwidth, in Mbps. If this parameter is omitted, there's
	// no minimum limit.
	Min *int32
	// contains filtered or unexported fields
}

type AwsEc2LaunchTemplateDataInstanceRequirementsDetails struct {

	// The minimum and maximum number of accelerators (GPUs, FPGAs, or Amazon Web
	// Services Inferentia chips) on an instance.
	AcceleratorCount *AwsEc2LaunchTemplateDataInstanceRequirementsAcceleratorCountDetails

	// Indicates whether instance types must have accelerators by specific
	// manufacturers.
	AcceleratorManufacturers []string

	// The accelerators that must be on the instance type.
	AcceleratorNames []string

	// The minimum and maximum amount of total accelerator memory, in MiB.
	AcceleratorTotalMemoryMiB *AwsEc2LaunchTemplateDataInstanceRequirementsAcceleratorTotalMemoryMiBDetails

	// The accelerator types that must be on the instance type.
	AcceleratorTypes []string

	// Indicates whether bare metal instance types must be included, excluded, or
	// required.
	BareMetal *string

	// The minimum and maximum baseline bandwidth to Amazon EBS, in Mbps. For more
	// information, see Amazon EBS optimized instances (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-optimized.html)
	// in the Amazon EC2 User Guide.
	BaselineEbsBandwidthMbps *AwsEc2LaunchTemplateDataInstanceRequirementsBaselineEbsBandwidthMbpsDetails

	// Indicates whether burstable performance T instance types are included,
	// excluded, or required. For more information, Burstable performance instances (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances.html)
	// in the Amazon EC2 User Guide.
	BurstablePerformance *string

	// The CPU manufacturers to include.
	CpuManufacturers []string

	// The instance types to exclude.
	ExcludedInstanceTypes []string

	// Indicates whether current or previous generation instance types are included.
	InstanceGenerations []string

	// Indicates whether instance types with instance store volumes are included,
	// excluded, or required. For more information, see Amazon EC2 instance store (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/InstanceStorage.html)
	// in the Amazon EC2 User Guide.
	LocalStorage *string

	// The type of local storage that is required.
	LocalStorageTypes []string

	// The minimum and maximum amount of memory per vCPU, in GiB.
	MemoryGiBPerVCpu *AwsEc2LaunchTemplateDataInstanceRequirementsMemoryGiBPerVCpuDetails

	// The minimum and maximum amount of memory, in MiB.
	MemoryMiB *AwsEc2LaunchTemplateDataInstanceRequirementsMemoryMiBDetails

	// The minimum and maximum number of network interfaces.
	NetworkInterfaceCount *AwsEc2LaunchTemplateDataInstanceRequirementsNetworkInterfaceCountDetails

	// The price protection threshold for On-Demand Instances. This is the maximum
	// you'll pay for an On-Demand Instance, expressed as a percentage above the least
	// expensive current generation M, C, or R instance type with your specified
	// attributes. When Amazon EC2 selects instance types with your attributes, it
	// excludes instance types priced above your threshold. The parameter accepts an
	// integer, which Amazon EC2 interprets as a percentage. A high value, such as
	// 999999 , turns off price protection.
	OnDemandMaxPricePercentageOverLowestPrice *int32

	// Indicates whether instance types must support hibernation for On-Demand
	// Instances.
	RequireHibernateSupport *bool

	// The price protection threshold for Spot Instances. This is the maximum you'll
	// pay for a Spot Instance, expressed as a percentage above the least expensive
	// current generation M, C, or R instance type with your specified attributes. When
	// Amazon EC2 selects instance types with your attributes, it excludes instance
	// types priced above your threshold. The parameter accepts an integer, which
	// Amazon EC2 interprets as a percentage. A high value, such as 999999 , turns off
	// price protection.
	SpotMaxPricePercentageOverLowestPrice *int32

	// The minimum and maximum amount of total local storage, in GB.
	TotalLocalStorageGB *AwsEc2LaunchTemplateDataInstanceRequirementsTotalLocalStorageGBDetails

	// The minimum and maximum number of vCPUs.
	VCpuCount *AwsEc2LaunchTemplateDataInstanceRequirementsVCpuCountDetails
	// contains filtered or unexported fields
}

type AwsEc2LaunchTemplateDataInstanceRequirementsMemoryGiBPerVCpuDetails struct {

	// The maximum amount of memory per vCPU, in GiB. If this parameter is omitted,
	// there's no maximum limit.
	Max *float64

	// The minimum amount of memory per vCPU, in GiB. If this parameter is omitted,
	// there's no maximum limit.
	Min *float64
	// contains filtered or unexported fields
}

type AwsEc2LaunchTemplateDataInstanceRequirementsMemoryMiBDetails struct {

	// The maximum amount of memory, in MiB.
	Max *int32

	// The minimum amount of memory, in MiB.
	Min *int32
	// contains filtered or unexported fields
}

type AwsEc2LaunchTemplateDataInstanceRequirementsNetworkInterfaceCountDetails struct {

	// The maximum number of network interfaces.
	Max *int32

	// The minimum number of network interfaces.
	Min *int32
	// contains filtered or unexported fields
}

type AwsEc2LaunchTemplateDataInstanceRequirementsTotalLocalStorageGBDetails struct {

	// The maximum amount of total local storage, in GB.
	Max *float64

	// The minimum amount of total local storage, in GB.
	Min *float64
	// contains filtered or unexported fields
}

type AwsEc2LaunchTemplateDataInstanceRequirementsVCpuCountDetails struct {

	// The maximum number of vCPUs.
	Max *int32

	// The minimum number of vCPUs.
	Min *int32
	// contains filtered or unexported fields
}

type AwsEc2LaunchTemplateDataLicenseSetDetails struct {

	// The Amazon Resource Name (ARN) of the license configuration.
	LicenseConfigurationArn *string
	// contains filtered or unexported fields
}

type AwsEc2LaunchTemplateDataMaintenanceOptionsDetails struct {

	// Disables the automatic recovery behavior of your instance or sets it to default.
	AutoRecovery *string
	// contains filtered or unexported fields
}

type AwsEc2LaunchTemplateDataMetadataOptionsDetails struct {

	// Enables or disables the HTTP metadata endpoint on your instances. If the
	// parameter is not specified, the default state is enabled, and you won't be able
	// to access your instance metadata.
	HttpEndpoint *string

	// Enables or disables the IPv6 endpoint for the instance metadata service.
	HttpProtocolIpv6 *string

	// The desired HTTP PUT response hop limit for instance metadata requests. The
	// larger the number, the further instance metadata requests can travel.
	HttpPutResponseHopLimit *int32

	// The state of token usage for your instance metadata requests.
	HttpTokens *string

	// When set to enabled , this parameter allows access to instance tags from the
	// instance metadata. When set to disabled , it turns off access to instance tags
	// from the instance metadata. For more information, see Work with instance tags
	// in instance metadata (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html#work-with-tags-in-IMDS)
	// in the Amazon EC2 User Guide.
	InstanceMetadataTags *string
	// contains filtered or unexported fields
}

type AwsEc2LaunchTemplateDataMonitoringDetails struct {

	// Enables detailed monitoring when true is specified. Otherwise, basic monitoring
	// is enabled. For more information about detailed monitoring, see Enable or turn
	// off detailed monitoring for your instances (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-cloudwatch-new.html)
	// in the Amazon EC2 User Guide.
	Enabled *bool
	// contains filtered or unexported fields
}

type AwsEc2LaunchTemplateDataNetworkInterfaceSetDetails struct {

	// Indicates whether to associate a Carrier IP address with eth0 for a new network
	// interface. You use this option when you launch an instance in a Wavelength Zone
	// and want to associate a Carrier IP address with the network interface. For more
	// information, see Carrier IP address (https://docs.aws.amazon.com/wavelength/latest/developerguide/how-wavelengths-work.html#provider-owned-ip)
	// in the Wavelength Developer Guide.
	AssociateCarrierIpAddress *bool

	// Associates a public IPv4 address with eth0 for a new network interface.
	AssociatePublicIpAddress *bool

	// Indicates whether the network interface is deleted when the instance is
	// terminated.
	DeleteOnTermination *bool

	// A description for the network interface.
	Description *string

	// The device index for the network interface attachment.
	DeviceIndex *int32

	// The IDs of one or more security groups.
	Groups []string

	// The type of network interface.
	InterfaceType *string

	// The number of IPv4 prefixes to be automatically assigned to the network
	// interface. You cannot use this option if you use the Ipv4Prefixes option.
	Ipv4PrefixCount *int32

	// One or more IPv4 prefixes to be assigned to the network interface. You cannot
	// use this option if you use the Ipv4PrefixCount option.
	Ipv4Prefixes []AwsEc2LaunchTemplateDataNetworkInterfaceSetIpv4PrefixesDetails

	// The number of IPv6 addresses to assign to a network interface. Amazon EC2
	// automatically selects the IPv6 addresses from the subnet range. You can't use
	// this option if you use Ipv6Addresses .
	Ipv6AddressCount *int32

	// One or more specific IPv6 addresses from the IPv6 CIDR block range of your
	// subnet. You can't use this option if you use Ipv6AddressCount .
	Ipv6Addresses []AwsEc2LaunchTemplateDataNetworkInterfaceSetIpv6AddressesDetails

	// The number of IPv6 prefixes to be automatically assigned to the network
	// interface. You cannot use this option if you use the Ipv6Prefix option.
	Ipv6PrefixCount *int32

	// One or more IPv6 prefixes to be assigned to the network interface. You cannot
	// use this option if you use the Ipv6PrefixCount option.
	Ipv6Prefixes []AwsEc2LaunchTemplateDataNetworkInterfaceSetIpv6PrefixesDetails

	// The index of the network card. Some instance types support multiple network
	// cards. The primary network interface must be assigned to network card index 0 .
	// The default is network card index 0 .
	NetworkCardIndex *int32

	// The ID of the network interface.
	NetworkInterfaceId *string

	// The primary private IPv4 address of the network interface.
	PrivateIpAddress *string

	// One or more private IPv4 addresses.
	PrivateIpAddresses []AwsEc2LaunchTemplateDataNetworkInterfaceSetPrivateIpAddressesDetails

	// The number of secondary private IPv4 addresses to assign to a network interface.
	SecondaryPrivateIpAddressCount *int32

	// The ID of the subnet for the network interface.
	SubnetId *string
	// contains filtered or unexported fields
}

type AwsEc2LaunchTemplateDataNetworkInterfaceSetIpv4PrefixesDetails struct {

	// The IPv4 prefix. For more information, see Assigning prefixes to Amazon EC2
	// network interfaces (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-prefix-eni.html)
	// in the Amazon Elastic Compute Cloud User Guide.
	Ipv4Prefix *string
	// contains filtered or unexported fields
}

type AwsEc2LaunchTemplateDataNetworkInterfaceSetIpv6AddressesDetails struct {

	// One or more specific IPv6 addresses from the IPv6 CIDR block range of your
	// subnet.
	Ipv6Address *string
	// contains filtered or unexported fields
}

type AwsEc2LaunchTemplateDataNetworkInterfaceSetIpv6PrefixesDetails struct {

	// The IPv6 prefix.
	Ipv6Prefix *string
	// contains filtered or unexported fields
}

type AwsEc2LaunchTemplateDataNetworkInterfaceSetPrivateIpAddressesDetails struct {

	// Indicates whether the private IPv4 address is the primary private IPv4 address.
	// Only one IPv4 address can be designated as primary.
	Primary *bool

	// The private IPv4 address.
	PrivateIpAddress *string
	// contains filtered or unexported fields
}

type AwsEc2LaunchTemplateDataPlacementDetails struct {

	// The affinity setting for an instance on an EC2 Dedicated Host.
	Affinity *string

	// The Availability Zone for the instance.
	AvailabilityZone *string

	// The name of the placement group for the instance.
	GroupName *string

	// The ID of the Dedicated Host for the instance.
	HostId *string

	// The Amazon Resource Name (ARN) of the host resource group in which to launch
	// the instances.
	HostResourceGroupArn *string

	// The number of the partition the instance should launch in.
	PartitionNumber *int32

	// Reserved for future use.
	SpreadDomain *string

	// The tenancy of the instance (if the instance is running in a VPC). An instance
	// with a tenancy of dedicated runs on single-tenant hardware.
	Tenancy *string
	// contains filtered or unexported fields
}

type AwsEc2LaunchTemplateDataPrivateDnsNameOptionsDetails struct {

	// Indicates whether to respond to DNS queries for instance hostnames with DNS
	// AAAA records.
	EnableResourceNameDnsAAAARecord *bool

	// Indicates whether to respond to DNS queries for instance hostnames with DNS A
	// records.
	EnableResourceNameDnsARecord *bool

	// The type of hostname for EC2 instances.
	HostnameType *string
	// contains filtered or unexported fields
}

type AwsEc2LaunchTemplateDetails struct {

	// The default version of the launch template.
	DefaultVersionNumber *int64

	// An ID for the launch template.
	Id *string

	// The latest version of the launch template.
	LatestVersionNumber *int64

	// The information to include in the launch template.
	LaunchTemplateData *AwsEc2LaunchTemplateDataDetails

	// A name for the launch template.
	LaunchTemplateName *string
	// contains filtered or unexported fields
}

type AwsEc2NetworkAclAssociation struct {

	// The identifier of the association between the network ACL and the subnet.
	NetworkAclAssociationId *string

	// The identifier of the network ACL.
	NetworkAclId *string

	// The identifier of the subnet that is associated with the network ACL.
	SubnetId *string
	// contains filtered or unexported fields
}

type AwsEc2NetworkAclDetails struct {

	// Associations between the network ACL and subnets.
	Associations []AwsEc2NetworkAclAssociation

	// The set of rules in the network ACL.
	Entries []AwsEc2NetworkAclEntry

	// Whether this is the default network ACL for the VPC.
	IsDefault *bool

	// The identifier of the network ACL.
	NetworkAclId *string

	// The identifier of the Amazon Web Services account that owns the network ACL.
	OwnerId *string

	// The identifier of the VPC for the network ACL.
	VpcId *string
	// contains filtered or unexported fields
}